pfdhcplistener : Management interface

[dwlfrth]

pfdhcplistener listening on management interface should be configurable. We already have the pfdhcplistener 'interface type' so we should stop make it automatic on management interface (handled code wise) and make it by default in the configuration.

[interface eth0.42] type=management,pfdhcplistener

Handle the assignement of the pfdhcplistener the same way we do it for 'portal'.

[kkplein]

This should be the default yes. Systems outside packetfence should not appear in the packetfence database. Finally I understand why all my non-pf systems ended up being detected by pf. :-)

[dwlfrth]

Just to make sure we are on the same page, the default value will be to "yes", which mean pfdhcplistener WILL LISTEN on the management interface. We do not want to change the actual behavior, simply improve it by making it customizable. That default behavior will make PacketFence to work the exact same way it is currently, meaning, in an inline setup, systems doing DHCP on the "management side" of PacketFence WILL populate the DB. We simply add the ability to remove pfdhcplistener from the management interface.

[kkplein]

Yes. Completely understood, and very much appreciated. :-) (kindly ignore my "this should be the default...", that's just an opinion...)

[dwlfrth]

@inverse-inc/packetfence: should we put this aside considering that we might go forward with FreeRADIUS DHCP and that DHCP listening will then be part of it ?

[dwlfrth]

Will wait for freeradius-dhcp implementation

[julsemaan]

I think we should address this and allow that to be configured in the admin interface

[jrouzierinverse]

This is already done. We can tag an interface with dhcp-listener is this enough?

[LizardNerd]

This is already done. We can tag an interface with dhcp-listener is this enough?

Nope, it doesn't work, I removed dhcp-listener value from pf.conf but PacketFence still list unwanted systems under the Nodes section of web gui. Any update on this?