PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, powerful BYOD management options, 802.1X support, layer-2 isolation of problematic devices; PacketFence can be used to effectively secure networks small to very large heterogeneous networks.
Describe the bug
In "lost of stolen" security event, we have an additional email message by default for "email node owner" or "email recipient".
And inside the additional message, a "[% mac %]" was defined, expecting to include the mac address of the device.
However, in the email we received, there's nothing.
To Reproduce
Steps to reproduce the behavior:
login to admin UI and make sure "lost or stolen" is enabled and "email device owner" or "email recipient" is enabled.
log into packetfence server
manaully trigger a "lost or stolen" security event using pfcmd /usr/local/pf/bin/pfcmd security_event add {MAC} 1300005
check the email we received.
Expected behavior
the mac address appears in the email we received.
Desktop (please complete the following information):
independent
Smartphone (please complete the following information):
independent
Additional context
I think it's due to the [% mac %] variabled we used in "security_events.conf".
we were expecting it being parsed when sending the emails, however it's probably parsed when loading security_events.conf into pfconfig, as a result, there will be no variable in "additional message"
checking pfconfig values using either:
/usr/local/pf/bin/pfcmd pfconfig show 'config::SecurityEvents'
or
/usr/local/pf/bin/pfcmd pfconfig show 'config::SecurityEvents()'
checking pfconfig content using pfcmd will not show a variable template like [% mac %], instead, 2 spaces will be there. which seems to be a "parsed" value of [% mac %] - it's empty.
Confirmed with @fdurand, it's because the [% mac %] being parsed when loading ini files to pfconfig.
we'll need a way to skip parsing dynamic variables for security events' additional message
stgmsa
commented
5 days ago
Describe the bug In "lost of stolen" security event, we have an additional email message by default for "email node owner" or "email recipient".
And inside the additional message, a "[% mac %]" was defined, expecting to include the mac address of the device.
However, in the email we received, there's nothing.
To Reproduce Steps to reproduce the behavior:
/usr/local/pf/bin/pfcmd security_event add {MAC} 1300005Expected behavior
Desktop (please complete the following information): independent
Smartphone (please complete the following information): independent
Additional context I think it's due to the [% mac %] variabled we used in "security_events.conf". we were expecting it being parsed when sending the emails, however it's probably parsed when loading security_events.conf into pfconfig, as a result, there will be no variable in "additional message"
checking pfconfig values using either:
/usr/local/pf/bin/pfcmd pfconfig show 'config::SecurityEvents'or/usr/local/pf/bin/pfcmd pfconfig show 'config::SecurityEvents()'checking pfconfig content using pfcmd will not show a variable template like [% mac %], instead, 2 spaces will be there. which seems to be a "parsed" value of [% mac %] - it's empty.