[PacketFence-users] PFDNS

2020-01-05 Thread Steve Stone via PacketFence-users 
New to packetfence.  Installing it on Centos 7 and follow all suggestion in  
guide but when I get to start packetfence PFDNS will not start.  I check 
pfdns.log and it states: listen tcp :53: bind: address already in use.  I check 
and DNSMasq Is using that port.  What should be done to help resolve this?

Steve Stone

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] pfdns stoped.

2014-06-12 Thread Minh Trung 
Hello experts,

I can not pass the 6 step because pfdns cannot started.
I tried stop/start/restart many time but not yet.
Here is the log
 *[root@SEC01 bin]# tail -f /usr/local/pf/logs/packetfence.log*
J








*un 12 04:50:55 pfcmd.pl (5566) INFO: pidof -x radiusd
returned 5008 (pf::services::manager::pidFromFile)Jun 12 04:51:54 pfcmd.pl
(5620) INFO: pidof -x memcached returned 4865
(pf::services::manager::pidFromFile) Jun 12 04:51:54 pfcmd.pl
(5620) INFO: verifying process 4865
(pf::services::manager::removeStalePid)Jun 12 04:51:54 pfcmd.pl
(5620) INFO: pidof -x memcached returned 4865
(pf::services::manager::pidFromFile) Jun 12 04:51:54 pfcmd.pl
(5620) INFO: pidof -x memcached returned 4865
(pf::services::manager::pidFromFile)Jun 12 04:51:54 pfcmd.pl
(5620) INFO: pidof -x httpd.admin returned 4879
(pf::services::manager::pidFromFile) Jun 12 04:51:54 pfcmd.pl
(5620) INFO: verifying process 4879
(pf::services::manager::removeStalePid)Jun 12 04:51:54 pfcmd.pl
(5620) INFO: pidof -x httpd.admin returned 4879
(pf::services::manager::pidFromFile) Jun 12 04:51:54 pfcmd.pl
(5620) INFO: pidof -x httpd.admin returned 4879
(pf::services::manager::pidFromFile)Jun 12 04:51:56 pfcmd.pl
(5620) INFO: Daemon pfdns took 0.004 seconds to start.
(pf::services::manager::launchService)*

This is the pfdns.log:












*[root@SEC01 bin]# tail -f /usr/local/pf/logs/pfdns.logJun 12 04:51:58
pfdns(5634) ERROR: Couldn't create TCP socket: Address already in use at
/usr/lib64/perl5/Net/DNS/Nameserver.pm line 89
Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr',
'ARRAY(0x4e573d0)', 'LocalPort', 53, 'ReplyHandler', 'CODE(0x481bfa0)',
'Verbose', 0, ...) called at /usr/local/pf/sbin/pfdns line 122
 (Carp::cluck)Jun 12 04:51:58 pfdns(5634) ERROR: Couldn't create UDP
socket: Address already in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm
line 108Net::DNS::Nameserver::new('Net::DNS::Nameserver',
'LocalAddr', 'ARRAY(0x4e573d0)', 'LocalPort', 53, 'ReplyHandler',
'CODE(0x481bfa0)', 'Verbose', 0, ...) called at /usr/local/pf/sbin/pfdns
line 122  (Carp::cluck)Jun 12 04:51:58 pfdns(5634) FATAL: couldn't create
nameserver object (main::)Jun 12 04:51:58 pfdns(5634) ERROR: couldn't
create nameserver object (main::)*
Any help is appreciated,
--
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] PfDns Configuration

2016-04-22 Thread g4-lisz 
Hi all.

Somebody can tell me where I find the configuration of pfdns? Or better:
How to find out his current name to IP database? I needed this for
debugging reasons.

Thank you,
Till

--
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] pfdns die

2016-11-24 Thread Cheung Paul 
Dear support :


pfdns service die. this is a productional envirment, pf running 3month ok , but 
today suddenly die, here is the log,  by the way no one touch the pf server.



Nov 24 09:27:04 pfdns(31884) FATAL: Can't call method "answer" on an undefined 
value at /usr/local/pf/sbin/pfdns line 358.
 (main::regzone)
Nov 24 09:27:04 pfdns(31884) ERROR: Can't call method "answer" on an undefined 
value at /usr/local/pf/sbin/pfdns line 358.
 (main::regzone)
Nov 24 09:27:05 pfdns(31884) FATAL: Can't call method "answer" on an undefined 
value at /usr/local/pf/sbin/pfdns line 358.
 (main::regzone)
Nov 24 09:27:05 pfdns(31884) ERROR: Can't call method "answer" on an undefined 
value at /usr/local/pf/sbin/pfdns line 358.
 (main::regzone)
Nov 24 09:27:05 pfdns(31884) FATAL: Can't call method "answer" on an undefined 
value at /usr/local/pf/sbin/pfdns line 358.
 (main::regzone)
Nov 24 09:27:05 pfdns(31884) ERROR: Can't call method "answer" on an undefined 
value at /usr/local/pf/sbin/pfdns line 358.
 (main::regzone)
Nov 24 09:27:05 pfdns(31884) FATAL: Can't call method "answer" on an undefined 
value at /usr/local/pf/sbin/pfdns line 358.
 (main::regzone)
Nov 24 09:27:05 pfdns(31884) ERROR: Can't call method "answer" on an undefined 
value at /usr/local/pf/sbin/pfdns line 358.
 (main::regzone)
Nov 24 09:27:06 pfdns(31884) ERROR: Child 31890 (1) is dead. Respawning it. 
(main::)
Nov 24 09:27:06 pfdns(31884) ERROR: Child 31891 (2) is dead. Respawning it. 
(main::)
Nov 24 09:27:06 pfdns(31884) INFO: Memory configuration is not valid anymore 
for key config::Pf in local cached_hash (pfconfig::cached::is_valid)
Nov 24 09:27:07 pfdns(31884) ERROR: Child 31893 (4) is dead. Respawning it. 
(main::)
Nov 24 09:27:07 pfdns(31884) ERROR: Child 31892 (3) is dead. Respawning it. 
(main::)
Nov 24 09:27:07 pfdns(31884) INFO: Memory configuration is not valid anymore 
for key config::Pf in local cached_hash (pfconfig::cached::is_valid)
Nov 24 09:29:36 pfdns(31884) FATAL: Can't call method "answer" on an undefined 
value at /usr/local/pf/sbin/pfdns line 358.
 (main::regzone)
Nov 24 09:29:36 pfdns(31884) ERROR: Can't call method "answer" on an undefined 
value at /usr/local/pf/sbin/pfdns line 358.
 (main::regzone)
Nov 24 09:29:36 pfdns(31884) FATAL: Can't call method "answer" on an undefined 
value at /usr/local/pf/sbin/pfdns line 358.
 (main::regzone)
Nov 24 09:29:36 pfdns(31884) ERROR: Can't call method "answer" on an undefined 
value at /usr/local/pf/sbin/pfdns line 358.
 (main::regzone)
Nov 24 09:29:37 pfdns(31884) ERROR: Child 4999 (1) is dead. Respawning it. 
(main::)
Nov 24 09:29:37 pfdns(31884) ERROR: Child 5001 (2) is dead. Respawning it. 
(main::)
Nov 24 09:29:37 pfdns(31884) INFO: Memory configuration is not valid anymore 
for key config::Pf in local cached_hash (pfconfig::cached::is_valid)
Nov 24 09:29:37 pfdns(31884) FATAL: Can't call method "answer" on an undefined 
value at /usr/local/pf/sbin/pfdns line 358.
 (main::regzone)
Nov 24 09:29:37 pfdns(31884) ERROR: Can't call method "answer" on an undefined 
value at /usr/local/pf/sbin/pfdns line 358.
 (main::regzone)
Nov 24 09:29:37 pfdns(31884) FATAL: Can't call method "answer" on an undefined 
value at /usr/local/pf/sbin/pfdns line 358.
 (main::regzone)
Nov 24 09:29:37 pfdns(31884) ERROR: Can't call method "answer" on an undefined 
value at /usr/local/pf/sbin/pfdns line 358.
 (main::regzone)
Nov 24 09:29:38 pfdns(31884) ERROR: Child 5068 (3) is dead. Respawning it. 
(main::)
Nov 24 09:29:38 pfdns(31884) ERROR: Child 5067 (4) is dead. Respawning it. 
(main::)
Nov 24 09:29:38 pfdns(31884) INFO: Memory configuration is not valid anymore 
for key config::Pf in local cached_hash (pfconfig::cached::is_valid)
Nov 24 09:30:09 pfdns(11384) INFO: pfdns starting and writing 11384 to 
/usr/local/pf/var/run/pfdns.pid (pf::services::util::createpid)
Nov 24 09:30:09 pfdns(11384) WARN: Couldn't create TCP socket: Address already 
in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 89
Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr', 
'ARRAY(0xb6ce6d8)', 'LocalPort', 53, 'ReplyHandler', 'CODE(0xa1d9be0)', 
'Verbose', 0, ...) called at /usr/local/pf/sbin/pfdns line 179
 (Carp::cluck)
Nov 24 09:30:09 pfdns(11384) ERROR: Couldn't create TCP socket: Address already 
in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 89
Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr', 
'ARRAY(0xb6ce6d8)', 'LocalPort', 53, 'ReplyHandler', 'CODE(0xa1d9be0)', 
'Verbose', 0, ...) called at /usr/local/pf/sbin/pfdns line 179
 (Carp::cluck)
Nov 24 09:30:09 pfdns(11384) WARN: Couldn't create UDP socket: Address already 
in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 108
Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr', 
'ARRAY(0xb6ce6d8)', 'LocalPort', 53, 'ReplyHandler', 'CODE(0xa1d9be0)', 
'Verbose', 0, ...) called at /usr/local/pf/sbin/pfdns line 179
 (Carp::cluck)
Nov 24 09:30:09 pfdns(11384) ERROR: Couldn't create UDP socket: Address alr

[PacketFence-users] PFDNS stability issue

2013-08-28 Thread Sallee, Stephen (Jake) 
Hello all!

Well ... I am still seeing pfdns crash, but it is only once every several hours.

How would one go about monitoring the service?

I am considering writing a small script to monitor the pfdns service and take a 
copy of all the logs when it dies ... but if something like this already exists 
I would rather not reinvent the proverbial wheel.

And, as far as I can tell, there is no record of the service crashing in the 
logs ... is there a way anyone knows about to get real-time / log data on the 
pfdns service?



Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor
900 College St.
Belton TX. 76513
Fone: 254-295-4658
Phax: 254-295-4221
HTTP://WWW.UMHB.EDU

--
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] pfdns stoped.

2014-06-12 Thread Fabrice DURAND 

Hi,

there is another process who is using the udp port 53.
So kill it and restart packetfence.

Regards
Fabrice

Le 2014-06-11 18:00, Minh Trung a écrit :

Hello experts,

I can not pass the 6 step because pfdns cannot started.
I tried stop/start/restart many time but not yet.
Here is the log
/[root@SEC01 bin]# tail -f /usr/local/pf/logs/packetfence.log/
J/un 12 04:50:55 pfcmd.pl (5566) INFO: pidof -x 
radiusd returned 5008 (pf::services::manager::pidFromFile)
Jun 12 04:51:54 pfcmd.pl (5620) INFO: pidof -x 
memcached returned 4865 (pf::services::manager::pidFromFile)
Jun 12 04:51:54 pfcmd.pl (5620) INFO: verifying 
process 4865 (pf::services::manager::removeStalePid)
Jun 12 04:51:54 pfcmd.pl (5620) INFO: pidof -x 
memcached returned 4865 (pf::services::manager::pidFromFile)
Jun 12 04:51:54 pfcmd.pl (5620) INFO: pidof -x 
memcached returned 4865 (pf::services::manager::pidFromFile)
Jun 12 04:51:54 pfcmd.pl (5620) INFO: pidof -x 
httpd.admin returned 4879 (pf::services::manager::pidFromFile)
Jun 12 04:51:54 pfcmd.pl (5620) INFO: verifying 
process 4879 (pf::services::manager::removeStalePid)
Jun 12 04:51:54 pfcmd.pl (5620) INFO: pidof -x 
httpd.admin returned 4879 (pf::services::manager::pidFromFile)
Jun 12 04:51:54 pfcmd.pl (5620) INFO: pidof -x 
httpd.admin returned 4879 (pf::services::manager::pidFromFile)
Jun 12 04:51:56 pfcmd.pl (5620) INFO: Daemon pfdns 
took 0.004 seconds to start. (pf::services::manager::launchService)/


This is the pfdns.log:
/[root@SEC01 bin]# tail -f /usr/local/pf/logs/pfdns.log
Jun 12 04:51:58 pfdns(5634) ERROR: Couldn't create TCP socket: Address 
already in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 89
Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr', 
'ARRAY(0x4e573d0)', 'LocalPort', 53, 'ReplyHandler', 
'CODE(0x481bfa0)', 'Verbose', 0, ...) called at 
/usr/local/pf/sbin/pfdns line 122

 (Carp::cluck)
Jun 12 04:51:58 pfdns(5634) ERROR: Couldn't create UDP socket: Address 
already in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 108
Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr', 
'ARRAY(0x4e573d0)', 'LocalPort', 53, 'ReplyHandler', 
'CODE(0x481bfa0)', 'Verbose', 0, ...) called at 
/usr/local/pf/sbin/pfdns line 122

 (Carp::cluck)
Jun 12 04:51:58 pfdns(5634) FATAL: couldn't create nameserver object
 (main::)
Jun 12 04:51:58 pfdns(5634) ERROR: couldn't create nameserver object
 (main::)

/
Any help is appreciated,





--
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems


___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users



--
Fabrice Durand
fdur...@inverse.ca ::  +1.514.447.4918 (x135) ::  www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence 
(http://packetfence.org)

--
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] pfdns stoped.

2014-06-12 Thread Nicola Canepa 
It looks like a DNS is already running.
Try stopping named, or dnsmasq.

Nicola

Il giorno 12/giu/2014, alle ore 00.00, Minh Trung ha scritto:

> Hello experts,
> 
> I can not pass the 6 step because pfdns cannot started.
> I tried stop/start/restart many time but not yet.
> Here is the log
>  [root@SEC01 bin]# tail -f /usr/local/pf/logs/packetfence.log
> Jun 12 04:50:55 pfcmd.pl(5566) INFO: pidof -x radiusd returned 5008 
> (pf::services::manager::pidFromFile)
> Jun 12 04:51:54 pfcmd.pl(5620) INFO: pidof -x memcached returned 4865 
> (pf::services::manager::pidFromFile)
> Jun 12 04:51:54 pfcmd.pl(5620) INFO: verifying process 4865 
> (pf::services::manager::removeStalePid)
> Jun 12 04:51:54 pfcmd.pl(5620) INFO: pidof -x memcached returned 4865 
> (pf::services::manager::pidFromFile)
> Jun 12 04:51:54 pfcmd.pl(5620) INFO: pidof -x memcached returned 4865 
> (pf::services::manager::pidFromFile)
> Jun 12 04:51:54 pfcmd.pl(5620) INFO: pidof -x httpd.admin returned 4879 
> (pf::services::manager::pidFromFile)
> Jun 12 04:51:54 pfcmd.pl(5620) INFO: verifying process 4879 
> (pf::services::manager::removeStalePid)
> Jun 12 04:51:54 pfcmd.pl(5620) INFO: pidof -x httpd.admin returned 4879 
> (pf::services::manager::pidFromFile)
> Jun 12 04:51:54 pfcmd.pl(5620) INFO: pidof -x httpd.admin returned 4879 
> (pf::services::manager::pidFromFile)
> Jun 12 04:51:56 pfcmd.pl(5620) INFO: Daemon pfdns took 0.004 seconds to 
> start. (pf::services::manager::launchService)
> 
> This is the pfdns.log:
> [root@SEC01 bin]# tail -f /usr/local/pf/logs/pfdns.log
> Jun 12 04:51:58 pfdns(5634) ERROR: Couldn't create TCP socket: Address 
> already in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 89
> Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr', 
> 'ARRAY(0x4e573d0)', 'LocalPort', 53, 'ReplyHandler', 'CODE(0x481bfa0)', 
> 'Verbose', 0, ...) called at /usr/local/pf/sbin/pfdns line 122
>  (Carp::cluck)
> Jun 12 04:51:58 pfdns(5634) ERROR: Couldn't create UDP socket: Address 
> already in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 108
> Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr', 
> 'ARRAY(0x4e573d0)', 'LocalPort', 53, 'ReplyHandler', 'CODE(0x481bfa0)', 
> 'Verbose', 0, ...) called at /usr/local/pf/sbin/pfdns line 122
>  (Carp::cluck)
> Jun 12 04:51:58 pfdns(5634) FATAL: couldn't create nameserver object
>  (main::)
> Jun 12 04:51:58 pfdns(5634) ERROR: couldn't create nameserver object
>  (main::)
> 
> Any help is appreciated,
> 
> 
> 
> --
> HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
> Find What Matters Most in Your Big Data with HPCC Systems
> Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
> Leverages Graph Analysis for Fast Processing & Easy Data Exploration
> http://p.sf.net/sfu/hpccsystems___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users

--
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PfDns Configuration

2016-04-22 Thread Derek Wuelfrath 
Hello Till,

Not really sure what you are asking for.
Can you be a bit more specific ?

Cheers!
-dw.

—
Derek Wuelfrath
dwuelfr...@inverse.ca :: +1.514.447.4918 (x110) :: +1.866.353.6153 (x110)
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)

> On Apr 22, 2016, at 05:21, g4-l...@tonarchiv.ch wrote:
> 
> Hi all.
> 
> Somebody can tell me where I find the configuration of pfdns? Or better:
> How to find out his current name to IP database? I needed this for
> debugging reasons.
> 
> Thank you,
> Till
> 
> --
> Find and fix application performance issues faster with Applications Manager
> Applications Manager provides deep performance insights into multiple tiers of
> your business applications. It resolves application problems quickly and
> reduces your MTTR. Get your free trial!
> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users


--
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PfDns Configuration

2016-04-22 Thread g4-lisz 
Hello Derek,

Thanks for your reply!

At the moment pfdns is kind of a black box for me... I do not know from
where it takes its configuration.

This is about an in-line configuration, and I am trying to use an
external captive portal with apache_proxy directives. At the moment I
get a "too many redirects" error message in my browser.

It would help me a lot to understand the whole PF mechanisms when I
could see what exactly pfDNS is doing. What names it resolves to which
IPs, and where this data comes from...

Cheers,
Till

On 04/22/2016 03:39 PM, Derek Wuelfrath wrote:
> Hello Till,
>
> Not really sure what you are asking for.
> Can you be a bit more specific ?
>
> Cheers!
> -dw.
>
> —
> Derek Wuelfrath
> dwuelfr...@inverse.ca :: +1.514.447.4918 (x110) :: +1.866.353.6153 (x110)
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
> (www.packetfence.org)
>
>> On Apr 22, 2016, at 05:21, g4-l...@tonarchiv.ch wrote:
>>
>> Hi all.
>>
>> Somebody can tell me where I find the configuration of pfdns? Or better:
>> How to find out his current name to IP database? I needed this for
>> debugging reasons.
>>
>> Thank you,
>> Till
>>
>> --
>> Find and fix application performance issues faster with Applications Manager
>> Applications Manager provides deep performance insights into multiple tiers 
>> of
>> your business applications. It resolves application problems quickly and
>> reduces your MTTR. Get your free trial!
>> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
>> ___
>> PacketFence-users mailing list
>> PacketFence-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
> --
> Find and fix application performance issues faster with Applications Manager
> Applications Manager provides deep performance insights into multiple tiers of
> your business applications. It resolves application problems quickly and
> reduces your MTTR. Get your free trial!
> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users


--
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PfDns Configuration

2016-04-22 Thread Derek Wuelfrath 
Till,

I’ll keep it simple!

pfdns is mainly resolving any request coming to it to the PacketFence portal 
URL (hostname + domain part configured in pf.conf)
When a request coming from a known registration / isolation network, pfdns will 
simply returns the PacketFence URL.

Some more advanced feature are also involving “punching holes” in the iptables 
firewall along with full DNS resolution when it comes to Oauth2 or passthrough 
per example.

I think the easiest way to figure out the behavior you are getting would be to 
run tcpdump on the server and see what is going between it and the client.

Cheers!
-dw.

—
Derek Wuelfrath
dwuelfr...@inverse.ca :: +1.514.447.4918 (x110) :: +1.866.353.6153 (x110)
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)

> On Apr 22, 2016, at 09:57, g4-l...@tonarchiv.ch wrote:
> 
> Hello Derek,
> 
> Thanks for your reply!
> 
> At the moment pfdns is kind of a black box for me... I do not know from
> where it takes its configuration.
> 
> This is about an in-line configuration, and I am trying to use an
> external captive portal with apache_proxy directives. At the moment I
> get a "too many redirects" error message in my browser.
> 
> It would help me a lot to understand the whole PF mechanisms when I
> could see what exactly pfDNS is doing. What names it resolves to which
> IPs, and where this data comes from...
> 
> Cheers,
> Till
> 
> On 04/22/2016 03:39 PM, Derek Wuelfrath wrote:
>> Hello Till,
>> 
>> Not really sure what you are asking for.
>> Can you be a bit more specific ?
>> 
>> Cheers!
>> -dw.
>> 
>> —
>> Derek Wuelfrath
>> dwuelfr...@inverse.ca :: +1.514.447.4918 (x110) :: +1.866.353.6153 (x110)
>> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
>> (www.packetfence.org)
>> 
>>> On Apr 22, 2016, at 05:21, g4-l...@tonarchiv.ch wrote:
>>> 
>>> Hi all.
>>> 
>>> Somebody can tell me where I find the configuration of pfdns? Or better:
>>> How to find out his current name to IP database? I needed this for
>>> debugging reasons.
>>> 
>>> Thank you,
>>> Till
>>> 
>>> --
>>> Find and fix application performance issues faster with Applications Manager
>>> Applications Manager provides deep performance insights into multiple tiers 
>>> of
>>> your business applications. It resolves application problems quickly and
>>> reduces your MTTR. Get your free trial!
>>> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
>>> ___
>>> PacketFence-users mailing list
>>> PacketFence-users@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>> 
>> --
>> Find and fix application performance issues faster with Applications Manager
>> Applications Manager provides deep performance insights into multiple tiers 
>> of
>> your business applications. It resolves application problems quickly and
>> reduces your MTTR. Get your free trial!
>> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
>> ___
>> PacketFence-users mailing list
>> PacketFence-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
> 
> 
> --
> Find and fix application performance issues faster with Applications Manager
> Applications Manager provides deep performance insights into multiple tiers of
> your business applications. It resolves application problems quickly and
> reduces your MTTR. Get your free trial!
> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users


--
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PfDns Configuration

2016-04-22 Thread g4-lisz 
Thank you Derek!

I will sniff a bit more...

But can you give me a hint from where pfdns takes his information about
what is going on on the network? Is it listening to a socket, getting
data from some other PF deamons?

Cheers,
Till

On 04/22/2016 04:05 PM, Derek Wuelfrath wrote:
> Till,
>
> I’ll keep it simple!
>
> pfdns is mainly resolving any request coming to it to the PacketFence portal 
> URL (hostname + domain part configured in pf.conf)
> When a request coming from a known registration / isolation network, pfdns 
> will simply returns the PacketFence URL.
>
> Some more advanced feature are also involving “punching holes” in the 
> iptables firewall along with full DNS resolution when it comes to Oauth2 or 
> passthrough per example.
>
> I think the easiest way to figure out the behavior you are getting would be 
> to run tcpdump on the server and see what is going between it and the client.
>
> Cheers!
> -dw.
>
> —
> Derek Wuelfrath
> dwuelfr...@inverse.ca :: +1.514.447.4918 (x110) :: +1.866.353.6153 (x110)
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
> (www.packetfence.org)
>
>> On Apr 22, 2016, at 09:57, g4-l...@tonarchiv.ch wrote:
>>
>> Hello Derek,
>>
>> Thanks for your reply!
>>
>> At the moment pfdns is kind of a black box for me... I do not know from
>> where it takes its configuration.
>>
>> This is about an in-line configuration, and I am trying to use an
>> external captive portal with apache_proxy directives. At the moment I
>> get a "too many redirects" error message in my browser.
>>
>> It would help me a lot to understand the whole PF mechanisms when I
>> could see what exactly pfDNS is doing. What names it resolves to which
>> IPs, and where this data comes from...
>>
>> Cheers,
>> Till
>>
>> On 04/22/2016 03:39 PM, Derek Wuelfrath wrote:
>>> Hello Till,
>>>
>>> Not really sure what you are asking for.
>>> Can you be a bit more specific ?
>>>
>>> Cheers!
>>> -dw.
>>>
>>> —
>>> Derek Wuelfrath
>>> dwuelfr...@inverse.ca :: +1.514.447.4918 (x110) :: +1.866.353.6153 (x110)
>>> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
>>> (www.packetfence.org)
>>>
 On Apr 22, 2016, at 05:21, g4-l...@tonarchiv.ch wrote:

 Hi all.

 Somebody can tell me where I find the configuration of pfdns? Or better:
 How to find out his current name to IP database? I needed this for
 debugging reasons.

 Thank you,
 Till

 --
 Find and fix application performance issues faster with Applications 
 Manager
 Applications Manager provides deep performance insights into multiple 
 tiers of
 your business applications. It resolves application problems quickly and
 reduces your MTTR. Get your free trial!
 https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
 ___
 PacketFence-users mailing list
 PacketFence-users@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>> --
>>> Find and fix application performance issues faster with Applications Manager
>>> Applications Manager provides deep performance insights into multiple tiers 
>>> of
>>> your business applications. It resolves application problems quickly and
>>> reduces your MTTR. Get your free trial!
>>> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
>>> ___
>>> PacketFence-users mailing list
>>> PacketFence-users@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>> --
>> Find and fix application performance issues faster with Applications Manager
>> Applications Manager provides deep performance insights into multiple tiers 
>> of
>> your business applications. It resolves application problems quickly and
>> reduces your MTTR. Get your free trial!
>> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
>> ___
>> PacketFence-users mailing list
>> PacketFence-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
> --
> Find and fix application performance issues faster with Applications Manager
> Applications Manager provides deep performance insights into multiple tiers of
> your business applications. It resolves application problems quickly and
> reduces your MTTR. Get your free trial!
> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PfDns Configuration

2016-04-22 Thread Louis Munro 

> On Apr 22, 2016, at 11:24 , g4-l...@tonarchiv.ch wrote:
> 
> 
> But can you give me a hint from where pfdns takes his information about
> what is going on on the network? Is it listening to a socket, getting
> data from some other PF deamons?

Think of pfdns this way.

It’s a dns daemon that resolves everything to the IP of the captive-portal, 
with a few exceptions (notably for the passthroughs).
Don’t expect it to have a zone configuration file, like named or anything like 
that.

Its configuration is taken from the pfconfig service which itself generates 
configuration based on the contents of pf.conf.defaults, pf.conf and 
networks.conf.

You can take a look at the internal PacketFence configuration with the 'pfcmd 
pfconfig show  $NAMESPACE' command.

Do I make sense? 

Regards,
--
Louis Munro
lmu...@inverse.ca  ::  www.inverse.ca 
+1.514.447.4918 x125  :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)

--
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PfDns Configuration

2016-04-22 Thread g4-lisz 
Hello Louis,

thank you very much! This is exactly the kind of information I was
looking for.

Best wishes,
Till

On 04/22/2016 06:43 PM, Louis Munro wrote:
>
>> On Apr 22, 2016, at 11:24 , g4-l...@tonarchiv.ch
>>  wrote:
>>
>>
>> But can you give me a hint from where pfdns takes his information about
>> what is going on on the network? Is it listening to a socket, getting
>> data from some other PF deamons?
>
> Think of pfdns this way.
>
> It’s a dns daemon that resolves everything to the IP of the
> captive-portal, with a few exceptions (notably for the passthroughs).
> Don’t expect it to have a zone configuration file, like named or
> anything like that.
>
> Its configuration is taken from the pfconfig service which itself
> generates configuration based on the contents of pf.conf.defaults,
> pf.conf and networks.conf.
>
> You can take a look at the internal PacketFence configuration with the
> 'pfcmd pfconfig show  $NAMESPACE' command.
>
> Do I make sense? 
>
> Regards,
> --
> Louis Munro
> lmu...@inverse.ca   ::  www.inverse.ca
>  
> +1.514.447.4918 x125  :: +1 (866) 353-6153 x125
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu )
> and PacketFence (www.packetfence.org )
>
>
>
> --
> Find and fix application performance issues faster with Applications Manager
> Applications Manager provides deep performance insights into multiple tiers of
> your business applications. It resolves application problems quickly and
> reduces your MTTR. Get your free trial!
> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
>
>
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users

--
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] pfdns services die

2017-05-16 Thread Cheung Paul 
Dears,

after runing sereral weeks the pfdns services will auto die, this happen many 
times, we over 900 people using packetfence, the pfdns die make their network 
stop, please help!!


when it die, it have the log like this,  when restart pfdns, it fail, need to 
restart the OS pfdns recover.



May 15 23:49:49 pfdns(2656) INFO: Resolved 
_ldap._tcp.50f0ad32-0785-4219-a003-4cf2a85a5589.domains._msdcs.allwinnertech.com
 as an Active Directory domain name. Adding passthroughs into ipset. 
(main::regzone)
May 15 23:49:49 pfdns(2656) INFO: Resolved 
_ldap._tcp.50f0ad32-0785-4219-a003-4cf2a85a5589.domains._msdcs.allwinnertech.com
 as an Active Directory domain name. Adding passthroughs into ipset. 
(main::regzone)
May 15 23:49:49 pfdns(2656) INFO: Resolved 
_ldap._tcp.50f0ad32-0785-4219-a003-4cf2a85a5589.domains._msdcs.allwinnertech.com
 as an Active Directory domain name. Adding passthroughs into ipset. 
(main::regzone)
May 15 23:49:49 pfdns(2656) INFO: Resolved 
_ldap._tcp.50f0ad32-0785-4219-a003-4cf2a85a5589.domains._msdcs.allwinnertech.com
 as an Active Directory domain name. Adding passthroughs into ipset. 
(main::regzone)
May 15 23:49:49 pfdns(2656) INFO: Resolved 
_ldap._tcp.50f0ad32-0785-4219-a003-4cf2a85a5589.domains._msdcs.allwinnertech.com
 as an Active Directory domain name. Adding passthroughs into ipset. 
(main::regzone)
May 15 23:49:49 pfdns(2656) INFO: Resolved 
_ldap._tcp.50f0ad32-0785-4219-a003-4cf2a85a5589.domains._msdcs.allwinnertech.com
 as an Active Directory domain name. Adding passthroughs into ipset. 
(main::regzone)
May 15 23:49:49 pfdns(2656) INFO: Resolved 
_ldap._tcp.50f0ad32-0785-4219-a003-4cf2a85a5589.domains._msdcs.allwinnertech.com
 as an Active Directory domain name. Adding passthroughs into ipset. 
(main::regzone)
May 15 23:50:27 pfdns(14567) INFO: pfdns starting and writing 14567 to 
/usr/local/pf/var/run/pfdns.pid (pf::services::util::createpid)
May 15 23:50:27 pfdns(14567) WARN: Couldn't create TCP socket: Address already 
in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 89
Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr', 
'ARRAY(0xa42a608)', 'LocalPort', 53, 'ReplyHandler', 'CODE(0x8f35b10)', 
'Verbose', 0, ...) called at /usr/local/pf/sbin/pfdns line 179
 (Carp::cluck)
May 15 23:50:27 pfdns(14567) ERROR: Couldn't create TCP socket: Address already 
in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 89
Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr', 
'ARRAY(0xa42a608)', 'LocalPort', 53, 'ReplyHandler', 'CODE(0x8f35b10)', 
'Verbose', 0, ...) called at /usr/local/pf/sbin/pfdns line 179
 (Carp::cluck)
May 15 23:50:27 pfdns(14567) WARN: Couldn't create UDP socket: Address already 
in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 108
Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr', 
'ARRAY(0xa42a608)', 'LocalPort', 53, 'ReplyHandler', 'CODE(0x8f35b10)', 
'Verbose', 0, ...) called at /usr/local/pf/sbin/pfdns line 179
 (Carp::cluck)
May 15 23:50:27 pfdns(14567) ERROR: Couldn't create UDP socket: Address already 
in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 108
Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr', 
'ARRAY(0xa42a608)', 'LocalPort', 53, 'ReplyHandler', 'CODE(0x8f35b10)', 
'Verbose', 0, ...) called at /usr/local/pf/sbin/pfdns line 179
 (Carp::cluck)
May 15 23:50:27 pfdns(14567) WARN: Couldn't create TCP socket: Address already 
in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 89
Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr', 
'ARRAY(0xa42a608)', 'LocalPort', 53, 'ReplyHandler', 'CODE(0x8f35b10)', 
'Verbose', 0, ...) called at /usr/local/pf/sbin/pfdns line 179
 (Carp::cluck)
May 15 23:50:27 pfdns(14567) ERROR: Couldn't create TCP socket: Address already 
in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 89
Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr', 
'ARRAY(0xa42a608)', 'LocalPort', 53, 'ReplyHandler', 'CODE(0x8f35b10)', 
'Verbose', 0, ...) called at /usr/local/pf/sbin/pfdns line 179
 (Carp::cluck)
May 15 23:50:27 pfdns(14567) WARN: Couldn't create UDP socket: Address already 
in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 108
Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr', 
'ARRAY(0xa42a608)', 'LocalPort', 53, 'ReplyHandler', 'CODE(0x8f35b10)', 
'Verbose', 0, ...) called at /usr/local/pf/sbin/pfdns line 179
 (Carp::cluck)
May 15 23:50:27 pfdns(14567) ERROR: Couldn't create UDP socket: Address already 
in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 108
Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr', 
'ARRAY(0xa42a608)', 'LocalPort', 53, 'ReplyHandler', 'CODE(0x8f35b10)', 
'Verbose', 0, ...) called at /usr/local/pf/sbin/pfdns line 179
 (Carp::cluck)
May 15 23:50:27 pfdns(14567) FATAL: couldn't create nameserver object
 (main::)
May 15 23:50:27 pfdns(14567) ERROR: couldn't create nameserver object
 (main::)







Sincerely yours,
PaulCheung


 tel: 180-8882-7173
-

[PacketFence-users] pfdns random crashes

2021-04-26 Thread Franklin, Adam via PacketFence-users 
Hi
I wonder if I could seek some assistance with an issue we have on one of our 
packetfence servers. pfdns keeps crashing randomly every few days. Once 
restarted it works ok - until the next crash.
Its on version 10.2.0
Configured in inline mode.
Thanks

This message may contain confidential information and is intended only for the 
individual(s) named. If you are not the named addressee you should not 
disseminate, distribute, print or copy this e-mail. Please notify the sender 
immediately by e-mail if you have received this e-mail by mistake and delete 
this e-mail from your system. E-mail transmission cannot be guaranteed to be 
secure or error-free as information could be intercepted, corrupted, lost, 
destroyed, arrive late or incomplete, or contain viruses. The sender therefore 
does not accept liability for any errors or omissions in the contents of this 
message, which arise as a result of e-mail transmission. Please note that any 
views or opinions presented in this e-mail are solely those of the author and 
do not necessarily represent those of NCG. Finally, the recipient should check 
this e-mail and any attachments for the presence of viruses. Although this 
e-mail and its attachments are believed to be free of any virus or other 
defects, which might affect any computer or IT system into which they are 
received, no responsibility is accepted by NCG or any of its associated 
companies for any loss or damage arising in any way from the receipt or use 
thereof.



NCG Corporation is incorporated under the Further and Higher Education Act for 
the provision of education to students, its trading divisions are Newcastle 
College, Newcastle Sixth Form College, West Lancashire College, Kidderminster 
College, Carlisle College, Lewisham and Southwark and its registered office is 
at Rye Hill House, Scotswood Road, Newcastle upon Tyne, NE4 7SA.


___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PFDNS stability issue

2013-08-28 Thread Jason Frisvold 
Sallee, Stephen (Jake) wrote:
> Hello all!
> 
> Well … I am still seeing pfdns crash, but it is only once every several
> hours.
> 
> How would one go about monitoring the service?
> 
> I am considering writing a small script to monitor the pfdns service and
> take a copy of all the logs when it dies … but if something like this
> already exists I would rather not reinvent the proverbial wheel.
> 
> And, as far as I can tell, there is no record of the service crashing in
> the logs … is there a way anyone knows about to get real-time / log data
> on the pfdns service?

I'll bet you can bump up the log level in the log.conf file..

log4perl.category.pf.pfdns maybe?

> Jake Sallee


-- 
---
Jason 'XenoPhage' Frisvold
xenoph...@godshell.com
---

"Any sufficiently advanced magic is indistinguishable from technology.\"
- Niven's Inverse of Clarke's Third Law

--
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PFDNS stability issue

2013-08-28 Thread Sallee, Stephen (Jake) 
>> log4perl.category.pf.pfdns

Thanks, I'm going to try that right now!

 
Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor
900 College St.
Belton TX. 76513
Fone: 254-295-4658
Phax: 254-295-4221
HTTP://WWW.UMHB.EDU

-Original Message-
From: Jason Frisvold [mailto:xenoph...@godshell.com] 
Sent: Wednesday, August 28, 2013 3:07 PM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS stability issue

Sallee, Stephen (Jake) wrote:
> Hello all!
> 
> Well ... I am still seeing pfdns crash, but it is only once every 
> several hours.
> 
> How would one go about monitoring the service?
> 
> I am considering writing a small script to monitor the pfdns service 
> and take a copy of all the logs when it dies ... but if something like 
> this already exists I would rather not reinvent the proverbial wheel.
> 
> And, as far as I can tell, there is no record of the service crashing 
> in the logs ... is there a way anyone knows about to get real-time / log 
> data on the pfdns service?

I'll bet you can bump up the log level in the log.conf file..

log4perl.category.pf.pfdns maybe?

> Jake Sallee


--
---
Jason 'XenoPhage' Frisvold
xenoph...@godshell.com
---

"Any sufficiently advanced magic is indistinguishable from technology.\"
- Niven's Inverse of Clarke's Third Law

--
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies and 
advance your career. Get an incredible 1,500+ hours of step-by-step tutorial 
videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

--
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PFDNS stability issue

2013-08-28 Thread Jason Frisvold 
Sallee, Stephen (Jake) wrote:
>>> log4perl.category.pf.pfdns
> 
> Thanks, I'm going to try that right now!

I'm not positive on the category name, but it seems right..  :P  I'm not
sure how log4perl determines the names..  Maybe an Inverse programmer
can chime in?

> Jake Sallee


-- 
---
Jason 'XenoPhage' Frisvold
xenoph...@godshell.com
---

"Any sufficiently advanced magic is indistinguishable from technology.\"
- Niven's Inverse of Clarke's Third Law

--
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PFDNS stability issue

2013-08-29 Thread Derek Wuelfrath 
We'll have to check at the logging level we put in place in pfdns.
If there's no logging output, even if you put the loglevel to debug, you won't 
see anything.

We'll also have a look at why it keeps on crashing.

Jake:
Can you provide us with a pcap of when it is crashing ?

Thanks!

Cheers!
dw.

--
Derek Wuelfrath
dwuelfr...@inverse.ca :: +1.514.447.4918 (x110) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)

On 2013-08-28, at 4:38 PM, Jason Frisvold  wrote:

> Sallee, Stephen (Jake) wrote:
 log4perl.category.pf.pfdns
>> 
>> Thanks, I'm going to try that right now!
> 
> I'm not positive on the category name, but it seems right..  :P  I'm not
> sure how log4perl determines the names..  Maybe an Inverse programmer
> can chime in?
> 
>> Jake Sallee
> 
> 
> -- 
> ---
> Jason 'XenoPhage' Frisvold
> xenoph...@godshell.com
> ---
> 
> "Any sufficiently advanced magic is indistinguishable from technology.\"
> - Niven's Inverse of Clarke's Third Law
> 
> --
> Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
> Discover the easy way to master current and previous Microsoft technologies
> and advance your career. Get an incredible 1,500+ hours of step-by-step
> tutorial videos with LearnDevNow. Subscribe today and save!
> http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users


--
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] PFDNS The saga continues

2013-09-30 Thread Sallee, Stephen (Jake) 
Hello PacketFence Family!

I am running PF 4.0.6-2 on CentOS 6.4 fully updated.

I am still seeing an issue with PFNDS seemingly randomly crashing.  I would 
like to get some more information of the problem but since I cannot stare at a 
single terminal all day to see exactly what is happening I am looking for some 
kind of monitoring solution.

Ideally I would like to monitor the PFDNS process and take some actions if I 
see it fail, namely starting the bloody thing back up again as well as pulling 
all the logs for further dissection.

I can do this with some srcipt-fu but I was wondering of anyone out there 
already has something like this or knows of it, that way I can avoid 
reinventing the proverbial wheel.

Also,  I have noticed that the issue I reported some time ago where some PF 
services cannot be started from the webgui is still around for me.  Can anyone 
verify this?  Specifically, if PFDNS is stopped try starting it again using the 
butting in the services menu in the webgui.  For me it does not work, but I do 
not get an error banner as normal.  The service still says stopped though.]

As always, thank you for your time and consideration.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221

--
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from 
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] pfdns services die

2017-05-16 Thread Fabrice Durand 
Hello Cheung,


when it happen , can you check if something else is listening on the
port UDP 53 ?

Because it looks that pfdns try to restart but something is already
listening on the udp port.


lsof -iUDP:53


Regards
Fabrice

Le 2017-05-15 à 22:42, Cheung Paul a écrit :
>
> Dears,
>
> after runing sereral weeks the pfdns services will auto die, this
> happen many times, we over 900 people using packetfence, the pfdns die
> make their network stop, please help!!
>
>
> when it die, it have the log like this,  when restart pfdns, it fail,
> need to restart the OS pfdns recover.  
>
>
>
>
> May 15 23:49:49 pfdns(2656) INFO: Resolved
> _ldap._tcp.50f0ad32-0785-4219-a003-4cf2a85a5589.domains._msdcs.allwinnertech.com
> as an Active Directory domain name. Adding passthroughs into ipset.
> (main::regzone)
> May 15 23:49:49 pfdns(2656) INFO: Resolved
> _ldap._tcp.50f0ad32-0785-4219-a003-4cf2a85a5589.domains._msdcs.allwinnertech.com
> as an Active Directory domain name. Adding passthroughs into ipset.
> (main::regzone)
> May 15 23:49:49 pfdns(2656) INFO: Resolved
> _ldap._tcp.50f0ad32-0785-4219-a003-4cf2a85a5589.domains._msdcs.allwinnertech.com
> as an Active Directory domain name. Adding passthroughs into ipset.
> (main::regzone)
> May 15 23:49:49 pfdns(2656) INFO: Resolved
> _ldap._tcp.50f0ad32-0785-4219-a003-4cf2a85a5589.domains._msdcs.allwinnertech.com
> as an Active Directory domain name. Adding passthroughs into ipset.
> (main::regzone)
> May 15 23:49:49 pfdns(2656) INFO: Resolved
> _ldap._tcp.50f0ad32-0785-4219-a003-4cf2a85a5589.domains._msdcs.allwinnertech.com
> as an Active Directory domain name. Adding passthroughs into ipset.
> (main::regzone)
> May 15 23:49:49 pfdns(2656) INFO: Resolved
> _ldap._tcp.50f0ad32-0785-4219-a003-4cf2a85a5589.domains._msdcs.allwinnertech.com
> as an Active Directory domain name. Adding passthroughs into ipset.
> (main::regzone)
> May 15 23:49:49 pfdns(2656) INFO: Resolved
> _ldap._tcp.50f0ad32-0785-4219-a003-4cf2a85a5589.domains._msdcs.allwinnertech.com
> as an Active Directory domain name. Adding passthroughs into ipset.
> (main::regzone)
> May 15 23:50:27 pfdns(14567) INFO: pfdns starting and writing 14567 to
> /usr/local/pf/var/run/pfdns.pid (pf::services::util::createpid)
> May 15 23:50:27 pfdns(14567) WARN: Couldn't create TCP socket: Address
> already in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 89
> Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr',
> 'ARRAY(0xa42a608)', 'LocalPort', 53, 'ReplyHandler',
> 'CODE(0x8f35b10)', 'Verbose', 0, ...) called at
> /usr/local/pf/sbin/pfdns line 179
>  (Carp::cluck)
> May 15 23:50:27 pfdns(14567) ERROR: Couldn't create TCP socket:
> Address already in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 89
> Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr',
> 'ARRAY(0xa42a608)', 'LocalPort', 53, 'ReplyHandler',
> 'CODE(0x8f35b10)', 'Verbose', 0, ...) called at
> /usr/local/pf/sbin/pfdns line 179
>  (Carp::cluck)
> May 15 23:50:27 pfdns(14567) WARN: Couldn't create UDP socket: Address
> already in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 108
> Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr',
> 'ARRAY(0xa42a608)', 'LocalPort', 53, 'ReplyHandler',
> 'CODE(0x8f35b10)', 'Verbose', 0, ...) called at
> /usr/local/pf/sbin/pfdns line 179
>  (Carp::cluck)
> May 15 23:50:27 pfdns(14567) ERROR: Couldn't create UDP socket:
> Address already in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 108
> Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr',
> 'ARRAY(0xa42a608)', 'LocalPort', 53, 'ReplyHandler',
> 'CODE(0x8f35b10)', 'Verbose', 0, ...) called at
> /usr/local/pf/sbin/pfdns line 179
>  (Carp::cluck)
> May 15 23:50:27 pfdns(14567) WARN: Couldn't create TCP socket: Address
> already in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 89
> Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr',
> 'ARRAY(0xa42a608)', 'LocalPort', 53, 'ReplyHandler',
> 'CODE(0x8f35b10)', 'Verbose', 0, ...) called at
> /usr/local/pf/sbin/pfdns line 179
>  (Carp::cluck)
> May 15 23:50:27 pfdns(14567) ERROR: Couldn't create TCP socket:
> Address already in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 89
> Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr',
> 'ARRAY(0xa42a608)', 'LocalPort', 53, 'ReplyHandler',
> 'CODE(0x8f35b10)', 'Verbose', 0, ...) called at
> /usr/local/pf/sbin/pfdns line 179
>  (Carp::cluck)
> May 15 23:50:27 pfdns(14567) WARN: Couldn't create UDP socket: Address
> already in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 108
> Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalAddr',
> 'ARRAY(0xa42a608)', 'LocalPort', 53, 'ReplyHandler',
> 'CODE(0x8f35b10)', 'Verbose', 0, ...) called at
> /usr/local/pf/sbin/pfdns line 179
>  (Carp::cluck)
> May 15 23:50:27 pfdns(14567) ERROR: Couldn't create UDP socket:
> Address already in use at /usr/lib64/perl5/Net/DNS/Nameserver.pm line 108
> Net::DNS::Nameserver::new('Net::DNS::Nameserver', 'LocalA

[PacketFence-users] PFDns will not start

2020-01-05 Thread Steve Stone via PacketFence-users 
New to packetfence.  Installing it on Centos 7 and follow all suggestion in  
guide but when I get to start packetfence PFDNS will not start.  I check 
pfdns.log and it states: listen tcp :53: bind: address already in use.  I check 
and DNSMasq Is using that port.  What should be done to help resolve this?

Thank you,

Steve Stone

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] pfdns random crashes

2021-04-26 Thread Zammit, Ludovic via PacketFence-users 
Hello Adam,

Can you provide some log of the crashes ?

Thanks,

Ludovic Zammit
Product Support Engineer Principal

Cell: +1.613.670.8432
Akamai Technologies - Inverse
145 Broadway
Cambridge, MA 02142
Connect with Us:   
    
  
  


> On Apr 26, 2021, at 8:16 AM, Franklin, Adam via PacketFence-users 
>  wrote:
> 
> Hi
> I wonder if I could seek some assistance with an issue we have on one of our 
> packetfence servers. pfdns keeps crashing randomly every few days. Once 
> restarted it works ok – until the next crash.
> Its on version 10.2.0
> Configured in inline mode. 
> Thanks
> This message may contain confidential information and is intended only for 
> the individual(s) named. If you are not the named addressee you should not 
> disseminate, distribute, print or copy this e-mail. Please notify the sender 
> immediately by e-mail if you have received this e-mail by mistake and delete 
> this e-mail from your system. E-mail transmission cannot be guaranteed to be 
> secure or error-free as information could be intercepted, corrupted, lost, 
> destroyed, arrive late or incomplete, or contain viruses. The sender 
> therefore does not accept liability for any errors or omissions in the 
> contents of this message, which arise as a result of e-mail transmission. 
> Please note that any views or opinions presented in this e-mail are solely 
> those of the author and do not necessarily represent those of NCG. Finally, 
> the recipient should check this e-mail and any attachments for the presence 
> of viruses. Although this e-mail and its attachments are believed to be free 
> of any virus or other defects, which might affect any computer or IT system 
> into which they are received, no responsibility is accepted by NCG or any of 
> its associated companies for any loss or damage arising in any way from the 
> receipt or use thereof.
> 
>  
> NCG Corporation is incorporated under the Further and Higher Education Act 
> for the provision of education to students, its trading divisions are 
> Newcastle College, Newcastle Sixth Form College, West Lancashire College, 
> Kidderminster College, Carlisle College, Lewisham and Southwark and its 
> registered office is at Rye Hill House, Scotswood Road, Newcastle upon Tyne, 
> NE4 7SA.
> 
>   ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net 
> 
> https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!HSEXhN-L-e9OuX9ml6CuzVpQvfrY5j5j4gQySvqzcodnwe4l4uJ94wGndo1MAteu$
>  
> 


smime.p7s
Description: S/MIME cryptographic signature
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PFDNS The saga continues

2013-09-30 Thread Stephen Wittstruck 
Hi Jake,

I'm running the exact same platform, i.e. OS and PF, though not in production 
yet.

I couldn't get PFDNS to stop through the GUI.  Curiously I tried the others, 
only PFDHCPLISTENER would stop by using the GUI; it would restart also.

Still curious I tried the command line "./pfcmd service pfdns stop" which 
didn't work.  Restart stopped it, but it looks like a server reboot is needed 
to restart it as nothing else is working (I haven't done this yet), including 
the GUI.  Below is the terminal session text of these tests.

Maybe "./pfcmd service pfdns watch" is what you need?


[swittstr@nac-dev bin]$ ./pfcmd service pfdns stop
service|command
pfdns|stop

[swittstr@nac-dev bin]$ ./pfcmd service pfdns status
service|shouldBeStarted|pid
pfdns|1|1573

[swittstr@nac-dev bin]$ ./pfcmd service pfdns   
Usage: pfcmd service  [start|stop|restart|status|watch]

stop/stop/restart specified service
status returns PID of specified PF daemon or 0 if not running
watch acts as a service watcher which can send email/restart the services

Services managed by PacketFence:
  dhcpd| dhcpd daemon
  httpd.webservices| Apache Webservices
  httpd.admin  | Apache Web admin
  httpd.portal | Apache Captive Portal
  pfdns| DNS daemon
  pf   | all services that should be running based on your config
  pfdetect | PF snort alert parser
  pfdhcplistener   | PF DHCP monitoring daemon
  pfmon| PF ARP monitoring daemon
  pfsetvlan| PF VLAN isolation daemon
  radiusd  | FreeRADIUS daemon
  snmptrapd| SNMP trap receiver daemon
  snort| Sourcefire Snort IDS
  suricata | Suricata IDS

watch
Watch performs services checks to make sure that everything is fine. It's
behavior is controlled by servicewatch configuration parameters. watch is
typically best called from cron with something like:
*/5 * * * * /usr/local/pf/bin/pfcmd service pf watch

[swittstr@nac-dev bin]$ ./pfcmd service pfdns watch

[swittstr@nac-dev bin]$ ./pfcmd service pfdns restart
service|command
config files|restart
iptables|restart
pfdns|restart

[swittstr@nac-dev bin]$ ./pfcmd service pfdns status
service|shouldBeStarted|pid
pfdns|1|0

[swittstr@nac-dev bin]$ ./pfcmd service pfdns restart
service|command
config files|restart
iptables|restart
pfdns|restart

[swittstr@nac-dev bin]$ ./pfcmd service pfdns status
service|shouldBeStarted|pid
pfdns|1|0

[swittstr@nac-dev bin]$ ./pfcmd service pfdns start 
httpd.admin|already running
Checking configuration sanity...
service|command
config files|start
iptables|start
pfdns|start

[swittstr@nac-dev bin]$ ./pfcmd service pfdns status
service|shouldBeStarted|pid
pfdns|1|0

[swittstr@nac-dev bin]$ ./pfcmd service pfdns status   (after waiting 10 or 15 
minutes)
[sudo] password for swittstr: 
service|shouldBeStarted|pid
pfdns|1|0
=

Steve
CSM


On Sep 30, 2013, at 9:57 AM, "Sallee, Stephen (Jake)" 
 wrote:

> Hello PacketFence Family!
> 
> I am running PF 4.0.6-2 on CentOS 6.4 fully updated.
> 
> I am still seeing an issue with PFNDS seemingly randomly crashing.  I would 
> like to get some more information of the problem but since I cannot stare at 
> a single terminal all day to see exactly what is happening I am looking for 
> some kind of monitoring solution.
> 
> Ideally I would like to monitor the PFDNS process and take some actions if I 
> see it fail, namely starting the bloody thing back up again as well as 
> pulling all the logs for further dissection.
> 
> I can do this with some srcipt-fu but I was wondering of anyone out there 
> already has something like this or knows of it, that way I can avoid 
> reinventing the proverbial wheel.
> 
> Also,  I have noticed that the issue I reported some time ago where some PF 
> services cannot be started from the webgui is still around for me.  Can 
> anyone verify this?  Specifically, if PFDNS is stopped try starting it again 
> using the butting in the services menu in the webgui.  For me it does not 
> work, but I do not get an error banner as normal.  The service still says 
> stopped though.]
> 
> As always, thank you for your time and consideration.
> 
> Jake Sallee
> Godfather of Bandwidth
> System Engineer
> University of Mary Hardin-Baylor
> 
> 900 College St.
> Belton, Texas
> 76513
> 
> Fone: 254-295-4658
> Phax: 254-295-4221
> 
> --
> October Webinars: Code for Performance
> Free Intel webinars can help you accelerate application performance.
> Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from 
> the latest Intel processors and coprocessors. See abstracts and register >
> http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.ne

Re: [PacketFence-users] PFDNS The saga continues

2013-10-09 Thread Stephen Wittstruck 
Hi again, Jake, Et al:

I'm sorry, I wasn't running 4.0.6-2, only 4.0.6-1 (not sure how that happened.)

Turns out the 4.0.6-2 GUI does stop the individual PF processes (at least the 3 
or 4 I tried.)  All processes would restart too except for PFDNS, at least 
according to the GUI and pfcmd; I had to reboot the server to recover PFDNS.  
I'm not a linux admin so don't know any tricks to confirm this except for the 
ps command, which I didn't try.

My apology for the bad info earlier.

Steve
CSM


On Sep 30, 2013, at 10:49 AM, Stephen Wittstruck  wrote:

> Hi Jake,
> 
> I'm running the exact same platform, i.e. OS and PF, though not in production 
> yet.
> 
> I couldn't get PFDNS to stop through the GUI.  Curiously I tried the others, 
> only PFDHCPLISTENER would stop by using the GUI; it would restart also.
> 
> Still curious I tried the command line "./pfcmd service pfdns stop" which 
> didn't work.  Restart stopped it, but it looks like a server reboot is needed 
> to restart it as nothing else is working (I haven't done this yet), including 
> the GUI.  Below is the terminal session text of these tests.
> 
> Maybe "./pfcmd service pfdns watch" is what you need?
> 
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns stop
> service|command
> pfdns|stop
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns status
> service|shouldBeStarted|pid
> pfdns|1|1573
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns   
> Usage: pfcmd service  [start|stop|restart|status|watch]
> 
> stop/stop/restart specified service
> status returns PID of specified PF daemon or 0 if not running
> watch acts as a service watcher which can send email/restart the services
> 
> Services managed by PacketFence:
>  dhcpd| dhcpd daemon
>  httpd.webservices| Apache Webservices
>  httpd.admin  | Apache Web admin
>  httpd.portal | Apache Captive Portal
>  pfdns| DNS daemon
>  pf   | all services that should be running based on your config
>  pfdetect | PF snort alert parser
>  pfdhcplistener   | PF DHCP monitoring daemon
>  pfmon| PF ARP monitoring daemon
>  pfsetvlan| PF VLAN isolation daemon
>  radiusd  | FreeRADIUS daemon
>  snmptrapd| SNMP trap receiver daemon
>  snort| Sourcefire Snort IDS
>  suricata | Suricata IDS
> 
> watch
> Watch performs services checks to make sure that everything is fine. It's
> behavior is controlled by servicewatch configuration parameters. watch is
> typically best called from cron with something like:
> */5 * * * * /usr/local/pf/bin/pfcmd service pf watch
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns watch
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns restart
> service|command
> config files|restart
> iptables|restart
> pfdns|restart
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns status
> service|shouldBeStarted|pid
> pfdns|1|0
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns restart
> service|command
> config files|restart
> iptables|restart
> pfdns|restart
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns status
> service|shouldBeStarted|pid
> pfdns|1|0
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns start 
> httpd.admin|already running
> Checking configuration sanity...
> service|command
> config files|start
> iptables|start
> pfdns|start
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns status
> service|shouldBeStarted|pid
> pfdns|1|0
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns status   (after waiting 10 or 
> 15 minutes)
> [sudo] password for swittstr: 
> service|shouldBeStarted|pid
> pfdns|1|0
> =
> 
> Steve
> CSM
> 
> 
> On Sep 30, 2013, at 9:57 AM, "Sallee, Stephen (Jake)" 
> wrote:
> 
>> Hello PacketFence Family!
>> 
>> I am running PF 4.0.6-2 on CentOS 6.4 fully updated.
>> 
>> I am still seeing an issue with PFNDS seemingly randomly crashing.  I would 
>> like to get some more information of the problem but since I cannot stare at 
>> a single terminal all day to see exactly what is happening I am looking for 
>> some kind of monitoring solution.
>> 
>> Ideally I would like to monitor the PFDNS process and take some actions if I 
>> see it fail, namely starting the bloody thing back up again as well as 
>> pulling all the logs for further dissection.
>> 
>> I can do this with some srcipt-fu but I was wondering of anyone out there 
>> already has something like this or knows of it, that way I can avoid 
>> reinventing the proverbial wheel.
>> 
>> Also,  I have noticed that the issue I reported some time ago where some PF 
>> services cannot be started from the webgui is still around for me.  Can 
>> anyone verify this?  Specifically, if PFDNS is stopped try starting it again 
>> using the butting in the services menu in the webgui.  For me it does not 
>> work, but I do not get an error banner as normal.  The service still says 
>> stopped though.]
>> 
>> As always, thank you

Re: [PacketFence-users] PFDNS The saga continues

2013-10-09 Thread Sallee, Stephen (Jake) 
>> I'm sorry, I wasn't running 4.0.6-2, only 4.0.6-1 (not sure how that 
>> happened.)

NP, thanks for the info.

I would still like to find the root cause of my PFDNS service crashing, but so 
far it has been pretty stable.

Right now I have no idea why it dies since it seems to fail completely silently.

So what do I do?  I wrote a Perl script that monitors the PFNDS service and 
pulls all the PF logs and the syslog from the server if it fails, I also have a 
rolling pcap running  that I can use to reconstruct all the DNS traffic from 
the last 10 min.  If the service stops the script gathers all the logs and the 
pcaps and tars it up for me, the it tries to restart the service.  If it is 
successful it just goes back to watching and waiting,  if not it bombs out.

Hopefully I will find something in the tarball when I have another incident.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor
900 College St.
Belton TX. 76513
Fone: 254-295-4658
Phax: 254-295-4221
HTTP://WWW.UMHB.EDU

-Original Message-
From: Stephen Wittstruck [mailto:switt...@mines.edu] 
Sent: Wednesday, October 09, 2013 10:55 AM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS The saga continues

Hi again, Jake, Et al:

I'm sorry, I wasn't running 4.0.6-2, only 4.0.6-1 (not sure how that happened.)

Turns out the 4.0.6-2 GUI does stop the individual PF processes (at least the 3 
or 4 I tried.)  All processes would restart too except for PFDNS, at least 
according to the GUI and pfcmd; I had to reboot the server to recover PFDNS.  
I'm not a linux admin so don't know any tricks to confirm this except for the 
ps command, which I didn't try.

My apology for the bad info earlier.

Steve
CSM


On Sep 30, 2013, at 10:49 AM, Stephen Wittstruck  wrote:

> Hi Jake,
> 
> I'm running the exact same platform, i.e. OS and PF, though not in production 
> yet.
> 
> I couldn't get PFDNS to stop through the GUI.  Curiously I tried the others, 
> only PFDHCPLISTENER would stop by using the GUI; it would restart also.
> 
> Still curious I tried the command line "./pfcmd service pfdns stop" which 
> didn't work.  Restart stopped it, but it looks like a server reboot is needed 
> to restart it as nothing else is working (I haven't done this yet), including 
> the GUI.  Below is the terminal session text of these tests.
> 
> Maybe "./pfcmd service pfdns watch" is what you need?
> 
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns stop
> service|command
> pfdns|stop
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns status
> service|shouldBeStarted|pid
> pfdns|1|1573
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns   
> Usage: pfcmd service  [start|stop|restart|status|watch]
> 
> stop/stop/restart specified service
> status returns PID of specified PF daemon or 0 if not running watch 
> acts as a service watcher which can send email/restart the services
> 
> Services managed by PacketFence:
>  dhcpd| dhcpd daemon
>  httpd.webservices| Apache Webservices
>  httpd.admin  | Apache Web admin
>  httpd.portal | Apache Captive Portal
>  pfdns| DNS daemon
>  pf   | all services that should be running based on your config
>  pfdetect | PF snort alert parser
>  pfdhcplistener   | PF DHCP monitoring daemon
>  pfmon| PF ARP monitoring daemon
>  pfsetvlan| PF VLAN isolation daemon
>  radiusd  | FreeRADIUS daemon
>  snmptrapd| SNMP trap receiver daemon
>  snort| Sourcefire Snort IDS
>  suricata | Suricata IDS
> 
> watch
> Watch performs services checks to make sure that everything is fine. 
> It's behavior is controlled by servicewatch configuration parameters. 
> watch is typically best called from cron with something like:
> */5 * * * * /usr/local/pf/bin/pfcmd service pf watch
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns watch
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns restart
> service|command
> config files|restart
> iptables|restart
> pfdns|restart
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns status
> service|shouldBeStarted|pid
> pfdns|1|0
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns restart
> service|command
> config files|restart
> iptables|restart
> pfdns|restart
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns status
> service|shouldBeStarted|pid
> pfdns|1|0
> 
> [swittstr@nac-dev bin]$ ./pfcmd service pfdns start 
> httpd.admin|already running Checking configuration sanity...
> service|command
> config files|start
> iptables|start
> pfdns|start
> 
> [swittstr@nac-dev b

Re: [PacketFence-users] PFDNS The saga continues

2013-12-06 Thread Stephen Wittstruck 
Hi Jake,

Just curious is you know of any news from Inverse regarding the DNS abend issue 
you found?  I pretty much put my pilot on hold for this issue.

Steve
CSM


On Oct 9, 2013, at 2:40 PM, Sallee, Stephen (Jake)  wrote:

>>> I'm sorry, I wasn't running 4.0.6-2, only 4.0.6-1 (not sure how that 
>>> happened.)
> 
> NP, thanks for the info.
> 
> I would still like to find the root cause of my PFDNS service crashing, but 
> so far it has been pretty stable.
> 
> Right now I have no idea why it dies since it seems to fail completely 
> silently.
> 
> So what do I do?  I wrote a Perl script that monitors the PFNDS service and 
> pulls all the PF logs and the syslog from the server if it fails, I also have 
> a rolling pcap running  that I can use to reconstruct all the DNS traffic 
> from the last 10 min.  If the service stops the script gathers all the logs 
> and the pcaps and tars it up for me, the it tries to restart the service.  If 
> it is successful it just goes back to watching and waiting,  if not it bombs 
> out.
> 
> Hopefully I will find something in the tarball when I have another incident.
> 
> Jake Sallee
> Godfather of Bandwidth
> System Engineer
> University of Mary Hardin-Baylor
> 900 College St.
> Belton TX. 76513
> Fone: 254-295-4658
> Phax: 254-295-4221
> HTTP://WWW.UMHB.EDU
> 
> -Original Message-
> From: Stephen Wittstruck [mailto:switt...@mines.edu] 
> Sent: Wednesday, October 09, 2013 10:55 AM
> To: packetfence-users@lists.sourceforge.net
> Subject: Re: [PacketFence-users] PFDNS The saga continues
> 
> Hi again, Jake, Et al:
> 
> I'm sorry, I wasn't running 4.0.6-2, only 4.0.6-1 (not sure how that 
> happened.)
> 
> Turns out the 4.0.6-2 GUI does stop the individual PF processes (at least the 
> 3 or 4 I tried.)  All processes would restart too except for PFDNS, at least 
> according to the GUI and pfcmd; I had to reboot the server to recover PFDNS.  
> I'm not a linux admin so don't know any tricks to confirm this except for the 
> ps command, which I didn't try.
> 
> My apology for the bad info earlier.
> 
> Steve
> CSM
> 
> 
> On Sep 30, 2013, at 10:49 AM, Stephen Wittstruck  wrote:
> 
>> Hi Jake,
>> 
>> I'm running the exact same platform, i.e. OS and PF, though not in 
>> production yet.
>> 
>> I couldn't get PFDNS to stop through the GUI.  Curiously I tried the others, 
>> only PFDHCPLISTENER would stop by using the GUI; it would restart also.
>> 
>> Still curious I tried the command line "./pfcmd service pfdns stop" which 
>> didn't work.  Restart stopped it, but it looks like a server reboot is 
>> needed to restart it as nothing else is working (I haven't done this yet), 
>> including the GUI.  Below is the terminal session text of these tests.
>> 
>> Maybe "./pfcmd service pfdns watch" is what you need?
>> 
>> 
>> [swittstr@nac-dev bin]$ ./pfcmd service pfdns stop
>> service|command
>> pfdns|stop
>> 
>> [swittstr@nac-dev bin]$ ./pfcmd service pfdns status
>> service|shouldBeStarted|pid
>> pfdns|1|1573
>> 
>> [swittstr@nac-dev bin]$ ./pfcmd service pfdns   
>> Usage: pfcmd service  [start|stop|restart|status|watch]
>> 
>> stop/stop/restart specified service
>> status returns PID of specified PF daemon or 0 if not running watch 
>> acts as a service watcher which can send email/restart the services
>> 
>> Services managed by PacketFence:
>> dhcpd| dhcpd daemon
>> httpd.webservices| Apache Webservices
>> httpd.admin  | Apache Web admin
>> httpd.portal | Apache Captive Portal
>> pfdns| DNS daemon
>> pf   | all services that should be running based on your config
>> pfdetect | PF snort alert parser
>> pfdhcplistener   | PF DHCP monitoring daemon
>> pfmon| PF ARP monitoring daemon
>> pfsetvlan| PF VLAN isolation daemon
>> radiusd  | FreeRADIUS daemon
>> snmptrapd| SNMP trap receiver daemon
>> snort| Sourcefire Snort IDS
>> suricata | Suricata IDS
>> 
>> watch
>> Watch performs services checks to make sure that everything is fine. 
>> It's behavior is controlled by servicewatch configuration parameters. 
>> watch is typically best called from cron with something like:
>> */5 * * * * /usr/local/pf/bin/pfcmd service pf watch
>> 
>> [swittstr@nac-dev bin]$ ./pfcmd service pfdns watch
>> 
>> [swittstr@nac-dev bin]$ ./pfcmd service

Re: [PacketFence-users] PFDNS The saga continues

2013-12-09 Thread Sallee, Stephen (Jake) 
Sorry for the lapse in my communications.  I wear a lot of hats around my 
office and sometimes things get shoved by the way-side.

I would have posted to the list sooner but the Perl script is working too 
blasted well and my attention was directed away from this issue for a while.

I apologize if my lack of communication has caused anyone any issues.

I do, however, have some developments that I can share.

I believe that the cause of the PFDNS crashing could be related to the system 
clock as was suggested before by another user.  I will be looking into a way to 
better track my system clock to verify this, but the trouble is that the 
crashes seem to happen so randomly except for one thing.  The last three 
crashes I had happened on Nov 17 3:34am, Dec 1 3:26am, Dec 8 3:39am.  

All the crashes have been ~3:30am, it may be that is when PF is doing its log 
rotations, compressions, etc. and the CPU may be getting taxed causing the 
system clock to drift outside  of some critical zone causing the DNSSec portion 
of PFDNS to crash.

I dont have any HARD evidence of this yet, but it seems likely.

Regardless, by checking the status of the PFDNS process one every 60 seconds 
and restarting it if it fails I have not had a single outage noticed by my 
users since I wrote the script. 

>> I pretty much put my pilot on hold for this issue.

Over all the PF product has been very stable and I would encourage you to 
continue on with your pilot.  Just keep an eye on your PF processes.

I can share my script if anyone is interested.  It is probably horrendously bad 
so if you are a more experienced Perl programmer feel free to make 
improvements, if you do please contribute them back.

I have some pressing matters to attend to at the moment or I would do a more 
through write-up but I will endeavour to assist anyone I can if you have any 
specific questions.


Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221


From: Stephen Wittstruck [switt...@mines.edu]
Sent: Friday, December 06, 2013 6:23 PM
To: Packetfence Users Digest
Subject: Re: [PacketFence-users] PFDNS The saga continues

Hi Jake,

Just curious is you know of any news from Inverse regarding the DNS abend issue 
you found?  I pretty much put my pilot on hold for this issue.

Steve
CSM


On Oct 9, 2013, at 2:40 PM, Sallee, Stephen (Jake)  wrote:

>>> I'm sorry, I wasn't running 4.0.6-2, only 4.0.6-1 (not sure how that 
>>> happened.)
>
> NP, thanks for the info.
>
> I would still like to find the root cause of my PFDNS service crashing, but 
> so far it has been pretty stable.
>
> Right now I have no idea why it dies since it seems to fail completely 
> silently.
>
> So what do I do?  I wrote a Perl script that monitors the PFNDS service and 
> pulls all the PF logs and the syslog from the server if it fails, I also have 
> a rolling pcap running  that I can use to reconstruct all the DNS traffic 
> from the last 10 min.  If the service stops the script gathers all the logs 
> and the pcaps and tars it up for me, the it tries to restart the service.  If 
> it is successful it just goes back to watching and waiting,  if not it bombs 
> out.
>
> Hopefully I will find something in the tarball when I have another incident.
>
> Jake Sallee
> Godfather of Bandwidth
> System Engineer
> University of Mary Hardin-Baylor
> 900 College St.
> Belton TX. 76513
> Fone: 254-295-4658
> Phax: 254-295-4221
> HTTP://WWW.UMHB.EDU
>
> -Original Message-
> From: Stephen Wittstruck [mailto:switt...@mines.edu]
> Sent: Wednesday, October 09, 2013 10:55 AM
> To: packetfence-users@lists.sourceforge.net
> Subject: Re: [PacketFence-users] PFDNS The saga continues
>
> Hi again, Jake, Et al:
>
> I'm sorry, I wasn't running 4.0.6-2, only 4.0.6-1 (not sure how that 
> happened.)
>
> Turns out the 4.0.6-2 GUI does stop the individual PF processes (at least the 
> 3 or 4 I tried.)  All processes would restart too except for PFDNS, at least 
> according to the GUI and pfcmd; I had to reboot the server to recover PFDNS.  
> I'm not a linux admin so don't know any tricks to confirm this except for the 
> ps command, which I didn't try.
>
> My apology for the bad info earlier.
>
> Steve
> CSM
>
>
> On Sep 30, 2013, at 10:49 AM, Stephen Wittstruck  wrote:
>
>> Hi Jake,
>>
>> I'm running the exact same platform, i.e. OS and PF, though not in 
>> production yet.
>>
>> I couldn't get PFDNS to stop through the GUI.  Curiously I tried the others, 
>> only PFDHCPLISTENER would stop by using the GUI; it would restart also.
>>
>> Still curious I tried the command line

Re: [PacketFence-users] PFDNS The saga continues

2013-12-10 Thread Stephen Wittstruck 
Thanks Jake.

No problem at all.

I've put my PF tests on hold several times for months at a time for the same 
multi hat reasons you have, so postponing our pilot wasn't anything new for us 
;-}.

I missed the system clock suggestion.

Thanks again.  I appreciate your regular posts.
Steve, CSM


On Dec 9, 2013, at 8:20 AM, Sallee, Stephen (Jake)  wrote:

> Sorry for the lapse in my communications.  I wear a lot of hats around my 
> office and sometimes things get shoved by the way-side.
> 
> I would have posted to the list sooner but the Perl script is working too 
> blasted well and my attention was directed away from this issue for a while.
> 
> I apologize if my lack of communication has caused anyone any issues.
> 
> I do, however, have some developments that I can share.
> 
> I believe that the cause of the PFDNS crashing could be related to the system 
> clock as was suggested before by another user.  I will be looking into a way 
> to better track my system clock to verify this, but the trouble is that the 
> crashes seem to happen so randomly except for one thing.  The last three 
> crashes I had happened on Nov 17 3:34am, Dec 1 3:26am, Dec 8 3:39am.  
> 
> All the crashes have been ~3:30am, it may be that is when PF is doing its log 
> rotations, compressions, etc. and the CPU may be getting taxed causing the 
> system clock to drift outside  of some critical zone causing the DNSSec 
> portion of PFDNS to crash.
> 
> I dont have any HARD evidence of this yet, but it seems likely.
> 
> Regardless, by checking the status of the PFDNS process one every 60 seconds 
> and restarting it if it fails I have not had a single outage noticed by my 
> users since I wrote the script. 
> 
>>> I pretty much put my pilot on hold for this issue.
> 
> Over all the PF product has been very stable and I would encourage you to 
> continue on with your pilot.  Just keep an eye on your PF processes.
> 
> I can share my script if anyone is interested.  It is probably horrendously 
> bad so if you are a more experienced Perl programmer feel free to make 
> improvements, if you do please contribute them back.
> 
> I have some pressing matters to attend to at the moment or I would do a more 
> through write-up but I will endeavour to assist anyone I can if you have any 
> specific questions.
> 
> 
> Jake Sallee
> Godfather of Bandwidth
> System Engineer
> University of Mary Hardin-Baylor
> 
> 900 College St.
> Belton, Texas
> 76513
> 
> Fone: 254-295-4658
> Phax: 254-295-4221
> 
> ________
> From: Stephen Wittstruck [switt...@mines.edu]
> Sent: Friday, December 06, 2013 6:23 PM
> To: Packetfence Users Digest
> Subject: Re: [PacketFence-users] PFDNS The saga continues
> 
> Hi Jake,
> 
> Just curious is you know of any news from Inverse regarding the DNS abend 
> issue you found?  I pretty much put my pilot on hold for this issue.
> 
> Steve
> CSM
> 
> 
> On Oct 9, 2013, at 2:40 PM, Sallee, Stephen (Jake)  
> wrote:
> 
>>>> I'm sorry, I wasn't running 4.0.6-2, only 4.0.6-1 (not sure how that 
>>>> happened.)
>> 
>> NP, thanks for the info.
>> 
>> I would still like to find the root cause of my PFDNS service crashing, but 
>> so far it has been pretty stable.
>> 
>> Right now I have no idea why it dies since it seems to fail completely 
>> silently.
>> 
>> So what do I do?  I wrote a Perl script that monitors the PFNDS service and 
>> pulls all the PF logs and the syslog from the server if it fails, I also 
>> have a rolling pcap running  that I can use to reconstruct all the DNS 
>> traffic from the last 10 min.  If the service stops the script gathers all 
>> the logs and the pcaps and tars it up for me, the it tries to restart the 
>> service.  If it is successful it just goes back to watching and waiting,  if 
>> not it bombs out.
>> 
>> Hopefully I will find something in the tarball when I have another incident.
>> 
>> Jake Sallee
>> Godfather of Bandwidth
>> System Engineer
>> University of Mary Hardin-Baylor
>> 900 College St.
>> Belton TX. 76513
>> Fone: 254-295-4658
>> Phax: 254-295-4221
>> HTTP://WWW.UMHB.EDU
>> 
>> -Original Message-
>> From: Stephen Wittstruck [mailto:switt...@mines.edu]
>> Sent: Wednesday, October 09, 2013 10:55 AM
>> To: packetfence-users@lists.sourceforge.net
>> Subject: Re: [PacketFence-users] PFDNS The saga continues
>> 
>> Hi again, Jake, Et al:
>> 
>> I'm sorry, I wasn't running 4.0.6-2, only 4.0.6-1 (not sure how that 
>> happened.)
>&g

Re: [PacketFence-users] PFDNS The saga continues

2013-12-11 Thread Arthur Emerson III 
On Dec 9, 2013, at 10:20 AM, Sallee, Stephen (Jake)  
wrote:
> 
> All the crashes have been ~3:30am, it may be that is when PF is doing its log 
> rotations, compressions, etc. and the CPU may be getting taxed causing the 
> system clock to drift outside  of some critical zone causing the DNSSec 
> portion of PFDNS to crash.

Silly question - did you check to see if oom-killer needed to free RAM
during the log rotate process, and decided that PF's DNS daemon was
going to be the victim?

If you have PF running on a VM, I guess that you could throw some
more RAM at it and see if it fails again.  Then again, it is the end
of the semester, and this may only be a placebo fix if the real cause
is network load or a rogue client that will soon be gone for a month
or so...

-Arthur

-
Arthur Emerson III Email:  emer...@msmc.edu
Network Administrator  InterNIC:   AE81
Mount Saint Mary College   MaBell: (845) 561-0800 Ext. 3109
330 Powell Ave.Fax:(845) 562-6762
Newburgh, NY  12550SneakerNet: Aquinas Hall Room 11


--
Rapidly troubleshoot problems before they affect your business. Most IT 
organizations don't have a clear picture of how application performance 
affects their revenue. With AppDynamics, you get 100% visibility into your 
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PFDNS The saga continues

2013-12-11 Thread Sallee, Stephen (Jake) 
> Silly question - did you check to see if oom-killer needed to free RAM
during the log rotate process, and decided that PF's DNS daemon was
going to be the victim?

Not a silly question at all!  The only problem is ... I have no idea what 
oom-killer is.  But a google search show me I have some new reading to do : ).

I can say that I have 32GB of RAM and this is not a virtualized box.

I will be looking into this, but I welcome any input anyone may have that may 
shed more light on this.


Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221


From: Arthur Emerson III [arthur.emer...@msmc.edu]
Sent: Wednesday, December 11, 2013 8:04 AM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS The saga continues

On Dec 9, 2013, at 10:20 AM, Sallee, Stephen (Jake)  
wrote:
>
> All the crashes have been ~3:30am, it may be that is when PF is doing its log 
> rotations, compressions, etc. and the CPU may be getting taxed causing the 
> system clock to drift outside  of some critical zone causing the DNSSec 
> portion of PFDNS to crash.

Silly question - did you check to see if oom-killer needed to free RAM
during the log rotate process, and decided that PF's DNS daemon was
going to be the victim?

If you have PF running on a VM, I guess that you could throw some
more RAM at it and see if it fails again.  Then again, it is the end
of the semester, and this may only be a placebo fix if the real cause
is network load or a rogue client that will soon be gone for a month
or so...

-Arthur

-
Arthur Emerson III Email:  emer...@msmc.edu
Network Administrator  InterNIC:   AE81
Mount Saint Mary College   MaBell: (845) 561-0800 Ext. 3109
330 Powell Ave.Fax:(845) 562-6762
Newburgh, NY  12550SneakerNet: Aquinas Hall Room 11


--
Rapidly troubleshoot problems before they affect your business. Most IT
organizations don't have a clear picture of how application performance
affects their revenue. With AppDynamics, you get 100% visibility into your
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

--
Rapidly troubleshoot problems before they affect your business. Most IT 
organizations don't have a clear picture of how application performance 
affects their revenue. With AppDynamics, you get 100% visibility into your 
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PFDNS The saga continues

2013-12-12 Thread Jason Frisvold 
Sallee, Stephen (Jake) wrote:
> Not a silly question at all!  The only problem is ... I have no idea what 
> oom-killer is.  But a google search show me I have some new reading to do : ).
> 
> I can say that I have 32GB of RAM and this is not a virtualized box.
> 
> I will be looking into this, but I welcome any input anyone may have that may 
> shed more light on this.

With 32G of RAM, I doubt you're running into memory issues..  Unless
this is one of those "all-in-one" boxes...  :)

It might be worth using something like cacti or mrtg to monitor the
memory on that box via SNMP or something.  If oom-killer is running and
killing off memory hungry processes, it's pretty apparent in the graphs.

> Jake Sallee

-- 
---
Jason 'XenoPhage' Frisvold
xenoph...@godshell.com
---

"Any sufficiently advanced magic is indistinguishable from technology.\"
- Niven's Inverse of Clarke's Third Law

--
Rapidly troubleshoot problems before they affect your business. Most IT 
organizations don't have a clear picture of how application performance 
affects their revenue. With AppDynamics, you get 100% visibility into your 
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PFDNS The saga continues

2013-12-12 Thread Louis Munro 
Hi Jake,

While it's not a solution to the root cause of this problem (which seems to be 
uncommon and hard to reproduce), changing the logrotate configuration to 
"copytruncate" instead of restarting would probably make this go away.

That change is part of PF 4.1 by default now, as it seems better not to restart 
services unnecessarily.

Regards,
--
Louis Munro
lmu...@inverse.ca  ::  www.inverse.ca 
+1.514.447.4918 *125  :: +1 (866) 353-6153 
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)

On 2013-12-11, at 16:20 , "Sallee, Stephen (Jake)"  wrote:

>> Silly question - did you check to see if oom-killer needed to free RAM
> during the log rotate process, and decided that PF's DNS daemon was
> going to be the victim?
> 
> Not a silly question at all!  The only problem is ... I have no idea what 
> oom-killer is.  But a google search show me I have some new reading to do : ).
> 
> I can say that I have 32GB of RAM and this is not a virtualized box.
> 
> I will be looking into this, but I welcome any input anyone may have that may 
> shed more light on this.
> 
> 
> Jake Sallee
> Godfather of Bandwidth
> System Engineer
> University of Mary Hardin-Baylor
> 
> 900 College St.
> Belton, Texas
> 76513
> 
> Fone: 254-295-4658
> Phax: 254-295-4221
> 
> 
> From: Arthur Emerson III [arthur.emer...@msmc.edu]
> Sent: Wednesday, December 11, 2013 8:04 AM
> To: packetfence-users@lists.sourceforge.net
> Subject: Re: [PacketFence-users] PFDNS The saga continues
> 
> On Dec 9, 2013, at 10:20 AM, Sallee, Stephen (Jake)  
> wrote:
>> 
>> All the crashes have been ~3:30am, it may be that is when PF is doing its 
>> log rotations, compressions, etc. and the CPU may be getting taxed causing 
>> the system clock to drift outside  of some critical zone causing the DNSSec 
>> portion of PFDNS to crash.
> 
> Silly question - did you check to see if oom-killer needed to free RAM
> during the log rotate process, and decided that PF's DNS daemon was
> going to be the victim?
> 
> If you have PF running on a VM, I guess that you could throw some
> more RAM at it and see if it fails again.  Then again, it is the end
> of the semester, and this may only be a placebo fix if the real cause
> is network load or a rogue client that will soon be gone for a month
> or so...
> 
> -Arthur
> 
> -
> Arthur Emerson III Email:  emer...@msmc.edu
> Network Administrator  InterNIC:   AE81
> Mount Saint Mary College   MaBell: (845) 561-0800 Ext. 3109
> 330 Powell Ave.Fax:(845) 562-6762
> Newburgh, NY  12550SneakerNet: Aquinas Hall Room 11
> 
> 
> --
> Rapidly troubleshoot problems before they affect your business. Most IT
> organizations don't have a clear picture of how application performance
> affects their revenue. With AppDynamics, you get 100% visibility into your
> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
> http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
> 
> --
> Rapidly troubleshoot problems before they affect your business. Most IT 
> organizations don't have a clear picture of how application performance 
> affects their revenue. With AppDynamics, you get 100% visibility into your 
> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
> http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users

--
Rapidly troubleshoot problems before they affect your business. Most IT 
organizations don't have a clear picture of how application performance 
affects their revenue. With AppDynamics, you get 100% visibility into your 
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PFDns will not start

2020-01-05 Thread Durand fabrice via PacketFence-users 

Hello Steve,

just stop DNSMasq.

Regards

Fabrice


Le 20-01-03 à 23 h 22, Steve Stone via PacketFence-users a écrit :


New to packetfence.  Installing it on Centos 7 and follow all 
suggestion in  guide but when I get to start packetfence PFDNS will 
not start.  I check pfdns.log and it states: listen tcp :53: bind: 
address already in use.  I check and DNSMasq Is using that port.  What 
should be done to help resolve this?


Thank you,

Steve Stone



___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] PFDNS crashing every few seconds HELP!

2013-08-25 Thread Sallee, Stephen (Jake) 
Fellow PF users, I am in need of your assistance!

My production PF box is having the pfdns service crash every few seconds.

I am working on getting some pcaps to see if it is network based but I cannot 
find anything on the logs. It seems to be failing completely silently.

I would appreciate any assistance you can offer.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221

--
Introducing Performance Central, a new site from SourceForge and 
AppDynamics. Performance Central is your source for news, insights, 
analysis and resources for efficient Application Performance Management. 
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

2013-08-25 Thread Sallee, Stephen (Jake) 
Crap, sorry.  Forgot:

PF v 4.0.5-2
CentOS 6.4

perl-Net-DNS-0.65-4.el6.x86_64
perl-Net-DNS-Nameserver-0.65-4.el6.x86_64

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221


From: Sallee, Stephen (Jake) [jake.sal...@umhb.edu]
Sent: Sunday, August 25, 2013 11:06 AM
To: packetfence-users@lists.sourceforge.net
Subject: [PacketFence-users] PFDNS crashing every few seconds HELP!

Fellow PF users, I am in need of your assistance!

My production PF box is having the pfdns service crash every few seconds.

I am working on getting some pcaps to see if it is network based but I cannot 
find anything on the logs. It seems to be failing completely silently.

I would appreciate any assistance you can offer.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221

--
Introducing Performance Central, a new site from SourceForge and
AppDynamics. Performance Central is your source for news, insights,
analysis and resources for efficient Application Performance Management.
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

--
Introducing Performance Central, a new site from SourceForge and 
AppDynamics. Performance Central is your source for news, insights, 
analysis and resources for efficient Application Performance Management. 
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

2013-08-25 Thread Ludovic Marcotte 
Upgrade perl net dns to the latest version from our repo.

"Sallee, Stephen (Jake)"  wrote:
>Crap, sorry.  Forgot:
>
>PF v 4.0.5-2
>CentOS 6.4
>
>perl-Net-DNS-0.65-4.el6.x86_64
>perl-Net-DNS-Nameserver-0.65-4.el6.x86_64
>
>Jake Sallee
>Godfather of Bandwidth
>System Engineer
>University of Mary Hardin-Baylor
>
>900 College St.
>Belton, Texas
>76513
>
>Fone: 254-295-4658
>Phax: 254-295-4221
>
>
>From: Sallee, Stephen (Jake) [jake.sal...@umhb.edu]
>Sent: Sunday, August 25, 2013 11:06 AM
>To: packetfence-users@lists.sourceforge.net
>Subject: [PacketFence-users] PFDNS crashing every few seconds HELP!
>
>Fellow PF users, I am in need of your assistance!
>
>My production PF box is having the pfdns service crash every few
>seconds.
>
>I am working on getting some pcaps to see if it is network based but I
>cannot find anything on the logs. It seems to be failing completely
>silently.
>
>I would appreciate any assistance you can offer.
>
>Jake Sallee
>Godfather of Bandwidth
>System Engineer
>University of Mary Hardin-Baylor
>
>900 College St.
>Belton, Texas
>76513
>
>Fone: 254-295-4658
>Phax: 254-295-4221
>
>--
>Introducing Performance Central, a new site from SourceForge and
>AppDynamics. Performance Central is your source for news, insights,
>analysis and resources for efficient Application Performance
>Management.
>Visit us today!
>http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
>___
>PacketFence-users mailing list
>PacketFence-users@lists.sourceforge.net
>https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>--
>Introducing Performance Central, a new site from SourceForge and 
>AppDynamics. Performance Central is your source for news, insights, 
>analysis and resources for efficient Application Performance
>Management. 
>Visit us today!
>http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
>___
>PacketFence-users mailing list
>PacketFence-users@lists.sourceforge.net
>https://lists.sourceforge.net/lists/listinfo/packetfence-users

-- 
Sent from my phone. Please excuse my brevity.--
Introducing Performance Central, a new site from SourceForge and 
AppDynamics. Performance Central is your source for news, insights, 
analysis and resources for efficient Application Performance Management. 
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

2013-08-25 Thread Sallee, Stephen (Jake) 
Ludovic!

I am so glad to hear from you!  Thank you for taking the time to respond.

I am getting the dependency issue when I include perl-Net-DNS in my yum update.

--
Error: Package: packetfence-4.0.5-2.el6.noarch (@PacketFence)
   Requires: perl(Net::DNS) = 0.65-4
   Removing: perl-Net-DNS-0.65-4.el6.x86_64 (@base)
   perl(Net::DNS) = 0.65
   Updated By: perl-Net-DNS-0.66-1.of.el6.x86_64 (of)
   perl(Net::DNS) = 0.66
 You could try using --skip-broken to work around the problem
 You could try running: rpm -Va --nofiles --nodigest
-

So I'm looking into that.  However I found something interesting.  One of my 
registration clients is sending a strange DNS query and every time pfdns sees 
it, it crashes.

The query is exactly:

ng="utf-8".umhb.edu

I blocked that IP from sending queries to PF and the service hasn't crashed 
since.

I have tried to send this query to my test server to see if I can replicate the 
behavior but I need to edit the pcap to make it go to the test server.

I can send you a link to DL the pcap if you are interested in looking at it.

Also, any idea on the dependency issue is most welcome too : )

Thank you again.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221

From: Ludovic Marcotte [lmarco...@inverse.ca]
Sent: Sunday, August 25, 2013 11:38 AM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

Upgrade perl net dns to the latest version from our repo.

"Sallee, Stephen (Jake)"  wrote:

Crap, sorry.  Forgot:

PF v 4.0.5-2
CentOS 6.4

perl-Net-DNS-0.65-4.el6.x86_64
perl-Net-DNS-Nameserver-0.65-4.el6.x86_64

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221



From: Sallee, Stephen (Jake) [jake.sal...@umhb.edu]
Sent: Sunday, August 25, 2013 11:06 AM
To: packetfence-users@lists.sourceforge.net
Subject: [PacketFence-users] PFDNS crashing every few seconds HELP!

Fellow PF users, I am in need of your assistance!

My production PF box is having the pfdns service crash every few seconds.

I am working on getting some pcaps to see if it is network based but I cannot 
find anything on the logs. It seems to be failing completely silently.

I would appreciate any assistance you ca
 n
offer.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221



Introducing Performance Central, a new site from SourceForge and
AppDynamics. Performance Central is your source for news, insights,
analysis and resources for efficient Application Performance Management.
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk


PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users



Introducing Performance Central, a new site from SourceForge a
 nd
AppDynamics. Performance Central is your source for news, insights,
analysis and resources for efficient Application Performance Management.
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk


PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

--
Sent from my phone. Please excuse my brevity.

--
Introducing Performance Central, a new site from SourceForge and 
AppDynamics. Performance Central is your source for news, insights, 
analysis and resources for efficient Application Performance Management. 
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

2013-08-25 Thread Ludovic Marcotte 
Search the archives this has been answered before. It is a bug in a perl module 
on which packetfence depends.

"Sallee, Stephen (Jake)"  wrote:
>Ludovic!
>
>I am so glad to hear from you!  Thank you for taking the time to
>respond.
>
>I am getting the dependency issue when I include perl-Net-DNS in my yum
>update.
>
>--
>Error: Package: packetfence-4.0.5-2.el6.noarch (@PacketFence)
>   Requires: perl(Net::DNS) = 0.65-4
>   Removing: perl-Net-DNS-0.65-4.el6.x86_64 (@base)
>   perl(Net::DNS) = 0.65
>   Updated By: perl-Net-DNS-0.66-1.of.el6.x86_64 (of)
>   perl(Net::DNS) = 0.66
> You could try using --skip-broken to work around the problem
> You could try running: rpm -Va --nofiles --nodigest
>-
>
>So I'm looking into that.  However I found something interesting.  One
>of my registration clients is sending a strange DNS query and every
>time pfdns sees it, it crashes.
>
>The query is exactly:
>
>ng="utf-8".umhb.edu
>
>I blocked that IP from sending queries to PF and the service hasn't
>crashed since.
>
>I have tried to send this query to my test server to see if I can
>replicate the behavior but I need to edit the pcap to make it go to the
>test server.
>
>I can send you a link to DL the pcap if you are interested in looking
>at it.
>
>Also, any idea on the dependency issue is most welcome too : )
>
>Thank you again.
>
>Jake Sallee
>Godfather of Bandwidth
>System Engineer
>University of Mary Hardin-Baylor
>
>900 College St.
>Belton, Texas
>76513
>
>Fone: 254-295-4658
>Phax: 254-295-4221
>________
>From: Ludovic Marcotte [lmarco...@inverse.ca]
>Sent: Sunday, August 25, 2013 11:38 AM
>To: packetfence-users@lists.sourceforge.net
>Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP!
>
>Upgrade perl net dns to the latest version from our repo.
>
>"Sallee, Stephen (Jake)"  wrote:
>
>Crap, sorry.  Forgot:
>
>PF v 4.0.5-2
>CentOS 6.4
>
>perl-Net-DNS-0.65-4.el6.x86_64
>perl-Net-DNS-Nameserver-0.65-4.el6.x86_64
>
>Jake Sallee
>Godfather of Bandwidth
>System Engineer
>University of Mary Hardin-Baylor
>
>900 College St.
>Belton, Texas
>76513
>
>Fone: 254-295-4658
>Phax: 254-295-4221
>
>
>
>From: Sallee, Stephen (Jake) [jake.sal...@umhb.edu]
>Sent: Sunday, August 25, 2013 11:06 AM
>To: packetfence-users@lists.sourceforge.net
>Subject: [PacketFence-users] PFDNS crashing every few seconds HELP!
>
>Fellow PF users, I am in need of your assistance!
>
>My production PF box is having the pfdns service crash every few
>seconds.
>
>I am working on getting some pcaps to see if it is network based but I
>cannot find anything on the logs. It seems to be failing completely
>silently.
>
>I would appreciate any assistance you ca
> n
>offer.
>
>Jake Sallee
>Godfather of Bandwidth
>System Engineer
>University of Mary Hardin-Baylor
>
>900 College St.
>Belton, Texas
>76513
>
>Fone: 254-295-4658
>Phax: 254-295-4221
>
>
>
>Introducing Performance Central, a new site from SourceForge and
>AppDynamics. Performance Central is your source for news, insights,
>analysis and resources for efficient Application Performance
>Management.
>Visit us today!
>http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
>
>
>PacketFence-users mailing list
>PacketFence-users@lists.sourceforge.net
>https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
>
>Introducing Performance Central, a new site from SourceForge a
> nd
>AppDynamics. Performance Central is your source for news, insights,
>analysis and resources for efficient Application Performance
>Management.
>Visit us today!
>http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
>
>
>PacketFence-users mailing list
>PacketFence-users@lists.sourceforge.net
>https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>--
>Sent from my phone. Please excuse my brevity.
>
>--
>Introducing Performance Central, a new site from SourceForge and 
>AppDynamics. Performance Central is your source for news, insights, 
>analysis and resources for efficient Application Performance
>Management. 
>Visit us today!
>http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
>_

Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

2013-08-25 Thread Sallee, Stephen (Jake) 
I did search the archives.

The fix then was to install version 0.65 which is what I have installed.

See here:

http://sourceforge.net/mailarchive/forum.php?thread_name=51EDCE5F.4010006%40godshell.com&forum_name=packetfence-users

I have also searched through the files in the PF repo and I do not see a 
perl-Net-DNS package.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221

From: Ludovic Marcotte [lmarco...@inverse.ca]
Sent: Sunday, August 25, 2013 12:13 PM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

Search the archives this has been answered before. It is a bug in a perl module 
on which packetfence depends.

"Sallee, Stephen (Jake)"  wrote:

Ludovic!

I am so glad to hear from you!  Thank you for taking the time to respond.

I am getting the dependency issue when I include perl-Net-DNS in my yum update.

--
Error: Package: packetfence-4.0.5-2.el6.noarch (@PacketFence)
Requires: perl(Net::DNS) = 0.65-4
Removing: perl-Net-DNS-0.65-4.el6.x86_64 (@base)
perl(Net::DNS) = 0.65
Updated By: perl-Net-DNS-0.66-1.of.el6.x86_64 (of)
perl(Net::DNS) = 0.66
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest
-

So I'm looking into that.  However I found something interesting.  One of my 
registration clients is sending a strange DNS query and every time pfdns sees 
it, it crashes.

The query is exactly:

ng="utf-8".umhb.edu<http://umhb.edu>

I blocked that IP from send
 ing
queries to PF and the service hasn't crashed since.

I have tried to send this query to my test server to see if I can replicate the 
behavior but I need to edit the pcap to make it go to the test server.

I can send you a link to DL the pcap if you are interested in looking at it.

Also, any idea on the dependency issue is most welcome too : )

Thank you again.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221


From: Ludovic Marcotte [lmarco...@inverse.ca]
Sent: Sunday, August 25, 2013 11:38 AM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

Upgrade perl net dns to the latest version from our repo.

"Sallee, Stephen (Jake)" 
 ;
wrote:

Crap, sorry.  Forgot:

PF v 4.0.5-2
CentOS 6.4

perl-Net-DNS-0.65-4.el6.x86_64
perl-Net-DNS-Nameserver-0.65-4.el6.x86_64

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221




From: Sallee, Stephen (Jake) [jake.sal...@umhb.edu]
Sent: Sunday, August 25, 2013 11:06 AM
To: packetfence-users@lists.sourceforge.net
Subject: [PacketFence-users] PFDNS crashing every few seconds HELP!

Fellow PF users, I am in need of your assistance!

My production PF box is having the pfdns service crash every few seconds.

I am working on getting some pcaps to see if it is network based but I cannot 
find anything on the logs. It seems to be failing completely silently.

I would appreciate any assistance yo
 u ca
n
offer.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221




Introducing Performance Central, a new site from SourceForge and
AppDynamics. Performance Central is your source for news, insights,
analysis and resources for efficient Application Performance Management.
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk



PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users




Introducing Performance Central, a
 new
site from SourceForge a
nd
AppDynamics. Performance Central is your source for news, insights,
analysis and resources for efficient Application Performance Management.
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk



PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

--
Sent from my phone. Please excuse my brevity.



Introducing Performance Central, a new site from SourceForge and
AppDynamics. Performance Central is your source for news, insights,
analysis and resources for efficient Application Performance Management.
Visit us today!
http://pubads.g.d

Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

2013-08-25 Thread Sallee, Stephen (Jake) 
Sorry, stupid HTML mail clients.

> ng="utf-8".umhb.edu<http://umhb.edu>

should be:

ng="utf-8".umhb.edu

Please ignore the extra HTML garbage on the end.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221


From: Sallee, Stephen (Jake) [jake.sal...@umhb.edu]
Sent: Sunday, August 25, 2013 12:26 PM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

I did search the archives.

The fix then was to install version 0.65 which is what I have installed.

See here:

http://sourceforge.net/mailarchive/forum.php?thread_name=51EDCE5F.4010006%40godshell.com&forum_name=packetfence-users

I have also searched through the files in the PF repo and I do not see a 
perl-Net-DNS package.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221

From: Ludovic Marcotte [lmarco...@inverse.ca]
Sent: Sunday, August 25, 2013 12:13 PM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

Search the archives this has been answered before. It is a bug in a perl module 
on which packetfence depends.

"Sallee, Stephen (Jake)"  wrote:

Ludovic!

I am so glad to hear from you!  Thank you for taking the time to respond.

I am getting the dependency issue when I include perl-Net-DNS in my yum update.

--
Error: Package: packetfence-4.0.5-2.el6.noarch (@PacketFence)
Requires: perl(Net::DNS) = 0.65-4
Removing: perl-Net-DNS-0.65-4.el6.x86_64 (@base)
perl(Net::DNS) = 0.65
Updated By: perl-Net-DNS-0.66-1.of.el6.x86_64 (of)
perl(Net::DNS) = 0.66
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest
-

So I'm looking into that.  However I found something interesting.  One of my 
registration clients is sending a strange DNS query and every time pfdns sees 
it, it crashes.

The query is exactly:

ng="utf-8".umhb.edu<http://umhb.edu>

I blocked that IP from send
 ing
queries to PF and the service hasn't crashed since.

I have tried to send this query to my test server to see if I can replicate the 
behavior but I need to edit the pcap to make it go to the test server.

I can send you a link to DL the pcap if you are interested in looking at it.

Also, any idea on the dependency issue is most welcome too : )

Thank you again.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221


From: Ludovic Marcotte [lmarco...@inverse.ca]
Sent: Sunday, August 25, 2013 11:38 AM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

Upgrade perl net dns to the latest version from our repo.

"Sallee, Stephen (Jake)" 
 ;
wrote:

Crap, sorry.  Forgot:

PF v 4.0.5-2
CentOS 6.4

perl-Net-DNS-0.65-4.el6.x86_64
perl-Net-DNS-Nameserver-0.65-4.el6.x86_64

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221




From: Sallee, Stephen (Jake) [jake.sal...@umhb.edu]
Sent: Sunday, August 25, 2013 11:06 AM
To: packetfence-users@lists.sourceforge.net
Subject: [PacketFence-users] PFDNS crashing every few seconds HELP!

Fellow PF users, I am in need of your assistance!

My production PF box is having the pfdns service crash every few seconds.

I am working on getting some pcaps to see if it is network based but I cannot 
find anything on the logs. It seems to be failing completely silently.

I would appreciate any assistance yo
 u ca
n
offer.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221




Introducing Performance Central, a new site from SourceForge and
AppDynamics. Performance Central is your source for news, insights,
analysis and resources for efficient Application Performance Management.
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk



PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users




Introducing Performance Central, a
 new
site from SourceForge a
nd
AppDynamics. Performance Central is your source for news, insights,
analysis and resources for efficient Application Performance Management.
Visit us

[PacketFence-users] PFDNS not listening on IPV4 - New Install

2020-08-12 Thread Jeff Goodman via PacketFence-users 
I have a fresh install on CentOS 7, PF 10.1.  I configured the management 
interface and added a second interface (eth1) with registration / isolation 
vlans.  This is a routed network scenario.  I also updated via pf-maint.pl

Tried adding dns to the registration vlan and restarting pfdns and pfdhcp and 
then even rebooting.  PFDNS listens on IPV6 but not on IPV4.

[root@nac conf]# netstat -anp | grep :53
tcp6   0  0 :::53   :::*LISTEN  
2335/pfdns
udp6   0  0 :::53   :::*
2335/pfdns

PFDNS.log
Aug 12 11:15:44 nac pfdns: .:54
Aug 12 11:15:44 nac pfdns: .:53
Aug 12 11:15:44 nac pfdns: 2020/08/12 11:15:44 [INFO] CoreDNS-0.9.9
Aug 12 11:15:44 nac pfdns: 2020/08/12 11:15:44 [INFO] linux/amd64, go1.13.1,
Aug 12 11:15:44 nac pfdns: CoreDNS-0.9.9
Aug 12 11:15:44 nac pfdns: linux/amd64, go1.13.1,
Aug 12 15:08:28 nac pfdns: 2020/08/12 15:08:28 [INFO] SIGTERM: Terminating 
process
Aug 12 15:08:30 nac pfdns: Using configuration set log level: INFO
Aug 12 15:08:30 nac pfdns: Using configuration set processname: pfdns
Aug 12 15:08:30 nac pfdns: Using configuration set log level: INFO
Aug 12 15:08:30 nac pfdns: Using configuration set processname: pfdns
Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
msg="Adding struct with address 0x170 to the pool" pid=49719
Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
msg="Resource is not valid anymore. Was loaded at 0001-01-01 00:00:00 + 
UTC" pid=49719
Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
msg="Adding struct with address 0x1444660 to the pool" pid=49719
Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
msg="Resource is not valid anymore. Was loaded at 0001-01-01 00:00:00 + 
UTC" pid=49719
Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
msg="Refreshing pfconfig pool" pid=49719
Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
msg="Acquired lock for pfconfig pool" pid=49719
Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
msg="Refresh got lock ID" pid=49719 LOG15_ERROR= LOG15_ERROR="Normalized odd 
number of arguments by adding$
Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
msg="Finished refresh of pfconfig pool" pid=49719
Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
msg="Refresh is releasing lock ID" pid=49719 LOG15_ERROR= 
LOG15_ERROR="Normalized odd number of arguments $
Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
msg="Adding struct with address 0x1444870 to the pool" pid=49719
Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
msg="Resource is not valid anymore. Was loaded at 0001-01-01 00:00:00 + 
UTC" pid=49719
Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
msg="Adding struct with address 0x1444870 to the pool" pid=49719
Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
msg="Resource is not valid anymore. Was loaded at 0001-01-01 00:00:00 + 
UTC" pid=49719
Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
msg="Resource is not valid anymore. Was loaded at 0001-01-01 00:00:00 + 
UTC" pid=49719
Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
msg="Resource is not valid anymore. Was loaded at 0001-01-01 00:00:00 + 
UTC" pid=49719

networks.conf
[172.16.93.0]
dns=172.16.93.2
gateway=172.16.93.2
domain-name=vlan-isolation.packetfence.org
pool_backend=memory
named=enabled
dhcp_end=172.16.93.246
netmask=255.255.255.0
split_network=disabled
netflow_accounting_enabled=disabled
dhcp_start=172.16.93.10
nat_enabled=disabled
dhcp_max_lease_time=30
fake_mac_enabled=disabled
dhcpd=disabled
type=vlan-isolation
dhcp_default_lease_time=30
coa=disabled

[172.16.120.0]
network=172.16.120.0
dns=172.16.92.2
next_hop=172.16.92.1
gateway=172.16.120.1
domain-name=vlan-registration.packetfence.org
pool_backend=memory
named=enabled
netmask=255.255.255.0
dhcp_end=172.16.120.200
algorithm=1
dhcp_start=172.16.120.10
dhcp_max_lease_time=60
dhcpd=enabled
fake_mac_enabled=disabled
type=vlan-registration
dhcp_default_lease_time=60


pf.conf
//interface eth1.92 is the registration portal interface.  I set it to 
registration and added portal and dns daemons.
//Network 172.16.120.0 is my routed registration network.

[advanced]
# advanced.configurator
#
# Enable the Configurator and the Configurator API
configurator=disabled

[interface eth0]
ip=172.16.91.2
type=management,portal,radius
mask=255.255.255.0

[interface eth1.92]
ip=172.16.92.2
type=other,dns,portal
mask=255.255.255.0

[interface eth1.93]
enforcement=vlan
ip=172.16.93.2
type=internal
mask=255.255.255.0

Thank you..

Jeff


___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lis

Re: [PacketFence-users] PFDNS crashing every few seconds HELP! [UPDATE]

2013-08-25 Thread Sallee, Stephen (Jake) 
Ok!

I believe this was caused by a malformed DNS query.  I have a few pcaps that 
show the server working perfectly until a specific query comes in and then 
pfdns crashes.

One of my users has a Blackberry Playbook tablet that is doing some officially 
strange DNS stuff.

The tablet sends a query for: ng="utf-8".umhb.edu

The "umhb.edu" bit is being appended via my DHCP scope applying the search 
domain so we know where that is coming from.  But why the tablet would be 
looking for ng="utf-8" I do not know.

However it looks to be 100% repeatable to cause the daemon to crash when it 
sees this query.

For now I have blocked access to the network for the offending client and the 
daemon is up and stable.

I tried to reproduce this in my testbed and could not get pfdns to crash, but 
this could be caused by the test I am running not wanting to send malformed 
queries to begin with.  Dig, nslookup, even dnsperf could not replicate the 
behavior, but the instant this query comes in from this client, pfdns stops.

Are there any other tools I should try?  Could someone verify this?

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221


From: Sallee, Stephen (Jake) [jake.sal...@umhb.edu]
Sent: Sunday, August 25, 2013 12:31 PM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

Sorry, stupid HTML mail clients.

> ng="utf-8".umhb.edu<http://umhb.edu>

should be:

ng="utf-8".umhb.edu

Please ignore the extra HTML garbage on the end.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221


From: Sallee, Stephen (Jake) [jake.sal...@umhb.edu]
Sent: Sunday, August 25, 2013 12:26 PM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

I did search the archives.

The fix then was to install version 0.65 which is what I have installed.

See here:

http://sourceforge.net/mailarchive/forum.php?thread_name=51EDCE5F.4010006%40godshell.com&forum_name=packetfence-users

I have also searched through the files in the PF repo and I do not see a 
perl-Net-DNS package.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221

From: Ludovic Marcotte [lmarco...@inverse.ca]
Sent: Sunday, August 25, 2013 12:13 PM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

Search the archives this has been answered before. It is a bug in a perl module 
on which packetfence depends.

"Sallee, Stephen (Jake)"  wrote:

Ludovic!

I am so glad to hear from you!  Thank you for taking the time to respond.

I am getting the dependency issue when I include perl-Net-DNS in my yum update.

--
Error: Package: packetfence-4.0.5-2.el6.noarch (@PacketFence)
Requires: perl(Net::DNS) = 0.65-4
Removing: perl-Net-DNS-0.65-4.el6.x86_64 (@base)
perl(Net::DNS) = 0.65
Updated By: perl-Net-DNS-0.66-1.of.el6.x86_64 (of)
perl(Net::DNS) = 0.66
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest
-

So I'm looking into that.  However I found something interesting.  One of my 
registration clients is sending a strange DNS query and every time pfdns sees 
it, it crashes.

The query is exactly:

ng="utf-8".umhb.edu<http://umhb.edu>

I blocked that IP from send
 ing
queries to PF and the service hasn't crashed since.

I have tried to send this query to my test server to see if I can replicate the 
behavior but I need to edit the pcap to make it go to the test server.

I can send you a link to DL the pcap if you are interested in looking at it.

Also, any idea on the dependency issue is most welcome too : )

Thank you again.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221


From: Ludovic Marcotte [lmarco...@inverse.ca]
Sent: Sunday, August 25, 2013 11:38 AM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

Upgrade perl net dns to the latest version from our repo.

"Sallee, Stephen (Jake)" 
 ;
wrote:

Crap, sorry.  Forgot:

PF v 4.0.5-2
CentOS 6.4

perl-Net-DNS-0.65-4.el6.x86_64
perl-Net-DNS-Nameserver-0.65-4.el6.x86_64

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4

Re: [PacketFence-users] PFDNS crashing every few seconds HELP! [UPDATE]

2013-08-26 Thread Johannes Lavre 
I struggeled with unstable pfdns myself turned out ntp was not working. Im 
running centos 6.4 and packetfence 4.0.5-2

-Opprinnelig melding-
Fra: Sallee, Stephen (Jake) [mailto:jake.sal...@umhb.edu] 
Sendt: 25. august 2013 21:50
Til: packetfence-users@lists.sourceforge.net
Emne: Re: [PacketFence-users] PFDNS crashing every few seconds HELP! [UPDATE]

Ok!

I believe this was caused by a malformed DNS query.  I have a few pcaps that 
show the server working perfectly until a specific query comes in and then 
pfdns crashes.

One of my users has a Blackberry Playbook tablet that is doing some officially 
strange DNS stuff.

The tablet sends a query for: ng="utf-8".umhb.edu

The "umhb.edu" bit is being appended via my DHCP scope applying the search 
domain so we know where that is coming from.  But why the tablet would be 
looking for ng="utf-8" I do not know.

However it looks to be 100% repeatable to cause the daemon to crash when it 
sees this query.

For now I have blocked access to the network for the offending client and the 
daemon is up and stable.

I tried to reproduce this in my testbed and could not get pfdns to crash, but 
this could be caused by the test I am running not wanting to send malformed 
queries to begin with.  Dig, nslookup, even dnsperf could not replicate the 
behavior, but the instant this query comes in from this client, pfdns stops.

Are there any other tools I should try?  Could someone verify this?

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221


From: Sallee, Stephen (Jake) [jake.sal...@umhb.edu]
Sent: Sunday, August 25, 2013 12:31 PM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

Sorry, stupid HTML mail clients.

> ng="utf-8".umhb.edu<http://umhb.edu>

should be:

ng="utf-8".umhb.edu

Please ignore the extra HTML garbage on the end.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221


From: Sallee, Stephen (Jake) [jake.sal...@umhb.edu]
Sent: Sunday, August 25, 2013 12:26 PM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

I did search the archives.

The fix then was to install version 0.65 which is what I have installed.

See here:

http://sourceforge.net/mailarchive/forum.php?thread_name=51EDCE5F.4010006%40godshell.com&forum_name=packetfence-users

I have also searched through the files in the PF repo and I do not see a 
perl-Net-DNS package.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221

From: Ludovic Marcotte [lmarco...@inverse.ca]
Sent: Sunday, August 25, 2013 12:13 PM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

Search the archives this has been answered before. It is a bug in a perl module 
on which packetfence depends.

"Sallee, Stephen (Jake)"  wrote:

Ludovic!

I am so glad to hear from you!  Thank you for taking the time to respond.

I am getting the dependency issue when I include perl-Net-DNS in my yum update.

--
Error: Package: packetfence-4.0.5-2.el6.noarch (@PacketFence)
Requires: perl(Net::DNS) = 0.65-4
Removing: perl-Net-DNS-0.65-4.el6.x86_64 (@base)
perl(Net::DNS) = 0.65
Updated By: perl-Net-DNS-0.66-1.of.el6.x86_64 (of)
perl(Net::DNS) = 0.66
You could try using --skip-broken to work around the problem You could try 
running: rpm -Va --nofiles --nodigest
-

So I'm looking into that.  However I found something interesting.  One of my 
registration clients is sending a strange DNS query and every time pfdns sees 
it, it crashes.

The query is exactly:

ng="utf-8".umhb.edu<http://umhb.edu>

I blocked that IP from send
 ing
queries to PF and the service hasn't crashed since.

I have tried to send this query to my test server to see if I can replicate the 
behavior but I need to edit the pcap to make it go to the test server.

I can send you a link to DL the pcap if you are interested in looking at it.

Also, any idea on the dependency issue is most welcome too : )

Thank you again.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221


From: Ludovic Marcotte [lmarco...@inverse.ca]
Sent: Sunday, August 25, 2013 11:38 AM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

U

Re: [PacketFence-users] PFDNS crashing every few seconds HELP! [UPDATE]

2013-08-26 Thread Sallee, Stephen (Jake) 
> I struggeled with unstable pfdns myself turned out ntp was not working. Im 
> running centos 6.4 and packetfence 4.0.5-2

Strange. I wonder why ntp would effect pfdns ... I double checked and 
everything seems right, thanks for the heads of though.

Anyone been able to see if a malformed query is able to crash pfdns?

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor
900 College St.
Belton TX. 76513
Fone: 254-295-4658
Phax: 254-295-4221
HTTP://WWW.UMHB.EDU

-Original Message-
From: Johannes Lavre [mailto:johann...@vfk.no] 
Sent: Monday, August 26, 2013 1:40 AM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP! [UPDATE]

I struggeled with unstable pfdns myself turned out ntp was not working. Im 
running centos 6.4 and packetfence 4.0.5-2

-Opprinnelig melding-
Fra: Sallee, Stephen (Jake) [mailto:jake.sal...@umhb.edu]
Sendt: 25. august 2013 21:50
Til: packetfence-users@lists.sourceforge.net
Emne: Re: [PacketFence-users] PFDNS crashing every few seconds HELP! [UPDATE]

Ok!

I believe this was caused by a malformed DNS query.  I have a few pcaps that 
show the server working perfectly until a specific query comes in and then 
pfdns crashes.

One of my users has a Blackberry Playbook tablet that is doing some officially 
strange DNS stuff.

The tablet sends a query for: ng="utf-8".umhb.edu

The "umhb.edu" bit is being appended via my DHCP scope applying the search 
domain so we know where that is coming from.  But why the tablet would be 
looking for ng="utf-8" I do not know.

However it looks to be 100% repeatable to cause the daemon to crash when it 
sees this query.

For now I have blocked access to the network for the offending client and the 
daemon is up and stable.

I tried to reproduce this in my testbed and could not get pfdns to crash, but 
this could be caused by the test I am running not wanting to send malformed 
queries to begin with.  Dig, nslookup, even dnsperf could not replicate the 
behavior, but the instant this query comes in from this client, pfdns stops.

Are there any other tools I should try?  Could someone verify this?

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221


From: Sallee, Stephen (Jake) [jake.sal...@umhb.edu]
Sent: Sunday, August 25, 2013 12:31 PM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

Sorry, stupid HTML mail clients.

> ng="utf-8".umhb.edu<http://umhb.edu>

should be:

ng="utf-8".umhb.edu

Please ignore the extra HTML garbage on the end.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221


From: Sallee, Stephen (Jake) [jake.sal...@umhb.edu]
Sent: Sunday, August 25, 2013 12:26 PM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

I did search the archives.

The fix then was to install version 0.65 which is what I have installed.

See here:

http://sourceforge.net/mailarchive/forum.php?thread_name=51EDCE5F.4010006%40godshell.com&forum_name=packetfence-users

I have also searched through the files in the PF repo and I do not see a 
perl-Net-DNS package.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221

From: Ludovic Marcotte [lmarco...@inverse.ca]
Sent: Sunday, August 25, 2013 12:13 PM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP!

Search the archives this has been answered before. It is a bug in a perl module 
on which packetfence depends.

"Sallee, Stephen (Jake)"  wrote:

Ludovic!

I am so glad to hear from you!  Thank you for taking the time to respond.

I am getting the dependency issue when I include perl-Net-DNS in my yum update.

--
Error: Package: packetfence-4.0.5-2.el6.noarch (@PacketFence)
Requires: perl(Net::DNS) = 0.65-4
Removing: perl-Net-DNS-0.65-4.el6.x86_64 (@base)
perl(Net::DNS) = 0.65
Updated By: perl-Net-DNS-0.66-1.of.el6.x86_64 (of)
perl(Net::DNS) = 0.66
You could try using --skip-broken to work around the problem You could try 
running: rpm -Va --nofiles --nodigest
-

So I'm looking into that.  However I found something interesting.  One of my 
registration clients is sending a strange DNS query and every time pfdns sees 
it, it crashes.

The query is exactly:

ng="utf-8".umhb.edu<http://umhb.edu>

I blocked that IP from send
 ing
queries to PF and the servic

Re: [PacketFence-users] PFDNS crashing every few seconds HELP! [UPDATE]

2013-08-26 Thread Jason Frisvold 
Sallee, Stephen (Jake) wrote:
>> I struggeled with unstable pfdns myself turned out ntp was not working. Im 
>> running centos 6.4 and packetfence 4.0.5-2
> 
> Strange. I wonder why ntp would effect pfdns ... I double checked and 
> everything seems right, thanks for the heads of though.
> 
> Anyone been able to see if a malformed query is able to crash pfdns?

How are you re-creating the query?  I'm not able to get this to crash
using host via the CLI..

> Jake Sallee


-- 
---
Jason 'XenoPhage' Frisvold
xenoph...@godshell.com
---

"Any sufficiently advanced magic is indistinguishable from technology.\"
- Niven's Inverse of Clarke's Third Law

--
Introducing Performance Central, a new site from SourceForge and 
AppDynamics. Performance Central is your source for news, insights, 
analysis and resources for efficient Application Performance Management. 
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PFDNS crashing every few seconds HELP! [UPDATE]

2013-08-26 Thread Arthur Emerson III 
"Sallee, Stephen (Jake)"  wrote:
>
>Strange. I wonder why ntp would effect pfdns ... I double checked and
>everything seems right, thanks for the heads of though.

DNSSEC requires an accurate time reference, per ISC and Bind9.
Does pfdns have DNSSEC support (or unused DNSSEC code) in it?
Just grasping at straws to see if this explains the problem
you're seeing...

-Arthur

-
Arthur Emerson III Email:  emer...@msmc.edu
Network Administrator  InterNIC:   AE81
Mount Saint Mary College   MaBell: (845) 561-0800 Ext. 3109
330 Powell Ave.Fax:(845) 562-6762
Newburgh, NY  12550SneakerNet: Aquinas Hall Room 11


--
Introducing Performance Central, a new site from SourceForge and 
AppDynamics. Performance Central is your source for news, insights, 
analysis and resources for efficient Application Performance Management. 
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PFDNS crashing every few seconds HELP! [UPDATE]

2013-08-26 Thread Sallee, Stephen (Jake) 
> How are you re-creating the query?  I'm not able to get this to crash using 
> host via the CLI..

I tried dig, nslookup, and dnsperf.  But I could not get it to crash.

I was trying to replay one of my pcaps against it but I ran out of time before 
I had to move on to another issue (not PF related).

I can look at my pcap (making sure there is no sensitive info) and post it to 
the list if you guys would want to look at it.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor
900 College St.
Belton TX. 76513
Fone: 254-295-4658
Phax: 254-295-4221
HTTP://WWW.UMHB.EDU

-Original Message-
From: Jason Frisvold [mailto:xenoph...@godshell.com] 
Sent: Monday, August 26, 2013 1:00 PM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PFDNS crashing every few seconds HELP! [UPDATE]

Sallee, Stephen (Jake) wrote:
>> I struggeled with unstable pfdns myself turned out ntp was not 
>> working. Im running centos 6.4 and packetfence 4.0.5-2
> 
> Strange. I wonder why ntp would effect pfdns ... I double checked and 
> everything seems right, thanks for the heads of though.
> 
> Anyone been able to see if a malformed query is able to crash pfdns?

How are you re-creating the query?  I'm not able to get this to crash using 
host via the CLI..

> Jake Sallee


--
---
Jason 'XenoPhage' Frisvold
xenoph...@godshell.com
---

"Any sufficiently advanced magic is indistinguishable from technology.\"
- Niven's Inverse of Clarke's Third Law

--
Introducing Performance Central, a new site from SourceForge and AppDynamics. 
Performance Central is your source for news, insights, analysis and resources 
for efficient Application Performance Management. 
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

--
Introducing Performance Central, a new site from SourceForge and 
AppDynamics. Performance Central is your source for news, insights, 
analysis and resources for efficient Application Performance Management. 
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PFDNS not listening on IPV4 - New Install

2020-08-13 Thread Ludovic Zammit via PacketFence-users 
Hello Jeff,

Change your registration interface from:

[interface eth1.92]
ip=172.16.92.2
type=other,dns,portal
mask=255.255.255.0

to

[interface eth1.92]
ip=172.16.92.2
enforcement=vlan
type=internal
mask=255.255.255.0

/usr/local/pf/bin/pfcmd configreload hard

/usr/local/pf/bin/pfcmd service pf restart

Check again.

The dns + portal are native with the registration type in the interface.

Thanks,

Ludovic Zammit
lzam...@inverse.ca  ::  +1.514.447.4918 (x145) ::  
www.inverse.ca 
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu ) 
and PacketFence (http://packetfence.org ) 




> On Aug 13, 2020, at 7:05 AM, Jeff Goodman via PacketFence-users 
>  wrote:
> 
> I have a fresh install on CentOS 7, PF 10.1.  I configured the management 
> interface and added a second interface (eth1) with registration / isolation 
> vlans.  This is a routed network scenario.  I also updated via pf-maint.pl
> 
> Tried adding dns to the registration vlan and restarting pfdns and pfdhcp and 
> then even rebooting.  PFDNS listens on IPV6 but not on IPV4.
> 
> [root@nac conf]# netstat -anp | grep :53
> tcp6   0  0 :::53   :::*LISTEN
>   2335/pfdns
> udp6   0  0 :::53   :::*  
>   2335/pfdns
> 
> PFDNS.log
> Aug 12 11:15:44 nac pfdns: .:54
> Aug 12 11:15:44 nac pfdns: .:53
> Aug 12 11:15:44 nac pfdns: 2020/08/12 11:15:44 [INFO] CoreDNS-0.9.9
> Aug 12 11:15:44 nac pfdns: 2020/08/12 11:15:44 [INFO] linux/amd64, go1.13.1,
> Aug 12 11:15:44 nac pfdns: CoreDNS-0.9.9
> Aug 12 11:15:44 nac pfdns: linux/amd64, go1.13.1,
> Aug 12 15:08:28 nac pfdns: 2020/08/12 15:08:28 [INFO] SIGTERM: Terminating 
> process
> Aug 12 15:08:30 nac pfdns: Using configuration set log level: INFO
> Aug 12 15:08:30 nac pfdns: Using configuration set processname: pfdns
> Aug 12 15:08:30 nac pfdns: Using configuration set log level: INFO
> Aug 12 15:08:30 nac pfdns: Using configuration set processname: pfdns
> Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
> msg="Adding struct with address 0x170 to the pool" pid=49719
> Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
> msg="Resource is not valid anymore. Was loaded at 0001-01-01 00:00:00 + 
> UTC" pid=49719
> Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
> msg="Adding struct with address 0x1444660 to the pool" pid=49719
> Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
> msg="Resource is not valid anymore. Was loaded at 0001-01-01 00:00:00 + 
> UTC" pid=49719
> Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
> msg="Refreshing pfconfig pool" pid=49719
> Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
> msg="Acquired lock for pfconfig pool" pid=49719
> Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
> msg="Refresh got lock ID" pid=49719 LOG15_ERROR= LOG15_ERROR="Normalized odd 
> number of arguments by adding$
> Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
> msg="Finished refresh of pfconfig pool" pid=49719
> Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
> msg="Refresh is releasing lock ID" pid=49719 LOG15_ERROR= 
> LOG15_ERROR="Normalized odd number of arguments $
> Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
> msg="Adding struct with address 0x1444870 to the pool" pid=49719
> Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
> msg="Resource is not valid anymore. Was loaded at 0001-01-01 00:00:00 + 
> UTC" pid=49719
> Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
> msg="Adding struct with address 0x1444870 to the pool" pid=49719
> Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
> msg="Resource is not valid anymore. Was loaded at 0001-01-01 00:00:00 + 
> UTC" pid=49719
> Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
> msg="Resource is not valid anymore. Was loaded at 0001-01-01 00:00:00 + 
> UTC" pid=49719
> Aug 12 15:08:30 nac pfdns[49719]: t=2020-08-12T15:08:30-0500 lvl=dbug 
> msg="Resource is not valid anymore. Was loaded at 0001-01-01 00:00:00 + 
> UTC" pid=49719
> 
> networks.conf
> [172.16.93.0]
> dns=172.16.93.2
> gateway=172.16.93.2
> domain-name=vlan-isolation.packetfence.org
> pool_backend=memory
> named=enabled
> dhcp_end=172.16.93.246
> netmask=255.255.255.0
> split_network=disabled
> netflow_accounting_enabled=disabled
> dhcp_start=172.16.93.10
> nat_enabled=disabled
> dhcp_max_lease_time=30
> fake_mac_enabled=disabled
> dhcpd=disabled
> type=vlan-isolation
> dhcp_default_lease_time=30
> coa=disabled
> 
> [172.16.120.0]
> network=172.16.120.0
> dns=172.16.92.2
> next_hop=172.16.92.1
> gateway=172.16.120.1
> domain-name=vlan-registration.packetfe