Hi,
On packetfence 5.6.1, completely up-to-date (we ran addons/pf-maint.pl
and rebooted) We are seeing many errors in pfqueue.log:
> May 19 13:22:43 pfqueue(21963) WARN: [mac:1c:b7:2c:89:9d:a5] Unable to
> perform a Fingerbank lookup for device with MAC address '1c:b7:2c:89:9d:a5'
> (pf::fingerbank::process)
> May 19 13:22:46 pfqueue(21969) INFO: [mac:unknown] Instantiate a new iptables
> modification method. pf::ipset (pf::inline::get_technique)
> May 19 13:22:46 pfqueue(21969) WARN: [mac:unknown] Use of uninitialized value
> in anonymous hash ({}) at /usr/local/pf/lib/pf/util/webapi.pm line 31.
> (pf::util::webapi::add_mac_to_log_context)
> May 19 13:22:46 pfqueue(21969) ERROR: [mac:unknown] Use of uninitialized
> value in anonymous hash ({}) at /usr/local/pf/lib/pf/util/webapi.pm line 31.
> (pf::util::webapi::add_mac_to_log_context)
> May 19 13:22:46 pfqueue(21973) INFO: [mac:unknown] Instantiate a new iptables
> modification method. pf::ipset (pf::inline::get_technique)
> May 19 13:22:46 pfqueue(21969) INFO: [mac:unknown] stated changed, adapting
> firewall rules for proper enforcement (pf::inline::performInlineEnforcement)
> May 19 13:22:46 pfqueue(21969) WARN: [mac:unknown] Problem trying to run
> command: LANG=C sudo ipset --list pfsession_Unreg_10.19.0.0 2>&1 called from
> get_ip_from_ipset_by_mac. OS Error: No child processes (pf::util::pf_run)
> May 19 13:22:46 pfqueue(21969) WARN: [mac:unknown] Use of uninitialized value
> $out in split at /usr/local/pf/lib/pf/ipset.pm line 433.
> (pf::ipset::get_ip_from_ipset_by_mac)
> May 19 13:22:46 pfqueue(21969) ERROR: [mac:unknown] Use of uninitialized
> value $out in split at /usr/local/pf/lib/pf/ipset.pm line 433.
> (pf::ipset::get_ip_from_ipset_by_mac)
> May 19 13:22:46 pfqueue(21969) WARN: [mac:unknown] Problem trying to run
> command: LANG=C sudo ipset --list pfsession_Reg_10.19.0.0 2>&1 called from
> ipset_remove_ip. OS Error: No child processes (pf::util::pf_run)
> May 19 13:22:46 pfqueue(21969) WARN: [mac:unknown] Use of uninitialized value
> $out in split at /usr/local/pf/lib/pf/ipset.pm line 378.
> (pf::ipset::ipset_remove_ip)
> May 19 13:22:46 pfqueue(21969) ERROR: [mac:unknown] Use of uninitialized
> value $out in split at /usr/local/pf/lib/pf/ipset.pm line 378.
> (pf::ipset::ipset_remove_ip)
> May 19 13:22:47 pfqueue(21963) WARN: [mac:1c:b7:2c:89:9d:a5] Unable to
> perform a Fingerbank lookup for device with MAC address '1c:b7:2c:89:9d:a5'
> (pf::fingerbank::process)
> May 19 13:22:51 pfqueue(21970) INFO: [mac:unknown] Instantiate a new iptables
> modification method. pf::ipset (pf::inline::get_technique)
> May 19 13:22:55 pfqueue(21967) INFO: [mac:unknown] Instantiate a new iptables
> modification method. pf::ipset (pf::inline::get_technique)
> May 19 13:22:55 pfqueue(21967) WARN: [mac:unknown] Use of uninitialized value
> in anonymous hash ({}) at /usr/local/pf/lib/pf/util/webapi.pm line 31.
> (pf::util::webapi::add_mac_to_log_context)
> May 19 13:22:55 pfqueue(21967) ERROR: [mac:unknown] Use of uninitialized
> value in anonymous hash ({}) at /usr/local/pf/lib/pf/util/webapi.pm line 31.
> (pf::util::webapi::add_mac_to_log_context)
> May 19 13:22:55 pfqueue(21963) WARN: [mac:1c:b7:2c:89:9d:a5] Unable to
> perform a Fingerbank lookup for device with MAC address '1c:b7:2c:89:9d:a5'
> (pf::fingerbank::process)
> May 19 13:22:55 pfqueue(21965) WARN: [mac:1c:b7:2c:89:9d:a5] Unable to
> perform a Fingerbank lookup for device with MAC address '1c:b7:2c:89:9d:a5'
> (pf::fingerbank::process)
> May 19 13:22:55 pfqueue(21968) INFO: [mac:unknown] Instantiate a new iptables
> modification method. pf::ipset (pf::inline::get_technique)
> May 19 13:22:56 pfqueue(21970) INFO: [mac:unknown] Instantiate a new iptables
> modification method. pf::ipset (pf::inline::get_technique)
> May 19 13:22:56 pfqueue(21973) INFO: [mac:unknown] Instantiate a new iptables
> modification method. pf::ipset (pf::inline::get_technique)
At the same time, though I'm not sure there is a relation between the
two, our users are complaining that the network is slow, and unresponsive.
I have manually entered our api key, and "packetfence-config restart" &
"packetfence restart". Yet the errors remain.
I tried to double-check our api key, but the register link on
https://fingerbank.inverse.ca/login links back the the same page. So I'm
not even sure that our api key is correct.
How can I solve these errors? And could someone take a look at the
register link on http://fingerbank.org/usage.html to correct it?
Our fingerbank.conf:
> [upstream]
> api_key=our_api_key...
> db_url = https://fingerbank.inverse.ca/api/v1/download
> interrogate = enabled
> interrogate_url =
> https://fingerbank.inverse.ca/api/v1/combinations/interrogate
> submit_url = https://fingerbank.inverse.ca/api/v1/combinations/submit
>
> [query]
> record_unmatched = disabled
> use_tcp_fingerprinting = enabled
>
> [tcp_fingerprinting]
> p0f_socket_path = /var/run/p0f.sock
> p0f_map_path = /usr/local/fingerbank/conf/fingerbank-p0f.fp
> p0f_map_url = https://fingerbank.inverse.ca/api/v1/download-p0f-map
>
> [proxy]
> use_proxy = disabled
> host =
> port =
> verify_ssl = enabled
Hopefully someone has a clue..?
MJ
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
