pf::soh - A module to evaluate and respond to SoH requests
This module contains the infrastructure necessary to evaluate statement-of-health (SoH) requests tunnelled inside 802.1x/EAP authentication negotiations.
FreeRADIUS passes SoH requests through a separate virtual server, which uses a perl module to forward the requests via SOAP to pf::WebAPI, which instantiates a pf::soh object to generate a suitable response.
The methods in pf::soh can be overriden in pf::soh::custom.
Takes a RADIUS request containing synthetic SoH attributes, forwarded through the SoH virtual server, decides how to handle it based on the filters created by the user, and returns a suitable response. This is the top-level function, which does very little work itself.
This function takes a hashref containing RADIUS value pairs, parses them, and sets helpful new values in the same hash.
This method takes an SoH request and an array of filters to match against, evaluates the request against each filter in turn, until one matches, and does whatever that filter specifies. It returns the $RADIUS::RLM_MODULE_* code to be sent back to FreeRADIUS.
Returns true if the specified condition is met by the request, and false otherwise. We could (always) be more clever about how we match. The UI to define matches is simple, but the matching process can be as complex as it needs to be.
The question we answer is: "does any status line match this rule?"
For every rule referring to a particular health class, this function is called once for each corresponding status line, and returns true if the rule matches, and false otherwise.
Triggers a violation for the specified MAC address and filter.
Returns a hashref representing a single SoH filter.
Returns a reference to an array of hashrefs, each representing a single SoH filter.
Inverse inc. <info@inverse.ca>
Copyright (C) 2005-2015 Inverse inc.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.