pf::Switch::Meru
Module to manage Meru controllers
Tested against MeruOS version 3.6.1-67
De-authentication of a Wireless user is based on CLI access (Telnet or SSH). This is a vendor issue and it might be fixed in newer firmware versions.
The vendor doesn't include the SSID in their RADIUS-Request when on MAC Authentication. VLAN assignment per SSID is not possible. This is a vendor issue and might be fixed in newer firmware versions.
Performing a de-authentication does not clear the key cache. Meaning that on reconnection the device's authorization is served straight from the cache instead of creating a new RADIUS query. This defeats the reason why we perform de-authentication (to change VLAN or deny access).
A client-side workaround exists: disable the PMK Caching on the client. However this could (and should in our opinion) be fixed by the vendor.
We made some progress about this lately. In fact, for the 4.0 version tree, you need to get version 4.0-160 in order to disable the PMK caching at the AP level. For the 5.0 version tree, all versions including 5.0-87 are impacted. Vendor is saying that in the 5.1 version, PMK will be disabled by default. To be confirmed.
Once written these are enforced automatically on the controller's primary ethernet interface.
obtain image version information from switch
This is called when we receive an SNMP-Trap for this device
deauthenticate a MAC address from wireless network
Right now te only way to do it is from the CLi (through Telnet or SSH).
Warning: this code doesn't support elevating to privileged mode. See #900 and #1370.
Meru uses the standard Filter-Id parameter.
Return the reference to the deauth technique or the default deauth technique.
Inverse inc. <info@inverse.ca>
Copyright (C) 2005-2015 Inverse inc.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.