On Fri, 18 Dec 2015 08:36:18 +0100 Gro-Anita Hillestad Vindheim <gro-anita.vindheim@ntnu.no> wrote:
> At NTNU, we use Arnold to automatic disable switchports based on
> netflow-statistics. Our netflow-server provides a list of IP-addresses (a
> file). This file is transferred to the nav-server (ssh, I think), and Arnold
> disables the switchports where the IP-addresses were last seen. Morten is the
> creator of it, and knows all the details J
Usage of this system is documented:
https://nav.uninett.no/doc/4.3/reference/arnold.html?#start-arnold-py
This does sound somewhat like what Tal Bar-Or is asking for.
> As long as the NAV API has only one token “to rule them all”, I’m a bit
> skeptical to allow the API to disable ports.
We would not want to add write-type API endpoints until we change the
token auth system, no. We have multiple users asking for this by now, so
we should definitely have a look at it in 2016.
--
Morten Brekkevold
UNINETT