You should post your networks.conf and pf.conf.
> Date: Fri, 10 Jul 2015 14:41:27 +0200
> From: [email protected]
> To: [email protected]
> Subject: Re: [PacketFence-users] inline, unpredictable behaviour
>
> Hi Andy, list,
>
> Yes, you are totally right. :-) Sorry. Let me try again.
>
> I'm running packetfence 5.2.0, debian wheezy, installed from the repo's,
> inline mode. My inline NATted network is 10.19.0.0/16 and packetfence
> has ip 10.19.0.1 on eth0 as the gateway for the NATted network. We have
> enabled the captive portal, with self registration.
>
> Anyway: Things seem to work 'unpredictable'. After registration,
> sometimes network detection works, but sometimes clients become trapped
> in the "Sorry, your network should be enabled within a minute or two".
>
> Having said that, we notice the following warnings in the logs:
>
> > WARN: Problem trying to run command: LANG=C sudo ipset del
> > PF-iL2_ID4_10.19.0.0 10.19.218.65 2>&1 called from
> > iptables_update_set. Child exited with non-zero value 1
> > (pf::util::pf_run)
> (NOTE: manually running the same command as pf user seems to work!)
>
> > Jul 08 18:55:55 httpd.webservices(3636) WARN: Problem trying to run
> > command: LANG=C sudo /usr/sbin/conntrack -D -s 10.19.218.65 2>&1
> > called from iptables_unmark_node. Child exited with non-zero value 1
> > (pf::util::pf_run)
> (NOTE again: manually running the same command as pf also seems to work)
>
> > Jul 08 20:37:04 httpd.portal(3623) ERROR: WARNING ! Unknown
> > switch(es) 10.19.0.1 (pf::SwitchFactory::instantiate)
> (NOTE: this ip is the packetfence NAT address, gateway/dhcp, and there
> is NO switch configured with this ip) (verified in switches.conf)
>
> > WARN: Problem trying to run command: LANG=C sudo ipset del
> > PF-iL2_ID_10.19.0.0 10.19.218.65 2>&1 called from
> > iptables_update_set. Child exited with non-zero value 1
> > (pf::util::pf_run)
>
> Judging from that, I assume that the ipset PF-iL2_ID_10.19.0.0 exists,
> however it does not? See:
>
> > root@pf:/usr/local/pf/logs# su pf
> > $ sudo ipset -L
> > Name: PF-iL2_ID1_10.19.0.0
> > Type: bitmap:ip
> > Header: range 10.19.0.0-10.19.255.255
> > Size in memory: 8312
> > References: 2
> > Members:
> >
> > Name: PF-iL2_ID2_10.19.0.0
> > Type: bitmap:ip
> > Header: range 10.19.0.0-10.19.255.255
> > Size in memory: 8312
> > References: 2
> > Members:
> >
> > Name: PF-iL2_ID3_10.19.0.0
> > Type: bitmap:ip
> > Header: range 10.19.0.0-10.19.255.255
> > Size in memory: 8312
> > References: 2
> > Members:
> >
> > Name: PF-iL2_ID4_10.19.0.0
> > Type: bitmap:ip
> > Header: range 10.19.0.0-10.19.255.255
> > Size in memory: 8312
> > References: 2
> > Members:
> > 10.19.218.65
> >
> > Name: PF-iL2_ID5_10.19.0.0
> > Type: bitmap:ip
> > Header: range 10.19.0.0-10.19.255.255
> > Size in memory: 8312
> > References: 2
> > Members:
> >
> > Name: pfsession_Unreg_10.19.0.0
> > Type: bitmap:ip,mac
> > Header: range 10.19.0.0-10.19.255.255
> > Size in memory: 1048688
> > References: 1
> > Members:
> > 10.19.218.61,3C:97:0E:2F:14:F8
> >
> > Name: pfsession_Reg_10.19.0.0
> > Type: bitmap:ip,mac
> > Header: range 10.19.0.0-10.19.255.255
> > Size in memory: 1048688
> > References: 1
> > Members:
> > 10.19.218.65,60:67:20:5D:74:98
> >
> > Name: pfsession_Isol_10.19.0.0
> > Type: bitmap:ip,mac
> > Header: range 10.19.0.0-10.19.255.255
> > Size in memory: 1048688
> > References: 1
> > Members:
>
> So... I hope someone has the time to read/react to this. I know I'm
> leaving out config files, but if those are relevant, I'll gladly post
> them, of course. (but it's such a long email already...)
>
> MJ
>
> ------------------------------------------------------------------------------
> Don't Limit Your Business. Reach for the Cloud.
> GigeNET's Cloud Solutions provide you with the tools and support that
> you need to offload your IT needs and focus on growing your business.
> Configured For All Businesses. Start Your Cloud Today.
> https://www.gigenetcloud.com/
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
