Hi Francois, I got it working Thanks to your 3 problem areas to focus on: "-You removed the 127.0.0.1 switch from switches.conf, - There is a firewall blocking the SNMP traps to 127.0.0.1, - snmptrapd is not running".
Of the 3, the firewall had the most possibility, i.e. it was easy to rule out a missing loopback switch definition and that snmptrapd wasn't running. Turns out the CentOs 6.2 Firewall GUI had me a little befuddled. Hitting the Disable button apparently doesn't "open the barn door", without more testing I'll have to assume hitting Disable simple leaves the system in a Closed state. Similarly hitting Enable doesn't apparently load the defined rules, for that you have to also hit the Apply button (I suppose some snickering is aptly deserved :). Unix/Linux hasn't ever really been my primary use OS so I have some skill sharpening to do... starting with command line iptables (no Firewall GUI if I can help it.) Thanks again for your direction and patience. I look forward to the time Packetfence gets to flex it's muscles on our network. Steve CSM ________________________________________ From: Steve Wittstruck Sent: Tuesday, January 31, 2012 5:07 PM To: [email protected] Subject: RE: [Packetfence-users] PF 3.1.0 doesn't change Cisco 3750 12.2(52)SE from Registration to Normal VLAN Francois, Sorry I took a few days to get back to you, unfortunately lab work takes a back seat to production. I'm not finding anything amiss with the 3 possibilities you listed: [127.0.0.1] type = PacketFence mode = production uplink = dynamic I disabled the Firewall before reconnecting my registration test computer, and had the same results. I'm not running any changes to the Firewall, i.e., it's a clean OS install only doctored up by PF's configurator.pl (I think) via iptables.conf: # SNMP Traps -A input-management-if --protocol udp --match udp --dport 162 --jump ACCEPT PF GUI showed snmptrapd is running, pid 1795, which verifies in the ps shell command: [root@packetfence ~]# ps -p 1795 PID TTY TIME CMD 1795 ? 00:00:00 snmptrapd I tried looking for packetfence.logs that were different than those I've sent earlier. The following mysql logs show up about the time I restarted the PacketFence server; I also see they exist in archived log files. Jan 31 16:43:26 pfdhcplistener(8177) INFO: 00:24:81:56:15:ea requested an IP. DHCP Fingerprint: OS::107 (Microsoft Windows Vista/7 or Server 2008). Modified node with last_dhcp = 2 012-01-31 16:43:26,computername = Steve-MiniHP,dhcp_fingerprint = 1,15,3,6,44,46,47,31,33,121,249,43 (main::listen_dhcp) Jan 31 16:43:26 pfdhcplistener(8177) INFO: DHCPACK from 192.168.52.1 (00:0e:0c:09:31:7a) to host 00:24:81:56:15:ea (192.168.52.2) for 20 seconds (main::parse_dhcp_ack) Jan 31 16:43:36 pfdhcplistener(8177) WARN: database query failed with: MySQL server has gone away. (errno: 2006), will try again (pf::db::db_query_execute) Jan 31 16:43:36 pfdhcplistener(8177) FATAL: unable to connect to database: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) at /usr/local/pf/lib/p f/node.pm line 280 (pf::db::db_connect) Jan 31 16:43:36 pfdhcplistener(8177) INFO: stopping pfdhcplistener for interface eth0.52 (main::END) Jan 31 16:43:40 pfdhcplistener(8159) WARN: database query failed with: MySQL server has gone away. (errno: 2006), will try again (pf::db::db_query_execute) Jan 31 16:43:40 pfdhcplistener(8159) FATAL: unable to connect to database: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) at /usr/local/pf/lib/p f/node.pm line 280 (pf::db::db_connect) Jan 31 16:43:40 pfdhcplistener(8159) INFO: stopping pfdhcplistener for interface eth0.10 (main::END) Jan 31 16:43:47 pfdhcplistener(8156) INFO: stopping pfdhcplistener for interface eth0.53 (main::END) Jan 31 16:43:49 pfmon(0) FATAL: pfmon: caught SIGTERM - terminating (main::normal_sighandler) Jan 31 16:43:49 pfsetvlan(15) FATAL: pfsetvlan: caught SIGTERM - terminating at /usr/local/pf/sbin/pfsetvlan line 1784 thread 15 (main::normal_sighandler) Jan 31 16:43:49 pfsetvlan(15) FATAL: main::normal_sighandler('TERM') called at /usr/local/pf/sbin/pfsetvlan line 787 thread 15 (main::normal_sighandler) Jan 31 16:43:49 pfsetvlan(15) FATAL: eval {...} called at /usr/local/pf/sbin/pfsetvlan line 787 thread 15 (main::normal_sighandler) Jan 31 16:43:49 pfsetvlan(15) FATAL: main::signalHandlerThreadListQueued() called at /usr/local/pf/sbin/pfsetvlan line 216 thread 15 (main::normal_sighandler) Jan 31 16:43:49 pfsetvlan(15) FATAL: eval {...} called at /usr/local/pf/sbin/pfsetvlan line 216 thread 15 (main::normal_sighandler) Thread 15 terminated abnormally: pfsetvlan: caught SIGTERM - terminating at /usr/local/pf/sbin/pfsetvlan line 1784 thread 15 main::normal_sighandler('TERM') called at /usr/local/pf/sbin/pfsetvlan line 787 thread 15 eval {...} called at /usr/local/pf/sbin/pfsetvlan line 787 thread 15 main::signalHandlerThreadListQueued() called at /usr/local/pf/sbin/pfsetvlan line 216 thread 15 eval {...} called at /usr/local/pf/sbin/pfsetvlan line 216 thread 15 Jan 31 16:43:49 pfmon(0) INFO: stopping pfmon (main::END) Jan 31 16:47:02 pfcmd(2078) INFO: Executing pfcmd service pf start (main::service) Jan 31 16:47:05 pfcmd(2078) INFO: /usr/sbin/named status (pf::services::service_ctl) Jan 31 16:47:05 pfcmd(2078) INFO: pidof -x named returned 0 (pf::services::service_ctl) While putting this email together pfsetvlan crashed (see logs below), it also restarted on it's own. This reminds me, I've also seen a few OS kernel (Centos 6.2) crashes since doing the PF 3.x scratch install. Jan 31 16:32:05 pfsetvlan(0) FATAL: pfsetvlan: caught SIGTERM - terminating at /usr/share/perl5/File/Tail.pm line 554 (main::normal_sighandler) Uncaught exception from user code: pfsetvlan: caught SIGTERM - terminating at /usr/share/perl5/File/Tail.pm line 554 at /usr/share/perl5/File/Tail.pm line 554 File::Tail::read('File::Tail=HASH(0x94bf8a8)') called at /usr/local/pf/sbin/pfsetvlan line 279 Jan 31 16:32:05 pfsetvlan(0) INFO: stopping pfsetvlan (main::END) Thank you. Steve ________________________________________ From: Francois Gaudreault [[email protected]] Sent: Thursday, January 26, 2012 1:39 PM To: [email protected] Subject: Re: [Packetfence-users] PF 3.1.0 doesn't change Cisco 3750 12.2(52)SE from Registration to Normal VLAN Steve, I see that PF is sending the local SNMP trap for the VLAN reassignments, but I don't see the daemon receiving it. Two possibilites : - You removed the 127.0.0.1 switch from switches.conf - There is a firewall blocking the SNMP traps to 127.0.0.1 - snmptrapd is not running On 12-01-26 3:25 PM, Steve Wittstruck wrote: > Francois, > > I don't think there's anything else new or different in the log. Below are > the logs you asked for, i.e. the ones immediately following what I sent > earlier. This group seems to repeat itself, 2 more times I think, or a total > of 4 times, at which point I probably turned off the registering computer. > > Jan 26 08:37:00 pfdhcplistener(2184) INFO: 00:24:81:56:15:ea requested an IP. > DHCP Fingerprint: OS::107 (Microsoft Windows Vista/7 or Server 2008). > Modified node with last_dhcp = 2 > 012-01-26 08:37:00,computername = Steve-MiniHP,dhcp_fingerprint = > 1,15,3,6,44,46,47,31,33,121,249,43 (main::listen_dhcp) > Jan 26 08:37:00 pfdhcplistener(2184) INFO: DHCPACK from 192.168.52.1 > (00:0e:0c:09:31:7a) to host 00:24:81:56:15:ea (192.168.52.2) for 20 seconds > (main::parse_dhcp_ack) > Jan 26 08:37:10 pfdhcplistener(2184) INFO: 00:24:81:56:15:ea requested an IP. > DHCP Fingerprint: OS::107 (Microsoft Windows Vista/7 or Server 2008). > Modified node with last_dhcp = 2 > 012-01-26 08:37:10,computername = Steve-MiniHP,dhcp_fingerprint = > 1,15,3,6,44,46,47,31,33,121,249,43 (main::listen_dhcp) > Jan 26 08:37:10 pfdhcplistener(2184) INFO: DHCPACK from 192.168.52.1 > (00:0e:0c:09:31:7a) to host 00:24:81:56:15:ea (192.168.52.2) for 20 seconds > (main::parse_dhcp_ack) > Jan 26 08:37:20 pfdhcplistener(2184) INFO: 00:24:81:56:15:ea requested an IP. > DHCP Fingerprint: OS::107 (Microsoft Windows Vista/7 or Server 2008). > Modified node with last_dhcp = 2 > 012-01-26 08:37:20,computername = Steve-MiniHP,dhcp_fingerprint = > 1,15,3,6,44,46,47,31,33,121,249,43 (main::listen_dhcp) > Jan 26 08:37:21 pfdhcplistener(2184) INFO: DHCPACK from 192.168.52.1 > (00:0e:0c:09:31:7a) to host 00:24:81:56:15:ea (192.168.52.2) for 20 seconds > (main::parse_dhcp_ack) > Jan 26 08:37:30 pfdhcplistener(2184) INFO: 00:24:81:56:15:ea requested an IP. > DHCP Fingerprint: OS::107 (Microsoft Windows Vista/7 or Server 2008). > Modified node with last_dhcp = 2 > 012-01-26 08:37:30,computername = Steve-MiniHP,dhcp_fingerprint = > 1,15,3,6,44,46,47,31,33,121,249,43 (main::listen_dhcp) > Jan 26 08:37:30 pfdhcplistener(2184) INFO: DHCPACK from 192.168.52.1 > (00:0e:0c:09:31:7a) to host 00:24:81:56:15:ea (192.168.52.2) for 20 seconds > (main::parse_dhcp_ack) > Jan 26 08:37:40 pfdhcplistener(2184) INFO: 00:24:81:56:15:ea requested an IP. > DHCP Fingerprint: OS::107 (Microsoft Windows Vista/7 or Server 2008). > Modified node with last_dhcp = 2 > 012-01-26 08:37:40,computername = Steve-MiniHP,dhcp_fingerprint = > 1,15,3,6,44,46,47,31,33,121,249,43 (main::listen_dhcp) > Jan 26 08:37:40 pfdhcplistener(2184) INFO: DHCPACK from 192.168.52.1 > (00:0e:0c:09:31:7a) to host 00:24:81:56:15:ea (192.168.52.2) for 20 seconds > (main::parse_dhcp_ack) > Jan 26 08:37:50 pfdhcplistener(2184) INFO: 00:24:81:56:15:ea requested an IP. > DHCP Fingerprint: OS::107 (Microsoft Windows Vista/7 or Server 2008). > Modified node with last_dhcp = 2 > 012-01-26 08:37:50,computername = Steve-MiniHP,dhcp_fingerprint = > 1,15,3,6,44,46,47,31,33,121,249,43 (main::listen_dhcp) > Jan 26 08:37:50 pfdhcplistener(2184) INFO: DHCPACK from 192.168.52.1 > (00:0e:0c:09:31:7a) to host 00:24:81:56:15:ea (192.168.52.2) for 20 seconds > (main::parse_dhcp_ack) > Jan 26 08:37:55 redir.cgi(0) INFO: 00:24:81:56:15:ea being redirected > (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler) > Jan 26 08:37:55 redir.cgi(0) INFO: Updating node 00:24:81:56:15:ea user_agent > with useragent: 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; > Trident/5.0; SLCC2; .NET CLR 2.0.5 > 0727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C)' > (pf::web::web_node_record_user_agent) > Jan 26 08:37:55 redir.cgi(0) INFO: Static User-Agent lookup data initialized > (pf::useragent::_init) > Jan 26 08:37:56 redir.cgi(0) INFO: MAC 00:24:81:56:15:ea shouldn't reach > here. Calling access re-evaluation. Make sure your network device > configuration is correct. (ModPerl::ROOT: > :ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler) > Jan 26 08:37:56 redir.cgi(0) INFO: re-evaluating access for node > 00:24:81:56:15:ea (redir.cgi called) (pf::enforcement::reevaluate_access) > Jan 26 08:37:56 redir.cgi(0) INFO: 00:24:81:56:15:ea VLAN reassignment is > forced. (pf::enforcement::_should_we_reassign_vlan) > Jan 26 08:37:56 redir.cgi(0) INFO: switch port for 00:24:81:56:15:ea is > 138.67.244.16 ifIndex 10047 connection type: Wired SNMP > (pf::enforcement::_vlan_reevaluation) > Jan 26 08:37:56 redir.cgi(0) DEBUG: opening SNMP v1 connection to 127.0.0.1 > (pf::SNMP::PacketFence::connectWrite) > Jan 26 08:38:00 pfdhcplistener(2184) INFO: 00:24:81:56:15:ea requested an IP. > DHCP Fingerprint: OS::107 (Microsoft Windows Vista/7 or Server 2008). > Modified node with last_dhcp = 2 > 012-01-26 08:38:00,computername = Steve-MiniHP,dhcp_fingerprint = > 1,15,3,6,44,46,47,31,33,121,249,43 (main::listen_dhcp) > > Thank you! > Steve Wittstruck > Colorado School of Mines > ________________________________________ > From: Francois Gaudreault [[email protected]] > Sent: Thursday, January 26, 2012 12:36 PM > To: [email protected] > Subject: Re: [Packetfence-users] PF 3.1.0 doesn't change Cisco 3750 > 12.2(52)SE from Registration to Normal VLAN > > On 12-01-26 11:48 AM, Steve Wittstruck wrote: >> Jan 26 08:36:53 register.cgi(0) DEBUG: opening SNMP v1 connection to >> 127.0.0.1 (pf::SNMP::PacketFence::connectWrite) >> Jan 26 08:36:53 register.cgi(0) INFO: 192.168.52.2 - 00:24:81:56:15:ea >> (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_register_2ecgi::handler) >> Jan 26 08:37:00 pfdhcplistener(2184) INFO: 00:24:81:56:15:ea requested an >> IP. DHCP Fingerprint: OS::107 (Microsoft Windows Vista/7 or Server 2008). >> Modified node with last_dhcp = 2 >> 012-01-26 08:37:00,computername = Steve-MiniHP,dhcp_fingerprint = >> 1,15,3,6,44,46,47,31,33,121,249,43 (main::listen_dhcp) >> Jan 26 08:37:00 pfdhcplistener(2184) INFO: DHCPACK from 192.168.52.1 >> (00:0e:0c:09:31:7a) to host 00:24:81:56:15:ea (192.168.52.2) for 20 seconds >> (main::parse_dhcp_ack) > > I need some few lines after that :) > > -- > Francois Gaudreault, ing. jr > [email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca > Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence > (www.packetfence.org) > > ------------------------------------------------------------------------------ > Keep Your Developer Skills Current with LearnDevNow! > The most comprehensive online learning library for Microsoft developers > is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, > Metro Style Apps, more. Free future releases when you subscribe now! > http://p.sf.net/sfu/learndevnow-d2d > _______________________________________________ > Packetfence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > ------------------------------------------------------------------------------ > Keep Your Developer Skills Current with LearnDevNow! > The most comprehensive online learning library for Microsoft developers > is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, > Metro Style Apps, more. Free future releases when you subscribe now! > http://p.sf.net/sfu/learndevnow-d2d > _______________________________________________ > Packetfence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > -- Francois Gaudreault, ing. jr [email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
