Dear users, We found out that we made a poo poo in the default firewall configuration introduced in 3.0. Turns out that we don't allow broadcast traffic to get in on the internal interfaces (registration, isolation, inline).
This messes up with DHCP which is broadcast unless you have IP-Helpers. We don't know exactly why we haven't catch it earlier but our lab is this messy dozens of VLANs, dozen of switches and controllers big ball of mud.. and we also have the tendency to shut the firewall.. But don't tell anyone, it's our little secret. So, joking aside, the fix is trivial (a two liner). Here's the ticket: http://www.packetfence.org/bugs/view.php?id=1316 and here's the patch: http://mtn.inverse.ca/revision/diff/53cee866bf422b7e84b41afbc9ece33e9299caa6/with/cfc8491b5041589e76a16d9f6529fb12c80bb4ef 3.0.2 will include it and it's about ready. Couple of days max (business days that is). Sorry for the inconvenience. Cheers! -- Olivier Bilodeau [email protected] :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ The demand for IT networking professionals continues to grow, and the demand for specialized networking skills is growing even more rapidly. Take a complimentary Learning@Cisco Self-Assessment and learn about Cisco certifications, training, and career opportunities. http://p.sf.net/sfu/cisco-dev2dev _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
