Hello, packetfence users
I'm trying to set up a packetfence system, I messed up the config file
and the service didn't start anymore. Please excuse me for my bad
English, this is not my native language.
The plan is to use packet fence as a captive portal for external
customers. Nothing fancy like AD configuration, pf will manage his own
users database and such.
The basic configuration went pretty smoothly (using the web based UI)
and, although I didn't get things straight, I managed to get a
pass-through with IP address, but the dns didn't work. On the web based
UI, I can't change the Trapping network for whatever reason, so I
thought the best was to use the text based configuration.
I saw this on the pf.conf.default file:
______________
[trapping]
#
# trapping.range
#
# Comma-delimited list of address ranges/CIDR blocks that PacketFence
will monitor/detect/trap on. Gateway, network, and
# broadcast addresses are ignored.
range=192.168.0.0/24
______________
the network is wrong, I want to use 192.168.100.0/24 network only.
So I changed the pf.conf file:
_____________
[general]
#
# general.domain
#
# Domain name of PacketFence system.
domain={redacted}
#
# general.hostname
#
# Hostname of PacketFence system. This is concatenated with the domain
in Apache rewriting rules and therefore must be resolvable by clients.
hostname=egroupware
#
# general.dhcpservers
#
# Comma-delimited list of DHCP servers. Passthroughs are created to
allow DHCP transactions from even "trapped" nodes.
dhcpservers=192.168.100.254
[trapping]
range=192.168.100.0/24
#
# trapping.passthrough
#
# When enabled, pfdns will resolve the real IP addresses of passthroughs
and add them in the ipset session to give access
# to trapped devices. DonĀ“t forget to enable ip_forward on your server.
passthrough=enabled
#
# trapping.passthroughs
#
# Comma-delimited list of domains to be used as HTTP and HTTPS
passthroughs to web sites.
#
passthroughs=*.{redacted}
[alerting]
#
# alerting.emailaddr
#
# Email address to which notifications of rogue DHCP servers, violations
with an action of "email", or any other
# PacketFence-related message goes to.
emailaddr={redacted}
[database]
#
# database.pass
#
# Password for the mysql database used by PacketFence.
pass={redacted}
[interface eth0]
ip=192.168.0.253
type=internal
mask=255.255.255.0
enforcement=inline
[interface eth2]
ip=192.168.100.254
enforcement=inline
type=internal
mask=255.255.255.0
_____________
Then the problem occurred:
service|command
Can't call method "tag" on an undefined value at
/usr/local/pf/lib/pf/iptables.pm line 193.
So I thought that the range= directive was misplaced or something, I
removed it. The service can't start either.
AFAIK, I didn't change any other file.
I saw a few related error on the Internet, but it was old pf versions
and not the iptables.pm file.
The line 193 of the /usr/local/pf/lib/pf/iptables.pm seems to seek an
"ip" directive:
my $mgmt_ip = $management_network->tag("ip");
So I thought I was deleted an ip= line during the edit but I didn't
change this part of the file.
I'm not familiar enough with python to be able to understand what's
going on here.
I'm quite puzzled at this point, the error_log is empty and the
packetfence.log didn't help either:
Jan 20 11:04:56 pfcmd.pl(13829) INFO: saving current iptables to
var/iptables.bak (main::startService)
Jan 20 11:04:56 pfcmd.pl(13829) INFO: Instantiate a new iptables
modification method. pf::ipset (pf::inline::get_technique)
Jan 20 11:04:56 pfcmd.pl(13829) INFO: saving existing iptables to
/usr/local/pf/var/iptables.bak (pf::iptables::iptables_save)
Jan 20 11:04:56 pfcmd.pl(13829) WARN: We are using IPSET
(pf::ipset::iptables_generate)
Jan 20 11:04:56 pfcmd.pl(13829) INFO: flushing iptables
(pf::ipset::iptables_flush_mangle)
(this is only the latest service start try)
If anyone have any clue to explain where I messed up the configuration
file, I will be quite grateful ;)
Thanks in advance.
--
Guillaume ESTIVAL
___________________
CREATIVE EURECOM
39, Bd de la Romanerie
49124 St BARTHELEMY D'ANJOU
t : 02 41 73 18 18
f : 02 41 73 07 33
------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
