Hi Hubert,
Interim update has to be configured on the AP side, not on PacketFence side.
Regards
Fabrice
Le 2015-07-31 00:13, Hubert Kupper a écrit :
Hi Fabrice,
should I use PF ZEN 5.3.1 and how to upgrade from ZEN 5.1.? How to do
a interim update of radius in ZEN?
Regards
Hubert
Am 30.07.2015 um 14:19 schrieb Fabrice DURAND:
Hi Hubert,
It works when you disconnect because a radius accounting stop is
sent, so it probably miss radius interim update.
Regards
Fabrice
Le 2015-07-30 07:29, Hubert Kupper a écrit :
Hi Louis,
I had a copy of the original violations.conf and copied it into the
pf/conf directory. I edited the bandwidth exampel of the new
violations.conf and now it works! The violation occours when I
download more than 2GB/day but only if I disattach my device from
network. What can be the reason of this?
Regards,
Hubert
Am 30.07.2015 um 06:50 schrieb Hubert Kupper:
Hello Louis,
I turned off pfbandwidth.d as you said.
pf.conf:
[general]
#
# general.domain
#
# Domain name of PacketFence system.
domain=our domain
#
# general.hostname
#
# Hostname of PacketFence system. This is concatenated with the
domain in Apache rewriting rules and therefore must be resolvable
by clients.
hostname=pfence2
#
# general.dnsservers
#
# Comma-delimited list of DNS servers. Passthroughs are created to
allow queries to these servers from even "trapped" nodes.
dnsservers=IPs of our dns servers,127.0.0.1
#
# general.dhcpservers
#
# Comma-delimited list of DHCP servers. Passthroughs are created
to allow DHCP transactions from even "trapped" nodes.
dhcpservers=127.0.0.1,IPs of our dhcp servers
#
# general.timezone
#
# System's timezone in string format. Supported list:
# http://www.php.net/manual/en/timezones.php
timezone=Europe/Berlin
[trapping]
#
# trapping.range
#
# Comma-delimited list of address ranges/CIDR blocks that
PacketFence will monitor/detect/trap on. Gateway, network, and
# broadcast addresses are ignored.
range=our range
[alerting]
#
# alerting.emailaddr
#
# Email address to which notifications of rogue DHCP servers,
violations with an action of "email", or any other
# PacketFence-related message goes to.
emailaddr=f...@uni-landau.de
[database]
#
# database.pass
#
# Password for the mysql database used by PacketFence.
pass=foo
#
# database.user
#
# Username of the account with access to the mysql database used by
PacketFence.
user=fooadmin
[expire]
#
# expire.node
#
# Time before a node is removed due to inactivity.
# A value of 0D disables expiration.
# example:
# node=90D
node=2m
[services]
#
# services.pfsetvlan
#
# Should pfsetvlan be managed by PacketFence?
pfsetvlan=enabled
#
# services.snmptrapd
#
# Should snmptrapd be managed by PacketFence?
snmptrapd=enabled
# database.pass
#
# Password for the mysql database used by PacketFence.
pass=foo
#
# database.user
#
# Username of the account with access to the mysql database used by
PacketFence.
user=fooadmin
[expire]
#
# expire.node
#
# Time before a node is removed due to inactivity.
# A value of 0D disables expiration.
# example:
# node=90D
node=2m
[services]
#
# services.pfsetvlan
#
# Should pfsetvlan be managed by PacketFence?
pfsetvlan=enabled
#
# services.snmptrapd
#
# Should snmptrapd be managed by PacketFence?
snmptrapd=enabled
[inline]
#
# inline.interfaceSNAT
# Choose the interface(s) you want to use to enable snat (by
default it´s the management interface)
interfaceSNAT=eth0.209
# inline.accounting
#
# Should we handle accouting data for inline clients?
# This controls inline accouting tasks in pfmon.
accounting=enabled
[interface eth0.37]
enforcement=vlan
ip=ip for vlan 37
type=management
mask=255.255.255.0
[interface eth0.209]
enforcement=vlan
ip=ip for vlan 209
type=internal,monitor
mask=255.255.255.0
[interface eth0.212]
enforcement=vlan
ip=ip for vlan 212
type=internal
mask=255.255.255.0
[interface eth0.213]
enforcement=vlan
ip=ip for vlan 213
type=internal
mask=255.255.255.0
Am 29.07.2015 um 15:39 schrieb Louis Munro:
Is this inline or out-of-band?
Please post your pf.conf.
Regards,
--
Louis Munro
lmu...@inverse.ca <mailto:lmu...@inverse.ca> :: www.inverse.ca
<http://www.inverse.ca>
+1.514.447.4918 x125 :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu
<http://www.sogo.nu>) and PacketFence (www.packetfence.org
<http://www.packetfence.org>)
On Jul 29, 2015, at 3:52 , Hubert Kupper <kup...@uni-landau.de
<mailto:kup...@uni-landau.de>> wrote:
Hi Louis,
pfbandwidthd is using 100% cpu time and pfbandwidthd.log shows:
Jul 20 07:30:57 pfbandwidthd(5868) INFO: pfbandwidthd starting
and writing 5871 to /usr/local/pf/var/run/pfbandwidthd.pid
(pf::services::util::createpid)
Jul 21 02:04:13 pfbandwidthd(5868) FATAL: pfbandwidthd: caught
SIGTERM - terminating (main::normal_sighandler)
Jul 21 02:04:13 pfbandwidthd(5868) FATAL: pfbandwidthd: caught
SIGTERM - terminating at /usr/local/pf/sbin/pfbandwidthd line 285
(IO::Select::can_read)
Jul 21 02:04:13 pfbandwidthd(5868) ERROR: pfbandwidthd: caught
SIGTERM - terminating at /usr/local/pf/sbin/pfbandwidthd line 285
(IO::Select::can_read)
Jul 21 02:05:24 pfbandwidthd(6848) INFO: pfbandwidthd starting
and writing 6851 to /usr/local/pf/var/run/pfbandwidthd.pid
(pf::services::util::createpid)
Jul 28 08:06:24 pfbandwidthd(6848) FATAL: pfbandwidthd: caught
SIGTERM - terminating (main::normal_sighandler)
Jul 28 08:06:24 pfbandwidthd(6848) FATAL: pfbandwidthd: caught
SIGTERM - terminating at /usr/local/pf/sbin/pfbandwidthd line 285
(IO::Select::can_read)
Jul 28 08:06:24 pfbandwidthd(6848) ERROR: pfbandwidthd: caught
SIGTERM - terminating at /usr/local/pf/sbin/pfbandwidthd line 285
(IO::Select::can_read)
Jul 28 08:06:24 pfbandwidthd(6848) FATAL: panic: leave_scope
inconsistency at /usr/local/pf/sbin/pfbandwidthd line 157.
(main::)
Jul 28 08:06:24 pfbandwidthd(6848) ERROR: panic: leave_scope
inconsistency at /usr/local/pf/sbin/pfbandwidthd line 157.
(main::)
Jul 28 08:06:24 pfbandwidthd(6848) FATAL: panic: leave_scope
inconsistency at /usr/local/pf/sbin/pfbandwidthd line 157.
(main::)
Jul 28 08:06:24 pfbandwidthd(6848) ERROR: panic: leave_scope
inconsistency at /usr/local/pf/sbin/pfbandwidthd line 157.
(main::)
Jul 28 08:07:29 pfbandwidthd(10196) INFO: pfbandwidthd starting
and writing 10199 to /usr/local/pf/var/run/pfbandwidthd.pid
(pf::services::util::createpid)
Jul 29 07:59:56 pfbandwidthd(10196) FATAL: pfbandwidthd: caught
SIGTERM - terminating (main::normal_sighandler)
Jul 29 07:59:56 pfbandwidthd(10196) FATAL: pfbandwidthd: caught
SIGTERM - terminating at /usr/local/pf/sbin/pfbandwidthd line 285
(main::)
Jul 29 07:59:56 pfbandwidthd(10196) ERROR: pfbandwidthd: caught
SIGTERM - terminating at /usr/local/pf/sbin/pfbandwidthd line 285
(main::)
Jul 29 08:00:56 pfbandwidthd(12316) INFO: pfbandwidthd starting
and writing 12319 to /usr/local/pf/var/run/pfbandwidthd.pid
(pf::services::util::createpid)
[root@PacketFence-ZEN-5-1 logs]#
Regards,
Hubert
Am 28.07.2015 um 20:23 schrieb Louis Munro:
On Jul 28, 2015, at 8:37 , Hubert Kupper <kup...@uni-landau.de
<mailto:kup...@uni-landau.de>> wrote:
there is traffic on port 1813 from the cisco switch to th
server. tcpdump shows it.
mysql> select count(*) from radacct; shows count(*) 44
Is the MAC of the device among those listed in radacct?
Something like this should return more:
mysql> select
callingstationid,acctinputoctets,acctoutputoctets,acctstarttime
from radacct;
Regards,
--
Louis Munro
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users