Re: [PacketFence-users] Packetfence-ZEN-5-1 bandwidth violation

Thu, 30 Jul 2015 23:18:10 -0700 

Hi Fabrice,
should I use PF ZEN 5.3.1 and how to upgrade from ZEN 5.1.? How to do a interim update of radius in ZEN? 

Regards
Hubert

Am 30.07.2015 um 14:19 schrieb Fabrice DURAND:

Hi Hubert,


It works when you disconnect because a radius accounting stop is sent, 
so it probably miss radius interim update.


Regards
Fabrice

Le 2015-07-30 07:29, Hubert Kupper a écrit :

Hi Louis,


I had a copy of the original violations.conf and copied it into the 
pf/conf directory. I edited the bandwidth exampel of the new 
violations.conf and now it works! The violation occours when I 
download more than 2GB/day but only if I disattach my device from 
network. What can be the reason of this?


Regards,
Hubert

Am 30.07.2015 um 06:50 schrieb Hubert Kupper:

Hello Louis,

I turned off pfbandwidth.d as you said.

pf.conf:

[general]
#
# general.domain
#
# Domain name of PacketFence system.
domain=our domain
#
# general.hostname
#

# Hostname of PacketFence system.  This is concatenated with the 
domain in Apache rewriting rules and therefore must be resolvable by 
clients.

hostname=pfence2
#
# general.dnsservers
#

# Comma-delimited list of DNS servers.  Passthroughs are created to 
allow queries to these servers from even "trapped" nodes.

dnsservers=IPs of our dns servers,127.0.0.1
#
# general.dhcpservers
#

# Comma-delimited list of DHCP servers.  Passthroughs are created to 
allow DHCP transactions from even "trapped" nodes.

dhcpservers=127.0.0.1,IPs of our dhcp servers
#
# general.timezone
#
# System's timezone in string format. Supported list:
# http://www.php.net/manual/en/timezones.php
timezone=Europe/Berlin

[trapping]
#
# trapping.range
#

# Comma-delimited list of address ranges/CIDR blocks that 
PacketFence will monitor/detect/trap on.  Gateway, network, and

# broadcast addresses are ignored.
range=our range

[alerting]
#
# alerting.emailaddr
#

# Email address to which notifications of rogue DHCP servers, 
violations with an action of "email", or any other

# PacketFence-related message goes to.
emailaddr=f...@uni-landau.de

[database]
#
# database.pass
#
# Password for the mysql database used by PacketFence.
pass=foo
#
# database.user
#

# Username of the account with access to the mysql database used by 
PacketFence.

user=fooadmin

[expire]
#
# expire.node
#
# Time before a node is removed due to inactivity.
# A value of 0D disables expiration.
# example:
# node=90D
node=2m

[services]
#
# services.pfsetvlan
#
# Should pfsetvlan be managed by PacketFence?
pfsetvlan=enabled
#
# services.snmptrapd
#
# Should snmptrapd be managed by PacketFence?
snmptrapd=enabled
# database.pass
#
# Password for the mysql database used by PacketFence.
pass=foo
#
# database.user
#

# Username of the account with access to the mysql database used by 
PacketFence.

user=fooadmin

[expire]
#
# expire.node
#
# Time before a node is removed due to inactivity.
# A value of 0D disables expiration.
# example:
# node=90D
node=2m

[services]
#
# services.pfsetvlan
#
# Should pfsetvlan be managed by PacketFence?
pfsetvlan=enabled
#
# services.snmptrapd
#
# Should snmptrapd be managed by PacketFence?
snmptrapd=enabled

[inline]
#
# inline.interfaceSNAT

# Choose the interface(s) you want to use to enable snat (by default 
it´s the management interface)

interfaceSNAT=eth0.209
# inline.accounting
#
# Should we handle accouting data for inline clients?
# This controls inline accouting tasks in pfmon.
accounting=enabled


[interface eth0.37]
enforcement=vlan
ip=ip for vlan 37
type=management
mask=255.255.255.0

[interface eth0.209]
enforcement=vlan
ip=ip for vlan 209
type=internal,monitor
mask=255.255.255.0

[interface eth0.212]
enforcement=vlan
ip=ip for vlan 212
type=internal
mask=255.255.255.0

[interface eth0.213]
enforcement=vlan
ip=ip for vlan 213
type=internal
mask=255.255.255.0

Am 29.07.2015 um 15:39 schrieb Louis Munro:

Is this inline or out-of-band?

Please post your pf.conf.

Regards,
--
Louis Munro

lmu...@inverse.ca <mailto:lmu...@inverse.ca>  :: www.inverse.ca 
<http://www.inverse.ca>

+1.514.447.4918 x125  :: +1 (866) 353-6153 x125

Inverse inc. :: Leaders behind SOGo (www.sogo.nu 
<http://www.sogo.nu>) and PacketFence (www.packetfence.org 
<http://www.packetfence.org>)



On Jul 29, 2015, at 3:52 , Hubert Kupper <kup...@uni-landau.de 
<mailto:kup...@uni-landau.de>> wrote:



Hi Louis,

pfbandwidthd is using 100% cpu time and pfbandwidthd.log shows:


Jul 20 07:30:57 pfbandwidthd(5868) INFO: pfbandwidthd starting and 
writing 5871 to /usr/local/pf/var/run/pfbandwidthd.pid 
(pf::services::util::createpid)
Jul 21 02:04:13 pfbandwidthd(5868) FATAL: pfbandwidthd: caught 
SIGTERM - terminating (main::normal_sighandler)
Jul 21 02:04:13 pfbandwidthd(5868) FATAL: pfbandwidthd: caught 
SIGTERM - terminating at /usr/local/pf/sbin/pfbandwidthd line 285

 (IO::Select::can_read)

Jul 21 02:04:13 pfbandwidthd(5868) ERROR: pfbandwidthd: caught 
SIGTERM - terminating at /usr/local/pf/sbin/pfbandwidthd line 285

 (IO::Select::can_read)

Jul 21 02:05:24 pfbandwidthd(6848) INFO: pfbandwidthd starting and 
writing 6851 to /usr/local/pf/var/run/pfbandwidthd.pid 
(pf::services::util::createpid)
Jul 28 08:06:24 pfbandwidthd(6848) FATAL: pfbandwidthd: caught 
SIGTERM - terminating (main::normal_sighandler)
Jul 28 08:06:24 pfbandwidthd(6848) FATAL: pfbandwidthd: caught 
SIGTERM - terminating at /usr/local/pf/sbin/pfbandwidthd line 285

 (IO::Select::can_read)

Jul 28 08:06:24 pfbandwidthd(6848) ERROR: pfbandwidthd: caught 
SIGTERM - terminating at /usr/local/pf/sbin/pfbandwidthd line 285

 (IO::Select::can_read)

Jul 28 08:06:24 pfbandwidthd(6848) FATAL: panic: leave_scope 
inconsistency at /usr/local/pf/sbin/pfbandwidthd line 157.

 (main::)

Jul 28 08:06:24 pfbandwidthd(6848) ERROR: panic: leave_scope 
inconsistency at /usr/local/pf/sbin/pfbandwidthd line 157.

 (main::)

Jul 28 08:06:24 pfbandwidthd(6848) FATAL: panic: leave_scope 
inconsistency at /usr/local/pf/sbin/pfbandwidthd line 157.

 (main::)

Jul 28 08:06:24 pfbandwidthd(6848) ERROR: panic: leave_scope 
inconsistency at /usr/local/pf/sbin/pfbandwidthd line 157.

 (main::)

Jul 28 08:07:29 pfbandwidthd(10196) INFO: pfbandwidthd starting 
and writing 10199 to /usr/local/pf/var/run/pfbandwidthd.pid 
(pf::services::util::createpid)
Jul 29 07:59:56 pfbandwidthd(10196) FATAL: pfbandwidthd: caught 
SIGTERM - terminating (main::normal_sighandler)
Jul 29 07:59:56 pfbandwidthd(10196) FATAL: pfbandwidthd: caught 
SIGTERM - terminating at /usr/local/pf/sbin/pfbandwidthd line 285

 (main::)

Jul 29 07:59:56 pfbandwidthd(10196) ERROR: pfbandwidthd: caught 
SIGTERM - terminating at /usr/local/pf/sbin/pfbandwidthd line 285

 (main::)

Jul 29 08:00:56 pfbandwidthd(12316) INFO: pfbandwidthd starting 
and writing 12319 to /usr/local/pf/var/run/pfbandwidthd.pid 
(pf::services::util::createpid)

[root@PacketFence-ZEN-5-1 logs]#

Regards,
Hubert

Am 28.07.2015 um 20:23 schrieb Louis Munro:



On Jul 28, 2015, at 8:37 , Hubert Kupper <kup...@uni-landau.de 
<mailto:kup...@uni-landau.de>> wrote:



there is traffic on port 1813 from the cisco switch to th 
server. tcpdump shows it.


mysql> select count(*) from radacct; shows count(*) 44



Is the MAC of the device among those listed in radacct?

Something like this should return more:


mysql> select 
callingstationid,acctinputoctets,acctoutputoctets,acctstarttime 
from radacct;



Regards,
--
Louis Munro






------------------------------------------------------------------------------

_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users























					Reply via email to