Re: [PacketFence-users] Perform checkup

2015-11-12 Thread Thomas, Gregory A 
ls -l /usr/local/fingerbank/logs
total 3988
-rw-r--r-- 1 root root 1925473 Nov 12 15:41 fingerbank.log
-rw-r--r-- 1 root root  258114 Nov  6 04:39 fingerbank.log-20151106.gz
-rw-r--r-- 1 root root  246021 Nov  7 03:29 fingerbank.log-20151107.gz
-rw-r--r-- 1 root root  211990 Nov  8 03:14 fingerbank.log-20151108.gz
-rw-r--r-- 1 root root  233009 Nov  9 03:09 fingerbank.log-20151109.gz
-rw-r--r-- 1 root root  425247 Nov 10 03:41 fingerbank.log-20151110.gz
-rw-r--r-- 1 root root  495088 Nov 11 03:19 fingerbank.log-2015.gz
-rw-r--r-- 1 root root  270214 Nov 12 03:25 fingerbank.log-20151112.gz

--
Gregory A. Thomas
Computer Professional
University of Wisconsin-Parkside
thom...@uwp.edu
262.595.2432

From: Derek Wuelfrath [mailto:dwuelfr...@inverse.ca]
Sent: Thursday, November 12, 2015 12:44 PM
To: ML PF <packetfence-users@lists.sourceforge.net>
Subject: Re: [PacketFence-users] Perform checkup

Gregory,

That is kind of “inoffensive” but still !
Can you do a ‘ls -l /usr/local/fingerbank/logs’ and paste the output please !

Cheers!
dw.

—
Derek Wuelfrath
dwuelfr...@inverse.ca<mailto:dwuelfr...@inverse.ca> :: +1.514.447.4918 (x110) 
:: +1.866.353.6153 (x110)
Inverse inc. :: Leaders behind SOGo (www.sogo.nu<http://www.sogo.nu>) and 
PacketFence (www.packetfence.org<http://www.packetfence.org>)

On Nov 12, 2015, at 12:09 PM, Thomas, Gregory A 
<thom...@uwp.edu<mailto:thom...@uwp.edu>> wrote:

On the admin webpage, there has been the perform checkup link. In the past I 
have ignored it as the error seems to be something that did not apply as the 
system seems to be work as expected.

Today I click it and  see the new warning about a rule not being part of a 
class. But now I am concerned about the other one:
FATAL: Apache will fail to start! 
/usr/local/pf/lib/pf/web/captiveportal_mod_perl.pl doesn’t compile

Apache starts because I see it when I test register machines, so what is this 
error pointing to?

I am running 5.4.0 on CentOS 6.5 (updated) completely in INLINE mode.

--
Gregory A. Thomas
Computer Professional
University of Wisconsin-Parkside
thom...@uwp.edu
262.595.2432

--
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/packetfence-users

--
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Problems Installing PacketFence - issue with OpenSSL

2015-11-12 Thread Louis Munro 


> On Nov 12, 2015, at 12:44 , Catch All  wrote:
> 
>  "Linux debian 3.2.0-4-686-pae #1 SMP Debian 3.2.68-1+deb7u6 i686"


I don’t think we support 32 bits distros anymore in 5.4.

Try the x86_64 version.


Regards,
--
Louis Munro
lmu...@inverse.ca  ::  www.inverse.ca 
+1.514.447.4918 x125  :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)--
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] radius authorization interval

2015-11-12 Thread Morris, Andi 
Thanks for the advice.

I ran some tests yesterday and can see that each time the device reauths, it’s 
connected to a different AP. The device has remained completely static on my 
desk, and so isn’t a physical roaming thing. I’m not seeing deauths from 
packetfence though, so I’m happy to pass this over to the network team for them 
to investigate further.

Cheers,
Andi

From: Derek Wuelfrath [mailto:dwuelfr...@inverse.ca]
Sent: 11 November 2015 16:20
To: ML PF 
Subject: Re: [PacketFence-users] radius authorization interval

Hello Andi,

Thanks for your reply, as always.

Always a pleasure :)

I’m interested on the busy AP thing, I’ll check that out as it’s highly 
possible. I don’t think we manually set a maximum allowed client limit, but 
it’s possible there’s a default one.

Not 100% sure this is the problem but I’ve already saw on some network 
equipment, cases that when the “limit” was reached, oldest connections were 
being kicked out to allow newer…
I guess the logs on the WLC would help if it is the case.

There’s not much that can lead a device to reconnect…
PacketFence
PacketFence is sending some COA request when the device change state. Thoses 
requests are logged in the PacketFence log so we would see them...

WLC
- A timeout or a limit is reached which then lead the WLC to “kick” devices 
off. Logs on the WLC would help diagnose
- Roaming

Device itself
- The device is disconnecting from the associated radio for a reason or another…
- Roaming

Let me know if you find anything

Cheers!
dw.

—
Derek Wuelfrath
dwuelfr...@inverse.ca :: +1.514.447.4918 (x110) 
:: +1.866.353.6153 (x110)
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and 
PacketFence (www.packetfence.org)

On Nov 11, 2015, at 3:42 AM, Morris, Andi 
> wrote:

Hi Derek,
Thanks for your reply, as always.

I’ve reproduced this on another packetfence box where I can see the whole 
packetfence log without having to grep the output as there’s only one 
authenticated device registered for use on this box. I see the same thing 
there, reauth happening at certain intervals, although not as regular a pattern.

I’m interested on the busy AP thing, I’ll check that out as it’s highly 
possible. I don’t think we manually set a maximum allowed client limit, but 
it’s possible there’s a default one.

Cheers,
Andi

From: Derek Wuelfrath [mailto:dwuelfr...@inverse.ca]
Sent: 10 November 2015 18:46
To: ML PF 
>
Subject: Re: [PacketFence-users] radius authorization interval

Andi,

Quick question, maybe not related at all but still.
Is this happening on “busy” AP ? Do you know if there’s a lot of clients 
connected at the same time on the AP / radios of the AP ?
Do you have any sort of Maximum Allowed Clients configurations ? (Advanced 
section of the WLAN) ?

Cheers!
dw.

—
Derek Wuelfrath
dwuelfr...@inverse.ca :: +1.514.447.4918 (x110) 
:: +1.866.353.6153 (x110)
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and 
PacketFence (www.packetfence.org)

On Nov 9, 2015, at 12:09 PM, Morris, Andi 
> wrote:

Hi all,
I’m getting reports of users being briefly disconnected from the wireless 
network every few minutes, which is something that didn’t used to happen when 
users were connected to another SSID using exactly the same hardware (Cisco 
WLC). I’m wondering if it’s something like radius authorization, as we see it 
on not just our dot1x SSID, but our SSID that is mac authenticated through PFs 
device registration setup.

According to users it’s around every 5 minutes, however looking at some logs 
for one client using the mac_auth network I can see it seems to re-auth every 
11/12 minutes. Log snippet below:

Nov 09 11:55:59 httpd.aaa(30934) INFO: [30:59:b7:82:14:1a] Can't find 
provisioner (pf::vlan::getNormalVlan)
Nov 09 11:55:59 httpd.aaa(30934) INFO: [30:59:b7:82:14:1a] Connection type is 
WIRELESS_MAC_AUTH. Getting role from node_info (pf::vlan::getNormalVlan)
Nov 09 11:55:59 httpd.aaa(30934) INFO: [30:59:b7:82:14:1a] Username was defined 
"3059b782141a" - returning user based role 'gaming' (pf::vlan::getNormalVlan)
Nov 09 11:55:59 httpd.aaa(30934) INFO: [30:59:b7:82:14:1a] PID: "st12345678", 
Status: reg Returned VLAN: 713, Role: gaming (pf::vlan::fetchVlanForNode)
Nov 09 11:55:59 httpd.aaa(30934) INFO: [30:59:b7:82:14:1a] (192.168.1.1) 
Returning ACCEPT with VLAN 713 and role  (pf::Switch::returnRadiusAccessAccept)
Nov 09 12:07:16 httpd.aaa(30934) INFO: [30:59:b7:82:14:1a] handling radius autz 
request: from switch_ip => (192.168.1.1), connection_type => 
Wireless-802.11-NoEAP,switch_mac => (e8:65:49:e9:2c:60), mac => 
[30:59:b7:82:14:1a], port

[PacketFence-users] Email activation portal error. PF 5.3.1

2015-11-12 Thread Tim DeNike 
It activates the device, but doesn't set the access duration.

Caught exception in
captiveportal::Controller::Authenticate->createLocalAccount "Attribute
(value) does not pass the type constraint because: Validation failed for
'Str' with value undef at constructor pf::Authentication::Action::new
(defined at /usr/local/pf/lib/pf/Authentication/Action.pm line 43) line 41
pf::Authentication::Action::new('pf::Authentication::Action',
'HASH(0x7f310f84fea8)') called at
/usr/local/pf/html/captive-portal/lib/captiveportal/PacketFence/Controller/Authenticate.pm
line 400
captiveportal::PacketFence::Controller::Authenticate::createLocalAccount('captiveportal::Controller::Authenticate=HASH(0x7f310d34b380)',
'captiveportal=HASH(0x7f310f864f80)', 'HASH(0x7f310f876df0)') called at
/usr/share/perl5/vendor_perl/Catalyst/Action.pm line 65
Catalyst::Action::execute('Catalyst::Action=HASH(0x7f310d3dbb48)',
'captiveportal::Controller::Authenticate=HASH(0x7f310d34b380)',
'captiveportal=HASH(0x7f310f864f80)', 'HASH(0x7f310f876df0)') called at
/usr/share/perl5/vendor_perl/Catalyst.pm line 1691 eval {...} called at
/usr/share/perl5/vendor_perl/Catalyst.pm line 1691
Catalyst::execute('captiveportal=HASH(0x7f310f864f80)',
'captiveportal::Controller::Authenticate',
'Catalyst::Action=HASH(0x7f310d3dbb48)') called at
/usr/share/perl5/vendor_perl/Catalyst/Plugin/StackTrace.pm line 22
Catalyst::Plugin::StackTrace::execute('captiveportal=HASH(0x7f310f864f80)',
'captiveportal::Controller::Authenticate',
'Catalyst::Action=HASH(0x7f310d3dbb48)') called at
/usr/share/perl5/vendor_perl/Catalyst/Action.pm line 60
Catalyst::Action::dispatch('Catalyst::Action=HASH(0x7f310d3dbb48)',
'captiveportal=HASH(0x7f310f864f80)') called at
/usr/share/perl5/vendor_perl/Catalyst/Dispatcher.pm line 257
Catalyst::Dispatcher::_do_forward('Catalyst::Dispatcher=HASH(0x7f310c3afb80)',
'forward', 'captiveportal=HASH(0x7f310f864f80)', 'Authenticate',
'createLocalAccount', 'ARRAY(0x7f310f876ee0)') called at
/usr/share/perl5/vendor_perl/Catalyst/Dispatcher.pm line 237
Catalyst::Dispatcher::forward('Catalyst::Dispatcher=HASH(0x7f310c3afb80)',
'captiveportal=HASH(0x7f310f864f80)', 'Authenticate', 'createLocalAccount',
'ARRAY(0x7f310f876ee0)') called at /usr/share/perl5/vendor_perl/Catalyst.pm
line 358 Catalyst::forward('captiveportal=HASH(0x7f310f864f80)',
'Authenticate', 'createLocalAccount', 'ARRAY(0x7f310f876ee0)') called at
/usr/local/pf/html/captive-portal/lib/captiveportal/PacketFence/Controller/Activate/Email.pm
line 151
captiveportal::PacketFence::Controller::Activate::Email::doEmailRegistration('captiveportal::Controller::Activate::Email=HASH(0x7f310d350208)',
'captiveportal=HASH(0x7f310f864f80)', 'c1d5719d1bd605a5669f92200175a32c')
called at /usr/share/perl5/vendor_perl/Catalyst/Action.pm line 65
Catalyst::Action::execute('Catalyst::Action=HASH(0x7f310d401d88)',
'captiveportal::Controller::Activate::Email=HASH(0x7f310d350208)',
'captiveportal=HASH(0x7f310f864f80)', 'c1d5719d1bd605a5669f92200175a32c')
called at /usr/share/perl5/vendor_perl/Catalyst.pm line 1691 eval {...}
called at /usr/share/perl5/vendor_perl/Catalyst.pm line 1691
Catalyst::execute('captiveportal=HASH(0x7f310f864f80)',
'captiveportal::Controller::Activate::Email',
'Catalyst::Action=HASH(0x7f310d401d88)') called at
/usr/share/perl5/vendor_perl/Catalyst/Plugin/StackTrace.pm line 22
Catalyst::Plugin::StackTrace::execute('captiveportal=HASH(0x7f310f864f80)',
'captiveportal::Controller::Activate::Email',
'Catalyst::Action=HASH(0x7f310d401d88)') called at
/usr/share/perl5/vendor_perl/Catalyst/Action.pm line 60
Catalyst::Action::dispatch('Catalyst::Action=HASH(0x7f310d401d88)',
'captiveportal=HASH(0x7f310f864f80)') called at
/usr/share/perl5/vendor_perl/Catalyst/Dispatcher.pm line 257
Catalyst::Dispatcher::_do_forward('Catalyst::Dispatcher=HASH(0x7f310c3afb80)',
'forward', 'captiveportal=HASH(0x7f310f864f80)', 'doEmailRegistration',
'ARRAY(0x7f310f86f918)') called at
/usr/share/perl5/vendor_perl/Catalyst/Dispatcher.pm line 237
Catalyst::Dispatcher::forward('Catalyst::Dispatcher=HASH(0x7f310c3afb80)',
'captiveportal=HASH(0x7f310f864f80)', 'doEmailRegistration',
'ARRAY(0x7f310f86f918)') called at /usr/share/perl5/vendor_perl/Catalyst.pm
line 358 Catalyst::forward('captiveportal=HASH(0x7f310f864f80)',
'doEmailRegistration', 'ARRAY(0x7f310f86f918)') called at
/usr/local/pf/html/captive-portal/lib/captiveportal/PacketFence/Controller/Activate/Email.pm
line 82
captiveportal::PacketFence::Controller::Activate::Email::code('captiveportal::Controller::Activate::Email=HASH(0x7f310d350208)',
'captiveportal=HASH(0x7f310f864f80)', 'c1d5719d1bd605a5669f92200175a32c')
called at /usr/share/perl5/vendor_perl/Catalyst/Action.pm line 65
Catalyst::Action::execute('Catalyst::Action=HASH(0x7f310d401c50)',
'captiveportal::Controller::Activate::Email=HASH(0x7f310d350208)',
'captiveportal=HASH(0x7f310f864f80)', 'c1d5719d1bd605a5669f92200175a32c')
called at /usr/share/perl5/vendor_perl/Catalyst.pm line 1691 eval {...}
called

Re: [PacketFence-users] Problems Installing PacketFence - issue with OpenSSL

2015-11-12 Thread Jonathan Mahady 
Hi,

I can confirm this, I had this same problem and when I went through the
repos I found some packages had both 32/64bit packages but some only had
64bit packages. Please stick to a 64 bit distro.

Thanks,

Jonathan

On 13 November 2015 at 03:48, Louis Munro  wrote:

>
>
> On Nov 12, 2015, at 12:44 , Catch All  wrote:
>
>  "Linux debian 3.2.0-4-686-pae #1 SMP Debian 3.2.68-1+deb7u6 i686"
>
>
>
> I don’t think we support 32 bits distros anymore in 5.4.
>
> Try the x86_64 version.
>
>
> Regards,
> --
> Louis Munro
> lmu...@inverse.ca  ::  www.inverse.ca
> +1.514.447.4918 x125  :: +1 (866) 353-6153 x125
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (
> www.packetfence.org)
>
>
> --
>
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
--
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Perform checkup

2015-11-12 Thread Thomas, Gregory A 
On the admin webpage, there has been the perform checkup link. In the past I 
have ignored it as the error seems to be something that did not apply as the 
system seems to be work as expected.

Today I click it and  see the new warning about a rule not being part of a 
class. But now I am concerned about the other one:
FATAL: Apache will fail to start! 
/usr/local/pf/lib/pf/web/captiveportal_mod_perl.pl doesn't compile

Apache starts because I see it when I test register machines, so what is this 
error pointing to?

I am running 5.4.0 on CentOS 6.5 (updated) completely in INLINE mode.

--
Gregory A. Thomas
Computer Professional
University of Wisconsin-Parkside
thom...@uwp.edu
262.595.2432

--
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Perform checkup

2015-11-12 Thread Derek Wuelfrath 
Gregory,

That is kind of “inoffensive” but still !
Can you do a ‘ls -l /usr/local/fingerbank/logs’ and paste the output please !

Cheers!
dw.

—
Derek Wuelfrath
dwuelfr...@inverse.ca :: +1.514.447.4918 (x110) :: +1.866.353.6153 (x110)
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)

> On Nov 12, 2015, at 12:09 PM, Thomas, Gregory A  wrote:
> 
> On the admin webpage, there has been the perform checkup link. In the past I 
> have ignored it as the error seems to be something that did not apply as the 
> system seems to be work as expected.
>  
> Today I click it and  see the new warning about a rule not being part of a 
> class. But now I am concerned about the other one:
> FATAL: Apache will fail to start! 
> /usr/local/pf/lib/pf/web/captiveportal_mod_perl.pl doesn’t compile
>  
> Apache starts because I see it when I test register machines, so what is this 
> error pointing to?
>  
> I am running 5.4.0 on CentOS 6.5 (updated) completely in INLINE mode.
>  
> --
> Gregory A. Thomas
> Computer Professional
> University of Wisconsin-Parkside
> thom...@uwp.edu 
> 
> 262.595.2432
>  
> --
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net 
> 
> https://lists.sourceforge.net/lists/listinfo/packetfence-users 
> 
--
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Problems Installing PacketFence - issue with OpenSSL

2015-11-12 Thread Catch All 
Am I the only one having problems installing packetfence?
I keep getting issues with OpenSSL
I have made a clean install of Wheezy "Linux debian 3.2.0-4-686-pae #1 SMP
Debian 3.2.68-1+deb7u6 i686"
I followed the instructions re: backports, non-free, ran the apt-get update
and install.

apt.get install packetfence
results in:
packetfence: Depends: libcrypt-openssl-pkcs12-perl but it is not installable
Depends: libcrypt-openssl-pkcs10-perl but it is not
installable
Depends: sscep but it is not installable
Depends: libcache-memcached-perl but it is not going to
be installed
Depends: haproxy (>= 1.5) but is not installable
E: Unable to correct problems, you have held broken packages.

openssl -version -a
OpenSSL 1.0.1e 11 Feb 2013
built on Sat Jun 13 10:53:18 UTC 2015

This repeats after making a reinstall of the OS - also on different HW
--
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users