On 5/29/2012 1:34 PM, Derek Wuelfrath wrote:
Barry,
Can you send us your logs/packetfence.log file.
Also can you do an ls -l on the pf.conf file.
Thanks!
So the log file isn't real interesting. Only has:
May 29 15:19:00 pfcmd(14640) INFO: Executing pfcmd service pf start
(main::service)
And here is the ls:
-rw-r--r-- 1 pf pf 1954 May 29 11:16 pf.conf
On 5/29/12 14:59 , Barry Quiel wrote:
On 5/29/2012 11:20 AM, Derek Wuelfrath wrote:
Did you get rid of the [192.168.11.0] section in networks.conf ?
Yes I did.
So what I'm finding is that the Config hash is defined coming into
checkup.pm. But for some reason some of the keys withing %Config and
%ConfigNetworks are not defined, which seems to hint at reading the
config files. But if that was broken then I would expect a lot more
messages on the mailing list.
In interfaces_defined() the foreach is not entered. This would imply
that tied(%Config)->GroupMembers("interface") isn't returning
anything in the assignment to $interface
In interfaces() the first check get_internal_devs() is making that if
statement add_problem
In network() the second foreach that check the network block values
it turns out that %net is not defined after the assignment from
%{$ConfigNetworks{$network}};
All roads seem to point to some type of parsing issue of the config
files. I checked the permission on the config files and they are 644
with pf:pf ownership.
Can you point me in the direction of the piece that reads the config
and I can throw in some debugging there. I don't think that the
process is broken, but putting in some debug there might help show
what the real problem is.
Any other suggestions?
On 5/29/12 14:00 , Barry Quiel wrote:
On 5/29/2012 10:11 AM, Derek Wuelfrath wrote:
Barry
Well, I'm glad you asked I am having a bit if an issue. This
was a working ( although limited since not fully deployed )
3.1.0 box. Now when I try to start pf I get the following:
Starting PacketFence...Checking configuration sanity...
Use of uninitialized value $net{"named"} in pattern match (m//)
at /usr/local/pf/lib/pf/pfcmd/checkup.pm line 362.
Use of uninitialized value $net{"dhcpd"} in pattern match (m//)
at /usr/local/pf/lib/pf/pfcmd/checkup.pm line 369.
FATAL - please define exactly one management interface
FATAL - internal network(s) not defined!
From what I can see from the provided config files, the followings
needs to be modified:
- Remove the entire [192.168.11.0] section from networks.conf.
This is your management network and don't need to be specified in
the networks.conf file
- You seems to be missing an isolation interface / network. PF
will complain if any of those (registration / isolation) is missing.
Try these fixes and let me know.
Thanks!
So adding a isolation network/interface didn't do it. Being a bit
of a perl monkey I broke into checkup.pm I found the function
interfaces_defined where the error "FATAL - please define exactly
one management interface" is coming from. I put a few print
statements in to see what was going on. I can see that I enter
that function. But the foreach loop that iterates through the
interfaces and validates the interface config blocks is not being
entered. So the counter nb_management_interface is not being
incremented and that causes the error to be generated. I'm
guessing %Config->GroupMembers("interface") is somehow empty. I
bet it relates to the "Use of uninitialized value $net{"named"} in
pattern match (m//) at /usr/local/pf/lib/pf/pfcmd/checkup.pm line
362" as to why that's empty. I will keep digging but since you
know the code better then I do an suggestions would be appreciated.
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
