I'm giving it a try, but I think you need to check the ntlm cache feature:
/usr/local/pf/lib/pf/domain/ntlm_cache.pm line 242
foreach my $server (split(/\s*,\s*/, $source->{host})) {
You are splitting $source->{host} as a string but it is an array already
hth
Il 14/04/2021 21:15, Ludovic Marcotte via PacketFence-users ha scritto:
The Inverse team is pleased to announce the immediate availability of PacketFence v10.3. This is a major release with new features, enhancements and bug fixes. This release is considered ready for production use and upgrading from previous versions is strongly advised.What is PacketFence?PacketFence is a fully supported, trusted, Free and Open Source Network Access Control (NAC) solution. Boasting an impressive feature set, PacketFence can be used to effectively secure small to very large heterogeneous networks.Among the features provided by PacketFence, there are: * powerful BYOD (Bring Your Own Device) capabilities * multiple enforcement methods including Role-Based Access Control (RBAC) and hotspot-style * built-in network behaviour anomaly detection * state-of-the art devices identification with Fingerbank * compliance checks for endpoints present on your network * integration with various vulnerability scanners, intrusion detection solutions, security agents and firewalls * bandwidth accounting for all devices * ... and many more!A complete overview of the solution is available from the official website:https://packetfence.org/about.html <https://packetfence.org/about.html>Changes Since Previous Release *New Features* * Static routes management via admin gui * Aruba CX support * Aruba 2930M Web Authentication and Dynamic ACL support (#6158) * Meraki DPSK support * Ruckus DPSK support * Support for Ruckus SmartZone MAC authentication in non-proxy modes (#6201) * Bluesocket support (#5878) * Support for SCEP inpfpki(#6213) *Enhancements* * Improved the failover mechanisms when an Active Directory or LDAP server is detected as dead * Expiration of the local accounts created on the portal can now be set on the source level * pfacct and radiusd-acct can now both be enabled together (radiusd-acct proxies to pfacct) * Added CoA support to Aerohive module * Added role based enforcement (Filter-Id) support to Extreme module * Use Called-Station-SSID attribute as the SSID when possible * Added CLI login support to Huawei switch template * Added detectionBypass in DNS resolver (#6028) * Improve support of Android Agent for EAP-TLS and EAP-PEAP * Improve CLI login support on HP and Aruba switches * Use the "Authorization" header when performing API calls to Github in the OAuth context * Replace xsltproc/fop by asciidoctor-pdf (#5968) * FortiGate Role Based Enforcement (#5645) * Add support for roles (RBAC) for Ruckus WLAN controllers (#2530) * Upgrade to go version 1.15 (#6044) * Build ready-to-use Vagrant images for integration tests and send them to Vagrant cloud (#6099) * Documentation to configure Security Onion 2.3.10 * Added integration tests for 802.1X wireless and wireless MAC authentication (#6114) * Restrict create, update, and delete operations to the default and global tenant users (#6075) * Remove pftest MySQL tuner (#6130) * Allow NetFlow address to be configured (#6139) * Deprecated fencing whitelist * Description field for L2 and routed networks (#5829) * Updated Stripe integration to use Stripe Elements (API v3) (#6121) * Added Cisco WLC 9800 configuration documentation * Inheritance on parent role on Role and Web Auth * Enhance CLI login on SG300 switches * Enable/disable the natting traffic for inline networks * Remove unused table userlog (#6170) * Clarifications on Ruckus Role-by-Role capabilities (#6201) * DNS/IP attributes in pfpki certificates (#6213) * Additional template attributes in certificate profile (#6213) * Remove unused table inline_accounting (#6171) * Make pfdhcplistener tenant aware (#6204) * Upgrade to MariaDB 10.2.37 (#6149) *Bug Fixes* * Switch defined by MAC address are not processed by pfacct in cluster mode (#5969) * Restart switchport return TRUE if MAC address is not found in locationlog for bouncePortCoA (#6013) * Switch template: CLI authorize attributes ignored (#6009) * ubiquiti_ap_mac_to_ip task doesn't update expires_at column in chi_cache table (#6004) * A switch can't override switch group values using default switch group values (#5998) * web admin: timer_expire and ocsp_timeout are not displayed correctly (#5961) * web admin: Realm can't be selected as a filter on a connection profile (#5959) * API: remove a source doesn't remove rules from authentication.conf (#5958) * web admin: high-availability setting is not display correctly when editing an interface (#5963) * SSIDs are not hidden by default when creating a provisioner (#5952) * with_aup is correctly displayed on GUI (#5954) * web admin: sender is wrong when you use Preview feature (#6023) * sponsor guest registration: unexpected strings in email subject (#3669) * Use the proper attribute name for Mikrotik in returnRadiusAccessAccept (#6051) * Audit log: profile has an empty value when doing Ethernet/Wireless-NoEAP (#5977) * pfacct stores 00:00:00:00:00:00 MAC in DB when Calling-Station-ID is XXXX-XXXX-XXXX (#6109) * Update the location log when the Called-Station-Id changes (#6045) * Only enable NetFlow in iptables if NetFlow is enabled (#6080) * Firewall SSO: take username from accounting data if available in place of database (#6148)Seehttps://github.com/inverse-inc/packetfence/compare/v10.2.0...v10.3.0 <https://github.com/inverse-inc/packetfence/compare/v10.2.0...v10.3.0>for the complete change log.See the Upgrade guide for notes about upgrading:https://packetfence.org/doc/PacketFence_Upgrade_Guide.html <https://packetfence.org/doc/PacketFence_Upgrade_Guide.html>Getting PacketFencePacketFence is free software and is distributed under the GNU GPL. As such, you are free to download and try it by either getting the new release or by getting the sources:https://packetfence.org/download.html <https://packetfence.org/download.html>Documentation about the installation and configuration of PacketFence is also available:https://packetfence.org/support/index.html#/documentation <https://packetfence.org/support/index.html#/documentation>How Can I Help?PacketFence is a collaborative effort in order to create the best Free and Open Source NAC solution. There are multiple ways you can contribute to the project:* Documentation reviews, enhancements and translations * Feature requests or by sharing your ideas * Participate in the discussion on mailing lists (https://packetfence.org/support/index.html#/community <https://packetfence.org/support/index.html#/community>) * Patches for bugs or enhancements * Provide new translations of remediation pages Getting SupportFor any questions, do not hesitate to contact us by writing tosupp...@inverse.ca <mailto:supp...@inverse.ca>You can also fill our online form (https://inverse.ca/#contact <https://inverse.ca/#contact>) and a representative from Inverse will contact you.Inverse offers professional services to organizations willing to secure their wired and wireless networks with the PacketFence solution.-- Ludovic Marcotte lmarco...@inverse.ca :: +1.514.755.3630 ::https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank (https://fingerbank.org) _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
-- *Cristian Mammoli* Network and Computer Systems Administrator T.+39 0731719822 www.apra.it <https://www.apra.it> Apra Spa <https://www.apra.it/> linksocial*Avviso sulla tutela di informazioni riservate.* Questo messaggio รจ stato spedito da Apra spa o da una delle aziende del Gruppo. Esso e gli eventuali allegati, potrebbero contenere informazioni di carattere estremamente riservato e confidenziale. Qualora non foste i destinatari designati, vogliate cortesemente informarci immediatamente con lo stesso mezzo ed eliminare il messaggio e i relativi eventuali allegati, senza trattenerne copia.
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
