Skip to content

Unifi: deauthentication doesn't work anymore if AP are declared by IP address #6686

@nqb

Description

@nqb

Describe the bug
It looks like since #6134, deauthentication of a user doesn't work if it is connected on a Unifi access point which is declared by IP address (not by MAC address).

An AP declared by IP address will not pass if test:

tie my %SwitchConfig, 'pfconfig::cached_hash', "config::Switch($host_id)";
my $count = 0;
foreach my $switch_id (keys(%SwitchConfig)) {
my $switch = $SwitchConfig{$switch_id};
# If the other switch is a MAC based entry and an Ubiquiti AP and is part of the same AP group, then we'll send the deauth
if(valid_mac($switch_id) && $switch->{type} eq $self->{_type} && $switch->{group} eq $self->{_group}) {

To Reproduce
Steps to reproduce the behavior:

  1. Declared a Unifi AP by IP address
  2. Authenticate on captive portal using Web Auth
  3. Check logs in packetfence.log:
│Nov  5 08:58:39 pf01 pfqueue[132890]: pfqueue(132890) INFO: [mac:4c:32:75:70:0e:19] Found site: Test (pf::Switch::Ubiquiti::Unifi::_deauthenticateMacWithHTTP)                                                         │
│Nov  5 08:58:39 pf01 pfqueue[132890]: pfqueue(132890) INFO: [mac:4c:32:75:70:0e:19] Deauth on 0 access points (pf::Switch::Ubiquiti::Unifi::_deauthenticateMacWithHTTP)     

Expected behavior
Deauthentication should also work on AP declared by IP address.

Additional context
In this setup, AP are declared using a CIDR.

Metadata

Metadata

Assignees

Type

No type

Projects

No projects

Relationships

None yet

Development

No branches or pull requests

Issue actions