PacketFence - BTS - PacketFence
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0000890PacketFencepublic2010-01-13 17:352011-05-04 11:51
Reporterobilodeau 
Assigned Toobilodeau 
PrioritynormalSeverityminorReproducibilityalways
StatusclosedResolutionno change required 
PlatformOSOS Version
Product Version 
Target Version2.0.1Fixed in Version1.8.7 
fixed in git revision
fixed in mtn revision
Summary0000890: we need local deassociate / dot11deAuthenticate traps for registration / isolation to work properly on wireless
Descriptionafter all, we need local deassociate / dot11deAuthenticate traps for registration / isolation to work properly on wireless

we just disabled them in 0000880 because of problems that some of these traps caused.

We will allow them if the switch ip is 127.0.0.1 and disallow them otherwise.
Steps To Reproduce
Additional Information
TagsNo tags attached.
Relationships
related to 0000880closed obilodeau wireless deauthentication traps cause more problems than they solve 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2010-01-13 17:35obilodeauNew Issue
2010-01-13 17:35obilodeauStatusnew => assigned
2010-01-13 17:35obilodeauAssigned To => obilodeau
2010-01-13 17:35obilodeauRelationship addedrelated to 0000880
2010-01-13 17:36obilodeauNote Added: 0001454
2010-01-13 17:58obilodeauNote Added: 0001455
2010-01-13 17:58obilodeauResolutionopen => unable to reproduce
2010-05-05 14:09obilodeauNote Added: 0001553
2010-05-05 14:09obilodeauCategory1.8.7 => regression
2010-05-05 14:09obilodeauTarget Version => 1.9.1
2010-09-15 13:14obilodeauNote Added: 0001665
2010-09-22 16:05obilodeauTarget Version1.9.1 => 1.9.2
2010-11-19 14:24obilodeauTarget Version1.9.2 => 2.0.0
2011-01-18 15:07obilodeauTarget Version2.0.0 => 2.0.1
2011-01-18 15:19obilodeauNote Added: 0001819
2011-01-18 15:19obilodeauStatusassigned => resolved
2011-01-18 15:19obilodeauFixed in Version => 1.8.7
2011-01-18 15:19obilodeauResolutionunable to reproduce => no change required
2011-05-04 11:51obilodeauStatusresolved => closed

Notes
(0001454)
obilodeau   
2010-01-13 17:36   
if you are bitten by this, right now you can apply the following patch until we do a release:

#
# old_revision [0ec2fb1de198850e403ac44ebae47a7f206ee51c]
#
# patch "pf/lib/pf/vlan.pm"
#  from [804c8a96848f4ba25c0dd8f86fbaa12854714ba5]
#    to [7543ef21e77148ed2d91512a41da2e794dfdff57]
#
============================================================
--- pf/lib/pf/vlan.pm	804c8a96848f4ba25c0dd8f86fbaa12854714ba5
+++ pf/lib/pf/vlan.pm	7543ef21e77148ed2d91512a41da2e794dfdff57
@@ -142,9 +142,13 @@ sub custom_doWeActOnThisTrap {
         return 1;
     }
     if ( $trapType eq 'dot11Deauthentication' ) {
-        # we no longer act on dot11Deauth traps see bug 0000880
-        # http://www.packetfence.org/mantis/view.php?id=880 [^]
-        return 0;
+        if ($switch->{_ip} eq '127.0.0.1') {
+            return 1;
+        } else {
+            # we no longer act on non-local dot11Deauth traps see bug 0000880
+            # http://www.packetfence.org/mantis/view.php?id=880 [^]
+            return 0;
+        }
     }
 
     my $ifType = $switch->getIfType($ifIndex);
(0001455)
obilodeau   
2010-01-13 17:58   
I need to do more testing to confirm this one, the code path is impossible to reach. I added more logging and i'll retest before confirming this is actually a bug.
(0001553)
obilodeau   
2010-05-05 14:09   
We will try to look at it for 1.9.1.
(0001665)
obilodeau   
2010-09-15 13:14   
Reminder sent to: rbalzard

I'm confused by this one. We will need to look at it and talk about it together.
(0001819)
obilodeau   
2011-01-18 15:19   
dot11Deauthenticate traps are not required for proper isolation, only for proper locationlog management.

dot11Deauthenticate traps should never be sent by 127.0.0.1 so this fix is irrelevant.

deAssociate traps are sent from 127.0.0.1 and we should act upon them which the code currently does.