Merge pull request #8177 from inverse-inc/feature/role_per_network_cidr

Detect CIDR network by dhcp or accounting

Makefile

@@ -377,3 +377,4 @@ html/captive-portal/profile-templates/default/logo.png:
 	mkdir -p html/captive-portal/profile-templates/default
 	cp html/common/packetfence-cp.png /usr/local/pf/html/captive-portal/profile-templates/default/logo.png
 
+

README.md

@@ -95,3 +95,4 @@ Licensed under the GNU General Public License v2.
 
 [mailing_lists]: https://packetfence.org/support/index.html#/community "Community Mailing Lists"
 
+

conf/documentation.conf

@@ -111,6 +111,14 @@ You need to make sure the UDP reflector is in place so this works on the product
 This is implicitly activated on registration interfaces on which dhcpd runs.
 EOT
 
+[network.learn_network_cidr_by_role]
+type=toggle
+options=enabled|disabled
+description=<<EOT
+This will enable the learning of the networks tied to each roles on each switches by using the dhcp traffic and radius accounting.
+To act on DHCP ACK (that contain the netmask) you need to enable force_listener_on_ack otherwise PacketFence will try to detect the cidr network based on the minumum address and the maximum address.
+EOT
+
 [network.rogueinterval]
 type=numeric
 description=<<EOT

conf/pf.conf.defaults

@@ -92,6 +92,12 @@ dhcp_process_ipv6=enabled
 # This is implicitly activated on registration interfaces on which dhcpd runs.
 force_listener_update_on_ack=disabled
 #
+# network.learn_network_cidr_by_role
+#
+# This will enable the learning of the networks tied to each roles on each switches by using the dhcp traffic and radius accounting.
+# To act on DHCP ACK (that contain the netmask) you need to enable force_listener_on_ack otherwise PacketFence will try to detect the cidr network based on the minumum address and the maximum address.
+learn_network_cidr_by_role=disabled
+#
 # network.interfaceSNAT
 # Choose interface(s) where you want to enable snat for passthrough (by default it's the management interface)
 interfaceSNAT=