Re: [PacketFence-users] Syslog Parser Regex - Can't locate object method "named_captures"
It seems to an issue with your version of the perl library re::engine::RE2 (libre-engine-re2-perl). Which version of Packetfence are you running? From: Nate Tremmel via PacketFence-users Reply-To: "packetfence-users@lists.sourceforge.net" Date: Wednesday, August 18, 2021 at 12:42 PM To: "PacketFence-users@lists.sourceforge.net" Cc: Nate Tremmel Subject: Re: [PacketFence-users] Syslog Parser Regex - Can't locate object method "named_captures" Update. I do not get an error using the ZEN OVA. On Aug 3, 2021, at 2:27 PM, Nate Tremmel wrote: Running packetfence on Debian Stretch and am attempting to build a syslog regex parser to update IP addresses from syslog. I have built a regex and tried to sample a log line and am getting the error “Unknown error, check server side logs for details” in the GUI When looking at packetfence.log from the CLI, the following error appears “pfperl-api(2002) ERROR: Can't locate object method "named_captures" via package "re::engine::RE2" at /usr/local/pf/lib/pfappserver/Form/Field/PfdetectRegexRule.pm line 140. (Mojolicious::Plugin::DefaultHelpers::_development)” This sounds like a perl method missing because a package is not installed, but I’m unsure what package to add to the server, or perhaps it’s something that I’m not familiar with. Please advise. ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] pfqueue gets wedged
Charles, Can you try this patch to see if it helps your issue Patch instructions cd /usr/local/pf curl https://github.com/inverse-inc/packetfence/commit/5818ec6e37c396a68bef8411601c1c8131fa26a9.diff > 5818ec6e37c396a68bef8411601c1c8131fa26a9.diff service packetfence stop copy to /usr/local/pf patch -p1 < 5818ec6e37c396a68bef8411601c1c8131fa26a9.diff service packetfence start James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2017-04-27 12:28 PM, Charles Rumford wrote: On 4/27/17 10:49 AM, James Rouzier wrote: Charles what version of packetfence are you using? 6.5.1 I restarted packetfence as a whole, and has been sending CoAs just fine for about an hour. The only correlation that I could find while troubleshooting was pfqueue. It's clearly a load related issue. Do there exist any documents about performance tuning? James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2017-04-27 9:49 AM, Charles Rumford wrote: On 4/27/17 9:42 AM, Fabrice Durand wrote: Hello Charles, api:desAssociate is when a device is in process of registration or when the unreg date is reached. api:fingerbank_process is probably based on the dhcp traffic the server receive. Do you have some errors in the pfqueue.log ? I'm seeing some of the following: Apr 27 09:32:28 pfqueue(125776) WARN: [mac:74:75:48:1a:f5:09] Use of uninitialized value $n_status in string eq at /usr/local/pf/lib/pf/roles.pm line 105. (pf::roles::getRoleForNode) Apr 27 09:32:28 pfqueue(125776) ERROR: [mac:74:75:48:1a:f5:09] Use of uninitialized value $n_status in string eq at /usr/local/pf/lib/pf/roles.pm line 105. (pf::roles::getRoleForNode) Apr 27 09:32:28 pfqueue(125776) WARN: [mac:74:75:48:1a:f5:09] Use of uninitialized value $n_status in string eq at /usr/local/pf/lib/pf/roles.pm line 105. (pf::roles::getRoleForNode) Apr 27 09:32:28 pfqueue(125776) ERROR: [mac:74:75:48:1a:f5:09] Use of uninitialized value $n_status in string eq at /usr/local/pf/lib/pf/roles.pm line 105. (pf::roles::getRoleForNode) Apr 27 09:32:28 pfqueue(125776) WARN: [mac:74:75:48:1a:f5:09] Use of uninitialized value $mac in concatenation (.) or string at /usr/local/pf/lib/pf/roles.pm line 134. (pf::roles::performRoleLookup) Apr 27 09:32:28 pfqueue(125776) ERROR: [mac:74:75:48:1a:f5:09] Use of uninitialized value $mac in concatenation (.) or string at /usr/local/pf/lib/pf/roles.pm line 134. (pf::roles::performRoleLookup) Apr 27 09:32:28 pfqueue(125776) WARN: [mac:74:75:48:1a:f5:09] Use of uninitialized value in concatenation (.) or string at /usr/local/pf/lib/pf/roles.pm line 157. (pf::roles::_assignRoleFromCategory) Apr 27 09:32:28 pfqueue(125776) ERROR: [mac:74:75:48:1a:f5:09] Use of uninitialized value in concatenation (.) or string at /usr/local/pf/lib/pf/roles.pm line 157. (pf::roles::_assignRoleFromCategory) and Apr 27 09:43:01 pfqueue(123784) WARN: [mac:cc:44:63:0b:4d:c6] Use of uninitialized value in numeric eq (==) at /usr/local/pf/lib/pf/iplog.pm line 870. (pf::iplog::__ANON__) Apr 27 09:43:01 pfqueue(123784) ERROR: [mac:cc:44:63:0b:4d:c6] Use of uninitialized value in numeric eq (==) at /usr/local/pf/lib/pf/iplog.pm line 870. (pf::iplog::__ANON__) And a lot of these: Apr 27 09:43:28 pfqueue(123784) WARN: [mac:ec:9b:f3:95:02:52] Unable to perform a Fingerbank lookup for device with MAC address 'ec:9b:f3:95:02:52' (pf::fingerbank::__ANON__) The only thing that I'm getting with relation to CoAs is: Apr 27 09:26:27 pfqueue(115173) WARN: [mac:50:7a:55:5a:e8:10] Unable to perform RADIUS Disconnect-Request. CoA-NAK received with Error-Cause: Session-Context-Not-Found. (pf::Switch::Aruba::radiusDisconnect) but I'd guess that this is from the pfqueue dumping the back log of CoAs and the user no longer on the controller. Regards Fabrice Le 2017-04-27 à 09:36, Charles Rumford a écrit : This morning we put our PacketFence installation into production. One of the first things that I noticed was that it appears that the pfqueue gets wedged with task types api:desAssociate and api:fingerbank_process with ever increasing outstanding task counters. If I restart the pfqueue, I see radius CoAs being send for a short period of time, and then nothing, until I restart the pfqueue again. Has anyone else seen this? If so, suggestions on how to fix it? -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence
Re: [PacketFence-users] pfqueue gets wedged
Charles what version of packetfence are you using? James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2017-04-27 9:49 AM, Charles Rumford wrote: > On 4/27/17 9:42 AM, Fabrice Durand wrote: >> Hello Charles, >> >> api:desAssociate is when a device is in process of registration or when >> the unreg date is reached. >> >> api:fingerbank_process is probably based on the dhcp traffic the server >> receive. >> >> Do you have some errors in the pfqueue.log ? > I'm seeing some of the following: > Apr 27 09:32:28 pfqueue(125776) WARN: [mac:74:75:48:1a:f5:09] Use of > uninitialized value $n_status in string eq at > /usr/local/pf/lib/pf/roles.pm line 105. > (pf::roles::getRoleForNode) > Apr 27 09:32:28 pfqueue(125776) ERROR: [mac:74:75:48:1a:f5:09] Use of > uninitialized value $n_status in string eq at > /usr/local/pf/lib/pf/roles.pm line 105. > (pf::roles::getRoleForNode) > Apr 27 09:32:28 pfqueue(125776) WARN: [mac:74:75:48:1a:f5:09] Use of > uninitialized value $n_status in string eq at > /usr/local/pf/lib/pf/roles.pm line 105. > (pf::roles::getRoleForNode) > Apr 27 09:32:28 pfqueue(125776) ERROR: [mac:74:75:48:1a:f5:09] Use of > uninitialized value $n_status in string eq at > /usr/local/pf/lib/pf/roles.pm line 105. > (pf::roles::getRoleForNode) > Apr 27 09:32:28 pfqueue(125776) WARN: [mac:74:75:48:1a:f5:09] Use of > uninitialized value $mac in concatenation (.) or string at > /usr/local/pf/lib/pf/roles.pm line 134. > (pf::roles::performRoleLookup) > Apr 27 09:32:28 pfqueue(125776) ERROR: [mac:74:75:48:1a:f5:09] Use of > uninitialized value $mac in concatenation (.) or string at > /usr/local/pf/lib/pf/roles.pm line 134. > (pf::roles::performRoleLookup) > Apr 27 09:32:28 pfqueue(125776) WARN: [mac:74:75:48:1a:f5:09] Use of > uninitialized value in concatenation (.) or string at > /usr/local/pf/lib/pf/roles.pm line 157. > (pf::roles::_assignRoleFromCategory) > Apr 27 09:32:28 pfqueue(125776) ERROR: [mac:74:75:48:1a:f5:09] Use of > uninitialized value in concatenation (.) or string at > /usr/local/pf/lib/pf/roles.pm line 157. > (pf::roles::_assignRoleFromCategory) > > and > Apr 27 09:43:01 pfqueue(123784) WARN: [mac:cc:44:63:0b:4d:c6] Use of > uninitialized value in numeric eq (==) at /usr/local/pf/lib/pf/iplog.pm > line 870. > (pf::iplog::__ANON__) > Apr 27 09:43:01 pfqueue(123784) ERROR: [mac:cc:44:63:0b:4d:c6] Use of > uninitialized value in numeric eq (==) at /usr/local/pf/lib/pf/iplog.pm > line 870. > (pf::iplog::__ANON__) > > And a lot of these: > > Apr 27 09:43:28 pfqueue(123784) WARN: [mac:ec:9b:f3:95:02:52] Unable to > perform a Fingerbank lookup for device with MAC address > 'ec:9b:f3:95:02:52' (pf::fingerbank::__ANON__) > > The only thing that I'm getting with relation to CoAs is: > Apr 27 09:26:27 pfqueue(115173) WARN: [mac:50:7a:55:5a:e8:10] Unable to > perform RADIUS Disconnect-Request. CoA-NAK received with Error-Cause: > Session-Context-Not-Found. (pf::Switch::Aruba::radiusDisconnect) > > but I'd guess that this is from the pfqueue dumping the back log of CoAs > and the user no longer on the controller. > > > >> Regards >> Fabrice >> >> Le 2017-04-27 à 09:36, Charles Rumford a écrit : >>> This morning we put our PacketFence installation into production. >>> >>> One of the first things that I noticed was that it appears that the >>> pfqueue gets wedged with task types api:desAssociate and >>> api:fingerbank_process with ever increasing outstanding task counters. >>> >>> If I restart the pfqueue, I see radius CoAs being send for a short >>> period of time, and then nothing, until I restart the pfqueue again. >>> >>> Has anyone else seen this? If so, suggestions on how to fix it? > -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Updating from 6.4.0 to 6.5.0 on Centos6
That feature never got in 6.5.0 but some how the instructions for it got into the UPGRADE guide please ignore that part James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2017-03-02 12:13 PM, Rokkhan wrote: HI I have followed this upgrade procedure https://github.com/inverse-inc/packetfence/blob/stable/UPGRADE.asciidoc but the script to update pfdetect is missing in my installation. New parameters have been introduced in conf/pfdetect.conf Run the following script to add these parameters to pfdetect.conf /usr/local/pf/addons/upgrade/to-6.5-pfdetect-conf.pl <http://to-6.5-pfdetect-conf.pl> There is no /usr/local/pf/addons/upgrade/to-6.5-pfdetect-conf.pl <http://to-6.5-pfdetect-conf.pl> file in my server. What am I doing wrong? Greetings. -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Packetfence 6.5 Portal Preview Error
Jes Just to make sure you have done the all steps since they where in multiple emails. If you have done all the steps and it still does not work please let me know. For your reference here are all the steps. perl /usr/local/pf/addons/pf-maint.pl cp /usr/local/pf/conf/httpd.conf.d/httpd.portal.tt.example /usr/local/pf/conf/httpd.conf.d/httpd.portal.tt /usr/local/pf/bin/pfcmd service pf restart James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2017-02-23 3:15 AM, Jes Kasper Klittum wrote: I am getting the same error, but performing the suggested steps does not change anything. I am just told that the page is redirecting in a way that prevents it from ever finishing. This is the error I am getting: 192.168.2.2 - - [23/Feb/2017:09:09:03 +0100] "hostname.mydomain.com:1443" "GET /captive-portal?destination_url=http:// hostname.mydomain.com:1443/=Wireless-Guest HTTP/1.1" 302 287 "https:// hostname.mydomain.com:1443/admin/configuration" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0" 4381 One thing I notice is the fact that the IP referenced is the IP of the registration interface, but I think it should be hitting my management interface, right? Jes *Fra:*James Rouzier [mailto:jrouz...@inverse.ca] *Sendt:* 22. februar 2017 17:55 *Til:* packetfence-users@lists.sourceforge.net *Emne:* Re: [PacketFence-users] Packetfence 6.5 Portal Preview Error Before restarting PacketFence you should do cp /usr/local/pf/conf/httpd.conf.d/httpd.portal.tt.example /usr/local/pf/conf/httpd.conf.d/httpd.portal.tt Thanks James Rouzier jrouz...@inverse.ca <mailto:jrouz...@inverse.ca> :: +1.514.447.4918 (x115) ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2017-02-22 11:37 AM, Ludovic Zammit wrote: Hello, Can you try to apply the maintenance branch to download and patch all the bug fixes that 6.5 has. /usr/local/pf/addons/pf-maint.pl /usr/local/pf/bin/pfcmd service pf restart And retry the captive portal. Thanks, Ludovic Zammit lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 (x145) ::www.inverse.ca <http://www.inverse.ca> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) Le 22 févr. 2017 à 10:51, Pedro Ceriotti <pedro.cerio...@hotmail.com <mailto:pedro.cerio...@hotmail.com>> a écrit : Hello all, I've recently installed pf 6.5 in a RHEL 7 and I'm trying to use the portal preview. However, I'm getting ERR_TO_MANY_REDIRECT in all browsers. Which is funny because in our server for production packetfence (version 6.3) I got this correct. Thanks in advance, Pedro -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org <http://slashdot.org>! http://sdm.link/slashdot___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net <mailto:PacketFence-users@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org!http://sdm.link/slashdot ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net <mailto:PacketFence-users@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Packetfence 6.5 Portal Preview Error
Before restarting PacketFence you should do cp /usr/local/pf/conf/httpd.conf.d/httpd.portal.tt.example /usr/local/pf/conf/httpd.conf.d/httpd.portal.tt Thanks James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2017-02-22 11:37 AM, Ludovic Zammit wrote: Hello, Can you try to apply the maintenance branch to download and patch all the bug fixes that 6.5 has. /usr/local/pf/addons/pf-maint.pl /usr/local/pf/bin/pfcmd service pf restart And retry the captive portal. Thanks, Ludovic Zammit lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 (x145) ::www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) Le 22 févr. 2017 à 10:51, Pedro Ceriotti <pedro.cerio...@hotmail.com <mailto:pedro.cerio...@hotmail.com>> a écrit : Hello all, I've recently installed pf 6.5 in a RHEL 7 and I'm trying to use the portal preview. However, I'm getting ERR_TO_MANY_REDIRECT in all browsers. Which is funny because in our server for production packetfence (version 6.3) I got this correct. Thanks in advance, Pedro -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org <http://slashdot.org>! http://sdm.link/slashdot___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net <mailto:PacketFence-users@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Portal profiles: Filtering by device class?
Which version of PacketFence are you running? James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2017-02-21 7:01 AM, Jes Kasper Klittum wrote: Hi everyone, I am trying to limit what different kinds of wireless equipment get access to, but am finding it a bit difficult. If mobile phones sign in to the SSID using Wireless-802.11-EAP, I would like the device to be put in guest VLAN If a domain computer sign in to the SSID using Wireless-802.11-EAP, I would like the device to be put in our client VLAN I have two portal profiles: 1. One for mobiles, with top priority, that does not recompute role based on dot1x, and a source pointing to the OU in my AD where users reside, and a rule that puts devices in guest VLAN – this works fine for mobiles with Wireless-802.11-EAP 2. One for computers, that filters for Ethernet-EAP and for Wireless-802.11-EAP, and is set to recompute the role from portal. The source is set to look in our AD where domain computers resides and set up to use a role that grants access to out client LAN. Both work fine alone, but if I have both portal profiles active, then when number 1 is top, I get on the guest network with mobiles, but computers end up in registration VLAN due to trying to use the portal profile for mobiles. If I set the second profile as top, then machines auth fine and get access to client LAN, but mobiles also use this profile and try to machine auth. I was wondering if it was possible to filter based on device class as well, so I can have a portal for MOBILE device Wireless EAP and a portal for Windows device EAP? Best regards, Jes -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] http.admin - Can't locate pfappserver/PacketFence/Controller/Config/MacAddress.pm
Szél, The problem seems to be that there was a left over that the Admin was trying to load. The solution is the following. sudo rm -f /usr/local/pf/html/pfappserver/lib/pfappserver/Controller/Config/MacAddress.pm /usr/local/pf/bin/pfcmd service httpd.admin restart Please let me know if the helps James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2017-02-02 7:54 AM, Szél Gábor wrote: Hello All, We use the PacketFence in production at the School. We have ~400+ wireless user. ( openwrt+hostapd) The last update, we have a problem with the http admin: # /usr/local/pf/bin/pfcmd service httpd.admin restart service|command httpd.admin|already stopped Syntax error on line 100 of /usr/local/pf/var/conf/httpd.conf.d/httpd.admin: Can't locate pfappserver/PacketFence/Controller/Config/MacAddress.pm in @INC (@INC contains: /usr/local/pf/html/captive-portal/lib /usr/local/pf/conf /usr/local/fingerbank/lib /usr/local/pf/lib /usr/local/pf/html/pfappserver/lib /etc/perl /usr/local/lib/perl/5.14.2 /usr/local/share/perl/5.14.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.14 /usr/share/perl/5.14 /usr/local/lib/site_perl . /etc/apache2) at /usr/share/perl5/Module/Runtime.pm line 317.\n at /usr/lib/perl5/Moose.pm line 63.\nBEGIN failed--compilation aborted at /usr/local/pf/html/pfappserver/lib/pfappserver/Controller/Config/MacAddress.pm line 15.\nCompilation failed in require at /usr/share/perl5/Catalyst/Utils.pm line 306.\nCompilation failed in require at (eval 2) line 2.\n httpd.admin|not started # system information: - Debian Wheezy (7.x) 64bit - last packetfence version: # dpkg -l | grep packetf ii packetfence 6.5.0-1 all PacketFence network registration / worm mitigation system ii packetfence-config 6.5.0-1 all Service use to manage PacketFence configuration. ii packetfence-ntlm-wrapper 6.5.0-1 amd64C wrapper around the ntlm_auth utility to log authentication latency and success/failure. ii packetfence-pfcmd-suid 6.5.0-1 amd64C wrapper that replace perl-suid dependence ii packetfence-redis-cache 6.5.0-1 all Init script to manage redis server. - we use upgrade guide: https://github.com/inverse-inc/packetfence/blob/packetfence-6.5.0/UPGRADE.asciidoc - we upgraded from PF 6.4 to PF 6.5 - All the other works fine please help from me, I do not know what could be the problem :) -- Regards Szél Gábor -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] ERROR: can't load appenderclass Syslog
That errors means that the perl module Log::Dispatch::Syslog is not installed. You can install it by doing the following yum install --enablerepo=packetfence perl-Log-Dispatch James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-12-05 1:40 PM, Enrico Pala wrote: Hi All, I'm working with Packetfence 6.4 on CentOS7 and need to send PF messages to a remote syslog server. I've followed the guide at https://packetfence.org/support/faq/article/packetfence-and-remote-syslog.html?no_cache=1 but when restarting Packetfence I get the following errors: ERROR: can't load appenderclass 'Log::Dispatch::Syslog' pfcmd: Can't locate Log/Dispatch/Syslog.pm in @INC (@INC contains: /usr/local/pf/lib /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5) at (eval 32) line 2. pfcmd: BEGIN failed--compilation aborted at /usr/local/pf/lib/pf/cmd/pf/service.pm <http://service.pm> line 66. pfcmd: Compilation failed in require at /usr/share/perl5/vendor_perl/Module/Load.pm line 27. I found the perl module that Syslog.pm in a path but it's not listed in the @INC variable (it's here: /usr/lib64/perl5/vendor_perl/Sys/Syslog.pm). Is there an official fix to the problem? Many thanks, Enrico -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] MySQL has gone away?
Which version of packetfence do you have? Also do you have a huge amount of switches? James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-10-01 7:42 PM, Jason 'XenoPhage' Frisvold wrote: I'm not so sure here.. This happens immediately after starting the system up, right after a reboot.. So it doesn't feel like a timeout issue to me.. On 9/29/16 1:57 PM, g4-l...@tonarchiv.ch wrote: Hi Jason, we had a similar issue, and after some searching on the mailing list i read that this could be a MySQL socket timeout. The default timeout is AFAIK 8 hours. I.e. if there is absolutely nothing going on on PF for more than 8 hours, MySQL stops listening on the socket. Although I have no idea how it can happen that PF does not use the DB for so many hours. Maybe when pfmon is not running for some reason? We never had this issue again, but nevertheless I set wait_timeout in my.cf to 43200 = 12 hours. Maybe this helps in you, too. Regards, Till On 29.09.2016 19:34, Jason 'XenoPhage' Frisvold wrote: On 9/16/16 10:01, Louis Munro wrote: Hi Jason, Man, it's been a month.. sorry for the delay here.. Are you running this as a cluster or a single node? Single Node. And are there other database errors in the logs? No, those are pretty much the only ones.. Any sign that mysql may be restarted (by systemd perhaps)? You mean that mysql was being restarted when these errors occurred? No, it was up and running ... Regards, -- Louis Munro -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] OMAPI errors in pf log
You can disable the OMAPI lookup in pf.conf [omapi] ip2mac_lookup=disabled /usr/bin/pf/bin/pfcmd configreload James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-09-15 10:52 AM, Sallee, Jake wrote: > PF version 5.6.1 > > I'm getting some interesting errors in my packetfence.log: > > Sep 15 09:42:27 httpd.aaa(23024) ERROR: [mac:c0:ce:cd:e7:d6:47] Use of > uninitialized value $received_startup_message in unpack at > /usr/local/pf/lib/pf/OMAPI.pm line 241. > Sep 15 09:42:27 httpd.aaa(23024) ERROR: [mac:e8:61:7e:54:fe:5f] Timeout while > reading from the OMAPI socket (pf::OMAPI::validate_reply) > Sep 15 09:42:27 httpd.aaa(23024) ERROR: [mac:e8:61:7e:54:fe:5f] Use of > uninitialized value $received_startup_message in unpack at > /usr/local/pf/lib/pf/OMAPI.pm line 241. > Sep 15 09:42:30 httpd.aaa(23024) ERROR: [mac:28:f0:76:00:1a:46] Timeout while > reading from the OMAPI socket (pf::OMAPI::validate_reply) > Sep 15 09:42:30 httpd.aaa(23024) ERROR: [mac:28:f0:76:00:1a:46] Use of > uninitialized value $received_startup_message in unpack at > /usr/local/pf/lib/pf/OMAPI.pm line 241. > Sep 15 09:42:30 httpd.aaa(23024) ERROR: [mac:24:a0:74:0c:90:e9] Timeout while > reading from the OMAPI socket (pf::OMAPI::validate_reply) > Sep 15 09:42:30 httpd.aaa(23024) ERROR: [mac:24:a0:74:0c:90:e9] Use of > uninitialized value $received_startup_message in unpack at > /usr/local/pf/lib/pf/OMAPI.pm line 241. > Sep 15 09:42:30 httpd.aaa(23024) ERROR: [mac:bc:6c:21:22:23:4d] Timeout while > reading from the OMAPI socket (pf::OMAPI::validate_reply) > Sep 15 09:42:30 httpd.aaa(23024) ERROR: [mac:bc:6c:21:22:23:4d] Use of > uninitialized value $received_startup_message in unpack at > /usr/local/pf/lib/pf/OMAPI.pm line 241. > Sep 15 09:42:31 httpd.aaa(23024) ERROR: [mac:a8:66:7f:c6:7c:13] Timeout while > reading from the OMAPI socket (pf::OMAPI::validate_reply) > Sep 15 09:42:31 httpd.aaa(23024) ERROR: [mac:a8:66:7f:c6:7c:13] Use of > uninitialized value $received_startup_message in unpack at > /usr/local/pf/lib/pf/OMAPI.pm line 241. > Sep 15 09:42:32 httpd.aaa(23024) ERROR: [mac:6c:40:08:63:a6:b9] Timeout while > reading from the OMAPI socket (pf::OMAPI::validate_reply) > Sep 15 09:42:32 httpd.aaa(23024) ERROR: [mac:6c:40:08:63:a6:b9] Use of > uninitialized value $received_startup_message in unpack at > /usr/local/pf/lib/pf/OMAPI.pm line 241. > Sep 15 09:42:33 httpd.aaa(23024) ERROR: [mac:fc:c2:de:ec:d3:b5] Timeout while > reading from the OMAPI socket (pf::OMAPI::validate_reply) > Sep 15 09:42:33 httpd.aaa(23024) ERROR: [mac:fc:c2:de:ec:d3:b5] Use of > uninitialized value $received_startup_message in unpack at > /usr/local/pf/lib/pf/OMAPI.pm line 241. > Sep 15 09:42:34 httpd.aaa(23024) ERROR: [mac:0c:77:1a:ab:83:f9] Timeout while > reading from the OMAPI socket (pf::OMAPI::validate_reply) > Sep 15 09:42:34 httpd.aaa(23024) ERROR: [mac:0c:77:1a:ab:83:f9] Use of > uninitialized value $received_startup_message in unpack at > /usr/local/pf/lib/pf/OMAPI.pm line 241. > Sep 15 09:42:36 httpd.aaa(23024) ERROR: [mac:2c:be:08:d4:15:4d] Timeout while > reading from the OMAPI socket (pf::OMAPI::validate_reply) > Sep 15 09:42:36 httpd.aaa(23024) ERROR: [mac:2c:be:08:d4:15:4d] Use of > uninitialized value $received_startup_message in unpack at > /usr/local/pf/lib/pf/OMAPI.pm line 241. > > > Some research showed it is related to DHCPD and indeed bouncing the service > does seem to solve the issue for a while but the issue returns. > > We are not using the PF box for any DHCP functions (other than PF listening > to DHCP for the location logs). > > Are the errors anything I should worry about? If so, how do I fix them? > > Jake Sallee > Godfather of Bandwidth > System Engineer > University of Mary Hardin-Baylor > WWW.UMHB.EDU > > 900 College St. > Belton, Texas > 76513 > > Fone: 254-295-4658 > Phax: 254-295-4221 > > -- > ___ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] inplace upgrade from pf 5.7 to 6.0 failing
Remove the file /usr/local/pf/lib/pf/services/manager/radsniff3.pm it is no longer needed for some reason when upgrading it was not removed. James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-06-23 2:51 PM, Morgan, Joel P. wrote: I got the same errors when upgrading from 5.7 to 6.1 on CentOS 6.7. The file /usr/local/pf/lib/pf/services/manager/radsniff3.pm doesn’t exist. radsniff.pm does exist. yum update packetfence --enablerepo=packetfence ….. Starting httpd.adminCouldn't require pf::services::manager::radsniff3 : Global symbol "$install_dir" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 33. Global symbol "$install_dir" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 33. Global symbol "$install_dir" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 33. Global symbol "$install_dir" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 33. Global symbol "$install_dir" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 36. Global symbol "$install_dir" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 36. Global symbol "$install_dir" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 36. Global symbol "$install_dir" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 36. Global symbol "$management_network" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 36. Compilation failed in require at (eval 1675) line 3. at /usr/share/perl5/vendor_perl/Module/Pluggable.pm line 28 module pf::cmd::pf::service cannot be loaded Can't locate object method "name" via package "pf::services::manager::radsniff3" at /usr/local/pf/lib/pf/services.pm line 41. Compilation failed in require at /usr/local/pf/lib/pf/cmd/pf/service.pm line 73. BEGIN failed--compilation aborted at /usr/local/pf/lib/pf/cmd/pf/service.pm line 73. Compilation failed in require at /usr/share/perl5/Module/Load.pm line 27. Can't locate pf/cmd/pf/service in @INC (@INC contains: /usr/local/pf/lib /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5) at /usr/share/perl5/Module/Load.pm line 27. -- Attend Shape: An AT Tech Expo July 15-16. Meet us at AT Park in San Francisco, CA to explore cutting-edge tech and listen to tech luminaries present their vision of the future. This family event has something for everyone, including kids. Get more information and register today. http://sdm.link/attshape ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Attend Shape: An AT Tech Expo July 15-16. Meet us at AT Park in San Francisco, CA to explore cutting-edge tech and listen to tech luminaries present their vision of the future. This family event has something for everyone, including kids. Get more information and register today. http://sdm.link/attshape___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] How do I update to version 5.7
Try yum update packetfence-5.7.0 --enablerepo=packetfence James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-06-21 3:13 PM, Morgan, Joel P. wrote: I have Packetfence version 5.4 running on CentOS 6.7. I don't want to upgrade to version 6 yet, but I would like to update to version 5.7. The command I ran was : yum update Packetfence-5.7 --enablerepo=packetfence The result was: Loaded plugins: fastestmirror, security Setting up Update Process Loading mirror speeds from cached hostfile * base: mirror.steadfast.net * extras: mirror.unl.edu * updates: ftp.usf.edu No Match for argument: Packetfence-5.7 No package Packetfence-5.7 available. No Packages marked for Update Can someone offer advice? -- Attend Shape: An AT Tech Expo July 15-16. Meet us at AT Park in San Francisco, CA to explore cutting-edge tech and listen to tech luminaries present their vision of the future. This family event has something for everyone, including kids. Get more information and register today. http://sdm.link/attshape ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Attend Shape: An AT Tech Expo July 15-16. Meet us at AT Park in San Francisco, CA to explore cutting-edge tech and listen to tech luminaries present their vision of the future. This family event has something for everyone, including kids. Get more information and register today. http://sdm.link/attshape___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Error with pf-maint.pl
The script saves all previous applied patches in the directory. /usr/local/pf/.paches can you send me the contents of /usr/local/pf/git_commit_id James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-06-09 10:51 AM, Nathan, Josh wrote: No, I ran it once before. I think after the first patch was released. But then I've seen at least one, if not 2 more patches get released that looked helpful. Thanks, Joshua Nathan Level 3 IT Support and Development Black Forest Academy +49 (0) 7626-9161-630 On Thu, Jun 9, 2016 at 4:41 PM, James Rouzier <jrouz...@inverse.ca <mailto:jrouz...@inverse.ca>> wrote: Was this the first time you ran pf-maint.pl <http://pf-maint.pl> after you installed 6.0.1? James Rouzier jrouz...@inverse.ca <mailto:jrouz...@inverse.ca> ::+1.514.447.4918 <tel:%2B1.514.447.4918> (x115) ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-06-09 10:36 AM, Nathan, Josh wrote: I get this: 44843a2ebfee8d3a97908d7a262ae222f52a1ded-569bff3d1f44e60fc6cbbb4b26deb9e7d1e9f919.diff Thanks, Joshua Nathan Level 3 IT Support and Development Black Forest Academy +49 (0) 7626-9161-630 On Thu, Jun 9, 2016 at 4:18 PM, James Rouzier <jrouz...@inverse.ca <mailto:jrouz...@inverse.ca>> wrote: Hi Josh it seems that the maintenance branch is out of wack with your install. Can you send me the out of the following command ls /usr/local/pf/.paches James Rouzier jrouz...@inverse.ca <mailto:jrouz...@inverse.ca> ::+1.514.447.4918 <tel:%2B1.514.447.4918> (x115) ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-06-09 10:01 AM, Nathan, Josh wrote: Any ideas on what to look for? I'd like to apply some of the patches that have been released. The server obviously has Internet access. Do I need to pass a specific flag to pf-maint.pl <http://pf-maint.pl>? Thanks, Joshua Nathan Level 3 IT Support and Development Black Forest Academy +49 (0) 7626-9161-630 On Tue, Jun 7, 2016 at 10:35 AM, Nathan, Josh <josh.nat...@bfacademy.de <mailto:josh.nat...@bfacademy.de>> wrote: When I try to run pf-maint, I get the following error: ** GET https://api.github.com/repos/inverse-inc/packetfence/compare/a962ef7cf0c0755845f9e48ee0d2d0c5bf517c7d...f9dda4c3b46973fd6fa4fac586df9ce810df745c ==> 404 Not Found (1s) 404 Not Found I'm running PF 6.0.1. Thanks, Joshua Nathan Level 3 IT Support and Development Black Forest Academy +49 (0) 7626-9161-630 <tel:%2B49%20%280%29%207626-9161-630> -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports.https://ad.doubleclick.net/ddm/clk/305295220;132659582;e ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net <mailto:PacketFence-users@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/packetfence-users -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net <mailto:PacketFence-users@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/packetfence-users -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level.
Re: [PacketFence-users] Error with pf-maint.pl
Hi Josh it seems that the maintenance branch is out of wack with your install. Can you send me the out of the following command ls /usr/local/pf/.paches James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-06-09 10:01 AM, Nathan, Josh wrote: Any ideas on what to look for? I'd like to apply some of the patches that have been released. The server obviously has Internet access. Do I need to pass a specific flag to pf-maint.pl <http://pf-maint.pl>? Thanks, Joshua Nathan Level 3 IT Support and Development Black Forest Academy +49 (0) 7626-9161-630 On Tue, Jun 7, 2016 at 10:35 AM, Nathan, Josh <josh.nat...@bfacademy.de <mailto:josh.nat...@bfacademy.de>> wrote: When I try to run pf-maint, I get the following error: ** GET https://api.github.com/repos/inverse-inc/packetfence/compare/a962ef7cf0c0755845f9e48ee0d2d0c5bf517c7d...f9dda4c3b46973fd6fa4fac586df9ce810df745c ==> 404 Not Found (1s) 404 Not Found I'm running PF 6.0.1. Thanks, Joshua Nathan Level 3 IT Support and Development Black Forest Academy +49 (0) 7626-9161-630 <tel:%2B49%20%280%29%207626-9161-630> -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Hiding 'Mobile Provider' field in SMS registration form
You can create a hidden input field in the form James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-06-07 5:39 AM, Torry, Andrew wrote: We are running PF 6.0.3 (with mods) and have E-Mail based Registration working the way we. We have now moved on to enabling an SMS text based registration page. As a JANET organisation we subscribe to the JISC Text service which enables us to send an SMS text to ANY mobile phone regardless of its provider. Since this is the only SMS mobile provider we need we want to avoid confusing the ‘Guest’ with an unnecessary input field for ‘Mobile Provider’ in the registration page. I have tried ‘modding’ the HTML code in the ‘signup.html’ template file thus:- +
Re: [PacketFence-users] Erasing admin user after claering user on DB
You can look in the db schema for you version of PacketFence here https://github.com/inverse-inc/packetfence/tree/devel/db/ to find the correct initialization of the system users. Below you can find the current initialization sql of the system users INSERT INTO `person` (pid,notes) VALUES ("admin","Default Admin User - do not delete"); INSERT INTO `person` (pid,notes) VALUES ("default","Default User - do not delete"); If you also clear the password table then you should also do the following. INSERT INTO password (pid, password, valid_from, expiration, access_duration, access_level, category) VALUES ('admin', 'admin', NOW(), '2038-01-01', NULL, 'ALL', NULL); James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-06-07 6:32 AM, PROST pierrick wrote: Hi everyone, I’m a bit confuse, i deleted admin user on mysql DB (I clear the “person” table). Someone can give me a trick to recreate an admin account ? There is no other solution for clearing user from packet fence than make a big delete on this table (and possibly make a blunder like me) ? Regards Pierrick Prost -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] HTML code in print sent to users - Not clever!
Torry, I think I know what the problem is the aup text has a html filter automatically being apply to it. Can you try and apply the following patch. cd /usr/local/pf curl https://github.com/inverse-inc/packetfence/commit/fc51eab63867ca8ec7848c7dc9049c260ac3dc59.diff | patch -p1 Let me know if it has been fixed. James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-05-31 10:13 AM, Torry, Andrew wrote: Yes James, We are using 6.0.1 (not yet patched to 6.0.2). I have created that ‘aup_text’ subroutine as a test and it now reads a text-only file but it ignores all the formatting as if it was an HTML file and reformats it in its own way. Is it possible to added \n’s etc. to get it to at least to replace the ’s Regards Andrew *From:*James Rouzier [mailto:jrouz...@inverse.ca] *Sent:* 31 May 2016 14:48 *To:* packetfence-users@lists.sourceforge.net *Subject:* Re: [PacketFence-users] HTML code in print sent to users - Not clever! Torry to better help you what version of PacketFence are you running? James Rouzier jrouz...@inverse.ca <mailto:jrouz...@inverse.ca> :: +1.514.447.4918 (x115) ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-05-31 9:24 AM, Torry, Andrew wrote: When a block of user accounts are created and we wish to print out these on sheet by sheet basis the AUP is included on each sheet and is extracted from pf/html/captive-portal/templates/aup_text.html Our AUP is tabulated using embedded HTML and customisation and this is being included in the printout as gobbledegook:- Any user detected to be in breach of this agreement will be barred from using The Network and further action may be taken commensurate with the offence together with any statutory legal requirements.The Network must not be used for any of the following:-Deliberate (or attempted) unauthorised access to services on other networks; The creation, transmission or retrieval of:-Any offensive, obscene or indecent images;Data (in any form) that is capable of being resolved into such images;The accessing of any web site that give access to, or references such images; Material intended to (or is likely to), cause annoyance, inconvenience or anxiety to others;Any material of a defamatory nature; Any material that would infringe the copyright of another person (e.g. The use of Peer-Peer software);Unsolicited commercial or advertising materia… It prints as a continuous unbroken line of text and is unreadable. It gets the output from the ‘aup’ subroutine in /pf/lib/pf/web/guest.pm. I suppose could simply create a new subroutine ‘aup_text’ in the same file that reads a text only version of the same AUP. But this ‘mod’ will get broken in the next update - yes? Is there a way of getting it to use an ASCII printable copy without mashing up our aup_text.html file. Andrew -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports.https://ad.doubleclick.net/ddm/clk/305295220;132659582;e ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net <mailto:PacketFence-users@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/packetfence-users -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning re
Re: [PacketFence-users] HTML code in print sent to users - Not clever!
Torry to better help you what version of PacketFence are you running? James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-05-31 9:24 AM, Torry, Andrew wrote: When a block of user accounts are created and we wish to print out these on sheet by sheet basis the AUP is included on each sheet and is extracted from pf/html/captive-portal/templates/aup_text.html Our AUP is tabulated using embedded HTML and customisation and this is being included in the printout as gobbledegook:- Any user detected to be in breach of this agreement will be barred from using The Network and further action may be taken commensurate with the offence together with any statutory legal requirements.The Network must not be used for any of the following:-Deliberate (or attempted) unauthorised access to services on other networks; The creation, transmission or retrieval of:-Any offensive, obscene or indecent images;Data (in any form) that is capable of being resolved into such images;The accessing of any web site that give access to, or references such images; Material intended to (or is likely to), cause annoyance, inconvenience or anxiety to others;Any material of a defamatory nature; Any material that would infringe the copyright of another person (e.g. The use of Peer-Peer software);Unsolicited commercial or advertising materia… It prints as a continuous unbroken line of text and is unreadable. It gets the output from the ‘aup’ subroutine in /pf/lib/pf/web/guest.pm. I suppose could simply create a new subroutine ‘aup_text’ in the same file that reads a text only version of the same AUP. But this ‘mod’ will get broken in the next update - yes? Is there a way of getting it to use an ASCII printable copy without mashing up our aup_text.html file. Andrew -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] How to reload log.conf
Till this is a bug that was fixed reticently. You can apply the following patch to fix it. https://github.com/inverse-inc/packetfence/commit/3ab85ebe64eb69ffe4fa66bb131aad0615ea2bb8.diff James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-05-29 6:15 PM, g4-l...@tonarchiv.ch wrote: Hey James, Maybe you can answer me this question: when I call Authentication::authenticate() with {'username' =>..,..., 'rule_class' => $Rules::AUTH}, my RADIUS source is added twice. The logile shows: "Authenticating 'testuser' from source(s) local, file1, myrad, myrad (pf::authentication::authenticate)" Why is this? Has it something to do with the rule that belongs to this source (set role and duration)? Thanks, Till On 05/29/2016 09:40 PM, James Rouzier wrote: So I can better help you, can you explain what you are to debug? James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-05-29 3:31 PM, g4-l...@tonarchiv.ch wrote: Hi James, thank you for the quick answer... Actually I was waiting for 5 minutes or more. Maybe I put a wrong package name? But pf::authentication should exist. Regards, Till On 29.05.2016 21:21, James Rouzier wrote: You just would need to wait 5 minutes for the configuration to be reread. James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-05-29 3:05 PM, g4-l...@tonarchiv.ch wrote: Hi, When I have changed something in log.conf, for example adding a line: log4perl.category.pf.authentication = DEBUG Do I need to restart all PF services? Or is there a more convenient way? Thanks, Till -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports.https://ad.doubleclick.net/ddm/clk/305295220;132659582;e ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports.https://ad.doubleclick.net/ddm/clk/305295220;132659582;e ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports.https://ad.doubleclick.net/ddm/clk/305295220;132659582;e ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports.https://ad.doubleclick.net/ddm/clk/305295220;132659582;e ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/30529
Re: [PacketFence-users] How to reload log.conf
So I can better help you, can you explain what you are to debug? James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-05-29 3:31 PM, g4-l...@tonarchiv.ch wrote: Hi James, thank you for the quick answer... Actually I was waiting for 5 minutes or more. Maybe I put a wrong package name? But pf::authentication should exist. Regards, Till On 29.05.2016 21:21, James Rouzier wrote: You just would need to wait 5 minutes for the configuration to be reread. James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-05-29 3:05 PM, g4-l...@tonarchiv.ch wrote: Hi, When I have changed something in log.conf, for example adding a line: log4perl.category.pf.authentication = DEBUG Do I need to restart all PF services? Or is there a more convenient way? Thanks, Till -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports.https://ad.doubleclick.net/ddm/clk/305295220;132659582;e ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports.https://ad.doubleclick.net/ddm/clk/305295220;132659582;e ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] How to reload log.conf
You just would need to wait 5 minutes for the configuration to be reread. James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-05-29 3:05 PM, g4-l...@tonarchiv.ch wrote: Hi, When I have changed something in log.conf, for example adding a line: log4perl.category.pf.authentication = DEBUG Do I need to restart all PF services? Or is there a more convenient way? Thanks, Till -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Quick question - How to turn on verbose logging for some PF services
You can change the debug level by doing the following. Update the logging configuration for the service in this file conf/log.conf.d/pfqueue.conf Change to following line from this log4perl.rootLogger = INFO, PFQUEUE To this log4perl.rootLogger = TRACE, PFQUEUE Then you can either wait 5 minutes (that is the time it takes for the logging level to be updated) Or restart the service if you do not want to wait. James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-05-10 4:55 AM, Torry, Andrew wrote: I am trying to track down a problem with the PFQUEUE service in that it does not seem to be updating our long DHCP lease times properly and simply creating an entry with a lifetime of about 6 seconds! The pfqueue.log file contains entries like this:- May 10 09:28:18 pfqueue(11600) INFO: [mac:unknown] DHCPREQUEST from 04:4b:ed:43:13:2a (10.17.22.209) with lease of 7776000 seconds (pf::dhcp::processor::parse_dhcp_request) But the database has a start-time and end0time only 6 seconds apart for the IP address. All I need to do is turn on the verbose logging mode for pfqueue (-v option) but cannot find where to do it. Any ideas? Andrew -- Mobile security can be enabling, not merely restricting. Employees who bring their own devices (BYOD) to work are irked by the imposition of MDM restrictions. Mobile Device Manager Plus allows you to control only the apps on BYO-devices by containerizing them, leaving personal data untouched! https://ad.doubleclick.net/ddm/clk/304595813;131938128;j ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Mobile security can be enabling, not merely restricting. Employees who bring their own devices (BYOD) to work are irked by the imposition of MDM restrictions. Mobile Device Manager Plus allows you to control only the apps on BYO-devices by containerizing them, leaving personal data untouched! https://ad.doubleclick.net/ddm/clk/304595813;131938128;j___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Frustrated by installation instructions
Patrick, Can you please provide the exact steps you used in order to install. Here are the instructions to install on debian/centos http://packetfence.org/support/faq/article/how-to-install-packetfence-on-debian.html http://packetfence.org/support/faq/article/how-to-install-packetfence-with-yum.html James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-05-01 4:58 AM, Patrick Lashway wrote: Hello all, I've spent the majority of my weekend trying to just install PF, sadly, there are no viable instructions, to the point that if they had not recently launched a new edition I would have thought the project must be abandoned (which would be a real loss). I followed the instructions in the manual to the T for CEntOS 6 and 7, Debian 7 and 8, and Ubuntu 12. All returned with unsatisfied dependencies, there are no working fixes anywhere on the net; in fact, there are several posts of people asking in these forums on how to fix that particular issue, none of them are answered. I've also branched out, followed some tutorials from other places, didn't work. Searched for some of the dependencies, and they seem to only exist for PF, but with no concrete location to wget from. On that note, there are a number of broken links on the site that make it even more difficult to navigate that it already would be. I want to use this, PF seems like it would be perfect for what I'm after, but the poor support and documentation makes it really, really hard to want to keep trying. At this point I feel like I'm left with migrating the Zen to my bare metal. -- Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] autoreg with vlan filter not working
Hey Andi, In PF 5.5.0 match and match_not was changed from a regex to a just a match or not a match. There is a new operator regex but regex_not operator slipped through the cracks until now! You can apply the following patch to add support for the regex_not operator. cd /usr/local/pf curl https://github.com/inverse-inc/packetfence/commit/0dd1dd63e7fe3493e50bf94d557161df577704a9.diff | patch -p1 However if you do not want to patch your install you can do the following. [visiting_user_not] filter = username operator = regex value = ^(.+@[Cc][Aa][Rr][Dd][Ii][Ff][Ff][Mm][Ee][Tt]\.[Aa][Cc]\.[Uu][Kk]$|.+@[Uu][Ww][Ii][Cc]\.[Aa][Cc]\.[Uu][Kk]$ <mailto:.+@[Cc][Aa][Rr][Dd][Ii][Ff][Ff][Mm][Ee][Tt]%5C.%5bAa%5d%5bCc%5d%5C.%5bUu%5d%5bKk%5d$%7C.+@%5bUu%5d%5bWw%5d%5bIi%5d%5bCc%5d%5C.%5bAa%5d%5bCc%5d%5C.%5bUu%5d%5bKk%5d$>) [autoreg:!visiting_user_not] scope = AutoRegister role = visitor_welcome James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-04-28 12:44 PM, Morris, Andi wrote: Hey all, A bump of an old topic, but it still seems to be the case. Somewhere since version 5.0.1 the vlan_filters has changed as it works as below in that version, but I couldn’t get it to work with version 5.7.0 or now with 6.0. I can get a positive match using ‘user_name’ and ‘regex’ as you can see from the previous emails, however I used to use a ‘match_not’ with ‘username’ and this is no longer recognised. Is there a similar syntax change that I can do make this rule work? [visiting_user] filter = username operator = match_not value = ^(.+@[Cc][Aa][Rr][Dd][Ii][Ff][Ff][Mm][Ee][Tt]\.[Aa][Cc]\.[Uu][Kk]$|.+@[Uu][Ww][Ii][Cc]\.[Aa][Cc]\.[Uu][Kk]$ <mailto:.+@[Cc][Aa][Rr][Dd][Ii][Ff][Ff][Mm][Ee][Tt]%5C.%5bAa%5d%5bCc%5d%5C.%5bUu%5d%5bKk%5d$%7C.+@%5bUu%5d%5bWw%5d%5bIi%5d%5bCc%5d%5C.%5bAa%5d%5bCc%5d%5C.%5bUu%5d%5bKk%5d$>) Cheers, Andi *From:*Morris, Andi [mailto:amor...@cardiffmet.ac.uk] *Sent:* 03 March 2016 13:54 *To:* packetfence-users@lists.sourceforge.net *Subject:* Re: [PacketFence-users] autoreg with vlan filter not working Bingo! Thanks Fabrice. *From:*Fabrice DURAND [mailto:fdur...@inverse.ca] *Sent:* 03 March 2016 13:34 *To:* packetfence-users@lists.sourceforge.net <mailto:packetfence-users@lists.sourceforge.net> *Subject:* Re: [PacketFence-users] autoreg with vlan filter not working let's try with regex but user_name instead of username. Fabrice Le 2016-03-03 08:19, Morris, Andi a écrit : Hi Fabrice, No luck there sorry. I changed that, restarted packetfence, packetfence-config and also performed a configreload hard but I still see the following in the packetfence.log: Mar 03 13:17:18 httpd.aaa(8299) INFO: [mac:30:10:b3:13:be:37] handling radius autz request: from switch_ip => (192.168.142.13), connection_type => Wireless-802.11-EAP,switch_mac => (00:3a:98:d0:1e:c0), mac => [30:10:b3:13:be:37], port => 13, username => "testu...@cardiffmet.ac.uk" <mailto:testu...@cardiffmet.ac.uk>, ssid => eduroam_dev (pf::radius::authorize) Mar 03 13:17:18 httpd.aaa(8299) INFO: [mac:30:10:b3:13:be:37] is of status unreg; belongs into registration VLAN (pf::role::getRegistrationRole) Mar 03 13:17:18 httpd.aaa(8299) INFO: [mac:30:10:b3:13:be:37] (192.168.142.13) Added VLAN 60 to the returned RADIUS reply (pf::Switch::returnRadiusAccessAccept) Mar 03 13:17:18 httpd.aaa(8299) INFO: [mac:30:10:b3:13:be:37] (192.168.142.13) Returning ACCEPT with VLAN 60 (pf::Switch::returnRadiusAccessAccept) Cheers, Andi *From:*Durand fabrice [mailto:fdur...@inverse.ca] *Sent:* 03 March 2016 12:29 *To:* packetfence-users@lists.sourceforge.net <mailto:packetfence-users@lists.sourceforge.net> *Subject:* Re: [PacketFence-users] autoreg with vlan filter not working Hi Andi, replace match by regex. Regards Fabrice Le 2016-03-03 06:43, Morris, Andi a écrit : Hi, Running version 5.7.0 on CentOS. I’m trying to get autoreg working through vlan_filters like I have on my 5.0.1 production install but it doesn’t seem to be taking effect and new devices are being sent into the registration network after a radius access-accept message. My vlan filter is as below, which is directly lifted from my 5.0.1 config. Has anything changed with vlan filters? I’ve tried switching ‘match’ for ‘regex’ as I’ve seen that mentioned in the documentation and on this list. The only major different in my config on the newer version is that I’m using the built-in domain/realm config in the GUI, which I didn’t do on my 5.0.1 install. I’m not sure if that has a bearing as I’m trying to filter on th
Re: [PacketFence-users] pfsetvlan service error
Thank you for the report. This is indeed a bug. Thankfully it is an easy bug fix. You can apply the patch by doing the following. cd /usr/local/pf curl https://github.com/inverse-inc/packetfence/commit/a154c1762b509dd48030e81b39a1ee046edb1b60.diff | patch -p1 Let me know if you have issues. James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-04-27 12:42 PM, Pedro Ventura wrote: Hi, Using Packetfence 6.0.0.0. I need to use port-security so I started the pfsetvlan and the snmptrapd services. The pfsetvlan stops with following errors in packetfence.log: Apr 27 17:26:10 pfcmd.pl(7298) INFO: Instantiate profile default (pf::Portal::ProfileFactory::_from_profile) Apr 27 17:26:22 pfsetvlan(7304) FATAL: Can't locate object method "preload_chi_drivers" via package "main" at /usr/local/pf/sbin/pfsetvlan line 57. (main::) Apr 27 17:26:22 pfsetvlan(7304) FATAL: Can't call method "info" on an undefined value at /usr/local/pf/sbin/pfsetvlan line 2109. END failed--call queue aborted at /usr/local/pf/sbin/pfsetvlan line 57. (main::) Apr 27 17:26:23 pfcmd.pl(7298) INFO: Daemon pfsetvlan took 4.675 seconds to start. (pf::services::manager::launchService) snmptrapd is working fine. Please help, Thank you *Pedro Ventura** *Systems Administrator Mob: +351 918 848 438| Tel: +351 223 776 556 cid:283AEC45-8124-4D98-8E3D-50A4F9C5F919 SYMINGTON FAMILY ESTATES Travessa Barão de Forrester, 86| Apartado 26 | 4431-901 Vila Nova de Gaia|Portugal emailsyming...@symington.com <mailto:syming...@symington.com>| Tel+351 223 776 300 |Fax+351 223 776 301 BRANDSGraham’s <http://www.grahams-port.com/>|*//*Cockburn's 200 YEARS · 1815-2015 <http://www.cockburns.com/>|Warre’s <http://www.warre.com/>|Dow’s <http://www.dows-port.com/>|Quinta do Vesuvio <http://www.quintadovesuvio.com/>|Altano <http://www.altano.pt/> SOCIAL MEDIASymington <http://www.symington.com/>|Vintage Port <http://www.thevintageportsite.com/> |Graham’s Blog <http://blog.grahams-port.com/#newWindow>| Graham’s Facebook <https://www.facebook.com/grahams.port.wine>|Cockburn’s Facebook <https://www.facebook.com/grahams.port.wine>|Altano Facebook <https://www.facebook.com/grahams.port.wine> MEMBER OFPrimum Familiae Vini <http://www.pfv.org/en/> -- Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] inplace upgrade from pf 5.7 to 6.0 failing
Hi Will, The quick solution. mv /usr/local/pf/lib/pf/services/manager/radsniff3.pm /usr/local/pf/lib/pf/services/manager/radsniff3.pm.old I have a question. When you started the upgrade process was PacketFence running? This could be the reason why this happened. James James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-04-26 4:08 AM, Will Halsall wrote: Hi James, Radsniff3.pm is on pf 5.7 when the upgrade starts but is removed by the upgrade process, I have not changed anything to do with radius as I run a vanilla version of packetfence making most of the changes via the web interface. The box started life as Packetfence ZEN 5.3 and has been upgraded as new releases come out in accordance with the upgrade docs Any thoughts on getting round this problem would be much appreciated WillH *From:*James Rouzier [mailto:jrouz...@inverse.ca] *Sent:* Monday, April 25, 2016 10:28 PM *To:* packetfence-users@lists.sourceforge.net *Subject:* Re: [PacketFence-users] inplace upgrade from pf 5.7 to 6.0 failing Were there any modifications on /usr/local/pf/lib/pf/services/manager/radsniff3.pm? I ask because the module /usr/local/pf/lib/pf/services/manager/radsniff3.pm was renamed to /usr/local/pf/lib/pf/services/manager/radsniff.pm. So there should be no /usr/local/pf/lib/pf/services/manager/radsniff3.pm on your install. However if there were modifications on that file an rpm upgrade will not remove it. James Rouzier jrouz...@inverse.ca <mailto:jrouz...@inverse.ca> :: +1.514.447.4918 (x115) ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-04-25 4:42 PM, Will Halsall wrote: Hi Folks, Having a problem upgrading to PF 6 cannot start httpd.admin as follows: Starting pfconfig: -- Preloading FilterEngine::DNS_Scopes Preloading FilterEngine::DhcpScopes Preloading FilterEngine::Profile Preloading FilterEngine::RadiusScopes Preloading FilterEngine::Violation Preloading FilterEngine::VlanScopes Preloading config::AdminRoles Preloading config::ApacheFilters Preloading config::Authentication Preloading config::BillingTiers Preloading config::Cluster Preloading config::DNS_Filters Preloading config::DhcpFilters Preloading config::Documentation Preloading config::Domain Preloading config::Firewall_SSO Preloading config::FloatingDevices Preloading config::Network Preloading config::PKI_Provider Preloading config::Pf Preloading config::PfDefault Preloading config::Pfdetect Preloading config::Pfqueue Preloading config::PortalModules Preloading config::Profiles Preloading config::Provisioning Preloading config::RadiusFilters Preloading config::Realm Preloading config::Scan Preloading config::Switch Preloading config::Violations Preloading config::VlanFilters Preloading config::Wmi Preloading interfaces Preloading interfaces::dhcplistener_ints Preloading interfaces::ha_ints Preloading interfaces::inline_enforcement_nets Preloading interfaces::inline_nets Preloading interfaces::internal_nets Preloading interfaces::listen_ints Preloading interfaces::management_network Preloading interfaces::monitor_int Preloading interfaces::portal_ints Preloading interfaces::routed_isolation_nets Preloading interfaces::routed_registration_nets Preloading interfaces::vlan_enforcement_nets Preloading resource::CaptivePortal Preloading resource::Database Preloading resource::SwitchTypesConfigured Preloading resource::URI_Filters Preloading resource::accounting_triggers Preloading resource::array_test Preloading resource::authentication_config_hash Preloading resource::authentication_lookup Preloading resource::authentication_sources Preloading resource::bandwidth_expired_violations Preloading resource::cluster_hosts Preloading resource::cluster_servers Preloading resource::default_switch Preloading resource::domain_dns_servers Preloading resource::fqdn Preloading resource::guest_self_registration Preloading resource::reverse_fqdn Preloading resource::stats_levels Preloading resource::switches_ranges Preloading resource::trapping_range -- [ OK ] Starting httpd.adminCouldn't require pf::services::manager::radsniff3 : Global symbol "$install_dir" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 33. Global symbol "$install_dir" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsnif
Re: [PacketFence-users] inplace upgrade from pf 5.7 to 6.0 failing
Were there any modifications on /usr/local/pf/lib/pf/services/manager/radsniff3.pm? I ask because the module /usr/local/pf/lib/pf/services/manager/radsniff3.pm was renamed to /usr/local/pf/lib/pf/services/manager/radsniff.pm. So there should be no /usr/local/pf/lib/pf/services/manager/radsniff3.pm on your install. However if there were modifications on that file an rpm upgrade will not remove it. James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-04-25 4:42 PM, Will Halsall wrote: Hi Folks, Having a problem upgrading to PF 6 cannot start httpd.admin as follows: Starting pfconfig: -- Preloading FilterEngine::DNS_Scopes Preloading FilterEngine::DhcpScopes Preloading FilterEngine::Profile Preloading FilterEngine::RadiusScopes Preloading FilterEngine::Violation Preloading FilterEngine::VlanScopes Preloading config::AdminRoles Preloading config::ApacheFilters Preloading config::Authentication Preloading config::BillingTiers Preloading config::Cluster Preloading config::DNS_Filters Preloading config::DhcpFilters Preloading config::Documentation Preloading config::Domain Preloading config::Firewall_SSO Preloading config::FloatingDevices Preloading config::Network Preloading config::PKI_Provider Preloading config::Pf Preloading config::PfDefault Preloading config::Pfdetect Preloading config::Pfqueue Preloading config::PortalModules Preloading config::Profiles Preloading config::Provisioning Preloading config::RadiusFilters Preloading config::Realm Preloading config::Scan Preloading config::Switch Preloading config::Violations Preloading config::VlanFilters Preloading config::Wmi Preloading interfaces Preloading interfaces::dhcplistener_ints Preloading interfaces::ha_ints Preloading interfaces::inline_enforcement_nets Preloading interfaces::inline_nets Preloading interfaces::internal_nets Preloading interfaces::listen_ints Preloading interfaces::management_network Preloading interfaces::monitor_int Preloading interfaces::portal_ints Preloading interfaces::routed_isolation_nets Preloading interfaces::routed_registration_nets Preloading interfaces::vlan_enforcement_nets Preloading resource::CaptivePortal Preloading resource::Database Preloading resource::SwitchTypesConfigured Preloading resource::URI_Filters Preloading resource::accounting_triggers Preloading resource::array_test Preloading resource::authentication_config_hash Preloading resource::authentication_lookup Preloading resource::authentication_sources Preloading resource::bandwidth_expired_violations Preloading resource::cluster_hosts Preloading resource::cluster_servers Preloading resource::default_switch Preloading resource::domain_dns_servers Preloading resource::fqdn Preloading resource::guest_self_registration Preloading resource::reverse_fqdn Preloading resource::stats_levels Preloading resource::switches_ranges Preloading resource::trapping_range -- [ OK ] Starting httpd.adminCouldn't require pf::services::manager::radsniff3 : Global symbol "$install_dir" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 33. Global symbol "$install_dir" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 33. Global symbol "$install_dir" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 33. Global symbol "$install_dir" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 33. Global symbol "$install_dir" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 36. Global symbol "$install_dir" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 36. Global symbol "$install_dir" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 36. Global symbol "$install_dir" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 36. Global symbol "$management_network" requires explicit package name at /usr/local/pf/lib/pf/services/manager/radsniff3.pm line 36. Compilation failed in require at (eval 1645) line 3. at /usr/share/perl5/vendor_perl/Module/Pluggable.pm line 28 module pf::cmd::pf::service cannot be loaded Can't locate object method "name" via package "pf::services::manager::radsniff3" at /usr/local/pf/lib/pf/services.pm line 39. Compilation failed in require at /usr/local/pf/lib/pf/cmd/pf/service.pm line 73. BEGIN failed--compilation aborted at /usr/local/pf/lib/pf/cmd/pf/service.pm line 73. Compilation failed in require at /usr/share/perl5/Module/Load.pm line 27
Re: [PacketFence-users] Insecure dependency in kill while running with -T switch at /usr/local/pf/lib/pf/services/manager.pm line 544.
This seems to be a bug with our service manager and p0f being out of sync. First kill the stale pidfile * rm -f /usr/local/pf/var/run/p0f.pid Make sure there no other p0f instance running. killall p0f Then restart PacketFence. I will create an issue in git on this issue. James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-04-04 3:06 PM, Tobias Friede wrote: Hi, since today (after installing snort and doing a reboot) I get this error message and can't start PF anymore. In the packetfence.log I see the following message: Apr 04 21:00:47 pfcmd.pl <http://pfcmd.pl>(2299) INFO: pidof -x p0f returned 15877 15861 (pf::services::manager::pidFromFile) Apr 04 21:00:47 pfcmd.pl <http://pfcmd.pl>(2299) INFO: verifying process 15877 15861 (pf::services::manager::removeStalePid) Apr 04 21:00:47 pfcmd.pl <http://pfcmd.pl>(2299) INFO: pidof -x p0f returned 15877 15861 (pf::services::manager::pidFromFile) Apr 04 21:00:47 pfcmd.pl <http://pfcmd.pl>(2299) FATAL: Insecure dependency in kill while running with -T switch at /usr/local/pf/lib/pf/services/manager.pm <http://manager.pm> line 544. (pf::services::manager::isAlive) I tried to kill these PIDs but they doesn't exist :( Greetings Tobias -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Installing with separate database server
It seems that you have multiple p0f services running. Kill them manually for now and try to restart. Let me know if that helps James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-02-26 9:58 AM, Morris, Andi wrote: > Hi James, > Yes, thanks, I've done that. Apologies my last email was terribly formatted > somehow. > > I still cannot start the services due to this kill error. I may just rebuild > the server and see if I can work out exactly when this starts to happen. > > Cheers, > Andi > > -----Original Message- > From: James Rouzier [mailto:jrouz...@inverse.ca] > Sent: 26 February 2016 14:57 > To: packetfence-users@lists.sourceforge.net > Subject: Re: [PacketFence-users] Installing with separate database server > > You would also need to update the database configuration in conf/pfconfig.conf > > James Rouzier > jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence > (http://www.packetfence.org) > > On 2016-02-26 7:13 AM, Morris, Andi wrote: >> Thanks for your help Fabrice, >> >> OK, so this isn't working as it supposedly should. >> >> I've setup the schema and granted the priveleges on the db server. >> After running through the configuration wizard on the main server I >> did a mysqldump and then imported that to the db server I can access >> the remote database by using mysql -u pf -p -h pf When >> connected to the database I can run show tables and see the pf tables >> >> In pf.conf I've changed the hostname to reflect the remote server ip >> >> When trying to start the packetfence and packetfence-config services I could >> see that there was a L2 connection error to the database. Packetfence.log >> pointed me to the fact the packetfence-config was still pointing to the >> localhost (where the mysqld service was stopped). >> >> I added the host to pfconfig.conf and the packetfence-config service now >> starts. >> >> However, the packetfence services do not. When trying to start these I see: >> Insecure dependency in kill while running with -T switch at >> /usr/local/pf/lib/pf/services/manager.pm line 544. >> >> Packetfence.log shows: >> Feb 26 11:59:24 pfcmd.pl(1357) INFO: pidof -x iptables returned -1 >> (pf::services::manager::pidFromFile) >> Feb 26 11:59:24 pfcmd.pl(1357) INFO: verifying process -1 >> (pf::services::manager::removeStalePid) >> Feb 26 11:59:24 pfcmd.pl(1357) INFO: pidof -x iptables returned -1 >> (pf::services::manager::pidFromFile) >> Feb 26 11:59:24 pfcmd.pl(1391) INFO: pidof -x collectd returned 1966 >> (pf::services::manager::pidFromFile) >> Feb 26 11:59:24 pfcmd.pl(1357) WARN: Problem trying to run command: >> iptables -S | grep input-management-if called from >> manager::iptables::isAlive. Child exited with non-zero value 1 >> (pf::util::pf_run) Feb 26 11:59:24 pfcmd.pl(1391) INFO: verifying >> process 1966 (pf::services::manager::removeStalePid) >> Feb 26 11:59:24 pfcmd.pl(1357) INFO: removing stale pid file >> /usr/local/pf/var/run/iptables.pid >> (pf::services::manager::removeStalePid) >> Feb 26 11:59:24 pfcmd.pl(1391) INFO: pidof -x collectd returned 1966 >> (pf::services::manager::pidFromFile) >> Feb 26 11:59:24 pfcmd.pl(1391) INFO: removing stale pid file >> /usr/local/pf/var/run/collectd.pid >> (pf::services::manager::removeStalePid) >> Feb 26 11:59:24 pfcmd.pl(1357) INFO: pidof -x pfqueue returned 1823 >> (pf::services::manager::pidFromFile) >> Feb 26 11:59:24 pfcmd.pl(1357) INFO: verifying process 1823 >> (pf::services::manager::removeStalePid) >> Feb 26 11:59:24 pfcmd.pl(1357) INFO: pidof -x pfqueue returned 1823 >> (pf::services::manager::pidFromFile) >> Feb 26 11:59:24 pfcmd.pl(1357) INFO: removing stale pid file >> /usr/local/pf/var/run/pfqueue.pid >> (pf::services::manager::removeStalePid) >> Feb 26 11:59:24 pfcmd.pl(1357) INFO: pidof -x pfdhcplistener_eth1 >> returned 1857 (pf::services::manager::pidFromFile) >> Feb 26 11:59:24 pfcmd.pl(1357) INFO: verifying process 1857 >> (pf::services::manager::removeStalePid) >> Feb 26 11:59:24 pfcmd.pl(1357) INFO: pidof -x pfdhcplistener_eth1 >> returned 1857 (pf::services::manager::pidFromFile) >> Feb 26 11:59:24 pfcmd.pl(1357) INFO: removing stale pid file >> /usr/local/pf/var/run/pfdhcplistener_eth1.pid >> (pf::services::manager::removeStalePid) >> Feb 26 11:59:24 pfcmd.pl(1357) INFO: pidof -x pfdhcplistener_
Re: [PacketFence-users] Installing with separate database server
You would also need to update the database configuration in conf/pfconfig.conf James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-02-26 7:13 AM, Morris, Andi wrote: > Thanks for your help Fabrice, > > OK, so this isn't working as it supposedly should. > > I've setup the schema and granted the priveleges on the db server. > After running through the configuration wizard on the main server I did a > mysqldump and then imported that to the db server > I can access the remote database by using mysql -u pf -p -h pf > When connected to the database I can run show tables and see the pf tables > > In pf.conf I've changed the hostname to reflect the remote server ip > > When trying to start the packetfence and packetfence-config services I could > see that there was a L2 connection error to the database. Packetfence.log > pointed me to the fact the packetfence-config was still pointing to the > localhost (where the mysqld service was stopped). > > I added the host to pfconfig.conf and the packetfence-config service now > starts. > > However, the packetfence services do not. When trying to start these I see: > Insecure dependency in kill while running with -T switch at > /usr/local/pf/lib/pf/services/manager.pm line 544. > > Packetfence.log shows: > Feb 26 11:59:24 pfcmd.pl(1357) INFO: pidof -x iptables returned -1 > (pf::services::manager::pidFromFile) > Feb 26 11:59:24 pfcmd.pl(1357) INFO: verifying process -1 > (pf::services::manager::removeStalePid) > Feb 26 11:59:24 pfcmd.pl(1357) INFO: pidof -x iptables returned -1 > (pf::services::manager::pidFromFile) > Feb 26 11:59:24 pfcmd.pl(1391) INFO: pidof -x collectd returned 1966 > (pf::services::manager::pidFromFile) > Feb 26 11:59:24 pfcmd.pl(1357) WARN: Problem trying to run command: iptables > -S | grep input-management-if called from manager::iptables::isAlive. Child > exited with non-zero value 1 (pf::util::pf_run) > Feb 26 11:59:24 pfcmd.pl(1391) INFO: verifying process 1966 > (pf::services::manager::removeStalePid) > Feb 26 11:59:24 pfcmd.pl(1357) INFO: removing stale pid file > /usr/local/pf/var/run/iptables.pid (pf::services::manager::removeStalePid) > Feb 26 11:59:24 pfcmd.pl(1391) INFO: pidof -x collectd returned 1966 > (pf::services::manager::pidFromFile) > Feb 26 11:59:24 pfcmd.pl(1391) INFO: removing stale pid file > /usr/local/pf/var/run/collectd.pid (pf::services::manager::removeStalePid) > Feb 26 11:59:24 pfcmd.pl(1357) INFO: pidof -x pfqueue returned 1823 > (pf::services::manager::pidFromFile) > Feb 26 11:59:24 pfcmd.pl(1357) INFO: verifying process 1823 > (pf::services::manager::removeStalePid) > Feb 26 11:59:24 pfcmd.pl(1357) INFO: pidof -x pfqueue returned 1823 > (pf::services::manager::pidFromFile) > Feb 26 11:59:24 pfcmd.pl(1357) INFO: removing stale pid file > /usr/local/pf/var/run/pfqueue.pid (pf::services::manager::removeStalePid) > Feb 26 11:59:24 pfcmd.pl(1357) INFO: pidof -x pfdhcplistener_eth1 returned > 1857 (pf::services::manager::pidFromFile) > Feb 26 11:59:24 pfcmd.pl(1357) INFO: verifying process 1857 > (pf::services::manager::removeStalePid) > Feb 26 11:59:24 pfcmd.pl(1357) INFO: pidof -x pfdhcplistener_eth1 returned > 1857 (pf::services::manager::pidFromFile) > Feb 26 11:59:24 pfcmd.pl(1357) INFO: removing stale pid file > /usr/local/pf/var/run/pfdhcplistener_eth1.pid > (pf::services::manager::removeStalePid) > Feb 26 11:59:24 pfcmd.pl(1357) INFO: pidof -x pfdhcplistener_eth2 returned > 1871 (pf::services::manager::pidFromFile) > Feb 26 11:59:24 pfcmd.pl(1357) INFO: verifying process 1871 > (pf::services::manager::removeStalePid) > Feb 26 11:59:24 pfcmd.pl(1357) INFO: pidof -x pfdhcplistener_eth2 returned > 1871 (pf::services::manager::pidFromFile) > Feb 26 11:59:24 pfcmd.pl(1357) INFO: removing stale pid file > /usr/local/pf/var/run/pfdhcplistener_eth2.pid > (pf::services::manager::removeStalePid) > Feb 26 11:59:24 pfcmd.pl(1391) INFO: pidof -x dhcpd returned 1879 > (pf::services::manager::pidFromFile) > Feb 26 11:59:24 pfcmd.pl(1391) INFO: verifying process 1879 > (pf::services::manager::removeStalePid) > Feb 26 11:59:24 pfcmd.pl(1391) INFO: pidof -x dhcpd returned 1879 > (pf::services::manager::pidFromFile) > Feb 26 11:59:24 pfcmd.pl(1391) INFO: removing stale pid file > /usr/local/pf/var/run/dhcpd.pid (pf::services::manager::removeStalePid) > Feb 26 11:59:24 pfcmd.pl(1357) INFO: pidof -x pfdhcplistener_eth0 returned > 1875 (pf::services::manager::pidFromFile) > Feb 26 11:59:24 pfcmd.pl(1357) INFO: verifying process 1875 > (pf::services::manager::removeStalePid) > Feb 26 11:59:24 pfcmd.pl(1357) INF
Re: [PacketFence-users] Perl Compilation errors when starting PF 5.6 in Debian Wheezy
Can you try the following patch https://github.com/inverse-inc/packetfence/commit/4c37dcea325f162a5589a4dda04be2efa52ad122.diff Let me know if it helps James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-01-19 12:59 PM, Carlos Alonso wrote: > Hello All, > > > I have upgraded PF from version 4.7 to 5.6 in Debian Wheezy. > I have also upgraded the database schema as recommended and many conf files. > When I start PF services, I get some warnings and compilation errors > Some services don't start and I have to init them one by one in the web > admin (Status->services) > > After that everything seems to work (it is quite slow though when i > search a node) > > This is what I get in packetfence.log: > > Couldn't require pf::services::manager::httpd_aaa : has '+name' given > but no name attribute already exists at > /usr/share/perl5/Method/Generate/Constructor.pm line 15. > Compilation failed in require at (eval 2329) line 2. >at /usr/share/perl/5.14/Module/Pluggable.pm line 28. > Couldn't require pf::services::manager::httpd_admin : has '+name' given > but no name attribute already exists at > /usr/share/perl5/Method/Generate/Constructor.pm line 15. > Compilation failed in require at (eval 2339) line 2. >at /usr/share/perl/5.14/Module/Pluggable.pm line 28. > Couldn't require pf::services::manager::httpd_proxy : has '+name' given > but no name attribute already exists at > /usr/share/perl5/Method/Generate/Constructor.pm line 15. > Compilation failed in require at (eval 2359) line 2. >at /usr/share/perl/5.14/Module/Pluggable.pm line 28. > Couldn't require pf::services::manager::httpd_portal : has '+name' given > but no name attribute already exists at > /usr/share/perl5/Method/Generate/Constructor.pm line 15. > Compilation failed in require at (eval 2363) line 2. >at /usr/share/perl/5.14/Module/Pluggable.pm line 28. > Couldn't require pf::services::manager::httpd_graphite : has '+name' > given but no name attribute already exists at > /usr/share/perl5/Method/Generate/Constructor.pm line 15. > Compilation failed in require at (eval 2404) line 2. >at /usr/share/perl/5.14/Module/Pluggable.pm line 28. > Couldn't require pf::services::manager::httpd_webservices : has '+name' > given but no name attribute already exists at > /usr/share/perl5/Method/Generate/Constructor.pm line 15. > Compilation failed in require at (eval 2420) line 2. >at /usr/share/perl/5.14/Module/Pluggable.pm line 28. > Couldn't require pf::api::local : Can't locate object method "name" via > package "pf::services::manager::httpd_portal" at > /usr/local/pf/lib/pf/services.pm line 39. > Compilation failed in require at /usr/local/pf/lib/pf/clustermgmt.pm > line 38. > BEGIN failed--compilation aborted at /usr/local/pf/lib/pf/clustermgmt.pm > line 38. > Compilation failed in require at /usr/local/pf/lib/pf/dhcp/processor.pm > line 22. > BEGIN failed--compilation aborted at > /usr/local/pf/lib/pf/dhcp/processor.pm line 22. > Compilation failed in require at /usr/local/pf/lib/pf/api.pm line 59. > BEGIN failed--compilation aborted at /usr/local/pf/lib/pf/api.pm line 59. > Compilation failed in require at /usr/local/pf/lib/pf/api/local.pm line 18. > BEGIN failed--compilation aborted at /usr/local/pf/lib/pf/api/local.pm > line 18. > Compilation failed in require at (eval 1952) line 2. >at /usr/share/perl/5.14/Module/Pluggable.pm line 28. > Couldn't require pf::api::can_fork : Attempt to reload pf/api.pm aborted. > Compilation failed in require at /usr/local/pf/lib/pf/api/can_fork.pm > line 19. > BEGIN failed--compilation aborted at > /usr/local/pf/lib/pf/api/can_fork.pm line 19. > Compilation failed in require at (eval 2514) line 2. >at /usr/share/perl/5.14/Module/Pluggable.pm line 28. > > Any tips? > > Thank you > > Carlos Alonso > > > > -- > Site24x7 APM Insight: Get Deep Visibility into Application Performance > APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month > Monitor end-to-end web transactions and take corrective actions now > Troubleshoot faster and improve end-user experience. Signup Now! > http://pubads.g.doubleclick.net/gampad/clk?id=267308311=/4140 > ___ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Site24x7 APM Insight: Get Deep Visibility in
Re: [PacketFence-users] Httpd.portal won't start
Check to see if there is anything in /usr/local/pf/packetfence.log James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2016-01-14 12:07 PM, Sullivan QUENOY wrote: > Hello, > > I need your help. The httpd.portal service won't start after configuration > steps. > > I don't find an explicit log file in /usr/local/pf/logs/ which can help me to > find the error. > > Thx. > > -- > Site24x7 APM Insight: Get Deep Visibility into Application Performance > APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month > Monitor end-to-end web transactions and take corrective actions now > Troubleshoot faster and improve end-user experience. Signup Now! > http://pubads.g.doubleclick.net/gampad/clk?id=267308311=/4140 > ___ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=267308311=/4140 ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] SNMP daemon processes not starting
Boris, Under Configuration Services Have you enabled snmptrapd and pfsetvlan? James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-07-26 3:58 PM, Boris Epstein wrote: Hello all, Why would SNMP daemon processes (snmptrapd I believe) not start? I have a switch configured to authenticate using SNMP so logically it should start - but it doesn't, not even after a PF restart or a server reboot. Any help will be appreciated. Cheers, Boris. -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Webservices API
This would be better posted on the pf-devel list. James Rouzier jrouz...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-07-22 7:04 PM, Andy A wrote: Can someone from inverse comment on this please? Or should I post the message in pf-devel list? Thank you. From: andthereitg...@hotmail.com To: packetfence-users@lists.sourceforge.net Date: Thu, 16 Jul 2015 13:17:53 + Subject: Re: [PacketFence-users] Webservices API I am using the following curl request curl -H Content-Type: application/x-www-form-urlencoded —data-urlencode '{ destination_url:http://www.cnn.com,by_email:Sign Up, firstname:testcurl,lastname:curluser,email:testcurl@sample_domain.com,aup_signed:on}' https://guest.sample_domain.com/signup?mode=guest-register I get the following error in the response. Caught exception in captiveportal::Controller::Signup-validateMandatoryFields Can't use an undefined value as an ARRAY reference at /usr/local/pf/html/captive-portal/lib/captiveportal/PacketFence/Controller/Signup.pm line 589. Thanks. From: andthereitg...@hotmail.com To: packetfence-users@lists.sourceforge.net Date: Thu, 16 Jul 2015 11:59:06 + Subject: Re: [PacketFence-users] Webservices API Okay. Thanks. I have looked two subs inside web.pm that I believe are used for register and login web_user_authenticate web_node_register Is that correct? It would be great if you could paste the JSON for me if you have it. Thanks. From: tim.den...@mcc.edu Date: Wed, 15 Jul 2015 10:41:06 -0400 To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Webservices API Yes. I don't have the exact JSON command in front of me right now. Look in web.pm http://web.pm I think. Sent from my iPhone On Jul 15, 2015, at 7:26 AM, Andy A andthereitg...@hotmail.com mailto:andthereitg...@hotmail.com wrote: Is it possible to register / unregister using the webservices API and not the portal? From: andthereitg...@hotmail.com mailto:andthereitg...@hotmail.com To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Date: Tue, 14 Jul 2015 14:02:48 + Subject: [PacketFence-users] Webservices API What methods are exposed via the API? Where can I read up about it? -- Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/ ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net mailto:PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/ ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net mailto:PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/ ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/ ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo
Re: [PacketFence-users] Caching for Captive Portal
Andy, There is one more thing you could do is have the template precompiled in a cache Here is how you can set it up cat EOF /usr/local/pf/html/captive-portal/captiveportal.conf name captiveportal View::HTML COMPILE_DIR /usr/local/pf/var/captiveportal/cached_templates /View::HTML EOF Then restart the captive portal /usr/local/pf/bin/pfcmd service httpd.portal restart James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-06-18 9:41 AM, Andy A wrote: Okay great. Thanks for the reply. I have done the following. I have changed the following line to track the 'serving' time for a page. LogFormat %h %l %u %t \%r\ %s %b \%{Referer}i\ \%{User-Agent}i\ **%T/%D** combined (added %T/%D) For number of processes for httpd: With a single device, after the pfdhcplistener is done, for the first ever request to the captive portal, I saw 10 httpd processes. But for all the subsequent requests, the number of processes were between 3-4. This was for a single device on the VLAN. I also couldn't find the 'worker' module configuration anywhere. So I think httpd is running with default configuration as far as threads, processes, connections etc. I think, I should be adding the following sample configuration somewhere, can you tell me here would this go? ServerLimit 16 StartServers 2 MaxClients 200 MinSpareThreads 25 MaxSpareThreads 75 ThreadsPerChild 25 I have turned on the slow query log in mysql and no queries have showed up so far, been running for past 3 hours. Anything else that I can look at? From: lmu...@inverse.ca Date: Tue, 16 Jun 2015 13:49:42 -0400 To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Caching for Captive Portal On Jun 16, 2015, at 9:35 , Andy A andthereitg...@hotmail.com mailto:andthereitg...@hotmail.com wrote: Hello What's the best way to speed-up the serving of captive portal pages to reduce latency? Currently the latency of each page is quite high in 7-8 seconds bracket. Hi Andy, Before anything you really need to know where the bottleneck is. E.g. Improvements to the webserver (for instance) will not help if the database is at fault. Try to see if the httpd is hitting the maximum number of processes it can handle concurrently for a start. You may be swamped by what we colloquially call “parked devices”, i.e. devices that constantly query the portal even though no one is actually going to register (mostly phones). Or you may have a single device that is trying to open hundreds of connections to the portal. If that’s not the case, try to see how long it takes to serve each query. Apache can log the time per requests. Enable the slow query log in mysql. Etc. Your question unfortunately does not lend itself to a simple answer. Each server is unhappy in it’s own way. Regards, -- Louis Munro lmu...@inverse.ca mailto:lmu...@inverse.ca :: www.inverse.ca http://www.inverse.ca +1.514.447.4918 x125 :: +1 (866) 353-6153 x125 Inverse inc. :: Leaders behind SOGo (www.sogo.nu http://www.sogo.nu) and PacketFence (www.packetfence.org http://www.packetfence.org) -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Caching for Captive Portal
Yes PF will pre-compile the templates on demand. Also if you change the content of the template it will get recompiled. Ignore the original configuration file was missed spelled if you notice it has an underscore. Since it was never used no never noticed. The proper path is /usr/local/pf/html/captive-portal/captiveportal.conf (without the underscore) James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-06-18 12:46 PM, Andy A wrote: Thanks. Will PF automatically pre-compile the cache if I add the following to captiveportal.conf? View::HTML COMPILE_DIR /usr/local/pf/var/captiveportal/cached_templates /View::HTML I currently have the default configuration for captiveportal.conf # rename this file to captiveportal.yml and put a ':' after 'name' if # you want to use YAML like in old versions of Catalyst name captiveportal Hooks Root maxRegNodesReached override Status index /maxRegNodesReached /Root /Hooks Date: Thu, 18 Jun 2015 10:42:28 -0400 From: jrouz...@inverse.ca To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Caching for Captive Portal Andy, There is one more thing you could do is have the template precompiled in a cache Here is how you can set it up cat EOF /usr/local/pf/html/captive-portal/captiveportal.conf name captiveportal View::HTML COMPILE_DIR /usr/local/pf/var/captiveportal/cached_templates /View::HTML EOF Then restart the captive portal /usr/local/pf/bin/pfcmd service httpd.portal restart James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca :: +1.514.755.3630 ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-06-18 9:41 AM, Andy A wrote: Okay great. Thanks for the reply. I have done the following. I have changed the following line to track the 'serving' time for a page. LogFormat %h %l %u %t \%r\ %s %b \%{Referer}i\ \%{User-Agent}i\ **%T/%D** combined (added %T/%D) For number of processes for httpd: With a single device, after the pfdhcplistener is done, for the first ever request to the captive portal, I saw 10 httpd processes. But for all the subsequent requests, the number of processes were between 3-4. This was for a single device on the VLAN. I also couldn't find the 'worker' module configuration anywhere. So I think httpd is running with default configuration as far as threads, processes, connections etc. I think, I should be adding the following sample configuration somewhere, can you tell me here would this go? ServerLimit 16 StartServers 2 MaxClients 200 MinSpareThreads 25 MaxSpareThreads 75 ThreadsPerChild 25 I have turned on the slow query log in mysql and no queries have showed up so far, been running for past 3 hours. Anything else that I can look at? From: lmu...@inverse.ca mailto:lmu...@inverse.ca Date: Tue, 16 Jun 2015 13:49:42 -0400 To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Caching for Captive Portal On Jun 16, 2015, at 9:35 , Andy A andthereitg...@hotmail.com mailto:andthereitg...@hotmail.com wrote: Hello What's the best way to speed-up the serving of captive portal pages to reduce latency? Currently the latency of each page is quite high in 7-8 seconds bracket. Hi Andy, Before anything you really need to know where the bottleneck is. E.g. Improvements to the webserver (for instance) will not help if the database is at fault. Try to see if the httpd is hitting the maximum number of processes it can handle concurrently for a start. You may be swamped by what we colloquially call “parked devices”, i.e. devices that constantly query the portal even though no one is actually going to register (mostly phones). Or you may have a single device that is trying to open hundreds of connections to the portal. If that’s not the case, try to see how long it takes to serve each query. Apache can log the time per requests. Enable the slow query log in mysql. Etc. Your question unfortunately does not lend itself to a simple answer. Each server is unhappy in it’s own way. Regards, -- Louis Munro lmu...@inverse.ca mailto:lmu...@inverse.ca :: www.inverse.ca http://www.inverse.ca +1.514.447.4918 x125 :: +1 (866) 353-6153 x125 Inverse inc. :: Leaders behind SOGo (www.sogo.nu http://www.sogo.nu) and PacketFence (www.packetfence.org http://www.packetfence.org
Re: [PacketFence-users] PERL modules requirements
Good catch Fabrice James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-06-12 10:00 PM, Durand fabrice wrote: Maybe just a detail but before do a: rpm -Uvh http://inverse.ca/downloads/PacketFence/RHEL6/x86_64/RPMS/packetfence-release-1-2.centos6.noarch.rpm Le 2015-06-12 21:51, James Rouzier a écrit : Then you can do the following. yum install yum-utils sh addons/dev-helpers/centos-chroot/install-packages-from-spec.sh This will install all the packages from the spec except packetfence James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-06-12 5:56 PM, Boris Epstein wrote: Thanks James! Yes, I am. Centos 6 Boris. On Fri, Jun 12, 2015 at 5:23 PM, James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca wrote: Are you using Centos? James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca ::+1.514.755.3630 tel:%2B1.514.755.3630 ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-06-12 5:09 PM, Boris Epstein wrote: Hello listmates, Is there a list of packages I need to install for the PF to run? I have been installing the modules one-by-one as demanded by pfcmd, etc.If there is a complete list anywhere that would be helpful. Thanks. Boris. -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net mailto:PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net mailto:PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] pfsetvlan ERROR
Apply the following patch on top of the previous one. https://github.com/inverse-inc/packetfence/commit/10edc098f9f9c6360ca322c9a17571b24dbe5a11.diff James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-06-14 5:08 PM, Hugo Rodenburg wrote: Hi Fabrice, Thanks for the quick response! let's try that: https://github.com/inverse-inc/packetfence/commit/8830ddb52225d85d1ee36d30e466c764e47bfd17.diff #/usr/local/pf$ sudo patch -p1 ~/8830ddb52225d85d1ee36d30e466c764e47bfd17.diff patching file addons/accounting.pl patching file addons/recovery.pl patching file lib/pf/CHI.pm patching file sbin/pfsetvlan However: /usr/local/pf$ bin/pfcmd service pfsetvlan start Subroutine get_logger redefined at /usr/share/perl5/Log/Any/Test.pm line 13. Couldn't require CHI::Driver::Memcached::t::CHIDriverTests::Fast : Can't locate Test/Deep.pm in @INC (@INC contains: /usr/local/pf/lib /etc/perl /usr/local/lib/perl/5.14.2 /usr/local/share/perl/5.14.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.14 /usr/share/perl/5.14 /usr/local/lib/site_perl) at /usr/share/perl5/Module/Runtime.pm line 317. BEGIN failed--compilation aborted at /usr/share/perl5/CHI/Driver/Memcached/t/CHIDriverTests/Base.pm line 7. Compilation failed in require at (eval 381) line 2. ...propagated at /usr/share/perl/5.14/base.pm line 93. BEGIN failed--compilation aborted at /usr/share/perl5/CHI/Driver/Memcached/t/CHIDriverTests/Fast.pm line 8. Compilation failed in require at (eval 377) line 2. at /usr/share/perl/5.14/Module/Pluggable.pm line 28. Couldn't require CHI::Driver::Memcached::t::CHIDriverTests::Base : Attempt to reload CHI/Driver/Memcached/t/CHIDriverTests/Base.pm aborted. Compilation failed in require at (eval 382) line 2. at /usr/share/perl/5.14/Module/Pluggable.pm line 28. Couldn't require CHI::Driver::Memcached::t::CHIDriverTests::libmemcached : Invalid CODE attribute: Test(shutdown = 2) at /usr/share/perl5/CHI/Driver/Memcached/t/CHIDriverTests/libmemcached.pm line 20. BEGIN failed--compilation aborted at /usr/share/perl5/CHI/Driver/Memcached/t/CHIDriverTests/libmemcached.pm line 20. Compilation failed in require at (eval 383) line 2. at /usr/share/perl/5.14/Module/Pluggable.pm line 28. ... Ok, so I installed the (apparantly) missing perl lib: $ sudo apt-get install libtest-deep-perl But, still no luck: #/usr/local/pf$ bin/pfcmd service pfsetvlan restart Subroutine get_logger redefined at /usr/share/perl5/Log/Any/Test.pm line 13. Couldn't require CHI::Driver::Memcached::t::CHIDriverTests::Fast : Base class package Test::Class is empty. (Perhaps you need to 'use' the module which defines that package first, or make that module available in @INC (@INC contains: /usr/local/pf/lib /etc/perl /usr/local/lib/perl/5.14.2 /usr/local/share/perl/5.14.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.14 /usr/share/perl/5.14 /usr/local/lib/site_perl). at /usr/share/perl5/CHI/Test/Class.pm line 7. BEGIN failed--compilation aborted at /usr/share/perl5/CHI/Test/Class.pm line 7. Compilation failed in require at (eval 387) line 2. ...propagated at /usr/share/perl/5.14/base.pm line 93. BEGIN failed--compilation aborted at /usr/share/perl5/CHI/t/Driver.pm line 17. Compilation failed in require at (eval 385) line 2. ...propagated at /usr/share/perl/5.14/base.pm line 93. BEGIN failed--compilation aborted at /usr/share/perl5/CHI/Driver/Memcached/t/CHIDriverTests/Base.pm line 8. Compilation failed in require at (eval 381) line 2. ...propagated at /usr/share/perl/5.14/base.pm line 93. BEGIN failed--compilation aborted at /usr/share/perl5/CHI/Driver/Memcached/t/CHIDriverTests/Fast.pm line 8. Compilation failed in require at (eval 377) line 2. at /usr/share/perl/5.14/Module/Pluggable.pm line 28. Couldn't require CHI::Driver::Memcached::t::CHIDriverTests::Base : Attempt to reload CHI/Driver/Memcached/t/CHIDriverTests/Base.pm aborted. Compilation failed in require at (eval 389) line 2. at /usr/share/perl/5.14/Module/Pluggable.pm line 28. Couldn't require CHI::Driver::Memcached::t::CHIDriverTests::libmemcached : Invalid CODE attribute: Test(shutdown = 2) at /usr/share/perl5/CHI/Driver/Memcached/t/CHIDriverTests/libmemcached.pm line 20. BEGIN failed--compilation aborted at /usr/share/perl5/CHI/Driver/Memcached/t/CHIDriverTests/libmemcached.pm line 20. Compilation failed in require at (eval 390) line 2. at /usr/share/perl/5.14/Module/Pluggable.pm line 28. service|command pfsetvlan|stop Am I missing an dependency? Thanks in advance. Hugo Le 2015-06-14 13:28, Hugo Rodenburg a écrit : Hi louis and list, Hello Experts I am testing packetfence vlan enforcement with an hp procurve 2524 switch and an ubuntu 12.04 lts desktop version (which is being used as the packetfence
Re: [PacketFence-users] PERL modules requirements
Are you using Centos? James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-06-12 5:09 PM, Boris Epstein wrote: Hello listmates, Is there a list of packages I need to install for the PF to run? I have been installing the modules one-by-one as demanded by pfcmd, etc.If there is a complete list anywhere that would be helpful. Thanks. Boris. -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] PERL modules requirements
Then you can do the following. yum install yum-utils sh addons/dev-helpers/centos-chroot/install-packages-from-spec.sh This will install all the packages from the spec except packetfence James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-06-12 5:56 PM, Boris Epstein wrote: Thanks James! Yes, I am. Centos 6 Boris. On Fri, Jun 12, 2015 at 5:23 PM, James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca wrote: Are you using Centos? James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca ::+1.514.755.3630 tel:%2B1.514.755.3630 ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-06-12 5:09 PM, Boris Epstein wrote: Hello listmates, Is there a list of packages I need to install for the PF to run? I have been installing the modules one-by-one as demanded by pfcmd, etc.If there is a complete list anywhere that would be helpful. Thanks. Boris. -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net mailto:PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net mailto:PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] JSON RPC Querys...
That is correct all you would have to do is add a new sub in api.pm and tag it as Public. Example sub my_new_funk :Public { my ($class,@params) = @_; return Stop, Hammer Time ,@params; } curl -v -H Content-Type: application/json-rpc -H Request: my_new_funk -X POST -d '{params:[timdenike],jsonrpc:2.0,method:my_new_funk, id : 0}' http://localhost:9090/ The response will be the following {jsonrpc:2.0,id:0,result:[Stop, Hammer Time,timdenike]} James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-06-11 10:49 AM, Tim DeNike wrote: Sweet.. That worked. What would I do if I wanted to add more API functionality.. For instance, looking up device location by IP. Looks like id have to add a sub in api.pm http://api.pm calling pf::node::node_search. Long story short: To handle routing of E911 calls for phones we want to write hooks into our Asterisk PBX system to dynamically query physical location of phones based on the IP of the SIP registration and route the E911 calls and adjust CID information with location information. On Thu, Jun 11, 2015 at 9:30 AM, James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca wrote: Tim DeNike, To see the response back you must set the id in the jsonrpc request. Here are some examples. node_information curl -v -H Content-Type: application/json-rpc -H Request: register_node -X POST -d '{params:[mac,00:11:22:33:44:55],jsonrpc:2.0,method:node_information, id:0}' http://localhost:9090/ view_person curl -v -H Content-Type: application/json-rpc -H Request: view_person -X POST -d '{params:[timdenike],jsonrpc:2.0,method:view_person, id : 0}' http://localhost:9090/ James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca ::+1.514.755.3630 tel:%2B1.514.755.3630 ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-06-10 5:23 PM, Tim DeNike wrote: OK.. I can't seem to figure out how to PULL data from packet fence with the web services API. I can trigger events with it like so: curl -v -H Content-Type: application/json-rpc -H Request: register_node -X POST -d '{params:[mac,00:11:22:33:44:55,pid,timdenike,category,business],jsonrpc:2.0,method:register_node}' http://localhost:9090/ This does what you'd think.. Registers the node. But how do I retrieve and use the node_information or view_person api commands. Im trying to integrate packet fence into an ISP billing/accounting system and need to have the 2 fully talking.. Ive got it part way done.. Just trying to fill in the gaps. -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net mailto:PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users * French - detected * Afrikaans * Albanian * Arabic * Belarusian * Bulgarian * Catalan * Chinese * Chinese (Simplified) * Chinese (Traditional) * Croatian * Czech * Danish * Dutch * English * Estonian * Filipino * Finnish * French * Galician * German * Greek * Hebrew * Haitian Creole * Hindi * Hungarian * Icelandic * Indonesian * Irish * Italian * Japanese * Korean * Latvian * Lithuanian * Macedonian * Malay * Maltese * Norwegian * Persian * Polish * Portuguese * Portuguese (Portugal) * Romanian * Russian * Serbian * Slovak * Slovenian * Spanish * Swahili * Swedish * Thai * Turkish * Ukrainian * Vietnamese * Welsh * Yiddish * Afrikaans * Albanian * Arabic * Belarusian * Bulgarian * Catalan * Chinese * Chinese (Simplified) * Chinese (Traditional) * Croatian * Czech * Danish * Dutch * English * Estonian * Filipino * Finnish * French * Galician * German * Greek * Hebrew * Haitian Creole * Hindi * Hungarian * Icelandic * Indonesian * Irish * Italian * Japanese * Korean * Latvian * Lithuanian * Macedonian * Malay * Maltese * Norwegian * Persian * Polish * Portuguese * Portuguese (Portugal) * Romanian * Russian * Serbian * Slovak * Slovenian * Spanish * Swahili * Swedish
Re: [PacketFence-users] JSON RPC Querys...
Tim DeNike, To see the response back you must set the id in the jsonrpc request. Here are some examples. node_information curl -v -H Content-Type: application/json-rpc -H Request: register_node -X POST -d '{params:[mac,00:11:22:33:44:55],jsonrpc:2.0,method:node_information, id:0}' http://localhost:9090/ view_person curl -v -H Content-Type: application/json-rpc -H Request: view_person -X POST -d '{params:[timdenike],jsonrpc:2.0,method:view_person, id : 0}' http://localhost:9090/http://localhost:9090/ James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-06-10 5:23 PM, Tim DeNike wrote: OK.. I can't seem to figure out how to PULL data from packet fence with the web services API. I can trigger events with it like so: curl -v -H Content-Type: application/json-rpc -H Request: register_node -X POST -d '{params:[mac,00:11:22:33:44:55,pid,timdenike,category,business],jsonrpc:2.0,method:register_node}' http://localhost:9090/ This does what you'd think.. Registers the node. But how do I retrieve and use the node_information or view_person api commands. Im trying to integrate packet fence into an ISP billing/accounting system and need to have the 2 fully talking.. Ive got it part way done.. Just trying to fill in the gaps. -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users * French - detected * Afrikaans * Albanian * Arabic * Belarusian * Bulgarian * Catalan * Chinese * Chinese (Simplified) * Chinese (Traditional) * Croatian * Czech * Danish * Dutch * English * Estonian * Filipino * Finnish * French * Galician * German * Greek * Hebrew * Haitian Creole * Hindi * Hungarian * Icelandic * Indonesian * Irish * Italian * Japanese * Korean * Latvian * Lithuanian * Macedonian * Malay * Maltese * Norwegian * Persian * Polish * Portuguese * Portuguese (Portugal) * Romanian * Russian * Serbian * Slovak * Slovenian * Spanish * Swahili * Swedish * Thai * Turkish * Ukrainian * Vietnamese * Welsh * Yiddish * Afrikaans * Albanian * Arabic * Belarusian * Bulgarian * Catalan * Chinese * Chinese (Simplified) * Chinese (Traditional) * Croatian * Czech * Danish * Dutch * English * Estonian * Filipino * Finnish * French * Galician * German * Greek * Hebrew * Haitian Creole * Hindi * Hungarian * Icelandic * Indonesian * Irish * Italian * Japanese * Korean * Latvian * Lithuanian * Macedonian * Malay * Maltese * Norwegian * Persian * Polish * Portuguese * Portuguese (Portugal) * Romanian * Russian * Serbian * Slovak * Slovenian * Spanish * Swahili * Swedish * Thai * Turkish * Ukrainian * Vietnamese * Welsh * Yiddish javascript:void(0);# -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] 802.1x authentication
Hello Sohaib, I suspect there is a problem with httpd.aaa service which is required for packetfence radius interaction. You can check the following log /usr/local/pf/logs/httpd.aaa.error To Check to see if httpd.aaa is running /usr/local/pf/bin/pfcmd service httpd.aaa status To restart the httpd.aaa service /usr/local/pf/bin/pfcmd service httpd.aaa restart Let me know if this helps James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-06-03 11:29 AM, Sohaib Afourid wrote: The second to last message i sent you, it's the result when i ran radius in debug mode. i got this error: rlm_perl: An error occurred while processing the authorize RPC request: An error occured while sending a MessagePack request: 7 Couldn't connect to server couldn't connect to host at /usr/local/pf/lib//pf/radius/rpc.pm http://rpc.pm/ line 52. When i googled it, i found some thread on the mailing list with the same error. when i ran radius normally it worked. Now, when i go to the captive portal and register/authenticate, Packetfence remembers the device by its MAC address ? Thank you for your patience really !! If you ever come to Morocco let me know, i would like to invite for a meal or something :D -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Upgrade from 4.7.0 to 5.0.2
Steve do you have custom code in the admin gui? James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-05-24 12:51 PM, Steve Allen wrote: Hi Derek I had a look and the Fingerprints.pm file does not exist. Can you tell me what the following means: --- Syntax error on line 69 of /usr/local/pf/conf/httpd.conf.d/httpd.admin: Can't locate pf/os.pm http://os.pm in @INC (@INC contains: /usr/local/pf/conf /usr/local/fingerbank/lib /usr/local/pf/lib /usr/local/pf/html/pfappserver/lib /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 . /etc/httpd) at /usr/local/pf/html/pfappserver/lib/pfappserver/Controller/Configuration.pm line 24.\nBEGIN failed--compilation aborted at /usr/local/pf/html/pfappserver/lib/pfappserver/Controller/Configuration.pm line 24.\nCompilation failed in require at /usr/share/perl5/vendor_perl/Catalyst/Utils.pm line 294.\nCompilation failed in require at (eval 2) line 3.\n httpd.admin|not started --- I had a look and on my 4.7.0 server I can find the pf/os.pm http://os.pm file but after upgrading to 5.0.2 the file is no longer there. Is this what is causing the problems? Kind regards, On Thu, 21 May 2015 at 18:56 Derek Wuelfrath dwuelfr...@inverse.ca mailto:dwuelfr...@inverse.ca wrote: Steve, That’s much better :) Can you check if you have the following file on the filesystem: /usr/local/pf/html/pfappserver/lib/pfappserver/Controller/Config/Fingerprints.pm If yes, please delete it and restart PacketFence services Cheers! dw. -- Derek Wuelfrath dwuelfr...@inverse.ca mailto:dwuelfr...@inverse.ca :: +1.514.447.4918 (x110) :: +1.866.353.6153 (x110) Inverse inc. (www.inverse.ca http://www.inverse.ca) :: Leaders behind SOGo (www.sogo.nu http://www.sogo.nu) and PacketFence (www.packetfence.org http://www.packetfence.org) On May 21, 2015 at 11:58:33, Steve Allen (steveallen1...@gmail.com mailto:steveallen1...@gmail.com) wrote: Hi Derek I have ran the upgrade again and had the same type of problem. I have attached a log file of my terminal during the upgrade. The interesting lines are as follows: Line 2492 Start of errors. Line 2861 is me running service packetfence-config restart Line 2913 is me running service packetfence restart Can you take a look at the log file and see if you can see what I'm doing wrong. Kind regards, On Thu, 21 May 2015 at 14:45 Steve Allen steveallen1...@gmail.com mailto:steveallen1...@gmail.com wrote: Hi Derek I'll give that a try and post the results later today. Kind regards, On Thu, 21 May 2015 at 14:38 Derek Wuelfrath dwuelfr...@inverse.ca mailto:dwuelfr...@inverse.ca wrote: Steve, Can you do ‘service packetfence-config restart’ and check how it behaves. Cheers! dw. -- Derek Wuelfrath dwuelfr...@inverse.ca mailto:dwuelfr...@inverse.ca :: +1.514.447.4918 (x110) :: +1.866.353.6153 (x110) Inverse inc. (www.inverse.ca http://www.inverse.ca) :: Leaders behind SOGo (www.sogo.nu http://www.sogo.nu) and PacketFence (www.packetfence.org http://www.packetfence.org) On May 21, 2015 at 09:31:19, Steve Allen (steveallen1...@gmail.com mailto:steveallen1...@gmail.com) wrote: Hi Derek Thanks for your help I'll await your response as it looks like the best idea would be to upgrade the current server. Kind regards, On Thu, 21 May 2015 at 14:23 Derek Wuelfrath dwuelfr...@inverse.ca mailto:dwuelfr...@inverse.ca wrote: Steve, The backups are the ones you suggested. The backup of the /usr/local/pf directory, along with a dump of the DB. It wouldn’t work if you copy over the whole codebase of 4.7 over the newest 5.0.2… the files that can be copied over are the configuration files, after having modified them accordingly to the UPGRADE guide if needed… Easiest would be to replicate config in a fresh install… Regarding the DB, you can simply import back the exported schema and then apply the schema updates. The previous upgrade I have tried does not seem to work correctly. Below is the output from when I try to restart the PacketFence service after the upgrade. (i followed all the items
Re: [PacketFence-users] Pfconfig Error - Unknown key
Do the following. service packetfence stop service packetfence-config restart /usr/local/pf/bin/pfcmd configreload restart service packetfence start James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-05-06 3:52 AM, Fabian Lumy wrote: Hello, I run ./pf-maint.pl http://pf-maint.pl and update PacketFence on 5.0.2 but i have these same errors... And now, i have the errors : Caught exception in captiveportal::Controller::CaptivePortal-webNodeRegister Can't call method supportsWebFormRegistration without a package or object reference at /usr/local/pf/html/captive-portal/lib/captiveportal/PacketFence/Controller/CaptivePortal.pm line 472. Can you help me, please? Thanks in advance Hello, I am running PacketFence 5.0.1 on CentOS 6.6, with inline enforcement and when i started my services (service packetfence start), i have few errors on logs/pfconfig.log : Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email (main::get_hash_element) Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sms Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sms (main::get_hash_element) Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail (main::get_hash_element) Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown index in resource::cluster_servers;1 Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown index in resource::cluster_servers;1 (main::get_array_element) Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key config::Cluster;packetfence Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key config::Cluster;packetfence (main::get_hash_element) Apr 30 14:20:10 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email Apr 30 14:20:10 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email (main::get_hash_element) Apr 30 14:20:10 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail Apr 30 14:20:10 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail (main::get_hash_element) Apr 30 14:20:12 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email Apr 30 14:20:12 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email (main::get_hash_element) Apr 30 14:20:12 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail Apr 30 14:20:12 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail (main::get_hash_element) Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;google Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;google (main::get_hash_element) Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;facebook Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;facebook (main::get_hash_element) Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;github Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;github (main::get_hash_element) Apr 30 14:21:34 pfconfig(8524) ERROR: Unknown key config::Switch;192.168.188.2 Apr 30 14:21:34 pfconfig(8524) ERROR: Unknown key config::Switch;192.168.188.2 (main::get_hash_element) Apr 30 14:21:42 pfconfig(8524) ERROR: Unknown key config::Switch;192.168.188.2 Apr 30 14:21:42 pfconfig(8524) ERROR: Unknown key config::Switch;192.168.188.2 (main::get_hash_element) 192.168.188.2 is my laptop used for testing captive portal. I realize successfull authentification with local account but after that, the Your network should be enabled within a minute or two. If it is not reboot your computer page appears. Thanks in advance Fabian -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics
Re: [PacketFence-users] PacketFence 5
Nicolas what version of Linux are you running? James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-04-20 12:19 PM, Nicolas Gailly wrote: For more info : pfcmd_vlan works fine, it can get / set vlan on switch port without any problems. So the problems comes from packetfence, when he must handle SNMP traps and when he must set a new vlan. I've tried to manually set the vlan to the registration, then I register with a good username/password. Then my vlan should be set to the normal one, but it isn't, it just throws the same error again... :/ 2015-04-20 18:11 GMT+02:00 Nicolas Gailly nikkol...@gmail.com mailto:nikkol...@gmail.com: Hello, I'm trying to set up PacketFence 5.0 with HP 2920 switch. Right now, I want to see if basic setup (snmp traps) works. After a few head-hit-the-wall, I finally get the switch sending traps to PacketFence but the traps are not being handled. Here is the error : Apr 20 18:05:02 pfsetvlan(6) ERROR: Thread 6 terminated abnormally: has '+max_key_length' given but no max_key_length attribute already exists at /usr/share/perl5/Method/Generate/Constructor.pm line 15. Compilation failed in require at /usr/share/perl5/Module/Runtime.pm line 317. (main::) Apr 20 18:05:06 pfsetvlan(7) ERROR: Thread 7 terminated abnormally: has '+max_key_length' given but no max_key_length attribute already exists at /usr/share/perl5/Method/Generate/Constructor.pm line 15. Compilation failed in require at /usr/share/perl5/Module/Runtime.pm line 317. (main::) This error happens WHEN i plug a device into the switch, so that's why I know traps are working. Any ideas ? The error does not even relate to a packetfence tool ... :/ Thanks -- BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15utm_medium=emailutm_campaign=VA_SF ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15utm_medium=emailutm_campaign=VA_SF___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] RADIUS error code
Boris, We do not update automatically the database schema or configuration for the following reasons. * PacketFence does not store the MySQL root password database user in our configurations. * The PacketFence database user does not have the permission to add and alter tables. * This may break custom code/database schema's * Upgrade a database can take a long time if you have a huge database it makes it harder to plan downtime. * New features and/or bugs fixes require changes in configuration that cannot be determined. This is why we advise to always read the upgrade guide before upgrading PacketFence. https://github.com/inverse-inc/packetfence/blob/packetfence-5.0.0/UPGRADE.asciidoc James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-04-16 1:29 PM, Boris Epstein wrote: James, Yes, you are right. I now got packetfence-5.0.0-1.el6.noarch I think DB upgrades need to be part of automatic package upgrades. I got yum to do it automatically for me - but the DB ends up being left behind. Thanks for your help debugging this one. Boris. On Thu, Apr 16, 2015 at 11:56 AM, James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca wrote: Boris It looks like you did not upgrade your database when you updated packetfence. James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca ::+1.514.755.3630 tel:%2B1.514.755.3630 ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-04-16 11:51 AM, Boris Epstein wrote: OK, here is the latest from packetfence.log Apr 16 11:50:14 httpd.aaa(10816) INFO: port security is not enabled (pf::Switch::Cisco::Catalyst_2960::isStaticPortSecurityEnabled) Apr 16 11:50:14 httpd.aaa(10816) INFO: [00:25:64:40:e3:61] handling radius autz request: from switch_ip = (192.168.48.101), connection_type = WIRED_MAC_AUTH,switch_mac = (Unknown), mac = [00:25:64:40:e3:61], port = 10121, username = 00256440e361 (pf::radius::authorize) Apr 16 11:50:14 httpd.aaa(10816) WARN: database query failed with: Unknown column 'machine_account' in 'field list' (errno: 1054), will try again (pf::db::db_query_execute) Apr 16 11:50:14 httpd.aaa(10816) WARN: database query failed with: Unknown column 'machine_account' in 'field list' (errno: 1054), will try again (pf::db::db_query_execute) Apr 16 11:50:14 httpd.aaa(10816) WARN: database query failed with: Unknown column 'machine_account' in 'field list' (errno: 1054), will try again (pf::db::db_query_execute) Apr 16 11:50:14 httpd.aaa(10816) ERROR: Database issue: We tried 3 times to serve query node_attributes_sql called from pf::node::node_attributes and we failed. Is the database running? (pf::db::db_query_execute) Apr 16 11:50:14 httpd.aaa(10816) WARN: database query failed with: Unknown column 'machine_account' in 'field list' (errno: 1054), will try again (pf::db::db_query_execute) Apr 16 11:50:14 httpd.aaa(10816) WARN: database query failed with: Unknown column 'machine_account' in 'field list' (errno: 1054), will try again (pf::db::db_query_execute) Apr 16 11:50:14 httpd.aaa(10816) WARN: database query failed with: Unknown column 'machine_account' in 'field list' (errno: 1054), will try again (pf::db::db_query_execute) Apr 16 11:50:14 httpd.aaa(10816) ERROR: Database issue: We tried 3 times to serve query node_attributes_sql called from pf::node::node_attributes and we failed. Is the database running? (pf::db::db_query_execute) Apr 16 11:50:14 httpd.aaa(10816) ERROR: radius authorize failed with error: Can't use string (0) as a HASH ref while strict refs in use at /usr/local/pf/lib/pf/vlan.pm http://vlan.pm line 311. (pf::api::radius_authorize) Generated as I plugged a device into a RADIUS-controlled Cisco Catalyst 3750 switch. Any idea what this may indicate? Cheers, Boris. On Thu, Apr 16, 2015 at 11:38 AM, Boris Epstein borepst...@gmail.com mailto:borepst...@gmail.com wrote: James, Thanks! Based on the admin GUI and ps output the httpd.webservices process is running. What should I look at next? Boris. On Thu, Apr 16, 2015 at 11:28 AM, James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca wrote: Boris this is an issue where radius cannot communicate with the httpd.webservices. Can you make sure that is running first! James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca ::+1.514.755.3630 tel:%2B1.514.755.3630 ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org
Re: [PacketFence-users] RADIUS error code
Boris It looks like you did not upgrade your database when you updated packetfence. James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-04-16 11:51 AM, Boris Epstein wrote: OK, here is the latest from packetfence.log Apr 16 11:50:14 httpd.aaa(10816) INFO: port security is not enabled (pf::Switch::Cisco::Catalyst_2960::isStaticPortSecurityEnabled) Apr 16 11:50:14 httpd.aaa(10816) INFO: [00:25:64:40:e3:61] handling radius autz request: from switch_ip = (192.168.48.101), connection_type = WIRED_MAC_AUTH,switch_mac = (Unknown), mac = [00:25:64:40:e3:61], port = 10121, username = 00256440e361 (pf::radius::authorize) Apr 16 11:50:14 httpd.aaa(10816) WARN: database query failed with: Unknown column 'machine_account' in 'field list' (errno: 1054), will try again (pf::db::db_query_execute) Apr 16 11:50:14 httpd.aaa(10816) WARN: database query failed with: Unknown column 'machine_account' in 'field list' (errno: 1054), will try again (pf::db::db_query_execute) Apr 16 11:50:14 httpd.aaa(10816) WARN: database query failed with: Unknown column 'machine_account' in 'field list' (errno: 1054), will try again (pf::db::db_query_execute) Apr 16 11:50:14 httpd.aaa(10816) ERROR: Database issue: We tried 3 times to serve query node_attributes_sql called from pf::node::node_attributes and we failed. Is the database running? (pf::db::db_query_execute) Apr 16 11:50:14 httpd.aaa(10816) WARN: database query failed with: Unknown column 'machine_account' in 'field list' (errno: 1054), will try again (pf::db::db_query_execute) Apr 16 11:50:14 httpd.aaa(10816) WARN: database query failed with: Unknown column 'machine_account' in 'field list' (errno: 1054), will try again (pf::db::db_query_execute) Apr 16 11:50:14 httpd.aaa(10816) WARN: database query failed with: Unknown column 'machine_account' in 'field list' (errno: 1054), will try again (pf::db::db_query_execute) Apr 16 11:50:14 httpd.aaa(10816) ERROR: Database issue: We tried 3 times to serve query node_attributes_sql called from pf::node::node_attributes and we failed. Is the database running? (pf::db::db_query_execute) Apr 16 11:50:14 httpd.aaa(10816) ERROR: radius authorize failed with error: Can't use string (0) as a HASH ref while strict refs in use at /usr/local/pf/lib/pf/vlan.pm http://vlan.pm line 311. (pf::api::radius_authorize) Generated as I plugged a device into a RADIUS-controlled Cisco Catalyst 3750 switch. Any idea what this may indicate? Cheers, Boris. On Thu, Apr 16, 2015 at 11:38 AM, Boris Epstein borepst...@gmail.com mailto:borepst...@gmail.com wrote: James, Thanks! Based on the admin GUI and ps output the httpd.webservices process is running. What should I look at next? Boris. On Thu, Apr 16, 2015 at 11:28 AM, James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca wrote: Boris this is an issue where radius cannot communicate with the httpd.webservices. Can you make sure that is running first! James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca ::+1.514.755.3630 tel:%2B1.514.755.3630 ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-04-16 11:23 AM, Boris Epstein wrote: OK, the best I can tell so far is it comes out of this module: http://wiki.freeradius.org/modules/Rlm_perl The investigation is ongoing... Stand by for more updates. Boris. On Tue, Apr 14, 2015 at 10:51 AM, Boris Epstein borepst...@gmail.com mailto:borepst...@gmail.com wrote: Hello listmates, I just got the following in my RADIUS log on my PF server: Tue Apr 14 10:48:00 2015 : Auth: Login OK: [00256440e361] (from client 192.168.48.101 port 50119 cli 00-25-64-40-E3-61) Tue Apr 14 10:48:00 2015 : Error: rlm_perl: No or invalid reply in RPC communication with server. Check server side logs for details. Does anybody know how to interpret this? Thanks. Boris. -- BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15utm_medium=emailutm_campaign=VA_SF ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net mailto:PacketFence-users@lists.sourceforge.net https
Re: [PacketFence-users] Device Registration
What Jake said James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-03-05 9:34 AM, Sallee, Jake wrote: How do you disable mac checking? I believe all you have to do is have a completely blank allowed_device_oui.txt, as in no text in it at all. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From: Pete Hoffswell [pete.hoffsw...@davenport.edu] Sent: Wednesday, March 04, 2015 4:46 PM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Device Registration That's a great idea. How do you disable mac checking? - Pete Hoffswell - Network Manager pete.hoffsw...@davenport.edumailto:pete.hoffsw...@davenport.edu https://urldefense.proofpoint.com/v2/url?u=http-3A__www.davenport.edud=BQIFAwc=Gpt0euE7zITENl5YkAGW3wr=cNllUNvOSb_iAEjsFraP7MV__bF1L0JimhLwIyO3619rk_98amrNED1zl-1TxpQ6m=wlwE4EYd_jkZQ4aNUi-uxKaWKsijReBnSAg5dsGSa8Qs=7yC_2TfYsnzfdyyggMWOF4gYv-dz7UxfNeWmGkG-srge= On Wed, Mar 4, 2015 at 4:25 PM, Sallee, Jake jake.sal...@umhb.edumailto:jake.sal...@umhb.edu wrote: Does anyone have a more complete allowed_device_oui.txt file they can share? Looking to include all gaming devices, streaming devices, smart tvs, etc... We just disabled MAC restriction completely. If you register via my gaming portal you have less network privileges than if you registered as a guest : ) Also, PF still applies violations and such to items with the gaming role so it is essentially the same as going through the normal registration process. It has made our life much easier not having to keep up with the ever evolving MAC addresses of consumer equipment. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDUhttps://urldefense.proofpoint.com/v2/url?u=http-3A__WWW.UMHB.EDUd=BQIFAwc=Gpt0euE7zITENl5YkAGW3wr=cNllUNvOSb_iAEjsFraP7MV__bF1L0JimhLwIyO3619rk_98amrNED1zl-1TxpQ6m=wlwE4EYd_jkZQ4aNUi-uxKaWKsijReBnSAg5dsGSa8Qs=VzbsFHJiGJ2NVxLDbZD9k7o2U85dSP9hzw3pYYhS3S4e= 900 College St. Belton, Texas 76513 Fone: 254-295-4658tel:254-295-4658 Phax: 254-295-4221tel:254-295-4221 From: Pete Hoffswell [pete.hoffsw...@davenport.edumailto:pete.hoffsw...@davenport.edu] Sent: Wednesday, March 04, 2015 2:54 PM To: packetfence-users@lists.sourceforge.netmailto:packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Device Registration Hi Louis and list - No, it was not! I added it, and things worked much better after I did a bin/pfcmd service pf restart Is there a better command to have pf re-read the allowed_device_oui.txt file? Does anyone have a more complete allowed_device_oui.txt file they can share? Looking to include all gaming devices, streaming devices, smart tvs, etc... Thanks! - Pete Hoffswell - Network Manager pete.hoffsw...@davenport.edumailto:pete.hoffsw...@davenport.edumailto:pete.hoffsw...@davenport.edumailto:pete.hoffsw...@davenport.edu https://urldefense.proofpoint.com/v2/url?u=http-3A__www.davenport.edud=BQIFAwc=Gpt0euE7zITENl5YkAGW3wr=cNllUNvOSb_iAEjsFraP7MV__bF1L0JimhLwIyO3619rk_98amrNED1zl-1TxpQ6m=RYFwE8Iu-7EgaCdXzW5uPioK2GDk8FRiF0Ocs9sY3vAs=lxwoHHIA5FMEN-jMUDgNYhvohIEdfVMhaQxLHt0nwF8e= On Wed, Mar 4, 2015 at 3:38 PM, Louis Munro lmu...@inverse.camailto:lmu...@inverse.camailto:lmu...@inverse.camailto:lmu...@inverse.ca wrote: On Mar 4, 2015, at 14:13 , Pete Hoffswell pete.hoffsw...@davenport.edumailto:pete.hoffsw...@davenport.edumailto:pete.hoffsw...@davenport.edumailto:pete.hoffsw...@davenport.edu wrote: Hi There - I could use some help diagnosing a problem with device registration - After accessing https://urldefense.proofpoint.com/v2/url?u=https-3A__netaccess.davenport.edu_device-2Dregistrationd=BQIFAwc=Gpt0euE7zITENl5YkAGW3wr=cNllUNvOSb_iAEjsFraP7MV__bF1L0JimhLwIyO3619rk_98amrNED1zl-1TxpQ6m=RYFwE8Iu-7EgaCdXzW5uPioK2GDk8FRiF0Ocs9sY3vAs=GiVIsY3FxkQqfOTSZuIdxgmR9ajGQEQjBzA8BFgWXHwe= We get: Sorry! Please verify the provided MAC address. Hi Pete, Is the MAC prefix (the OUI) for that device listed in conf/allowed_device_oui.txt ? Regards, -- Louis Munro lmu...@inverse.camailto:lmu...@inverse.camailto:lmu...@inverse.camailto:lmu...@inverse.ca :: www.inverse.cahttps://urldefense.proofpoint.com/v2/url?u=http-3A__www.inverse.cad=BQIFAwc=Gpt0euE7zITENl5YkAGW3wr=cNllUNvOSb_iAEjsFraP7MV__bF1L0JimhLwIyO3619rk_98amrNED1zl-1TxpQ6m=wlwE4EYd_jkZQ4aNUi-uxKaWKsijReBnSAg5dsGSa8Qs=fHjELLvGSjhoVLzIOXWByUBLOXVOz6uS92DIrf6DS8Me= https://urldefense.proofpoint.com/v2/url?u=http-3A__www.inverse.cad=BQIFAwc=Gpt0euE7zITENl5YkAGW3wr=cNllUNvOSb_iAEjsFraP7MV__bF1L0JimhLwIyO3619rk_98amrNED1zl-1TxpQ6m=RYFwE8Iu
Re: [PacketFence-users] Portal Error
David was this an upgrade or a new installation? James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2014-11-03 3:49 PM, David Martinez wrote: Hi I'm new in packetfence I Was trayin to configure multimple profiles for the portal access and I had problems with the errors of the portal to add a new device. I restarted the PF service and by console I saw the following error. Syntax error on line 114 of /usr/local/pf/conf/httpd.conf.d/httpd.portal: Can't use string (0) as a HASH ref while strict refs in use at /usr/local/pf/lib/pf/proxypassthrough/constants.pm http://constants.pm line 47, DATA line 1000.\nCompilation failed in require at /usr/local/pf/lib/pf/web/dispatcher.pm http://dispatcher.pm line 33, DATA line 1000.\nBEGIN failed--compilation aborted at /usr/local/pf/lib/pf/web/dispatcher.pm http://dispatcher.pm line 33, DATA line 1000.\nCompilation failed in require at (eval 2279) line 2, DATA line 1000.\n Any idea what can be wrong with? Thanks in advance David Martinez -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Switch in switchs.conf but not in radius_nas table
Jake can you verify if those new switches have the radiusSecret set. If they do not they will not be added to the radius_nas table. James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2014-09-15 11:49 AM, Sallee, Jake wrote: Hello all! Interesting problem, I added several switches to my switches.conf manually since it is MUCH quicker than adding them individually in the GUI. However they are not showing up in the radius_nas table which is causing FreeRADIUS not to respond to the auth requests. I have restarted the PF services and done a pfcmd configreload and even configrelaod hard ... no joy :( pfcmd checkup returns normal. I will continue to work on this but any advice you can offer is greatly appreciated. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 -- Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] SOLVED - Switch in switchs.conf but not in radius_nas table
Jake it will use values from the default switch. However if you have an empty parameter like this [a.b.c.d] ... radisSecret= It will not use the value from the default switch since the switch has an entry for it. In order for the switch inherit from the default switch remove the line entirely. James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2014-09-15 12:28 PM, Sallee, Jake wrote: Interesting! The entries did not have a radius secret, I erroneously thought that if you omit the field it would pull the value from the default switch like it does in the GUI. It did not. Once I added the secret they did indeed populate correctly. Thank you James! Inverse to the rescue once again. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From: James Rouzier [jrouz...@inverse.ca] Sent: Monday, September 15, 2014 10:58 AM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Switch in switchs.conf but not in radius_nas table Jake can you verify if those new switches have the radiusSecret set. If they do not they will not be added to the radius_nas table. James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2014-09-15 11:49 AM, Sallee, Jake wrote: Hello all! Interesting problem, I added several switches to my switches.conf manually since it is MUCH quicker than adding them individually in the GUI. However they are not showing up in the radius_nas table which is causing FreeRADIUS not to respond to the auth requests. I have restarted the PF services and done a pfcmd configreload and even configrelaod hard ... no joy :( pfcmd checkup returns normal. I will continue to work on this but any advice you can offer is greatly appreciated. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 -- Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Error in PF log: Unknown Switch
Jake, Can you show me the output of this command. perl -I/usr/local/pf/lib -Mpf::SwitchFactory -e'my $s = pf::SwitchFactory-new-instantiate({switch_ip = 10.61.41.6, switch_mac = 50:60:28:13:a8:d1});print ((ref($s) $s-isa(pf::Switch)) ? Good\n : Bad\n)' James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2014-08-04, 4:47 PM, Sallee, Jake wrote: Hello all! I'm having an interesting error. In my packetfence.log file I am seeing lines like this: Aug 04 15:43:45 httpd.webservices(10147) ERROR: WARNING ! Unknown switch(es) 50:60:28:13:a8:d1 10.61.41.6 (pf::SwitchFactory::instantiate) Aug 04 15:43:45 httpd.webservices(10147) WARN: Can't instantiate switch 10.61.41.6. This request will be failed. Are you sure your switches.conf is correct? (pf::radius::accounting) Which would normally mean that I failed to add the switch to PF. However I have checked my switches.conf and it looks good. [10.61.41.6] description=Hamilton Array Bldg 06 gamingVlan=612 registrationVlan=613 guestVlan=612 UMHBVlan=611 ForeignVlan=612 isolationVlan=617 voiceVlan=615 type=Xirrus mode=production SNMPCommunityRead=**Yeah right** SNMPCommunityWrite=**Yeah right** triggerInline= deauthMethod=SNMP SNMPVersionTrap=**Yeah right** gamingRole=gaming ForeignRole=Foreign radiusSecret=**Yeah right** SNMPVersion=**Yeah right** guestRole=guest uplink=dynamic SNMPCommunityTrap=**Yeah right** UMHBRole=UMHB I have bounced all my services and even did /usr/local/pf/bin/pfcmd configreload hard with no luck. Any ideas? Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 -- Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Upgrade from 4.2.2 to 4.3.0 - Info icon says 4.2.2?
Pete the value is cached. You can remove it using this command. bin/pfcmd cache configfiles remove /usr/local/pf/conf/pf-release James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2014-07-07, 1:42 PM, Pete Hoffswell wrote: # bin/pfcmd configreload # bin/pfcmd service httpd.admin restart Still no go! Weird, huh. - Pete Hoffswell - Network Manager pete.hoffsw...@davenport.edu mailto:pete.hoffsw...@davenport.edu http://www.davenport.edu On Mon, Jul 7, 2014 at 11:49 AM, Louis Munro lmu...@inverse.ca mailto:lmu...@inverse.ca wrote: Try this one then: # pfcmd configreload Regards, -- Louis Munro lmu...@inverse.ca mailto:lmu...@inverse.ca :: www.inverse.ca http://www.inverse.ca +1.514.447.4918 tel:%2B1.514.447.4918 *125 :: +1 (866) 353-6153 tel:%2B1%20%28866%29%C2%A0353-6153 Inverse inc. :: Leaders behind SOGo (www.sogo.nu http://www.sogo.nu) and PacketFence (www.packetfence.org http://www.packetfence.org) On 2014-07-07, at 11:44 , Pete Hoffswell pete.hoffsw...@davenport.edu mailto:pete.hoffsw...@davenport.edu wrote: Sure: # bin/pfcmd service httpd.admin restart service|command httpd.admin|stop memcached|already started httpd.admin|start # tail -3 logs/httpd.admin.log Jul 07 11:33:59 httpd.admin(9523) INFO: Currently at PacketFence 4.3.0, running release PacketFence 4.3.0 (pfappserver::Model::Configurator::checkForUpgrade) Jul 07 11:33:59 httpd.admin(9523) INFO: Configuration process (pfappserver::Model::Configurator::checkForUpgrade) Jul 07 11:33:59 httpd.admin(9523) INFO: Redirecting to admin interface https://nac2.davenport.edu:1443/admin (pfappserver::Controller::Root::index) Still no go. - Pete Hoffswell - Network Manager pete.hoffsw...@davenport.edu mailto:pete.hoffsw...@davenport.edu http://www.davenport.edu http://www.davenport.edu/ On Mon, Jul 7, 2014 at 11:13 AM, Louis Munro lmu...@inverse.ca mailto:lmu...@inverse.ca wrote: Hi Pete, You may have to restart the httpd.admin service for it to reload that file. Regards, -- Louis Munro lmu...@inverse.ca mailto:lmu...@inverse.ca :: www.inverse.ca http://www.inverse.ca/ +1.514.447.4918 tel:%2B1.514.447.4918 *125 :: +1 (866) 353-6153 tel:%2B1%20%28866%29%C2%A0353-6153 Inverse inc. :: Leaders behind SOGo (www.sogo.nu http://www.sogo.nu/) and PacketFence (www.packetfence.org http://www.packetfence.org/) On 2014-07-07, at 11:08 , Pete Hoffswell pete.hoffsw...@davenport.edu mailto:pete.hoffsw...@davenport.edu wrote: Well, I did do that manually, but the pfcmd command is a nicer way to do it for sure: # bin/pfcmd version /usr/local/pf/conf/currently-at # # cat /usr/local/pf/conf/currently-at PacketFence 4.3.0 https://pf:1443/admin/status Still shows PacketFence 4.2.2 - Pete Hoffswell - Network Manager pete.hoffsw...@davenport.edu mailto:pete.hoffsw...@davenport.edu http://www.davenport.edu http://www.davenport.edu/ On Mon, Jul 7, 2014 at 10:56 AM, Louis Munro lmu...@inverse.ca mailto:lmu...@inverse.ca wrote: You forgot to run this command: # /usr/local/pf/bin/pfcmd version /usr/local/pf/conf/currently-at Regards, -- Louis Munro lmu...@inverse.ca mailto:lmu...@inverse.ca :: www.inverse.ca http://www.inverse.ca/ +1.514.447.4918 tel:%2B1.514.447.4918 *125 :: +1 (866) 353-6153 tel:%2B1%20%28866%29%C2%A0353-6153 Inverse inc. :: Leaders behind SOGo (www.sogo.nu http://www.sogo.nu/) and PacketFence (www.packetfence.org http://www.packetfence.org/) On 2014-07-07, at 10:17 , Pete Hoffswell pete.hoffsw...@davenport.edu mailto:pete.hoffsw...@davenport.edu wrote: Hi folks - I've performed an upgrade on our 4.2.2 installation to 4.3.0, using the yum update --enablerepo=PacketFence,rpmforge packetfence command, and followed the upgrade instructions. I then restarted all services. But, when I when I go to the /admin/status page, and click on the (i) circle, it says 4.2.2 What'd I do wrong? TIA - - Pete Hoffswell - Network Manager pete.hoffsw...@davenport.edu mailto:pete.hoffsw...@davenport.edu http://www.davenport.edu http://www.davenport.edu
Re: [PacketFence-users] PF 4.2.2 any MAC address via new (renamed) Device-Registration portal
Stephen, In 4.2.2 an empty conf/allowed_device_oui.txt allows all devices to be registered. You would just need to restart packetfence afterwards. Let me know if this helps James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2014-06-24, 12:26 PM, Stephen Wittstruck wrote: p.s., I should have added, we have a need to network devices that do not have browsers and are not gaming devices, one example is oscilloscopes. I think I remember reading somewhere that the list of gaming MAC addresses was in gaming.pm but it doesn't seem to exist any longer. On Jun 23, 2014, at 3:57 PM, Stephen Wittstruck switt...@mines.edu wrote: Hi PF Users Digest, Pardon me if this has been covered already, I looked around. Is there a way to allow any MAC address to be registered via the newly named 'device-registration' portal, once named 'gaming-registration', i.e. : https://YOUR_PORTAL_HOSTNAME/device-registration ? This portal seems to still screen for known gaming OUI MAÇ addresses. Thank you. Steve -- Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] VLAN filter in PF 4.3
Jake, Wrix is short for Wireless Roaming Intermediary eXchange. Think of it as Metadata for wireless hotspot. At the moment we only store this information we do not do anything useful with. You can find out more here. http://www.wballiance.com/resource-center/specifications/ James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2014-06-25, 11:17 AM, Sallee, Jake wrote: Fabrice: I have the dev branch up and running but I cant seem to find the VLan filter you mentioned, can you elaborate a bit on that so I can do some testing? Also, what the heck is WRIX? when I try to look it up on google I just come back with a bunch of stuff about some radio station and I am fairly sure that is not right. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From: Fabrice DURAND [fdur...@inverse.ca] Sent: Wednesday, June 18, 2014 1:26 PM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] VLAN filter in PF 4.3 :FORMERLY: Cisco WLC, Private and Public WLANs Hi Jake, you can play with devel which is very close to the 4.3 release. Fabrice Le 2014-06-18 14:09, Sallee, Jake a écrit : Fabrice: That sounds great and exactly what I am looking for. Do you have an ETA for 4.3, and is there a beta I can play with? : ) Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From: Durand fabrice [fdur...@inverse.ca] Sent: Tuesday, June 17, 2014 4:58 PM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Cisco WLC, Private and Public WLANs In fact each time pf receive per example a new radius request it try to test the rules and if it match then it return the role. The problem with reévaluate is if the source you define in the secure portal profile (Active Directory) is not the same as defined in the guest portal profile (email). Imagine on the secure you have a active directory source and if your group membership is staff then we return the staff vlan role. Now you go on the open ssid and you have to reévaluate but on which source ? Email ? your device has never been registered by email so we can´t reévaluate. One option should be unreg the device if you come from another ssid or it can be is the source i have used to reg my device is available on this portal profile ? Yes - reévaluate, No - Unreg the device. It´s not really simple and the workflow can be very different for each customer. So it´s why we did valn filter to allow the network admin to make is own rules. Fabrice Le 2014-06-17 17:43, Sallee, Jake a écrit : That sounds great! However, will that role be re-evaluated on every connection? That seems to be the sticking point. From the example you gave it looks like it hooks into the GetNormalVlanForNode method in which case it would get re-eval'ed on every connection which is exactly what we would like. I just want to make sure I am reading it correctly. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From: Durand fabrice [fdur...@inverse.ca] Sent: Tuesday, June 17, 2014 4:21 PM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Cisco WLC, Private and Public WLANs Hi all, in the incoming 4.3 release we introduce vlan filter, the goal of this feature is to remove a part of the custom code from vlan/custom.pm to a configuration file. An example is better than a complex explanation. https://github.com/inverse-inc/packetfence/blob/devel/conf/vlan_filters.conf.example So with that you can easily force the role to guest on the open ssid even if you have been reg on the secure ssid with the staff role. Regards Fabrice Le 2014-06-17 17:09, Sallee, Jake a écrit : I think the cleanest solution would be to have the roles re-evaluated on each connection. Otherwise I think what you are doing is probably the way to do it. ***TO THE PF DEVS*** What is the reasoning behind never re-evaluating the roles assigned to a user? Is the process particularly resource intensive? If the roles were evaluated on every connection it could make the role mechanic much more powerful. For example: I never want anyone on my unencrypted wifi to be on the administrative vlan. I could set a rule that makes the role of anyone who connects to that SSID to my untrusted vlan. The next time that person hit my encrypted wifi they would then be given the vlan their credentials say they should be on. Jake Sallee Godfather
Re: [PacketFence-users] snort doesn't start PF4.1 Debian
The issue that snort is managed by the system It should me managed by packetfence. First disable snort On Redhat/Centos chkconfig --del snortd Debian update-rc.d snort disable There also seems to be an issue with perl Moose. Run the following to find the version Redhat/Centos rpm -q perl-Moose Debian dpkg -l libmoose-perl It should be 2.1005 or less If the run the following. Redhat/Centos yum downgrade perl-Moose-2.1005 Debian This is not a issue on debian Let me know if this helps. James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2/6/2014, 11:43 AM, sampath jayashantha wrote: Dear James, Please find the requested output. [root@localhost ~]# /usr/sbin/service snortd status -bash: /usr/sbin/service: No such file or directory [root@localhost ~]# service snortd status snort (pid 15457) is running... [root@localhost ~]# [root@localhost ~]# /usr/local/pf/bin/pfcmd service snortd status Class::MOP::load_class is deprecated at /usr/lib64/perl5/vendor_perl/Class/MOP.pm line 76. Class::MOP::load_class(Cache::Memcached) called at /usr/share/perl5/vendor_perl/CHI/Driver/Memcached/Base.pm line 37 CHI::Driver::Memcached::Base::_build_contained_cache(CHI::Driver::Memcached__WITH__CHI::Driver::Role::Universal__AND__CHI::Driver::Role::HasSubcaches=HASH(0x343a0f0)) called at /usr/share/perl5/vendor_perl/CHI/Driver/Memcached/Base.pm line 29 CHI::Driver::Memcached::Base::BUILD(CHI::Driver::Memcached__WITH__CHI::Driver::Role::Universal__AND__CHI::Driver::Role::HasSubcaches=HASH(0x343a0f0), HASH(0x3430348)) called at (eval 367) line 17 CHI::Driver::Memcached__WITH__CHI::Driver::Role::Universal__AND__CHI::Driver::Role::HasSubcaches::BUILDALL(CHI::Driver::Memcached__WITH__CHI::Driver::Role::Universal__AND__CHI::Driver::Role::HasSubcaches=HASH(0x343a0f0), HASH(0x3430348)) called at /usr/share/perl5/vendor_perl/Moo/Object.pm line 52 Moo::Object::BUILDALL(CHI::Driver::Memcached__WITH__CHI::Driver::Role::Universal__AND__CHI::Driver::Role::HasSubcaches=HASH(0x343a0f0), HASH(0x3430348)) called at /usr/lib64/perl5/vendor_perl/Moose/Meta/Class.pm line 285 Moose::Meta::Class::new_object(Moose::Meta::Class=HASH(0x3439f40), HASH(0x3430348)) called at /usr/lib64/perl5/vendor_perl/Moose/Object.pm line 30 Moose::Object::new(CHI::Driver::Memcached__WITH__CHI::Driver::Role::Universal__A..., chi_root_class, pf::CHI, driver_class, CHI::Driver::Memcached, namespace, configfiles, global, 1, ...) called at constructor CHI::Driver::Memcached::new (defined at /usr/share/perl5/vendor_perl/CHI/Driver/Memcached.pm line 13) line 4 CHI::Driver::Memcached::new(CHI::Driver::Memcached__WITH__CHI::Driver::Role::Universal__A..., chi_root_class, pf::CHI, driver_class, CHI::Driver::Memcached, namespace, configfiles, global, 1, ...) called at (eval 366) line 41 CHI::Driver::Memcached__WITH__CHI::Driver::Role::Universal__AND__CHI::Driver::Role::HasSubcaches::new(CHI::Driver::Memcached__WITH__CHI::Driver::Role::Universal__A..., chi_root_class, pf::CHI, driver_class, CHI::Driver::Memcached, namespace, configfiles, global, 1, ...) called at /usr/share/perl5/vendor_perl/CHI.pm line 151 CHI::new(pf::CHI, namespace, configfiles) called at /usr/local/pf/lib/pf/config/cached.pm http://cached.pm line 748 pf::config::cached::_cache(pf::config::cached) called at /usr/local/pf/lib/pf/config/cached.pm http://cached.pm line 736 pf::config::cached::cache(pf::config::cached) called at /usr/local/pf/lib/pf/config/cached.pm http://cached.pm line 720 pf::config::cached::computeFromPath(pf::config::cached, /usr/local/pf/conf/documentation.conf, CODE(0x33fdf38)) called at /usr/local/pf/lib/pf/config/cached.pm http://cached.pm line 376 pf::config::cached::new(pf::config::cached, -file, /usr/local/pf/conf/documentation.conf, -allowempty, 1, -onreload, ARRAY(0x33fde60)) called at /usr/local/pf/lib/pf/config.pm http://config.pm line 451 pf::config::readPfDocConfigFiles() called at /usr/local/pf/lib/pf/config.pm http://config.pm line 378 pf::config::init_config() called at /usr/local/pf/lib/pf/config.pm http://config.pm line 358 pf::config::__ANON__() called at /usr/share/perl5/vendor_perl/Try/Tiny.pm line 76 eval {...} called at /usr/share/perl5/vendor_perl/Try/Tiny.pm line 67 Try::Tiny::try(CODE(0x3399618), Try::Tiny::Catch=REF(0x2fa8660)) called at /usr/local/pf/lib/pf/config.pm http://config.pm line 362 require pf/config.pm http://config.pm called at /usr/local/pf/bin/pfcmd.pl http://pfcmd.pl line 81 main::BEGIN() called at /usr/local/pf/lib/pf/config.pm http://config.pm line 0 eval {...} called at /usr/local/pf/lib/pf/config.pm http://config.pm line 0 Usage: pfcmd service service [start|stop|restart|status|watch] stop/stop/restart specified service status returns PID of specified PF daemon
Re: [PacketFence-users] snort doesn't start PF4.1 Debian
Hi Sampath, Try this patch and let me know if it works https://github.com/inverse-inc/packetfence/commit/d0de4fa74b58e70de6941f9a871198be8ccbe13f.diff James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2/5/2014, 6:21 AM, sampath jayashantha wrote: Any update regarding this issue ? I'm also having the same issue with my packetfence box. service|shouldBeStarted|pid memcached|1|11287 httpd.admin|1|11297 httpd.webservices|1|11340 httpd.portal|1|11357 httpd.proxy|0|0 pfdns|1|11387 dhcpd|1|11390 pfdetect|1|11395 snort|0|0 suricata|0|0 radiusd|1|0 snmptrapd|1|11400 pfsetvlan|1|11404 pfdhcplistener|1|11427 11428 11429 pfmon|1|11468 How to enable it ? Any clue. On Tue, Jan 28, 2014 at 8:44 PM, Carlos Alonso car...@tel.uva.es mailto:car...@tel.uva.es wrote: Thank your for your help. These are the answers to your questions Can you post your pf.conf , did you set a monitor interface ? Fabrice Yes I did. The inline interface is also the monitor interface. This what I did in PF3.6 and worked perfectly Is this not posible in PF4.1 ? I have not upgraded, It is a new installation though. means hidden for security [general] domain= hostname=nac dnsservers= dhcpservers=192.168.18.1,192.168.19.1,192.168.20.1 locale=es_ES timezone=Europe/Madrid [trapping] range=10.0.0.0/16 http://10.0.0.0/16, 192.68.0.0/16 http://192.68.0.0/16 detection=enabled interception_proxy=enabled [registration] button_text=Registro [alerting] emailaddr= smtpserver= [database] pass= [captive_portal] network_detection=disabled [interface eth0.802] ip= type=management mask=255.255.255.0 [interface eth0.818] enforcement=inline ip=192.168.18.1 type=internal,monitor mask=255.255.255.0 [interface eth0.819] enforcement=vlan ip=192.168.19.1 type=internal mask=255.255.255.0 [interface eth0.820] enforcement=vlan ip=192.168.20.1 type=internal mask=255.255.255.0 Can you see if Snort can start when you run it by hand? /usr/local/bin/snort -d -i eth1 -u root -g snort -c /etc/snort/snort.conf -l /var/log/snort If I run it by hand it works: /usr/sbin/snort -d -i eth0.818 -u root -g snort -c /etc/snort/snort.conf -l /var/log/snort/ ... --== Initialization Complete ==-- ,,_ -* Snort! *- o )~ Version 2.9.2.2 IPv6 GRE (Build 121) By Martin Roesch The Snort Team: http://www.snort.org/snort/snort-team Copyright (C) 1998-2012 Sourcefire, Inc., et al. Using libpcap version 1.3.0 Using PCRE version: 8.30 2012-02-04 Using ZLIB version: 1.2.7 Rules Engine: SF_SNORT_DETECTION_ENGINE Version 1.15 Build 18 Preprocessor Object: SF_SMTP (IPV6) Version 1.1 Build 9 Preprocessor Object: SF_REPUTATION (IPV6) Version 1.1 Build 1 Preprocessor Object: SF_SSLPP (IPV6) Version 1.1 Build 4 Preprocessor Object: SF_IMAP (IPV6) Version 1.0 Build 1 Preprocessor Object: SF_DNP3 (IPV6) Version 1.1 Build 1 Preprocessor Object: SF_SSH (IPV6) Version 1.1 Build 3 Preprocessor Object: SF_DCERPC2 (IPV6) Version 1.0 Build 3 Preprocessor Object: SF_SDF (IPV6) Version 1.1 Build 1 Preprocessor Object: SF_DNS (IPV6) Version 1.1 Build 4 Preprocessor Object: SF_MODBUS (IPV6) Version 1.1 Build 1 Preprocessor Object: SF_POP (IPV6) Version 1.0 Build 1 Preprocessor Object: SF_FTPTELNET (IPV6) Version 1.2 Build 13 Preprocessor Object: SF_GTP (IPV6) Version 1.1 Build 1 Preprocessor Object: SF_SIP (IPV6) Version 1.1 Build 1 Commencing packet processing (pid=2481) -- WatchGuard Dimension instantly turns raw network data into actionable security intelligence. It gives you real-time visual feedback on key security issues and trends. Skip the complicated setup - simply import a virtual appliance and go from zero to informed in seconds. http://pubads.g.doubleclick.net/gampad/clk?id=123612991iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net mailto:PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- .. There is always some one who
Re: [PacketFence-users] PF 4.1.0 - ERROR: Database issue - Is the database running? (pf::db::db_query_execute)
Did you upgrade your database? James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 1/17/2014, 12:30 PM, Alberto Losada wrote: Hi all, Upgraded from 4.06 to 4.1.0 recently, however almost every day I am seeing these errors in packetfence.log: Jan 16 17:25:32 pfdhcplistener(27721) ERROR: Database issue: We tried 3 times to serve query node_add_sql called from pf::node::node_add and we failed. Is the database running? (pf::db::db_query_execute) Jan 16 17:34:19 pfdhcplistener(27721) ERROR: Database issue: We tried 3 times to serve query node_add_sql called from pf::node::node_add and we failed. Is the database running? (pf::db::db_query_execute) Jan 17 10:30:08 pfdhcplistener(18536) ERROR: Database issue: We tried 3 times to serve query node_add_sql called from pf::node::node_add and we failed. Is the database running? (pf::db::db_query_execute) Jan 17 10:43:33 pfdhcplistener(18536) ERROR: Database issue: We tried 3 times to serve query node_add_sql called from pf::node::node_add and we failed. Is the database running? (pf::db::db_query_execute) Jan 17 13:09:10 pfdhcplistener(18565) ERROR: Database issue: We tried 3 times to serve query node_add_sql called from pf::node::node_add and we failed. Is the database running? (pf::db::db_query_execute) Jan 17 15:48:07 pfdhcplistener(27721) ERROR: Database issue: We tried 3 times to serve query node_add_sql called from pf::node::node_add and we failed. Is the database running? (pf::db::db_query_execute) Jan 17 17:35:59 pfdhcplistener(27722) ERROR: Database issue: We tried 3 times to serve query node_add_sql called from pf::node::node_add and we failed. Is the database running? (pf::db::db_query_execute) Jan 17 17:36:17 pfdhcplistener(27721) ERROR: Database issue: We tried 3 times to serve query node_add_sql called from pf::node::node_add and we failed. Is the database running? (pf::db::db_query_execute) I did not fine tune mysql database or modify default parameters Any hint what is going on or where can I start checking? Thank you and good weekend -- CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] 4.1 upgrade
Andrew, Thank you for let us know James James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 12/13/2013, 10:00 AM, Andrew Lukasiak wrote: Hi James, I just would like to confirm that snort is working fine now on Ubuntu as well. Thank you. Andrew On 13-12-13 09:47 AM, Palmer, Tim wrote: James, That seems to do the trick -- pfcmd, ps, httpd.admin and var/run all agree snort is running. So, just so I'm clear, at the moment getting snort to start and be noticed as started properly, there are currently two patches and one chmod required. Back to pacemaker... Thanks, Tim From: James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca Reply-To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Date: Thu, 12 Dec 2013 18:05:21 -0500 To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] 4.1 upgrade Tim, Yup you are right it was a permission issue. You can patch your install with the following. cd /usr/local/pf chmod g+ws var/run curl https://github.com/inverse-inc/packetfence/commit/1ec76da2ab76aeafcf55afe0d396dfc1ef57684a.diff pf2.diff patch -p1 pf2.diff ./bin/pfcmd service snort restart ./bin/pfcmd service httpd.admin restart After this everything should be good. Please let me know if everything is working. Thanks James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 12/12/2013, 3:57 PM, Palmer, Tim wrote: James, Excellent, sir Applied to two test centos 6.5 boxes -- one is a new install, the other is upgraded from 4.0.6 (which was upgraded from 4.0.5) Same results on both. Pfcmd service pf status, ps and ls var/run/snort* all agree snort is running Web interface sees it as stopped. Permissions/ownership? Ls -l /usr/local/pf/var/run/snort* -rw--- 1 root root 5 Dec 12 15:52 /usr/local/pf/var/run/snort_eth1.pid -rw--- 1 root root 0 Dec 12 15:52 /usr/local/pf/var/run/snort_eth1.pid.lck Thanks! tim From: James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca Reply-To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Date: Thu, 12 Dec 2013 15:09:50 -0500 To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] 4.1 upgrade Tim, There is a bug with snort suricata starting. You can patch your install with the following. cd /usr/local/pf curl https://github.com/inverse-inc/packetfence/compare/packetfence-4.1.0...9c080e486281472e366576fcba101563b876.diff pf.diff patch -p1 pf.diff James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 12/12/2013, 11:43 AM, Palmer, Tim wrote: James, Excellent Yes, I did see the note about memcached in the notes, and yes I forgot to remove from chkconfig. Solved [root@pf-test conf]# grep '^snort' /usr/local/pf/conf/pf.conf [root@pf-test conf]# So, nothing. tim From: James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca Reply-To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Date: Thu, 12 Dec 2013 11:34:09 -0500 To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] 4.1 upgrade Tim, Memcached should not be managed by the system any more. Do the following service memcached stop killall memcached #for good measure chkconfig --del memcached /usr/local/pf/bin/pfcmd service memcached start For the detection issue can you show me the following. grep '^snort' /usr/local/pf/conf/pf.conf Let me know if this helps. Thanks James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 12/12/2013, 11:09 AM, Palmer, Tim wrote: After getting past the Linux::FD issue, which I suspect is my own yum problem somehow, my upgrade seems to be in decent shape (yes, you really must run the db schema update if you want access to anything). However, having detect enable issues. * Snort was starting fine on 4.0.6_2 * Detection is enabled o [root@pf-test pf]# grep '^detect' conf/pf.conf o detection=enabled * An interface is set as monitor o grep '^type=mon' conf/pf.conf o type=monitor * Web interface Status:Services doesn't show snort at all * bin/pfcmd service pf status agrees o snort|0|0 So, apparently I have detection disabled, but I think I have it enabled. Hints? Also, memcached dies immediately. And apparently I don't
Re: [PacketFence-users] 4.1 upgrade
Tim, That is correct. However you could shorten that process with only one patch and one chmod after installing from the rpm. cd /usr/local/pf chmod g+ws var/run curl https://github.com/inverse-inc/packetfence/compare/packetfence-4.1.0...maintenance%2F4.1.0.diff pf.diff patch -p1 pf.diff This will get you the latest from the maintenance branch. I hope this helps. James James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 12/13/2013, 9:47 AM, Palmer, Tim wrote: James, That seems to do the trick -- pfcmd, ps, httpd.admin and var/run all agree snort is running. So, just so I'm clear, at the moment getting snort to start and be noticed as started properly, there are currently two patches and one chmod required. Back to pacemaker... Thanks, Tim From: James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca Reply-To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Date: Thu, 12 Dec 2013 18:05:21 -0500 To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] 4.1 upgrade Tim, Yup you are right it was a permission issue. You can patch your install with the following. cd /usr/local/pf chmod g+ws var/run curl https://github.com/inverse-inc/packetfence/commit/1ec76da2ab76aeafcf55afe0d396dfc1ef57684a.diff pf2.diff patch -p1 pf2.diff ./bin/pfcmd service snort restart ./bin/pfcmd service httpd.admin restart After this everything should be good. Please let me know if everything is working. Thanks James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 12/12/2013, 3:57 PM, Palmer, Tim wrote: James, Excellent, sir Applied to two test centos 6.5 boxes -- one is a new install, the other is upgraded from 4.0.6 (which was upgraded from 4.0.5) Same results on both. Pfcmd service pf status, ps and ls var/run/snort* all agree snort is running Web interface sees it as stopped. Permissions/ownership? Ls -l /usr/local/pf/var/run/snort* -rw--- 1 root root 5 Dec 12 15:52 /usr/local/pf/var/run/snort_eth1.pid -rw--- 1 root root 0 Dec 12 15:52 /usr/local/pf/var/run/snort_eth1.pid.lck Thanks! tim From: James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca Reply-To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Date: Thu, 12 Dec 2013 15:09:50 -0500 To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] 4.1 upgrade Tim, There is a bug with snort suricata starting. You can patch your install with the following. cd /usr/local/pf curl https://github.com/inverse-inc/packetfence/compare/packetfence-4.1.0...9c080e486281472e366576fcba101563b876.diff pf.diff patch -p1 pf.diff James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 12/12/2013, 11:43 AM, Palmer, Tim wrote: James, Excellent Yes, I did see the note about memcached in the notes, and yes I forgot to remove from chkconfig. Solved [root@pf-test conf]# grep '^snort' /usr/local/pf/conf/pf.conf [root@pf-test conf]# So, nothing. tim From: James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca Reply-To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Date: Thu, 12 Dec 2013 11:34:09 -0500 To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] 4.1 upgrade Tim, Memcached should not be managed by the system any more. Do the following service memcached stop killall memcached #for good measure chkconfig --del memcached /usr/local/pf/bin/pfcmd service memcached start For the detection issue can you show me the following. grep '^snort' /usr/local/pf/conf/pf.conf Let me know if this helps. Thanks James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 12/12/2013, 11:09 AM, Palmer, Tim wrote: After getting past the Linux::FD issue, which I suspect is my own yum problem somehow, my upgrade seems to be in decent shape (yes, you really must run the db schema update if you want access to anything). However, having detect enable issues. * Snort was starting fine on 4.0.6_2 * Detection is enabled o [root@pf-test pf]# grep '^detect' conf/pf.conf o detection=enabled * An interface is set as monitor o grep '^type=mon' conf/pf.conf o type=monitor * Web interface Status:Services doesn't show snort at all * bin/pfcmd service
Re: [PacketFence-users] SNMP Packet return NO_SUCH_INSTANCE_EXCEPTION
Patrick Remove the directory /usr/local/pf/var/session/ then try to login. James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 12/12/2013, 10:32 AM, Patrick Schadewitz wrote: Hi Fabrice, i now updated to 4.1 unfortunately which is a big issue i cant even login to the Admininterface anymore. I applied the patch you posted before. But now when i try to login with admin and my password it logs me in but then gives me the message Error: You don`t have the rights to perform this action. To explain i upgraded straight from 4.0.6-2 via apt-get to 4.1 and left my configs like they where. Should i run --reconfigure? Kind regards, Patrick Schadewitz Aprentice Qualified IT-Specialist for Systemintegration Vocational Training. - Sennheiser electronic GmbH Co. KG Am Labor 1 30900 Wedemark (Phone *email : : : +49 5130 600 9044 _patrick.schadewitz@sennheiser.com_ www.sennheiser.com Sennheiser electronic GmbH Co. KG · Sitz 30900 Wedemark, Amtsgericht Hannover HRA 120100 phG: Sennheiser Beteiligungs-GmbH · Sitz 30900 Wedemark, Amtsgericht Hannover HRB 120179 *Geschäftsführende Gesellschafter* Dr. sc. techn. Andreas Sennheiser, Daniel Sennheiser · *Vorsitzender des Aufsichtsrates *Prof. Dr. sc. techn. Jörg Sennheiser Diese E-Mail enthält vertrauliche oder rechtlich geschützte Informationen. Wenn Sie nicht der beabsichtigte Empfänger sind, informieren Sie bitte sofort den Absender und löschen Sie diese E-Mail. Das unbefugte Kopieren dieser E-Mail oder die unbefugte Weitergabe der enthaltenen Informationen ist nicht gestattet. The information contained in this message is confidential or protected by law. If you are not the intended recipient, please contact the sender and delete this message. Any unauthorized copying of this message or unauthorized distribution of the information contained herein is prohibited. -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] 4.1 upgrade
Tim, There is a bug with snort suricata starting. You can patch your install with the following. cd /usr/local/pf curl https://github.com/inverse-inc/packetfence/compare/packetfence-4.1.0...9c080e486281472e366576fcba101563b876.diff pf.diff patch -p1 pf.diff James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 12/12/2013, 11:43 AM, Palmer, Tim wrote: James, Excellent Yes, I did see the note about memcached in the notes, and yes I forgot to remove from chkconfig. Solved [root@pf-test conf]# grep '^snort' /usr/local/pf/conf/pf.conf [root@pf-test conf]# So, nothing. tim From: James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca Reply-To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Date: Thu, 12 Dec 2013 11:34:09 -0500 To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] 4.1 upgrade Tim, Memcached should not be managed by the system any more. Do the following service memcached stop killall memcached #for good measure chkconfig --del memcached /usr/local/pf/bin/pfcmd service memcached start For the detection issue can you show me the following. grep '^snort' /usr/local/pf/conf/pf.conf Let me know if this helps. Thanks James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 12/12/2013, 11:09 AM, Palmer, Tim wrote: After getting past the Linux::FD issue, which I suspect is my own yum problem somehow, my upgrade seems to be in decent shape (yes, you really must run the db schema update if you want access to anything). However, having detect enable issues. * Snort was starting fine on 4.0.6_2 * Detection is enabled o [root@pf-test pf]# grep '^detect' conf/pf.conf o detection=enabled * An interface is set as monitor o grep '^type=mon' conf/pf.conf o type=monitor * Web interface Status:Services doesn't show snort at all * bin/pfcmd service pf status agrees o snort|0|0 So, apparently I have detection disabled, but I think I have it enabled. Hints? Also, memcached dies immediately. And apparently I don't understand changes in the portal profiles, as none of my Internal Users Sources aren't being checked. I still have more to check before worrying too much about this. A fine day to you, Tim -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/packetfence-users -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net mailto:PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu
Re: [PacketFence-users] 4.1 upgrade
Tim, Yup you are right it was a permission issue. You can patch your install with the following. cd /usr/local/pf chmod g+ws var/run curl https://github.com/inverse-inc/packetfence/commit/1ec76da2ab76aeafcf55afe0d396dfc1ef57684a.diff pf2.diff patch -p1 pf2.diff ./bin/pfcmd service snort restart ./bin/pfcmd service httpd.admin restart After this everything should be good. Please let me know if everything is working. Thanks James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 12/12/2013, 3:57 PM, Palmer, Tim wrote: James, Excellent, sir Applied to two test centos 6.5 boxes -- one is a new install, the other is upgraded from 4.0.6 (which was upgraded from 4.0.5) Same results on both. Pfcmd service pf status, ps and ls var/run/snort* all agree snort is running Web interface sees it as stopped. Permissions/ownership? Ls -l /usr/local/pf/var/run/snort* -rw--- 1 root root 5 Dec 12 15:52 /usr/local/pf/var/run/snort_eth1.pid -rw--- 1 root root 0 Dec 12 15:52 /usr/local/pf/var/run/snort_eth1.pid.lck Thanks! tim From: James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca Reply-To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Date: Thu, 12 Dec 2013 15:09:50 -0500 To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] 4.1 upgrade Tim, There is a bug with snort suricata starting. You can patch your install with the following. cd /usr/local/pf curl https://github.com/inverse-inc/packetfence/compare/packetfence-4.1.0...9c080e486281472e366576fcba101563b876.diff pf.diff patch -p1 pf.diff James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 12/12/2013, 11:43 AM, Palmer, Tim wrote: James, Excellent Yes, I did see the note about memcached in the notes, and yes I forgot to remove from chkconfig. Solved [root@pf-test conf]# grep '^snort' /usr/local/pf/conf/pf.conf [root@pf-test conf]# So, nothing. tim From: James Rouzier jrouz...@inverse.ca mailto:jrouz...@inverse.ca Reply-To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Date: Thu, 12 Dec 2013 11:34:09 -0500 To: packetfence-users@lists.sourceforge.net mailto:packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] 4.1 upgrade Tim, Memcached should not be managed by the system any more. Do the following service memcached stop killall memcached #for good measure chkconfig --del memcached /usr/local/pf/bin/pfcmd service memcached start For the detection issue can you show me the following. grep '^snort' /usr/local/pf/conf/pf.conf Let me know if this helps. Thanks James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 ::http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 12/12/2013, 11:09 AM, Palmer, Tim wrote: After getting past the Linux::FD issue, which I suspect is my own yum problem somehow, my upgrade seems to be in decent shape (yes, you really must run the db schema update if you want access to anything). However, having detect enable issues. * Snort was starting fine on 4.0.6_2 * Detection is enabled o [root@pf-test pf]# grep '^detect' conf/pf.conf o detection=enabled * An interface is set as monitor o grep '^type=mon' conf/pf.conf o type=monitor * Web interface Status:Services doesn't show snort at all * bin/pfcmd service pf status agrees o snort|0|0 So, apparently I have detection disabled, but I think I have it enabled. Hints? Also, memcached dies immediately. And apparently I don't understand changes in the portal profiles, as none of my Internal Users Sources aren't being checked. I still have more to check before worrying too much about this. A fine day to you, Tim -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/packetfence-users -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects
Re: [PacketFence-users] Unable to add rules in sources and other
Babelo, Sorry here a patch that would work against 4.0.6-2 James === diff --git a/lib/pf/authentication.pm b/lib/pf/authentication.pm index e96441f..895e2fc 100644 --- a/lib/pf/authentication.pm +++ b/lib/pf/authentication.pm @@ -207,15 +207,14 @@ sub readAuthenticationConfigFile { push(@authentication_sources, $current_source); $authentication_lookup{$source_id} = $current_source; } - $config-cache-set(authentication_lookup,\%authentication_lookup); $config-cache-set(authentication_sources,\@authentication_sources); update_profiles_guest_modes($cached_profiles_config,update_profiles_guest_modes); }], -oncachereload = [ on_cache_authentication_reload = sub { my ($config, $name) = @_; -%authentication_lookup = %{$config-fromCacheUntainted(authentication_lookup)}; @authentication_sources = @{$config-fromCacheUntainted(authentication_sources)}; +%authentication_lookup = map { $_-id = $_ } @authentication_sources; }, ] ); === James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2013-10-03 6:01 PM, Babelo Gmvsdm wrote: Just to be sure, to apply the patch I do: patch -b /usr/local/pf/lib/authentication.pm -i /home/PFAdmin/Documents/f0660655caeb720bc22c9dd88b8aadbc8910.diff Because this way i have this error: Hunk #1 FAILED at 210. 1 out of 1 hunk FAILED -- saving rejects to file authentication.pm.rej This what I have in /usr/local/pf/lib/authentication.pm.rej: --- authentication.pm +++ authentication.pm @@ -210,17 +210,15 @@ push(@authentication_sources, $current_source); $authentication_lookup{$source_id} = $current_source; } - $config-cache-set(authentication_lookup,\%authentication_lookup); $config-cache-set(authentication_sources,\@authentication_sources); }], -oncachereload = [ on_cache_authentication_reload = sub { my ($config, $name) = @_; -my $authentication_lookup_ref = $config-fromCacheUntainted(authentication_lookup); my $authentication_sources_ref = $config-fromCacheUntainted(authentication_sources); -if( all_defined($authentication_sources_ref, $authentication_lookup_ref)) { -%authentication_lookup = %$authentication_lookup_ref; +if( defined($authentication_sources_ref) ) { @authentication_sources = @$authentication_sources_ref; +%authentication_lookup = map { $_-id = $_ } @authentication_sources; } else { $config-doCallbacks(1,0); } Thx by advance -- October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register http://pubads.g.doubleclick.net/gampad/clk?id=60134791iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users diff --git a/lib/pf/authentication.pm b/lib/pf/authentication.pm index e96441f..895e2fc 100644 --- a/lib/pf/authentication.pm +++ b/lib/pf/authentication.pm @@ -207,15 +207,14 @@ sub readAuthenticationConfigFile { push(@authentication_sources, $current_source); $authentication_lookup{$source_id} = $current_source; } - $config-cache-set(authentication_lookup,\%authentication_lookup); $config-cache-set(authentication_sources,\@authentication_sources); update_profiles_guest_modes($cached_profiles_config,update_profiles_guest_modes); }], -oncachereload = [ on_cache_authentication_reload = sub { my ($config, $name) = @_; -%authentication_lookup = %{$config-fromCacheUntainted(authentication_lookup)}; @authentication_sources = @{$config-fromCacheUntainted(authentication_sources)}; +%authentication_lookup = map { $_-id = $_ } @authentication_sources; }, ] ); -- October Webinars: Code for Performance Free Intel
Re: [PacketFence-users] Errors in packetfence.log about mac address
From the log It looks like this is happening when making a change in the web gui. Do you remember what was going on when these errors happen? James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2013-09-12 8:02 AM, Alberto Losada wrote: Hi all, I am seeing this kind of error from time to time which makes packetfence not able to set the correct vlan of an already registered device into the switch: Sep 12 13:02:43 httpd.admin(0) INFO: Username was NOT defined or unable to match a role - returning node based role 'it' (pf::vlan::getNormalVlan) Sep 12 13:02:43 httpd.admin(0) INFO: MAC: 08:9e:01:32:7c:1d, PID: admin, Status: reg. Returned VLAN: 99 (pf::vlan::fetchVlanForNode) Sep 12 13:02:43 httpd.admin(0) INFO: VLAN reassignment required for 08:9e:01:32:7c:1d (current VLAN = 10 but should be in VLAN 99) (pf::enforcement::_should_we_reassign_vlan) Sep 12 13:02:43 httpd.admin(0) INFO: switch port for 08:9e:01:32:7c:1d is 192.168.0.254 ifIndex 10114 connection type: Wired SNMP (pf::enforcement::_vlan_reevaluation) Sep 12 13:02:43 httpd.admin(0) ERROR: Use of uninitialized value $mac in pattern match (m//) at /usr/local/pf/lib/pf/util.pm line 217. (pfappserver::__ANON__) Sep 12 13:02:43 httpd.admin(0) ERROR: Use of uninitialized value $mac in pattern match (m//) at /usr/local/pf/lib/pf/util.pm line 217. (pfappserver::__ANON__) Sep 12 13:02:43 httpd.admin(0) ERROR: Use of uninitialized value $mac in pattern match (m//) at /usr/local/pf/lib/pf/util.pm line 217. (pfappserver::__ANON__) Sep 12 13:02:43 httpd.admin(0) ERROR: Use of uninitialized value $mac in concatenation (.) or string at /usr/local/pf/lib/pf/util.pm line 221. (pfappserver::__ANON__) Sep 12 13:02:43 httpd.admin(0) ERROR: invalid MAC: (pf::util::valid_mac) Perl code shows: $mac = clean_mac($mac); if ( $mac =~ /^ff:ff:ff:ff:ff:ff$/ || $mac =~ /^00:00:00:00:00:00$/ || $mac !~ /^([0-9a-f]{2}(:|$)){6}$/i ) { $logger-error(invalid MAC: $mac); Don't know why mac 08:9e:01:32:7c:1d is invalid any clue? Using last version of packetfence. -- How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=5127iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=5127iu=/4140/ostg.clktrk___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] 4.0.2 to 4.0.6, 802.1x error
Try this patch https://github.com/inverse-inc/packetfence/commit/92e9339121f16d7b6d328f149fcb4b4c07944d73 James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2013-09-10 8:29 AM, Tim DeNike wrote: RADIUS is authenticating fine, but the WebAPI no like... Sep 10 08:26:38 pf::WebAPI(29881) INFO: handling radius autz request: from switch_ip = 1.2.3.4, connection_type = Wireless-802.11-EAP mac = c8:6f:1d:40:96:6e, port = 4097, username = tim.denike (pf::radius::authorize) Sep 10 08:26:38 pf::WebAPI(29881) INFO: autoregister a node that is already registered, do nothing. (pf::node::node_register) Sep 10 08:26:38 pf::WebAPI(29881) INFO: Found a match (CN=Tim DeNike,ETC ETC ETC) (pf::Authentication::Source::LDAPSource::match_in_subclass) Sep 10 08:26:38 pf::WebAPI(29881) INFO: Matched rule (W_Netshare) in source Employee, returning actions. (pf::Authentication::Source::match) Sep 10 08:26:38 pf::WebAPI(29881) ERROR: radius authorize failed with error: panic: attempt to copy freed scalar 7f1471d513d8 to 7f1470e25ac8 at /usr/local/pf/lib/pf/authentication.pm line 498. (PFAPI::radius_authorize) (main::__ANON__) (main::__ANON__) -- How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=5127iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- How ServiceNow helps IT people transform IT departments: 1. Consolidate legacy IT systems to a single system of record for IT 2. Standardize and globalize service processes across IT 3. Implement zero-touch automation to replace manual, redundant tasks http://pubads.g.doubleclick.net/gampad/clk?id=5127iu=/4140/ostg.clktrk___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Issues with 4.0.5-2.20130819
Don it looks like you have some misconfiguration. Can you please verify that all sources that are defined in your conf/profiles.conf are defined in your conf/authentication.conf I will also make a patch that would catch this misconfiguration. Thank you for your feedback. James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2013-08-20 9:21 AM, Don Greer wrote: James, Still have #6, even after reboot. Can you tell me what config file may be causing this? I've done a reboot to make certain that memcahced was restarted (it actually wasn't running). Don 6. Can't call method match on an undefined value at /usr/local/pf/lib/pf/authentication.pm line 508. - Last time this was because I'd removed the SMS source. That's not the case this time. I don't have time to run this to ground, so reverting back. From: James Rouzier [mailto:jrouz...@inverse.ca] Sent: Monday, August 19, 2013 12:20 PM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Issues with 4.0.5-2.20130819 Don, Thank you for your feedback. For issue 1,3,4,5,6 was cause one or both of the following This is because you overwrote some the default configurations with an older versions conf/documentation.conf. Not restarting memcached before reinstall (this should be fixed in next release) For issue 2 Thank you for this one I fixed. James Rouzier jrouz...@inverse.camailto:jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2013-08-19 11:43 AM, Don Greer wrote: 1. trapping.proxy_passthroughs undefined in documentation.conf - Created a dummy entry. 2.pf::WebAPI(13437) FATAL: radius authorize failed with error: Can't call method first without a package or object reference at /usr/local/pf/lib/pf/radius.pm line 236. (PFAPI::radius_authorize) - Added use List::Util qw(first); at the beginning of the file. 3. Use of uninitialized value in split at /usr/local/pf/lib/pf/pfcmd/checkup.pm line 570. - 4. Can't locate object method new via package Apache::SSLLookup (perhaps you forgot to load Apache::SSLLookup?) at /usr/local/pf/lib/pf/web/dispatcher.pm line 45.\n - Added PerlModule Apache::SSLLookup to ./conf/httpd.conf/httpd.portal. 5. Use of uninitialized value in subroutine entry at /usr/local/pf/lib/pf/web/dispatcher.pm line 68. - Not sure where the problem is... 6. Can't call method match on an undefined value at /usr/local/pf/lib/pf/authentication.pm line 508. - Last time this was because I'd removed the SMS source. That's not the case this time. I don't have time to run this to ground, so reverting back. Can somebody PLEASE tell me if this is all just me? Don -- Introducing Performance Central, a new site from SourceForge and AppDynamics. Performance Central is your source for news, insights, analysis and resources for efficient Application Performance Management. Visit us today! http://pubads.g.doubleclick.net/gampad/clk?id=48897511iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.netmailto:PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Introducing Performance Central, a new site from SourceForge and AppDynamics. Performance Central is your source for news, insights, analysis and resources for efficient Application Performance Management. Visit us today! http://pubads.g.doubleclick.net/gampad/clk?id=48897511iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Introducing Performance Central, a new site from SourceForge and AppDynamics. Performance Central is your source for news, insights, analysis and resources for efficient Application Performance Management. Visit us today! http://pubads.g.doubleclick.net/gampad/clk?id=48897511iu=/4140/ostg.clktrk___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Issues with 4.0.5-2.20130819
Don, Thank you for your feedback. For issue 1,3,4,5,6 was cause one or both of the following This is because you overwrote some the default configurations with an older versions conf/documentation.conf. Not restarting memcached before reinstall (this should be fixed in next release) For issue 2 Thank you for this one I fixed. James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2013-08-19 11:43 AM, Don Greer wrote: 1. trapping.proxy_passthroughs undefined in documentation.conf - Created a dummy entry. 2.pf::WebAPI(13437) FATAL: radius authorize failed with error: Can't call method first without a package or object reference at /usr/local/pf/lib/pf/radius.pm line 236. (PFAPI::radius_authorize) - Added use List::Util qw(first); at the beginning of the file. 3. Use of uninitialized value in split at /usr/local/pf/lib/pf/pfcmd/checkup.pm line 570. - 4. Can't locate object method new via package Apache::SSLLookup (perhaps you forgot to load Apache::SSLLookup?) at /usr/local/pf/lib/pf/web/dispatcher.pm line 45.\n - Added PerlModule Apache::SSLLookup to ./conf/httpd.conf/httpd.portal. 5. Use of uninitialized value in subroutine entry at /usr/local/pf/lib/pf/web/dispatcher.pm line 68. - Not sure where the problem is... 6. Can't call method match on an undefined value at /usr/local/pf/lib/pf/authentication.pm line 508. - Last time this was because I'd removed the SMS source. That's not the case this time. I don't have time to run this to ground, so reverting back. Can somebody PLEASE tell me if this is all just me? Don -- Introducing Performance Central, a new site from SourceForge and AppDynamics. Performance Central is your source for news, insights, analysis and resources for efficient Application Performance Management. Visit us today! http://pubads.g.doubleclick.net/gampad/clk?id=48897511iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Introducing Performance Central, a new site from SourceForge and AppDynamics. Performance Central is your source for news, insights, analysis and resources for efficient Application Performance Management. Visit us today! http://pubads.g.doubleclick.net/gampad/clk?id=48897511iu=/4140/ostg.clktrk___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Issues with 4.0.5-2.20130819
Don, Then you were most likely having an issue with memcached. Configuration files are stored in the caching system. If the timestamp of the new config are older than old config then this will cause an issues. This will be fixed soon but in the mean time please restart memcached after installing packetfence from an rpm. James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2013-08-19 4:16 PM, Don Greer wrote: James, Took a tip-toe through the .spec file. If I understand this correctly, I should be getting the new documentation.conf, and the old one (if it was modified from the original), should be documentation.conf.rpmsave. I'm not getting that. I should also be getting a log.conf.rpmnew, networks.conf.rpmnew but neither of these are being created either. I'll see if I can figure out why I'm not getting these files, as having them in the conf directory would have gone a long way to cluing me in that I'd missed some stuff :^). Don -- Introducing Performance Central, a new site from SourceForge and AppDynamics. Performance Central is your source for news, insights, analysis and resources for efficient Application Performance Management. Visit us today! http://pubads.g.doubleclick.net/gampad/clk?id=48897511iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Introducing Performance Central, a new site from SourceForge and AppDynamics. Performance Central is your source for news, insights, analysis and resources for efficient Application Performance Management. Visit us today! http://pubads.g.doubleclick.net/gampad/clk?id=48897511iu=/4140/ostg.clktrk___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] captive portal local user authentication web.pm error
This is fixed in the next patch release. Which is coming out today. James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2013-08-12 8:09 AM, Johannes Lavre wrote: After upgrading to 4.0.5 when local users authenticate they get a software error from the captive portal page. SOFTWARE ERROR: Can`t use string (1) as an ARRAY ref while strict refs in use at /usr/local/pf/lib/web.pm line 582. [Beskrivelse: Beskrivelse: cid:image002.png@01CCB97E.2ECCE6E0] Vennlig hilsen Johannes Lavre IKT-Fagarbeider Horten Videregående skole Direkte: 93 43 75 05 Jobb: 33 07 90 57 Sentralbord: 33 07 90 00 www.vfk.nohttp://www.vfk.no/ Facebookhttp://www.facebook.com/#!/pages/Vestfold-fylkeskommune/136880609677063 Twitterhttps://twitter.com/#!/vestfoldfylke -- Get 100% visibility into Java/.NET code with AppDynamics Lite! It's a free troubleshooting tool designed for production. Get down to code-level detail for bottlenecks, with 2% overhead. Download for free and get started troubleshooting in minutes. http://pubads.g.doubleclick.net/gampad/clk?id=48897031iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Get 100% visibility into Java/.NET code with AppDynamics Lite! It's a free troubleshooting tool designed for production. Get down to code-level detail for bottlenecks, with 2% overhead. Download for free and get started troubleshooting in minutes. http://pubads.g.doubleclick.net/gampad/clk?id=48897031iu=/4140/ostg.clktrk___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] PF gone crazy
This is fixed in the next patch release. Which is coming out today. James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2013-08-12 11:42 AM, Sallee, Stephen (Jake) wrote: ***UPDATE*** Ok, so apparently 4.0.5 also did not like the register button on the normal captive portal page. When anyone clicked the register button my users were getting: Can't use string (2) as an ARRAY ref while strict refs is in use at /usr/local/pf/lib/pf/web.pm line 582. After that I had to roll back to ver 4.0.4-2 and the captive portal works again. I just went into full production on Friday ... I think I'll stick with 4.0.4.-2 for a bit : ) Now I am off to test SMS reg again to make sure it is working. BRB Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From: Sallee, Stephen (Jake) [jake.sal...@umhb.edu] Sent: Monday, August 12, 2013 10:21 AM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] PF gone crazy ***UPDATE*** Loius: You are correct, there is an extra i in the method name! I found the following in the change log: ./ChangeLog:1781:Added function getIfIndexiByNasPortId in MockedSwitch.pm to pass test And in the file: /usr/local/pf/lib/pf/SNMP/MockedSwitch.pm Line 2862 There is: sub getIfIndexByNasPortId { my ($this ) = @_; return $FALSE; } So, the i is a typo for sure. My fix works for now. I will try to fix the typo and try again in about an hour and a half. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From: Sallee, Stephen (Jake) [jake.sal...@umhb.edu] Sent: Monday, August 12, 2013 10:08 AM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] PF gone crazy First: thank you for the rapid responses! I looked at the method that is failing: my $ssid; $port = $switch-getIfIndexiByNasPortId($nas_port_id) || $this-_translateNasPortToIfIndex($connection_type, $switch, $port); if (($connection_type $WIRELESS) == $WIRELESS) { $ssid = $switch-extractSsid($radius_request); $logger-debug(SSID resolved to: $ssid) if (defined($ssid)); } I did a search on the failing method and could not find it in ANY of the modules I am using (Xirrus, Cisco 2960, Cisco WLC 5500). I modified it to be the following: my $ssid; #$port = $switch-getIfIndexiByNasPortId($nas_port_id) || $this-_translateNasPortToIfIndex($connection_type, $switch, $port); $port = $this-_translateNasPortToIfIndex($connection_type, $switch, $port); if (($connection_type $WIRELESS) == $WIRELESS) { $ssid = $switch-extractSsid($radius_request); $logger-debug(SSID resolved to: $ssid) if (defined($ssid)); } After a pf service restart my clients are able to get back on. Now for a post mortem to figure out what the heck happened. I very much appreciate the responsiveness of Inverse and the community. Any insights you can offer to this are most welcome. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From: Louis Munro [lmu...@inverse.ca] Sent: Monday, August 12, 2013 9:55 AM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] PF gone crazy Hi Jake, That method (or lack thereof) will be in the module for the switch, AP or controller you are using. Which one are we talking about? Regards, -- Louis Munro lmu...@inverse.camailto:lmu...@inverse.ca :: www.inverse.cahttp://www.inverse.ca +1.514.447.4918 *125 :: +1 (866) 353-6153 Inverse inc. :: Leaders behind SOGo (www.sogo.nuhttp://www.sogo.nu) and PacketFence (www.packetfence.orghttp://www.packetfence.org) On 2013-08-12, at 10:46 , Sallee, Stephen (Jake) jake.sal...@umhb.edumailto:jake.sal...@umhb.edu wrote: Need immediate assistance please! Apparently the upgrade to v4.0.5 borked something bec now my log is full of this: FATAL: radius authorize failed with error: Can't locate object method getIfIndexiByNasPortId And NONE of my users can get access to the network. I have checked the file /usr/local/pf/lib/pf/radius.pm and it looks the same in 4.0.4-2 and 4.0.5 ... any help is greatly appreciated! Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 -- Get 100% visibility into Java/.NET
Re: [PacketFence-users] SMS registration error
This is fixed in the next patch release. Which is coming out today. James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2013-08-12 10:17 AM, Sallee, Stephen (Jake) wrote: PFv 4.0.5 CentOS 6.4 When a user completes the guest register form using SMS registration they get the following error page, and the node does not get registered nor do they receive the SMS message: Software Error: Not a HASH reference at /usr/local/pf/lib/pf/web/guest.pm line 189. I do not have email guest access enabled so I do not know if this error happens with it or not. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 -- Get 100% visibility into Java/.NET code with AppDynamics Lite! It's a free troubleshooting tool designed for production. Get down to code-level detail for bottlenecks, with 2% overhead. Download for free and get started troubleshooting in minutes. http://pubads.g.doubleclick.net/gampad/clk?id=48897031iu=/4140/ostg.clktrk ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Get 100% visibility into Java/.NET code with AppDynamics Lite! It's a free troubleshooting tool designed for production. Get down to code-level detail for bottlenecks, with 2% overhead. Download for free and get started troubleshooting in minutes. http://pubads.g.doubleclick.net/gampad/clk?id=48897031iu=/4140/ostg.clktrk___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users