date:20151126

[PacketFence-users] Problem with upgrade scripts

2015-11-26 Thread Nicola Canepa

Hello.
I'm trying to upgrade my PF configuration from 4.7.0 to 5.4.0.
I changed the user and DB name for pf from the standard "pf" both to 
"pflocal".
I found that the upgrade ".sql" scripts don't work in this situation, in 
particular for 5.0->5.1 and graphite DB creation/grants.
It has hardcoded "pf" user and "pf_graphite" DB, while in the code it 
then uses (correctly) pflocal and pflocal_graphite.

Is it possible to fix it?
I modified the scripts by hand with my names, but it would be nice if 
the configured ones where used automagically.

Nicola

-- 

Nicola Canepa
Tel: +39-0522-399-3474
canep...@mmfg.it
---
Il contenuto della presente comunicazione è riservato e destinato 
esclusivamente ai destinatari indicati. Nel caso in cui sia ricevuto da persona 
diversa dal destinatario sono proibite la diffusione, la distribuzione e la 
copia. Nel caso riceveste la presente per errore, Vi preghiamo di informarci e 
di distruggerlo e/o cancellarlo dal Vostro computer, senza utilizzare i dati 
contenuti. La presente comunicazione (comprensiva dei documenti allegati) non 
avrà valore di proposta contrattuale e/o accettazione di proposte provenienti 
dal destinatario, nè rinuncia o riconoscimento di diritti, debiti e/o crediti, 
nè sarà impegnativa, qualora non sia sottoscritto successivo accordo da chi può 
validamente obbligarci. Non deriverà alcuna responsabilità precontrattuale a 
ns. carico, se la presente non sia seguita da contratto sottoscritto dalle 
parti.

The content of the above communication is strictly confidential and reserved 
solely for the referred addressees. In the event of receipt by persons 
different from the addressee, copying, alteration and distribution are 
forbidden. If received by mistake we ask you to inform us and to destroy and/or 
delete from your computer without using the data herein contained. The present 
message (eventual annexes inclusive) shall not be considered a contractual 
proposal and/or acceptance of offer from the addressee, nor waiver recognizance 
of rights, debts  and/or credits, nor shall it be binding when not executed as 
a subsequent agreement by persons who could lawfully represent us. No 
pre-contractual liability shall apply to us when the present communication is 
not followed by any binding agreement between the parties.


--
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741551=/4140
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] packetfence-windows-agent.exe

2015-11-26 Thread Antoine Amacher


Hello Daniel,

While you are configuring the provisioner section you have an option 
called "Broadcast network", if left uncheck the setting 'Connect even if 
this network is not broadcasting its name (SSID)’ will be applied on 
your network by the agent.


Thank you

On 11/25/2015 04:53 PM, Hack, Daniel (DPIPWE) wrote:


Hi All,

Another question hopefully someone can help with?

Is there a way to customise the options in 
packetfence-windows-agent.exe before it is downloaded by the client?


There is an option I’d like to enable by default called ‘Connect even 
if this network is not broadcasting its name (SSID)’.


Thanks in advance,

Dan

Network Administrator

Corporate Information Technology

DPIPWE

p: (03) 6165 4484

f: (03) 6224 1388

e: daniel.h...@dpipwe.tas.gov.au




CONFIDENTIALITY NOTICE AND DISCLAIMER
The information in this transmission may be confidential and/or 
protected by legal professional privilege, and is intended only for 
the person or persons to whom it is addressed. If you are not such a 
person, you are warned that any disclosure, copying or dissemination 
of the information is unauthorised. If you have received the 
transmission in error, please immediately contact this office by 
telephone, fax or email, to inform us of the error and to enable 
arrangements to be made for the destruction of the transmission, or 
its return at our cost. No liability is accepted for any unauthorised 
use of the information contained in this transmission.



--
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741551=/4140


___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users


--
Antoine Amacher
aamac...@inverse.ca  ::  +1.514.447.4918 *130  ::  www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)

--
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741551=/4140___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] pfdhcplistener 5.5.0

2015-11-26 Thread Louis Munro

Hi Christian,
This is indeed a corner case that is not well handled.

The original reason for that was that we assumed that you either use the 
PacketFence dhcpd for all or none of your networks.
If it’s all, then we should be receiving the ACKs.

If it’s none, then we needed to listen for DHCPREQUEST packets.

We try to process the minimum number of packets required to do the job, because 
in a large network that job quickly becomes expensive.

So in your case I can suggest a few ideas to fix it.

1. You could use the PacketFence dhcpd server on all your networks (if that is 
possible for you).
2. You could try using the UDP reflector 
(https://code.google.com/p/udp-reflector/ 
) to send a copy of the ACKs to 
PacketFence.
3. You could patch PacketFence to handle the DHCPREQUESTS in those networks.
4. Look into using OMAPI to have PacketFence query your dhcp server for the 
leases.

I believe option 3 would be fastest to implement.

You could try this patch:

diff --git a/lib/pf/dhcp/processor.pm b/lib/pf/dhcp/processor.pm
index 5b6f6a8..36ee6fe 100644
--- a/lib/pf/dhcp/processor.pm
+++ b/lib/pf/dhcp/processor.pm
@@ -274,7 +274,7 @@ sub parse_dhcp_request {

 # We check if we are running without dhcpd
 # This means we don't see ACK so we need to act on requests
-if((!$self->{running_w_dhcpd} && 
!isenabled($Config{network}{force_listener_update_on_ack})) && 
(defined($client_ip) && defined($client_mac))){
+if((!isenabled($Config{network}{force_listener_update_on_ack})) && 
(defined($client_ip) && defined($client_mac))){
 $self->handle_new_ip($client_mac, $client_ip, $lease_length);
 }



Let us know if it helps.
We’ll have to think of the best way of handling that particular case in the 
future.

Regards,
--
Louis Munro
lmu...@inverse.ca  ::  www.inverse.ca 
+1.514.447.4918 x125  :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)

> On Nov 25, 2015, at 18:10 , Christian Hanster  
> wrote:
> 
> Hi Louis,
> 
> It’s me again and I found the problem finally. It has to do with the 
> rewritten dhcplistener in the new release.
> 
> The new listener configuration is checking, if there is a dhcp server running 
> on the interface. If this is the case then it will not work with dhcp-request 
> packages. In my special case the problem was that I had running the dhcp 
> server on the interface (inlinel2) but not for the inlinel3 network. So the 
> listener was not processing the Request packages. It might be a bug but I do 
> not know how to fix it because the pfdhcplistener is running on interface 
> level. For me it worked when I switched off the dhcp-server on the interface. 
> Probably I will let the dhcp be done by an other server in this network...
> 
> The problem is in line 332ff. in file processor.pm (Tag 5.5.0): 
> https://github.com/inverse-inc/packetfence/blob/devel/lib/pf/dhcp/processor.pm
>  
> 
> 
> Thank you for your help! 
> 
> Kind regards 
> Christian
>> On 25 Nov 2015, at 22:41, Christian Hanster > > wrote:
>> 
>> Hi Louis,
>> 
>> No there are no lines with DHCPACK or OFFER. This is, because there are no 
>> such packets coming (seen in Tcpdump). Our setup is the following: remote 
>> client — LAN— router (with dnsmasq and a relay to PF) =VPN-Tunnel= 
>> VPN-Server —LAN—  PF-Server
>> 
>> So PF is not offering any leases to the remote clients but gets information 
>> from the dnsmasq which is configured as a relay. PF is configured as 
>> inlinel3 for the remote clients. 
>> 
>> the networks.conf is therefore: 
>> [192.168.2.0]
>> dns=192.168.2.254
>> dhcp_start=192.168.2.10
>> gateway=192.168.2.250
>> domain-name=inlinel2.endoo.eu 
>> nat_enabled=enabled
>> named=enabled
>> dhcp_max_lease_time=3600
>> fake_mac_enabled=disabled
>> dhcpd=enabled
>> dhcp_end=192.168.2.246
>> type=inlinel2
>> netmask=255.255.255.0
>> dhcp_default_lease_time=3600
>> 
>> [10.1.13.0]
>> next_hop=192.168.2.2
>> domain-name=inlinel3.endoo.eu 
>> name=inlinel3.endoo.eu 
>> nat_enabled=1
>> named=enabled
>> dhcpd=disabled
>> fake_mac_enabled=0
>> type=inlinel3
>> netmask=255.255.255.0
>> 
>> The dhcp.conf: 
>> # dhcpd configuration
>> # This file is manipulated on PacketFence's startup before being given to 
>> dhcpd
>> authoritative;
>> ddns-update-style none;
>> ignore client-updates;
>> log-facility local6;
>> 
>> # OMAPI for IP <-> MAC lookup
>> omapi-port 7911;
>> key pf_omapi_key {
>> algorithm HMAC-MD5;
>> secret "ghkxVADMEeYe8ikHCjkyu7hQ2abIA/SbcH8Ep6a4FGs=";
>> };
>> omapi-key pf_omapi_key;
>> 
>> 
>> failover peer "192.168.2.0/24" {
>>   secondary;
>>   address 192.168.2.250;
>>   port 647;
>>   peer address 192.168.2.251;
>>

Re: [PacketFence-users] pfdhcplistener 5.5.0

2015-11-26 Thread Julien Semaan

Hi Christian,

We have a patch that would be a candidate for 5.5.1 and that would fix 
it for good.

Please see it attached to this mail.

Let us know if it works and it will be added to the next release.

Thanks !

- Julien

On 11/26/2015 09:49 AM, Louis Munro wrote:

Hi Christian,
This is indeed a corner case that is not well handled.

The original reason for that was that we assumed that you either use 
the PacketFence dhcpd for all or none of your networks.

If it’s all, then we should be receiving the ACKs.

If it’s none, then we needed to listen for DHCPREQUEST packets.

We try to process the minimum number of packets required to do the 
job, because in a large network that job quickly becomes expensive.

So in your case I can suggest a few ideas to fix it.

1. You could use the PacketFence dhcpd server on all your networks (if 
that is possible for you).
2. You could try using the UDP reflector 
(https://code.google.com/p/udp-reflector/) to send a copy of the ACKs 
to PacketFence.
3. You could patch PacketFence to handle the DHCPREQUESTS in those 
networks.
4. Look into using OMAPI to have PacketFence query your dhcp server 
for the leases.

I believe option 3 would be fastest to implement.

You could try this patch:

diff --git a/lib/pf/dhcp/processor.pm b/lib/pf/dhcp/processor.pm
index 5b6f6a8..36ee6fe 100644
--- a/lib/pf/dhcp/processor.pm
+++ b/lib/pf/dhcp/processor.pm
@@ -274,7 +274,7 @@ sub parse_dhcp_request {

 # We check if we are running without dhcpd
 # This means we don't see ACK so we need to act on requests
-if((!$self->{running_w_dhcpd} && 
!isenabled($Config{network}{force_listener_update_on_ack})) && 
(defined($client_ip) && defined($client_mac))){
+  if((!isenabled($Config{network}{force_listener_update_on_ack})) && 
(defined($client_ip) && defined($client_mac))){

 $self->handle_new_ip($client_mac, $client_ip, $lease_length);
 }

Let us know if it helps.
We’ll have to think of the best way of handling that particular case 
in the future.

Regards,
--
Louis Munro
lmu...@inverse.ca   :: www.inverse.ca 

+1.514.447.4918 x125  :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu ) 
and PacketFence (www.packetfence.org )

On Nov 25, 2015, at 18:10 , Christian Hanster 
> wrote:

Hi Louis,

It’s me again and I found the problem finally. It has to do with the 
rewritten dhcplistener in the new release.

The new listener configuration is checking, if there is a dhcp server 
running on the interface. If this is the case then it will not work 
with dhcp-request packages. In my special case the problem was that I 
had running the dhcp server on the interface (inlinel2) but not for 
the inlinel3 network. So the listener was not processing the Request 
packages. It might be a bug but I do not know how to fix it because 
the pfdhcplistener is running on interface level. For me it worked 
when I switched off the dhcp-server on the interface. Probably I will 
let the dhcp be done by an other server in this network...

The problem is in line 332ff. in file processor.pm (Tag 5.5.0): 
https://github.com/inverse-inc/packetfence/blob/devel/lib/pf/dhcp/processor.pm

Thank you for your help!

Kind regards
Christian
On 25 Nov 2015, at 22:41, Christian Hanster 
> wrote:

Hi Louis,

No there are no lines with DHCPACK or OFFER. This is, because there 
are no such packets coming (seen in Tcpdump). Our setup is the 
following: remote client — LAN— router (with dnsmasq and a relay to 
PF) =VPN-Tunnel= VPN-Server —LAN—  PF-Server

So PF is not offering any leases to the remote clients but gets 
information from the dnsmasq which is configured as a relay. PF is 
configured as inlinel3 for the remote clients.

the networks.conf is therefore:
[192.168.2.0]
dns=192.168.2.254
dhcp_start=192.168.2.10
gateway=192.168.2.250
domain-name=inlinel2.endoo.eu 
nat_enabled=enabled
named=enabled
dhcp_max_lease_time=3600
fake_mac_enabled=disabled
dhcpd=enabled
dhcp_end=192.168.2.246
type=inlinel2
netmask=255.255.255.0
dhcp_default_lease_time=3600

[10.1.13.0]
next_hop=192.168.2.2
domain-name=inlinel3.endoo.eu 
name=inlinel3.endoo.eu 
nat_enabled=1
named=enabled
dhcpd=disabled
fake_mac_enabled=0
type=inlinel3
netmask=255.255.255.0

The dhcp.conf:
# dhcpd configuration
# This file is manipulated on PacketFence's startup before being 
given to dhcpd

authoritative;
ddns-update-style none;
ignore client-updates;
log-facility local6;

# OMAPI for IP <-> MAC lookup
omapi-port 7911;
key pf_omapi_key {
  algorithm HMAC-MD5;
  secret "ghkxVADMEeYe8ikHCjkyu7hQ2abIA/SbcH8Ep6a4FGs=";
};
omapi-key pf_omapi_key;

failover peer "192.168.2.0/24" {
secondary;
address 192.168.2.250;
port 647;

Re: [PacketFence-users] Problem with upgrade scripts

2015-11-26 Thread Louis Munro



> On Nov 26, 2015, at 4:41 , Nicola Canepa  wrote:
> 
> Is it possible to fix it?
> I modified the scripts by hand with my names, but it would be nice if 
> the configured ones where used automagically.



Hi Nicola,
You did the right thing.
Editing the script is the recommended way of handling that.

As for a more general fix, I’m afraid it’s a case of “patches welcomed”.

Regards,
--
Louis Munro
lmu...@inverse.ca  ::  www.inverse.ca 
+1.514.447.4918 x125  :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)--
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741551=/4140___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Problem with upgrade scripts

2015-11-26 Thread Nicola Canepa

I think the right way should be a line in the UPGRADE.asciidoc about the 
permissions, and a separate file for the graphite DB, with another line 
in UPGRADE.ascii.

Which is the proper way to make a pull request in PF on github?

Nicola

Il 26/11/15 16:15, Louis Munro ha scritto:



On Nov 26, 2015, at 4:41 , Nicola Canepa > wrote:


Is it possible to fix it?
I modified the scripts by hand with my names, but it would be nice if
the configured ones where used automagically.




Hi Nicola,
You did the right thing.
Editing the script is the recommended way of handling that.

As for a more general fix, I’m afraid it’s a case of “patches welcomed”.

Regards,
--
Louis Munro
lmu...@inverse.ca   :: www.inverse.ca 


+1.514.447.4918 x125  :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu ) 
and PacketFence (www.packetfence.org )



--
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741551=/4140


___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users


--

Nicola Canepa
Tel: +39-0522-399-3474
canep...@mmfg.it
---
Il contenuto della presente comunicazione è riservato e destinato 
esclusivamente ai destinatari indicati. Nel caso in cui sia ricevuto da persona 
diversa dal destinatario sono proibite la diffusione, la distribuzione e la 
copia. Nel caso riceveste la presente per errore, Vi preghiamo di informarci e 
di distruggerlo e/o cancellarlo dal Vostro computer, senza utilizzare i dati 
contenuti. La presente comunicazione (comprensiva dei documenti allegati) non 
avrà valore di proposta contrattuale e/o accettazione di proposte provenienti 
dal destinatario, nè rinuncia o riconoscimento di diritti, debiti e/o crediti, 
nè sarà impegnativa, qualora non sia sottoscritto successivo accordo da chi può 
validamente obbligarci. Non deriverà alcuna responsabilità precontrattuale a 
ns. carico, se la presente non sia seguita da contratto sottoscritto dalle 
parti.

The content of the above communication is strictly confidential and reserved 
solely for the referred addressees. In the event of receipt by persons 
different from the addressee, copying, alteration and distribution are 
forbidden. If received by mistake we ask you to inform us and to destroy and/or 
delete from your computer without using the data herein contained. The present 
message (eventual annexes inclusive) shall not be considered a contractual 
proposal and/or acceptance of offer from the addressee, nor waiver recognizance 
of rights, debts  and/or credits, nor shall it be binding when not executed as 
a subsequent agreement by persons who could lawfully represent us. No 
pre-contractual liability shall apply to us when the present communication is 
not followed by any binding agreement between the parties.

--
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741551=/4140___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] pfdhcplistener 5.5.0

2015-11-26 Thread Christian Hanster

Hi Louis,

thank you very much for the full response! It helped me a lot. For now we are 
running a dhcp server on an other server for the network as a workaround. I 
will now have a look in all the options and figure out what is the best. 

Concerning the first option I have a question: In the guide it is mentioned 
that you should not use the dhcp-Server of PF as a production server. Because 
of this, it was never an option for us. Is it possible anyway? 

Perhaps you can make a side note in the guide where routed networks are 
discussed. So that this confusion will be avoided when someone else has the 
problem too. 

Kind regards 
Christian 
> On 26 Nov 2015, at 15:49, Louis Munro  wrote:
> 
> Hi Christian,
> This is indeed a corner case that is not well handled.
> 
> The original reason for that was that we assumed that you either use the 
> PacketFence dhcpd for all or none of your networks.
> If it’s all, then we should be receiving the ACKs.
> 
> If it’s none, then we needed to listen for DHCPREQUEST packets.
> 
> We try to process the minimum number of packets required to do the job, 
> because in a large network that job quickly becomes expensive.
> 
> So in your case I can suggest a few ideas to fix it.
> 
> 1. You could use the PacketFence dhcpd server on all your networks (if that 
> is possible for you).
> 2. You could try using the UDP reflector 
> (https://code.google.com/p/udp-reflector/ 
> ) to send a copy of the ACKs to 
> PacketFence.
> 3. You could patch PacketFence to handle the DHCPREQUESTS in those networks.
> 4. Look into using OMAPI to have PacketFence query your dhcp server for the 
> leases.
> 
> I believe option 3 would be fastest to implement.
> 
> You could try this patch:
> 
> diff --git a/lib/pf/dhcp/processor.pm b/lib/pf/dhcp/processor.pm
> index 5b6f6a8..36ee6fe 100644
> --- a/lib/pf/dhcp/processor.pm
> +++ b/lib/pf/dhcp/processor.pm
> @@ -274,7 +274,7 @@ sub parse_dhcp_request {
> 
>  # We check if we are running without dhcpd
>  # This means we don't see ACK so we need to act on requests
> -if((!$self->{running_w_dhcpd} && 
> !isenabled($Config{network}{force_listener_update_on_ack})) && 
> (defined($client_ip) && defined($client_mac))){
> +if((!isenabled($Config{network}{force_listener_update_on_ack})) && 
> (defined($client_ip) && defined($client_mac))){
>  $self->handle_new_ip($client_mac, $client_ip, $lease_length);
>  }
> 
> 
> 
> Let us know if it helps.
> We’ll have to think of the best way of handling that particular case in the 
> future.
> 
> Regards,
> --
> Louis Munro
> lmu...@inverse.ca   ::  www.inverse.ca 
>  
> +1.514.447.4918 x125  :: +1 (866) 353-6153 x125
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu ) and 
> PacketFence (www.packetfence.org )
> 
>> On Nov 25, 2015, at 18:10 , Christian Hanster > > wrote:
>> 
>> Hi Louis,
>> 
>> It’s me again and I found the problem finally. It has to do with the 
>> rewritten dhcplistener in the new release.
>> 
>> The new listener configuration is checking, if there is a dhcp server 
>> running on the interface. If this is the case then it will not work with 
>> dhcp-request packages. In my special case the problem was that I had running 
>> the dhcp server on the interface (inlinel2) but not for the inlinel3 
>> network. So the listener was not processing the Request packages. It might 
>> be a bug but I do not know how to fix it because the pfdhcplistener is 
>> running on interface level. For me it worked when I switched off the 
>> dhcp-server on the interface. Probably I will let the dhcp be done by an 
>> other server in this network...
>> 
>> The problem is in line 332ff. in file processor.pm (Tag 5.5.0): 
>> https://github.com/inverse-inc/packetfence/blob/devel/lib/pf/dhcp/processor.pm
>>  
>> 
>> 
>> Thank you for your help! 
>> 
>> Kind regards 
>> Christian
>>> On 25 Nov 2015, at 22:41, Christian Hanster >> > wrote:
>>> 
>>> Hi Louis,
>>> 
>>> No there are no lines with DHCPACK or OFFER. This is, because there are no 
>>> such packets coming (seen in Tcpdump). Our setup is the following: remote 
>>> client — LAN— router (with dnsmasq and a relay to PF) =VPN-Tunnel= 
>>> VPN-Server —LAN—  PF-Server
>>> 
>>> So PF is not offering any leases to the remote clients but gets information 
>>> from the dnsmasq which is configured as a relay. PF is configured as 
>>> inlinel3 for the remote clients. 
>>> 
>>> the networks.conf is therefore: 
>>> [192.168.2.0]
>>> dns=192.168.2.254
>>> dhcp_start=192.168.2.10
>>> gateway=192.168.2.250
>>> domain-name=inlinel2.endoo.eu 
>>> nat_enabled=enabled
>>>

Re: [PacketFence-users] pfdhcplistener 5.5.0

2015-11-26 Thread Louis Munro

> On Nov 26, 2015, at 10:25 , Christian Hanster  
> wrote:
> 
> Hi Louis,
> 
> thank you very much for the full response! It helped me a lot. For now we are 
> running a dhcp server on an other server for the network as a workaround. I 
> will now have a look in all the options and figure out what is the best. 
> 
> Concerning the first option I have a question: In the guide it is mentioned 
> that you should not use the dhcp-Server of PF as a production server. Because 
> of this, it was never an option for us. Is it possible anyway? 
> 
> Perhaps you can make a side note in the guide where routed networks are 
> discussed. So that this confusion will be avoided when someone else has the 
> problem too. 

We don’t recommend it, because we feel people with large production networks 
would be better off owning their DHCP service and knowing how it works.
It also means you may have to get your hands dirty a bit and edit some of the 
files in /usr/local/pf/conf that are used to generate the dhcp configuration 
since PacketFence generates a dhcpd config optimized for it’s own uses.
But there is no technical reason why it would not work.

PacketFence uses ISC dhcpd as it’s dhcp server.
That should be good enough for most people.

If the patch Julien sent works, there will be no need to do anything special or 
mention it in the guide. 

Regards,
--
Louis Munro
lmu...@inverse.ca  ::  www.inverse.ca 
+1.514.447.4918 x125  :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)--
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741551=/4140___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] pfdhcplistener 5.5.0

2015-11-26 Thread Christian Hanster

Hi Louis,

I just implemented the patch and everything is working fine with it. So for me 
it solved the issue completely. Then you of course do not have to mention it in 
the guide. 

Thank you very much again. Very nice work!

Kind regards
Christian 
> On 26 Nov 2015, at 16:38, Louis Munro  wrote:
> 
> 
> 
>> On Nov 26, 2015, at 10:25 , Christian Hanster > > wrote:
>> 
>> Hi Louis,
>> 
>> thank you very much for the full response! It helped me a lot. For now we 
>> are running a dhcp server on an other server for the network as a 
>> workaround. I will now have a look in all the options and figure out what is 
>> the best. 
>> 
>> Concerning the first option I have a question: In the guide it is mentioned 
>> that you should not use the dhcp-Server of PF as a production server. 
>> Because of this, it was never an option for us. Is it possible anyway? 
>> 
>> Perhaps you can make a side note in the guide where routed networks are 
>> discussed. So that this confusion will be avoided when someone else has the 
>> problem too. 
> 
> 
> We don’t recommend it, because we feel people with large production networks 
> would be better off owning their DHCP service and knowing how it works.
> It also means you may have to get your hands dirty a bit and edit some of the 
> files in /usr/local/pf/conf that are used to generate the dhcp configuration 
> since PacketFence generates a dhcpd config optimized for it’s own uses.
> But there is no technical reason why it would not work.
> 
> PacketFence uses ISC dhcpd as it’s dhcp server.
> That should be good enough for most people.
> 
> If the patch Julien sent works, there will be no need to do anything special 
> or mention it in the guide. 
> 
> Regards,
> --
> Louis Munro
> lmu...@inverse.ca   ::  www.inverse.ca 
>  
> +1.514.447.4918 x125  :: +1 (866) 353-6153 x125
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu ) and 
> PacketFence (www.packetfence.org )
> --
> Go from Idea to Many App Stores Faster with Intel(R) XDK
> Give your users amazing mobile app experiences with Intel(R) XDK.
> Use one codebase in this all-in-one HTML5 development environment.
> Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
> http://pubads.g.doubleclick.net/gampad/clk?id=254741551=/4140___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users

--
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741551=/4140___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Problem with upgrade scripts

2015-11-26 Thread Louis Munro



> On Nov 26, 2015, at 10:18 , Nicola Canepa  wrote:
> 
> I think the right way should be a line in the UPGRADE.asciidoc about the 
> permissions, and a separate file for the graphite DB, with another line in 
> UPGRADE.ascii.
> Which is the proper way to make a pull request in PF on github?

The usual way: you clone the repo, make your changes and the submit a pull 
request.


Regards,
--
Louis Munro
lmu...@inverse.ca  ::  www.inverse.ca 
+1.514.447.4918 x125  :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)--
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741551=/4140___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Problem with upgrade scripts

Re: [PacketFence-users] packetfence-windows-agent.exe

Re: [PacketFence-users] pfdhcplistener 5.5.0

Re: [PacketFence-users] pfdhcplistener 5.5.0

Re: [PacketFence-users] Problem with upgrade scripts

Re: [PacketFence-users] Problem with upgrade scripts

Re: [PacketFence-users] pfdhcplistener 5.5.0

Re: [PacketFence-users] pfdhcplistener 5.5.0

Re: [PacketFence-users] pfdhcplistener 5.5.0

Re: [PacketFence-users] Problem with upgrade scripts

10 matches

Site Navigation

Mail list logo

Footer information