pf::violation - module for violation management.
pf::violation contains the functions necessary to manage violations: creation, deletion, expiration, read info, ...
Read the pf.conf configuration file.
This list is incomplete.
violation_view_open_uniq
Returns a list of MACs which have at least one opened violation. Since trap violations stay open, this has the intended effect of getting all MACs which should be isolated.
violation_add_warnings
violation_clear_warnings
violation_last_warnings
violation_add_errors
violation_clear_errors
violation_last_errors
* violation_trigger
Evaluates a candidate violation and if its valid, will add it to the node and trigger a VLAN change if required
Returns 1 if at least one violation is added, 0 otherwise.
* violation_exist_acct - check if a closed violation exists within the accounting interval window
* violation_view_last_closed - grab the last closed violation within the accounting interval window
* _is_node_category_whitelisted - is a node immune to a given violation based on its category
violation_maintenance
Check if we should close violations based on release_date
Inverse inc. <info@inverse.ca>
Minor parts of this file may have been contributed. See CREDITS.
Copyright (C) 2005-2015 Inverse inc.
Copyright (C) 2005 Kevin Amorin
Copyright (C) 2005 David LaPorte
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
Hey! The above document had some coding errors, which are explained below:
You can't have =items (as at line 381) unless the first thing after the =over is an =item