| Anonymous | Login | 2024-04-18 15:36 EDT |  |
| Main | My View | View Issues | Change Log | Roadmap |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||||
| 0001842 | PacketFence | hardware modules | public | 2014-11-04 11:47 | 2015-03-04 11:28 | ||||||
| Reporter | ae3 | ||||||||||
| Assigned To | lmunro | ||||||||||
| Priority | normal | Severity | minor | Reproducibility | always | ||||||
| Status | acknowledged | Resolution | open | ||||||||
| Platform | All | OS | All | OS Version | All | ||||||
| Product Version | 4.5.0 | ||||||||||
| Target Version | Fixed in Version | ||||||||||
| Summary | 0001842: Implement RADIUS de-authentication for Meru Wireless Controllers | ||||||||||
| Description | Per a post to the PF-users list by Tim DeNike on 6 March 2014, Meru has added RADIUS de-auth to their firmware starting with System Director 5.3.x. He even posted sample code to use the feature, which I can't use since the directory structure appears to have changed with PF 4.5. Long story short, the existing module keeps telling us to pressure the vendor to implement RADUIS de-auth. We have done our part. Tag, you're it... :-) | ||||||||||
| Additional Information | Tim's email to packetfence-users: Date: March 6, 2014 at 10:20:46 AM EST From: Tim DeNike <tim.denike@mcc.edu> To: "packetfence-users@lists.sourceforge.net" <packetfence-users@lists.sourceforge.net> Subject: Re: [PacketFence-users] Per SSID VLAN - Meru Networks Reply-To: <packetfence-users@lists.sourceforge.net> Actually, looking through the code, no patch will be required for MAC-based SSID evaluation, its already there and should work (It already does with 802.1x) We are on SD 5.3.xyz right now and RADIUS deauth does work. Drop this in a file called /usr/local/pf/lib/pf/SNMP/Meru/MC_MCC.pm Minus the cut lines obviously. In switch config, you'll have the option for Meru MC_MCC. It will do radius de-auths instead of the Telnet/SSH method. Much faster, much lighter weight. ^^^^^^^^^^^^^CUT^^^^^^^^^^^ package pf::SNMP::Meru::MC_MCC; =head1 NAME pf::SNMP::Meru::MC_MCC - Object oriented module to access MC series controllers =head1 SYNOPSIS Known to work with RADIUS deauth on System Director 5.3 =head1 STATUS =cut use strict; use warnings; use Log::Log4perl; use base ('pf::SNMP::Meru'); sub description { 'Meru MC_MCC' } sub deauthTechniques { my ($this, $method) = @_; my $logger = Log::Log4perl::get_logger( ref($this) ); my $default = $SNMP::RADIUS; my %tech = ( $SNMP::RADIUS => \&deauthenticateMacRadius, ); if (!defined($method) || !defined($tech{$method})) { $method = $default; } return $method,$tech{$method}; } sub deauthenticateMacRadius { my ( $self, $mac, $is_dot1x ) = @_; my $logger = Log::Log4perl::get_logger( ref($self) ); if ( !$self->isProductionMode() ) { $logger->info("not in production mode... we won't perform deauthentication"); return 1; } $logger->debug("deauthenticate $mac using RADIUS Disconnect-Request deauth method"); return $self->radiusDisconnect($mac); } =head1 AUTHOR Tim DeNike <tim.denike@mcc.edu> =cut 1; ^^^^^^^^^^^^^CUT^^^^^^^^^^^ | ||||||||||
| Tags | No tags attached. | ||||||||||
| fixed in git revision | |||||||||||
| fixed in mtn revision | |||||||||||
| Attached Files | |||||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
|
(0003967) lmunro (administrator) 2015-03-04 11:28 |
Will look into it. There may now be an even easier way to do this than Tim's code. |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2014-11-04 11:47 | ae3 | New Issue | |
| 2015-03-04 11:27 | lmunro | Assigned To | => lmunro |
| 2015-03-04 11:27 | lmunro | Status | new => assigned |
| 2015-03-04 11:28 | lmunro | Note Added: 0003967 | |
| 2015-03-04 11:28 | lmunro | Status | assigned => acknowledged |
|
Issue History |
| Copyright © 2000 - 2012 MantisBT Group |
 |