Re: [PacketFence-users] Nodes not showing IP addresses

2021-10-12 Thread David Moore via PacketFence-users 
Thanks Enrique, I tried what is mentioned in the third URL you provided but I 
don't have a sysconfig folder in /etc

Dave


From: Enrique Gross 
Sent: Monday, October 11, 2021 9:09 PM
To: David Moore ; 
packetfence-users@lists.sourceforge.net 

Subject: Re: [PacketFence-users] Nodes not showing IP addresses

Hi Dave

Have a look at

https://www.packetfence.org/doc/PacketFence_Installation_Guide.html#_advanced_network_topics

I think  Ludovic advice is a good option

https://www.packetfence.org/doc/PacketFence_Installation_Guide.html#_dhcp_remote_sensor

You could have a PF interface vlan set up on your prod networks, here

https://www.packetfence.org/doc/PacketFence_Installation_Guide.html#_interface_in_every_vlan

Enrique

El vie, 8 oct 2021 a las 12:30, David Moore () escribió:
>
> Hi Enrique,
> Is it possible to use packetfence as the dhcp server for all of my 
> networks, or is it limited to the networks internal to PF like registration 
> and isolation?
>
> Thanks
> Dave
>
> 
> From: Enrique Gross 
> Sent: Wednesday, October 6, 2021 6:27 PM
> To: David Moore 
> Cc: packetfence-users@lists.sourceforge.net 
> 
> Subject: Re: [PacketFence-users] Nodes not showing IP addresses
>
>
> Hi Dave,
>
>
>
> You can try to add a DHCP relay for one of your prod networks on your 
> firewalla router pointing to the management IP address of PF, where DHCP 
> listener is running, PF won't be the DHCP server for that network but will 
> receive DHCP requests
>
>
>
> I'm testing with Mikrotik devices, on production vlans where mikrotik router 
> is DHCP server, configuring DHCP relay informs PF of new devices IP addresses
>
>
>
> Enrique.
>
>
> El mié, 6 oct 2021 a las 17:16, David Moore () 
> escribió:
>
> Hi Enrique,
> I'm using ubiquiti unifi switches and access points but the router is 
> a firewalla gold, which also the dhcp server. I'm not sure where to include 
> the ip helpers? Should the PF management interface have the DHCP listener 
> daemon turned on?
>
> Thanks
> Dave
>
> 
> From: Enrique Gross via PacketFence-users 
> 
> Sent: Wednesday, October 6, 2021 9:40 AM
> To: packetfence-users@lists.sourceforge.net 
> 
> Cc: Enrique Gross 
> Subject: Re: [PacketFence-users] Nodes not showing IP addresses
>
> Hi Dave, hope you're doing well
>
> Are you using ip helpers on those production vlans? look at the docs
> for "27.2. Production DHCP access"
>
> Enrique
>
>
> El mié, 6 oct 2021 a las 2:33, David Moore via PacketFence-users
> () escribió:
> >
> > I'm running the latest version of Packetfence ZEN. I have pretty much 
> > everything working the way I want but a few things. I'm going to seek 
> > assistance one issue at a time.
> > Currently I am unable to get the IP address to show up for registered 
> > online devices. I tried adding vlans in packetfence for the production 
> > vlans I wish to see IPs for, I set the interface to other and listening 
> > daemon dhcplistener is on but no IP info shows up. When I tried to assign 
> > an IP address to the vlans I want to the packetfence network intergaces 
> > disappear and I have to go to the CLI to remove the vlans I added.
> >
> > I only have one virtual NIC assigned to PF, the management interface gets a 
> > reserved dhcp IP address from my firewalla router. I have a vlan for 
> > registration and a vlan for isolation managed by PF, my production 
> > environment has 4 more vlans managed by production dhcp (firewalla).
> >
> > Authenticated users for the various production vlans all get the correct IP 
> > address
> >
> > Any help would be greatly appreciated
> >
> > Thanks
> > Dave
> > ___
> > PacketFence-users mailing list
> > PacketFence-users@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
>
> --
>
>
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
>
> --
>
>


--
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Nodes not showing IP addresses

2021-10-15 Thread David Moore via PacketFence-users 
Thanks for all the help, it's working now.

In case anyone else has the same problem with Packetfence ZEN running in VMWare 
ESXi

-I'm running ESXi 7 on a supermicro server
-Installed packetfence zen
-Only one virtual nic is assigned to PF
-My issue was not being able to see the IP addresses of my nodes in PF
-The problem was not PF, the problem was the port group assigned to the PF 
server in ESXi was set to VLAN 0, which turns off vlan tagging, I changed the 
setting to 4095 which turns vlan tagging on.
-In PF I created VLANs for each of my production VLANs, assigned each of them 
an IP in their respective network and set the correct subnet mask, set the Type 
to "DHCP Listener" I left the additional listening daemon field blank since the 
Type is already set to "DHCP Listener"

I can now see the IPs of my nodes in PF


From: Enrique Gross 
Sent: Tuesday, October 12, 2021 7:36 PM
To: David Moore 
Cc: packetfence-users@lists.sourceforge.net 
; egr...@jcc.com.ar 
Subject: Re: [PacketFence-users] Nodes not showing IP addresses

Dave

Hi, you could try to add vlan interfaces from the GUI, assign IP from the 
appropriate IP segment, and configure your switch port as a trunk with all the 
vlans you want PF to run dhcp-listener daemon.

Have a nice day,

Enrique

El mar, 12 oct 2021 a las 12:28, David Moore 
(mailto:dave.mo...@outlook.com>>) escribió:
Thanks Enrique, I tried what is mentioned in the third URL you provided but I 
don't have a sysconfig folder in /etc

Dave


From: Enrique Gross 
mailto:egr...@jcc-advance.com.ar>>
Sent: Monday, October 11, 2021 9:09 PM
To: David Moore mailto:dave.mo...@outlook.com>>; 
packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>
 
mailto:packetfence-users@lists.sourceforge.net>>
Subject: Re: [PacketFence-users] Nodes not showing IP addresses

Hi Dave

Have a look at

https://www.packetfence.org/doc/PacketFence_Installation_Guide.html#_advanced_network_topics

I think  Ludovic advice is a good option

https://www.packetfence.org/doc/PacketFence_Installation_Guide.html#_dhcp_remote_sensor

You could have a PF interface vlan set up on your prod networks, here

https://www.packetfence.org/doc/PacketFence_Installation_Guide.html#_interface_in_every_vlan

Enrique

El vie, 8 oct 2021 a las 12:30, David Moore 
(mailto:dave.mo...@outlook.com>>) escribió:
>
> Hi Enrique,
> Is it possible to use packetfence as the dhcp server for all of my 
> networks, or is it limited to the networks internal to PF like registration 
> and isolation?
>
> Thanks
> Dave
>
> 
> From: Enrique Gross 
> mailto:egr...@jcc-advance.com.ar>>
> Sent: Wednesday, October 6, 2021 6:27 PM
> To: David Moore mailto:dave.mo...@outlook.com>>
> Cc: 
> packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>
>  
> mailto:packetfence-users@lists.sourceforge.net>>
> Subject: Re: [PacketFence-users] Nodes not showing IP addresses
>
>
> Hi Dave,
>
>
>
> You can try to add a DHCP relay for one of your prod networks on your 
> firewalla router pointing to the management IP address of PF, where DHCP 
> listener is running, PF won't be the DHCP server for that network but will 
> receive DHCP requests
>
>
>
> I'm testing with Mikrotik devices, on production vlans where mikrotik router 
> is DHCP server, configuring DHCP relay informs PF of new devices IP addresses
>
>
>
> Enrique.
>
>
> El mié, 6 oct 2021 a las 17:16, David Moore 
> (mailto:dave.mo...@outlook.com>>) escribió:
>
> Hi Enrique,
> I'm using ubiquiti unifi switches and access points but the router is 
> a firewalla gold, which also the dhcp server. I'm not sure where to include 
> the ip helpers? Should the PF management interface have the DHCP listener 
> daemon turned on?
>
> Thanks
> Dave
>
> 
> From: Enrique Gross via PacketFence-users 
> mailto:packetfence-users@lists.sourceforge.net>>
> Sent: Wednesday, October 6, 2021 9:40 AM
> To: 
> packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>
>  
> mailto:packetfence-users@lists.sourceforge.net>>
> Cc: Enrique Gross 
> mailto:egr...@jcc-advance.com.ar>>
> Subject: Re: [PacketFence-users] Nodes not showing IP addresses
>
> Hi Dave, hope you're doing well
>
> Are you using ip helpers on those production vlans? look at the docs
> for "27.2. Production DHCP access"
>
> Enrique
>
>
> El mié, 6 oct 2021 a las 2:33, David Moore via PacketFence-users
> (mailto:packetfence-users@lists.sourceforge.net>>)
>  escribió:
> >
> &g

Re: [PacketFence-users] Nodes not showing IP addresses

2021-10-06 Thread David Moore via PacketFence-users 
Hi Enrique,
I'm using ubiquiti unifi switches and access points but the router is a 
firewalla gold, which also the dhcp server. I'm not sure where to include the 
ip helpers? Should the PF management interface have the DHCP listener daemon 
turned on?

Thanks
Dave


From: Enrique Gross via PacketFence-users 

Sent: Wednesday, October 6, 2021 9:40 AM
To: packetfence-users@lists.sourceforge.net 

Cc: Enrique Gross 
Subject: Re: [PacketFence-users] Nodes not showing IP addresses

Hi Dave, hope you're doing well

Are you using ip helpers on those production vlans? look at the docs
for "27.2. Production DHCP access"

Enrique


El mié, 6 oct 2021 a las 2:33, David Moore via PacketFence-users
() escribió:
>
> I'm running the latest version of Packetfence ZEN. I have pretty much 
> everything working the way I want but a few things. I'm going to seek 
> assistance one issue at a time.
> Currently I am unable to get the IP address to show up for registered online 
> devices. I tried adding vlans in packetfence for the production vlans I wish 
> to see IPs for, I set the interface to other and listening daemon 
> dhcplistener is on but no IP info shows up. When I tried to assign an IP 
> address to the vlans I want to the packetfence network intergaces disappear 
> and I have to go to the CLI to remove the vlans I added.
>
> I only have one virtual NIC assigned to PF, the management interface gets a 
> reserved dhcp IP address from my firewalla router. I have a vlan for 
> registration and a vlan for isolation managed by PF, my production 
> environment has 4 more vlans managed by production dhcp (firewalla).
>
> Authenticated users for the various production vlans all get the correct IP 
> address
>
> Any help would be greatly appreciated
>
> Thanks
> Dave
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users



--


___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Nodes not showing IP addresses

2021-10-06 Thread David Moore via PacketFence-users 
Thanks for helping Enrique, I think part of my problem is that the firewalla 
does not have a way to configure dhcp relay. Firewalla runs on Ubuntu and I 
have cli access but not sure what needs configured through cli to set up dhcp 
relay

Get Outlook for Android<https://aka.ms/AAb9ysg>

From: Enrique Gross 
Sent: Wednesday, October 6, 2021 6:27:04 PM
To: David Moore 
Cc: packetfence-users@lists.sourceforge.net 

Subject: Re: [PacketFence-users] Nodes not showing IP addresses


Hi Dave,



You can try to add a DHCP relay for one of your prod networks on your firewalla 
router pointing to the management IP address of PF, where DHCP listener is 
running, PF won't be the DHCP server for that network but will receive DHCP 
requests



I'm testing with Mikrotik devices, on production vlans where mikrotik router is 
DHCP server, configuring DHCP relay informs PF of new devices IP addresses



Enrique.

El mié, 6 oct 2021 a las 17:16, David Moore 
(mailto:dave.mo...@outlook.com>>) escribió:
Hi Enrique,
I'm using ubiquiti unifi switches and access points but the router is a 
firewalla gold, which also the dhcp server. I'm not sure where to include the 
ip helpers? Should the PF management interface have the DHCP listener daemon 
turned on?

Thanks
Dave


From: Enrique Gross via PacketFence-users 
mailto:packetfence-users@lists.sourceforge.net>>
Sent: Wednesday, October 6, 2021 9:40 AM
To: 
packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>
 
mailto:packetfence-users@lists.sourceforge.net>>
Cc: Enrique Gross mailto:egr...@jcc-advance.com.ar>>
Subject: Re: [PacketFence-users] Nodes not showing IP addresses

Hi Dave, hope you're doing well

Are you using ip helpers on those production vlans? look at the docs
for "27.2. Production DHCP access"

Enrique


El mié, 6 oct 2021 a las 2:33, David Moore via PacketFence-users
(mailto:packetfence-users@lists.sourceforge.net>>)
 escribió:
>
> I'm running the latest version of Packetfence ZEN. I have pretty much 
> everything working the way I want but a few things. I'm going to seek 
> assistance one issue at a time.
> Currently I am unable to get the IP address to show up for registered online 
> devices. I tried adding vlans in packetfence for the production vlans I wish 
> to see IPs for, I set the interface to other and listening daemon 
> dhcplistener is on but no IP info shows up. When I tried to assign an IP 
> address to the vlans I want to the packetfence network intergaces disappear 
> and I have to go to the CLI to remove the vlans I added.
>
> I only have one virtual NIC assigned to PF, the management interface gets a 
> reserved dhcp IP address from my firewalla router. I have a vlan for 
> registration and a vlan for isolation managed by PF, my production 
> environment has 4 more vlans managed by production dhcp (firewalla).
>
> Authenticated users for the various production vlans all get the correct IP 
> address
>
> Any help would be greatly appreciated
>
> Thanks
> Dave
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net>
> https://lists.sourceforge.net/lists/listinfo/packetfence-users



--


___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/packetfence-users


--

[Imágenes integradas 1]
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Nodes not showing IP addresses

2021-10-05 Thread David Moore via PacketFence-users 
I'm running the latest version of Packetfence ZEN. I have pretty much 
everything working the way I want but a few things. I'm going to seek 
assistance one issue at a time.
Currently I am unable to get the IP address to show up for registered online 
devices. I tried adding vlans in packetfence for the production vlans I wish to 
see IPs for, I set the interface to other and listening daemon dhcplistener is 
on but no IP info shows up. When I tried to assign an IP address to the vlans I 
want to the packetfence network intergaces disappear and I have to go to the 
CLI to remove the vlans I added.

I only have one virtual NIC assigned to PF, the management interface gets a 
reserved dhcp IP address from my firewalla router. I have a vlan for 
registration and a vlan for isolation managed by PF, my production environment 
has 4 more vlans managed by production dhcp (firewalla).

Authenticated users for the various production vlans all get the correct IP 
address

Any help would be greatly appreciated

Thanks
Dave
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Web page will not load

2022-06-24 Thread David Moore via PacketFence-users 
I'm running the latest version of packetfence zen, I rebooted the server and 
now the web page to login to packetfence will not load. I confirmed that the 
apache service is running. Any help would be greatly appreciated.

Thanks
Dave
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] [External] [External] Domain Joining PacketFence Fails

2022-08-29 Thread David Moore via PacketFence-users 
I'm having the same problem, did you ever get this resolved?

From: Nate Breeden via PacketFence-users 

Sent: Tuesday, August 23, 2022 3:09 PM
To: Fabrice Durand ; 
packetfence-users@lists.sourceforge.net 

Cc: Nate Breeden 
Subject: Re: [PacketFence-users] [External] [External] Domain Joining 
PacketFence Fails


[DOMAINNAME]

dns_name= DOMAINNAME.Local

dns_servers=10.0.1.15

server_name=%h

ou=Domain Computers

ad_server=mydc1

workgroup=domain.Local

status=enabled

sticky_dc=mydc1

ntlm_cache_expiry=3600

# Copyright (C) Inverse inc.









Chain PREROUTING (policy ACCEPT 16868 packets, 1946K bytes)

pkts bytes target prot opt in out source   destination



Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

pkts bytes target prot opt in out source   destination



Chain OUTPUT (policy ACCEPT 177K packets, 11M bytes)

pkts bytes target prot opt in out source   destination



Chain POSTROUTING (policy ACCEPT 177K packets, 11M bytes)

pkts bytes target prot opt in out source   destination

2   201 SNAT   all  --  *  eth0169.254.0.0/16   0.0.0.0/0   
 to:10.0.1.19



Chain postrouting-inline-routed (0 references)

pkts bytes target prot opt in out source   destination



Chain postrouting-int-inline-if (0 references)

pkts bytes target prot opt in out source   destination



Chain prerouting-int-inline-if (0 references)

pkts bytes target prot opt in out source   destination



Chain prerouting-int-vlan-if (0 references)

pkts bytes target prot opt in out source   destination



From: Fabrice Durand 
Sent: Tuesday, August 23, 2022 2:36 PM
To: packetfence-users@lists.sourceforge.net
Cc: Nate Breeden 
Subject: Re: [External] [PacketFence-users] [External] Domain Joining 
PacketFence Fails



This message was sent from outside the company, please use caution when 
clicking links or opening attachments unless you recognize the source of this 
email and know the content is safe.



Hello,



can you show me the content of conf/domain.conf and also the result of iptables 
-L -n -v -t nat



Regards

Fabrice







Le mar. 23 août 2022 à 14:25, Nate Breeden via PacketFence-users 
mailto:packetfence-users@lists.sourceforge.net>>
 a écrit :

Hey Aaron,



My DCs are using Server 2019, also have tried it with the firewall disabled and 
had the same result.



Also thought this would be the easiest part of my install lol





Thanks!



Nate Breeden
Director of IT
Criswell Automotive
F: (301) 212-4520
O: (301) 212-4520


[Criswell Automotive]

CONFIDENTIALITY NOTICE:
The contents of this email message and any attachments are intended solely for 
the addressee(s) and may contain confidential and/or privileged information and 
may be legally protected from disclosure. If you are not the intended recipient 
of this message or their agent, or if this message has been addressed to you in 
error, please immediately alert the sender by reply email and then delete this 
message and any attachments. If you are not the intended recipient, you are 
hereby notified that any use, dissemination, copying, or storage of this 
message or its attachments is strictly prohibited.





From: Aaron Zuercher via PacketFence-users 
mailto:packetfence-users@lists.sourceforge.net>>
Sent: Tuesday, August 23, 2022 11:25 AM
To: 
packetfence-users@lists.sourceforge.net
Cc: Aaron Zuercher mailto:aaron.techge...@gmail.com>>
Subject: Re: [External] [PacketFence-users] Domain Joining PacketFence Fails



This message was sent from outside the company, please use caution when 
clicking links or opening attachments unless you recognize the source of this 
email and know the content is safe.



Nate,

this part of my install was pretty straight forward.  What version of windows 
in your DC?   What about firewall blocking something?



Aaron



On Tue, Aug 23, 2022 at 7:34 AM Nate Breeden via PacketFence-users 
mailto:packetfence-users@lists.sourceforge.net>>
 wrote:

When trying to domain join PacketForce, on the web GUI we receive “Failed to 
join domain: failed to find DC for domain Computers - The object was not found.”



After searching through a bunch of articles, it looks like where it says “for 
domain Computers” should say “for domain MYDOMAIN”?



Did a full reinstall of PacketFence thinking something was wrong with the 
install, but am still facing the same issue.



In the actual Debian VM if I ping a hostname without the domain name it replies 
with the correct IP address, same thing when pining with the FQDN.



Cat /etc/resolv.conf > this returns the proper DNS IP addresses for my domain



Net ads status > this returns “ads_connect: No logon servers are currently 
available to service the logon request.” (X2)





Also have tried tweaking

[PacketFence-users] Nodes not displaying after upgrade to 12.2

2023-03-09 Thread David Moore via PacketFence-users 
I just upgraded from ZEN 12.1 to 12.2 today

Now when I login to the web interface and click on the nodes tab I get the 
following error:

 [cid:504e3383-db8e-4302-be44-a0183d56164a]

Everything else appears to be working as expected, any help would be greatly 
appreciated.

Thanks
Dave
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Nodes not displaying after upgrade to 12.2

2023-03-13 Thread David Moore via PacketFence-users 
Hello

I noticed that it was an issue with the database so I added the missing table 
and also added 3 missing fields. I don't currently have any errors but would 
still like to know more about the database structure for packetfence. Does 
anyone know if there is documentation that lists all the table and field names, 
along with the field types?

From: Gustav Weiss via PacketFence-users 

Sent: Monday, March 13, 2023 6:46 AM
To: packetfence-users@lists.sourceforge.net 

Cc: Gustav Weiss 
Subject: Re: [PacketFence-users] Nodes not displaying after upgrade to 12.2

Hello

I get the same error in the packetfence.log I see that:

root@PF01:~# tail -f /usr/local/pf/logs/packetfence.log
Mar 13 11:17:17 PF01 pfperl-api-docker-wrapper[1723]: pfperl-api(13) INFO: 
[mac:[undef]] All cluster members are running the same configuration version 
(pf::pfcron::task::cluster_check::run)
Mar 13 11:17:44 PF01 pfperl-api-docker-wrapper[1723]: pfperl-api(16) INFO: 
[mac:[undef]] Found a realm source local for user admin in realm null. 
(pf::authentication::adminAuthentication)
Mar 13 11:17:44 PF01 pfperl-api-docker-wrapper[1723]: pfperl-api(16) INFO: 
[mac:[undef]] Authentication successful for admin in source local (SQL) 
(pf::authentication::authenticate)
Mar 13 11:17:44 PF01 pfperl-api-docker-wrapper[1723]: pfperl-api(16) INFO: 
[mac:[undef]] Using sources local for matching (pf::authentication::match2)
Mar 13 11:17:46 PF01 pfperl-api-docker-wrapper[1723]: pfperl-api(12) ERROR: 
[mac:[undef]] Database query failed with non retryable error: Table 
'pf.node_current_session' doesn't exist (errno: 1146) [SELECT `node`.`status`, 
CASE IFNULL( (SELECT is_online from node_current_session as ncs WHERE ncs.mac = 
node.mac), 'unknown') WHEN 'unknown' THEN 'unknown' WHEN 0 THEN 'off' ELSE 'on' 
END AS `online`, `node`.`mac`, `node`.`computername`, `node`.`pid`, 
`ip4log`.`ip` AS `ip4log.ip`, `node`.`device_class`, `node`.`category_id`, 
`node`.`bypass_role_id` FROM node LEFT OUTER JOIN ip4log ON ( `ip4log`.`ip` = ( 
SELECT `ip` FROM `ip4log` WHERE `mac` = `node`.`mac` ORDER BY `start_time` DESC 
LIMIT 1 ) ) ORDER BY `online` ASC LIMIT ? OFFSET ?]{501, 0} 
(pf::dal::db_execute)
Mar 13 11:17:47 PF01 pfperl-api-docker-wrapper[1723]: pfperl-api(16) INFO: 
[mac:[undef]] Database /usr/local/fingerbank/db/fingerbank_Upstream.db was 
changed or handles weren't initialized. Creating handle. 
(fingerbank::DB::SQLite::build_handle)
Mar 13 11:18:16 PF01 pfperl-api-docker-wrapper[1723]: pfperl-api(12) INFO: 
[mac:[undef]] Using 300 resolution threshold 
(pf::pfcron::task::cluster_check::run)
Mar 13 11:18:16 PF01 pfperl-api-docker-wrapper[1723]: pfperl-api(12) INFO: 
[mac:[undef]] All cluster members are running the same configuration version 
(pf::pfcron::task::cluster_check::run)
Mar 13 11:18:17 PF01 pfperl-api-docker-wrapper[1723]: pfperl-api(14) INFO: 
[mac:[undef]] getting security_events triggers for accounting cleanup 
(pf::accounting::acct_maintenance)
Mar 13 11:18:17 PF01 pfperl-api-docker-wrapper[1723]: pfperl-api(12) INFO: 
[mac:[undef]] processed 0 security_events during security_event maintenance 
(1678702697.14255 1678702697.1516)  
(pf::security_event::security_event_maintenance)
Mar 13 11:19:17 PF01 pfperl-api-docker-wrapper[1723]: pfperl-api(14) INFO: 
[mac:[undef]] getting security_events triggers for accounting cleanup 
(pf::accounting::acct_maintenance)
Mar 13 11:19:17 PF01 pfperl-api-docker-wrapper[1723]: pfperl-api(16) INFO: 
[mac:[undef]] Using 300 resolution threshold 
(pf::pfcron::task::cluster_check::run)
Mar 13 11:19:17 PF01 pfperl-api-docker-wrapper[1723]: pfperl-api(16) INFO: 
[mac:[undef]] All cluster members are running the same configuration version 
(pf::pfcron::task::cluster_check::run)
Mar 13 11:19:17 PF01 pfperl-api-docker-wrapper[1723]: pfperl-api(11) INFO: 
[mac:[undef]] processed 0 security_events during security_event maintenance 
(1678702757.11626 1678702757.18377)  
(pf::security_event::security_event_maintenance)
Mar 13 11:19:22 PF01 pfperl-api-docker-wrapper[1723]: pfperl-api(13) ERROR: 
[mac:[undef]] Database query failed with non retryable error: Table 
'pf.node_current_session' doesn't exist (errno: 1146) [SELECT `node`.`status`, 
CASE IFNULL( (SELECT is_online from node_current_session as ncs WHERE ncs.mac = 
node.mac), 'unknown') WHEN 'unknown' THEN 'unknown' WHEN 0 THEN 'off' ELSE 'on' 
END AS `online`, `node`.`mac`, `node`.`computername`, `node`.`pid`, 
`ip4log`.`ip` AS `ip4log.ip`, `node`.`device_class`, `node`.`category_id`, 
`node`.`bypass_role_id` FROM node LEFT OUTER JOIN ip4log ON ( `ip4log`.`ip` = ( 
SELECT `ip` FROM `ip4log` WHERE `mac` = `node`.`mac` ORDER BY `start_time` DESC 
LIMIT 1 ) ) ORDER BY `online` ASC LIMIT ? OFFSET ?]{501, 0} 
(pf::dal::db_execute)
Mar 13 11:20:16 PF01 pfperl-api-docker-wrapper[1723]: pfperl-api(17) INFO: 
[mac:[undef]] Using 300 resolution threshold 
(pf::pfcron::task::cluster_check::run)
Mar 13 11:20:16 PF01

[PacketFence-users] Empty Radius Audit Logs page

2024-01-23 Thread David Moore via PacketFence-users 
I upgraded to PF 13.1 today, with hopes that the RADIUS Audit Logs page would 
start to show info again but is still empty. This page has not shown data since 
upgrading to PF 13.


[cid:7f0eb985-0803-4e2b-be09-4eb528d69aa4]
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Active Directory Domain Configuration fails

2024-01-24 Thread David Moore via PacketFence-users 
I'm running PF 13.1 when I create an Active Directory Domain via "Configuration 
> Policies and Access Control > Domains > Active Directory Domains" and then 
test the connection, I receive the following error message:

Post "http://containers-gateway.internal:5000/ntlm/connect": context deadline 
exceeded (Client.Timeout exceeded while awaiting headers)

Radius audit logs show: chrooted_mschap_machine: Invalid output from ntlm_auth: 
expecting 'NT_KEY: ' prefix for Active Directory joined PCs trying to 
authenticate with their computer account.

Thanks in advance for your help
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Empty Radius Audit Logs page

2024-01-24 Thread David Moore via PacketFence-users 
:05 fence pfcron-docker-wrapper[121996]: t=2024-01-23T17:13:05-0500 
lvl=info msg="API call /api/v1/config/maintenance_task/nodes_maintenance/run" 
pid=8
Jan 23 17:13:05 fence pfcron-docker-wrapper[121996]: t=2024-01-23T17:13:05-0500 
lvl=info msg="Running node_cleanup" pid=8
Jan 23 17:13:05 fence pfcron-docker-wrapper[121996]: t=2024-01-23T17:13:05-0500 
lvl=info msg="Running node_current_session_cleanup" pid=8
Jan 23 17:13:05 fence pfcron-docker-wrapper[121996]: t=2024-01-23T17:13:05-0500 
lvl=info msg="node_current_session_cleanup cleaned items 0" pid=8
Jan 23 17:13:05 fence pfcron-docker-wrapper[121996]: t=2024-01-23T17:13:05-0500 
lvl=info msg="Calling Unified API on uri: 
https://containers-gateway.internal:/api/v1/config/maintenance_task/node_cleanup/run;
 pid=8
Jan 23 17:13:05 fence pfcron-docker-wrapper[121996]: t=2024-01-23T17:13:05-0500 
lvl=info msg="Request isn't authorized, performing login against the Unified 
API" pid=8
Jan 23 17:13:05 fence pfcron-docker-wrapper[121996]: t=2024-01-23T17:13:05-0500 
lvl=info msg="Calling Unified API on uri: 
https://containers-gateway.internal:/api/v1/login; pid=8
Jan 23 17:13:05 fence pfcron-docker-wrapper[121996]: t=2024-01-23T17:13:05-0500 
lvl=info msg="Calling Unified API on uri: 
https://containers-gateway.internal:/api/v1/config/maintenance_task/node_cleanup/run;
 pid=8
Jan 23 17:13:05 fence pfcron-docker-wrapper[121996]: t=2024-01-23T17:13:05-0500 
lvl=info msg="API call /api/v1/config/maintenance_task/acct_maintenance/run" 
pid=8
Jan 23 17:13:05 fence pfcron-docker-wrapper[121996]: t=2024-01-23T17:13:05-0500 
lvl=info msg="API call 
/api/v1/config/maintenance_task/provisioning_compliance_poll/run" pid=8
Jan 23 17:13:05 fence pfcron-docker-wrapper[121996]: t=2024-01-23T17:13:05-0500 
lvl=info msg="API call /api/v1/config/maintenance_task/node_cleanup/run" pid=8
Jan 23 17:13:06 fence pfcron-docker-wrapper[121996]: t=2024-01-23T17:13:06-0500 
lvl=info msg="Calling Unified API on uri: 
https://containers-gateway.internal:/api/v1/config/maintenance_task/cluster_check/run;
 pid=8
Jan 23 17:13:06 fence pfcron-docker-wrapper[121996]: t=2024-01-23T17:13:06-0500 
lvl=info msg="Request isn't authorized, performing login against the Unified 
API" pid=8
Jan 23 17:13:06 fence pfcron-docker-wrapper[121996]: t=2024-01-23T17:13:06-0500 
lvl=info msg="Calling Unified API on uri: 
https://containers-gateway.internal:/api/v1/login; pid=8
Jan 23 17:13:06 fence pfcron-docker-wrapper[121996]: t=2024-01-23T17:13:06-0500 
lvl=info msg="Calling Unified API on uri: 
https://containers-gateway.internal:/api/v1/config/maintenance_task/cluster_check/run;
 pid=8
Jan 23 17:13:06 fence pfcron-docker-wrapper[121996]: t=2024-01-23T17:13:06-0500 
lvl=info msg="API call /api/v1/config/maintenance_task/cluster_check/run" pid=8

From: Fabrice Durand via PacketFence-users 

Sent: Tuesday, January 23, 2024 4:25 PM
To: packetfence-users@lists.sourceforge.net 

Cc: Fabrice Durand 
Subject: Re: [PacketFence-users] Empty Radius Audit Logs page

Normally we fixed the issue in 13.0 (maintenance) and 13.1.

Once you upgrade to the latest version, be sure that you restarted all services.

If it is still not working then can you paste the pfcron.log file to see if 
there are any errors ?



Le mar. 23 janv. 2024 à 15:58, Thomas Michel via PacketFence-users 
mailto:packetfence-users@lists.sourceforge.net>>
 a écrit :
Am Dienstag, dem 23.01.2024 um 20:02 + schrieb David Moore via
PacketFence-users:
>
> I upgraded to PF 13.1 today, with hopes that the RADIUS Audit Logs
> page would start to show info again but is still empty. This page has
> not shown data since upgrading to PF 13.
>

I have a similar issue, not sure if related - The radius logs are empty
until I restart pfcron. Then I have logs again for a couple of hours.
After then, empty logs again until I restart pfcron again.


Maybe you can give this a try to see if you run into the same problem?

Regards,
Thomas Michel.


___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Empty Radius Audit Logs page

2024-01-24 Thread David Moore via PacketFence-users 
I restarted the pfcron service and devices showed up in the Audit Logs, but 
refreshing the audit logs page did not show the latest authentications

Is there a command to restart all of the pf services. I rebooted the server a 
few times and that didn't seem to help.

From: Fabrice Durand via PacketFence-users 

Sent: Tuesday, January 23, 2024 4:25 PM
To: packetfence-users@lists.sourceforge.net 

Cc: Fabrice Durand 
Subject: Re: [PacketFence-users] Empty Radius Audit Logs page

Normally we fixed the issue in 13.0 (maintenance) and 13.1.

Once you upgrade to the latest version, be sure that you restarted all services.

If it is still not working then can you paste the pfcron.log file to see if 
there are any errors ?



Le mar. 23 janv. 2024 à 15:58, Thomas Michel via PacketFence-users 
mailto:packetfence-users@lists.sourceforge.net>>
 a écrit :
Am Dienstag, dem 23.01.2024 um 20:02 + schrieb David Moore via
PacketFence-users:
>
> I upgraded to PF 13.1 today, with hopes that the RADIUS Audit Logs
> page would start to show info again but is still empty. This page has
> not shown data since upgrading to PF 13.
>

I have a similar issue, not sure if related - The radius logs are empty
until I restart pfcron. Then I have logs again for a couple of hours.
After then, empty logs again until I restart pfcron again.


Maybe you can give this a try to see if you run into the same problem?

Regards,
Thomas Michel.


___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Web log messages

2024-02-12 Thread David Moore via PacketFence-users 
Hello,
  I'm running the latest version of packetfence 13.1, every time I login to 
packetfence I receive the following message in the bell notification area in 
the top right corner of the screen. If I clear the messages they go away, but 
as soon as I click on the status tab the messages reappear, thanks in advance

Dave

[cid:b8be688b-37eb-4670-aee5-13de1d3a6020]

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Active Directory Domain Configuration fails

2024-01-27 Thread David Moore via PacketFence-users 
This is resolved, I think the solution was to change:

Configuration > Policies and Access Control > Authentication Sources > Internal 
Sources > my active directory domain to use SSL for connecting to the domain 
controllers
____
From: David Moore via PacketFence-users 

Sent: Wednesday, January 24, 2024 12:03 PM
To: packetfence-users@lists.sourceforge.net 

Cc: David Moore 
Subject: [PacketFence-users] Active Directory Domain Configuration fails

I'm running PF 13.1 when I create an Active Directory Domain via "Configuration 
> Policies and Access Control > Domains > Active Directory Domains" and then 
test the connection, I receive the following error message:

Post "http://containers-gateway.internal:5000/ntlm/connect": context deadline 
exceeded (Client.Timeout exceeded while awaiting headers)

Radius audit logs show: chrooted_mschap_machine: Invalid output from ntlm_auth: 
expecting 'NT_KEY: ' prefix for Active Directory joined PCs trying to 
authenticate with their computer account.

Thanks in advance for your help
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Help with IP Tables and Processor usage question

2024-01-27 Thread David Moore via PacketFence-users 
I recently upgraded to PF 13.1 and have had a few issues, most of which I have 
been able to resolve. The only lingering issue I'm aware of is with IP Tables, 
but I'm not positive it's something to be concerned about because PF is working.

My PF server is ZEN running in VMWare ESXi the assigned hardware is 32 GB of 
RAM, 4 Processors and 300 GB of disk space, my network consists of about 30 
nodes authenticating with 802.1x (Active Directory and MAC Auth for non-AD 
devices) memory and disk space are fine but the CPU is constantly at 5Ghz of 
consumption (is that normal for the processor?)

Please see the details from packetfence.log and from systemctl status 
packetfence-iptables below:

packetfence.log:
Jan 25 09:43:07 fence pfperl-api-docker-wrapper[562338]: pfperl-api(14) INFO: 
[mac:[undef]] getting security_events triggers for accounting cleanup 
(pf::accounting::acct_maintenance)
Jan 25 09:43:07 fence pfperl-api-docker-wrapper[562338]: pfperl-api(17) INFO: 
[mac:[undef]] processed 0 security_events during security_event maintenance 
(1706193787.30847 1706193787.36479) 
(pf::security_event::security_event_maintenance)
Jan 25 09:43:15 fence packetfence[562283]: -e(562283) INFO: saving existing 
iptables to /usr/local/pf/var/iptables.bak (pf::iptables::iptables_save)
Jan 25 09:43:15 fence packetfence[562283]: -e(562283) WARN: We are using IPSET 
(pf::ipset::iptables_generate)
Jan 25 09:43:15 fence packetfence[562283]: -e(562283) INFO: flushing iptables 
(pf::ipset::iptables_flush_mangle)
Jan 25 09:43:15 fence packetfence[562283]: -e(562283) INFO: Adding Forward 
rules to allow connections to the OAuth2 Providers and passthrough. 
(pf::iptables::generate_passthrough_rules)
Jan 25 09:43:15 fence packetfence[562283]: -e(562283) INFO: Adding IP based 
passthrough for connectivitycheck.gstatic.com 
(pf::iptables::generate_passthrough_rules)
Jan 25 09:43:15 fence packetfence[562283]: -e(562283) INFO: Adding NAT 
Masquerade statement. (pf::iptables::generate_passthrough_rules)
Jan 25 09:43:15 fence packetfence[562283]: -e(562283) INFO: restoring iptables 
from /usr/local/pf/var/conf/iptables.conf (pf::iptables::iptables_restore)
Jan 25 09:43:15 fence packetfence[562283]: -e(562283) WARN: Problem trying to 
run command: LANG=C /sbin/iptables-restore < 
/usr/local/pf/var/conf/iptables.conf called from iptables_restore. Child exited 
with non-zero value 2 (pf::util::pf_run)
Jan 25 09:44:06 fence pfperl-api-docker-wrapper[562338]: pfperl-api(19) INFO: 
[mac:[undef]] processed 0 security_events during security_event maintenance 
(1706193846.10912 1706193846.12021) 
(pf::security_event::security_event_maintenance)
Jan 25 09:44:07 fence pfperl-api-docker-wrapper[562338]: pfperl-api(15) INFO: 
[mac:[undef]] Using 300 resolution threshold 
(pf::pfcron::task::cluster_check::run)
Jan 25 09:44:07 fence pfperl-api-docker-wrapper[562338]: pfperl-api(14) INFO: 
[mac:[undef]] getting security_events triggers for accounting cleanup 
(pf::accounting::acct_maintenance)
Jan 25 09:44:07 fence pfperl-api-docker-wrapper[562338]: pfperl-api(15) INFO: 
[mac:[undef]] All cluster members are running the same configuration version 
(pf::pfcron::task::cluster_check::run)
Jan 25 09:44:16 fence packetfence[562283]: -e(562283) INFO: saving existing 
iptables to /usr/local/pf/var/iptables.bak (pf::iptables::iptables_save)
Jan 25 09:44:16 fence packetfence[562283]: -e(562283) WARN: We are using IPSET 
(pf::ipset::iptables_generate)
Jan 25 09:44:16 fence packetfence[562283]: -e(562283) INFO: flushing iptables 
(pf::ipset::iptables_flush_mangle)
Jan 25 09:44:16 fence packetfence[562283]: -e(562283) INFO: Adding Forward 
rules to allow connections to the OAuth2 Providers and passthrough. 
(pf::iptables::generate_passthrough_rules)
Jan 25 09:44:16 fence packetfence[562283]: -e(562283) INFO: Adding IP based 
passthrough for connectivitycheck.gstatic.com 
(pf::iptables::generate_passthrough_rules)
Jan 25 09:44:16 fence packetfence[562283]: -e(562283) INFO: Adding NAT 
Masquerade statement. (pf::iptables::generate_passthrough_rules)
Jan 25 09:44:16 fence packetfence[562283]: -e(562283) INFO: restoring iptables 
from /usr/local/pf/var/conf/iptables.conf (pf::iptables::iptables_restore)
Jan 25 09:44:16 fence packetfence[562283]: -e(562283) WARN: Problem trying to 
run command: LANG=C /sbin/iptables-restore < 
/usr/local/pf/var/conf/iptables.conf called from iptables_restore. Child exited 
with non-zero value 2 (pf::util::pf_run)
Jan 25 09:45:06 fence pfperl-api-docker-wrapper[562338]: pfperl-api(13) INFO: 
[mac:[undef]] processed 0 security_events during security_event maintenance 
(1706193906.17069 1706193906.18816) 
(pf::security_event::security_event_maintenance)
Jan 25 09:45:06 fence pfperl-api-docker-wrapper[562338]: pfperl-api(12) INFO: 
[mac:[undef]] getting security_events triggers for accounting cleanup 
(pf::accounting::acct_maintenance)
Jan 25 09:45:07 fence pfperl-api-docker-wrapper[562338]: pfperl-api(13) INFO: 
[mac:[undef]] Using 300

Re: [PacketFence-users] Empty Radius Audit Logs page

2024-01-27 Thread David Moore via PacketFence-users 
I'm not sure if apt update is the Ubuntu equivalent to Fedora dnf update but I 
did an apt update yesterday and the Radius Audit logs have been working 
perfectly since.

From: Thomas Michel via PacketFence-users 

Sent: Thursday, January 25, 2024 4:19 AM
To: packetfence-users@lists.sourceforge.net 

Cc: Thomas Michel 
Subject: Re: [PacketFence-users] Empty Radius Audit Logs page

Am Dienstag, dem 23.01.2024 um 16:25 -0500 schrieb Fabrice Durand via 
PacketFence-users:
> Normally we fixed the issue in 13.0 (maintenance) and 13.1.
> Once you upgrade to the latest version, be sure that you restarted all 
> services.
>
> If it is still not working then can you paste the pfcron.log file to see if 
> there are any errors ?
>
>

Hi,

I did a dnf update on the system last night to the latest 13.0 release and it 
seems the issue is resolved for me. I'll keep an ey on it and report back if it 
occurs again.

Thanks,

Thomas.


___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Help with IP Tables and Processor usage question

2024-01-29 Thread David Moore via PacketFence-users 
13.0, before that I'm not sure, but it was 12.x

Get Outlook for Android<https://aka.ms/AAb9ysg>


From: Zammit, Ludovic 
Sent: Monday, January 29, 2024 4:27:55 PM
To: PacketFence-users 
Cc: David Moore 
Subject: Re: [PacketFence-users] Help with IP Tables and Processor usage 
question

Hello David,

What was the previous PF version before the upgrade?

Thanks,

Ludovic Zammit
Product Support Engineer Principal Lead
[https://www.akamai.com/us/en/multimedia/images/custom/2019/logo-no-tag-93x45.png]
Cell: +1.613.670.8432
Akamai Technologies - Inverse
145 Broadway
Cambridge, MA 02142
Connect with Us:
[https://www.akamai.com/us/en/multimedia/images/custom/community.jpg] 
<https://community.akamai.com>  
[https://www.akamai.com/us/en/multimedia/images/custom/rss.png] 
<http://blogs.akamai.com>  
[https://www.akamai.com/us/en/multimedia/images/custom/twitter.png] 
<https://twitter.com/akamai>  
[https://www.akamai.com/us/en/multimedia/images/custom/fb.png] 
<http://www.facebook.com/AkamaiTechnologies>  
[https://www.akamai.com/us/en/multimedia/images/custom/in.png] 
<http://www.linkedin.com/company/akamai-technologies>  
[https://www.akamai.com/us/en/multimedia/images/custom/youtube.png] 
<http://www.youtube.com/user/akamaitechnologies?feature=results_main>

On Jan 25, 2024, at 10:02 AM, David Moore via PacketFence-users 
 wrote:

I recently upgraded to PF 13.1 and have had a few issues, most of which I have 
been able to resolve. The only lingering issue I'm aware of is with IP Tables, 
but I'm not positive it's something to be concerned about because PF is working.

My PF server is ZEN running in VMWare ESXi the assigned hardware is 32 GB of 
RAM, 4 Processors and 300 GB of disk space, my network consists of about 30 
nodes authenticating with 802.1x (Active Directory and MAC Auth for non-AD 
devices) memory and disk space are fine but the CPU is constantly at 5Ghz of 
consumption (is that normal for the processor?)

Please see the details from packetfence.log and from systemctl status 
packetfence-iptables below:

packetfence.log:
Jan 25 09:43:07 fence pfperl-api-docker-wrapper[562338]: pfperl-api(14) INFO: 
[mac:[undef]] getting security_events triggers for accounting cleanup 
(pf::accounting::acct_maintenance)
Jan 25 09:43:07 fence pfperl-api-docker-wrapper[562338]: pfperl-api(17) INFO: 
[mac:[undef]] processed 0 security_events during security_event maintenance 
(1706193787.30847 1706193787.36479) 
(pf::security_event::security_event_maintenance)
Jan 25 09:43:15 fence packetfence[562283]: -e(562283) INFO: saving existing 
iptables to /usr/local/pf/var/iptables.bak (pf::iptables::iptables_save)
Jan 25 09:43:15 fence packetfence[562283]: -e(562283) WARN: We are using IPSET 
(pf::ipset::iptables_generate)
Jan 25 09:43:15 fence packetfence[562283]: -e(562283) INFO: flushing iptables 
(pf::ipset::iptables_flush_mangle)
Jan 25 09:43:15 fence packetfence[562283]: -e(562283) INFO: Adding Forward 
rules to allow connections to the OAuth2 Providers and passthrough. 
(pf::iptables::generate_passthrough_rules)
Jan 25 09:43:15 fence packetfence[562283]: -e(562283) INFO: Adding IP based 
passthrough for 
connectivitycheck.gstatic.com<http://connectivitycheck.gstatic.com/> 
(pf::iptables::generate_passthrough_rules)
Jan 25 09:43:15 fence packetfence[562283]: -e(562283) INFO: Adding NAT 
Masquerade statement. (pf::iptables::generate_passthrough_rules)
Jan 25 09:43:15 fence packetfence[562283]: -e(562283) INFO: restoring iptables 
from /usr/local/pf/var/conf/iptables.conf (pf::iptables::iptables_restore)
Jan 25 09:43:15 fence packetfence[562283]: -e(562283) WARN: Problem trying to 
run command: LANG=C /sbin/iptables-restore < 
/usr/local/pf/var/conf/iptables.conf called from iptables_restore. Child exited 
with non-zero value 2 (pf::util::pf_run)
Jan 25 09:44:06 fence pfperl-api-docker-wrapper[562338]: pfperl-api(19) INFO: 
[mac:[undef]] processed 0 security_events during security_event maintenance 
(1706193846.10912 1706193846.12021) 
(pf::security_event::security_event_maintenance)
Jan 25 09:44:07 fence pfperl-api-docker-wrapper[562338]: pfperl-api(15) INFO: 
[mac:[undef]] Using 300 resolution threshold 
(pf::pfcron::task::cluster_check::run)
Jan 25 09:44:07 fence pfperl-api-docker-wrapper[562338]: pfperl-api(14) INFO: 
[mac:[undef]] getting security_events triggers for accounting cleanup 
(pf::accounting::acct_maintenance)
Jan 25 09:44:07 fence pfperl-api-docker-wrapper[562338]: pfperl-api(15) INFO: 
[mac:[undef]] All cluster members are running the same configuration version 
(pf::pfcron::task::cluster_check::run)
Jan 25 09:44:16 fence packetfence[562283]: -e(562283) INFO: saving existing 
iptables to /usr/local/pf/var/iptables.bak (pf::iptables::iptables_save)
Jan 25 09:44:16 fence packetfence[562283]: -e(562283) WARN: We are using IPSET 
(pf::ipset::iptables_generate)
Jan 25 09:44:16 fence packetfence[5622