Re: [PacketFence-users] passthrough only opens ports 80 and 443 even if proto and port are defined

I fixed it this but I'm not sure I'm breaking something else: [root@srvpf pf]# diff -Naur sbin/pfdns.orig sbin/pfdns --- sbin/pfdns.orig 2017-08-08 18:40:40.006571993 +0200 +++ sbin/pfdns 2017-08-08 18:42:53.040963724 +0200 @@ -448,7 +448,7 @@ my $query_non_filtered =

Re: [PacketFence-users] passthrough only opens ports 80 and 443 even if proto and port are defined

Poking in the code I found that pfdns calls matches_passthrough in lib/pf/util/dns.pm which returns the following (with data dumper): 1, $VAR1 = [ 'tcp:8080' ]; But it does not work -- Check out the

[PacketFence-users] passthrough only opens ports 80 and 443 even if proto and port are defined

Hi, I don't know if I'm hitting a bug or I'm missing something. I'm using 7.2 (ZEN), enabled passthrough and configured it like this: [root@srvpf ~]# grep ^passt /usr/local/pf/conf/pf.conf passthrough=enabled passthroughs=*.facebook.com,*.fbcdn.net,*.akamaihd.net,portquiz.net:tcp:8080 Notice

Re: [PacketFence-users] Passthrough troubleshooting assistance

Hello Alex, what you need is to capture dns traffic from the device and adapt passthrough based on what you seen in the capture. Regards Fabrice Le 2017-02-27 à 23:17, Alex Fishel a écrit : Hello all, I have set up PacketFence inline mode and have the captive portal working. I have a

[PacketFence-users] Passthrough troubleshooting assistance

Hello all, I have set up PacketFence inline mode and have the captive portal working. I have a Cisco Aironet access point set up as well through which wireless devices connect. The goal of my setup is to be able to provision iOS and Android devices. So far, I have iOS working but am running into

[PacketFence-users] Passthrough for google play store.

We need to be able to allow an app download for .1x setup from the google play store. Hostname is: r3---sn-hxgpu-a5oe.gvt1.com But it won't batch *.gvt1.com in passthroughs. Im assuming its a dynamically generated host that will change. Im pretty sure the problem is in the "---" causing

Re: [PacketFence-users] Passthrough for google play store.

Oh. *. Seemed to work in the past. Sent from my iPhone On Sep 4, 2015, at 10:35 AM, Louis Munro wrote: Hi Tim, Try just .gvt1.com in your passthroughs. IIRC it is matched as a regular expression, not a globbing pattern. Regards, -- Louis Munro lmu...@inverse.ca ::

Re: [PacketFence-users] Passthrough for google play store.

Weird.. I wrote a script to process everything as pfdns would.. found that it wasn't taking the updates from the pf.conf into the keyed table in the DB. had to delete the config::Pf(packetfence2.mcc.edu) and config::Pf( packetfence1.mcc.edu) keys then reload packetfence-config On Fri, Sep 4,

[PacketFence-users] passthrough for vpn users

Hi, I've successfully implemented a captive portal in inline mode and I also have configured some website available for guest users without authentication with passthrough. But I also want to authorize users to access their vpn gateway (University network). I have a list of ip addresses and

Re: [PacketFence-users] Passthrough

Passthrough works fine! Thanks Fabrice! I thought it was necessary to write the entire url, because I had seen some configuration, in the mailing list, which operated in this way... Thanks again :) Have a nice day! Best Regards, Rosario Ippolito 2015-02-26 14:18 GMT+01:00 Fabrice DURAND

Re: [PacketFence-users] Passthrough

Ok so you just have to define domain and not the whole address. Something like that is better www.google.it,www.google.com. Also you are able to define a widlcard like *.google.com Regards Fabrice Le 2015-02-26 07:40, Rosario Ippolito a écrit : Sure! Thanks a lot! 2015-02-26 13:23

Re: [PacketFence-users] Passthrough

Thanks Fabrice, but Passthrough does not work even without the ssl websites... I am redirected again to the Captive-Portal.. Regards, Rosario Ippolito -- Dive into the World of Parallel Programming The Go Parallel

Re: [PacketFence-users] Passthrough

Hello Rosario, can you send me a screenshot of the passthrough configuration section ? Regards Fabrice Le 2015-02-26 04:48, Rosario Ippolito a écrit : Thanks Fabrice, but Passthrough does not work even without the ssl websites... I am redirected again to the Captive-Portal.. Regards,

[PacketFence-users] Passthrough

Hi all, I have some questions about Passthrough to do. I have configured PacketFence (4.6 version) in Out-of-band mode, and it works very well. So, I have configured the Passthrough following the guide, that is, from the Web Interface, I have selected the Passthrough box and I have added

Re: [PacketFence-users] Passthrough

Hi Rosario, using proxy passthrough for ssl webise is not a good idea, you will have a certificate issue. Regards Fabrice Le 2015-02-24 08:04, Rosario Ippolito a écrit : Hi all, I have some questions about Passthrough to do. I have configured PacketFence (4.6 version) in Out-of-band mode,

[PacketFence-users] Passthrough not working?

Hi, When a device was put into a isolation vlan after being scanned by Nessus, I want it to be able to access some specific websites. for example www.google.com. First I have www.google.com configured as passthrough. Below is the config from pf.conf passthrough=enabled # #

Re: [PacketFence-users] Passthrough not working?

Hi, Passthrough is only working in the reg vlan, not isolation. Take a look at pfdns code and in the isolzone sub copy the part of the code you have in the regzone sub. (if ( ($qname =~ /$OAUTH::ALLO) Regards Fabrice Le 2014-04-10 14:01, forbmsyn a écrit : Hi, When a device was put

Re: [PacketFence-users] Passthrough not working?

Hi Fabrice, I changed the type of the vlan to registration but still not working. [192.168.27.0] dns=192.168.27.1 dhcp_start=192.168.27.10 gateway=192.168.27.1 domain-name=vlan-registration.mydomain.com named=enabled dhcp_max_lease_time=30 dhcpd=enabled type=vlan-registration

Re: [Packetfence-users] Passthrough list not working

Are there any more thoughts on why my passthroughs are not working? Cheers, Andi -Original Message- From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk] Sent: 18 January 2012 14:54 To: packetfence-users@lists.sourceforge.net Subject: Re: [Packetfence-users] Passthrough list not working

Re: [Packetfence-users] Passthrough list not working

Hi Andi, On 18/01/12 9:53 AM, Morris, Andi wrote: Thanks for your help Olivier, I am interested in having the passthrough in vlan isolation mode. Here is the var/conf/httpd.conf [snip] # NO auto-generated mod_rewrite rules for PacketFence Passthroughs # NO auto-generated

Re: [Packetfence-users] Passthrough list not working

I just tried http://www.google.co.uk and found out that you are missing the / at the end which is mandatory if you have no query string. So try with: google=http://www.google.co.uk/ instead of google=http://www.google.co.uk I filed http://www.packetfence.org/bugs/view.php?id=1368 and

Re: [Packetfence-users] Passthrough list not working

Passthrough with IPs *won't* work with passthrough=proxy since we perform DNS blackholing on the registration VLAN (rewriting all DNS to the same IP). As you already noted, squid redirector is to bypass client-side proxy configuration. This is not what you are looking for. On 18/01/12 5:40 AM,

[Packetfence-users] Passthrough list not working

Hi again all, I'm trying to configure a passthrough so that users in the registration vlan can access a website in order for them to download a tool to configure their dot1x settings. I have the following in my pf.conf: [trapping] # # trapping.range # # Comma-delimited list of address