Menu
▾
▴
Re: [PacketFence-devel] Bugs
|
From: Francis L. <fla...@in...> - 2013-05-27 12:56:09
|
Hi Don
On 2013-05-21, at 12:56 PM, Don Greer <Don...@dp...> wrote:
> Ok, violations is still very unhappy :^).
>
> First, when I set or turn “off” a violation, it does not reset the port on the machine that I modified the violation on. To make it change the port requires manually disconnecting and moving the machine to another port to trigger that logic. There is a comment in the “action.pm” for “action_trap” (which appears to be the correct place to move the VLAN) that trapping is handled by pf::enforcement and called by pfcmd, but I cannot find the logic that does that (or any comments to the effect that it is to be done). If you can help me figure out what I need to look at, I’ll see if I can’t fix something.
>
> Second, one of the machines on my network get a “rogue dhcp” violation (it’s our main dhcp server) and when I attempted to turn it off (after adding that machine to our DHCP Servers list), I got the following error:
>
> httpd.admin(0) INFO: loading Net::MAC::Vendor cache from /usr/local/pf/conf/oui.txt (pf::util::load_oui)
> httpd.admin(0) INFO: violation for mac 00:24:7e:68:fc:c3 vid 2000000 modified (pf::violation::violation_modify)
> httpd.admin(0) INFO: “defaults” found (pfappserver::Base::Model::Config::hasId)
> httpd.admin(0) ERROR: Argument “defaults” isn’t numeric in numeric eq (==) at /usr/local/pf/lib/pf/violation.pm line 419.
> (pfappserver::__ANON__)
>
> I’ve looked at the line in question:
>
> if ( $vid == $portscan_sid ) {
>
> in “violation_add()”, but it’s not obvious to me from the surrounding code whether the problem is with $vid or with $portscan_sid, or even where these are coming from. The biggest hint I think is that it happens in pfappserver the most likely culprit is “/usr/local/pf/html/pfappserver/lib/pfappserver/Model/Node.pm”.
>
> I think this may be beyond my level of knowledge at this moment. Let me know if there’s anything you need to isolate this one.
I made some changes to properly close a violation :
https://github.com/inverse-inc/packetfence/commit/81443169eda4e4c62d570eca6ce44415a80a2e34
--
fla...@in... :: +1.514.755.3640 :: http://www.inverse.ca
Inverse :: Leaders behind SOGo (http://sogo.nu) and PacketFence (http://packetfence.org)
|