View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1870 | [PacketFence] web admin | minor | always | 2015-03-03 13:44 | 2015-03-04 15:05 |
|
|||||
Reporter: | ae3 | Platform: | Linux | ||
Assigned To: | lmunro | OS: | RHEL / CentOS | ||
Priority: | low | OS Version: | 6 | ||
Status: | confirmed | Product Version: | 4.5.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Web admin page for switches has phantom second page | ||||
Description: |
(This applies to PF 4.6.1, which isn't in the picklist yet.) When PF has exactly 25 switches defined, the web admin switches page adds footer links for a second page of switches. Advancing to page 2 displays a blank space where switches should be listed, along with a button to add another switch. Deleting a switch (switch count 24) properly displays only one page again. |
||||
Steps To Reproduce: | Create exactly 25 switches in PF 4.6.1, look at bottom of screen for link to second page. | ||||
Additional Information: |
I realize that this is mostly cosmetic, but figured that I should report it since I just spotted the problem. |
||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1826 | [PacketFence] IDS | crash | sometimes | 2014-09-26 02:30 | 2015-03-04 12:11 |
|
|||||
Reporter: | irish.cadague | Platform: | Linux | ||
Assigned To: | lmunro | OS: | RHEL / CentOS | ||
Priority: | high | OS Version: | 6 | ||
Status: | resolved | Product Version: | 4.2.2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Snort suddenly not starting but after a variable spelling change, it works. | ||||
Description: |
Snort suddenly not working after a packetfence service restart. On /var/log/messages, it shows that it has a problem on a variable $DNS_SERVERS and When I run the cat /var/log/messages and got FATAL Error on snort as shown below: Sep 25 13:00:05 spfcn01 snort[26763]: FATAL ERROR: /usr/local/pf/conf/snort/emerging-trojan.rules(143) Undefined variable in the string: $DNS_SERVERS. and the I run cat /usr/local/pf/conf/snort.conf and edit the: var DNS_SERVERS [%%dnsservers%%] and changed to: var DNS_SERVERS [%%dns_servers%%] and then restarted again the packetfence and the result, snort service is now running. |
||||
Steps To Reproduce: | I think a constant restart of PAcketfence service. | ||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
for PF.JPG (96,434) 2014-09-26 02:30 https://www.packetfence.org/bugs/file_download.php?file_id=217&type=bug |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1829 | [PacketFence] doc | minor | always | 2014-10-08 09:51 | 2015-03-04 12:10 |
|
|||||
Reporter: | ae3 | Platform: | All | ||
Assigned To: | lmunro | OS: | All | ||
Priority: | normal | OS Version: | All | ||
Status: | acknowledged | Product Version: | 4.4.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Admin Guide 4.4.0 clarification on paper pages 31-32 | ||||
Description: |
On paper pages 31-32 (PDF pages 35-36), there seems to be confusion in the sample command line text boxes: For Centos/RHEL: (box) # usermod -a -G wbpriv pf (/box) Finally, start winbind, and test the setup using ntlm_auth and radtest: (box) # service winbind start # chkconfig --level 345 winbind on (/box) For Debian and Ubuntu: (box) # usermod -a -G winbindd_priv pf # ntlm_auth --username myDomainUser # radtest -t mschap -x myDomainUser myDomainPassword localhost:18120 12 testing123 Sending Access-Request of id 108 to 127.0.0.1 port 18120 User-Name = "myDomainUser" NAS-IP-Address = 10.0.0.1 NAS-Port = 12 Message-Authenticator = 0x00000000000000000000000000000000 MS-CHAP-Challenge = 0x79d62c9da4e55104 MS-CHAP-Response = 0x000100000000000000000000000000000000000000000000000091c843b420f0dec4228ed2f26bff07d5e49ad9a2974229e5 rad_recv: Access-Accept packet from host 127.0.0.1 port 18120, id=108, length=20 (/box) When following this through for CentOS/RHEL, you do not do the ntlm_auth or radtest tests...since it is only in the Debian/Ubuntu textbox!!! ASSuming that the service and chkconfig work the same under Debian/Ubuntu (which I have personally never used), this order seems to make sense to me: For Centos/RHEL: (box) # usermod -a -G wbpriv pf (/box) For Debian and Ubuntu: (box) # usermod -a -G winbindd_priv pf (/box) Start winbind: (box) # service winbind start # chkconfig --level 345 winbind on (/box) Finally, test the setup using ntlm_auth and radtest: (box) # ntlm_auth --username myDomainUser # radtest -t mschap -x myDomainUser myDomainPassword localhost:18120 12 testing123 Sending Access-Request of id 108 to 127.0.0.1 port 18120 User-Name = "myDomainUser" NAS-IP-Address = 10.0.0.1 NAS-Port = 12 Message-Authenticator = 0x00000000000000000000000000000000 MS-CHAP-Challenge = 0x79d62c9da4e55104 MS-CHAP-Response = 0x000100000000000000000000000000000000000000000000000091c843b420f0dec4228ed2f26bff07d5e49ad9a2974229e5 rad_recv: Access-Accept packet from host 127.0.0.1 port 18120, id=108, length=20 (/box) |
||||
Steps To Reproduce: |
Open manual, bang head against wall. :-) |
||||
Additional Information: |
Maybe I'm mis-reading the page, but the suggested order above seems proper at least from the CentOS/RHEL perspective. |
||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1841 | [PacketFence] upstream | minor | have not tried | 2014-10-30 09:37 | 2015-03-04 12:05 |
|
|||||
Reporter: | dwuelfrath | Platform: | |||
Assigned To: | dwuelfrath | OS: | |||
Priority: | normal | OS Version: | |||
Status: | assigned | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Issue with Nessus and Net::Nessus::XMLRPC | ||||
Description: |
Some issues with Net::Nessus::XMLRPC upstream module may prevent Nessus scan succeed. Impacts: - Issue with SSL communication when a self-signed certificate is being used between PacketFence and the Nessus server (https) - Issue when trying to export the report Patch have been submitted but never merged. |
||||
Steps To Reproduce: | |||||
Additional Information: |
See the following bug: https://rt.cpan.org/Public/Bug/Display.html?id=78274 [^] Hi, i am using Net-Nessus-XMLRPC in the PacketFence project and i need nbe export. So i write the function to export in nbe format and in csv format too. For SSL i just add ssl_opts => { verify_hostname => 0 } to remove the SSL problem. Regards Fabrice Durand diff -ruN Net-Nessus-XMLRPC-0.30.ori/lib/Net/Nessus/XMLRPC.pm Net-Nessus-XMLRPC-0.30/lib/Net/Nessus/XMLRPC.pm --- Net-Nessus-XMLRPC-0.30.ori/lib/Net/Nessus/XMLRPC.pm 2010-05-21 12:16:45.000000000 -0400 +++ Net-Nessus-XMLRPC-0.30/lib/Net/Nessus/XMLRPC.pm 2012-07-09 10:09:53.795285182 -0400 @@ -126,10 +126,16 @@ =cut sub nessus_http_request { my ( $self, $uri, $post_data ) = @_; - my $ua = $self->{_ua}; - # my $ua = LWP::UserAgent->new; + #my $ua = $self->{_ua}; + my $ua = LWP::UserAgent->new(ssl_opts => { verify_hostname => 0 }); my $furl = $self->nurl.$uri; - my $r = POST $furl, $post_data; + my $r =''; + if (not defined($post_data)) { + $r = GET $furl; + } + else { + $r = POST $furl, $post_data; + } my $result = $ua->request($r); # my $filename="n-".time; open (FILE,">$filename"); # print FILE $result->as_string; close (FILE); @@ -941,6 +947,50 @@ return $file; } +=head2 report_filenbe_download ($report_id) + +returns NBE report identified by $report_id (Nessus NBE) +=cut +sub report_filenbe_download { + my ( $self, $uuid ) = @_; + + my $post=[ + "token" => $self->token, + "report" => $uuid, + ]; + + my $get = $self->nessus_http_request("file/xslt/?report=".$uuid."&xslt=nbe.xsl&token=".$self->token); + sleep 10; + if($get =~ /<meta http-equiv="refresh" content="5;url=\/(.*)"/) { + my $file = $self->nessus_http_request($1."&token=".$self->token."&step=2"); + return $file; + } + + return $get; +} + +=head2 report_filecsv_download ($report_id) + +returns CSV report identified by $report_id (Nessus CSV) +=cut +sub report_filecsv_download { + my ( $self, $uuid ) = @_; + + my $post=[ + "token" => $self->token, + "report" => $uuid, + ]; + + my $get = $self->nessus_http_request("file/xslt/?report=".$uuid."&xslt=csv.xsl&token=".$self->token); + sleep 10; + if($get =~ /<meta http-equiv="refresh" content="5;url=\/(.*)"/) { + my $file = $self->nessus_http_request($1."&token=".$self->token."&step=2"); + return $file; + } + + return $get; +} + =head2 report_delete ($report_id) delete report identified by $report_id |
||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1851 | [PacketFence] web admin | feature | always | 2015-01-13 10:05 | 2015-03-04 12:04 |
|
|||||
Reporter: | tristanrhodes | Platform: | All | ||
Assigned To: | lmunro | OS: | All | ||
Priority: | low | OS Version: | All | ||
Status: | acknowledged | Product Version: | 4.5.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | When creating "Routed Networks" provide default values for DHCP leases | ||||
Description: |
When creating a routed network, users are forced to specify DHCP lease times: Default Lease Time: Max Lease Time: Most people will have no idea what values are good for this, so please provide default values. If someone wants a different value, it is very simple to change. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1857 | [PacketFence] web admin | feature | always | 2015-01-13 12:16 | 2015-03-04 11:30 |
|
|||||
Reporter: | tristanrhodes | Platform: | All | ||
Assigned To: | lmunro | OS: | All | ||
Priority: | normal | OS Version: | All | ||
Status: | acknowledged | Product Version: | 4.5.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Add the ability to detect the switch type using SNMP | ||||
Description: |
Admins want a simple way to deploy Packetfence, with the least tweaking necessary to make it work. One way to accomplish this is to auto-detect the type of switch, based on SNMP response. (I believe this is similar to how "Uplink" and "VOIP" detection works.) Packetfence should send an snmpget of 1.3.6.1.2.1.1.2.0 to the switch. This will return the sysOID of the switch. This number can then be looked up in a table that maps sysOID to device type. (There are several open source tools like (www.nedi.ch) and Observium.org that already have this table.) Now Packetfence knows what kind of switch it is talking to, without required the admin to specify the type. http://www.alvestrand.no/objectid/1.3.6.1.2.1.1.2.html [^] |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1842 | [PacketFence] hardware modules | minor | always | 2014-11-04 11:47 | 2015-03-04 11:28 |
|
|||||
Reporter: | ae3 | Platform: | All | ||
Assigned To: | lmunro | OS: | All | ||
Priority: | normal | OS Version: | All | ||
Status: | acknowledged | Product Version: | 4.5.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Implement RADIUS de-authentication for Meru Wireless Controllers | ||||
Description: | Per a post to the PF-users list by Tim DeNike on 6 March 2014, Meru has added RADIUS de-auth to their firmware starting with System Director 5.3.x. He even posted sample code to use the feature, which I can't use since the directory structure appears to have changed with PF 4.5. Long story short, the existing module keeps telling us to pressure the vendor to implement RADUIS de-auth. We have done our part. Tag, you're it... :-) | ||||
Steps To Reproduce: | |||||
Additional Information: |
Tim's email to packetfence-users: Date: March 6, 2014 at 10:20:46 AM EST From: Tim DeNike <tim.denike@mcc.edu> To: "packetfence-users@lists.sourceforge.net" <packetfence-users@lists.sourceforge.net> Subject: Re: [PacketFence-users] Per SSID VLAN - Meru Networks Reply-To: <packetfence-users@lists.sourceforge.net> Actually, looking through the code, no patch will be required for MAC-based SSID evaluation, its already there and should work (It already does with 802.1x) We are on SD 5.3.xyz right now and RADIUS deauth does work. Drop this in a file called /usr/local/pf/lib/pf/SNMP/Meru/MC_MCC.pm Minus the cut lines obviously. In switch config, you'll have the option for Meru MC_MCC. It will do radius de-auths instead of the Telnet/SSH method. Much faster, much lighter weight. ^^^^^^^^^^^^^CUT^^^^^^^^^^^ package pf::SNMP::Meru::MC_MCC; =head1 NAME pf::SNMP::Meru::MC_MCC - Object oriented module to access MC series controllers =head1 SYNOPSIS Known to work with RADIUS deauth on System Director 5.3 =head1 STATUS =cut use strict; use warnings; use Log::Log4perl; use base ('pf::SNMP::Meru'); sub description { 'Meru MC_MCC' } sub deauthTechniques { my ($this, $method) = @_; my $logger = Log::Log4perl::get_logger( ref($this) ); my $default = $SNMP::RADIUS; my %tech = ( $SNMP::RADIUS => \&deauthenticateMacRadius, ); if (!defined($method) || !defined($tech{$method})) { $method = $default; } return $method,$tech{$method}; } sub deauthenticateMacRadius { my ( $self, $mac, $is_dot1x ) = @_; my $logger = Log::Log4perl::get_logger( ref($self) ); if ( !$self->isProductionMode() ) { $logger->info("not in production mode... we won't perform deauthentication"); return 1; } $logger->debug("deauthenticate $mac using RADIUS Disconnect-Request deauth method"); return $self->radiusDisconnect($mac); } =head1 AUTHOR Tim DeNike <tim.denike@mcc.edu> =cut 1; ^^^^^^^^^^^^^CUT^^^^^^^^^^^ |
||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1853 | [PacketFence] web admin | feature | always | 2015-01-13 10:25 | 2015-03-04 11:24 |
|
|||||
Reporter: | tristanrhodes | Platform: | |||
Assigned To: | lmunro | OS: | |||
Priority: | normal | OS Version: | |||
Status: | feedback | Product Version: | 4.5.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Provide the ability to view logs from the web interface | ||||
Description: |
Packetfence has some very useful log files, including "packetfence.log", "radius.log", and others. These files are very helpful in understanding what is happening with Packetfence. It would be very useful for users to be able to view these logs in the web interface. A static view of the file will provide this function. However, a real-time scrolling interface could really help admins understand exactly what happens when they plug in a port. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1858 | [PacketFence] web admin | feature | always | 2015-01-13 18:16 | 2015-03-04 11:20 |
|
|||||
Reporter: | tristanrhodes | Platform: | All | ||
Assigned To: | OS: | All | |||
Priority: | low | OS Version: | All | ||
Status: | acknowledged | Product Version: | 4.5.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Display description when adding Triggers to a Violation | ||||
Description: |
"Configuration > Violations > Add > Triggers" and "Configuration > Violations > Edit > Triggers" If the user clicks on the white-space, they currently get a pull-down list of all violations listed solely by violation ID. For example = Detect::2001664 For example = OS::6 Please add the description to this pull-down list. For example = Detect::2001664 "P2P (Gnutella)" For example = OS::6 "Gaming Consoles" These same descriptions should also be displayed when viewing configured "Triggers". I think it would make sense to have only one entry per line, and to use a scroll-bar if more lines are needed. Current = [OS::4] [OS::10] [Detect::1100006] [Detect::1100005] Proposed = [OS::4 "Routers and APs"] [OS::10 "Storage Devices] [Detect::1100006 "P2P Isolation (snort example)"] [Detect::1100005 "Browser isolation example"] Thanks! |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1856 | [PacketFence] web admin | feature | always | 2015-01-13 11:45 | 2015-03-04 11:20 |
|
|||||
Reporter: | tristanrhodes | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | acknowledged | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Add the ability to test switch credentials (SNMP/CLI/HTTP) from web interface | ||||
Description: |
When adding a switch ("Configuration > Switch") the admin wants to know if Packetfence can talk to the switch. Add the ability to test the credentials entered: SNMP CLI (SSH/TELNET) HTTP/HTTPS Provide this type of feedback to the admin: "Fail: No response from device" "Fail: Wrong username or password" "Success" |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1855 | [PacketFence] web admin | feature | always | 2015-01-13 11:29 | 2015-03-04 11:20 |
|
|||||
Reporter: | tristanrhodes | Platform: | |||
Assigned To: | OS: | ||||
Priority: | low | OS Version: | |||
Status: | acknowledged | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | When creating a new user, require the password be typed twice to prevent errors | ||||
Description: |
"Users > Create" is used to create new users. There is a password field, but the admin is not required to type the password twice. This can cause issues when the user tries the password and the admin made a typo in this field. Please add a second password field to confirm the entry. (Note: This is already being done on the "Reset Password" function, when editing a user.) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1854 | [PacketFence] web admin | feature | always | 2015-01-13 10:32 | 2015-03-04 11:20 |
|
|||||
Reporter: | tristanrhodes | Platform: | |||
Assigned To: | OS: | ||||
Priority: | low | OS Version: | |||
Status: | acknowledged | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Add the ability to manage SSL cert from web interface | ||||
Description: |
Packetfence can use HTTPS for web admin and for captive portals. For production systems, admins need to provide a real SSL certificate. For non-Linux admins, this can be a difficult process. Please add the ability to manage SSL cert from web interface. This can involve generating keys and CSR, and then allowing SSL certs to be upload or pasted. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1852 | [PacketFence] web admin | feature | always | 2015-01-13 10:16 | 2015-03-04 11:20 |
|
|||||
Reporter: | tristanrhodes | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | acknowledged | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Add the ability to send a "Test" email from the web interface | ||||
Description: |
"Configuration > Alerting" is where users configure the email settings for alerts. However, there is no way to know if they set things up right. Please provide a "Send Test Email" button that will do this. (There is a similar function already provided under "Sources" for testing LDAP.) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1850 | [PacketFence] web admin | feature | always | 2015-01-12 18:34 | 2015-03-04 11:20 |
|
|||||
Reporter: | tristanrhodes | Platform: | |||
Assigned To: | OS: | ||||
Priority: | low | OS Version: | |||
Status: | acknowledged | Product Version: | 4.5.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Show MAC addresses of Packetfence interfaces in web interface | ||||
Description: |
When Packetfence is deployed in VMware (or other virtualized environment) the interfaces are given arbitrary names "Network Adapter 1". These names may or may not line up with Operating system names like "eth0". It would be helpful if the web-interface displayed the MAC address of the interfaces of Packetfence in the "Configuration > Network > Interfaces" page. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1849 | [PacketFence] web admin | feature | always | 2015-01-12 16:16 | 2015-03-04 11:20 |
|
|||||
Reporter: | tristanrhodes | Platform: | |||
Assigned To: | OS: | ||||
Priority: | low | OS Version: | |||
Status: | acknowledged | Product Version: | 4.5.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | The web interface needs to add a "confirm" step in many areas | ||||
Description: |
In many places in the web interface you can delete items with a single click; there is no confirmation. This means than a mistaken click can easily delete something you did not want to delete. This is even worse when the delete button is right next to another button, like the "Clone" button. This problem exists in many areas, including: Nodes > Delete Switches > Delete Status > Services > Restart (not deleting, but still needs confirmation) Admin Roles > Delete Floating devices > Delete Firewall SSO > Delete User Provisioners > Delete Areas that do this correctly: Portal Profiles User Roles User Sources Violations Please add a pop-up "Confirm" step to the problem areas listed above (and anything similar). |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1848 | [PacketFence] doc | feature | always | 2015-01-12 16:00 | 2015-03-04 11:20 |
|
|||||
Reporter: | tristanrhodes | Platform: | All | ||
Assigned To: | OS: | All | |||
Priority: | low | OS Version: | All | ||
Status: | acknowledged | Product Version: | 4.5.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Change docs to recommend using "spanning-tree portfast" or similar technology | ||||
Description: |
I set up my first Packetfence install on a lab switch following the Packetfence documentation: http://www.packetfence.org/downloads/PacketFence/doc/PacketFence_Network_Devices_Configuration_Guide-4.5.1.pdf [^] "On each interface: switchport mode access authentication order mab authentication port-control auto mab dot1x pae authenticator" I was using mac address bypass only, and my MacBook would give up on DHCP and self-assign 169.254.x.x address. In order to prevent this, we need to add one more command to each interface: "spanning-tree portfast" I recommend adding this to all your port configs, including the corresponding command for other switch vendors. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1145 | [PacketFence] core | feature | N/A | 2010-12-21 15:27 | 2015-03-04 11:18 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | lmunro | OS: | |||
Priority: | low | OS Version: | |||
Status: | acknowledged | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | long-term | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | IPv6 Support | ||||
Description: | Since we all know that it's inevitable IPv6 will come into real production soon (well in 2 to 5 years), I guess it would be a wise idea to start looking at it, just to be ahead of the wave. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1704 | [PacketFence] guests | major | always | 2013-09-03 07:32 | 2015-02-18 11:27 |
|
|||||
Reporter: | maikel | Platform: | |||
Assigned To: | jrouzier | OS: | |||
Priority: | normal | OS Version: | |||
Status: | assigned | Product Version: | 4.0.5 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Guest expiration is not set using the temporary_password method | ||||
Description: |
The default 31D expatiation of the password is never set in 4.0.5 code. It defaults to 0000-00-00 00:00:00 This makes the guest authentication per email fail, since it requires the expatriation date. commenting the function in temporary_password.pm at line 309 _update_field_for_action( $data,$actions,'expiration', 'expiration',"0000-00-00 00:00:00" ); in temporary password.pm fixxes this issue and sets the default of 31 days |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1868 | [PacketFence] configuration | feature | always | 2015-02-17 22:47 | 2015-02-18 10:24 |
|
|||||
Reporter: | ah27 | Platform: | Linux | ||
Assigned To: | jsemaan.inverse | OS: | RHEL / CentOS | ||
Priority: | normal | OS Version: | 6 | ||
Status: | assigned | Product Version: | 4.5.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Netgear M Series module does not handle up/down SNMP traps | ||||
Description: |
There is no handling of up/down traps on the Netgear M Series module. When it receives the trap, the following is written to the log: Feb 17 19:33:29 pfsetvlan(12) WARN: SNMP trap handling not implemented for this type of switch. (pf::Switch::parseTrap) Feb 17 19:33:29 pfsetvlan(12) ERROR: Use of uninitialized value $trapType in string eq at /usr/local/pf/sbin/pfsetvlan line 670. (main::parseTrap) Feb 17 19:33:29 pfsetvlan(12) ERROR: Use of uninitialized value $trapType in string ne at /usr/local/pf/sbin/pfsetvlan line 678. (main::parseTrap) Feb 17 19:33:29 pfsetvlan(12) ERROR: Use of uninitialized value $trapType in string eq at /usr/local/pf/sbin/pfsetvlan line 689. (main::parseTrap) Feb 17 19:33:29 pfsetvlan(12) ERROR: Use of uninitialized value $trapType in string eq at /usr/local/pf/sbin/pfsetvlan line 698. (main::parseTrap) Feb 17 19:33:29 pfsetvlan(12) ERROR: Use of uninitialized value $trapType in string eq at /usr/local/pf/sbin/pfsetvlan line 703. (main::parseTrap) Feb 17 19:33:29 pfsetvlan(12) ERROR: Use of uninitialized value $trapType in string eq at /usr/local/pf/sbin/pfsetvlan line 703. (main::parseTrap) Feb 17 19:33:29 pfsetvlan(12) ERROR: Use of uninitialized value $trapType in string eq at /usr/local/pf/sbin/pfsetvlan line 709. (main::parseTrap) Feb 17 19:33:29 pfsetvlan(12) ERROR: Use of uninitialized value $trapType in string eq at /usr/local/pf/sbin/pfsetvlan line 713. (main::parseTrap) Feb 17 19:33:29 pfsetvlan(12) ERROR: Use of uninitialized value $trapType in string eq at /usr/local/pf/sbin/pfsetvlan line 716. (main::parseTrap) Feb 17 19:33:29 pfsetvlan(12) ERROR: Use of uninitialized value $trapType in string eq at /usr/local/pf/sbin/pfsetvlan line 719. (main::parseTrap) Feb 17 19:33:29 pfsetvlan(12) ERROR: Use of uninitialized value $switch_port in concatenation (.) or string at /usr/local/pf/sbin/pfsetvlan line 729. (main::parseTrap) Feb 17 19:33:29 pfsetvlan(12) ERROR: Use of uninitialized value $trapType in concatenation (.) or string at /usr/local/pf/sbin/pfsetvlan line 729. (main::parseTrap) Feb 17 19:33:29 pfsetvlan(1) WARN: unable to parse trapLine.. here's the line: 10.100.6.30||||||||| (main::startTrapHandlers) Feb 17 19:33:29 pfsetvlan(1) INFO: nb of items in queue: 1; nb of threads running: 0 (main::startTrapHandlers) Feb 17 19:33:29 pfsetvlan(1) ERROR: Use of uninitialized value $ifType in numeric eq (==) at /usr/local/pf/lib/pf/vlan.pm line 138. (pf::vlan::doWeActOnThisTrap) Feb 17 19:33:29 pfsetvlan(1) ERROR: Use of uninitialized value $ifType in numeric eq (==) at /usr/local/pf/lib/pf/vlan.pm line 138. (pf::vlan::doWeActOnThisTrap) Feb 17 19:33:29 pfsetvlan(1) INFO: trap received on (10.100.6.30) ifindex which is not ethernetCsmacd (pf::vlan::doWeActOnThisTrap) Feb 17 19:33:29 pfsetvlan(1) INFO: doWeActOnThisTrap returns false. Stop handling (main::handleTrap) Feb 17 19:33:29 pfsetvlan(1) INFO: finished (main::cleanupAfterThread) Feb 17 19:33:39 pfsetvlan(13) WARN: SNMP trap handling not implemented for this type of switch. (pf::Switch::parseTrap) Feb 17 19:33:39 pfsetvlan(13) ERROR: Use of uninitialized value $trapType in string eq at /usr/local/pf/sbin/pfsetvlan line 670. (main::parseTrap) Feb 17 19:33:39 pfsetvlan(13) ERROR: Use of uninitialized value $trapType in string ne at /usr/local/pf/sbin/pfsetvlan line 678. (main::parseTrap) Feb 17 19:33:39 pfsetvlan(13) ERROR: Use of uninitialized value $trapType in string eq at /usr/local/pf/sbin/pfsetvlan line 689. (main::parseTrap) Feb 17 19:33:39 pfsetvlan(13) ERROR: Use of uninitialized value $trapType in string eq at /usr/local/pf/sbin/pfsetvlan line 698. (main::parseTrap) Feb 17 19:33:39 pfsetvlan(13) ERROR: Use of uninitialized value $trapType in string eq at /usr/local/pf/sbin/pfsetvlan line 703. (main::parseTrap) Feb 17 19:33:39 pfsetvlan(13) ERROR: Use of uninitialized value $trapType in string eq at /usr/local/pf/sbin/pfsetvlan line 703. (main::parseTrap) Feb 17 19:33:39 pfsetvlan(13) ERROR: Use of uninitialized value $trapType in string eq at /usr/local/pf/sbin/pfsetvlan line 709. (main::parseTrap) Feb 17 19:33:39 pfsetvlan(13) ERROR: Use of uninitialized value $trapType in string eq at /usr/local/pf/sbin/pfsetvlan line 713. (main::parseTrap) Feb 17 19:33:39 pfsetvlan(13) ERROR: Use of uninitialized value $trapType in string eq at /usr/local/pf/sbin/pfsetvlan line 716. (main::parseTrap) Feb 17 19:33:39 pfsetvlan(13) ERROR: Use of uninitialized value $trapType in string eq at /usr/local/pf/sbin/pfsetvlan line 719. (main::parseTrap) Feb 17 19:33:39 pfsetvlan(13) ERROR: Use of uninitialized value $switch_port in concatenation (.) or string at /usr/local/pf/sbin/pfsetvlan line 729. (main::parseTrap) Feb 17 19:33:39 pfsetvlan(13) ERROR: Use of uninitialized value $trapType in concatenation (.) or string at /usr/local/pf/sbin/pfsetvlan line 729. (main::parseTrap) Feb 17 19:33:39 pfsetvlan(3) WARN: unable to parse trapLine.. here's the line: 10.100.6.30||||||||| (main::startTrapHandlers) Feb 17 19:33:39 pfsetvlan(3) INFO: nb of items in queue: 1; nb of threads running: 0 (main::startTrapHandlers) Feb 17 19:33:39 pfsetvlan(3) ERROR: Use of uninitialized value $ifType in numeric eq (==) at /usr/local/pf/lib/pf/vlan.pm line 138. (pf::vlan::doWeActOnThisTrap) Feb 17 19:33:39 pfsetvlan(3) ERROR: Use of uninitialized value $ifType in numeric eq (==) at /usr/local/pf/lib/pf/vlan.pm line 138. (pf::vlan::doWeActOnThisTrap) Feb 17 19:33:39 pfsetvlan(3) INFO: trap received on (10.100.6.30) ifindex which is not ethernetCsmacd (pf::vlan::doWeActOnThisTrap) Feb 17 19:33:39 pfsetvlan(3) INFO: doWeActOnThisTrap returns false. Stop handling (main::handleTrap) Feb 17 19:33:39 pfsetvlan(3) INFO: finished (main::cleanupAfterThread) For reference, here is the up trap it received: 2015-02-17|03:41:46|UDP: [10.100.6.30]:33669->[10.100.16.108]|0.0.0.0|BEGIN TYPE 0 END TYPE BEGIN SUBTYPE 0 END SUBTYPE BEGIN VARIABLEBINDINGS .1.3.6.1.2.1.1.3.0 = Timeticks: (661683) 1:50:16.83|.1.3.6.1.6.3.1.1.4.1.0 = OID: .1.3.6.1.6.3.1.1.5.4|.1.3.6.1.2.1.2.2.1.1.1 = INTEGER: 1|.1.3.6.1.2.1.2.2.1.7.1 = INTEGER: up(1)|.1.3.6.1.2.1.2.2.1.8.1 = INTEGER: up(1) END VARIABLEBINDINGS and the down trap: 2015-02-17|03:42:30|UDP: [10.100.6.30]:33669->[10.100.16.108]|0.0.0.0|BEGIN TYPE 0 END TYPE BEGIN SUBTYPE 0 END SUBTYPE BEGIN VARIABLEBINDINGS .1.3.6.1.2.1.1.3.0 = Timeticks: (666103) 1:51:01.03|.1.3.6.1.6.3.1.1.4.1.0 = OID: .1.3.6.1.6.3.1.1.5.3|.1.3.6.1.2.1.2.2.1.1.1 = INTEGER: 1|.1.3.6.1.2.1.2.2.1.7.1 = INTEGER: up(1)|.1.3.6.1.2.1.2.2.1.8.1 = INTEGER: down(2) END VARIABLEBINDINGS These were both when working on port 1 |
||||
Steps To Reproduce: |
-Enable link up/down traps on switch -Plug/unplug device from port |
||||
Additional Information: |
This is also affecting the ability to use the location log and delete old devices on M-Series devices never close out the line for locations and show offline. I've attached an image of what the location log looks like for this in the web interface. |
||||
System Description | |||||
Attached Files: |
locationlog.jpg (62,948) 2015-02-17 22:47 https://www.packetfence.org/bugs/file_download.php?file_id=221&type=bug |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1864 | [PacketFence] hardware modules | minor | have not tried | 2015-02-08 18:06 | 2015-02-17 11:14 |
|
|||||
Reporter: | bwd_helpdesk | Platform: | All | ||
Assigned To: | fdurand | OS: | All | ||
Priority: | normal | OS Version: | All | ||
Status: | resolved | Product Version: | 4.5.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Compatibility of HP Access Points | ||||
Description: |
Hi Packetfence, I ned to confirm what AP's are supported for HP Procurve. On the product support page it only states HP procurve, nothing else. DOes this mean all models are supported? At present we are looking at: HP 425 Wireless Dual Radio 802.11n (WW) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1863 | [PacketFence] web admin | minor | always | 2015-02-02 16:58 | 2015-02-03 16:01 |
|
|||||
Reporter: | tristanrhodes | Platform: | |||
Assigned To: | jsemaan.inverse | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.5.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Trying to "Share unknown fingerprints" and got "Error! An error condition has occured. See server side logs for details." | ||||
Description: |
httpd.admin.log shows this: Feb 02 16:57:21 httpd.admin(12447) INFO: loading Net::MAC::Vendor cache from /usr/local/pf/conf/oui.txt (pf::util::load_oui) Feb 02 16:57:22 httpd.admin(12447) INFO: loading Net::MAC::Vendor cache from /usr/local/pf/conf/oui.txt (pf::util::load_oui) Feb 02 16:57:22 httpd.admin(12447) INFO: loading Net::MAC::Vendor cache from /usr/local/pf/conf/oui.txt (pf::util::load_oui) Feb 02 16:57:22 httpd.admin(12447) INFO: loading Net::MAC::Vendor cache from /usr/local/pf/conf/oui.txt (pf::util::load_oui) Feb 02 16:57:22 httpd.admin(12447) INFO: loading Net::MAC::Vendor cache from /usr/local/pf/conf/oui.txt (pf::util::load_oui) Feb 02 16:57:23 httpd.admin(12447) ERROR: Caught exception in pfappserver::Controller::Configuration::Fingerprints->upload "Undefined subroutine &pfappserver::Controller::Configuration::Fingerprints::uri_escape called at /usr/local/pf/html/pfappserver/lib/pfappserver/Controller/Configuration/Fingerprints.pm line 80." (pfappserver::Controller::Root::end) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1844 | [PacketFence] configuration | block | have not tried | 2014-11-27 15:15 | 2015-01-27 20:07 |
|
|||||
Reporter: | Eduardo Pereira | Platform: | PacketFence-ZEN-4_5_1 | ||
Assigned To: | jsemaan.inverse | OS: | CentOS | ||
Priority: | high | OS Version: | 6.6 | ||
Status: | assigned | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Config CISCO SF300 / SG 300 | ||||
Description: |
Hello ... Installed and configured the server but now I'm having trouble with the models of Switches that have the doubt is there any configuration standard for CISCO equipment - Model SF300, SG300 Small Bussiness? Read the guide but it only appears routers and switches I have are management. Thank you ... |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
SG300.pm (2,110) 2014-11-28 09:42 https://www.packetfence.org/bugs/file_download.php?file_id=220&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1860 | [PacketFence] captive portal | minor | always | 2015-01-19 08:51 | 2015-01-27 10:09 |
|
|||||
Reporter: | repitah | Platform: | All | ||
Assigned To: | jsemaan.inverse | OS: | All | ||
Priority: | normal | OS Version: | All | ||
Status: | assigned | Product Version: | 4.5.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Oauth2 methods do not populate User account fields | ||||
Description: | When registering with Facebook/Google/MicrosoftLive (others untested) account, the user details (names, email, etc) are not captured. | ||||
Steps To Reproduce: |
Log in to the captive portal with a Facebook/Google/Microsoft account that has not previously been used. Check the newly created user account for the registered device. |
||||
Additional Information: |
Example JSON information received, from /html/captive-portal/lib/captiveportal/PacketFence/ControllerOauth2.pm :: oauth2Result, that can be populated: Facebook:{"id":"101XXXX5391XXXX17","email":"repXXXX\u0040XXXXil.com","first_name":"myFirstname","gender":"male","last_name":"myLastname","link":"https:\/\/www.facebook.com\/app_scoped_user_id\/101XXXX5391XXXX17\/","locale":"en_GB","name":"myFirstname myLastname","timezone":2,"updated_time":"2014-04-01T14:29:08+0000","verified":true} Google: {"id": "1104XXXX82237XXXX2302","email": "repXXXX@XXXXil.com", "verified_email": true,"name": "myFirstname myLastname","given_name": "myFirstname", "family_name": "myLastname", "link": "https://plus.google.com/1104XXXX82237XXXX2302", [^] "picture": "https://lh3.googleusercontent.com/URL/to/photo.jpg", [^] "gender": "male"} Microsoft: {"id": "fa87XXXX16e7XXXX", "name": "myFirstname myLastname", "first_name": "myFirstname", "last_name": "myLastname", "link":"https://profile.live.com/","birth_day": [^] null,"birth_month": null,"birth_year": null,"gender": null,"emails": {"preferred": "repXXXX@XXXXil.com","account": "repXXXX@XXXXil.com","personal": null,"business": null},"phones": {"personal": null,"business": null,"mobile": null},"locale": "en_ZA","updated_time": "2015-01-17T14:00:59+0000"} |
||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1830 | [PacketFence] upgrade | crash | always | 2014-10-08 13:13 | 2014-12-22 20:06 |
|
|||||
Reporter: | pfbug | Platform: | Linux | ||
Assigned To: | lmunro | OS: | Debian | ||
Priority: | normal | OS Version: | 7 (Wheezy) | ||
Status: | resolved | Product Version: | 4.4.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Packetfence does not start after upgrade | ||||
Description: |
After upgrading from packetfence 4.3 to 4.4 via the inverse repository, the following error message appears when /usr/local/pf/bin/pfcmd anyparameter is executed: Fatal error preventing configuration to load. Please review your configuration. Error: Sereal: Error in srl_decoder.c line 657 and char 1 of input: Bad Sereal header: Not a valid Sereal document. at /usr/share/perl5/Data/Serializer/Sereal.pm line 51. at /usr/local/pf/lib/pf/config.pm line 394 Compilation failed in require at /usr/local/pf/bin/pfcmd.pl line 84. BEGIN failed--compilation aborted at /usr/local/pf/bin/pfcmd.pl line 84. An apt-get --reinstall install packetfence has been tried without success. Additionally, rm -fr /usr/local/pf/var/cache/* has been executed as described in UPGRADE.asciidoc. The sereal Packages are installed: # dpkg -l | grep sereal ii libdata-serializer-sereal-perl 1.05-1 all Creates bridge between Data::Serializer and Sereal ii libsereal-decoder-perl 3.001.003-1 amd64 fast, compact, powerful binary deserialization module ii libsereal-encoder-perl 3.001.003-1 amd64 fast, compact, powerful binary serializationa module |
||||
Steps To Reproduce: |
Execute /etc/init.d/packetfence restart after the upgrade from Packetfence 4.3.0. |
||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1678 | [PacketFence] captive portal | minor | always | 2013-08-02 09:13 | 2014-12-22 20:02 |
|
|||||
Reporter: | KimHagen | Platform: | |||
Assigned To: | fdurand | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Google oauth redirects back to captive portal before you can select yes/no to allow your site. | ||||
Description: |
On the captive portal if you select Google ouath it will redirect you to the Google login, after this it will redirect you back to the captive portal. (or first it will let you do your second-step authentication and then send you back to the captive portal page.) If you then select the Google oauth again you will get on the page where you can accept your site to have access and if you select yes the network access progress-bar appears and you have access. So you get 2 times the captive portal before you have access. For the facebook oauth it is as you expect. (portal, login and then access) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1845 | [PacketFence] captive portal | minor | always | 2014-12-02 12:12 | 2014-12-17 13:15 |
|
|||||
Reporter: | delta | Platform: | All | ||
Assigned To: | fdurand | OS: | All | ||
Priority: | normal | OS Version: | All | ||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | packetfence | ||||
Description: |
I'm testing packetfence and get the following error message in /usr/local/pf/logs/error_log RSA server certificate CommonName (CN) '127.0.0.1' does not match server name thanks |
||||
Steps To Reproduce: |
I'm testing packetfence and get the following error message in /usr/local/pf/logs/error_log RSA server certificate CommonName (CN) '127.0.0.1' does not match server name thanks |
||||
Additional Information: |
I'm testing packetfence and get the following error message in /usr/local/pf/logs/error_log RSA server certificate CommonName (CN) '127.0.0.1' does not match server name thanks |
||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1839 | [PacketFence] core | major | always | 2014-10-28 08:14 | 2014-12-17 08:48 |
|
|||||
Reporter: | caralo | Platform: | Linux | ||
Assigned To: | fdurand | OS: | Debian | ||
Priority: | high | OS Version: | 7 (Wheezy) | ||
Status: | resolved | Product Version: | 4.4.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | 364882d0d75b0191ab3e935db9d9592c11b03721 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Re-evaluate access fails with undefined subroutine | ||||
Description: |
After registration in portal, vlan _reevaluation fails when it calls subroutine &pf::api::locationlog_view_open_switchport_no_VoIP Debian 7 and PF 4.4/4.5 These are the logs: Oct 27 19:11:42 httpd.portal(21155) INFO: [00:44:54:85:f7:0c] re-evaluating access (manage_register called) (pf::enforcement::reevaluate_access) Oct 27 19:11:42 httpd.portal(21155) INFO: [00:44:54:85:f7:0c] switch port is (10.0.1.4) ifIndex 10040 connection type: Wired SNMP (pf::enforcement::_vlan_reevaluation) Oct 27 19:11:44 httpd.webservices(3662) ERROR: Undefined subroutine &pf::api::locationlog_view_open_switchport_no_VoIP call ed at /usr/local/pf/lib/pf/api.pm line 251. (pf::WebAPI::JSONRPC::__ANON__) Oct 27 19:12:21 httpd.portal(3622) INFO: [00:44:54:85:f7:0c] shouldn't reach here. Calling access re-evaluation. Make sure your network device configuration is correct. (captiveportal::PacketFence::Controller::CaptivePortal::unknownState) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1840 | [PacketFence] web admin | minor | always | 2014-10-28 11:26 | 2014-11-26 09:17 |
|
|||||
Reporter: | caralo | Platform: | Linux | ||
Assigned To: | jrouzier | OS: | Debian | ||
Priority: | normal | OS Version: | 7 (Wheezy) | ||
Status: | resolved | Product Version: | 4.4.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | +1 | ||
Target Version: | |||||
fixed in git revision: | 4c51dbc36909407dc2d604086ebd9b833f09e857 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Error applying role to multiple nodes | ||||
Description: |
when you select multiple nodes and try to apply a role it does not work and you get "Success. Roles applied to 0 nodes" You can only apply the role if you click the mac address link individually. These are the logs from httpd.admin.log: Oct 28 16:24:48 httpd.admin(8148) INFO: Redirecting to admin interface https://localhost:1443/admin [^] (pfappserver::Controller::Root::index) Oct 28 16:24:48 httpd.admin(8148) ERROR: Argument "\x{37}\x{34}..." isn't numeric in numeric ne (!=) at /usr/local/pf/html/pfappserver/lib/pfappserver/Model/Node.pm line 768. (pfappserver::__ANON__) Oct 28 16:24:48 httpd.admin(8148) ERROR: Unable to modify node because specified category doesn't exist (pf::node::node_modify) Oct 28 16:24:49 httpd.admin(8148) ERROR: Use of uninitialized value $all_or_any in string eq at /usr/local/pf/html/pfappserver/lib/pfappserver/Model/Search/Node.pm line 73. (pfappserver::__ANON__) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1838 | [PacketFence] configuration | minor | have not tried | 2014-10-25 18:23 | 2014-10-26 13:10 |
|
|||||
Reporter: | deco | Platform: | Linux | ||
Assigned To: | OS: | RHEL / CentOS | |||
Priority: | normal | OS Version: | 6 | ||
Status: | new | Product Version: | 4.4.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | New firefox version blocks PF 4.5 Configurator | ||||
Description: |
NOTE: *Not a bug with PF but how Firefox interacts with the install process* Just did a fresh install of CentOS 6.5 and did a yum update && yum upgrade. This updated the Firefox Browser to 31.1.0. With this version of Firefox, it would not allow the configurator page to display. After some Googling I found this forum post on Firefox's support page: https://support.mozilla.org/en-US/questions/1012765 [^] Going into about:config and doing the following solved this issue: setting "security.use_mozillapkix_verification" to 'true' P.S. I couldn't select PF 4.5.0 As a product version in the drop down. -Deco |
||||
Steps To Reproduce: | Fresh install of CentOS & update and attempt to install PF. | ||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1834 | [PacketFence] upgrade | minor | always | 2014-10-23 08:24 | 2014-10-24 09:27 |
|
|||||
Reporter: | erSitzt | Platform: | Linux x86_64 | ||
Assigned To: | fdurand | OS: | Ubuntu | ||
Priority: | normal | OS Version: | 12.04 | ||
Status: | resolved | Product Version: | 4.4.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | packetfence upgrade held back because of missing libdatetime-format-rfc3339-perl | ||||
Description: |
When upgrading from 4.4 to 4.5 via apt packetfence-pfcmd-suid updates but packetfence fails: buehring@srv-pf2:~$ sudo apt-get upgrade Reading package lists... Done Building dependency tree Reading state information... Done The following packages have been kept back: packetfence 0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded. buehring@srv-pf2:~$ sudo apt-get install packetfence Reading package lists... Done Building dependency tree Reading state information... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: packetfence : Depends: libdatetime-format-rfc3339-perl but it is not installable E: Unable to correct problems, you have held broken packages. buehring@srv-pf2:~$ dpkg -l | grep packetfence ii packetfence 4.4.0 PacketFence network registration / worm mitigation system ii packetfence-pfcmd-suid 4.5.0 C wrapper that replace perl-suid dependence buehring@srv-pf2:~$ |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1828 | [PacketFence] doc | minor | always | 2014-10-07 09:46 | 2014-10-07 09:54 |
|
|||||
Reporter: | ae3 | Platform: | All | ||
Assigned To: | francis | OS: | All | ||
Priority: | normal | OS Version: | All | ||
Status: | resolved | Product Version: | 4.2.2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.5.0 | ||
Target Version: | |||||
fixed in git revision: | f25ea483236c8aaac557313a02b842ef892910cf | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | PF 4.4.0 ZEN manual URL error | ||||
Description: |
On PDF page 10 (paper page 7), the following paragraph contains a URL that needs to be httpS: Configuring your PacketFence environment Before booting your VM, make sure the network cable coming from the TRUNK port for the demonstration PC is correctly plugged in the switch and the PC and that the link is up. Once powered, open a browser and point it to the configuration URL as stated by the VM login prompt (ie. http://PF_IP:1443/configurator [^]). The configuration process is a five steps process at the end of which, the VM will be a persistent working PacketFence environment. |
||||
Steps To Reproduce: |
Open PDF file, scroll down 10 pages. :-) |
||||
Additional Information: |
The product version picklist in this bug reporter ends at 4.2.2. |
||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1824 | [PacketFence] refactoring | minor | always | 2014-09-12 09:12 | 2014-09-12 09:12 |
|
|||||
Reporter: | juanvalencia | Platform: | Linux | ||
Assigned To: | OS: | CentOS | |||
Priority: | normal | OS Version: | 6.5 | ||
Status: | new | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | VoiP phones don't get complete information when they are autoreg for a different method than dhcp. | ||||
Description: | When you connect a VoIP phone and this is autoregister for a method like radius attributes, PF doesn't update OS info because when it detects that is a VoIP base on dhcp it is already register and PF rejects to do something. The same thing happens when is an autoregister violation created. | ||||
Steps To Reproduce: |
* Configure a switch to use MAB. * Connect a Phone capable to send Radius attributes of VoIP. * The VoIP is immediately autor-egistered because the Radius Attributes. * The VoIP ask for DHCP, and PF detects that is form the category of VoIP Phones/Adapters. * PF says the device is already auto-register do nothing. |
||||
Additional Information: | PF should update the info of the node in every step that obtains info from the device, even if there is no action to do whit it. In this case the portion of the code, I think in pfsetvlan.pm that rejects to auto-register the device should obtain all the info and pushed into the node_info in the DB. | ||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1655 | [PacketFence] inline | major | always | 2013-06-25 11:47 | 2014-09-11 04:29 |
|
|||||
Reporter: | JasonFell | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 4.0.1 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Inline Mode not forwarding after registration | ||||
Description: |
After creating a user and using these credential for logging in, no forwarding occurs. The screen states that I should check the network settings and try again. But nothing I do will alow it through except for restarting all the services. After looking into the packetfence logs I have found the following entries. Jun 25 09:38:52 redir.cgi(0) INFO: 00:1c:7e:d6:50:25 being redirected (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler) Jun 25 09:38:52 redir.cgi(0) INFO: Updating node 00:1c:7e:d6:50:25 user_agent with useragent: 'Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20100101 Firefox/12.0' (pf::web::web_node_record_user_agent) Jun 25 09:38:52 redir.cgi(0) INFO: Static User-Agent lookup data initialized (pf::useragent::_init) Jun 25 09:38:52 redir.cgi(0) INFO: 00:1c:7e:d6:50:25 redirected to authentication page (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler) Jun 25 09:38:52 redir.cgi(0) INFO: 00:1c:7e:d6:50:25 being redirected (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler) Jun 25 09:38:52 redir.cgi(0) INFO: 00:1c:7e:d6:50:25 redirected to authentication page (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler) Jun 25 09:39:06 register.cgi(0) INFO: 192.168.250.100 - 00:1c:7e:d6:50:25 on registration page (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_register_2ecgi::handler) Jun 25 09:39:06 register.cgi(0) INFO: performing node registration MAC: 00:1c:7e:d6:50:25 pid: guest10 (pf::web::_sanitize_and_register) Jun 25 09:39:06 register.cgi(0) INFO: re-evaluating access for node 00:1c:7e:d6:50:25 (manage_register called) (pf::enforcement::reevaluate_access) Jun 25 09:39:06 register.cgi(0) WARN: Can't re-evaluate access for mac 00:1c:7e:d6:50:25 because no open locationlog entry was found (pf::enforcement::reevaluate_access) Jun 25 09:39:06 register.cgi(0) INFO: 192.168.250.100 - 00:1c:7e:d6:50:25 on registration page (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_register_2ecgi::handler) Jun 25 09:39:16 redir.cgi(0) INFO: 00:1c:7e:d6:50:25 being redirected (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler) Jun 25 09:39:16 redir.cgi(0) INFO: MAC 00:1c:7e:d6:50:25 shouldn't reach here. Calling access re-evaluation. Make sure your network device configuration is correct. (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler) Jun 25 09:39:16 redir.cgi(0) INFO: re-evaluating access for node 00:1c:7e:d6:50:25 (redir.cgi called) (pf::enforcement::reevaluate_access) Jun 25 09:39:16 redir.cgi(0) WARN: Can't re-evaluate access for mac 00:1c:7e:d6:50:25 because no open locationlog entry was found (pf::enforcement::reevaluate_access) Jun 25 09:39:29 redir.cgi(0) INFO: 00:1c:7e:d6:50:25 being redirected (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler) Jun 25 09:39:29 redir.cgi(0) INFO: MAC 00:1c:7e:d6:50:25 shouldn't reach here. Calling access re-evaluation. Make sure your network device configuration is correct. (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler) Jun 25 09:39:29 redir.cgi(0) INFO: re-evaluating access for node 00:1c:7e:d6:50:25 (redir.cgi called) (pf::enforcement::reevaluate_access) Jun 25 09:39:29 redir.cgi(0) WARN: Can't re-evaluate access for mac 00:1c:7e:d6:50:25 because no open locationlog entry was found (pf::enforcement::reevaluate_access) Jun 25 09:39:29 redir.cgi(0) INFO: 00:1c:7e:d6:50:25 being redirected (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler) Jun 25 09:39:29 redir.cgi(0) INFO: MAC 00:1c:7e:d6:50:25 shouldn't reach here. Calling access re-evaluation. Make sure your network device configuration is correct. (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler) Jun 25 09:39:29 redir.cgi(0) INFO: re-evaluating access for node 00:1c:7e:d6:50:25 (redir.cgi called) (pf::enforcement::reevaluate_access) Jun 25 09:39:29 redir.cgi(0) WARN: Can't re-evaluate access for mac 00:1c:7e:d6:50:25 because no open locationlog entry was found (pf::enforcement::reevaluate_access) Jun 25 09:39:56 redir.cgi(0) INFO: 00:1c:7e:d6:50:25 being redirected (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler) Jun 25 09:39:56 redir.cgi(0) INFO: MAC 00:1c:7e:d6:50:25 shouldn't reach here. Calling access re-evaluation. Make sure your network device configuration is correct. (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler) Jun 25 09:39:56 redir.cgi(0) INFO: re-evaluating access for node 00:1c:7e:d6:50:25 (redir.cgi called) (pf::enforcement::reevaluate_access) Jun 25 09:39:56 redir.cgi(0) WARN: Can't re-evaluate access for mac 00:1c:7e:d6:50:25 because no open locationlog entry was found (pf::enforcement::reevaluate_access) Jun 25 09:39:56 redir.cgi(0) INFO: 00:1c:7e:d6:50:25 being redirected (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler) Jun 25 09:39:56 redir.cgi(0) INFO: MAC 00:1c:7e:d6:50:25 shouldn't reach here. Calling access re-evaluation. Make sure your network device configuration is correct. (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_redir_2ecgi::handler) Jun 25 09:39:56 redir.cgi(0) INFO: re-evaluating access for node 00:1c:7e:d6:50:25 (redir.cgi called) (pf::enforcement::reevaluate_access) Jun 25 09:39:56 redir.cgi(0) WARN: Can't re-evaluate access for mac 00:1c:7e:d6:50:25 because no open locationlog entry was found (pf::enforcement::reevaluate_access). I have tried this on a number of occasions and get the same issue. I have tried leaving packetfence (for more than an hour, to see if it is an issue with time), I have disconnected the workstation requiring acccess (for more than an hour), and finally I have tried rebooting the workstation (requiring access). None of this gave internet access. As previously noted the only way access is given is by restarting all the packetfence services. |
||||
Steps To Reproduce: | |||||
Additional Information: |
Current setup is as follows; Inline enforcement Packetfence d-link unmanaged 4 port switch |
||||
Attached Files: |
Packetfence Output after secure redirect disable.txt (5,026) 2013-07-03 04:32 https://www.packetfence.org/bugs/file_download.php?file_id=178&type=bug Packetfence-successful_activation.log (3,401) 2013-07-18 03:49 https://www.packetfence.org/bugs/file_download.php?file_id=180&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1823 | [PacketFence] web admin | minor | always | 2014-09-05 10:22 | 2014-09-05 10:22 |
|
|||||
Reporter: | jsemaan.inverse | Platform: | All | ||
Assigned To: | OS: | All | |||
Priority: | normal | OS Version: | All | ||
Status: | new | Product Version: | devel | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | The external script trigger for violations is broken in the admin ui | ||||
Description: |
The creation of external script triggers in the admin ui creates invalid configuration. It adds the trigger 'external' when the configuration expects 'external<some user defined id>' Then the path to the script must be configured in pf.conf in [paths.external<the decided id>] It must also be added to documentation.conf or pf won't checkup. We need to review the way we create these triggers or adapt the admin interface to the current way of doing it. The feature still works when creating the configuration manually |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1819 | [PacketFence] radius | minor | always | 2014-08-19 17:43 | 2014-08-19 18:50 |
|
|||||
Reporter: | cpross90 | Platform: | Linux | ||
Assigned To: | OS: | RHEL / CentOS | |||
Priority: | normal | OS Version: | 6 | ||
Status: | new | Product Version: | 4.2.2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Cisco Aironet 1042N periods in MAC | ||||
Description: |
When accounting data is sent to the pf server there are periods in the MAC. Packetfence does not parse them properly causing bandwidth monitoring to not work correctly. |
||||
Steps To Reproduce: | Use pf with Aironet 1042N. | ||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1766 | [PacketFence] hardware modules | minor | always | 2014-02-05 20:25 | 2014-07-25 10:53 |
|
|||||
Reporter: | aj14 | Platform: | Linux | ||
Assigned To: | OS: | RHEL / CentOS | |||
Priority: | normal | OS Version: | 5 | ||
Status: | resolved | Product Version: | 4.0.3 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | PacketFence cannot receive SNMP traps from D-link DES3526 Switch | ||||
Description: |
Before deploying PF to our network, we are testing its functionality with the switches that we have. So far so good, but when it comes to the D-Link DES3526, we have had no luck. When I look into the module itself, it is basically a container for the main Dlink.pm. Basically, nothing happens on the switch when we connect a host authorized or unauthorized to it. When looking at the packetfence log, it seems as if PF is not understanding the trap coming from the switch ("trap currently not hadled"). I have attached an excerpt of packetfence.log. You can see that the trap contains the MAC address of the machine that is being connected to the switch. I have also attached the switch configuration. Firmware is 5.00-B27. |
||||
Steps To Reproduce: |
Connect a machine to a port in the switch configured to send traps. |
||||
Additional Information: |
packetfence.log entries: Feb 04 16:56:08 pfsetvlan(25) DEBUG: trap currently not handled (pf::SNMP::Dlink::parseTrap) Feb 04 16:56:08 pfsetvlan(25) INFO: ignoring unknown trap: 2014-02-04|00:56:06|UDP: [10.100.6.32]:161->[10.100.16.90]|0.0.0.0|BEGIN TYPE 0 END TYPE BEGIN SUBTYPE 0 END SUBTYPE BEGIN VARIABLEBINDINGS .1.3.6.1.2.1.1.3.0 = Timeticks: (1248956) 3:28:09.56|.1.3.6.1.6.3.1.1.4.1.0 = OID: .1.3.6.1.4.1.171.11.64.1.2.15.2.0.2|.1.3.6.1.4.1.171.11.64.1.2.14.1.1.1.1 = INTEGER: 1|.1.3.6.1.4.1.171.11.64.1.2.15.2.1 = Hex-STRING: B8 88 E3 DD F9 45 END VARIABLEBINDINGS (main::parseTrap) Feb 04 16:56:08 pfmon(1) INFO: running expire check (main::cleanup) Feb 04 16:56:08 pfmon(1) INFO: checking registered nodes for expiration (main::cleanup) Feb 04 16:56:08 pfmon(1) INFO: checking violations for expiration (main::cleanup) Feb 04 16:56:08 pfmon(1) INFO: checking accounting data for potential bandwidth abuse (main::cleanup) Feb 04 16:56:08 pfmon(1) INFO: getting violations triggers for accounting cleanup (pf::accounting::acct_maintenance) Feb 04 16:56:08 pfmon(1) INFO: Calling node acct maintenance total with monthly and 1 for 21474836480 (pf::accounting::acct_maintenance) Feb 04 16:56:08 pfsetvlan(23) DEBUG: trap currently not handled (pf::SNMP::Dlink::parseTrap) Feb 04 16:56:08 pfsetvlan(23) INFO: ignoring unknown trap: 2014-02-04|00:56:07|UDP: [10.100.6.32]:161->[10.100.16.90]|0.0.0.0|BEGIN TYPE 0 END TYPE BEGIN SUBTYPE 0 END SUBTYPE BEGIN VARIABLEBINDINGS .1.3.6.1.2.1.1.3.0 = Timeticks: (1249056) 3:28:10.56|.1.3.6.1.6.3.1.1.4.1.0 = OID: .1.3.6.1.4.1.171.11.64.1.2.15.2.0.2|.1.3.6.1.4.1.171.11.64.1.2.14.1.1.1.1 = INTEGER: 1|.1.3.6.1.4.1.171.11.64.1.2.15.2.1 = Hex-STRING: B8 88 E3 DD F9 45 END VARIABLEBINDINGS (main::parseTrap) Feb 04 16:56:08 pfsetvlan(24) DEBUG: trap currently not handled (pf::SNMP::Dlink::parseTrap) Feb 04 16:56:08 pfsetvlan(24) INFO: ignoring unknown trap: 2014-02-04|00:56:08|UDP: [10.100.6.32]:161->[10.100.16.90]|0.0.0.0|BEGIN TYPE 0 END TYPE BEGIN SUBTYPE 0 END SUBTYPE BEGIN VARIABLEBINDINGS .1.3.6.1.2.1.1.3.0 = Timeticks: (1249157) 3:28:11.57|.1.3.6.1.6.3.1.1.4.1.0 = OID: .1.3.6.1.4.1.171.11.64.1.2.15.2.0.2|.1.3.6.1.4.1.171.11.64.1.2.14.1.1.1.1 = INTEGER: 1|.1.3.6.1.4.1.171.11.64.1.2.15.2.1 = Hex-STRING: B8 88 E3 DD F9 45 END VARIABLEBINDINGS (main::parseTrap) Feb 04 16:56:11 pfsetvlan(22) DEBUG: trap currently not handled (pf::SNMP::Dlink::parseTrap) Feb 04 16:56:11 pfsetvlan(22) INFO: ignoring unknown trap: 2014-02-04|00:56:09|UDP: [10.100.6.32]:161->[10.100.16.90]|0.0.0.0|BEGIN TYPE 0 END TYPE BEGIN SUBTYPE 0 END SUBTYPE BEGIN VARIABLEBINDINGS .1.3.6.1.2.1.1.3.0 = Timeticks: (1249256) 3:28:12.56|.1.3.6.1.6.3.1.1.4.1.0 = OID: .1.3.6.1.4.1.171.11.64.1.2.15.2.0.2|.1.3.6.1.4.1.171.11.64.1.2.14.1.1.1.1 = INTEGER: 1|.1.3.6.1.4.1.171.11.64.1.2.15.2.1 = Hex-STRING: B8 88 E3 DD F9 45 END VARIABLEBINDINGS (main::parseTrap) Feb 04 16:56:11 pfsetvlan(21) DEBUG: trap currently not handled (pf::SNMP::Dlink::parseTrap) Switch entry in switches.conf: [10.100.6.32] mode=production SNMPCommunityRead=frydmwrt SNMPCommunityWrite=frydmwrt SNMPVersionTrap=2c type=Dlink::DES_3526 VoIPEnabled=N SNMPVersion=2c uplink=26 SNMPCommunityTrap=frydmwrt SNMPEngineID=800000ab03001cf09d649a |
||||
System Description | |||||
Attached Files: |
des-3526-config (8,410) 2014-02-05 20:25 https://www.packetfence.org/bugs/file_download.php?file_id=198&type=bug Dlink-aj14.pm (7,895) 2014-02-28 11:13 https://www.packetfence.org/bugs/file_download.php?file_id=201&type=bug Dlink.pm (7,879) 2014-04-23 14:34 https://www.packetfence.org/bugs/file_download.php?file_id=206&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1814 | [PacketFence] web admin | minor | always | 2014-07-14 19:36 | 2014-07-15 12:58 |
|
|||||
Reporter: | hagenbucher | Platform: | i686 | ||
Assigned To: | OS: | Ubuntu Server | |||
Priority: | normal | OS Version: | 12.04.4 LTS | ||
Status: | new | Product Version: | devel | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Uplinks only allowed to be numeric | ||||
Description: |
You untick the usage of dynamic uplinks (how does it work?) The field "Uplink" is editable now but does not allow ports like: A1, A2, A3 or Trk1, Trk2 issue 1 a) Trk1, Trk2 ... are trunks (static) or link aggretaions (lacp) created manually on the switch CLI (do not confuse cisco usage of the word trunk) for 5400zl and 2910al series. issue 1 b) A1 is the first port on modul A on HP ProCurve 5400zl series. issue 2) If there is only one uplink port - which is perfectly fine with an lacp created link connected to a distributed trunk/multi chassis lag or if you don't care about redundancy - there should be the possibility of configuring one port only as uplink. |
||||
Steps To Reproduce: |
Menu Configuration - Switches: - Click 'Add Switch' - Fill any non-numerical value to the file "Uplink" - The field and caption gets framed/written in red and you cannot save your edit. |
||||
Additional Information: |
Tested with 4.3.0-201407140016 and 4.3.0 You can workaround issue number two by filling in "1, 1" if your only uplink port is port number 1. |
||||
System Description | Running in VirtualBOX | ||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1806 | [PacketFence] captive portal | block | always | 2014-06-05 09:21 | 2014-07-09 01:03 |
|
|||||
Reporter: | hudsonfas | Platform: | Linux | ||
Assigned To: | OS: | Debian | |||
Priority: | normal | OS Version: | 7 (Wheezy) | ||
Status: | new | Product Version: | 4.2.2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Your network should be enabled within a minute or two | ||||
Description: |
In captive portal, after I put USERNAME and PASSWORD, and received the message: "Your network should be enabled within a minute or two. If it is not reboot your computer" ... and nothing happens .... In /usr/local/pf/logs/portal_error: [Thu Jun 5 08:33:34 2014] -e: Use of uninitialized value $2 in uc at /usr/local/pf/html/captive-portal/lib/captiveportal/PacketFence/Controller/Root.pm line 186 |
||||
Steps To Reproduce: | |||||
Additional Information: |
Debian GNU/Linux 7 (wheezy) packetfence: Installed: 4.2.2 Candidate: 4.2.2 Version table: *** 4.2.2 0 500 http://inverse.ca/downloads/PacketFence/debian/ [^] wheezy/wheezy amd64 Packages |
||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1813 | [PacketFence] captive portal | minor | have not tried | 2014-06-25 05:14 | 2014-07-07 12:36 |
|
|||||
Reporter: | sisu | Platform: | Linux | ||
Assigned To: | OS: | Ubuntu | |||
Priority: | normal | OS Version: | 12.04 | ||
Status: | new | Product Version: | 4.2.2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Phone number check with regex | ||||
Description: |
On Packetfence 4.1 In the File /pf/lib/pf/web/util.pm i changee the text form : sub validate_phone_number { my ($phone_number) = @_; # north american regular expression if ($phone_number =~ / ^(?:\+?(1)[-.\s]?)? # optional 1 in front with -, ., space or nothing seperator \(?([2-9]\d{2})\)? # captures first 3 digits allows optional parenthesis [-.\s]? # separator -, ., space or nothing (\d{3}) # captures 3 digits [-.\s]? # separator -, ., space or nothing (\d{4})$ # captures last 4 digits /x) { return "$1$2$3$4" if defined($1); return "$2$3$4"; } # rest of world regular expression if ($phone_number =~ / ^\+?\s? # optional + on front with optional space ((?:[0-9]\s?){6,14} # between 6 and 14 groups of digits seperated by spaces or not [0-9])$ # end with a digit /x) { # trim spaces my $return = $1; $return =~ s/\s+//g; return $return; } return; } to sub validate_phone_number { my ($phone_number) = @_; $phone_number =~ s/\s+//g; # Leerzeichen rausnehmen $phone_number =~ s/\s-//g; # Minuszeichen rausnehmen $phone_number =~ s/^\+/00/; # + mit 00 ersetzen $phone_number =~ s/^0041/0/; # 0041 mit 0 ersetzen # Schweiz: ^07[5-9]\d{7}$ #Frankreich ^00336(0(7|8)|3[0-2]|54|[6-8]\d{1})\d{6}$ #Oesterreich ^00436(50|6(0|3|4)|7(6|8)|8(0|1|8)|99)\d{7}$ #Deutschland ^00491(5(1|2|5|7|9)|6(0|2|3)|7)\d{8,9}$ #Italien ^00393([2-4]\d{1}|6[0-8]|8\d{1}|9[0-3])\d{7}$ #England ^00447(4|5|[7-9]|7624)\d{6,8}$ if ($phone_number =~ /^07[5-9]\d{7}$|^00336(0(7|8)|3[0-2]|54|[6-8]\d{1})\d{6}$|^00491(5(1|2|5|7|9)|6(0|2|3)|7)\d{8,9}$|^00393([2-4]\d{1}|6[0-8]|8\d{1}|9[0-3])\d{7}$|^00447(4|5|[7-9]|7624)\d{6,8}$/) { return $phone_number; } return; } if I sign up with the number +49... the system sending sms to 0049.... On Packetfence 4.2 who i do the same if not send to 0049.... it sends to 49... Thanks for help Best Regards Sisu |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1811 | [PacketFence] configuration | major | always | 2014-06-13 15:14 | 2014-06-13 15:14 |
|
|||||
Reporter: | lmunro | Platform: | All | ||
Assigned To: | OS: | All | |||
Priority: | normal | OS Version: | All | ||
Status: | new | Product Version: | 4.2.2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | fake_mac_enabled by default | ||||
Description: |
The configurator always set fake_mac_enabled=enabled when doing VLAN enforcement. This setting should only apply to inline enforcement. |
||||
Steps To Reproduce: | Install PF, run the configurator and select VLAN enforcement. | ||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1810 | [PacketFence] web admin | major | always | 2014-06-11 10:37 | 2014-06-11 15:14 |
|
|||||
Reporter: | pfbug | Platform: | Linux | ||
Assigned To: | OS: | Debian | |||
Priority: | normal | OS Version: | 7 (Wheezy) | ||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | ec3d6588084a5be371120aac4da9f4054357bf7e | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | IP Address saved as MAC Address in Switch configuration | ||||
Description: |
When entering an IP address for a switch, e.g. 192.168.201.101 it is saved as MAC address 19:21:68:20:11:01 which renders the configuration unusable (the switch is not accessed from packetfence). The bug was reproducible with Packetfence 4.2.2 and 4.3.0 (10062014). The same configuration was successful with Packetfence 4.2.0. |
||||
Steps To Reproduce: | Add a switch via web interface, enter IP of the switch. | ||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1809 | [PacketFence] core | minor | always | 2014-06-10 16:02 | 2014-06-10 16:03 |
|
|||||
Reporter: | dwuelfrath | Platform: | |||
Assigned To: | dwuelfrath | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.2.2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.3.0 | ||
Target Version: | 4.2.3 | ||||
fixed in git revision: | b43eb94de55b0e452d8fadb8c233eb1cd3d2ab9d | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | allowed_device_types.txt file is not population the dropdown | ||||
Description: | On the device registration page, even if we have stuff in the allowed_device_types.txt file, there is no dropdown to select the type of the device. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1805 | [PacketFence] captive portal | minor | have not tried | 2014-06-04 11:38 | 2014-06-10 15:49 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | dwuelfrath | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.2.2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.3.0 | ||
Target Version: | 4.2.3 | ||||
fixed in git revision: | d1794798429942203277dd6ba41fbecf6adcc807 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Device Registration: unreg date/access duration not used | ||||
Description: | When registering a device (aka gaming registration), neither the unreg date nor the access duration of the user is used. | ||||
Steps To Reproduce: | |||||
Additional Information: | https://github.com/inverse-inc/packetfence/blob/stable/html/captive-portal/lib/captiveportal/PacketFence/Controller/DeviceRegistration.pm#L128 [^] | ||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1807 | [PacketFence] captive portal | minor | sometimes | 2014-06-05 15:35 | 2014-06-05 15:35 |
|
|||||
Reporter: | jwesleyb | Platform: | LINUX | ||
Assigned To: | OS: | CENT OS | |||
Priority: | normal | OS Version: | 6.3 | ||
Status: | new | Product Version: | 4.2.2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | error registering device | ||||
Description: |
Hi, i'm with the following problem. When I log on the network, packetfence registers the wrong mac address. Example: 00:00: BC: 62:00:0 A With the correct MAC address: BF: F8: 48:0 D: 45: FA How do I fix this error? Thank you! |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1804 | [PacketFence] web admin | feature | have not tried | 2014-06-03 09:51 | 2014-06-03 09:51 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 4.2.2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Allow to reorder SMS carriers | ||||
Description: | When defining a SMS authentication source, it would useful to easily reorder the list of carriers. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1603 | [PacketFence] configuration | tweak | always | 2012-11-13 09:37 | 2014-06-03 03:17 |
|
|||||
Reporter: | maikel | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 3.6.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Bandwith violations edit doesnt reload pfmon | ||||
Description: | When altering violations, in special as tested the bandwidth violations. These violations will not reload pfmon. Pfmon still listens to the old violations.conf. After restart of packetfence, the new violation rules are loaded and it works perfect. This minor tweak would be nice | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1267 | [PacketFence] captive portal | trivial | random | 2011-09-14 16:31 | 2014-06-02 08:15 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | fdurand | OS: | |||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | general | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | add template toolkit error reporting on all ->process calls | ||||
Description: |
Just like I did here at revno: 49438888fdbade2110cb70324e34381245c1bf25--- pf/lib/pf/web/guest.pm 0a9d7807c131a50376d474012b92a1a629d5e85c +++ pf/lib/pf/web/guest.pm 44fa683d2c052e22eac0e0f12b25250469c5a1e3 @@ -228,7 +228,7 @@ sub generate_registration_page { #} my $template = Template->new({ INCLUDE_PATH => [$CAPTIVE_PORTAL{'TEMPLATE_DIR'}], }); - $template->process($pf::web::guest::REGISTRATION_TEMPLATE, $vars); + $template->process($pf::web::guest::REGISTRATION_TEMPLATE, $vars) || $logger->error($template->error()); exit; } It helped out identify a nasty bug. It should be done by default on all the $template->process() calls. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1786 | [PacketFence] upgrade | minor | always | 2014-04-05 11:52 | 2014-06-02 08:15 |
|
|||||
Reporter: | huxiufei | Platform: | VMware | ||
Assigned To: | fdurand | OS: | RHEL i386 | ||
Priority: | normal | OS Version: | 6.4 | ||
Status: | resolved | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | software installation error | ||||
Description: |
i followed "PacketFence_Administration_Guide-4.1.0" guild to install the packetfence. At the last step, when i execute the command "yum groupinstall --enablerepo=PacketFence,epel,rpmforge,of Packetfence-complete" there are some errors occur: --> Finished Dependency Resolution Error: Package: packetfence-4.1.0-1.el6.noarch (PacketFence) Requires: dhcp Error: Package: packetfence-4.1.0-1.el6.noarch (PacketFence) Requires: perl(Net::DNS::Nameserver) = 749 Error: Package: packetfence-4.1.0-1.el6.noarch (PacketFence) Requires: ipset Error: Package: perl-HTML-Tidy-1.08-5.el6.i686 (epel) Requires: libtidy-0.99.so.0 Error: Package: packetfence-4.1.0-1.el6.noarch (PacketFence) Requires: rrdtool Error: Package: packetfence-4.1.0-1.el6.noarch (PacketFence) Requires: memcached Error: Package: packetfence-4.1.0-1.el6.noarch (PacketFence) Requires: perl-rrdtool Error: Package: perl-GD-SecurityImage-1.70-1.el6.noarch (epel) Requires: perl(Image::Magick) Error: Package: perl-Email-Valid-0.184-1.of.el6.noarch (of) Requires: perl(Net::DNS) Error: Package: perl-GD-SecurityImage-1.70-1.el6.noarch (epel) Requires: perl(GD) Error: Package: packetfence-4.1.0-1.el6.noarch (PacketFence) Requires: perl(Net::DNS) = 0.65-4 You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest Could you tell me how to deal with this? Thanks! |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1798 | [PacketFence] captive portal | minor | have not tried | 2014-05-25 08:07 | 2014-06-02 08:10 |
|
|||||
Reporter: | hbongers | Platform: | Linux | ||
Assigned To: | fdurand | OS: | RHEL / CentOS | ||
Priority: | normal | OS Version: | 6 | ||
Status: | resolved | Product Version: | 4.2.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Captive Portal Exception in version 4.2.1 | ||||
Description: | The Captive Portal Exception as reported in issue 0001794 still exists in 4.2.1 after upgrading from 4.1 in an inline setup | ||||
Steps To Reproduce: |
Upgrade from 4.1 to 4.2.1 in an inline setup. Open captive portal |
||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
captiveportal on Catalyst 5_90011.htm (16,922) 2014-05-27 06:01 https://www.packetfence.org/bugs/file_download.php?file_id=209&type=bug |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1802 | [PacketFence] hardware modules | feature | have not tried | 2014-05-31 20:38 | 2014-06-02 08:08 |
|
|||||
Reporter: | jsuddarth | Platform: | TPLink | ||
Assigned To: | OS: | OpenWRT firmware | |||
Priority: | high | OS Version: | any | ||
Status: | new | Product Version: | 4.2.2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Add TPLink Access Point hardware/firmware support | ||||
Description: |
Add support for TPLink AP's (running OpenWRT firmware) for ease of integration and low-cost option for medium-large scale deployments. The customizability and features that come with OpenWRT make this a great option for hobbyists and people who want to deploy a solution on a budget. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1800 | [PacketFence] captive portal | minor | always | 2014-05-28 09:10 | 2014-06-02 08:07 |
|
|||||
Reporter: | jwesleyb | Platform: | 64bits | ||
Assigned To: | fdurand | OS: | CentOS | ||
Priority: | normal | OS Version: | 6.5 | ||
Status: | resolved | Product Version: | 4.2.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Packetfence does not redirect to register | ||||
Description: | Hi, I'm having trouble with my PF because it is not redirecting to the captive portal. I have a network in inline mode with two interfaces (eth0 - inline / eth1 - management) | ||||
Steps To Reproduce: | |||||
Additional Information: |
#vim /usr/local/pf/conf/pf.conf [general] domain=localhost hostname = localhost dnsservers = 10.1.1.1 dhcpservers = 10.1.1.1 [alerting] emailaddr=j.wesley7@yahoo.com.br [database] pass=mypass [captive_portal] secure_redirect=disabled [interface eth0] enforcement=inline type=internal ip=192.168.1.1 mask=255.255.255.0 [interface eth1] ip=10.1.1.58 gateway=10.1.1.1 type=management mask=255.255.255.0 #vim /usr/local/pf/conf/networks.conf [192.168.1.0] netmask=255.255.255.0 gateway=192.168.1.1 next_hop= domain-name=inline.localdomain dns=8.8.8.8 dhcp_start=192.168.1.10 dhcp_end=192.168.1.120 dhcp_default_lease_time=300 dhcp_max_lease_time=600 type=inline named=disabled dhcpd=enabled #vim /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 ONBOOT=yes BOOTPROTO=static IPADDR=192.168.1.1 NETMASK=255.255.255.0 VLAN=yes #vim /etc/sysconfig/network-scripts/ifcfg-eth1 DEVICE=eth1 BOOTPROTO=dhcp NETWORK=10.1.1.0 ONBOOT=yes TYPE=Ethernet |
||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1801 | [PacketFence] captive portal | minor | have not tried | 2014-05-30 08:14 | 2014-06-01 16:22 |
|
|||||
Reporter: | sisu | Platform: | All | ||
Assigned To: | fdurand | OS: | Ubuntu | ||
Priority: | normal | OS Version: | 12.4.4 LTS | ||
Status: | resolved | Product Version: | 4.2.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.2.2 | ||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Packetfence captive portal not function correct Product Version 4.2.2 | ||||
Description: | With the new Packetfence release 4.2.2 I get the following error message (See Upload File) on Captive Portal landing page | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Unbenannt.PNG (31,102) 2014-05-30 08:14 https://www.packetfence.org/bugs/file_download.php?file_id=211&type=bug Error.txt (7,291) 2014-05-30 08:40 https://www.packetfence.org/bugs/file_download.php?file_id=212&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1700 | [PacketFence] security | minor | always | 2013-08-23 05:20 | 2014-05-29 11:45 |
|
|||||
Reporter: | olive35 | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Mysql password and user passwords | ||||
Description: |
Hi, Here is my problem ... I see all password in clear text on my server. In PF configuration : /usr/local/pf/conf/pf.conf We can find the password of the MySQL database (ie pass=p@...). I connect to the DB with this password. Now i can see all the tables used in PF. And i can see all user passwords in table 'temporary_password'. Next i try to change the admin password in the DB and it works ! This is a security issue ? How to remedy this problem and replace passwords by hashes ? Regards, Olive PS : I already talk about this issue on the user mailing list |
||||
Steps To Reproduce: | |||||
Additional Information: |
Here commands i used (non root) : * grep -E '(pass(word)?=).*' -nR --color /usr/local/pf/conf/ mysql -u pf -pp@... pf SHOW TABLES; SELECT * from temporary_password; UPDATE temporary_password SET password='123456' WHERE pid='admin';* and connect to the admin web interface. |
||||
Attached Files: |
1.html (410) 2014-05-29 11:45 https://www.packetfence.org/bugs/file_download.php?file_id=210&type=bug |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1799 | [PacketFence] web admin | minor | have not tried | 2014-05-26 17:20 | 2014-05-26 17:20 |
|
|||||
Reporter: | lpelet | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 4.2.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | bulk removing nodes/users | ||||
Description: | that could be great if we can remove nodes or users by bulk | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1794 | [PacketFence] captive portal | minor | always | 2014-05-08 11:15 | 2014-05-25 22:13 |
|
|||||
Reporter: | shikasensei | Platform: | Linux | ||
Assigned To: | jrouzier | OS: | Debian | ||
Priority: | normal | OS Version: | 7 (Wheezy) | ||
Status: | resolved | Product Version: | 4.2.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.2.1 | ||
Target Version: | |||||
fixed in git revision: | e10dfba5d840460df5858eb0ece4ee4cfc66e9f8 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | caught exeption on node registaration page, captive portal | ||||
Description: | When I want to register an a new device through captive portal I get a node registration page with messages (I provided them in Additional Information field) above normal page content (login/pass fields and etc.). Also after login attempt I get page, which is attached to the report. | ||||
Steps To Reproduce: | |||||
Additional Information: |
Caught exception in captiveportal::Controller::Root->setupCommonStash "Undefined subroutine &captiveportal::PacketFence::Model::Portal::Session::enabled called at /usr/local/pf/html/captive-portal/lib/captiveportal/PacketFence/Model/Portal/Session.pm line 138." Caught exception in captiveportal::Controller::Root->getLanguages "Undefined subroutine &captiveportal::PacketFence::Model::Portal::Session::enabled called at /usr/local/pf/html/captive-portal/lib/captiveportal/PacketFence/Model/Portal/Session.pm line 138." Caught exception in captiveportal::Controller::Root->setupLanguage "Can't use string ("0") as an ARRAY ref while "strict refs" in use at /usr/local/pf/html/captive-portal/lib/captiveportal/PacketFence/Controller/Root.pm line 111." |
||||
System Description | |||||
Attached Files: |
captiveportal on Catalyst 5.90015.html (20,687) 2014-05-08 11:15 https://www.packetfence.org/bugs/file_download.php?file_id=208&type=bug |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1793 | [PacketFence] web admin | minor | always | 2014-05-07 23:30 | 2014-05-15 23:06 |
|
|||||
Reporter: | shikasensei | Platform: | Linux | ||
Assigned To: | fdurand | OS: | Debian | ||
Priority: | normal | OS Version: | 7 (Wheezy) | ||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.2.1 | ||
Target Version: | |||||
fixed in git revision: | d335f587db373e4cc63d3711cffd47d3f6fb419d | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | web admin interface doesn't start after install | ||||
Description: | After install Packetfence admin web interface doesn't start.So I can't get access to configurator. Few days before all worked well. | ||||
Steps To Reproduce: | |||||
Additional Information: |
* Please fire up your Web browser and go to https://@ip_packetfence:1443/configurator [^] to complete your PacketFence configuration. * Please stop your iptables service if you don't have access to configurator. service|command memcached|start httpd.admin|not started Checking configuration sanity... FATAL - please define exactly one management interface FATAL - internal network(s) not defined! FATAL - Unable to connect to your database. Please verify your connection settings in conf/pf.conf and make sure that it is started. FATAL - networks.conf cannot be empty when services.dhcpd is enabled WARNING - We have been unable to load your configuration. Are you sure you ran configurator ? If needed here is httpd.admin.log May 08 08:58:52 httpd.admin(5018) INFO: pfappserver powered by Catalyst 5.90015 (Catalyst::setup) May 08 08:58:52 httpd.admin(5018) WARN: Deprecated 'static' config key used, please use the key 'Plugin::Static::Simple' instead (Class::MOP::Class:::before) May 08 09:01:21 httpd.admin(5224) INFO: pfappserver powered by Catalyst 5.90015 (Catalyst::setup) May 08 09:01:21 httpd.admin(5224) WARN: Deprecated 'static' config key used, please use the key 'Plugin::Static::Simple' instead (Class::MOP::Class:::before) May 08 09:09:09 httpd.admin(5434) INFO: pfappserver powered by Catalyst 5.90015 (Catalyst::setup) May 08 09:09:09 httpd.admin(5434) WARN: Deprecated 'static' config key used, please use the key 'Plugin::Static::Simple' instead (Class::MOP::Class:::before) |
||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1797 | [PacketFence] configuration | minor | have not tried | 2014-05-14 16:12 | 2014-05-14 16:15 |
|
|||||
Reporter: | lpelet | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 4.2.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Renaming portal profile won't move files. | ||||
Description: |
When we rename a portal profile in admin GUI, it does not move the files. we should make the field for the name of the portal profile unwritable. And log a message when we don't find the file in the portal profile and we fall-back to the default file. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1796 | [PacketFence] security | minor | always | 2014-05-12 06:00 | 2014-05-12 08:19 |
|
|||||
Reporter: | jochen | Platform: | Linux | ||
Assigned To: | jrouzier | OS: | RHEL / CentOS | ||
Priority: | normal | OS Version: | 6 | ||
Status: | assigned | Product Version: | 4.2.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | 4.2.1 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | snort not started | ||||
Description: |
Snort is no longer started by packetfence. Reverting this change in pf/services/manager/roles/pf_conf_trapping_engine.pm fixed the issue for me: # return $monitor_int && isenabled($Config{'trapping'}{'detection'}) && $Config{'trapping'}{'detection_engine'} eq $self->name && $self->$orig(@_) ? 1 : 0; return $monitor_int && isenabled($Config{'trapping'}{'detection'}) && $Config{'trapping'}{'detection_engine'} eq $self->name; |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1795 | [PacketFence] upgrade | minor | always | 2014-05-12 05:12 | 2014-05-12 06:33 |
|
|||||
Reporter: | jochen | Platform: | Linux | ||
Assigned To: | francis | OS: | RHEL / CentOS | ||
Priority: | normal | OS Version: | 6 | ||
Status: | resolved | Product Version: | 4.2.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.2.1 | ||
Target Version: | |||||
fixed in git revision: | 4695a0b37d6ce49e5594f4edc4739eebfef33497 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | SQL Upgrade fails due to extra dashes in SQL script | ||||
Description: |
db/upgrade-4.1.0-4.2.0.sql has some extra dashes causing syntax errors in the SQL script FIX: s/---/--/g |
||||
Steps To Reproduce: | Run upgrade script | ||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1776 | [PacketFence] web admin | minor | have not tried | 2014-03-14 14:03 | 2014-05-08 06:31 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.2.0 | ||
Target Version: | 4.2.0 | ||||
fixed in git revision: | 40136b458f756920b81a353948a60fb1220d21c8 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Default value of Access duration choices | ||||
Description: | Under "Admin registration" of the configuration page, the default value of the access duration choices should *not* be displayed as a placeholder since it becomes painful to modify it. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1789 | [PacketFence] radius | minor | always | 2014-04-28 18:26 | 2014-05-07 08:30 |
|
|||||
Reporter: | victor | Platform: | All | ||
Assigned To: | fdurand | OS: | All | ||
Priority: | normal | OS Version: | All | ||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Unable extract SSID on Cisco 1142 | ||||
Description: |
Cisco 1142 apparently sends multiple Cisco-AVPair records back to the radius server and trips over extractSsid sub. tail -f logs/packetfence.log Apr 28 08:13:46 pf::WebAPI(4307) INFO: Unable to extract SSID of Cisco-AVPair: ARRAY(0xbaf6fcc8) (pf::SNMP::Cisco::Aironet::extractSsid) Output from /usr/sbin/radiusd -X -d /usr/local/pf/raddb/ Cisco-AVPair = "ssid=TEST" Service-Type = Login-User Cisco-AVPair = "service-type=Login" As a quick workaround I changed $radius_request->{'Cisco-AVPair'} into $radius_request->{'Cisco-AVPair'}[0] but a permanent fix should be better than that. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
extractSsid.patch (978) 2014-05-05 14:49 https://www.packetfence.org/bugs/file_download.php?file_id=207&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1758 | [PacketFence] core | minor | always | 2014-01-15 12:06 | 2014-05-07 08:30 |
|
|||||
Reporter: | jochen | Platform: | Linux | ||
Assigned To: | fdurand | OS: | RHEL / CentOS | ||
Priority: | normal | OS Version: | 6 | ||
Status: | resolved | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | perl-Moose-2.1200-1.of.el6 complains Class::MOP::load_class is deprecated at /usr/lib64/perl5/vendor_perl/Class/MOP.pm line 76. | ||||
Description: | Many components of packentfence complain about deprecated Class::MOP::load_class as soon as perl-Moose-2.1200-1.of.el6.x86_64.rpm is installed. Older version perl-Moose-2.1005-1.of.el6.x86_64.rpm works OK. | ||||
Steps To Reproduce: |
Install perl-Moose-2.1005-1.of.el6.x86_64.rpm Execute /usr/local/pf/bin/pfcmd service pf watch |
||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1790 | [PacketFence] web admin | feature | have not tried | 2014-05-01 10:43 | 2014-05-01 12:33 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.2.0 | ||
Target Version: | |||||
fixed in git revision: | 207ea2a94c1fbf9ec26ce76c8ffdb9c0e9cd4d95 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Nodes - search by OS | ||||
Description: | The simple and advanced search form should allow to search nodes by OS (DHCP). | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1792 | [PacketFence] web admin | minor | have not tried | 2014-05-01 11:57 | 2014-05-01 11:58 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Export search results to CSV | ||||
Description: | The results of a simple or advanced search on the Nodes or Users page should be exportable as a CSV file. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1791 | [PacketFence] web admin | feature | have not tried | 2014-05-01 11:48 | 2014-05-01 11:48 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Searches: customizable number of results per page | ||||
Description: | We should allow the user to change the number of results per page, at least on the Nodes and Users pages. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1780 | [PacketFence] web admin | minor | always | 2014-03-27 15:52 | 2014-04-24 12:21 |
|
|||||
Reporter: | lzammit | Platform: | All | ||
Assigned To: | francis | OS: | All | ||
Priority: | normal | OS Version: | All | ||
Status: | resolved | Product Version: | 4.1.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.2.0 | ||
Target Version: | |||||
fixed in git revision: | 99acc5e52d13a1f45c123136cb079221ab35b1ef | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | does not direct after a second authentication on the web admin | ||||
Description: | if you are on the node page like /admin/nodes and you will need to be authenticate again, after a successful authentication you will be redirected to /configuration and not /admin/nodes | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1210 | [PacketFence] error-handling | minor | always | 2011-04-21 08:42 | 2014-04-24 11:58 |
|
|||||
Reporter: | jamest | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | confirmed | Product Version: | 2.1.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | 3.6.1 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Can't add/edit person with pfcmd if firstname or lastname have spaces in them | ||||
Description: |
If you try and add a person with pfcmd person add pid and have an assignment of firstname or surname with the add, this will fail with grammar test failed if the name has a space in it. The same thing happens with edit. There's nothing I could see in the admin guide saying that names with spaces in are invalid, they can be added directly into the database with no apparent ill effect. I would suggest that either pfcmd is fixed to allow these names (as people do have them in real life), or the restriction is documented and pfcmd gives a more meaningful error message. |
||||
Steps To Reproduce: | |||||
Additional Information: |
Some example output: ./pfcmd person add test5 firstname="space in the middle" Command not understood. (pfcmd grammar test failed at line 223.) Usage: pfcmd person <add|view|edit|delete> pid [assignments] manipulate person entries examples: pfcmd person view all pfcmd person add bjenkins notes="Bob Jenkins" pfcmd person delete bjenkins ./pfcmd person add test5 surname="space in the middle" Command not understood. (pfcmd grammar test failed at line 223.) Usage: pfcmd person <add|view|edit|delete> pid [assignments] manipulate person entries examples: pfcmd person view all pfcmd person add bjenkins notes="Bob Jenkins" pfcmd person delete bjenkins ./pfcmd person add test5 firstname="underscore_in_the_middle" |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1775 | [PacketFence] configuration | block | always | 2014-03-13 10:08 | 2014-04-17 14:07 |
|
|||||
Reporter: | DanCreed | Platform: | Latest Packetfence Zen | ||
Assigned To: | dwuelfrath | OS: | N/A | ||
Priority: | urgent | OS Version: | N/A | ||
Status: | resolved | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.2.0 | ||
Target Version: | 4.2.0 | ||||
fixed in git revision: | 90cc0a1796a84fce5155284b49129bdc87efe3ff | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Thread 1 terminated abnormally: Undefined subroutine &pf::SNMP::Cisco::Catalyst_2960::handleReAssignVlanTrapForWiredMacAuth call | ||||
Description: |
Won't change VLAN's with PacketFence Zen (latest version) Thread 1 terminated abnormally: Undefined subroutine &pf::SNMP::Cisco::Catalyst_2960::handleReAssignVlanTrapForWiredMacAuth called at /usr/local/pf/sbin/pfsetvlan line 1618 (switch is a Cisco 3750) |
||||
Steps To Reproduce: | Problem changing VLAN's for any switch using the Catalyst_2960.pm as a base. | ||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
1775-temp_patch.diff (1,201) 2014-03-14 11:10 https://www.packetfence.org/bugs/file_download.php?file_id=205&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1787 | [PacketFence] configuration | minor | always | 2014-04-16 14:23 | 2014-04-16 16:08 |
|
|||||
Reporter: | lpelet | Platform: | Linux | ||
Assigned To: | dwuelfrath | OS: | RHEL / CentOS | ||
Priority: | normal | OS Version: | 6 | ||
Status: | assigned | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | configurator breaks system network configuration | ||||
Description: |
NETWORKING=yes HOSTNAME=pf.localdomain GATEWAY=172.21.2.1 instead of NETWORKING=yes HOSTNAME=pf.localdomain GATEWAY=172.21.2.1 |
||||
Steps To Reproduce: | if your gateway is set in /etc/sysconfig/network-scripts/ifcfg-ethx PacketFence configurator will rearrange your system network configuration | ||||
Additional Information: | maybe we should keep the gateway in the /etc/sysconfig/network-scripts/ifcfg-ethx, if it has been already manually configured. | ||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1785 | [PacketFence] core | major | always | 2014-04-04 08:04 | 2014-04-04 08:04 |
|
|||||
Reporter: | canepan | Platform: | Linux | ||
Assigned To: | OS: | RHEL / CentOS | |||
Priority: | normal | OS Version: | 6 | ||
Status: | new | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | When database is stoped, pfmon ends in an inconsistent state | ||||
Description: |
To perform backup, we stop the database of PacketFence every night. If pfmon tries to access the DB during the backup, it logs: Apr 02 18:00:23 pfmon(0) INFO: running expire check (main::cleanup) Apr 02 18:00:23 pfmon(0) INFO: checking registered nodes for expiration (main::cleanup) Apr 02 18:00:23 pfmon(0) WARN: database query failed with: MySQL server has gone away. (errno: 2006), will try again (pf::db::db_query_execute) Apr 02 18:00:23 pfmon(0) FATAL: unable to connect to database: Can't connect to MySQL server on '127.0.0.1' (111) at /usr/local/pf/lib/pf/node.pm line 888. (pf::db::db_connect) Apr 02 18:00:23 pfmon(0) ERROR: Error restarting pfmon: unable to connect to database: Can't connect to MySQL server on '127.0.0.1' (111) at /usr/local/pf/lib/pf/node.pm line 888. (main::cleanup) Also, pfmon results running with "ps", but "pfcmd service pfmon status" doesn't agree: /usr/local/pf # ./bin/pfcmd service pfmon status service|shouldBeStarted|pid pfmon|1|0 so it's not possible to restart it without doing kill to the running process. Nodes expired after this happening are not requested login again (they are registered forever), and so they do not expire |
||||
Steps To Reproduce: |
1) start PacketFence 2) stop database 3) wait a minute |
||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1688 | [PacketFence] captive portal | minor | always | 2013-08-14 12:17 | 2014-04-03 14:01 |
|
|||||
Reporter: | KimHagen | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Captive portal access to common/network-access-detection.gif use lan ip. | ||||
Description: |
In the Captive portal option to enter an ip for access to common/network-access-detection.gif it states that you can use your LAN ip here. This is however fire-walled (in inline mode). |
||||
Steps To Reproduce: | |||||
Additional Information: |
I made a patch to iptables.pm so it works. is it safe to put this patch? --- /usr/src/iptables.pm 2013-08-14 18:01:53.000000000 +0200 +++ /usr/local/pf/lib/pf/iptables.pm 2013-08-14 18:02:26.256478576 +0200 @@ -187,6 +187,7 @@ $rules .= "-A INPUT --in-interface $dev -d $ip --jump $FW_FILTER_INPUT_INT_INLINE\n"; $rules .= "-A INPUT --in-interface $dev -d 255.255.255.255 --jump $FW_FILTER_INPUT_INT_INLINE\n"; $rules .= "-A INPUT --in-interface $dev -d $mgmt_ip --protocol tcp --match tcp --dport 443 --jump ACCEPT\n"; + $rules .= "-A INPUT --in-interface $dev -d $mgmt_ip --protocol tcp --match tcp --dport 80 --jump ACCEPT\n"; $rules .= "-A FORWARD --in-interface $dev --jump $FW_FILTER_FORWARD_INT_INLINE\n"; # nothing? something is wrong regards, Kim |
||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1784 | [PacketFence] guests | minor | have not tried | 2014-04-03 10:29 | 2014-04-03 10:30 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Extend list of email-to-SMS gateways | ||||
Description: |
We are missing a lot of carriers from Europe. We must find a reliable source. Current list comes from http://gitorious.org/statusnet/mainline/blobs/raw/master/db/sms_carrier.sql [^] |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1783 | [PacketFence] dhcp | minor | have not tried | 2014-04-02 18:37 | 2014-04-02 23:07 |
|
|||||
Reporter: | lpelet | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | dhcpd no lease free | ||||
Description: |
I had a mask mismatching between the centos configuration and the pf.conf and the network. it could be interesting to have a error message telling us there is a mismatch. thanks |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1782 | [PacketFence] web admin | minor | always | 2014-04-02 15:39 | 2014-04-02 17:16 |
|
|||||
Reporter: | bclaiborne | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | feedback | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | reopened | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.1 | ||
Target Version: | |||||
fixed in git revision: | 7fa605f91765e9bdf7371dd87a3e07851219b19a | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | IP address column not populating | ||||
Description: | The IP address column on the 'Nodes' tab of Web Admin does not show an IP address for some nodes. | ||||
Steps To Reproduce: | |||||
Additional Information: | It looks like nodes with an end date, even when the end date is a future date, do not show the IP address of that node in the IP Address column. Therefore, nodes cannot be sorted effectively by IP address. | ||||
Attached Files: |
Notes | |||||
|
|||||
|
|||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1781 | [PacketFence] core | minor | have not tried | 2014-04-01 16:01 | 2014-04-01 16:02 |
|
|||||
Reporter: | dwuelfrath | Platform: | |||
Assigned To: | dwuelfrath | OS: | |||
Priority: | normal | OS Version: | |||
Status: | assigned | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Wrong workflow when trapping.registration is disabled | ||||
Description: |
- Evaluation on whether registration feature is enabled or not (trapping.registration in pf.conf) is made in getRegistrationVlan and that is kind of wrong. That evaluation should be done (at this point) in fetchVlanForNode rather than going in getRegistrationVlan and exiting saying "we do not use registration" and then going in getNormalVlan. - When we are not using registration feature (trapping.registration in pf.conf) and a new node is connecting on the network, no category/role is being assigned to that node so getNormalVlan is unable to successfully assign a VLAN based on that "no role". |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1779 | [PacketFence] core | major | always | 2014-03-26 07:00 | 2014-03-26 08:56 |
|
|||||
Reporter: | lpelet | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.1 | ||
Target Version: | |||||
fixed in git revision: | 5a788205a47ee54116eca01eeb8c06971647ad8c | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | pfmon unable to do maintenance if mac is without delimiter | ||||
Description: |
If you are using network equipment like HP controller that sends to PacketFence a mac formatted without delimiter like d20019e59060. Pfmon by pfcmd will be unable to process the mac address and it will be unable to do the maintenance (unregistration) on it. It's fixed in commit 5a788205a47ee54116eca01eeb8c06971647ad8c, by adding a simple clean_mac before sending the mac address to Pfmon. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1772 | [PacketFence] addons | minor | always | 2014-03-03 14:41 | 2014-03-20 21:13 |
|
|||||
Reporter: | mrobbert | Platform: | All | ||
Assigned To: | francis | OS: | All | ||
Priority: | normal | OS Version: | All | ||
Status: | resolved | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.1 | ||
Target Version: | |||||
fixed in git revision: | 8255430c40643b8f059f01c37f8acc00063c6db5 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | logrotate doesn't properly rotate logs due to syntax error | ||||
Description: |
There is a duplicate file entry in the packetfence logrotate configuration file that is apparently causing it to not read the rest of the file, therefore it doesn't do the copytruncate. The logs get moved instead of copied and since there is no restart they continue to log to the old log files. I have sent a pull request (0000125) on Github with a fix. |
||||
Steps To Reproduce: |
1. run logrotate 2. Observe that logs are getting written to old log files or use lsof/fuser to see that running processes still have old files open. |
||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1665 | [PacketFence] web admin | feature | always | 2013-07-09 20:46 | 2014-03-20 21:08 |
|
|||||
Reporter: | Xen0Phage | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.0 | ||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | No way to add a node via the GUI | ||||
Description: |
With our current NAC system we can manually add new devices via the GUI. We're able to add the MAC of the device, the role it should be in, and a description. The description is incredibly useful for identifying devices quickly. This doesn't appear to be possible in PF 4.0.1, though there is the CLI method for adding a node, albeit without a description. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1778 | [PacketFence] security | major | always | 2014-03-20 12:25 | 2014-03-20 21:07 |
|
|||||
Reporter: | lpelet | Platform: | All | ||
Assigned To: | francis | OS: | All | ||
Priority: | high | OS Version: | All | ||
Status: | resolved | Product Version: | 4.0.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.1 | ||
Target Version: | |||||
fixed in git revision: | 27bd6016b8a13638b2c6c06061f4ad4ecf9588c1 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | admin user gain role default | ||||
Description: |
In the database schema >= 4.0.0, we define the user admin with the category = 1. It lets the user admin to gain the role default if authenticated on the captive portal. Verify that your admin password is strong else users can guess it and register devices with role default. If you don't use the user admin on the captive portal, remove this capability on the user tab in users properties for admin. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1777 | [PacketFence] web admin | feature | N/A | 2014-03-14 14:09 | 2014-03-14 14:09 |
|
|||||
Reporter: | lpelet | Platform: | All | ||
Assigned To: | OS: | All | |||
Priority: | normal | OS Version: | All | ||
Status: | new | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | verify fingerbank version before share unknow fingerprints | ||||
Description: | We should warn the Administrator trying to share unknown fingerprints by saying that the fingerprint database currently installed is outdated and propose him to download the new one. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1774 | [PacketFence] core | feature | always | 2014-03-12 14:43 | 2014-03-12 14:43 |
|
|||||
Reporter: | Xen0Phage | Platform: | Linux | ||
Assigned To: | OS: | RHEL / CentOS | |||
Priority: | normal | OS Version: | 6 | ||
Status: | new | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | CLI should allow multiple formats for node identification | ||||
Description: | 4.1 added the ability, in the web UI, to use multiple formats to identify a node. For instance, the standard colon notation, dotted notation, dashed notation, etc. The command line version of this (pfcmd lookup) doesn't seem to allow anything other than colon notation. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1773 | [PacketFence] i18n | minor | always | 2014-03-04 04:48 | 2014-03-06 09:09 |
|
|||||
Reporter: | liqiang | Platform: | i386 | ||
Assigned To: | OS: | CentOS | |||
Priority: | high | OS Version: | 6.5 | ||
Status: | new | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Why multi-language translation fails | ||||
Description: |
I have translated some strings of file that I18N/en.po to Chinese, and change the file type to utf-8. Part Content: ============= "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" ============= AND: ============= # html/pfappserver/root/user/create.tt msgid "Create Users" msgstr "????" # html/pfappserver/root/user/create.tt msgid "Create local users that trigger specific actions." msgstr "????????????" # html/pfappserver/lib/pfappserver/Form/Config/Switch.pm # html/pfappserver/lib/pfappserver/Form/User.pm # html/pfappserver/lib/pfappserver/Form/User/Create/Import.pm # html/pfappserver/lib/pfappserver/Form/User/Create/Single.pm # html/pfappserver/root/admin/login.tt # html/pfappserver/root/configurator/admin.tt # html/pfappserver/root/configurator/database.tt # html/pfappserver/root/user/list_password.tt # html/pfappserver/root/user/print.tt msgid "Username" msgstr "???" # html/pfappserver/lib/pfappserver/Form/Authentication/Source/LDAP.pm # html/pfappserver/lib/pfappserver/Form/Config/Switch.pm # html/pfappserver/lib/pfappserver/Form/User/Create/Import.pm # html/pfappserver/lib/pfappserver/Form/User/Create/Single.pm # html/pfappserver/root/admin/login.tt # html/pfappserver/root/authentication/source/type/AD.tt # html/pfappserver/root/authentication/source/type/LDAP.tt # html/pfappserver/root/configurator/admin.tt # html/pfappserver/root/configurator/database.tt # html/pfappserver/root/user/list_password.tt # html/pfappserver/root/user/print.tt # html/pfappserver/root/user/view.tt msgid "Password" msgstr "??" # html/pfappserver/root/node/create.tt # html/pfappserver/root/user/create.tt msgid "Single" msgstr "??" ============= But after the restart the service, WEB pages is not displayed correctly. COMMAND: /usr/local/pf/bin/pfcmd service httpd.admin restart The WEB page have not button of submit. WHY? thanks, |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Source Error.jpg (294,000) 2014-03-04 04:48 https://www.packetfence.org/bugs/file_download.php?file_id=202&type=bug WEB Error..jpg (57,185) 2014-03-04 04:48 https://www.packetfence.org/bugs/file_download.php?file_id=203&type=bug en.po (135,304) 2014-03-04 04:50 https://www.packetfence.org/bugs/file_download.php?file_id=204&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1762 | [PacketFence] configuration | major | always | 2014-01-25 08:26 | 2014-03-03 14:54 |
|
|||||
Reporter: | rishabh0510 | Platform: | Linux | ||
Assigned To: | OS: | RHEL / CentOS | |||
Priority: | normal | OS Version: | 6 | ||
Status: | new | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | epel error | ||||
Description: |
unable to fix this error while installation [root@localhost yum.repos.d]# yum groupinstall --enablerepo=PacketFence,epel,rpmforge,of PacketFence-complete Loaded plugins: fastestmirror, refresh-packagekit, security Loading mirror speeds from cached hostfile Error: Cannot retrieve metalink for repository: epel. Please verify its path and try again help to fix this issue |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1771 | [PacketFence] web admin | feature | always | 2014-02-27 14:58 | 2014-02-27 14:58 |
|
|||||
Reporter: | Leonel Bonito | Platform: | All | ||
Assigned To: | OS: | All | |||
Priority: | normal | OS Version: | All | ||
Status: | new | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Nodes - Add options to search | ||||
Description: |
It would be nice if there was an option in the Advanced Search, to search for Status (registered/unregistered) and for Role. Also, when I try to make a search to get all persons, I choose "Person name" / "is not" and leave the next field empty, and nothing returns to me. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1770 | [PacketFence] hardware modules | minor | always | 2014-02-26 12:58 | 2014-02-26 12:58 |
|
|||||
Reporter: | Jean-Noel Martineau | Platform: | HP Procurve 2530-24G | ||
Assigned To: | OS: | All | |||
Priority: | normal | OS Version: | YA.15.12.0007 | ||
Status: | new | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | pfsetvlan INFO: ignoring unknown trap | ||||
Description: |
Hello, a plug/unplug on HP 2530-24G port generate this snmp trap which seem to be ignored by pfsetvlan, debug trace here : Feb 26 18:40:55 pfsetvlan(21) INFO: ignoring unknown trap: 2014-02-26|17:40:52|UDP: [10.200.201.135]:161->[10.50.76.113]|10.200.201.135|BEGIN TYPE 6 END TYPE BEGIN SUBTYPE .2 END SUBTYPE BEGIN VARIABLEBINDINGS .1.3.6.1.2.1.16.9.1.1.2.76 = STRING: I 02/26/14 18:40:54 00076 ports: port 7 is now on-line END VARIABLEBINDINGS (main::parseTrap) Feb 26 18:40:55 pfsetvlan(25) INFO: ignoring unknown trap: 2014-02-26|17:40:52|UDP: [10.200.201.135]:161->[10.50.76.113]|10.200.201.135|BEGIN TYPE 3 END TYPE BEGIN SUBTYPE 0 END SUBTYPE BEGIN VARIABLEBINDINGS .1.3.6.1.2.1.2.2.1.1.7 = INTEGER: 7|.1.3.6.1.2.1.2.2.1.7.7 = INTEGER: up(1)|.1.3.6.1.2.1.2.2.1.8.7 = INTEGER: up(1)|.1.3.6.1.2.1.2.2.1.2.7 = STRING: 7|.1.3.6.1.2.1.31.1.1.1.18.7 = STRING: END VARIABLEBINDINGS (main::parseTrap) Can we customize packetfence to accept them ? Thanks. Jean-Noel |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1769 | [PacketFence] captive portal | minor | always | 2014-02-11 07:31 | 2014-02-14 11:14 |
|
|||||
Reporter: | erSitzt | Platform: | Linux | ||
Assigned To: | fdurand | OS: | Ubuntu | ||
Priority: | normal | OS Version: | 12.04.3 LTS | ||
Status: | resolved | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | +1 | ||
Target Version: | |||||
fixed in git revision: | https://github.com/inverse-inc/packetfence/commit/57122f4dc4bdf4d73e64335f66519a1f0a889ce2 [^] | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Proxy Interception : 503 Service Unavailable | ||||
Description: |
I've enabled proxy interception for the default ports 8080 and 3128 and seems to work with regard to the log entries and the url changing to the packetfence fqdn. But instead of the captive portal i get a 503 Service Unavailable Error /etc/hosts has 127.0.0.1 for the fqdn of packetfence |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
reverse_reproxy_error_log (681,741) 2014-02-11 07:49 https://www.packetfence.org/bugs/file_download.php?file_id=199&type=bug proxy_error_log (2,432) 2014-02-11 07:49 https://www.packetfence.org/bugs/file_download.php?file_id=200&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1768 | [PacketFence] web admin | feature | unable to reproduce | 2014-02-11 05:29 | 2014-02-11 05:29 |
|
|||||
Reporter: | wvalkering | Platform: | All | ||
Assigned To: | OS: | All | |||
Priority: | normal | OS Version: | All | ||
Status: | new | Product Version: | 4.0.5-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Can't delete nodes whilst 'active' | ||||
Description: |
When you want to delete a user which has a node with an old location log open you can't remove the node and so you can not remove the user. An option to close the location log of a node would be nice so you won't have to close it manually on the server. Would save time and would be more user-friendly. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1750 | [PacketFence] captive portal | minor | have not tried | 2013-12-03 10:41 | 2014-02-10 13:39 |
|
|||||
Reporter: | tech | Platform: | All | ||
Assigned To: | OS: | win | |||
Priority: | high | OS Version: | sevem | ||
Status: | new | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Guest registration page doesn't show any submit button | ||||
Description: |
V 4.0.6-2 Hello all, i am setting up a guest registration page using Packet fence. However i have what seems to be a common problem, the guest registration page doesn't show any submit button. i was wondering if anyone has fixed it yet, any help on this would be great. many thanks ian |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
s1.png (30,620) 2013-12-03 11:08 https://www.packetfence.org/bugs/file_download.php?file_id=191&type=bug Screenshot.png (182,872) 2013-12-04 05:48 https://www.packetfence.org/bugs/file_download.php?file_id=193&type=bug Screenshot-1.png (187,978) 2013-12-04 05:48 https://www.packetfence.org/bugs/file_download.php?file_id=194&type=bug login page.png (48,886) 2013-12-09 05:31 https://www.packetfence.org/bugs/file_download.php?file_id=195&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1759 | [PacketFence] web admin | minor | always | 2014-01-16 05:39 | 2014-02-07 11:13 |
|
|||||
Reporter: | erSitzt | Platform: | Linux | ||
Assigned To: | francis | OS: | Ubuntu | ||
Priority: | normal | OS Version: | 12.04.3 | ||
Status: | resolved | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.1 | ||
Target Version: | |||||
fixed in git revision: | f1e234847617a17665e70670e3c7b215ad983e8c | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Can't set webadmin access level when creating a new user | ||||
Description: |
When creating a new user and adding the action "Set access level of web admin" no field to select the access level is displayed. If a user is edited this works. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
create_user_webadmin_accesslevel.PNG (33,310) 2014-01-16 05:39 https://www.packetfence.org/bugs/file_download.php?file_id=197&type=bug |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1729 | [PacketFence] web admin | minor | have not tried | 2013-10-10 10:09 | 2014-02-03 08:32 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.0 | ||
Target Version: | |||||
fixed in git revision: | f0660655caeb7205555bc22c9dd88b8aadbc8910 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Can't add rules to a freshly created authentication source | ||||
Description: | After having created an authentication source, it's impossible to add rules to it. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1763 | [PacketFence] web admin | trivial | always | 2014-01-31 13:00 | 2014-02-03 05:33 |
|
|||||
Reporter: | maikel | Platform: | All | ||
Assigned To: | OS: | All | |||
Priority: | normal | OS Version: | All | ||
Status: | new | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | 3.6 web based status and reports are missing from pf 4 | ||||
Description: |
All the stats are still there with the old way of pfcmd, though missing Still from the web the reports and status should get back as also reported on the mail list today. Most needed is a list of all open violations. I can make a feature request also of all missing 3.6 reports in differant bug ids. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1764 | [PacketFence] addons | minor | N/A | 2014-02-02 14:30 | 2014-02-02 14:30 |
|
|||||
Reporter: | mmcgrath | Platform: | All | ||
Assigned To: | OS: | All | |||
Priority: | low | OS Version: | All | ||
Status: | new | Product Version: | +0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Audit log for registrations | ||||
Description: |
We have 60+ student workers working the help desk. Every now and then when one of them manually registers a device, they do it wrong. They don't put an unreg date, they don't put a role, etc, etc, etc... Would it be possible to keep some kind of audit log, that is viewable via the web interface, of who registered a node (either the user themselves via the portal or secure connection or a helpdesk worker via the admin interface)? |
||||
Steps To Reproduce: | |||||
Additional Information: | I'm not sure if this is the proper place for enhancement requests...or if I've filled the form out properly. Please let me know. | ||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1745 | [PacketFence] error-handling | major | always | 2013-11-04 02:31 | 2014-01-30 12:03 |
|
|||||
Reporter: | rnaveed | Platform: | x86 | ||
Assigned To: | OS: | RHEL | |||
Priority: | high | OS Version: | 6.2 | ||
Status: | new | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | unable to install | ||||
Description: |
we are trying to install the PacketFence for testing purpose, we follow the Administration guide, but unable to install & receive following error. An early response to resolve this issue will be highly appreciated. ---> Package perl-Net-DNS.x86_64 0:0.66-1.of.el6 will be installed --> Processing Dependency: perl(Net::IP) >= 1.2 for package: perl-Net-DNS-0.66-1.of.el6.x86_64 ---> Package perl-PadWalker.x86_64 0:1.93-1.of.el6 will be installed ---> Package perl-Thread-Serialize.noarch 0:0.11-1.el6.rf will be installed --> Finished Dependency Resolution Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: rrdtool Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: perl(Net::DNS::Nameserver) = 749 Available: perl-Net-DNS-0.66-1.of.el6.x86_64 (of) perl(Net::DNS::Nameserver) = 835 Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: perl(Net::DNS::Nameserver) = 749 Installing: perl-Net-DNS-0.66-1.of.el6.x86_64 (of) perl(Net::DNS::Nameserver) = 835 Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: memcached Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: dhcp Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: perl-rrdtool Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: perl(Net::DNS) = 0.65-4 Installing: perl-Net-DNS-0.66-1.of.el6.x86_64 (of) perl(Net::DNS) = 0.66 Error: Package: perl-HTML-Tidy-1.08-5.el6.x86_64 (epel) Requires: libtidy-0.99.so.0()(64bit) Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: perl(Net::DNS) = 0.65-4 Available: perl-Net-DNS-0.66-1.of.el6.x86_64 (of) perl(Net::DNS) = 0.66 Error: Package: perl-GD-SecurityImage-1.70-1.el6.noarch (epel) Requires: perl(Image::Magick) Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: ipset Error: Package: perl-GD-SecurityImage-1.70-1.el6.noarch (epel) Requires: perl(GD) Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: zlib-devel Error: Package: perl-Net-DNS-0.66-1.of.el6.x86_64 (of) Requires: perl(Net::IP) >= 1.2 You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest [root@PF ~]# |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1761 | [PacketFence] captive portal | minor | always | 2014-01-20 11:16 | 2014-01-20 11:16 |
|
|||||
Reporter: | caralo | Platform: | Linux | ||
Assigned To: | OS: | Debian | |||
Priority: | normal | OS Version: | 7 (Wheezy) | ||
Status: | new | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Captive Portal needs packetfence restart to show locale characters right | ||||
Description: |
All the special locale characters (accented vowels,..) are shown as "?" unless you restart packetfence. It seems that the init.d script needs to source the locale LANG variable. It works if you add something like this to /etc/init.d/packetfence: if [ -f /etc/default/locale ]; then . /etc/default/locale export LANG fi Or you could add a locale LANG variable in /etc/default/packetfence. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1760 | [PacketFence] web admin | trivial | always | 2014-01-18 17:05 | 2014-01-20 09:14 |
|
|||||
Reporter: | mmcgrath | Platform: | Linux | ||
Assigned To: | francis | OS: | RHEL / CentOS | ||
Priority: | normal | OS Version: | 6 | ||
Status: | resolved | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.1 | ||
Target Version: | |||||
fixed in git revision: | c5a95038199edcb0e7640104ce2987a8487df053 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Unable to save searches under Nodes | ||||
Description: | Unable to save custom searches under Nodes (both Simple and Advanced searches). The Save Search box appears, I fill in a name and click Save -- nothing happens. I can click Save as many times as I want. The Close button properly closes the save box. | ||||
Steps To Reproduce: | Go to Nodes and try to save a search. | ||||
Additional Information: | I have tried Chrome 32, Firefox 26 and IE 10. | ||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1757 | [PacketFence] web admin | minor | always | 2014-01-13 10:24 | 2014-01-14 10:27 |
|
|||||
Reporter: | caralo | Platform: | Linux | ||
Assigned To: | francis | OS: | Debian | ||
Priority: | normal | OS Version: | 7 (Wheezy) | ||
Status: | resolved | Product Version: | 4.1.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.1 | ||
Target Version: | |||||
fixed in git revision: | dff8c1fbc9ff850cd50f7d705af36eb97f3e29c9 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | httpd.admin Error when applied role in nodes action menu | ||||
Description: |
When you select a node in the Nodes tab and try to apply a new role in the action menu, the node role gets changed but it doesnt evaluate the new role. So it doesnt change the vlan if it has to. If you examine packetfence.log, you can see: httpd.admin(0) ERROR: Odd number of elements in hash assignment at /usr/local/pf/html/pfappserver/lib/pfappserver/Base/Action/AdminRole.pm line 30. (pfappserver::__ANON__) If you change the node role directly pressing in the mac, everything works as expected. |
||||
Steps To Reproduce: |
Web gui -> Nodes Tab -> select one or more nodes Action menu -> Apply role -> Select any Role |
||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1756 | [PacketFence] error-handling | block | always | 2014-01-07 09:37 | 2014-01-08 12:44 |
|
|||||
Reporter: | dbsanch | Platform: | Linux | ||
Assigned To: | OS: | RHEL / CentOS | |||
Priority: | high | OS Version: | 6 | ||
Status: | new | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Configuration Wizard: Unable to proceed past Administration Tab | ||||
Description: | Cannot proceed past Administration Tab in Configuration Wizard. Will not allow modification of password or use of current password to Continue. Did not work with admin / admin either. | ||||
Steps To Reproduce: |
1. Fill out tabs in Configuration Wizard 2. Get to Administration Tab 3. Use default admin / admin 4. Try to enter new password - example pfuseradmiN and press modify 5. Press 'Continue' |
||||
Additional Information: | error: Verify configuration - cannot proceed with install. Would like to know if there is a work-around to the GUI interface. | ||||
System Description | |||||
Attached Files: |
steps.docx (1,123,596) 2014-01-08 12:44 https://www.packetfence.org/bugs/file_download.php?file_id=196&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1685 | [PacketFence] web admin | minor | always | 2013-08-14 06:17 | 2013-12-17 09:32 |
|
|||||
Reporter: | muhlig | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.4 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.1 | ||
Target Version: | |||||
fixed in git revision: | 66139bb516f17c579ae06aadb0a4b445e90aa7e3 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | connections number wrong on Connections Types report page | ||||
Description: |
After quite not heavy use of PacketFence Wired 802.1x connections number shown on web page is 12728 (Wired MAC Auth connections number is also too high - 1166). However, database queries show accordingly 158 and 17 connections which are real numbers (see below). So looks like connections number is wrong on Connections Types report page. |
||||
Steps To Reproduce: | |||||
Additional Information: |
mysql> select count(*) from locationlog where connection_type = "Ethernet-EAP"; +----------+ | count(*) | +----------+ | 158 | +----------+ 1 row in set (0.00 sec) mysql> select count(*) from locationlog where connection_type = "WIRED_MAC_AUTH"; +----------+ | count(*) | +----------+ | 17 | +----------+ 1 row in set (0.00 sec) mysql> |
||||
Attached Files: |
PF_connection_types.png (27,105) 2013-08-14 09:06 https://www.packetfence.org/bugs/file_download.php?file_id=185&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1753 | [PacketFence] hardware modules | feature | N/A | 2013-12-12 09:59 | 2013-12-12 10:01 |
|
|||||
Reporter: | chami | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | compatibility of switch | ||||
Description: |
I have a request about of the compatibility of switch and PacketFance. This switch is not in your list of "supported network devices". Us is the following equipment for disposal ProSafe 24-PORT GIGABIT SMART SWITCH GS724T-300 best regards |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1752 | [PacketFence] scanning | minor | always | 2013-12-04 14:18 | 2013-12-04 14:25 |
|
|||||
Reporter: | thedeco | Platform: | Linux | ||
Assigned To: | francis | OS: | RHEL / CentOS | ||
Priority: | low | OS Version: | 6 | ||
Status: | resolved | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.0 | ||
Target Version: | |||||
fixed in git revision: | 7d72045e2a72f82e1b1e6811e7b6aafdfeba4dc1 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Fresh Snort install fails to start after rules update script is run | ||||
Description: |
After a fresh install of Snort and running the update_rules.pl script, Snort cannot start up by default. Checking /var/log/messages show the following error: FATAL ERROR: Unable to open rules file "/usr/local/pf/var/conf//usr/local/pf/conf/snort/emerging-virus.rules": No such file or directory. It appears the update_rules script failed to install this one rule set in conf/snort directory even though it is present in the violations.conf file by default. |
||||
Steps To Reproduce: |
Fresh install of PacketFence 4.0.6-2 service packetfence stop yum install snort run the rules update located /usr/local/pf/addons/snort/update_rules.pl service packetfence start service snortd status |
||||
Additional Information: | I was able to start Snort after removing the emerging-virus.rules from the list of Snort rules in violations.conf file | ||||
System Description | |||||
Attached Files: |
Notes | ||||
|
||||
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1749 | [PacketFence] web admin | minor | have not tried | 2013-12-02 22:27 | 2013-12-02 22:29 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.0 | ||
Target Version: | 4.1.0 | ||||
fixed in git revision: | 7e8eea8cd15b3b0a687036c5b4938195340ae7f9 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Can't assign rules to an authentication source | ||||
Description: | When assigning rules to an authentication source whose name matches the beginning of another source's name, the rules are never saved to the configuration file authentication.conf even though there's no error message. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1155 | [PacketFence] web admin | feature | N/A | 2011-01-18 14:52 | 2013-11-27 08:10 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | long-term | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Roles should be fetchable from LDAP in Web Admin | ||||
Description: |
When using access control in the web admin (conf/admin.perm), what user is using what role should be fetched from LDAP. ex: users in pfTech are assigned the helpdesk role, users in pfAdmin are assigned the admin role |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1747 | [PacketFence] web admin | feature | always | 2013-11-19 10:48 | 2013-11-19 10:48 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Dynamic attributes in LDAP authentication source | ||||
Description: | The current list of LDAP attributes available when defining a condition in a rule is limited to the list defined in the method "available_attributes" of pf::Authentication::Source::LDAPSource. It would be nice to be able to configure additional attributes in the current LDAP source. | ||||
Steps To Reproduce: | |||||
Additional Information: | This happens as soon as the LDAP directory is extended with custom schemas. | ||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1744 | [PacketFence] configuration | minor | always | 2013-10-30 16:02 | 2013-11-15 15:47 |
|
|||||
Reporter: | Xen0Phage | Platform: | Linux | ||
Assigned To: | francis | OS: | RHEL / CentOS | ||
Priority: | normal | OS Version: | 6 | ||
Status: | resolved | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.0 | ||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | f0660655caeb7205555bc22c9dd88b8aadbc8910 | ||||
|
|||||
Summary: | Unable to add new rule to existing authentication source via the GUI | ||||
Description: |
After adding a new rule to an existing authentication source, the new rule is apparently not saved. Add the new rule and then go back into the authentication source. Rule is not there. This occurs whether you save just the new rule, or if you also save the authentication source itself. I am unable to find any errors in the logs indicating a problem. On the contrary, I see this : Oct 30 15:56:12 httpd.admin(0) DEBUG: Database statements not prepared, preparing... (pf::db::db_query_execute) Oct 30 15:56:12 httpd.admin(0) DEBUG: Preparing pf::nodecategory database queries (pf::nodecategory::nodecategory_db_prepare) Oct 30 15:56:12 httpd.admin(0) DEBUG: function pf::db::get_db_handle is calling db_connect (pf::db::db_connect) Oct 30 15:56:12 httpd.admin(0) DEBUG: checking handle (pf::db::db_connect) Oct 30 15:56:12 httpd.admin(0) DEBUG: (Re)Connecting to MySQL (thread id: 0) (pf::db::db_connect) Oct 30 15:56:12 httpd.admin(0) DEBUG: connected (pf::db::db_connect) Oct 30 15:56:12 httpd.admin(0) DEBUG: Writing source local (pf::Authentication::Source::SQLSource) (pf::authentication::writeAuthenticationConfigFile) Oct 30 15:56:12 httpd.admin(0) DEBUG: Writing source set_role (pf::Authentication::Source::LDAPSource) (pf::authentication::writeAuthenticationConfigFile) Oct 30 15:56:12 httpd.admin(0) DEBUG: Writing source file1 (pf::Authentication::Source::HtpasswdSource) (pf::authentication::writeAuthenticationConfigFile) Which seems to indicate that the write succeeded. In this example. I'm specifically making changes to the set_role source. |
||||
Steps To Reproduce: |
1) Go to configuration->sources 2) Choose an existing authentication source 3) Click the "Add Rule" button 4) Enter the details for the new rule 5) Click Save |
||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1716 | [PacketFence] error-handling | minor | always | 2013-09-19 10:11 | 2013-11-06 07:11 |
|
|||||
Reporter: | fmts | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | 4.1.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Insecure dependency on service start | ||||
Description: |
After an upgrade from 4.0.5-2 i got the following error at service start: httpd.admin|start Checking configuration sanity... service|command config files|start iptables|start pfdns|start Insecure dependency in sprintf while running with -T switch at /usr/local/pf/lib/pf/services.pm line 398. |
||||
Steps To Reproduce: | |||||
Additional Information: |
Service started again, when i added following lines to the service.pm (right before line 398): $launcher =~ /^(.*)$/; $launcher = $1; Seems to be like a simliar problem as in 0001575. |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1746 | [PacketFence] captive portal | minor | always | 2013-11-04 10:51 | 2013-11-04 10:51 |
|
|||||
Reporter: | jochen | Platform: | Linux | ||
Assigned To: | OS: | RHEL / CentOS | |||
Priority: | normal | OS Version: | 6 | ||
Status: | new | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | RADIUSSource doesn't match username | ||||
Description: |
match_in_subclass() doesn't process any source specific conditions. Some code like this is missing: foreach my $condition (@{ $own_conditions }) { if ($condition->{'attribute'} eq "username") { if ( $condition->matches("username", $params->{'username'}) ) { push(@{ $matching_conditions }, $condition); } } } |
||||
Steps To Reproduce: |
Create RADIUS Source Create condition matching username Log in using this username => The condition does not match |
||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1672 | [PacketFence] web admin | feature | always | 2013-07-12 14:13 | 2013-10-30 15:12 |
|
|||||
Reporter: | Xen0Phage | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 4.0.1 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Switches configuration should include an alias/name | ||||
Description: |
The switch configuration should allow a name or alias to be entered. The IP is required, of course, to identify the switch. However, humans are somewhat better at remembering names, especially since we can name things based on where they're located. Can a name/alias field be added to the switch configuration? |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1743 | [PacketFence] core | minor | always | 2013-10-28 04:27 | 2013-10-29 06:31 |
|
|||||
Reporter: | erSitzt | Platform: | Linux | ||
Assigned To: | OS: | Ubuntu | |||
Priority: | normal | OS Version: | 12.04 | ||
Status: | new | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Service watchdog not able to restart all services | ||||
Description: |
"pfcmd service pf start" and the watchdog if it tries to restart services that are not running produces this error Insecure dependency in sprintf while running with -T switch at /usr/local/pf/lib/pf/services.pm Needs to be untainted : sub launchService { my ($daemon,@launcher_args) = @_; my $launcher = $service_launchers{$daemon}; if ($launcher) { my $logger = Log::Log4perl::get_logger('pf::services'); ### untaint launcher ### $launcher =~ /^(.*)$/; $launcher = $1; ######################## my $cmd_line = sprintf($launcher, @launcher_args); $logger->info("Starting $daemon with '$cmd_line'"); if ($cmd_line =~ /^(.+)$/) { $cmd_line = $1; my $t0 = Time::HiRes::time(); my $return_value = system($cmd_line); my $elapsed = Time::HiRes::time() - $t0; $logger->info(sprintf("Daemon %s took %.3f seconds to start.", $daemon, $elapsed)); return $return_value; } } return; } |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1742 | [PacketFence] captive portal | major | always | 2013-10-24 19:44 | 2013-10-25 14:48 |
|
|||||
Reporter: | fdurand | Platform: | All | ||
Assigned To: | fdurand | OS: | All | ||
Priority: | normal | OS Version: | All | ||
Status: | resolved | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.0 | ||
Target Version: | +1 | ||||
fixed in git revision: | 523f11a7f9372740e521564f1e01b933df7a42f7 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Wispr doesn´t work | ||||
Description: |
We fetch from the cgi object the username and password but for wispr we never use cgi. We have to use $req->param("username") and $req->param("password") in the wispr.pm file. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1740 | [PacketFence] web admin | feature | always | 2013-10-24 03:53 | 2013-10-24 03:53 |
|
|||||
Reporter: | MavLam | Platform: | All | ||
Assigned To: | OS: | All | |||
Priority: | normal | OS Version: | All | ||
Status: | new | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Node details not populating for 802.1x clients | ||||
Description: |
I am currently deploying Packetfence in a VLAN enforcement mode and the DHCP server runs on an external server. The machines auto registers with 802.1x auth against AD and automatically get a role assigned. All works great! Is it possible to make the Computer Name field editable via the UI? At the moment becuase the way I have implimented it Packetfence does not pull the node information. I am editing the name via MySQL which is not ideal when I hand over to support. And obviously if there was a way to still pull the node information this would be ideal. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1739 | [PacketFence] IDS | minor | always | 2013-10-22 13:50 | 2013-10-22 13:50 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | 4.1.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Move snort_rules from violations.conf to pf.conf | ||||
Description: | The snort_rules parameter is defined in the 'defaults' of violations.conf. However, it should be moved to pf.conf under a new 'IDS' section. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1738 | [PacketFence] web admin | minor | have not tried | 2013-10-18 12:00 | 2013-10-18 12:05 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.0 | ||
Target Version: | 4.1.0 | ||||
fixed in git revision: | 5ddb92d1cce25fc3b43c8f46644aa300532afca2 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Advanced search results of users: Can't sort by telephone nor by nodes count | ||||
Description: | When performing an advanced search on users, it's impossible to sort by telephone number of nodes count. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1737 | [PacketFence] captive portal | minor | have not tried | 2013-10-18 11:22 | 2013-10-18 11:36 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.0 | ||
Target Version: | 4.1.0 | ||||
fixed in git revision: | 6b47384c3f273f96cabf8a8f7c78db35f03ee444 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | An matches/regexp condition in an LDAP source doesn't test all values | ||||
Description: | A regexp condition in an LDAP source only tests the first value of the attribute. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1735 | [PacketFence] guests | feature | have not tried | 2013-10-11 14:46 | 2013-10-11 14:46 |
|
|||||
Reporter: | dwuelfrath | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Allow localdomain for email registration should use a different value than general.domain | ||||
Description: |
We offer the possibility to allow/deny the use of a localdomain address when using email guest self-registration. We check that the email is matching against the configured domain of PacketFence. Most of the time, that configured domain is not the same as the company use for their email addresses so we should probably use a new "configuration parameter" to specify the email addresses domain. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1732 | [PacketFence] radius | minor | have not tried | 2013-10-10 14:46 | 2013-10-10 14:47 |
|
|||||
Reporter: | dwuelfrath | Platform: | |||
Assigned To: | dwuelfrath | OS: | |||
Priority: | normal | OS Version: | |||
Status: | assigned | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Using NAS-IP-Address for managing RADIUS equipment | ||||
Description: | We are currently validating is a network equipment is managed by PacketFence (IP is part of switches list) by using the NAS-IP-Address in the RADIUS request. We are using the incoming IP of the Access-Request to do the secret check (which is OK) but after that, we use the NAS-IP-Address to refer to that network equipment. | ||||
Steps To Reproduce: | |||||
Additional Information: |
NAS-IP-Address should not be used to initiate communication with network equipment. We should base ourselves on the incoming IP address used for the Access-Request at all time. Will have to "refactor" the flow of RADIUS to make the correct distinguition between the two. |
||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1731 | [PacketFence] web admin | minor | have not tried | 2013-10-10 14:14 | 2013-10-10 14:14 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | assigned | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | 4.1.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Show additional columns in nodes module | ||||
Description: | Some users have expressed the desire to see more/other columns in the nodes module. For example, the registration date and the detection date. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1730 | [PacketFence] web admin | minor | have not tried | 2013-10-10 10:12 | 2013-10-10 10:12 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.0 | ||
Target Version: | |||||
fixed in git revision: | 69812df81b26649aeb4d1f46d1f779bffbe9688a | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Authentication rules can't include dashes in their name | ||||
Description: | If a rule name contains a dash, only the part before the dash is considered. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1727 | [PacketFence] radius | major | always | 2013-10-09 12:45 | 2013-10-09 12:45 |
|
|||||
Reporter: | carrots | Platform: | Linux | ||
Assigned To: | OS: | RHEL / CentOS | |||
Priority: | high | OS Version: | 6 | ||
Status: | new | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Addition of perl module in the sites-enabled/default file causes error Failed to find "perl" in the "modules" section. | ||||
Description: |
Whenever following the instructions in Appendix B of the admin guide for manual configuration of FreeRADIUS version 2 an error is given for the addition of the perl module as follows:- Error: /usr/local/pf/raddb//sites-enabled/default[200]: Failed to find "perl" in the "modules" section. Error: /usr/local/pf/raddb//sites-enabled/default[69]: Errors parsing authorize section. Error: Failed to load virtual server <default> Contents of some of the configuration files are as follows:- /usr/local/pf/conf/radiusd/radiusd.conf prefix = /usr exec_prefix = /usr sysconfdir = /etc localstatedir = %%install_dir%%/var sbindir = /usr/sbin logdir = %%install_dir%%/logs raddbdir = %%install_dir%%/var/radiusd radacctdir = %%install_dir%%/logs/radacct name = radiusd confdir = ${raddbdir} run_dir = ${localstatedir}/run db_dir = ${raddbdir} libdir = /usr/lib%%arch%%/freeradius pidfile = ${run_dir}/${name}.pid user = pf group = pf max_request_time = 30 cleanup_delay = 5 max_requests = 1024 listen { type = auth ipaddr = %%management_ip%% port = 0 virtual_server = packetfence } listen { ipaddr = %%management_ip%% port = 0 type = acct virtual_server = packetfence } hostname_lookups = no allow_core_dumps = no regular_expressions = yes extended_expressions = yes log { destination = files file = ${logdir}/radius.log syslog_facility = daemon stripped_names = no auth = yes auth_badpass = yes auth_goodpass = yes } checkrad = ${sbindir}/checkrad security { max_attributes = 200 reject_delay = 1 status_server = yes } proxy_requests = yes $INCLUDE proxy.conf $INCLUDE clients.conf thread pool { start_servers = 5 max_servers = 32 min_spare_servers = 3 max_spare_servers = 10 max_requests_per_server = 0 } modules { $INCLUDE ${confdir}/modules/ $INCLUDE eap.conf $INCLUDE sql.conf } instantiate { exec expr expiration logintime } $INCLUDE policy.conf $INCLUDE sites-enabled/ authorize { eap files } authenticate { eap } /usr/local/pf/raddb/sites-enabled/default - perl entry lines shown... authorize { <sic> # # This module takes care of EAP-MD5, EAP-TLS, and EAP-LEAP # authentication. # # It also sets the EAP-Type attribute in the request # attribute list to the EAP type from the packet. # # As of 2.0, the EAP module returns "ok" in the authorize stage # for TTLS and PEAP. In 1.x, it never returned "ok" here, so # this change is compatible with older configurations. # # The example below uses module failover to avoid querying all # of the following modules if the EAP module returns "ok". # Therefore, your LDAP and/or SQL servers will not be queried # for the many packets that go back and forth to set up TTLS # or PEAP. The load on those servers will therefore be reduced. # eap { ok = return } <sic> # # The ldap module will set Auth-Type to LDAP if it has not # already been set # ldap # # Enforce daily limits on time spent logged in. # daily # # Use the checkval module # checkval expiration logintime perl <sic> # Post-Authentication # Once we KNOW that the user has been authenticated, there are # additional steps we can take. post-auth { # Get an address from the IP Pool. # main_pool perl # # If you want to have a log of authentication replies, # un-comment the following line, and the 'detail reply_log' # section, above. # reply_log If the perl configuration is remvoed from the default file then the errors also show for inner-tunnel until they are also removed. Once there is no reference to perl then everything starts fine. |
||||
Steps To Reproduce: | Install packetfence 4.0.3 or 4.0.6 on CentOS 6.3 and make changes in Appendix B of the admin guide. | ||||
Additional Information: |
I've noticed that there are double slashes in the folder path to /sites-enabled but this seems to be accepted as it works fine without the "perl" entries. I was also unsure about the {confdir} within the radius.conf as it seems to reference the var folder but there is no radiusd or modules folder in the /usr/local/pf/var directory:- raddbdir = %%install_dir%%/var/radiusd radacctdir = %%install_dir%%/logs/radacct name = radiusd confdir = ${raddbdir} |
||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1715 | [PacketFence] scanning | minor | have not tried | 2013-09-18 09:28 | 2013-10-09 09:46 |
|
|||||
Reporter: | maikel | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.0 | ||
Target Version: | |||||
fixed in git revision: | 7d72045e2a72f82e1b1e6811e7b6aafdfeba4dc1 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Snort | ||||
Description: |
emerging-virus.rules is no longer available for snort. Oinkmaster also cannot grab this file. Because violations.conf still has this requirement listed (as in you cannot remove it YET from the webinterface) snort will always fail to start. ATAL ERROR: Unable to open rules file "/usr/local/pf/var/conf//usr/local/pf/conf/snort/emerging-virus.rules": No such file or directory. remove it from violations.conf and snort worksgood again. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1725 | [PacketFence] core | major | always | 2013-10-08 14:44 | 2013-10-08 15:07 |
|
|||||
Reporter: | lpelet | Platform: | Linux | ||
Assigned To: | OS: | RHEL / CentOS | |||
Priority: | high | OS Version: | 6 | ||
Status: | new | Product Version: | 4.0.5-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | 4.1.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | not using mail relay server | ||||
Description: | email and sms activation mail don't pass through the relay server specified in the menu tab Alerting | ||||
Steps To Reproduce: | ask in PacketFence to register as guest by email. then you will see the mail to activate your access is not sent using the mail relay server | ||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1717 | [PacketFence] packaging | block | always | 2013-09-24 21:02 | 2013-10-08 14:46 |
|
|||||
Reporter: | serjao | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Dependências CentOS 6 | ||||
Description: |
Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: perl(Catalyst::Authentication::Credential::HTTP) Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: perl(Plack) Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: perl(Catalyst::Controller::HTML::FormFu) Error: Package: perl-HTML-FormHandler-0.40013-1.centos6.noarch (PacketFence) Requires: perl(MooseX::Types::LoadableClass) >= 0.006 Error: Package: perl-HTML-FormHandler-0.40013-1.centos6.noarch (PacketFence) Requires: perl(Moose) >= 2.0007 Installed: perl-Moose-1.15-1.el6.x86_64 (@epel) perl(Moose) = 1.15 Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: perl(Catalyst::Plugin::Authentication) Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: perl(Net::OAuth2) Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: perl(Plack::Middleware::ReverseProxy) Error: Package: perl-HTML-FormHandler-0.40013-1.centos6.noarch (PacketFence) Requires: perl(MooseX::Types::LoadableClass) Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: perl(Catalyst::Plugin::Session::Store::File) Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: perl(Moo) >= 1.0 Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: perl(Catalyst::Authentication::Store::Htpasswd) Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: perl(CHI::Driver::Memcached) Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: perl(CHI) Error: Package: packetfence-4.0.6-2.el6.noarch (PacketFence) Requires: perl(MooseX::Types::LoadableClass) You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest |
||||
Steps To Reproduce: | |||||
Additional Information: |
[root@heimdall yum.repos.d]# ls CentOS-Base.repo CentOS-Media.repo epel.repo mirrors-rpmforge mirrors-rpmforge-testing PacketFence.repo CentOS-Debuginfo.repo CentOS-Vault.repo epel-testing.repo mirrors-rpmforge-extras openfusion.repo rpmforge.repo |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1657 | [PacketFence] configuration | major | always | 2013-06-27 11:22 | 2013-10-08 14:38 |
|
|||||
Reporter: | Raphux | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.2 | ||
Target Version: | |||||
fixed in git revision: | 51f206fe78353b3201ac3380ca1533bec68ddd31 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | LDAP test routine doesn't use "port" information | ||||
Description: |
In the configuration page, users => Sources => Add AD source. On the page, you can configure the port you want to query. But this parameter is not used when you click the «test» button. It queries 389 (LDAP) by default, event if, for example, you set 3268 (AD Global Catalog Default port), resulting in permanent error. |
||||
Steps To Reproduce: | |||||
Additional Information: | I made a small patch, hope that it will be useful. | ||||
Attached Files: |
LDAPSource.pm.patch (517) 2013-06-27 11:22 https://www.packetfence.org/bugs/file_download.php?file_id=177&type=bug |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1724 | [PacketFence] web admin | minor | have not tried | 2013-10-07 22:14 | 2013-10-07 22:24 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.0 | ||
Target Version: | 4.1.0 | ||||
fixed in git revision: | da53748a78a85c527ef211ebd1cbba0fe59f74f1 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Help from documentation.conf is truncated | ||||
Description: | When a parameter description extends to multiple lines, only the first line is displayed on the web interface. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1712 | [PacketFence] hardware modules | block | always | 2013-09-16 09:08 | 2013-10-06 16:53 |
|
|||||
Reporter: | alessiol | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.6 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.0 | ||
Target Version: | |||||
fixed in git revision: | https://github.com/inverse-inc/packetfence/commit/f5cfd3344bd1fd9f70c50ecb3f66230fb2bd1be5 [^] | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Argument "noSuchObject" isn't numeric in numeric eq | ||||
Description: |
I use an HP 4100 (J4121A) Switch but packetFence 4.0.6-2 can not get the MAC address by SNMP. This is the log: Sep 16 14:38:07 pfsetvlan(4) INFO: up trap received on 10.0.0.150 ifIndex 41 (main::handleTrap) Sep 16 14:38:07 pfsetvlan(4) INFO: setting 10.0.0.150 port 41 to MAC detection VLAN (main::handleTrap) Argument "noSuchObject" isn't numeric in numeric eq (==) at /usr/local/pf/lib/pf/SNMP.pm line 985. Sep 16 14:38:07 pfsetvlan(4) WARN: old VLAN noSuchObject is not a managed VLAN -> Do nothing (pf::SNMP::setVlan) Sep 16 14:38:07 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) Sep 16 14:38:09 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) Sep 16 14:38:11 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) Sep 16 14:38:13 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) Sep 16 14:38:16 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) Sep 16 14:38:18 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) Sep 16 14:38:20 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) Sep 16 14:38:22 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) Sep 16 14:38:24 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) Sep 16 14:38:26 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) Sep 16 14:38:28 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) Sep 16 14:38:30 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) Sep 16 14:38:33 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) Sep 16 14:38:35 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) Sep 16 14:38:37 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) Sep 16 14:38:39 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) Sep 16 14:38:41 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) Sep 16 14:38:43 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) Sep 16 14:38:45 pfsetvlan(4) WARN: couldn't get MAC at ifIndex 41. This is a problem. (pf::SNMP::_getMacAtIfIndex) |
||||
Steps To Reproduce: | |||||
Additional Information: |
This is fixed. The message "Argument "noSuchObject" isn't numeric in numeric eq (==)" will no longer happen You can find the patch here. https://github.com/inverse-inc/packetfence/commit/f5cfd3344bd1fd9f70c50ecb3f66230fb2bd1be5 [^] |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1723 | [PacketFence] core | block | always | 2013-10-03 09:03 | 2013-10-03 09:03 |
|
|||||
Reporter: | alessiol | Platform: | Linux | ||
Assigned To: | OS: | RHEL / CentOS | |||
Priority: | high | OS Version: | 6 | ||
Status: | new | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | WARN: couldn't get MAC at ifIndex 33. This is a problem. | ||||
Description: | Apply the git patch introduced with issue 0001712 but when I connect a device to HP 4100 Switch Packetfence can not change the vlan.... please check the log | ||||
Steps To Reproduce: | |||||
Additional Information: |
This is the /usr/local/pf/logs/packetfence.log : Oct 03 14:51:39 pfsetvlan(24) INFO: ignoring unknown trap: 2013-10-03|12:51:37|UDP: [10.0.0.150]:161->[10.0.0.148]|10.0.0.150|BEGIN TYPE 6 END TYPE BEGIN SUBTYPE .2 END SUBTYPE BEGIN VARIABLEBINDINGS .1.3.6.1.2.1.16.9.1.1.2.76 = STRING: I 10/03/13 12:51:44 ports: port E1 is now on-line END VARIABLEBINDINGS (main::parseTrap) Oct 03 14:51:39 pfsetvlan(11) INFO: nb of items in queue: 1; nb of threads running: 0 (main::startTrapHandlers) Oct 03 14:51:39 pfsetvlan(11) INFO: up trap received on 10.0.0.150 ifIndex 33 (main::handleTrap) Oct 03 14:51:39 pfsetvlan(11) INFO: setting 10.0.0.150 port 33 to MAC detection VLAN (main::handleTrap) Use of uninitialized value $vlan in concatenation (.) or string at /usr/local/pf/lib/pf/SNMP.pm line 612. Oct 03 14:51:40 pfsetvlan(11) WARN: old VLAN is not a managed VLAN -> Do nothing (pf::SNMP::setVlan) Oct 03 14:51:40 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:51:42 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:51:42 pfdhcplistener(8860) INFO: DHCPREQUEST from 00:15:65:2b:b6:b0 (10.0.0.153) (main::parse_dhcp_request) Oct 03 14:51:42 pfdhcplistener(8860) INFO: Unknown DHCP fingerprint: 1,2,3,4,6,7,12,15,28,42,66,67,43,120 (DHCP Message Type: DHCPREQUEST) (main::process_fingerprint) Oct 03 14:51:42 pfdhcplistener(8860) INFO: 00:15:65:2b:b6:b0 requested an IP. Unknown DHCP fingerprint. Modified node with last_dhcp = 2013-10-03 14:51:42,computername = ,dhcp_fingerprint = 1,2,3,4,6,7,12,15,28,42,66,67,43,120 (main::listen_dhcp) Oct 03 14:51:45 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:51:47 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:51:49 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:51:52 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:51:54 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:51:57 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:51:59 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:01 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:04 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:06 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:09 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:11 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:13 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:16 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:18 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:21 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:23 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:25 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:28 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:30 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:33 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:35 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:37 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:40 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:42 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:45 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:47 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:49 pfsetvlan(11) WARN: couldn't get MAC at ifIndex 33. This is a problem. (pf::SNMP::_getMacAtIfIndex) Oct 03 14:52:49 pfsetvlan(11) WARN: Tried to grab MAC address at ifIndex 33 on switch 10.0.0.150 30 times and failed (main::handleTrap) Oct 03 14:52:49 pfsetvlan(11) INFO: cannot find MAC (maybe we found a VoIP, but they don't count here). Do nothing (main::handleTrap) Oct 03 14:52:49 pfsetvlan(11) INFO: finished (main::cleanupAfterThread) |
||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1722 | [PacketFence] captive portal | minor | have not tried | 2013-10-02 13:47 | 2013-10-02 14:02 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.0 | ||
Target Version: | 4.1.0 | ||||
fixed in git revision: | 764f63ba5a345101a39dd35d586ff3242ecdb218 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Local users can't login on expiration date | ||||
Description: |
A user won't be able to register a new device on the expiration date specified in the temporary_password. We should accept registration until the last minute of the expiration date (23:59). |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1721 | [PacketFence] web admin | minor | have not tried | 2013-10-02 13:19 | 2013-10-02 13:31 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.0 | ||
Target Version: | 4.1.0 | ||||
fixed in git revision: | 6879e9bb2868514be4570cfa40b929635f785e64 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Error when creating users with no "set role" action | ||||
Description: |
From the Web admin interface, creating one or multiple users without specifying a role returns an error. The message displayed in the Web interface is "Unexpected error. See server-side logs for details.". In the log file, we have : WARN: database query failed with: Column 'category' cannot be null. (errno: 1048), will try again (pf::db::db_query_execute) ERROR: Database issue: We tried 3 times to serve query temporary_password_add_sql called from pf::db::db_data and we failed. Is the database running? (pf::db::db_query_execute) WARN: something went wrong creating a new temporary password for pouetpouet (pf::temporary_password::generate) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1668 | [PacketFence] web admin | minor | always | 2013-07-11 05:54 | 2013-10-02 11:37 |
|
|||||
Reporter: | roadracer96 | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 4.0.1 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Unable to manually add device in web UI | ||||
Description: | Need to be able to manually add a device in the web UI instead of waiting for it to be detected. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1720 | [PacketFence] captive portal | text | always | 2013-10-01 14:12 | 2013-10-01 14:12 |
|
|||||
Reporter: | Xen0Phage | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Misleading error message | ||||
Description: |
There is a misleading error message that pops up when a user is not put into a valid role. ie, there is no matching role. In that case, authentication passes, but the user is presented with a message indicating that they have too many devices registered. This appears in the node.pm file. This should be changed to indicate that there is a role issue, but a max devices issue. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1718 | [PacketFence] scanning | major | always | 2013-09-25 04:22 | 2013-09-25 08:30 |
|
|||||
Reporter: | erSitzt | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | OpenVAS XML-Respone can only be read if order and spaces are exactly as expectet by PacketFence | ||||
Description: |
The XML response returned by omp is parsed via regex like this one : /<get_reports_response\ status="([0-9]+)" [^\<]+[\<][^\>]+[\>] ([a-zA-Z0-9\=]+)/x In my case omp returns this XML <get_reports_response status_text="OK" status="200"><report id="15ce0c2d-bf8c-4972-a0f6-fe1e75bb298a" format_id="6c248850-1f62-11e1-b082-406186ea4fc5" extension="html" type="scan" content_type="text/html"> As you can see "status_text" and "status" are in a different order than pf expects them. I think the way the XML responses are evaluated is prone to errors and should be changed. Regex is not the way to go here. I have asked (in #openvas) if the order of elements is fixed in the xml and it is not... |
||||
Steps To Reproduce: | |||||
Additional Information: |
Ubuntu 12.04 OpenVAS 5 ii libopenvas5 5.0.4-1 ii openvas-administrator 1.2.1-1ubuntu1~precise ii openvas-check-setup 2.2.0-0ubuntu1~precise ii openvas-cli 1.1.5-1ubuntu1~precise ii openvas-client 2.0.5-1ubuntu1 ii openvas-manager 3.0.6-0ubuntu1~precise ii openvas-scanner 3.3.1-1ubuntu1~precise |
||||
Attached Files: |
openvas.pm (11,603) 2013-09-25 05:22 https://www.packetfence.org/bugs/file_download.php?file_id=187&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1714 | [PacketFence] captive portal | minor | have not tried | 2013-09-17 11:04 | 2013-09-17 11:05 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.6-2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.0 | ||
Target Version: | |||||
fixed in git revision: | ff1f1cf69a5cee7b2b582a459b24370b8bb10c11 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Htpasswd source doesn't respect username | ||||
Description: | A Htpasswd authentication source always matches the username. | ||||
Steps To Reproduce: | |||||
Additional Information: | The method fetchPass of the Apache::Htpasswd module returns 0 when the user is not found while the HtpasswdSource tests if the returned value is defined. | ||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1711 | [PacketFence] web admin | minor | have not tried | 2013-09-13 15:19 | 2013-09-13 15:19 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.6 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.6-2 | ||
Target Version: | |||||
fixed in git revision: | a761ec4998b2f34ea86e30a99a6b7a230e33ee4d | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | caching issue when creating an authentication source | ||||
Description: | Adding a rule to a newly created source can return an error depending on which httpd process answers the request. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1710 | [PacketFence] core | minor | have not tried | 2013-09-13 11:13 | 2013-09-13 11:14 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.6 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.6-2 | ||
Target Version: | |||||
fixed in git revision: | 6d1d6a8131a05e6a1b05b14978c54180af5786b8 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Unable to stop services via pfcmd | ||||
Description: | I seem to be unable to stop services via pfcmd after upgrading to 4.0.6. The command runs and I get the normal output indicating that the services should be stopping, but if I check service status, the only service that has actually stopped is pfdhcplistener. | ||||
Steps To Reproduce: | |||||
Additional Information: | Reported by Jason Frisvold <xenophage@godshell.com> on the mailing list | ||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1676 | [PacketFence] radius | major | have not tried | 2013-08-01 16:11 | 2013-09-13 11:10 |
|
|||||
Reporter: | dgreer | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.4 | ||
Target Version: | |||||
fixed in git revision: | 4861189ba7faf680eef257d5b1c157d7260fe0de | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | In 4.0.3, RADIUS stopped authenticating | ||||
Description: |
Not sure what I did to trigger this, but had a problem with RADIUS authentication, specifically the following error message: "Error: rlm_perl: No or invalid reply in SOAP communication with server. Check server side logs for details." Digging down, I found this was coming from the call of pf/raddb/packetfence.pm, and in that I figured out that I could dump return contents to the radius.log, so I did that and got this: "Thu Aug 1 14:37:44 2013 : Info: rlm_perl: curl_return_code: 0 Thu Aug 1 14:37:44 2013 : Info: rlm_perl: <?xml version="1.0" encoding="UTF-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" [^] xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" [^] xmlns:xsd="http://www.w3.org/2001/XMLSchema" [^] soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" [^] xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><soap:Fault><faultcode>soap:Client</faultcode><faultstring>Content-Type [^] must be 'text/xml,' 'multipart/*,' 'application/soap+xml,' 'or 'application/dime' instead of 'application/x-www-form-urlencoded'</faultstring></soap:Fault></soap:Body></soap:Envelope> " Doing some Googling brought me to this article on StackExchange: http://stackoverflow.com/questions/9062121/send-a-http-post-requestxml-data-using-wwwcurl-in-perl [^] So I plugged in the CURLOPT_HTTPHEADER() line to force it to use "text/xml" and problem is fixed. Here's the patch: ]# diff -U2 /root/backup/usr/local/pf/raddb/packetfence.pm packetfence.pm --- /root/backup/usr/local/pf/raddb/packetfence.pm 2013-07-22 14:30:34.000000000 -0500 +++ packetfence.pm 2013-08-01 15:01:57.000000000 -0500 @@ -174,4 +174,5 @@ my $response_body; $curl->setopt(CURLOPT_HEADER, 0); + $curl->setopt(CURLOPT_HTTPHEADER(), ['Content-Type: text/xml; charset=UTF-8']); $curl->setopt(CURLOPT_URL, 'http://127.0.0.1:' [^] . SOAP_PORT); # TODO: See note1 # $curl->setopt(CURLOPT_URL, 'http://127.0.0.1:' [^] . $Config{'ports'}{'soap'}); # TODO: See note1 @@ -184,5 +185,6 @@ # For debugging purposes - #&radiusd::radlog($RADIUS::L_INFO, "curl_return_code: $curl_return_code"); +# &radiusd::radlog($RADIUS::L_INFO, "curl_return_code: $curl_return_code"); +# &radiusd::radlog($RADIUS::L_INFO, "$response_body"); # Looking at the results... |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1709 | [PacketFence] 802.1x | minor | have not tried | 2013-09-13 11:03 | 2013-09-13 11:03 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.6 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.6-2 | ||
Target Version: | |||||
fixed in git revision: | 92e9339121f16d7b6d328f149fcb4b4c07944d73 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | 802.1x error in RADIUS authorize | ||||
Description: |
RADIUS is authenticating fine, but the WebAPI no like... Sep 10 08:26:38 pf::WebAPI(29881) INFO: handling radius autz request: from switch_ip => 1.2.3.4, connection_type => Wireless-802.11-EAP mac => c8:6f:1d:40:96:6e, port => 4097, username => tim.denike (pf::radius::authorize) Sep 10 08:26:38 pf::WebAPI(29881) INFO: autoregister a node that is already registered, do nothing. (pf::node::node_register) Sep 10 08:26:38 pf::WebAPI(29881) INFO: Found a match (CN=Tim DeNike,ETC ETC ETC) (pf::Authentication::Source::LDAPSource::match_in_subclass) Sep 10 08:26:38 pf::WebAPI(29881) INFO: Matched rule (W_Netshare) in source Employee, returning actions. (pf::Authentication::Source::match) Sep 10 08:26:38 pf::WebAPI(29881) ERROR: radius authorize failed with error: panic: attempt to copy freed scalar 7f1471d513d8 to 7f1470e25ac8 at /usr/local/pf/lib/pf/authentication.pm line 498. (PFAPI::radius_authorize) (main::__ANON__) (main::__ANON__) |
||||
Steps To Reproduce: | |||||
Additional Information: | Reported by Tim DeNike <tim.denike@mcc.edu> on the mailing list. | ||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1634 | [PacketFence] captive portal | minor | always | 2013-04-10 10:08 | 2013-09-13 10:58 |
|
|||||
Reporter: | lmunro | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.6.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.4 | ||
Target Version: | |||||
fixed in git revision: | 8944d5b31f898073ec393fed73da2b2d46a4c65b | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Guest email self registration assumes pid is an email address | ||||
Description: |
When using guest self registration using email, the pid is used as email address to send the validation email to. Yet the PacketFence administrator has the option to select which field to use as pid with guests_self_registration.guest_pid. If guests_self_registration.guest_pid is set to something else than "email" and guest self registration using email is attempted, it will fail because the "TO" address will be invalid. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1705 | [PacketFence] configuration | block | always | 2013-09-09 11:03 | 2013-09-13 10:14 |
|
|||||
Reporter: | alessiol | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.5 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.6-2 | ||
Target Version: | |||||
fixed in git revision: | e88eb947b98323287dbec750d65b5ee062354314 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | PacketFence 4.0.6 Ubuntu 10.04.3 dependency problem | ||||
Description: |
Packetfence won't install on Ubuntu 10.04.3 (fresh install) because of missing: libterm-ansicolor-perl. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1683 | [PacketFence] captive portal | major | have not tried | 2013-08-13 09:27 | 2013-09-13 10:08 |
|
|||||
Reporter: | Sylvain | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.5 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.6 | ||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Self-registration page shown even if no external source exists | ||||
Description: |
When updating from 4.0.1 to 4.0.5-2 there is a new feature : "Self-registration is now enabled when a profile has at least one external authentication source" introduced in 4.0.4 I have no external source, but still get the guest/self-registration page. I was feeling lucky and tried creating then removing external sources, or simply creating new internal sources, but it didn't work either. I tried to add sources to the profile but was blocked by another bug : http://www.packetfence.org/bugs/view.php?id=1682 [^] This bug is tricky as I also encouter this one : http://www.packetfence.org/bugs/view.php?id=1681 [^] Best regards, Sylvain |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1706 | [PacketFence] configuration | minor | always | 2013-09-09 11:43 | 2013-09-11 16:15 |
|
|||||
Reporter: | Xen0Phage | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.5 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.1.0 | ||
Target Version: | |||||
fixed in git revision: | 3b282102bfdb6d6841e28edf032f2714e7cb21a8 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Freeradius config files overwritten on RPM upgrade | ||||
Description: | Some of the Freeradius configuration files are overwritten on an upgrade, causing issues with the overall system as a result. Specifically, the config files in raddb/modules are overwritten with the default install files. This is specifically an issue with LDAP 802.1x authentication as the ldap file is defaulted, removing the needed LDAP access to validate 802.1x logins. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1365 | [PacketFence] captive portal | tweak | always | 2012-01-12 12:14 | 2013-09-04 14:42 |
|
|||||
Reporter: | maikel | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | general | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Captive portal - email activation - Name the network by its catagorie | ||||
Description: |
When using the self registration meganism, per default the category guest is used. But if in the config another category is used. It would be nicer to name the network instead off guest, the actual name. So in email_activation.cgi send the catagory to this function: pf::web::guest::generate_activation_confirmation_page then the template and i18n message can be altered automatically |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1702 | [PacketFence] captive portal | text | always | 2013-08-30 13:17 | 2013-09-03 08:10 |
|
|||||
Reporter: | Xen0Phage | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.5 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.6 | ||
Target Version: | |||||
fixed in git revision: | 1363fda9125f233c27cdb3af873441a179e21766 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Text string not in locales file | ||||
Description: |
I received a request to change the text string displayed when a user failed to authenticate on the captive portal. I looked through the locale file, but was unable to find it. I finally found it via a grep of the packetfence files. /usr/local/pf/lib/pf/authentication.pm line 467. This line should exist in the locale file and not be hard-coded into the library. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1630 | [PacketFence] security | feature | N/A | 2013-02-12 09:55 | 2013-09-03 05:35 |
|
|||||
Reporter: | bemosior | Platform: | |||
Assigned To: | ludovic | OS: | |||
Priority: | normal | OS Version: | |||
Status: | assigned | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | +1 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Username Registration Blacklist | ||||
Description: |
We see value in the addition of a username blacklist feature in order to prevent certain AD/LDAP registrations from occurring. Use Case: An individual may no longer register his/her own devices on the network (due to violations), but he/she may still use public lab machines. Disabling the AD/LDAP account is not an option, as the individual must still be able to access other services using AD/LDAP for authentication. Workflow (my understanding of it, at least): User attempts internet access and is redirected to the registration page. User enters username. PF compares username against blacklist, failing the process on match (with a user-facing error). In this case, no LDAP query is made/executed. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1701 | [PacketFence] web admin | feature | N/A | 2013-08-28 02:22 | 2013-08-29 21:07 |
|
|||||
Reporter: | fmts | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.5 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.6 | ||
Target Version: | |||||
fixed in git revision: | daeda0bf839735067befece306d1e6a34b600f5c, 680099611a5a39f9a2a0dfdf5e5d0d2f49dde1e6 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Search through notes | ||||
Description: |
It would be nice if there was an option in the advanced search, to search for notes (in Users and Nodes). So for example you could filter for auto registred devices. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1693 | [PacketFence] web admin | major | always | 2013-08-18 02:49 | 2013-08-22 14:29 |
|
|||||
Reporter: | muhlig | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.4 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | portal uses source which is undefined there | ||||
Description: |
There are three External Sources defined in my PacketFence server: sms, email & sponsor. My portal profile has two sources defined: (own internal) LDAP and email. Please note it doesn't contain sms. However packetfence.log shows: Aug 16 12:52:18 pf::WebAPI(17002) INFO: Matched rule (catchall) in source sms, returning actions. (pf::Authentication::Source::match) Looks like PacketFence uses source sms which it shouldn't use. It works, because sms rule is the same as email rule, but proper source (one of these defined in portal) should be taken info account. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1698 | [PacketFence] web admin | minor | always | 2013-08-21 07:20 | 2013-08-21 09:13 |
|
|||||
Reporter: | muhlig | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | acknowledged | Product Version: | 4.0.5 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | unable to define logo in profile other than default | ||||
Description: | There is no possibility to define logo in profile other than default. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1695 | [PacketFence] configuration | major | always | 2013-08-20 13:51 | 2013-08-20 13:54 |
|
|||||
Reporter: | muhlig | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.5 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.6 | ||
Target Version: | |||||
fixed in git revision: | dcc1f6d2758e1f92329311b678d71ea79d7bdc5c | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Apache error for guest: You don't have permission to access /cgi-perl/email_activation.cgi on this server. | ||||
Description: |
./lib/pf/services/apache.pm line 94: my $guest_regist_allowed = $guest_self_registration{'enabled'}; However, $guest_self_registration{'enabled'} is undefined. The effect is: line 95: if ($guest_regist_allowed && isenabled............................. and line 102: if ($guest_regist_allowed && ($email_enabled..................... conditions are not fulfilled and ./var/conf/captive-portal-common.conf is not properly generated and some URIs are not allowed from all, thus bringing WWW error: “You don't have permission to access /cgi-perl/email_activation.cgi on this server.” |
||||
Steps To Reproduce: | |||||
Additional Information: | I'd advice simply get rid of $guest_regist_allowed variable and accordingly modify these two conditions. Otherwise you need to define $guest_self_registration{'enabled'} somewhere. | ||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1667 | [PacketFence] web admin | minor | always | 2013-07-11 05:53 | 2013-08-20 09:01 |
|
|||||
Reporter: | roadracer96 | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.2 | ||
Target Version: | |||||
fixed in git revision: | 8835549747e4a0a0136e360140a33e58f83dc91b | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Unable to edit notes in Web UI | ||||
Description: | Unable to edit notes for a deviec in web UI | ||||
Steps To Reproduce: | |||||
Additional Information: |
Interesting one. It was possible in 3.X but removed in 4.X. Can you open a feature request : http://packetfence.org/bugs [^] Cheers! dw. -- dwuelfrath@inverse.ca :: +1.514.447.4918 (x110) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) On 2013-06-28, at 12:42 PM, Tim DeNike <tim.denike@mcc.edu> wrote: > Agreed. U would like to make more use of notes/details as well. > Manual creation would be helpful too. > > Sent from my iPhone > > On Jun 28, 2013, at 12:41 PM, Jason Frisvold <xenophage@godshell.com> wrote: > >> Greetings, >> >> With our current NAC system we can manually add new devices via the >> GUI. We're able to add the MAC of the device, the role it should be in, >> and a description. The description is incredibly useful for identifying >> devices quickly. >> >> This doesn't appear to be possible in PF 4.0.1, though there is the CLI >> method for adding a node, albeit without a description. What would it >> take to have this functionality added to PF? >> >> Thanks, >> >> -- >> --------------------------- >> Jason 'XenoPhage' Frisvold >> xenophage@godshell.com >> --------------------------- >> >> "Any sufficiently advanced magic is indistinguishable from technology.\" >> - Niven's Inverse of Clarke's Third Law >> >> ------------------------------------------------------------------------------ >> This SF.net email is sponsored by Windows: >> >> Build for Windows Store. >> >> http://p.sf.net/sfu/windows-dev2dev [^] >> _______________________________________________ >> PacketFence-users mailing list >> PacketFence-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/packetfence-users [^] > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Windows: > > Build for Windows Store. > > http://p.sf.net/sfu/windows-dev2dev [^] > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users [^] ------------------------------------------------------------------------------ This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev [^] _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users [^] |
||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1694 | [PacketFence] web admin | minor | always | 2013-08-19 15:22 | 2013-08-20 08:51 |
|
|||||
Reporter: | muhlig | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.4 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.6 | ||
Target Version: | |||||
fixed in git revision: | cff7c1426c2dc8f760134afd4226b53badb5c87e | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | pre-registration confirmation mail - %s not replaced by domain name | ||||
Description: |
There is a message in PacketFence: msgid "%s: Guest access confirmed!" which is used as a subject of confirmation mail in case of pre-registration. A guest receives this mail, but in the subject "%s" is not replaced by domain name of PacketFence system. It's worth noting all the other mails from PacketFence have "%s" correctly replaced - just this one particular mail has this issue. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1681 | [PacketFence] captive portal | major | always | 2013-08-13 09:13 | 2013-08-19 20:56 |
|
|||||
Reporter: | Sylvain | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.5 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.6 | ||
Target Version: | |||||
fixed in git revision: | a0cc0dae4aaa30f4ef2247a06df0f556b32469fb | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Guest registration page doesn't show any submit button | ||||
Description: |
Version 4.0.5-2 That's quite simple : the guest registration page doesn't show any submit button. Tried filling fields and scroll the "use policy", but didn't help. Please find a screenshot attached. Best regards, Sylvain |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
screenshot.png (198,895) 2013-08-13 09:13 https://www.packetfence.org/bugs/file_download.php?file_id=183&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1690 | [PacketFence] web admin | major | always | 2013-08-17 03:49 | 2013-08-17 21:47 |
|
|||||
Reporter: | muhlig | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.4 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.6 | ||
Target Version: | |||||
fixed in git revision: | a08b5b63bba1504a29894617f45632dec737971d | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | duration missing from Guest Network Access Information mail | ||||
Description: |
Mail excerpt: This username and password will be valid starting 2013-08-18. Once authenticated the access will be valid for . So, duration is missing from the line although registration window is defined for guest from 2013-08-18 to 2013-08-22. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1691 | [PacketFence] web admin | major | always | 2013-08-17 04:02 | 2013-08-17 21:02 |
|
|||||
Reporter: | muhlig | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.4 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.6 | ||
Target Version: | |||||
fixed in git revision: | 5a18b25f56cde34cceef32c402e78af550544275 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | unable to add/edit user telephone number | ||||
Description: | Display admin/users page. Click user. There is no form field for Telephone. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1692 | [PacketFence] web admin | minor | sometimes | 2013-08-17 04:05 | 2013-08-17 20:58 |
|
|||||
Reporter: | muhlig | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.4 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.6 | ||
Target Version: | |||||
fixed in git revision: | 8c3b78a95504bc8aac808861ed1c66c5f584c994 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | user display: ERROR: Use of uninitialized value in concatenation | ||||
Description: |
Display admin/users page. Click user. If some fields aren't filled, packetfence.log shows: Aug 17 10:02:38 httpd.admin(0) ERROR: Use of uninitialized value in concatenation (.) or string at /usr/local/pf/html/pfappserver/lib/pfappserver/Form/Widget/Field/Span.pm line 28. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1684 | [PacketFence] scanning | major | always | 2013-08-13 11:02 | 2013-08-13 11:02 |
|
|||||
Reporter: | Sylvain | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | new | Product Version: | 4.0.1 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | OpenVAS - "Bogus command name" when creating escalator | ||||
Description: |
It occurs under version 4.0.1, but I couldn't test under 4.0.5 because of some other bugs (which aren't related to this one). As i didn't see anything either in changelogs and in issues reported... here it is. This happen when launching a OpenVAS scan. Right after registration, the pre-configured "System Scan" violation (1200001) is triggered. The captive portal tells that scan is in progress. Once the progress bar is filled, it tells that the machine is still being scanned since a given hour. It will keep telling that (and here the problem begins). In packetfence.log can be found: There was an error creating scan escalator named 137606073317f486, here's the output: <omp_response status="400" status_text="Bogus command name"></omp_response> (pf::scan::openvas::createEscalator) The scanned machine can be sent to the default vlan, by acknowledging the "System Scan" violation (1200001), as expected. But of course bypassing scan is not the best approach ;) Here is the whole relevant output from packetfence.log: Aug 09 17:05:30 release.pm(0) INFO: scanning 192.168.1.1 by calling /usr/local/pf/bin/pfcmd schedule now 192.168.1.1 1>/dev/null 2>&1 (pf::web::release::handler) Aug 09 17:05:30 release.pm(0) INFO: violation for mac aa:bb:cc:dd:ee:ff vid 1200001 modified (pf::violation::violation_modify) Aug 09 17:05:33 pfcmd.pl(10765) INFO: New ID generated: 137606073317f486 (pf::util::generate_id) Aug 09 17:05:36 pfcmd.pl(10765) INFO: Instantiate a new vulnerability scanning engine object of type pf::scan::openvas. (pf::scan::instantiate_scan_engine) Aug 09 17:05:36 pfcmd.pl(10765) INFO: Creating a new scan target named 137606073317f486 for host 192.168.1.1 (pf::scan::openvas::createTarget) Aug 09 17:05:36 pfcmd.pl(10765) INFO: Scan target named 137606073317f486 successfully created with id: 0162c1eb-e374-4e39-8e16-faddab0d58e9 (pf::scan::openvas::createTarget) Aug 09 17:05:36 pfcmd.pl(10765) INFO: Creating a new scan escalator named 137606073317f486 (pf::scan::openvas::createEscalator) Aug 09 17:05:36 pfcmd.pl(10765) WARN: There was an error creating scan escalator named 137606073317f486, here's the output: <omp_response status="400" status_text="Bogus command name"></omp_response> (pf::scan::openvas::createEscalator) Aug 09 17:05:36 pfcmd.pl(10765) INFO: Creating a new scan task named 137606073317f486 (pf::scan::openvas::createTask) Aug 09 17:05:36 pfcmd.pl(10765) WARN: There was an error creating scan task named 137606073317f486, here's the output: <create_task_response status="400" status_text="Bogus element: escalator"></create_task_response> (pf::scan::openvas::createTask) Aug 09 17:05:36 pfcmd.pl(10765) INFO: Starting scan task named 137606073317f486 (pf::scan::openvas::startTask) Aug 09 17:05:37 pfcmd.pl(10765) WARN: There was an error starting the scan task named 137606073317f486, here's the output: <start_task_response status="404" status_text="Failed to find task ''"></start_task_response> (pf::scan::openvas::startTask) Best regards, Sylvain |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1680 | [PacketFence] captive portal | major | always | 2013-08-12 06:09 | 2013-08-12 11:40 |
|
|||||
Reporter: | KimHagen | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.4 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.5-2 | ||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Oauth stopped working getting error "OAuth2 Error: Failed to get the token" | ||||
Description: |
4.0.3 the Oauth for google/facebook works, but on the 4.0.4-2 and 4.0.5 release i get: "OAuth2 Error: Failed to get the token" Aug 12 12:00:50 oauth2.cgi(0) DEBUG: instantiating new pf::Portal::Session object (pf::Portal::Session::new) Aug 12 12:00:50 oauth2.cgi(0) DEBUG: instantiating new pf::Portal::Profile object (pf::Portal::Profile::new) Aug 12 12:00:50 oauth2.cgi(0) INFO: Sending 04:f7:e4:83:6a:c6to OAuth2 - Provider:google (ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_html_captive_2dportal_oauth2_2ecgi::handler) Aug 12 12:00:51 oauth2.cgi(0) DEBUG: instantiating new pf::Portal::Session object (pf::Portal::Session::new) Aug 12 12:00:51 oauth2.cgi(0) DEBUG: instantiating new pf::Portal::Profile object (pf::Portal::Profile::new) Aug 12 12:00:51 oauth2.cgi(0) DEBUG: API CODE: 4/DrEXOm0luo4KbOkcbpC-bIyYZOuj.6tUntWmjEQYLOl05ti3ZT3ZXUPTjgAE (pf::web::generate_oauth2_result) Aug 12 12:00:51 oauth2.cgi(0) INFO: OAuth2: failed to receive the token from the provider, redireting to login page (pf::web::generate_oauth2_result) Aug 12 12:00:51 oauth2.cgi(0) DEBUG: rendering template named login.html (pf::web::generate_login_page) I have tried a clean install of 4.0.5 on debian wheezy Kind regards, Kim |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1679 | [PacketFence] captive portal | major | always | 2013-08-08 04:05 | 2013-08-08 10:16 |
|
|||||
Reporter: | muhlig | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.3 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.5 | ||
Target Version: | |||||
fixed in git revision: | 8458546e980e090bfa414d8f5c32fd5ef3085e68 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | guest registration parameter missing from profile denies guest access to activation page | ||||
Description: |
guest_self_reg parameter is missing from both profile.conf file and web admin profile page. This parameter state is checked in lib/pf/iptables.pm (as $guest_self_registration{'enabled'} and should be taken into account in lib/pf/config.pm (in if ( isenabled($profile->{'guest_self_reg'}) ) { $guest_self_registration{'enabled'} = $TRUE; }. Effectively iptables rule allowing access to tcp 443 from outside is not being generated. There is also the second missing from admin GUI parameter: guest_modes=sms,email,sponsor (it is however present in profile.conf file). Probably there is some inconsistency here but worth fixing because guest access to activation page is denied. |
||||
Steps To Reproduce: | |||||
Additional Information: | Actually issue was found in 4.0.4 (number currently not available in BTS dropdown list) | ||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1662 | [PacketFence] core | minor | always | 2013-07-08 07:21 | 2013-08-01 08:10 |
|
|||||
Reporter: | fmts | Platform: | |||
Assigned To: | fdurand | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | [Violation] Action "Send email" doesn't get executed if the violation is enabled | ||||
Description: |
I created a violation with following settings: -- [4000001] priority=1 trigger=vendormac::2249 actions=autoreg,email,role desc=Testgeraete enabled=Y template=generic auto_enable=N whitelisted_categories=isolation,default,guest target_category=test vclose=4000001 -- The violation gets executed, but the node only gets the status "registred". The role isn't set and a mail doesn't get sent. As you can see in the attached log there is a warning about Perl ("insecure dependency") and the pfcmd command returns an error. Maybe it has something to do with it. If i remove the "email"-Action, the violation works as it should. Also if i set "enabled=N" and trigger it manually it works fine. Even with the "email"-action. |
||||
Steps To Reproduce: | |||||
Additional Information: |
System: Debian Wheezy (up to date) Repo: deb http://inverse.ca/downloads/PacketFence/debian-stable [^] wheezy wheezy |
||||
Attached Files: |
violation.txt (4,004) 2013-07-08 07:21 https://www.packetfence.org/bugs/file_download.php?file_id=179&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1654 | [PacketFence] performance | major | always | 2013-06-22 23:29 | 2013-07-31 20:07 |
|
|||||
Reporter: | rivan | Platform: | |||
Assigned To: | fdurand | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | can't access GUI | ||||
Description: |
after Installing, everything is working fine until I reboot the server I can't access the GUI. Even if I do service PacketFence Restart. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1649 | [PacketFence] 802.1x | major | always | 2013-06-05 10:15 | 2013-07-31 20:06 |
|
|||||
Reporter: | dgreer | Platform: | |||
Assigned To: | fdurand | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Problems returning role information from pf::authentication::match | ||||
Description: |
There are actually several things going on here (I think). First, in logging, there is a logic error in an if statement. Here's the diff: --- authentication.pm.orig 2013-06-05 07:43:17.390616523 -0500 +++ authentication.pm 2013-06-05 07:43:34.957616501 -0500 @@ -465,7 +465,7 @@ return undef; } - if (defined $action) { + if (! defined $action) { $logger->debug("No source matches action $action"); } else { $logger->debug("Returning actions ".join(', ', map { $_->type." = ".$_->value } @$actions )); Once that was found and fixed, I was able to see that I was getting matches but no returns. Have been staring at the code for quite a while, and can't figure this out. I added a debugging logging entry in the "foreach my $condition..." in Authentication/Source.pm so I could see what was being looked at, and I can see that all my conditions are being hit, but even when I've set one to specifically to match it fails to to return any actions (or, apparently to match). Here's the log entries: Jun 05 08:56:07 pf::WebAPI(24234) WARN: switch = pf::SNMP::Motorola::RFS=HASH(0x7fa24f9d9340), ifIndex = 1, mac = 00:22:fb:56:9d:3c, node_info = HASH(0x7fa24f9ddb00), conne ction_type = Wireless-802.11-EAP, user_name = DPTLABS_NT\\dgreer, ssid = BasicEmployees (pf::vlan::getNormalVlan) Jun 05 08:56:07 pf::WebAPI(24234) DEBUG: Trying to determine VLAN from role. (pf::vlan::getNormalVlan) Jun 05 08:56:07 pf::WebAPI(24234) DEBUG: Match called with parameters SSID => BasicEmployees, connection_type => Wireless-802.11-EAP, username => DPTLABS_NT\\dgreer (pf::au thentication::match) Jun 05 08:56:07 pf::WebAPI(24234) WARN: Match called with parameters SSID => BasicEmployees, connection_type => Wireless-802.11-EAP, username => DPTLABS_NT\\dgreer (pf::authentication::match) Jun 05 08:56:07 pf::WebAPI(24234) DEBUG: Matching rules for action set_role in source local (SQL) (pf::authentication::match) Jun 05 08:56:07 pf::WebAPI(24234) WARN: Matching rules for action set_role in source local (SQL) (pf::authentication::match) Jun 05 08:56:07 pf::WebAPI(24234) TRACE: attempt #0 to run query temporary_password_view_sql from module temporary_password (pf::db::db_query_execute) Jun 05 08:56:07 pf::WebAPI(24234) DEBUG: Database statements not prepared, preparing... (pf::db::db_query_execute) Jun 05 08:56:07 pf::WebAPI(24234) DEBUG: Preparing pf::temporary_password database queries (pf::temporary_password::temporary_password_db_prepare) Jun 05 08:56:07 pf::WebAPI(24234) DEBUG: Matching rules for action set_role in source file1 (Htpasswd) (pf::authentication::match) Jun 05 08:56:07 pf::WebAPI(24234) WARN: Matching rules for action set_role in source file1 (Htpasswd) (pf::authentication::match) Jun 05 08:56:07 pf::WebAPI(24234) DEBUG: Checking condition username equals admin (pf::Authentication::Source::match) Jun 05 08:56:07 pf::WebAPI(24234) DEBUG: Matching rules for action set_role in source ad1 (AD) (pf::authentication::match) Jun 05 08:56:07 pf::WebAPI(24234) WARN: Matching rules for action set_role in source ad1 (AD) (pf::authentication::match) Jun 05 08:56:07 pf::WebAPI(24234) DEBUG: Checking condition sAMAccountName equals DPTLABS_NT\\dgreer (pf::Authentication::Source::match) Jun 05 08:56:07 pf::WebAPI(24234) DEBUG: Matching rules in LDAP source. (pf::Authentication::Source::LDAPSource::match_in_subclass) Jun 05 08:56:07 pf::WebAPI(24234) DEBUG: LDAP filter: (&(sAMAccountName=DPTLABS_NT\\dgreer)(sAMAccountName=DPTLABS_NT\\dgreer)) (pf::Authentication::Source::LDAPSource::match_in_subclass) Jun 05 08:56:07 pf::WebAPI(24234) DEBUG: Searching for (&(sAMAccountName=DPTLABS_NT\\dgreer)(sAMAccountName=DPTLABS_NT\\dgreer)), from DC=dpt,DC=DFB,DC=NET, with scope one (pf::Authentication::Source::LDAPSource::match_in_subclass) Jun 05 08:56:07 pf::WebAPI(24234) DEBUG: Returning actions (pf::authentication::match) Jun 05 08:56:07 pf::WebAPI(24234) DEBUG: Username was defined (DPTLABS_NT\\dgreer) - got role ARRAY(0x7fa24f9f3bd0) (pf::vlan::getNormalVlan) Jun 05 08:56:07 pf::WebAPI(24234) WARN: vlanName = ARRAY(0x7fa24f9f3bd0) (pf::SNMP::getVlanByName) Jun 05 08:56:07 pf::WebAPI(24234) WARN: No parameter ARRAY(0x7fa24f9f3bd0)Vlan found in conf/switches.conf for the switch 192.168.99.3 (pf::SNMP::getVlanByName) Jun 05 08:56:07 pf::WebAPI(24234) WARN: Resolved VLAN for node is not properly defined: Replacing with macDetectionVlan (pf::vlan::fetchVlanForNode) Jun 05 08:56:07 pf::WebAPI(24234) WARN: vlanName = macDetection (pf::SNMP::getVlanByName) Jun 05 08:56:07 pf::WebAPI(24234) INFO: MAC: 00:22:fb:56:9d:3c, PID: dgreer, Status: reg. Returned VLAN: 1 (pf::vlan::fetchVlanForNode) Using CentOS 6.4 with updates. Using packetfence-4.0.2-0.20130529.el6.noarch.rpm (and friends) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1451 | [PacketFence] core | feature | N/A | 2012-05-11 16:30 | 2013-07-31 19:43 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | fdurand | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | general | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | get rid of the uplinks=... concept | ||||
Description: |
After doing 7264ede and a1b4cc8 I wrote: # FIXME I just refactored that method but I think we should simply get rid # of the uplinks=... concept. If you've configured access-control on an # uplink then it's your problem. Anyway we don't do anything on RADIUS based # requests. I guess this was there at first because of misconfigured up/down # traps causing concerns. Plus we haven't implemented dynamic support on most vendor other vendors and maintaining a list manually is just painful. We'll discuss it and then decide whether we should do it or not. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1673 | [PacketFence] configuration | major | always | 2013-07-25 10:11 | 2013-07-31 19:34 |
|
|||||
Reporter: | maikel | Platform: | |||
Assigned To: | fdurand | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Can't update dhcp fingerprints | ||||
Description: |
Error! Unable to update DHCP fingerprints: 500 Can't connect to www.packetfence.org:80 (Bad hostname) Seems it resolves back to inverse.ca and fails thus. Better to have the correct hostname there (inverse.ca) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1142 | [PacketFence] captive portal | major | always | 2010-12-20 10:49 | 2013-07-31 17:15 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | OS: | ||||
Priority: | urgent | OS Version: | |||
Status: | assigned | Product Version: | 2.0.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | investigate | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | CGISessions are not expiring properly | ||||
Description: |
We see on high usage setups that CGISessions are not expiring properly. This cause a problem in the /tmp folder, and can affect the time MySQL takes to restart. Problem has been detected at least on version 1.8.7, 1.9.0, 1.9.1, and 2.0.0, and may impact older versions. - Maybe we need to properly set a lower expiration time when we create the session. - Maybe we can clear the session after a user registers. An easy fix to workaround this problem, run a cron to wipe the sessions older than 30min : find /tmp -name "cgisess_*" -mmin +30 -exec rm -f {} \; |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1651 | [PacketFence] core | major | always | 2013-06-12 15:08 | 2013-07-12 16:23 |
|
|||||
Reporter: | dwuelfrath | Platform: | All | ||
Assigned To: | dwuelfrath | OS: | All | ||
Priority: | high | OS Version: | All | ||
Status: | assigned | Product Version: | 4.0.1 | ||
Product Build: | Resolution: | suspended | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Snort cannot start if pfdetect is not started | ||||
Description: |
When we start PacketFence, we create a FIFO (/usr/local/pf/var/alert) in which Snort is writing detected alerts. Snort is trying to open that FIFO in WRITE mode but a FIFO can only be opened in WRITE if a process already opened that FIFO in READ. Currently, PacketFence starts Snort before pfdetect (starting sequence) which cause Snort to hung since the FIFO cannot be opened in WRITE due to the lack of a process opening that FIFO in READ (pfdetect). Startup sequence need to be adapted so that pfdetect is started before Snort. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1670 | [PacketFence] web admin | feature | always | 2013-07-12 14:09 | 2013-07-12 14:30 |
|
|||||
Reporter: | Xen0Phage | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.2 | ||
Target Version: | |||||
fixed in git revision: | 43787f33a70e4fbaca5cd82b5dcacaa6fd963268 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Switches list not sorted | ||||
Description: |
The list of switches in Configuration -> Network -> Switches does not appear to be sorted in any way. It appears to be displayed in the order it's read from the config file. This should be sorted to reduce the time necessary to find a particular switch. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1645 | [PacketFence] web admin | minor | have not tried | 2013-05-29 11:46 | 2013-07-12 09:45 |
|
|||||
Reporter: | dgreer | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.2 | ||
Target Version: | 4.0.2 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | When editing a User, unable to save changes because of missing fields "from" and "Expiration" | ||||
Description: |
Modifying the user created when I logged into the registration portal, adding name, email, etc. All fields filled. When I press "Save" I get: "Error! Valid from field is required" "Error! Expiration field is required" Not a show stopper, but wanted to get it on the todo list. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1666 | [PacketFence] web admin | trivial | always | 2013-07-10 14:27 | 2013-07-12 09:44 |
|
|||||
Reporter: | Xen0Phage | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.2 | ||
Target Version: | |||||
fixed in git revision: | e8154cf97dc5c8994207981baff6970dfc5af85a | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Sort order of routed networks is not numeric | ||||
Description: | This is a nitpicky issue, but I thought I'd report it. The sort order for routed networks in the "Configuration -> Interfaces" screen is not in numeric order. For instance, 10.10.100.0 appears before 10.10.2.0. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1641 | [PacketFence] core | minor | sometimes | 2013-05-10 18:08 | 2013-07-11 08:44 |
|
|||||
Reporter: | lmunro | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.1 | ||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | max nodes per-user limit reached for admin user | ||||
Description: |
A user reports: I've been doing some work on our PF 4.0 install. I have LDAP authentication working for the admin logins as well as logging in via RADIUS. I believe we talked yesterday about the "User Sources" being used for identifying user roles when authenticating via 802.1x. Looking at the vlan.pm code, this appears to be what will happen, but I need to have the node in a registered state first. So how do we go about doing that? Additionally, if I try to manually switch the node to Registered, I get the following in the logs : INFO: per-category max nodes per-user limit reached: 1 are already registered to admin for category |
||||
Steps To Reproduce: | |||||
Additional Information: |
node:is_max_reg_nodes_reached tests if $pid equals $default_pid. $default_pid is defined as 1 in config.pm whereas it is entered as "admin" in the database. Should that be changed? |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1153 | [PacketFence] hardware modules | tweak | N/A | 2011-01-17 17:18 | 2013-07-11 07:49 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | obilodeau | OS: | |||
Priority: | normal | OS Version: | |||
Status: | assigned | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | long-term | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | More flexible VLAN Attributes handling with RADIUS (support for Vendor Specific Attributes aka VSA) | ||||
Description: |
Right now VLAN assignment through RADIUS is always done using the same tunnel attributes namely:$RAD_REPLY{'Tunnel-Medium-Type'} = 6; $RAD_REPLY{'Tunnel-Type'} = 13; $RAD_REPLY{'Tunnel-Private-Group-ID'} = $vlan; However, to be more flexible, it would be interesting to consider allowing the hardware module to specify it's own RADIUS attributes. For this, a new call. Here's the pseudo-code: getVlanAssignmentAttributes(radius_hashref, $vlan) : radius_hashref { $RAD_REPLY->{'Tunnel-Medium-Type'} = 6; $RAD_REPLY->{'Tunnel-Type'} = 13; $RAD_REPLY->{'Tunnel-Private-Group-ID'} = $vlan; } put the above default implementation in pf::SNMP and then other modules can differ. For ex: getVlanAssignmentAttributes(radius_hashref, $vlan) : radius_hashref { $RAD_REPLY->{'Tunnel-Medium-Type'} = 6; $RAD_REPLY->{'Tunnel-Type'} = 13; $RAD_REPLY->{'Tunnel-Private-Group-ID'} = $vlan; $RAD_REPLY->{'Extreme-Netlogin-Extended-VLAN'} = T220; } would add a hardware-specific reply that would add a tagged VLAN 220 to the port |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1652 | [PacketFence] web admin | minor | always | 2013-06-13 10:30 | 2013-07-10 10:33 |
|
|||||
Reporter: | lmunro | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.1 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.2 | ||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Node search by pid is broken | ||||
Description: |
Node search using "person name" does not work. The logs show the following errors: Jun 13 09:47:24 httpd.admin(0) ERROR: Odd number of elements in hash assignment at /usr/local/pf/html/pfappserver/l ib/pfappserver/Base/Action/SimpleSearch.pm line 21. (pfappserver::__ANON__) Jun 13 09:48:06 httpd.admin(0) ERROR: Caught exception in pfappserver::Controller::Node->advanced_search "Can't use string ("pid") as a HASH ref while "strict refs" in use at /usr/local/pf/html/pfappserver/lib/pfappserver/Model/Se arch/Node.pm line 276." (pfappserver::Controller::Root::end) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1663 | [PacketFence] web admin | feature | always | 2013-07-08 17:05 | 2013-07-09 09:30 |
|
|||||
Reporter: | Xen0Phage | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.2 | ||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Missing option to enable VoIP for a switch via the Admin GUI | ||||
Description: | Title says it all. In the 3.x version there was an option via the GUI to enable VoIP on a switch. In 4.x, it appears this has vanished. I can enable it via a direct edit of the switches.conf file, but enabling this requires a restart of services. Being able to do this via the GUI would handle it in a much smoother way without interruption of service. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1653 | [PacketFence] captive portal | major | always | 2013-06-19 08:57 | 2013-06-19 14:35 |
|
|||||
Reporter: | muhlig | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | lib/pf/web.pm undefined value as an ARRAY reference | ||||
Description: |
This is on current snapshot (packetfence-4.0.2-0.20130619.el6.noarch.rpm). I'm trying to login using captive-portal. I fill accept terms, username and password and click Login. Then I get page with Software error: Can't use an undefined value as an ARRAY reference at /usr/local/pf/lib/pf/web.pm line 582. |
||||
Steps To Reproduce: | |||||
Additional Information: |
I'm not sure if my config is correct; the error is not a faulty config message though :-) The node doesn't get registered. |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1650 | [PacketFence] captive portal | major | always | 2013-06-06 06:12 | 2013-06-07 23:34 |
|
|||||
Reporter: | rivan | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | feedback | Product Version: | 4.0.1 | ||
Product Build: | Resolution: | reopened | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Unable to Authenticate | ||||
Description: |
I've done the following 1. to create user Configuration>create username:guest10 password:guest10 2. add an authentication source configuration>sources>add source>Htpasswd name: guest description:guest file path:/usr/local/pf/conf/guest.conf 3. add a rule in newly created source (guest) conditions: username starts guest action set access level: all |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1648 | [PacketFence] web admin | major | always | 2013-06-04 08:58 | 2013-06-04 15:55 |
|
|||||
Reporter: | dgreer | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | https://github.com/inverse-inc/packetfence/blob/c55373379b232dfae6915b86bcded863830febe8/html/pfappserver/lib/pfappserver/Controller/Configuration.pm [^] | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Admin pages errors | ||||
Description: |
Under "Configuration", all the options down to "Provisioning" throw errors. Here's the errors from packetfence.log: Jun 04 07:51:13 httpd.admin(0) ERROR: Use of uninitialized value in pattern match (m//) at /usr/share/perl5/vendor_perl/Catalyst/Action/RenderView.pm line 54. (pfappserver::__ANON__) Jun 04 07:51:13 httpd.admin(0) ERROR: Use of uninitialized value in pattern match (m//) at /usr/share/perl5/vendor_perl/Catalyst.pm line 1917. (pfappserver::__ANON__) Jun 04 07:51:13 httpd.admin(0) ERROR: Use of uninitialized value $status in numeric ge (>=) at /usr/share/perl5/vendor_perl/Plack/Handler/Apache2.pm line 124. (pfappserver::__ANON__) Jun 04 07:51:13 httpd.admin(0) ERROR: Use of uninitialized value in subroutine entry at /usr/share/perl5/vendor_perl/Plack/Handler/Apache2.pm line 138. (pfappserver::__ANON__) I'm suspecting that this may be related to my "fix" in bug 1647. Will roll back to a previous version. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1529 | [PacketFence] web admin | major | always | 2012-08-24 10:25 | 2013-06-03 08:43 |
|
|||||
Reporter: | suenall | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | high | OS Version: | |||
Status: | assigned | Product Version: | 3.5.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | investigate | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | web configurator | ||||
Description: | "continue button" resets page to defaults instead of continuing | ||||
Steps To Reproduce: | |||||
Additional Information: | RHEL 6, | ||||
Attached Files: |
packetfence.log (280,719) 2012-08-24 10:25 https://www.packetfence.org/bugs/file_download.php?file_id=158&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1642 | [PacketFence] packaging | major | always | 2013-05-14 21:44 | 2013-05-15 07:13 |
|
|||||
Reporter: | adamashley | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 4.0.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | +1 | ||
Target Version: | |||||
fixed in git revision: | https://github.com/inverse-inc/packetfence/commit/0816032722c3b4c99be2010667b2e585c0acc756 [^] | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Ubuntu package install fails when trying to stop services that don't exist | ||||
Description: |
Clean ubuntu 12.04.2 LTS install with minimal install. Only SSH and requirements to boot are installed. Add repository and install package as documented at http://www.packetfence.org/support/faqs/article/how-to-install-packetfence-on-ubuntu.html [^] Install runs until following error message occurs: dpkg: error processing packetfence (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: packetfence Edited /var/lib/dpkg/info/packetfence.postinst to add more comments through out the process that is failing. Resulting log: root@proxy01:/var/lib/dpkg# apt-get install -f Reading package lists... Done Building dependency tree Reading state information... Done 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 1 not fully installed or removed. After this operation, 0 B of additional disk space will be used. Setting up packetfence (4.0.0) ... DH already exists, won't touch it! managing services Stopping snort dpkg: error processing packetfence (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: packetfence E: Sub-process /usr/bin/dpkg returned an error code (1) Install script is failing because there is no service called snort installed on the machine. Only packages installed are those listed as dependancies for packetfence. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1621 | [PacketFence] core | tweak | always | 2013-01-10 13:46 | 2013-03-18 09:45 |
|
|||||
Reporter: | ludovic | Platform: | |||
Assigned To: | fdurand | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | +1 | ||
Target Version: | |||||
fixed in git revision: | feature/catalyst-admin | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Wrong SNMP deauth call for Cisco WLC | ||||
Description: |
In lib/pf/SNMP/Cisco/WLC.pm we have: sub _deauthenticateMacSnmp { ... while it should be: sub _deauthenticateMacSNMP { Otherwise, SNMP deauth won't work for Cisco WLC/WiSM. That bug is also present in v3.6.1 A test should be developed to make sure we don't have problems in the future. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1628 | [PacketFence] refactoring | minor | random | 2013-02-04 15:42 | 2013-02-04 15:42 |
|
|||||
Reporter: | dwuelfrath | Platform: | All | ||
Assigned To: | dwuelfrath | OS: | All | ||
Priority: | normal | OS Version: | All | ||
Status: | assigned | Product Version: | 3.6.1 | ||
Product Build: | stable | Resolution: | open | ||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | +2 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Refactor the VLAN change workflow on wired switchports | ||||
Description: |
The whole setVlan, authorizeMac, bouncePort workflow differs from switch to switch and from enforcement methods. Bounce port occurs when there's VoIP phone in some case (MAC auth) but not in others (port-security) which mess the standard workflow. We should standardize this workflow. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1625 | [PacketFence] inline | feature | always | 2013-01-21 20:18 | 2013-01-22 09:31 |
|
|||||
Reporter: | dwuelfrath | Platform: | All | ||
Assigned To: | dwuelfrath | OS: | All | ||
Priority: | normal | OS Version: | All | ||
Status: | assigned | Product Version: | 3.6.1 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Inline enforcement mode should have a similar workflow as the VLAN enforcement mode | ||||
Description: |
With the new inline RADIUS feature, we should consider improving the handling of the registration process for nodes connecting using this enforcement mode. Example: SSID |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1624 | [PacketFence] upgrade | minor | always | 2013-01-17 14:05 | 2013-01-21 14:56 |
|
|||||
Reporter: | ae3 | Platform: | |||
Assigned To: | dwuelfrath | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.6.1 | ||
Product Build: | stable | Resolution: | fixed | ||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.6.1 | ||
Target Version: | +0 | ||||
fixed in git revision: | 11acb8b4d1728b8e09546a01ac234ecff18e0c9c | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | db/upgrade-3.5.0-3.6.1.sql has primary key error | ||||
Description: |
When I run the database schema update on ZEN 3.6.0 to upgrade to 3.6.1, MySQL terminates with error 1062 as shown under additional information below. I had previously added custom categories through the admin web GUI, and the first one was automatically assigned node_category 3. Hence, the primary key conflict for me, and anyone else who defined custom categories. I do not know if there is a dependency on node_category=3 for gaming devices elsewhere in the code, but I created the entry via the admin web GUI and it assigned it 0000008. If there is no dependency on that entry being 0000003, you could just drop the "category_id" and "3" from the insert command since the table was created with category_id defined as auto_increment so it will always use the next number on insert. |
||||
Steps To Reproduce: | |||||
Additional Information: |
[root@pf-zen-esx pf]# mysql -u pf -p pf -v < db/upgrade-3.5.0-3.6.1.sql Enter password: -------------- INSERT INTO `node_category` (category_id,name,notes) VALUES ("3","gaming","Gaming devices") -------------- ERROR 1062 (23000) at line 5: Duplicate entry '3' for key 'PRIMARY' [root@pf-zen-esx pf]# |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1623 | [PacketFence] | major | always | 2013-01-14 12:06 | 2013-01-14 13:59 |
|
|||||
Reporter: | fdurand | Platform: | All | ||
Assigned To: | dwuelfrath | OS: | All | ||
Priority: | normal | OS Version: | All | ||
Status: | assigned | Product Version: | 3.6.1 | ||
Product Build: | stable | Resolution: | open | ||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | +1 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | TrapLimitation Disable local trap | ||||
Description: | When a trap Limitation is enabled in packetfence and when it reach this limit, then the local trap are disabled. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1599 | [PacketFence] configuration | text | have not tried | 2012-11-08 15:58 | 2013-01-03 10:55 |
|
|||||
Reporter: | _KaszpiR_ | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | feedback | Product Version: | |||
Product Build: | Resolution: | reopened | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.6.1 | ||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Debian FreeRADIUS auth agains AD documentation is missing dependency | ||||
Description: |
Just a minor note to section: Option 1: Authentication against Active Directory (AD) ... Samba / Kerberos / Winbind Install SAMBA Under Debian apt-get install samba winbing krb5-user |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1619 | [PacketFence] guests | minor | always | 2012-12-28 16:21 | 2013-01-03 09:55 |
|
|||||
Reporter: | lmunro | Platform: | |||
Assigned To: | fdurand | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.6.1 | ||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | sponsored account registration url contains regular expression | ||||
Description: |
Whenever a guest tries to register using a sponsor, the sponsor receives an email where the url is malformed. It contains a regular expression like this example: https://pftest-lm.packetfence.org/activate/email(.*)/381359d5d9bde6a37d0a41140153dd81 [^] Note the "email(.*)" part. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1616 | [PacketFence] | minor | always | 2012-12-13 09:53 | 2012-12-13 09:56 |
|
|||||
Reporter: | dwuelfrath | Platform: | |||
Assigned To: | dwuelfrath | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.6.1 | ||
Target Version: | |||||
fixed in git revision: | 6651312273b6af1fb853beac164a5378e66f87b0 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Apple XML provisioning profile displays payload rather than the profile itself | ||||
Description: | When connecting from an IOS device with the profile provisioning enabled, the device is displaying the XML profile payload rather than prompting to add the new profile. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1612 | [PacketFence] configuration | minor | always | 2012-11-28 13:22 | 2012-11-28 13:22 |
|
|||||
Reporter: | fdurand | Platform: | Linux | ||
Assigned To: | dwuelfrath | OS: | RHEL / CentOS | ||
Priority: | normal | OS Version: | 6 | ||
Status: | assigned | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Vlan creation under configurator (under 4096) | ||||
Description: |
When i try to create a new vlan in the configurator, the highest vlan than we can add is 4094. So we just have to change the text (under 4096) in configurator. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1602 | [PacketFence] captive portal | major | always | 2012-11-12 10:58 | 2012-11-12 11:17 |
|
|||||
Reporter: | dwuelfrath | Platform: | |||
Assigned To: | dwuelfrath | OS: | |||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.6.1 | ||
Target Version: | |||||
fixed in git revision: | 480663772a400fe61e79c7f007245fc09ad6a3db | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Perl errors on some signup options | ||||
Description: | Some signup options seems to produce weird perl errors (unable to instantiate some required modules even if the path is correct) | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1597 | [PacketFence] error-handling | minor | always | 2012-11-07 15:45 | 2012-11-07 15:57 |
|
|||||
Reporter: | _KaszpiR_ | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | won't fix | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Mantis and MySQL collation | ||||
Description: |
Not Packetfence related, but the issue is with Mantis. Looks like database was set up with latin1 while website runs on utf8. Workaround - did not use special chars ;) |
||||
Steps To Reproduce: | |||||
Additional Information: |
Tried to update profile, error occured. Database query failed. Error received from database was 0001267: Illegal mix of collations (latin1_swedish_ci,IMPLICIT) and (utf8_general_ci,COERCIBLE) for operation '=' for the query: SELECT id FROM mantis_user_table WHERE username='Micha? Socho?'. |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1550 | [PacketFence] configuration | minor | have not tried | 2012-09-14 14:34 | 2012-10-29 16:00 |
|
|||||
Reporter: | dwuelfrath | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.1 | ||||
fixed in git revision: | 7f6335b14c7a5d90999eec0d4d6b3ee1c29e3c6a | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | ssl-certificates.conf file | ||||
Description: |
The conf/ssl-certificates.conf file should be moved into conf/httpd.conf.d since it is part of the httpd configuration. This change will imply modification to the packaging (RHEL, Debian) to make sure to handle the new location and an entry in the UPGRADE document. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1317 | [PacketFence] core | minor | always | 2011-10-20 12:00 | 2012-10-29 15:02 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | 3.0.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.1 | ||||
fixed in git revision: | ad54619a893500d7d6febeb08094357048caa7ba | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Nodes are beeing unreg if expire_mode set to window and no unreg date is set | ||||
Description: |
Problematic query : $node_statements->{'node_expire_window_sql'} = get_db_handle()->prepare( qq [ SELECT mac FROM node WHERE status="reg" AND unix_timestamp(regdate) + ? < unix_timestamp(now()) ] ); If you set no unregdate (0000-00-00 00:00:00) and you add 999w, it will always be lower than NOW(). The nodes will then be unregistered even if they should not. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1591 | [PacketFence] captive portal | tweak | always | 2012-10-29 13:44 | 2012-10-29 14:05 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.6.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.1 | ||||
fixed in git revision: | 2dc9f94baf271b0fc6d5301e9f20e73e630f8f8c | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Signup link availability issue | ||||
Description: |
When you select OAuth2 authenticators in the guest_self_registration.modes, the signup link will be available but it shouldn't be. Only sponsor, sms, or email should trigger the link to be available. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1579 | [PacketFence] captive portal | minor | always | 2012-10-22 12:44 | 2012-10-29 13:48 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.1 | ||||
fixed in git revision: | be472568ac42e129c3916d34162de3885685174c | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | SMS confirmation page should return an error message if PIN is invalid | ||||
Description: | The page is not telling us if the PIN entered is invalid, it just refresh. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1538 | [PacketFence] core | minor | always | 2012-09-04 12:28 | 2012-10-29 12:37 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | low | OS Version: | |||
Status: | resolved | Product Version: | 3.5.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.1 | ||||
fixed in git revision: | cc5719ccb34980bb335bfb31d6b33d0a3050ccc0 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Missing query for accounting violation | ||||
Description: |
When using a non-supported time frame for the accounting violations, the code says we should look at the data since the beginning of time. However, that sub is missing. - Should we remove the unsupported time values from the REGEXP to check the trigger format? - Should we add the proper sub? - Should we support all time format? |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1342 | [PacketFence] configuration | feature | N/A | 2011-11-23 14:24 | 2012-10-29 11:29 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.1 | ||||
fixed in git revision: | b4bc7f2e56bc1c77eb6c638639e51b0d8ee8ece7 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | have minimal radius logging and expose it on the web interface | ||||
Description: |
Helpful for people who have not yet connected the radiusd to packetfence properly. We should add a note in the performance section to disable the logging on high throughput networks and also take the opportunity to document the async syslog trick too. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1494 | [PacketFence] core | minor | always | 2012-07-24 10:04 | 2012-10-26 16:06 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | acknowledged | Product Version: | 3.4.1 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | 3.6.1 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | pf watch should restart only the crashed service | ||||
Description: |
pf watch should only restart the crashed service instead of everything. Right now, if for example pfmon is crashed, pf watch will restart packetfence entirely instead of just restarting the crashed service. Why we need to restart the captive portal because of pfmon? ;) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
749 | [PacketFence] core | minor | have not tried | 2009-07-16 16:33 | 2012-10-26 16:05 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | high | OS Version: | |||
Status: | assigned | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | 3.6.1 | ||||
fixed in git revision: | b78251653ec9f535f9e1cf3fa898b75350357d5e | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Violation load does not validate if 2 violations have the same ID | ||||
Description: | There should be a control, when loading violations, that make sure that 2 violations do not have the same ID in violations.conf. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1517 | [PacketFence] packaging | minor | have not tried | 2012-08-16 10:01 | 2012-10-26 15:51 |
|
|||||
Reporter: | obilodeau | Platform: | Linux | ||
Assigned To: | fgaudreault | OS: | RHEL / CentOS | ||
Priority: | normal | OS Version: | 6 | ||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | freeradius depsolving problems on RHEL 6 | ||||
Description: |
PacketFence won't install on RHEL 6 because of dependency solving problems with freeradius-2.1.12-3. This version is more recent than in our repo but that doesn't explain why installation fails. |
||||
Steps To Reproduce: | |||||
Additional Information: |
Info about update: http://rhn.redhat.com/errata/RHBA-2012-0881.html [^] Interesting but unrelated: * Previously, freeradius was compiled without the "--with-udpfromto" option. Consequently, with a multihomed server and explicitly specifying the IP address, freeradius sent the reply from the wrong IP address. With this update, freeradius has been built with the --with-udpfromto configuration option and the RADIUS reply is always sourced from the IP the request was sent to. (BZ#700870) |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1220 | [PacketFence] web admin | minor | always | 2011-05-24 11:33 | 2012-10-26 15:26 |
|
|||||
Reporter: | cactus-jake | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 2.2.0 | ||
Product Build: | Resolution: | unable to reproduce | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Violation Page changes description format | ||||
Description: |
After I delete a line on the Violations Page, the Description column displays the violation number rather than the violation description. It displays correctly after I stop editing. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1573 | [PacketFence] configuration | block | always | 2012-10-22 09:48 | 2012-10-25 16:48 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fdurand | OS: | |||
Priority: | immediate | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.6.0 | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | packetfence-suid package is not copied properly, wrong arch in wrong repo | ||||
Description: |
The configurator from devel is not listing all the daemons when it's time to start PF. It also crash with error : Error! Unidentified error see server side logs for details. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1434 | [PacketFence] packaging | minor | always | 2012-04-27 16:22 | 2012-10-24 15:10 |
|
|||||
Reporter: | obilodeau | Platform: | Linux | ||
Assigned To: | fgaudreault | OS: | Debian | ||
Priority: | normal | OS Version: | 6 | ||
Status: | resolved | Product Version: | 3.3.2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.6.0 | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | debian packages don't build the translations .mo files | ||||
Description: |
On your first install it's ok because installer.pl does it for you. On your upgrades, as a work-around, you can re-run the installer to regenerate them or do: /usr/bin/msgfmt conf/locale/<lang>/LC_MESSAGES/packetfence.po mv packetfence.mo conf/locale/<lang>/LC_MESSAGES/ for the locale you use |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1555 | [PacketFence] web admin | minor | always | 2012-09-19 15:33 | 2012-10-24 12:24 |
|
|||||
Reporter: | mada | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | confirmed | Product Version: | 3.5.1 | ||
Product Build: | Resolution: | reopened | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | 3.6.1 | ||||
fixed in git revision: | 0fa41aae771a1e655f92515ed641c2ccc76f5a0a | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Violations that have been deleted are selectable from PF::Violation::Add or PF::Violation::Edit | ||||
Description: |
After deleting a few custom violations (and restarting the PacketFence server) the deleted violations are still selectable options in the PF::Violation::Add "Identifier" dropdown box and in the PF::Violation::Edit "Description" dropdown box. The custom violations no longer show up in the "Configuration -> Violations" menu. Ex: -From the webadmin, created violation with Identifier 7100001 and description "Test" -Restarted PacketFence services -Applied violation to node using PF::Violation::Add (Violation tab -> Add tab from webadmin) -Closed violation and deleted the record in the webadmin Violation tab -Deleted the violation from the "Configuration -> Violations" tab -Confirmed that neither conf/violations.conf nor the webadmin "Configuration -> Violations" tab showed the violation anymore -Restarted the PacketFence server (hard restart) From there, conf/violations.conf and the webadmin "Configuration -> Violations" tab continue to show that the custom violation no longer exists. However, by going to the "Violation -> View" tab, editing an existing violation and choosing the "Description" dropdown OR going to the "Violation -> Add" tab and choosing the "Identifier" dropdown the custom violation is still selectable. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
packetfence.log (136,305) 2012-09-20 11:40 https://www.packetfence.org/bugs/file_download.php?file_id=163&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
549 | [PacketFence] web admin | minor | always | 2009-01-23 16:20 | 2012-10-24 10:43 |
|
|||||
Reporter: | 94jaccha95107 | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | won't fix | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | lookup node should allow looking up incomplete MACs just like filter does | ||||
Description: |
when searching for 'a5:09' using the filter in the node -> view tab, I can see 1 node. when searching for 'a5:09' using the node -> lookup tab, I see nothing. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1373 | [PacketFence] core | major | random | 2012-01-31 14:43 | 2012-10-24 10:39 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.1.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Non-Alphanumeric chars will make Disconnect-Message Fail | ||||
Description: |
Seeing on a client server, the shared secret was containing the following chars: - @ $ It made the RADIUS dynauth unusable, PF was complaining about a bad secret, when it was working fine using radclient. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1423 | [PacketFence] inline | minor | random | 2012-04-16 11:24 | 2012-10-24 09:58 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | low | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Weird behavior with DNS and connection tracking in inline enforcement | ||||
Description: |
Sometimes DNS is still blackholed even if the mark on the inline node was removed. Looking at the firewall you see no reason why the DNS would be still handled that way but a pcap reveals that it actually still does. This happens for a couple of minutes and then DNS is NATed to the right destination properly again. We think it's an UDP connection tracking issue and that clients that don't change their source port for every DNS query are more affected than others as they are in the conntrack table. An old CentOS 5.2 client exhibited that behavior while most other OS tested properly changed its source port (OSX, Windows, Fedora, Android, iOS). We had problems with OSX once but weren't able to reproduce reliably. We are not really 100% sure it's related to connection tracking at this point since it worked fine on some lab servers but didn't on others and they are very similar (same OS but kernel version differs). Since our latest tests showed it working on all the above mentionned OS, we are giving this a low priority but giving us solid reproducible cases will increase bug's priority. It is too random for us right now to sanely track. What we think we'll do in the future is either disable or aggressively reduce the UDP tracking timers for DNS traffic (if that's even possible) or integrate with the conntrack-tools to kill any active conntrack session when a node is changed state. This requires an additional dependency (unpackaged in CentOS5 at this point) so it will need to be evaluated or bring enough value to warrant it. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1584 | [PacketFence] configuration | minor | always | 2012-10-22 16:46 | 2012-10-24 09:55 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fdurand | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | fc6e7265f5b1ed2fb7908920af20dc1f33d1d061 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Having an inline network if you define an inline interface should be enforced | ||||
Description: | When you define an inline interface in pf.conf, pfcmd checkup should make sure you have one inline subnet defined in networks.conf. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1318 | [PacketFence] upstream | minor | sometimes | 2011-10-21 13:25 | 2012-10-24 09:53 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | low | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | 802.1X Machine Authentication won't work with Samba 3.6 | ||||
Description: |
This is a tracking ticket for the upstream issue about Samba 3.6. Full details are here: https://lists.samba.org/archive/samba/2011-September/163991.html [^] |
||||
Steps To Reproduce: | |||||
Additional Information: |
You will have this output in radiusd -X : [mschapv2] +- entering group MS-CHAP {...} [mschap] Creating challenge hash with username: host/cadm-spare5.csdesiles.qc.ca [mschap] Told to do MS-CHAPv2 for host/cadm-spare5.csdesiles.qc.ca with NT-Password [mschap] expand: --username=%{mschap:User-Name} -> --username=cadm-spare5$ [mschap] mschap2: c8 [mschap] Creating challenge hash with username: host/cadm-spare5.csdesiles.qc.ca [mschap] expand: --challenge=%{mschap:Challenge:-00} -> --challenge=6cf0087e16755e14 [mschap] expand: --nt-response=%{mschap:NT-Response:-00} -> --nt-response=cbbd1ed99417f0399e7e3d7bd07212e5314170a8f86fe631 Exec-Program output: No logon workstation trust account (0xc0000199) Exec-Program-Wait: plaintext: No logon workstation trust account (0xc0000199) Exec-Program: returned: 1 [mschap] External script failed. [mschap] FAILED: MS-CHAP2-Response is incorrect |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1574 | [PacketFence] configuration | block | always | 2012-10-22 10:00 | 2012-10-24 09:37 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | dwuelfrath | OS: | |||
Priority: | immediate | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | minor fix | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | c7505cd27ad5d81eed8dc227dc0d274b45aa1f2a | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Configurator should report success or failure of the MySQL start | ||||
Description: | We should be able to see if MySQL has been properly started or not on the configurator. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1578 | [PacketFence] configuration | block | always | 2012-10-22 12:37 | 2012-10-23 14:47 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | dwuelfrath | OS: | |||
Priority: | immediate | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | 51afba3057e3b01c55f33f16f915249e74410ed3 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Configurator appears to create the pf.conf with wrong privileges | ||||
Description: |
Using the configurator, the permissions for pf.conf are not right. -rw------- 1 root root 310 Oct 22 12:03 pf.conf It breaks a lot of stuff. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1334 | [PacketFence] configuration | minor | always | 2011-11-15 08:40 | 2012-10-23 14:38 |
|
|||||
Reporter: | qzx | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.0.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Routed mode DNS entry duplication in iptables | ||||
Description: | During launch packetfence generates the iptables rules before sending them to iptables. During this generation it goes through all the routed networks managed by packetfence. In my case I have 300 routed networks, all of them need to be defined with DNS so that clients also get the address via DHCP. For all my networks the name servers are the same; however packetfence generates 300(*2) lines in iptables to allow domain lookup from the internet. Instead of only allowing each permitted nameserver once. | ||||
Steps To Reproduce: | |||||
Additional Information: | I had this sorted alright in the beta before upgrading to 3.0.1 release, but it was a very sloppy hack to verify the DNS ips for each network and omitting the line if it matched. | ||||
Attached Files: |
iptables.conf (131,248) 2011-11-16 07:42 https://www.packetfence.org/bugs/file_download.php?file_id=122&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1580 | [PacketFence] core | major | always | 2012-10-22 13:13 | 2012-10-23 13:52 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.6.0 | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | 99922982bed054b648105eb2b91ad370065fd00e | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | RADIUS Inline and Logging | ||||
Description: |
When using the RADIUS inline feature, the logs says it returned the normalVlan instead of the Inline VLAN. However, I get the Inline VLAN. Example: Oct 22 13:11:25 pf::WebAPI(4602) INFO: handling radius autz request: from switch_ip => 10.0.0.24, connection_type => Wireless-802.11-EAP mac => 00:1b:b1:8b:82:13, port => 1, username => test (pf::radius::authorize) Oct 22 13:11:26 pf::WebAPI(4602) INFO: MAC: 00:1b:b1:8b:82:13, PID: bleh, Status: reg. Returned VLAN: 10 (pf::vlan::fetchVlanForNode) Oct 22 13:11:26 pf::WebAPI(4602) INFO: Inline trigger match, the node is in inline mode, returning Access-Accept (pf::radius::authorize) Oct 22 13:11:26 pf::WebAPI(4602) WARN: Role-based Network Access Control is not supported on network device type pf::SNMP::Ruckus. (pf::SNMP::supportsRoleBasedEnforcement) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1583 | [PacketFence] core | major | always | 2012-10-22 16:02 | 2012-10-23 09:13 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | no change required | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Passthrough no longer working | ||||
Description: | I believe this have been caused by the mod_perl rework. The passthroughs URLs are no longer working. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1566 | [PacketFence] packaging | tweak | N/A | 2012-10-02 11:34 | 2012-10-23 08:55 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fdurand | OS: | |||
Priority: | low | OS Version: | |||
Status: | resolved | Product Version: | 3.5.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | 3.6.0 | ||||
fixed in git revision: | d7a5263358df56b455760577a7fda5660b0377fc | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Missing condrestart in the Debian init script | ||||
Description: |
Reported on the Mailing List: The /etc/logrotate.d/packetfence file installed by the Debian package calls /etc/init.d/packetfence with the 'condrestart' parameter, but that parameter doesn't exist in the version of the init script installed by the Debian package, which is different to the version in the root of the source tree which does contain that parameter as a valid option. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1581 | [PacketFence] core | block | always | 2012-10-22 13:17 | 2012-10-22 16:45 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fdurand | OS: | |||
Priority: | immediate | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | no change required | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Inline mode appears to be broken | ||||
Description: |
Tested using the RADIUS inline, my node is registered in PF, but I still get to the portal. In fact, the ipset sessions doesn't print. I am on CentOS 6.3 Oct 22 13:16:20 redir.cgi(0) INFO: re-evaluating access for node 00:1b:b1:8b:82:13 (redir.cgi called) (pf::enforcement::reevaluate_access) Oct 22 13:16:20 redir.cgi(0) INFO: Instantiate a new iptables modification method. pf::ipset (pf::inline::get_technique) Oct 22 13:16:23 pfsetvlan(24) INFO: local (127.0.0.1) trap for switch 127.0.0.1 (main::parseTrap) Oct 22 13:16:23 pfsetvlan(7) INFO: nb of items in queue: 1; nb of threads running: 0 (main::startTrapHandlers) Oct 22 13:16:23 pfsetvlan(7) INFO: firewallRequest trap received for inline client: 00:1b:b1:8b:82:13. Modifying firewall. (main::handleTrap) Oct 22 13:16:23 pfsetvlan(7) INFO: Instantiate a new iptables modification method. pf::ipset (pf::inline::get_technique) Oct 22 13:16:23 pfsetvlan(7) INFO: MAC: 00:1b:b1:8b:82:13 stated changed, adapting firewall rules for proper enforcement (pf::inline::performInlineEnforcement) Oct 22 13:16:23 pfsetvlan(7) INFO: finished (main::cleanupAfterThread) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1275 | [PacketFence] core | minor | always | 2011-09-22 11:15 | 2012-10-22 16:01 |
|
|||||
Reporter: | dwuelfrath | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.0.0 | ||
Product Build: | Resolution: | unable to reproduce | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | httpd fail to start using passthrough=proxy | ||||
Description: |
using passthrough=proxy in pf.conf without passthrough section will break httpd startup should add a check in checkup.pm |
||||
Steps To Reproduce: | |||||
Additional Information: |
Can't use string ("0") as a HASH ref while "strict refs" in use at /usr/local/pf/lib/pf/services/apache.pm line 302 (0000001) (F) Only hard references are allowed by "strict refs". Symbolic references are disallowed. See perlref. Uncaught exception from user code: Can't use string ("0") as a HASH ref while "strict refs" in use at /usr/local/pf/lib/pf/services/apache.pm line 302. |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1442 | [PacketFence] core | minor | sometimes | 2012-05-04 14:21 | 2012-10-22 15:41 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.3.2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.6.0 | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | 1644ef2ea94f4138b045c8c95051e440eba7da77 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Checkup of roles syntax is failing | ||||
Description: |
If the role or the category name contains a dash in it, the checkup will return a warning. We should see which chars are not included in the \w regexp parameter. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1415 | [PacketFence] core | minor | have not tried | 2012-04-05 11:28 | 2012-10-22 15:24 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.2.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.6.0 | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Potential issue when reloading violations | ||||
Description: |
It appears that when you reload the violations using pfcmd, the old violations are not deleted from the table, it only updates the actual violations that are in the violations.conf. To reproduce: nsert into class (vid,description) values ('31337','h@x0r'); insert into action values (31337,'email'); pfcmd reload violations select * from action where vid=31337; +-------+--------+ | vid | action | +-------+--------+ | 31337 | email | +-------+--------+ I did not try to reproduce it in lab yet. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1506 | [PacketFence] configuration | trivial | always | 2012-08-07 17:53 | 2012-10-22 13:04 |
|
|||||
Reporter: | Ondaje | Platform: | |||
Assigned To: | fdurand | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.5.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.6.0 | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | 5083b422602f08e103dcb152db1d5f845525a5f5 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Packetfence's configurator port should be configurable (and changed from 3000 to 1444) | ||||
Description: |
After installing PacketFence onto a debian box that already had Ntop installed, I am unable to access the PacketFence web configurator, hence unable to use PacketFence. Ntop uses port 3000 just like Catalyst's development server default port. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1576 | [PacketFence] radius | block | always | 2012-10-22 11:46 | 2012-10-22 12:01 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | OS: | ||||
Priority: | immediate | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.6.0 | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | radutmp should be disabled | ||||
Description: |
we don't need that, we should disable the radutmp module in the accounting section. Error: rlm_radutmp: Error accessing file /usr/local/pf/logs/radutmp: No such file or directory |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1575 | [PacketFence] error-handling | block | always | 2012-10-22 11:19 | 2012-10-22 11:40 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | OS: | ||||
Priority: | immediate | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.6.0 | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Insecure dependency on service restart | ||||
Description: |
When restarting service with pfcmd, we receive this error: Insecure dependency in sprintf while running with -T switch at /usr/local/pf/lib/pf/services.pm line 170. We need to fix this for 3.6.0, this is an annoying error message. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1561 | [PacketFence] configuration | minor | always | 2012-09-29 15:56 | 2012-10-19 16:05 |
|
|||||
Reporter: | candlerb | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.5.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.6.0 | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | PFCMD networkconfig delete "Insecure dependency" error | ||||
Description: |
When deleting a network through the GUI: --- Error: Problems executing 'PFCMD networkconfig delete 10.1.254.0' Insecure dependency in sysopen while running setgid at /usr/share/perl5/File/Temp.pm line 513. --- This is pf 3.5.1 under CentOS 6.3 |
||||
Steps To Reproduce: | |||||
Additional Information: |
WORKAROUND: Go to a root shell and execute the command there. cd /usr/local/pf bin/pfcmd networkconfig delete 10.1.254.0 |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1553 | [PacketFence] doc | minor | have not tried | 2012-09-18 15:28 | 2012-10-19 15:51 |
|
|||||
Reporter: | dwuelfrath | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | low | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.6.0 | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Documentation presentation in PacketFence Administration Guide | ||||
Description: |
Looks like the rendering of the documentation messed up the presentation of this one. |
||||
Steps To Reproduce: | |||||
Additional Information: | http://www.packetfence.org/downloads/PacketFence/doc/PacketFence_Administration_Guide-3.5.1.pdf [^] page 42. | ||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1450 | [PacketFence] upstream | minor | have not tried | 2012-05-11 08:43 | 2012-10-19 15:51 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | low | OS Version: | |||
Status: | resolved | Product Version: | 3.3.2 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.6.0 | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Avaya software 6.2.4 potential regressions | ||||
Description: |
This ticket is to track a potential regression issue with Avaya 5520/5510s using the 6.2.4 software and port-security If the switch is stacked, it looks like the switch is sending the security trap using the wrong ifIndex. We did not reproduce this in our lab so far (we do not have a 5510/5520). If someone has more info about this or would like to test, please feed this ticket :) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
703 | [PacketFence] core | feature | have not tried | 2009-06-03 09:16 | 2012-10-19 15:16 |
|
|||||
Reporter: | 94jaccha95107 | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | no change required | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | ifDesc instead of ifIndex | ||||
Description: | allow the usage / display of ifDesc in addition to ifIndex | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1120 | [PacketFence] core | feature | N/A | 2010-11-17 14:26 | 2012-10-19 15:15 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | no change required | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | node import support for more input fields | ||||
Description: |
the ability to assign the following fields when importing nodes would be important: - categories - pid - notes |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1171 | [PacketFence] captive portal | feature | N/A | 2011-02-02 16:49 | 2012-10-19 15:15 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | authentication::radius should support "encrypted" RADIUS authentication | ||||
Description: |
Right now our authentication::radius module seems to be doing only plaintext password checking. RADIUS supports other means which are encrypted*. We rely on Authen::Radius for RADIUS Authentication but we would probably need to find a better client module that supports CHAP. Then again it might be something that is negotiated at the server side then we should try to make it work and document how to do it. It was requested on the mailing list. *: the means are considered insecure but it's better than to see cleartext passwords in freeradius' debug output |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
919 | [PacketFence] core | feature | N/A | 2010-02-25 11:08 | 2012-10-19 15:15 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | include connection_type in relevant reports | ||||
Description: | some reports would benefit of the new connection_type field, I should look at incorporate it | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
587 | [PacketFence] core | feature | always | 2009-02-12 07:13 | 2012-10-19 15:15 |
|
|||||
Reporter: | maikel | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | vlan_named and interface types registration and isolation | ||||
Description: |
If pf generates the named.conf files, it parses the templates. It would be nicer if the template doesn't need to be altered, eg, that it also gets the correct ip out of pf.conf. But due to the removal of type=registration in the interface stub, it cannot be parsed in an efficient way in services.pm |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
799 | [PacketFence] configuration | minor | N/A | 2009-09-14 16:57 | 2012-10-19 15:15 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | low | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | won't fix | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Expose visitor cleanup as a pfcmd command instead of asking users to run SQL straight to the db | ||||
Description: |
For consistency, we should always expose our software's capability through our pfcmd and web interfaces. Raw SQL on the db is not the way to go. Unfortunately, right now, to de-register all visitors at night, one must do something like: mysql -u $DB_USER -p$DB_PWD $DB_NAME -e "update node set status='unreg' where pid='visitor';" We should have something in pfcmd to do that. (Maybe we already have?) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1458 | [PacketFence] configuration | feature | N/A | 2012-06-04 12:35 | 2012-10-19 15:14 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | no change required | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | networks.conf: add a type none or skip | ||||
Description: | This would allow users to have networks.conf with all their network in it and don't have inconsistent dhcp / dns configuration because they section is incomplete. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1436 | [PacketFence] performance | minor | random | 2012-04-30 11:58 | 2012-10-19 15:14 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | won't fix | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Web Admin's status and node pages are slower since upgrade from 1.9.0 | ||||
Description: |
Not sure why. need to profile. Reported by customer. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1279 | [PacketFence] core | minor | unable to reproduce | 2011-09-23 13:40 | 2012-10-19 15:14 |
|
|||||
Reporter: | dwuelfrath | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.0.0 | ||
Product Build: | Resolution: | unable to reproduce | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | iptables.bak unable to restore on shutdown due to 1 service still running | ||||
Description: | pfdhcplistener seems to hang on shutdown and the services doesn't stop. | ||||
Steps To Reproduce: | |||||
Additional Information: |
Sep 23 13:34:43 pfcmd(18458) INFO: pidof -x pfdhcplistener returned 16415 (pf::services::service_ctl) Sep 23 13:34:43 pfcmd(18458) INFO: /usr/local/pf/sbin/pfmon status (pf::services::service_ctl) Sep 23 13:34:43 pfcmd(18458) INFO: pidof -x pfmon returned 0 (pf::services::service_ctl) Sep 23 13:34:43 pfcmd(18458) ERROR: Even though 'service pf stop' was called, there are still 1 services running. Can't restore iptables from var/iptables.bak (main::service) |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1367 | [PacketFence] captive portal | minor | random | 2012-01-18 15:20 | 2012-10-19 15:13 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | low | OS Version: | |||
Status: | resolved | Product Version: | 3.1.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Javascript error using IE 8 | ||||
Description: |
When hitting the portal using IE 8, we see a javascript error. The portal still works tho : Message: Object expected Line: 22 Char: 1 Code: 0 |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1332 | [PacketFence] web admin | feature | always | 2011-11-09 12:54 | 2012-10-19 15:12 |
|
|||||
Reporter: | packetfence4me | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.0.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | devel | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Request to Edit node details under unregistered report | ||||
Description: | I would be beneficial to our organization to have the ability to edit the node details from within the status/unregistered report. This way when a report is run and when a device that is found needs to be registered, it can be done from that report view. | ||||
Steps To Reproduce: | |||||
Additional Information: |
I've enabled this through the modification of both the html/admin/status/reports.php file and the html/admin/common.php file. The reports.php I just enabled editable, I've attached the common.php which has more mods |
||||
Attached Files: |
common.php (55,066) 2011-11-09 12:54 https://www.packetfence.org/bugs/file_download.php?file_id=121&type=bug |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
988 | [PacketFence] configuration | feature | N/A | 2010-05-14 17:22 | 2012-10-19 15:07 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | obilodeau | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | won't fix | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | 1.9.3 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | modification to pf.conf to allow the conf/ directory to be automatically synced | ||||
Description: |
When we need high-availability we have to move files over a lot. All of them are identical except pf.conf because of the primary IP of the admin interface. Either get rid of this requirement or autodetect it. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1022 | [PacketFence] configuration | feature | N/A | 2010-07-01 11:45 | 2012-10-19 15:06 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | obilodeau | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | 1.9.3 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Improvements in configurator.pl | ||||
Description: |
tasks - templates should be splitted in modes and modes should be explained (copy of the text in install or admin guide) - dhcp mode should be covered by templates - vlan isolation templates improvements -- questions about routed mode vs spanned-vlans and configure accordingly -- handle dhcpd and named by default -- template with registration scanning |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1032 | [PacketFence] scanning | minor | always | 2010-07-13 18:07 | 2012-10-19 15:06 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Interface between nessus and packetfence needs improvement | ||||
Description: |
Right now, we run the CLI nessus client by hand and perform only file existence validation. Several cases were experimented that we could handle with some regexp and status checking. Maybe there's an API or another approach that is recommended. Or, being pragmatic here, maybe we should provide a CLI nessus scan test in addons/ that would exercise the right piece of code and send everything to STDOUT so people can troubleshoot by themselves. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
999 | [PacketFence] error-handling | minor | have not tried | 2010-05-31 12:43 | 2012-10-19 15:05 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | routed-mode: dhcpd doesn't start complaining about no listen interfaces | ||||
Description: |
I tried several different things and it's still not working so I am opening a bug so we can give a better error message when this condition is reached. In pf::util under get_dhcp_devs() when we are about to return an empty list, we should give some diagnostic about how to fix such a situation. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
915 | [PacketFence] refactoring | minor | N/A | 2010-02-18 14:01 | 2012-10-19 14:55 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | hardcoded 'reg' and 'unreg' node status should be refactored into constants | ||||
Description: | global constants in lib/pf/config.pm | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
997 | [PacketFence] captive portal | feature | N/A | 2010-05-27 20:19 | 2012-10-19 14:52 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Have an entity=.. config in pf.conf to represent the business / school / entity and use it in templates | ||||
Description: | This would simplify customization. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1005 | [PacketFence] captive portal | feature | N/A | 2010-06-07 17:58 | 2012-10-19 14:51 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | 802.1x and unauthenticated VLAN | ||||
Description: |
This auth combinaison is a way to handle guests without a full-blown NAC like PacketFence. If the client is unable to provide proper credentials, then a specific VLAN is used as a last mean to give access. It is not the same as Cisco's Guest-VLAN feature. The variant with MAB means that non-capable 802.1x go straight to MAB while 802.1x capable devices that fail to provide valid credential (or successful EAP exchanges) are put in the unauthenticated VLAN. With this in mind, you can clearly see that you can use the captive portal also to remediate misbehaving 802.1x clients (including guests from other 802.1x networks) into a proper config. So, if configured properly, a registered 802.1x user that is in isolation VLAN would need to be presented with 802.1x instructions (including offering a download of a client) and could be logged. Modifying the captive portal to support that is trivial but it might not be something that everyone wants so it needs to be considered appropriately. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1045 | [PacketFence] upgrade | feature | N/A | 2010-08-09 11:23 | 2012-10-19 14:48 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | extension points for pf::web and cgi-bin files | ||||
Description: |
These files changes a lot from install to install due to customization. And the RPM upgrade process wipes them clean. We should provide an extension point ability like we do for pf::vlan and pf::radius (in trunk). And our templates subsystem should be improved to better cope with change and future upgrades. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
947 | [PacketFence] packaging | minor | N/A | 2010-04-09 11:23 | 2012-10-19 14:38 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | dependency cleanup | ||||
Description: |
really strange things are pulled by a packetfence install: xorg-x11-filesystem noarch 7.1-2.fc6 base 5.4 k xorg-x11-font-utils i386 1:7.1-2 base 75 k xorg-x11-fonts-Type1 noarch 7.1-2.1.el5 base 1.5 M xorg-x11-xfs i386 1:1.0.2-4 base 68 k investigate and hopefully get rid of these |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1168 | [PacketFence] packaging | feature | N/A | 2011-02-01 09:43 | 2012-10-19 14:36 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | packetfence-doc package | ||||
Description: |
With the new docbook documentation coming up, building and packaging doc will become important. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
844 | [PacketFence] refactoring | minor | have not tried | 2009-11-10 17:23 | 2012-10-19 14:32 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | assigned | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | general | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Catalyst 2950 and 3500XL offer a ping function | ||||
Description: |
less code is less bugs we offer a ping function in catalyst 2950 and 3500xl modules. At time of this report, no one consumes it. We should get rid of it. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1178 | [PacketFence] core | minor | always | 2011-02-07 10:52 | 2012-10-19 14:27 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Voice over IP (VoIP) static port-security instead of dynamic for locationlog accuracy and security | ||||
Description: |
Right now, we aim to configure VoIP using dynamic port-security on the voice VLAN. This has a sad side-effect of having the phones not show up in the PacketFence system. Adding to the confusion there's the fact that if an IPT is put there alone some will do untagged traffic, generate a trap then show up in PF.. We should rework VoIP to always handle it with static port-security, have it show up in the secure table and making sure the locationlog is accurate. It will be more consistent across other vendors and will have an inventory benefit. Will also give us the opportunity to refactor this code (extract into methods, re-indent, simplify ifs, reduce nesting depth, etc.) making it easier to maintain in the future. Must be done in a major release cycle (trunk). keywords: IPT, IP Telephony |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1363 | [PacketFence] dhcp | minor | always | 2012-01-10 14:02 | 2012-10-19 14:17 |
|
|||||
Reporter: | dwuelfrath | Platform: | |||
Assigned To: | dwuelfrath | OS: | |||
Priority: | high | OS Version: | |||
Status: | assigned | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | investigate | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | DHCPd slow startup | ||||
Description: |
Seen in inline mode when there's huge lease files (a lot of devices). PacketFence can take up to 3 minutes to start due to the slow start up of dhcpd. |
||||
Steps To Reproduce: | |||||
Additional Information: |
On startup, after reading the dhcpd.conf file, dhcpd also reads the saved dhcpd.leases file http://www.qnx.com/developers/docs/6.3.2/neutrino/utilities/d/dhcpd.leases.html [^] https://lists.isc.org/pipermail/dhcp-users/2006-June/000857.html [^] https://lists.isc.org/pipermail/dhcp-users/2010-August/011887.html [^] |
||||
Attached Files: |
dhcp.spec (4,756) 2012-01-13 14:23 https://www.packetfence.org/bugs/file_download.php?file_id=128&type=bug dhcp-4.1.1-9.centos5.x86_64.rpm (1,003,432) 2012-01-17 09:38 https://www.packetfence.org/bugs/file_download.php?file_id=132&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1042 | [PacketFence] core | feature | N/A | 2010-07-28 13:03 | 2012-10-19 14:14 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 1.9.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | autoreg in a category | ||||
Description: |
The violation action autoreg would need to be augmented the ability to assign a category. One thing I could think of is to change the syntax to: autoreg(phone) so it would assign the phone category on autoregistration. I don't know how you feel about this suggestion though, maybe it's an opportunity to rethink autoregistration like we said many times. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1003 | [PacketFence] hardware modules | minor | have not tried | 2010-06-03 10:54 | 2012-10-19 14:11 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | no change required | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Is it better to do some 'write mem' with port-security | ||||
Description: | we should think about doing some 'write mem' regularly (every 15 min?) on each switch using port-security. This way we would avoid receiving gazillions of port-security traps when there is a major power outage and many switches reboot at the same time. | ||||
Steps To Reproduce: | |||||
Additional Information: |
- make sure that when we write mem, static port-security MAC addresses are saved in the config - how often should we do that ? every 15, 30 mins - add this feature to pfmon ? |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1396 | [PacketFence] configuration | minor | sometimes | 2012-03-09 12:37 | 2012-10-19 14:05 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.5.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | bond interfaces causes virtual-ip detection to fail | ||||
Description: |
I suspect that Net::Interface doesn't support them.. Maybe it's VLAN interfaces period because the issue was reported on a bond vlan interface (ex: bond0.10). I'll need to reproduce in the lab. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1372 | [PacketFence] dhcp | minor | have not tried | 2012-01-27 15:59 | 2012-10-19 14:03 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | low | OS Version: | |||
Status: | confirmed | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | general | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | unable to parse DHCP packet: Invalid DHCP Option 53 (Message Type) | ||||
Description: |
here's what's logged:Jan 27 14:41:39 pfdhcplistener(6609) WARN: Unable to parse DHCP packet: Invalid DHCP Option 53 (Message Type) received from 0000f0ab96ea00000000000000000000 at /usr/local/pf/lib/pf/util/dhcp.pm line 169. (main::__ANON__) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1467 | [PacketFence] upstream | minor | sometimes | 2012-06-14 10:58 | 2012-10-19 13:59 |
|
|||||
Reporter: | dwuelfrath | Platform: | |||
Assigned To: | dwuelfrath | OS: | |||
Priority: | normal | OS Version: | |||
Status: | assigned | Product Version: | 3.2.0 | ||
Product Build: | Resolution: | suspended | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | long-term | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | OpenVAS tasks starts after 10 minutes | ||||
Description: |
Hello, i use OpenVAS in combination with Packetfence. If Packetfence insert a new scan task into OpenVAS the task only starts after 10 minutes. First the task is "requested" for 10min, then the task "run" for 15sec. If i start an task manuell, it waits 10 min. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1495 | [PacketFence] hardware modules | minor | random | 2012-07-27 14:42 | 2012-10-19 13:54 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | dwuelfrath | OS: | |||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | 3.4.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | minor fix | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Printable MAC bug on SNMP GETs | ||||
Description: |
Yup! We've seen this bug again, but on SNMP GETs. Some hardware module use gettable in order to get the list of associated devices. On some occasions, the mac listed will be printable, and the gettable will list them as strings instead of HEX strings which will cause deauth issues. Impacted Modules so far: HP/Controller_MSM710.pm |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1438 | [PacketFence] core | minor | have not tried | 2012-05-01 10:15 | 2012-10-19 13:52 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | perl 5.12+ and/or modern distro and setuid script | ||||
Description: |
Apparently perl 5.12 dropped suidperl support (packaged as suid-perl) and distros are starting to be more picky about setuid stuff. We will need to implement a workaround. Here's what perlsec says: http://perldoc.perl.org/perlsec.html#Security-Bugs [^] Here are distro bugs for BackupPC which went through that process: https://bugzilla.redhat.com/show_bug.cgi?id=611009 [^] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581950 [^] |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1485 | [PacketFence] core | feature | N/A | 2012-07-10 15:55 | 2012-10-19 13:46 |
|
|||||
Reporter: | dwuelfrath | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | pf::web::guest / admin guest creation need some kind of separation | ||||
Description: |
It's seems like there's code "reutilization" but in a strange way... guest creation (preregistered) should be "admin stuff" and for the moment there's a strong link with portal methods |
||||
Steps To Reproduce: | |||||
Additional Information: |
new portal profiles uses a portalSession object which is not meant to be used on the admin side. Since some methods in the guests preregistration workflow are the same as the ones used for different captive portal pages generation, there's some kind of conflict There should also have a real distinction between these concepts (templates, cgi, generation methods) |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1554 | [PacketFence] hardware modules | feature | N/A | 2012-09-18 18:56 | 2012-10-19 13:44 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Add a getPhonesLLDPAtIfIndex for Cisco modules | ||||
Description: |
I think it is time now to put the effort to add LLDP support for the Cisco switches. This will allow us to support non-Cisco non-CDP phones on the Cisco switches. I have an appointment tomorrow with a client, and I will try the nortel sub against a Cisco 3750 to see what happens. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1004 | [PacketFence] upstream | major | always | 2010-06-07 16:36 | 2012-10-19 13:40 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | low | OS Version: | |||
Status: | acknowledged | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | investigate | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Mac OS X doesn't renew DHCP after a 802.1x re-auth requested from a switch | ||||
Description: |
Mac OS X's network stack doesn't renew DHCP after a 802.1x re-auth requested from a switch. Windows does, haven't tested linux. In wired 802.1x we use 802.1x re-auth request (from PAE MIB) when we change the VLAN of a device (isolation) so the fact that OSX doesn't do DHCP after that is pretty much a big road block for the captive portal to work.. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1019 | [PacketFence] performance | minor | have not tried | 2010-06-16 16:21 | 2012-10-19 13:37 |
|
|||||
Reporter: | ludovic | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | no change required | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Test RADIUS performance | ||||
Description: | The RADIUS performance part of PacketFence should likely be tested using RadPerf - http://networkradius.com/radperf.html [^] | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1179 | [PacketFence] packaging | minor | always | 2011-02-11 11:48 | 2012-10-19 13:35 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 2.0.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | pfdetect_remote should include perl-version in the dependancies | ||||
Description: |
pfdetect_remote requires perl-version to start : Starting pfdetect_remote: Can't locate version.pm in @INC (@INC contains: /usr/lib/perl5/site_perl/5.8.8/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.8 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.8 /usr/lib/perl5/vendor_perl /usr/lib/perl5/5.8.8/i386-linux-thread-multi /usr/lib/perl5/5.8.8 .) at /usr/lib/perl5/vendor_perl/5.8.8/SOAP/Packager.pm line 17. BEGIN failed--compilation aborted at /usr/lib/perl5/vendor_perl/5.8.8/SOAP/Packager.pm line 17. Compilation failed in require at /usr/lib/perl5/vendor_perl/5.8.8/SOAP/Lite.pm line 3425. BEGIN failed--compilation aborted at /usr/lib/perl5/vendor_perl/5.8.8/SOAP/Lite.pm line 3425. Compilation failed in require at /usr/local/pf/sbin/pfdetect_remote line 22. BEGIN failed--compilation aborted at /usr/local/pf/sbin/pfdetect_remote line 22. [FAILED] |
||||
Steps To Reproduce: | |||||
Additional Information: | Workaround is to manually install perl-version with yum | ||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1310 | [PacketFence] core | minor | always | 2011-10-15 02:10 | 2012-10-19 13:34 |
|
|||||
Reporter: | psnizek | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.0.1 | ||
Product Build: | Resolution: | no change required | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | adding a node before adding a person causes key constraint failed without proper error message in the UI | ||||
Description: |
it's correct that adding a node before a person should cause an error. However, the error should be displayed in the WebUI which is not the case. Instead, the WebUI displays 'Added Record' (without dispaying the mac address) which suggests everything's OK. In packetfence.log the below 'key constraint failed' is logged leaving the user guessing what might be wrong. Despite of what the pf pdf documentation might or might not mention I believe this could be handled much more user friendly. |
||||
Steps To Reproduce: | |||||
Additional Information: |
Oct 15 07:51:56 pfcmd(4340) WARN: database query failed with: Cannot add or update a child row: a foreign key constraint fails (`pf`.`node`, CONSTRAINT `0_57` FOREIGN KEY (`pid`) REFERENCES `person` (`pid`) ON DELETE CASCADE ON UPDATE CASCADE). (errno: 1452), will try again (pf::db::db_query_execute) |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1169 | [PacketFence] upstream | major | always | 2011-02-01 16:23 | 2012-10-19 13:01 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 2.0.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | devel | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Extricom not sending proper radius attributes on Mac Authentication | ||||
Description: |
Working on Extricom today, we noticed that the Called-Station-ID field is not populated with the Mac Authentication mechanism (Open SSID), so our module will fail to authorize MAC on the Open SSID : rad_recv: Access-Request packet from host 192.168.1.254 port 1027, id=92, length=70 User-Name = "aabbccddeeff" User-Password = "aabbccddeeff" Service-Type = Authenticate-Only NAS-Port = 0 NAS-IP-Address = 192.168.1.254 Another problem, the SSID is not sent through a RADIUS VSA, so we cannot do SSID-based VLAN assignments. Those problems have been reported to the manufacturer. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1200 | [PacketFence] doc | feature | N/A | 2011-03-20 16:35 | 2012-10-19 13:01 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | no change required | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | translate our documentation | ||||
Description: |
Once we will be all docbook, here are some tips I've found to manage translated docbook documentation: http://replay.waybackmachine.org/20090109142146/http://weblogs.goshaky.com/weblogs/lars/entry/translating_docbook_documents [^] poedit - http://www.poedit.net/ [^] (we could already use that for captive portal translations) xml2po - part of gnome-doc-utils (http://git.gnome.org/browse/gnome-doc-utils/tree/xml2po [^]) Close this issue once we have started with at least one translated docbook document and a documented process in a README (maybe). |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1276 | [PacketFence] packaging | minor | sometimes | 2011-09-22 14:01 | 2012-10-19 12:52 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.0.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.5.0 | ||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | packetfence-freeradius2 not updating the configs properly | ||||
Description: | On some occasions, when you do a yum update, the newer packetfence-freeradius2 module is not replacing the radius configs properly. This is causing the sql module not to load (accounting will fail), and eap.conf will be missing SoH configurations. | ||||
Steps To Reproduce: | |||||
Additional Information: |
This can be overcome by forcing a reinstall: yum reinstall packetfence-freeradius2 |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1307 | [PacketFence] captive portal | major | random | 2011-10-13 09:21 | 2012-10-19 12:35 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | 3.0.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | 3.5.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Redirection after registration is not working well | ||||
Description: |
As seen on site with a client lately, more browsers appears to have issues with the Javascript redirection after the registration : - IE8 - that one we already knew - IE9 - We are receiving a 403 after the redirection - Safari (Lion) - We are not redirected - BlackBerry Browser - We are not redirected As a work-around you can disable the broken javascript-based redirection by adding the following in conf/pf.conf: [captive_portal] network_detection=disabled |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1407 | [PacketFence] configuration | minor | have not tried | 2012-03-27 06:11 | 2012-10-19 12:13 |
|
|||||
Reporter: | ksolangi | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.1.0 | ||
Product Build: | Resolution: | won't fix | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Switches.conf ownership changes to root after update from GUI. | ||||
Description: |
Hi, Switches.conf ownership is changed to root:root from pf:pf everytime we make any changes / add new switch in PacketFence. I have seen few issues open related with that. Not sure if this is resolved in the later versions or is still to be looked. Regards, |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1473 | [PacketFence] performance | feature | have not tried | 2012-06-16 03:42 | 2012-10-19 11:51 |
|
|||||
Reporter: | _KaszpiR_ | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.3.2 | ||
Product Build: | Resolution: | won't fix | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Enable output buffering in PHP scripts | ||||
Description: |
I was surprised there is no output buffering in any of the scripts in the PacketFence (well, except some AJAX files). It could give some performance gains on the web pages, not to mention how well it helps handling sending headers to the client especially in late code execution. |
||||
Steps To Reproduce: | |||||
Additional Information: |
http://php.net/manual/en/book.outcontrol.php [^] In general adding ob_start() at the very beginning of the common.php should be sufficient. Could be expanded to support browsers that can handle compression etc. |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1532 | [PacketFence] inline | feature | have not tried | 2012-08-29 10:38 | 2012-10-19 11:31 |
|
|||||
Reporter: | dwuelfrath | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Generic inline module for wired/wireless hardware | ||||
Description: | Could be interesting to have such an hardware module to be able to use inline enforcement mode with RADIUS auth. | ||||
Steps To Reproduce: | |||||
Additional Information: |
Example: - Wireless equipment that doesn't support dynamic VLAN assignation - Client would like a setup with both vlan and inline enforcement (inline since some of the hardware is incompatible with vlan) - Client would like to create the same SSID on inline enforcement wireless equipment - Connection to the secure SSID on inline would auto-register the node (inline enforcement style with iptable) but will not proceed with vlan change or deauth... - +++ |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1329 | [PacketFence] upstream | major | random | 2011-11-07 16:04 | 2012-10-19 11:29 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | OS: | ||||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | 3.6.0 | ||||
fixed in git revision: | 927ea1da396e158bba00aca5645c5f86b3acd775 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Mac OS X 10.7+ and SSL captive portal | ||||
Description: |
Some users are reporting problems with SSL captive portal access with Lion 10.7.2. It appears to be a problem with OCSP (Online Certificate Status Protocol) and CRL (revocation list). In 10.7.2, there is a security patch for Captive Portal Hijacking, and it appears to cause issue. See: http://superuser.com/questions/349740/mac-os-x-lion-10-7-2-update-breaks-ssl [^] http://forums.macrumors.com/showthread.php?t=1251971 [^] |
||||
Steps To Reproduce: | |||||
Additional Information: |
Even by disabling the OCSP and CRL in keychain, users are reporting it is not fixing the problem. We will evaluate what we can do on our side (ie. Give access to OSCP servers while in registration) |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1404 | [PacketFence] web admin | minor | random | 2012-03-23 13:59 | 2012-10-19 11:23 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.1.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Guest portal doesn't show the form on IE8 | ||||
Description: | Maybe that's fixed in 3.2, but in 3.1, I cannot see the form for guest management using IE 8. See the screenshot below. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Screen Shot 2012-03-23 at 1.57.31 PM.png (339,718) 2012-03-23 13:59 https://www.packetfence.org/bugs/file_download.php?file_id=138&type=bug Screen Shot 2012-03-26 at 2.16.37 PM.png (234,007) 2012-03-26 14:20 https://www.packetfence.org/bugs/file_download.php?file_id=139&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1551 | [PacketFence] captive portal | feature | N/A | 2012-09-17 11:47 | 2012-10-19 11:20 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | low | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Add support for OAuth2 (Google/Facebook) to authenticate guest users | ||||
Description: | Extra flow for self-registration: allow Facebook/Google credentials to register guest devices. It appears to be popular for Hotspots. | ||||
Steps To Reproduce: | |||||
Additional Information: | I did some basic testing using Net::OAuth2. I need to integrate that in the portal flow, I used their Demo and Dancer for testing. | ||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1557 | [PacketFence] dhcp | minor | always | 2012-09-28 13:54 | 2012-10-19 11:10 |
|
|||||
Reporter: | candlerb | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.5.1 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Two instances of pfdhcplistener started | ||||
Description: |
[root@pf pf]# ps auxwww | grep pfdhcp root 12180 0.0 0.8 238956 33896 ? Ss Sep27 0:08 pfdhcplistener: listening on eth0 root 12198 0.0 0.8 238956 33896 ? Ss Sep27 0:08 pfdhcplistener: listening on eth0 root 17280 0.0 0.0 103244 836 pts/0 S+ 17:22 0:00 grep pfdhcp # grep "pfdhcp.*Start" logs/packetfence.log|tail Sep 27 07:24:47 pfcmd(12114) INFO: Starting pfdhcplistener with '/usr/local/pf/sbin/pfdhcplistener -i eth0 -d &' (pf::services::service_ctl) Sep 27 07:24:47 pfcmd(12114) INFO: Starting pfdhcplistener with '/usr/local/pf/sbin/pfdhcplistener -i eth0 -d &' (pf::services::service_ctl) However the web GUI shows only one process: pfdhcplistener Running Running (pid: 12180) Configuration: ---- 8< ---- [interface eth0] ip=192.0.2.14 type=internal,management mask=255.255.255.224 enforcement=vlan [database] pass=XXXXXX [general] dhcpservers=10.1.7.10,192.0.2.14,192.0.2.15 domain=example.com hostname=pf dnsservers=192.0.2.10,192.0.2.24,192.0.2.80 timezone=Africa/Accra [alerting] emailaddr=postmaster@example.com [interface eth1] ip=0.0.0.0 mask=255.255.255.255 type=monitor enforcement= [guests_self_registration] modes=sponsor [registration] auth=radius guests_self_registration=disabled [trapping] range=192.0.0.0/16,10.0.0.0/8 registration=enabled detection=enabled ------------ (IPs sanitised to 192.0.2, domain sanitised to example.com) Note: you can see eth0 has 'internal,management'. If I change this to 'management' only, then on attempting to start the daemons I get: Checking configuration sanity... FATAL - internal network(s) not defined! |
||||
Steps To Reproduce: | |||||
Additional Information: |
It appears that: @listen_ints gets interfaces with type=internal @dhcplistener_ints gets interfaces with type=management and these are combined: my @devices = @listen_ints; push @devices, @dhcplistener_ints; Hence two instances of the daemon are started, because the same interface is marked as both internal and management |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1565 | [PacketFence] dhcp | minor | always | 2012-09-29 16:59 | 2012-10-19 11:03 |
|
|||||
Reporter: | candlerb | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.5.1 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | dhcpd does not start if all isolation/registration networks are remote | ||||
Description: |
Suppose you have a registration interface configured: [interface eth1.255] enforcement=vlan ip=192.168.255.1 type=internal mask=255.255.255.0 Similarly, isolation interface eth1.254, 192.168.254.1 However the actual networks you want to enforce are remote. So in conf/networks.conf do you not have any entries [192.168.255.0] or [192.168.254.0]. Instead you have, say, [192.168.2.0] dns=192.168.2.1 dhcp_start=192.168.2.10 gateway=192.168.2.1 named=enabled dhcp_max_lease_time=30 dhcpd=enabled type=vlan-registration netmask=255.255.255.0 dhcp_end=192.168.2.246 dhcp_default_lease_time=30 domain-name=vlan-registration.localdomain ... similar for remote isolation VLAN. Under this circumstance, dhcpd does not start. You get the following error: ---- No subnet declaration for eth1.255 (192.168.255.1). ** Ignoring requests on eth1.255. If this is not what you want, please write a subnet declaration in your dhcpd.conf file for the network segment to which interface eth1.255 is attached. ** No subnet declaration for eth1.254 (192.168.254.1). ** Ignoring requests on eth1.254. If this is not what you want, please write a subnet declaration in your dhcpd.conf file for the network segment to which interface eth1.254 is attached. ** Not configured to listen on any interfaces! ---- The problem is simple to fix. You need to add empty subnet declarations for the connected interfaces where you wish to listen for remote DHCP requests, but not actually serve DHCP for the local network. It would be good if PF did this automatically in the generated %%networks%% |
||||
Steps To Reproduce: | |||||
Additional Information: |
WORKAROUND: manually add the empty interface subnets into conf/dhcpd.conf # dhcpd configuration # This file is manipulated on PacketFence's startup before being given to dhcpd authoritative; ddns-update-style none; ignore client-updates; ### ENABLE DHCP ON INTERFACES ### subnet 192.168.255.0 netmask 255.255.255.0 { } subnet 192.168.254.0 netmask 255.255.255.0 { } ### END ### %%networks%% |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1569 | [PacketFence] security | major | always | 2012-10-15 10:52 | 2012-10-19 10:58 |
|
|||||
Reporter: | fdurand | Platform: | Linux | ||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.5.1 | ||
Product Build: | Resolution: | no change required | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Htaccess problem with password superior to 8 caracters | ||||
Description: |
With htaccess authentication, packetfence just check the first 8 caracters. |
||||
Steps To Reproduce: |
Add a user in users.conf with a password more than 8 caracters and try to logging with only the first 8 caracters. It will match. |
||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
966 | [PacketFence] | minor | have not tried | 2010-04-22 11:28 | 2012-10-19 10:18 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | since routed vlan mode | Resolution: | fixed | ||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | node expiration with expire.node=... won't work in routed VLAN | ||||
Description: |
expire.node triggers node_cleanup from pfmon several problems: - uses node_delete which doesn't delete in vlan-isolation if there's an open locationlog entry (and we know there are tons of that) - the expiration is calculated on last_arp field in the node table, last_arp won't be triggered in routed environment Hints for solution: - Add a last_activity field to the node table that is updated based on different mechanism (ie: arp, dhcp, mac activity, on connection with radius stuff, captive portal, etc.) - we should auto-close locationlog entries after 1 day when they are of type except snmp-traps and MAB because the client need to periodically re-auth anyway (configurable) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1493 | [PacketFence] error-handling | minor | always | 2012-07-22 04:25 | 2012-10-19 10:18 |
|
|||||
Reporter: | Moshe_Levi | Platform: | |||
Assigned To: | OS: | ||||
Priority: | low | OS Version: | |||
Status: | resolved | Product Version: | 3.4.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | f451796f7b61f01e150e4c3c68acd389efb41d37 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | pfcmd_vlan return code always success even on error | ||||
Description: |
I using pfcmd_vlan to do deauthenticateDot1x command. even the mac is not exist in the AP the exit code of pfcmd_vlan is 0. It is because the is no check in the $switch->deauthenticateMac($mac, 1); ( line 506. I think you should add the correct exit code to all pfcmd_vlan commands |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
pfcmd_vlan.patch (1,760) 2012-08-07 03:37 https://www.packetfence.org/bugs/file_download.php?file_id=150&type=bug pfcmd_vlan-deauth-exit-code-fix-1493-v2.patch (10,110) 2012-08-08 10:56 https://www.packetfence.org/bugs/file_download.php?file_id=152&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1433 | [PacketFence] i18n | minor | always | 2012-04-26 13:30 | 2012-10-19 10:17 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | 950410141967c029b79416a590b5ec0b85421fc8 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | get rid of our domain in packetfence's gettext (PO) files | ||||
Description: |
transifex doesn't deal with the gettext "domain" feature and I remember reading that it has been disapprovedby upstream gettext project (I have no links unfortunately). Otherwise we need to remove the following lines: domain "packetfence" #, fuzzy Before each source push or translation pulls. To fix: - remove domain and fuzzy from all locale files - make sure that the captive portal doesn't rely on the domain of the string anymore - re-test the captive portal |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1465 | [PacketFence] i18n | minor | random | 2012-06-12 15:38 | 2012-10-19 10:17 |
|
|||||
Reporter: | obilodeau | Platform: | Linux | ||
Assigned To: | OS: | Debian | |||
Priority: | high | OS Version: | 6 | ||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | f22ccf109918a287f74c4fab69ca3275858a46df | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | captive portal show odd strings | ||||
Description: |
The portal will show stuff like 'register: all systems must be registered' instead of 'As we may need to contact users regarding individual systems, all systems on this network must be registered.'. It's the i18n (gettext) stuff that doesn't seem to be properly initialized on first run. On the liveusb system reproducing is as easy as rebooting the OS. Work-around: restart packetfence at least once after each reboot with: /etc/init.d/packetfence restart |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
System Description | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1508 | [PacketFence] configuration | trivial | have not tried | 2012-08-08 13:11 | 2012-10-19 10:16 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | francis | OS: | |||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | 3.5.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | get rid of catalyst' default page | ||||
Description: |
Load http://pf:3000/ [^] and see Catalyst's default landing page. We should get rid of that. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1545 | [PacketFence] dhcp | minor | have not tried | 2012-09-11 10:18 | 2012-10-19 10:15 |
|
|||||
Reporter: | obilodeau | Platform: | Linux | ||
Assigned To: | OS: | Debian | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.5.1 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | 4e7e8a8123 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | pfdhcplistener management regressions | ||||
Description: |
As reported on the mailing list:I've just carried out a new installation of PacketFence 3.5.1 on Debian and everything seems to be working properly, apart from pfdhcplistener. It isn't being started by the PacketFence init script, apparently because it's already running: $ sudo /usr/local/pf/bin/pfcmd service pfdhcplistener status service|shouldBeStarted|pid pfdhcplistener|1|1954 1956 1958 $ $ sudo /usr/local/pf/bin/pfcmd service pfdhcplistener start Checking configuration sanity... service|command config files|start iptables|start pfdhcplistener|already running $ $ sudo /usr/local/pf/bin/pfcmd service pfdhcplistener stop service|command pfdhcplistener|stop $ $ sudo /usr/local/pf/bin/pfcmd service pfdhcplistener status service|shouldBeStarted|pid pfdhcplistener|1|2067 2069 2071 $ The packetfence.log file contains the following for the period during which the above command were run: Sep 07 15:25:16 pfcmd(1953) INFO: Executing pfcmd service pfdhcplistener status (main::service) Sep 07 15:25:16 pfcmd(1953) INFO: /usr/local/pf/sbin/pfdhcplistener status (pf::services::service_ctl) Sep 07 15:25:16 pfcmd(1953) INFO: pfdhcplistener pids eth0.3299 => 1954, eth0.3199 => 1956, eth0 => 1958 (pf::services::service_ctl) Sep 07 15:25:20 pfcmd(1961) INFO: Executing pfcmd service pfdhcplistener start (main::service) Sep 07 15:25:22 pfcmd(1961) INFO: /usr/sbin/named status (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: pidof -x named returned 0 (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: /usr/sbin/dhcpd status (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: pidof -x dhcpd returned 0 (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: /usr/sbin/snort status (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: pidof -x snort returned 0 (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: /usr/bin/suricata status (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: pidof -x suricata returned 0 (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: /usr/sbin/freeradius status (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: pidof -x freeradius returned 1642 (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: /usr/sbin/apache2 status (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: pidof -x apache2 returned 1703 1702 1701 1700 1699 1686 (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: /usr/sbin/snmptrapd status (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: pidof -x snmptrapd returned 1688 (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: /usr/local/pf/sbin/pfdetect status (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: pidof -x pfdetect returned 0 (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: /usr/local/pf/sbin/pfredirect status (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: pidof -x pfredirect returned 0 (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: /usr/local/pf/sbin/pfsetvlan status (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: pidof -x pfsetvlan returned 1696 (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: /usr/local/pf/sbin/pfdhcplistener status (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: pfdhcplistener pids eth0.3299 => 1975, eth0.3199 => 1977, eth0 => 1979 (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: /usr/local/pf/sbin/pfmon status (pf::services::service_ctl) Sep 07 15:25:22 pfcmd(1961) INFO: pidof -x pfmon returned 1695 (pf::services::service_ctl) Sep 07 15:25:23 pfcmd(1961) INFO: restoring iptables from /usr/local/pf/var/conf/iptables.conf (pf::iptables::iptables_restore) Sep 07 15:26:05 pfcmd(1986) INFO: Executing pfcmd service pfdhcplistener stop (main::service) Sep 07 15:26:05 pfcmd(1986) INFO: /usr/local/pf/sbin/pfdhcplistener stop (pf::services::service_ctl) Sep 07 15:26:05 pfcmd(1986) INFO: Stopping pfdhcplistener with '/usr/bin/pkill pfdhcplistener' (pf::services::service_ctl) Sep 07 15:26:05 pfcmd(1986) INFO: /usr/local/pf/sbin/pfdhcplistener status (pf::services::service_ctl) Sep 07 15:26:05 pfcmd(1986) INFO: pfdhcplistener pids eth0.3299 => 1988, eth0.3199 => 1990, eth0 => 1992 (pf::services::service_ctl) Sep 07 15:26:05 pfcmd(1986) INFO: Waiting for pfdhcplistener to stop (pf::services::service_ctl) Sep 07 15:26:07 pfcmd(1986) INFO: /usr/local/pf/sbin/pfdhcplistener status (pf::services::service_ctl) Sep 07 15:26:08 pfcmd(1986) INFO: pfdhcplistener pids eth0.3299 => 1994, eth0.3199 => 1996, eth0 => 1998 (pf::services::service_ctl) Sep 07 15:26:08 pfcmd(1986) INFO: Waiting for pfdhcplistener to stop (pf::services::service_ctl) Sep 07 15:26:10 pfcmd(1986) INFO: /usr/local/pf/sbin/pfdhcplistener status (pf::services::service_ctl) Sep 07 15:26:10 pfcmd(1986) INFO: pfdhcplistener pids eth0.3299 => 2000, eth0.3199 => 2002, eth0 => 2004 (pf::services::service_ctl) Sep 07 15:26:10 pfcmd(1986) INFO: Waiting for pfdhcplistener to stop (pf::services::service_ctl) Sep 07 15:26:12 pfcmd(1986) INFO: /usr/local/pf/sbin/pfdhcplistener status (pf::services::service_ctl) Sep 07 15:26:12 pfcmd(1986) INFO: pfdhcplistener pids eth0.3299 => 2006, eth0.3199 => 2008, eth0 => 2010 (pf::services::service_ctl) Sep 07 15:26:12 pfcmd(1986) INFO: Waiting for pfdhcplistener to stop (pf::services::service_ctl) Sep 07 15:26:14 pfcmd(1986) INFO: /usr/local/pf/sbin/pfdhcplistener status (pf::services::service_ctl) Sep 07 15:26:14 pfcmd(1986) INFO: pfdhcplistener pids eth0.3299 => 2012, eth0.3199 => 2014, eth0 => 2016 (pf::services::service_ctl) Sep 07 15:26:14 pfcmd(1986) INFO: Waiting for pfdhcplistener to stop (pf::services::service_ctl) Sep 07 15:26:16 pfcmd(1986) INFO: /usr/local/pf/sbin/pfdhcplistener status (pf::services::service_ctl) Sep 07 15:26:16 pfcmd(1986) INFO: pfdhcplistener pids eth0.3299 => 2018, eth0.3199 => 2020, eth0 => 2022 (pf::services::service_ctl) Sep 07 15:26:16 pfcmd(1986) INFO: Waiting for pfdhcplistener to stop (pf::services::service_ctl) Sep 07 15:26:18 pfcmd(1986) INFO: /usr/local/pf/sbin/pfdhcplistener status (pf::services::service_ctl) Sep 07 15:26:18 pfcmd(1986) INFO: pfdhcplistener pids eth0.3299 => 2024, eth0.3199 => 2026, eth0 => 2028 (pf::services::service_ctl) Sep 07 15:26:18 pfcmd(1986) INFO: Waiting for pfdhcplistener to stop (pf::services::service_ctl) Sep 07 15:26:20 pfcmd(1986) INFO: /usr/local/pf/sbin/pfdhcplistener status (pf::services::service_ctl) Sep 07 15:26:20 pfcmd(1986) INFO: pfdhcplistener pids eth0.3299 => 2030, eth0.3199 => 2032, eth0 => 2034 (pf::services::service_ctl) Sep 07 15:26:20 pfcmd(1986) INFO: Waiting for pfdhcplistener to stop (pf::services::service_ctl) Sep 07 15:26:22 pfcmd(1986) INFO: /usr/local/pf/sbin/pfdhcplistener status (pf::services::service_ctl) Sep 07 15:26:22 pfcmd(1986) INFO: pfdhcplistener pids eth0.3299 => 2036, eth0.3199 => 2038, eth0 => 2040 (pf::services::service_ctl) Sep 07 15:26:22 pfcmd(1986) INFO: Waiting for pfdhcplistener to stop (pf::services::service_ctl) Sep 07 15:26:24 pfcmd(1986) INFO: /usr/local/pf/sbin/pfdhcplistener status (pf::services::service_ctl) Sep 07 15:26:24 pfcmd(1986) INFO: pfdhcplistener pids eth0.3299 => 2042, eth0.3199 => 2044, eth0 => 2046 (pf::services::service_ctl) Sep 07 15:26:24 pfcmd(1986) INFO: Waiting for pfdhcplistener to stop (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: /usr/sbin/named status (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: pidof -x named returned 0 (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: /usr/sbin/dhcpd status (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: pidof -x dhcpd returned 0 (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: /usr/sbin/snort status (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: pidof -x snort returned 0 (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: /usr/bin/suricata status (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: pidof -x suricata returned 0 (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: /usr/sbin/freeradius status (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: pidof -x freeradius returned 1642 (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: /usr/sbin/apache2 status (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: pidof -x apache2 returned 1703 1702 1701 1700 1699 1686 (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: /usr/sbin/snmptrapd status (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: pidof -x snmptrapd returned 1688 (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: /usr/local/pf/sbin/pfdetect status (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: pidof -x pfdetect returned 0 (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: /usr/local/pf/sbin/pfredirect status (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: pidof -x pfredirect returned 0 (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: /usr/local/pf/sbin/pfsetvlan status (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: pidof -x pfsetvlan returned 1696 (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: /usr/local/pf/sbin/pfdhcplistener status (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: pfdhcplistener pids eth0.3299 => 2058, eth0.3199 => 2060, eth0 => 2062 (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: /usr/local/pf/sbin/pfmon status (pf::services::service_ctl) Sep 07 15:26:26 pfcmd(1986) INFO: pidof -x pfmon returned 1695 (pf::services::service_ctl) Sep 07 15:26:33 pfcmd(2066) INFO: Executing pfcmd service pfdhcplistener status (main::service) Sep 07 15:26:33 pfcmd(2066) INFO: /usr/local/pf/sbin/pfdhcplistener status (pf::services::service_ctl) Sep 07 15:26:33 pfcmd(2066) INFO: pfdhcplistener pids eth0.3299 => 2067, eth0.3199 => 2069, eth0 => 2071 (pf::services::service_ctl) The PIDs for pfdhcplistener seem to increase each time the status command is executed, but there's no evidence of the processes actually being started. If I execute pfdhcplistener manually, it starts normally and I get DHCP fingerprint information in the log. Another server running PacketFence 3.5.0 and an almost identical configuration does not exhibit this problem. Hoping somebody else can reproduce this problem or suggest a fix. Regards, |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
pfdhcplistener-process-mgmt-3.5.1-regression.patch (1,179) 2012-09-11 14:43 https://www.packetfence.org/bugs/file_download.php?file_id=162&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1424 | [PacketFence] inline | major | random | 2012-04-16 12:31 | 2012-10-19 10:14 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.6.0 | ||
Target Version: | 3.6.0 | ||||
fixed in git revision: | 3e4cf73908019527f60785aa1ac2cba7d260bd86 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | obtaining a node's current mark fails from non-root | ||||
Description: |
When the captive portal tries to re-evaluate the posture of a node, it does so from a pf uid process. Turns out that fetching firewall rules w/o root fails but what made it worse is that IPTables::ChainMgr instead of letting us know it failed is returning the last temporary file generated by root (at least in ipt_exec_style 'system' mode). Since temporary file names are predictable and world-readable, it is possible for the root user to write the temp file and to have a non-root read it. I'll check to report upstream. I'll try the other mode of operations for ChainMgr and see if they still badly report permission problems. We might have to force temp files to be appended with a pid and/or randomness or even generate their names through an empty open (which is perl's way to do mktemp). Then, we'll need to ensure that get_mark... is always run in a privileged mode either through a pf password-less sudo or by adding a hook into bin/pfcmd. This might be delayed if our 'app server' model moves along quickly and we'll just push it as a WebService right there. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1556 | [PacketFence] upstream | major | have not tried | 2012-09-26 10:28 | 2012-09-26 17:14 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | obilodeau | OS: | |||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | 5147571f | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | depsolving problems with Net::Appliance::Session | ||||
Description: |
Resolving Dependencies --> Running transaction check ---> Package openfusion-release.noarch 0:0.5-1.of.el6 will be updated ---> Package openfusion-release.noarch 0:0.6.2-1.of.el6 will be an update ---> Package perl-Net-Appliance-Session.noarch 0:1.36-1.el6.rf will be updated --> Processing Dependency: perl(Net::Appliance::Session) = 1.36 for package: packetfence-3.6.0-0.20120921.el6.noarch ---> Package perl-Net-Appliance-Session.noarch 0:3.122100-2.el6 will be an update --> Processing Dependency: perl(Net::CLI::Interact) >= 1.122100 for package: perl-Net-Appliance-Session-3.122100-2.el6.noarch --> Processing Dependency: perl(Net::CLI::Interact) for package: perl-Net-Appliance-Session-3.122100-2.el6.noarch --> Running transaction check ---> Package perl-Net-Appliance-Session.noarch 0:1.36-1.el6.rf will be updated --> Processing Dependency: perl(Net::Appliance::Session) = 1.36 for package: packetfence-3.6.0-0.20120921.el6.noarch ---> Package perl-Net-CLI-Interact.noarch 0:1.122100-2.el6 will be installed --> Processing Dependency: perl(Log::Dispatch::Configurator::Any) for package: perl-Net-CLI-Interact-1.122100-2.el6.noarch --> Processing Dependency: perl(Log::Dispatch::Config) for package: perl-Net-CLI-Interact-1.122100-2.el6.noarch --> Processing Dependency: perl(IPC::Run) for package: perl-Net-CLI-Interact-1.122100-2.el6.noarch --> Running transaction check ---> Package perl-IPC-Run.noarch 0:0.89-1.of.el6 will be installed ---> Package perl-Log-Dispatch-Config.noarch 0:1.04-3.el6 will be installed ---> Package perl-Log-Dispatch-Configurator-Any.noarch 0:1.110690-5.el6 will be installed ---> Package perl-Net-Appliance-Session.noarch 0:1.36-1.el6.rf will be updated --> Processing Dependency: perl(Net::Appliance::Session) = 1.36 for package: packetfence-3.6.0-0.20120921.el6.noarch --> Finished Dependency Resolution Error: Package: packetfence-3.6.0-0.20120921.el6.noarch (@/packetfence-3.6.0-0.20120921.el6.noarch) Requires: perl(Net::Appliance::Session) = 1.36 Removing: perl-Net-Appliance-Session-1.36-1.el6.rf.noarch (@rpmforge) perl(Net::Appliance::Session) = 1.36 Updated By: perl-Net-Appliance-Session-3.122100-2.el6.noarch (epel) perl(Net::Appliance::Session) = 3.122100 You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest Problem updating system packages. Aborting nightly build process... Leaving chroot [01;32mcentos-6-i386-os[01;00m to investigate |
||||
Steps To Reproduce: | |||||
Additional Information: | Introduced in EPEL 6: https://bugzilla.redhat.com/show_bug.cgi?id=853380 [^] | ||||
Attached Files: |
perl-Net-Appliance-Session.spec.diff (808) 2012-09-26 14:19 https://www.packetfence.org/bugs/file_download.php?file_id=164&type=bug |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1366 | [PacketFence] captive portal | minor | always | 2012-01-16 13:35 | 2012-09-25 22:24 |
|
|||||
Reporter: | francis | Platform: | |||
Assigned To: | obilodeau | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Captive portal - self registration by email - access granted | ||||
Description: | When activating an account by email, the "access granted" page is missing the IP and MAC address in the footer (see attached screenshot). | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Screen Shot 2012-01-16 at 10.52.08 AM.png (265,602) 2012-01-16 13:35 https://www.packetfence.org/bugs/file_download.php?file_id=129&type=bug |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1380 | [PacketFence] doc | trivial | always | 2012-02-22 13:06 | 2012-09-25 22:17 |
|
|||||
Reporter: | dwuelfrath | Platform: | |||
Assigned To: | obilodeau | OS: | |||
Priority: | low | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | devel | ||
Target Version: | |||||
fixed in git revision: | ba29614 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | wrong documentation for the use of setVlanByName | ||||
Description: |
In some places in switches modules (pf::SNMP ++) it is documented to use setVlanByName but the sequence is wrong. DEPRECATED: use setVlanByName($ifIndex, $switch_locker_ref, 'isolationVlan') instead Method declaration: sub setVlanByName { my ($this, $ifIndex, $vlanName, $switch_locker_ref) = @_; |
||||
Steps To Reproduce: | |||||
Additional Information: | The $vlanName and $switch_locker_ref need to be swapped. (Probably in the POD and not in the method declaration) | ||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1383 | [PacketFence] doc | text | always | 2012-02-23 11:29 | 2012-09-25 21:59 |
|
|||||
Reporter: | albertochavez | Platform: | |||
Assigned To: | obilodeau | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | b5548f1 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Typo in Administration Guide for Packetfence 3.2.0 | ||||
Description: |
On page 44 of the Administration Guide for Packetfence 3.2.0 The following paragraph reads: LIMIT: You can set a number of bytes(B), kilobytes(KB), megavytes(MB), gigabytes(GB), or petabytes(PB) Megabytes is misspelled. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1535 | [PacketFence] upstream | major | always | 2012-08-31 07:20 | 2012-09-13 10:57 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.5.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | 986f432a2dc277819e76c8556b0e91d392e78169 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Inline mode and OSX DNS Caching issues for home page | ||||
Description: |
When visiting a mac based shop, we were having some issues using inline mode. Let me describe the problem that will impact most 10.6 users. 10.7 and 10.8 have the thin client browser that mitigate the issue, but the problem is still there is you use a real browser. So what appears to happen is when you open a browser while unregistered, the browser will try to hit your home page. PacketFence will then resolve it to its inline ip address so that you can hit the portal. But, by doing so, the system caches the result, and when you are registered, the cache wins. When you try to go back to visit your home page, you won't be able to. I was able to reproduce it all the time even with the ipset feature. Now to fix this, why aren't we using DNAT for http/https traffic only if your mark is 0x2 or 0x3 (unreg/isol)? Let's resolve the real IP, but forward the packets to the inline interface for portal. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1534 | [PacketFence] performance | minor | random | 2012-08-30 16:35 | 2012-09-10 15:12 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | low | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | c49873873d5a057dd71484fdf191f99e3e34de65 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | RADIUS Accounting slow queries are not optimized | ||||
Description: |
Sample from the slow query log:# Query_time: 27.180624 Lock_time: 0.000208 Rows_sent: 1 Rows_examined: 3064889 SET timestamp=1346357116; SELECT CONCAT(SUBSTRING(callingstationid,1,2),':',SUBSTRING(callingstationid,3,2),':',SUBSTRING(callingstationid,5,2),':', SUBSTRING(callingstationid,7,2),':',SUBSTRING(callingstationid,9,2),':',SUBSTRING(callingstationid,11,2)) AS mac, username,IF(ISNULL(acctstoptime),'connected','not connected') AS status,acctstarttime,acctstoptime,FORMAT(acctsessiontime/60,2) AS acctsessiontime, nasipaddress,nasportid,nasporttype,acctinputoctets AS acctoutput, acctoutputoctets AS acctinput,(acctinputoctets+acctoutputoctets) AS accttotal, IF(ISNULL(acctstoptime),'',acctterminatecause) AS acctterminatecause FROM (SELECT * FROM radacct ORDER BY acctstarttime DESC) AS tmp GROUP BY callingstationid HAVING callingstationid = 'E4D53D39968D'; Examined 3064889 and took 27 seconds. I wonder if indexing could help. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1323 | [PacketFence] IDS | minor | always | 2011-11-01 13:47 | 2012-09-10 14:34 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | snort will not install on centos 6 64bit | ||||
Description: |
We are relying on the upstream package of SNORT. They only package the i386 version. Trying to install it on a CentOS 6 64bit give us this error even if libnet is installed properly: Error: Package: 1:snort-2.9.1-1.i386 (PacketFence) Requires: libdnet.1 |
||||
Steps To Reproduce: | |||||
Additional Information: | I will recompile my own 64bit version and retry. | ||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1526 | [PacketFence] addons | minor | always | 2012-08-22 11:29 | 2012-09-10 14:23 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | 1cae66aca835d439865f95eefd887e6217323054 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | managed radius doesn't provide log rotation | ||||
Description: | Logs will just keep growing.. We should probably integrate the radius' logs rotation into our own addons/logrotate strategy. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
There are no notes attached to this issue. |
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1542 | [PacketFence] configuration | minor | have not tried | 2012-09-10 02:28 | 2012-09-10 08:15 |
|
|||||
Reporter: | pablo222 | Platform: | |||
Assigned To: | obilodeau | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.5.1 | ||
Product Build: | Resolution: | duplicate | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | problem with pf install | ||||
Description: |
Error while installing pf yum groupinstall --enablerepo=PacketFence,rpmforge,of,epel packetfence Transaction Check Error: file /usr/share/man/man3/Apache::Test.3pm.gz from install of perl-Apache-Test-1.36-1.of.el6.noarch conflicts with file from package mod_perl-2.0.4-10.el6.i686 file /usr/share/man/man3/Apache::TestConfig.3pm.gz from install of perl-Apache-Test-1.36-1.of.el6.noarch conflicts with file from package mod_perl-2.0.4-10.el6.i686 file /usr/share/man/man3/Apache::TestMB.3pm.gz from install of perl-Apache-Test-1.36-1.of.el6.noarch conflicts with file from package mod_perl-2.0.4-10.el6.i686 file /usr/share/man/man3/Apache::TestMM.3pm.gz from install of perl-Apache-Test-1.36-1.of.el6.noarch conflicts with file from package mod_perl-2.0.4-10.el6.i686 file /usr/share/man/man3/Apache::TestReport.3pm.gz from install of perl-Apache-Test-1.36-1.of.el6.noarch conflicts with file from package mod_perl-2.0.4-10.el6.i686 file /usr/share/man/man3/Apache::TestRequest.3pm.gz from install of perl-Apache-Test-1.36-1.of.el6.noarch conflicts with file from package mod_perl-2.0.4-10.el6.i686 file /usr/share/man/man3/Apache::TestRun.3pm.gz from install of perl-Apache-Test-1.36-1.of.el6.noarch conflicts with file from package mod_perl-2.0.4-10.el6.i686 file /usr/share/man/man3/Apache::TestRunPHP.3pm.gz from install of perl-Apache-Test-1.36-1.of.el6.noarch conflicts with file from package mod_perl-2.0.4-10.el6.i686 file /usr/share/man/man3/Apache::TestRunPerl.3pm.gz from install of perl-Apache-Test-1.36-1.of.el6.noarch conflicts with file from package mod_perl-2.0.4-10.el6.i686 file /usr/share/man/man3/Apache::TestServer.3pm.gz from install of perl-Apache-Test-1.36-1.of.el6.noarch conflicts with file from package mod_perl-2.0.4-10.el6.i686 file /usr/share/man/man3/Apache::TestSmoke.3pm.gz from install of perl-Apache-Test-1.36-1.of.el6.noarch conflicts with file from package mod_perl-2.0.4-10.el6.i686 file /usr/share/man/man3/Apache::TestTrace.3pm.gz from install of perl-Apache-Test-1.36-1.of.el6.noarch conflicts with file from package mod_perl-2.0.4-10.el6.i686 file /usr/share/man/man3/Apache::TestUtil.3pm.gz from install of perl-Apache-Test-1.36-1.of.el6.noarch conflicts with file from package mod_perl-2.0.4-10.el6.i686 |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1540 | [PacketFence] scanning | minor | always | 2012-09-06 08:58 | 2012-09-06 11:05 |
|
|||||
Reporter: | dwuelfrath | Platform: | |||
Assigned To: | dwuelfrath | OS: | |||
Priority: | low | OS Version: | |||
Status: | acknowledged | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | general | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | pf::scan will try to instanciate unknown module | ||||
Description: | Even if we do a check if the scanning type exist or not, we do not handle the result and continue the workflow. | ||||
Steps To Reproduce: | |||||
Additional Information: | https://github.com/inverse-inc/packetfence/blob/stable/lib/pf/scan.pm#L93 [^] | ||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1537 | [PacketFence] core | minor | always | 2012-09-04 04:21 | 2012-09-04 09:44 |
|
|||||
Reporter: | link | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | won't fix | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | error when install | ||||
Description: |
after install repo( follow installation guide), i've run: "yum install packetfence" or "yum groupinstall --enablerepo=PacketFence,rpmforge,epel,of Packetfence-complete". and here's error that i've received: Transaction Check Error: file /usr/share/man/man3/Apache::Test.3pm.gz from install of perl-Apache-Test-1.36-1.of.el5.noarch conflicts with file from package mod_perl-2.0.4-6.el5.i386 file /usr/share/man/man3/Apache::TestConfig.3pm.gz from install of perl-Apache-Test-1.36-1.of.el5.noarch conflicts with file from package mod_perl-2.0.4-6.el5.i386 file /usr/share/man/man3/Apache::TestMB.3pm.gz from install of perl-Apache-Test-1.36-1.of.el5.noarch conflicts with file from package mod_perl-2.0.4-6.el5.i386 file /usr/share/man/man3/Apache::TestMM.3pm.gz from install of perl-Apache-Test-1.36-1.of.el5.noarch conflicts with file from package mod_perl-2.0.4-6.el5.i386 file /usr/share/man/man3/Apache::TestReport.3pm.gz from install of perl-Apache-Test-1.36-1.of.el5.noarch conflicts with file from package mod_perl-2.0.4-6.el5.i386 file /usr/share/man/man3/Apache::TestRequest.3pm.gz from install of perl-Apache-Test-1.36-1.of.el5.noarch conflicts with file from package mod_perl-2.0.4-6.el5.i386 file /usr/share/man/man3/Apache::TestRun.3pm.gz from install of perl-Apache-Test-1.36-1.of.el5.noarch conflicts with file from package mod_perl-2.0.4-6.el5.i386 file /usr/share/man/man3/Apache::TestRunPHP.3pm.gz from install of perl-Apache-Test-1.36-1.of.el5.noarch conflicts with file from package mod_perl-2.0.4-6.el5.i386 file /usr/share/man/man3/Apache::TestRunPerl.3pm.gz from install of perl-Apache-Test-1.36-1.of.el5.noarch conflicts with file from package mod_perl-2.0.4-6.el5.i386 file /usr/share/man/man3/Apache::TestSmoke.3pm.gz from install of perl-Apache-Test-1.36-1.of.el5.noarch conflicts with file from package mod_perl-2.0.4-6.el5.i386 file /usr/share/man/man3/Apache::TestTrace.3pm.gz from install of perl-Apache-Test-1.36-1.of.el5.noarch conflicts with file from package mod_perl-2.0.4-6.el5.i386 file /usr/share/man/man3/Apache::TestUtil.3pm.gz from install of perl-Apache-Test-1.36-1.of.el5.noarch conflicts with file from package mod_perl-2.0.4-6.el5.i386 file /usr/share/man/man3/Bundle::ApacheTest.3pm.gz from install of perl-Apache-Test-1.36-1.of.el5.noarch conflicts with file from package mod_perl-2.0.4-6.el5.i386 can anybody tell me why??:( sorry for my English |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1492 | [PacketFence] captive portal | feature | have not tried | 2012-07-19 16:56 | 2012-08-06 16:43 |
|
|||||
Reporter: | ludovic | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | acknowledged | Product Version: | |||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | long-term | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Maximum number of register devices - Offer unreg option | ||||
Description: |
When a user registers a device, if he has already registered 3 devices and the limit is set to 3 and he's about to register a 4th one, we only tell the user he can't do it because he reached the maximum number of registered devices. What would be nice is, after making sure the username/password is valid, to show the user the list of devices he can actually unregister. That could happen for example when one changes laptop or cellphone. We could show a list similar to this: MAC OS fingerprint Reg date [aa:bb:cc:dd] [Android Phone] [13/06/2011] [ UNREGISTER ] [ee:bb:cc:dd] [Windows 7] [15/07/2010] [ UNREGISTER ] [ff:ee:cc:dd] [Apple iPad] [19/04/2012] [ UNREGISTER ] At this point, the user would have to unregister a device to complete his registration process. We could extend this for SMS-based registration. For example, we could one the user types back the PIN, present the same page mentioned above. We could also extend this for email-based registration. For example, when the user opens the link in the email, that page could be presented before the registration process completes. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1479 | [PacketFence] core | tweak | N/A | 2012-07-05 10:07 | 2012-08-06 14:43 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | low | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | 485cb72ef198569f2d064019c260c29ca40b0c5e | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Add control-socket support to our RADIUS | ||||
Description: | When we will be ready to merge the RADIUS configuration into the PF directory, we should also add the control-socket support. This will allow to debug a live server without having to do radiusd -X and disrupt the service. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1464 | [PacketFence] core | minor | sometimes | 2012-06-11 12:27 | 2012-08-06 13:24 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | obilodeau | OS: | |||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.4.0 | ||
Target Version: | 3.4.0 | ||||
fixed in git revision: | 375c5ab | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | process management issues (pid misuse in listing and killing daemons) | ||||
Description: |
Processes started with perl ... instead of specifying directly the executable name wouldn't be listed in status (which relies on pidof) and wouldn't be killed (which relies on pkill). It's not 100% straightforward to reproduce but anything started under the debugger (perl -d ...) is simply not properly managed (killed or listed in status) which definitely causes problems when trying to investigate odd crashes. Also, I think this could be related to the double processes started when pfsetvlan was restarted from the Web admin and could also explain the core dumps. I remember seeing that perl was explicitly mentionned in the `ps -ef` output. Attempted workarounds: - Using `pkill -f` matches the entire command line of the process and fixed the killing problems. However it doesn't work on listing statuses which relies on pidof. - Setting $0 works for pidof but sometimes didn't work with pkill but I'm not too sure now (done that last Friday before leaving..) We could either: - implement both changes (re-validate in lab) - implement -f pkill fix and use `pgrep -f` instead of pidof for status (warning: output format differs slightly) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
773 | [PacketFence] error-handling | minor | have not tried | 2009-08-11 11:57 | 2012-08-06 12:18 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | obilodeau | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | 1.9.3 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | need better error message when two violations have the same id | ||||
Description: |
right now it crashes horribly when two violations share the same id this problem should be detected and a proper error message given to the user |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1476 | [PacketFence] core | tweak | N/A | 2012-06-21 10:57 | 2012-07-31 14:39 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | low | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.5.0 | ||
Target Version: | |||||
fixed in git revision: | 2e399c41e56ddc99c73fa37e53f812d5c09acbd4 | ||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Close violation when release_date is reached | ||||
Description: | Just like node unregdate, we should be able to automatically close a violation after a defined period of time. | ||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1475 | [PacketFence] core | tweak | N/A | 2012-06-21 10:46 | 2012-07-19 11:09 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | low | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Refactor the Bandwidth accounting violation process | ||||
Description: |
Instead of using sliding window, we should be more precise in the way we calculate the time interval for the bandwidth usage. Example. If I define a violation to trap user that are doing more than 20GB/month of bandwidth transfer. Say I hit that limit after 3 days. It should block the user until day 1 of next month if auto-enable if disabled or if auto-enable is enabled, it should start the bandwidth calculation from the violation release date instead of the beginning of the month for the next violation. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1470 | [PacketFence] i18n | minor | have not tried | 2012-06-14 19:17 | 2012-06-18 08:31 |
|
|||||
Reporter: | pb1dft | Platform: | |||
Assigned To: | obilodeau | OS: | |||
Priority: | normal | OS Version: | |||
Status: | feedback | Product Version: | 3.4.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | general | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | error in guest.pm | ||||
Description: |
on line 271 i18n($_) should be i18n() Otherwise translations for the field names wil not work |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
750 | [PacketFence] core | minor | have not tried | 2009-07-17 14:22 | 2012-06-15 10:01 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | confirmed | Product Version: | |||
Product Build: | Resolution: | reopened | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | general | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | telnet / ssh logging timeouts | ||||
Description: |
It seems that telnet / ssh connection handling is not the same everywhere. On linksys IIRC we had a timeout problem that was quite annoying to troubleshoot (no logging output). It seems that it is doing the right thing at most places so comparing the Linksys' telnet implementation with the other ones would be a good place to start. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1466 | [PacketFence] web admin | major | sometimes | 2012-06-13 19:55 | 2012-06-15 09:20 |
|
|||||
Reporter: | barryq | Platform: | |||
Assigned To: | obilodeau | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.3.2 | ||
Product Build: | Resolution: | no change required | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.4.0 | ||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Changing node category produces error | ||||
Description: |
When changing the node category either from "No Category" to a defined category, or from a defined category to "No Category" the following error is produced: Error: Problems executing 'PFCMD node edit a0:6c:ec:d2:a8:81 pid="<hidden>", category="guest", status="reg", bypass_vlan="", voip="no", detect_date="2012-06-13 16:47:07", regdate="2012-06-13 16:47:12", unregdate="", last_arp="", last_dhcp="2012-06-13 16:47:28", lastskip="", notes="AUTO-REGISTERED"' Command not understood. (pfcmd grammar test failed at line 209.) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1409 | [PacketFence] zen | tweak | always | 2012-03-28 13:34 | 2012-04-18 10:03 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 3.2.0 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 3.3.0 | ||
Target Version: | 3.3.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Missing some small things (802.1X user and host entry) | ||||
Description: |
Need to add : - demouser Cleartext-password := demouser (in raddb/users) - pf-zen 127.0.0.1 (in /etc/hosts) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1375 | [PacketFence] captive portal | tweak | have not tried | 2012-02-03 15:24 | 2012-02-03 15:37 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | OS: | ||||
Priority: | low | OS Version: | |||
Status: | feedback | Product Version: | 3.1.0 | ||
Product Build: | Resolution: | open | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Activation link appears to be valid even if node did not confirm within the proper time period | ||||
Description: |
It appears that the activation link sent to self-registering node is still valid even if the node did not confirm within the determined time frame (default 10min) Registering at 13:49 Unreg by pfmon at 13:59 ... Feb 03 14:13:18 email_activation.cgi(0) INFO: Activation code sent to email xxxx successfully verified! Node authorized: xxx (pf::email_activation::validate_code) |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
991 | [PacketFence] upstream | minor | have not tried | 2010-05-25 11:13 | 2011-12-30 23:49 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 1.8.7 | ||
Product Build: | Resolution: | no change required | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | php-pear-Log problem | ||||
Description: |
We received an anonymous bug report: Error Message: : Assigning the return value of new by reference is deprecated in /usr/share/pear/Log.php on line 169. Looks like an upstream problem caused by the deprecation of something in php. Deprecation is Introduced in php 5.3 maybe? http://www.php.net/manual/en/language.references.php#93292 [^] I would hope that latest pear Log doesn't have this problem. For now, our target platform is not affected so this won't be a priority fix. We will just wait for this to settle by themselves. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1159 | [PacketFence] upstream | minor | have not tried | 2011-01-19 16:33 | 2011-12-30 23:39 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | perl-SOAP-Lite requires perl-version but doesn't depend on it | ||||
Description: |
I faced the issue on a dedicated RADIUS Server. On a normal PacketFence server, something else probably installed the package correctly. I should provide a patch to rpmforge's perl-SOAP-Lite's packager. This bug is to track the issue. Workaround: install perl-version by hand with `yum install perl-version` (you need the rpmforge repo enabled) |
||||
Steps To Reproduce: | |||||
Additional Information: |
A link where I had a clue to look in that direction: http://confluence.atlassian.com/display/CROWDKB/Apache+Integration+Fails+Due+to+Missing+version.pm+File [^] |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1241 | [PacketFence] upstream | major | always | 2011-07-26 11:54 | 2011-07-27 09:25 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | RPMForge repository segfaulting on yum update | ||||
Description: |
Even if this is not a PF issue, I think it is interesting to post the bug here so we can track it since we heavily rely on rpmforge. Doing a yum update will not work, rpmforge will make yum quit with a segfault. [root@CentOS5/chroot]$ yum update Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * addons: centos.mirror.iweb.ca * extras: centos.mirror.iweb.ca * rpmforge: apt.sw.be * updates: centos.mirror.iweb.ca rpmforge: [#################### ] 891/10953Segmentation fault We do not know any way to fix the issue for now. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
752 | [PacketFence] upstream | crash | random | 2009-07-20 14:26 | 2011-05-04 11:50 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | OS: | ||||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | unable to reproduce | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Sometimes Net::Appliance::Session depends on Devel::StackTrace >= 1.2 which is not explicitly required | ||||
Description: |
problem found on a perl install 5.8.8 Cisco Catalyst 2860 depends on Net::Appliance::Session which in turn depends on Devel::StackTrace >= 1.20 which was not pulled in by installer.pl or by Net::Appliance:Session itself. Net::Appliance::Session version was 1.36. I will need to try to reproduce. I will also need to verify that this is not an upstream bug: Net::Appliance::Session not correctly asking for Devel::StackTrace >= 1.20 when installed from cpan. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1164 | [PacketFence] upstream | minor | N/A | 2011-01-27 13:06 | 2011-04-26 10:26 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | obilodeau | OS: | |||
Priority: | low | OS Version: | |||
Status: | resolved | Product Version: | 2.0.0 | ||
Product Build: | Resolution: | no change required | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Depsolving problem on yum update with perl-IO-Compress | ||||
Description: |
When updating your CentOS, you may have this error : perl-IO-Compress-2.024-1.el5.rf.noarch from installed has depsolving problems --> Missing Dependency: perl(Compress::Raw::Zlib) = 2.024 is needed by package perl-IO-Compress-2.024-1.el5.rf.noarch (installed) perl-IO-Compress-2.024-1.el5.rf.noarch from installed has depsolving problems --> Missing Dependency: perl(Compress::Raw::Bzip2) = 2.024 is needed by package perl-IO-Compress-2.024-1.el5.rf.noarch (installed) perl-Module-Install-0.92-1.el5.rf.noarch from installed has depsolving problems --> Missing Dependency: perl(Archive::Tar) >= 1.44 is needed by package perl-Module-Install-0.92-1.el5.rf.noarch (installed) Error: Missing Dependency: perl(Archive::Tar) >= 1.44 is needed by package perl-Module-Install-0.92-1.el5.rf.noarch (installed) Error: Missing Dependency: perl(Compress::Raw::Bzip2) = 2.024 is needed by package perl-IO-Compress-2.024-1.el5.rf.noarch (installed) Error: Missing Dependency: perl(Compress::Raw::Zlib) = 2.024 is needed by package perl-IO-Compress-2.024-1.el5.rf.noarch (installed) This is likely to have been triggered by a change in an upstream package. |
||||
Steps To Reproduce: | |||||
Additional Information: |
A quick workaround : rpm -e --nodeps perl-IO-Compress yum update This will update perl-Compress-Raw-Bzip2 and perl-Compress-Raw-Zlib properly. |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1194 | [PacketFence] upstream | major | always | 2011-02-25 17:01 | 2011-03-22 10:06 |
|
|||||
Reporter: | user201 | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | devel | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Perl SOAP Lite dependency error | ||||
Description: |
dependency error with package perl-SOAP-Lite-0.712-1.el5.rf.noarch.rpm Must install manually this package to resolve this issue: perl-Class-Inspector-1.24-1.el5.rf.noarch.rpm ( yum install perl-Class-Inspector.noarch ) |
||||
Steps To Reproduce: | |||||
Additional Information: |
package: perl-SOAP-Lite-0.712-1.el5.rf.noarch.rpm, perl-Class-Inspector-1.24-1.el5.rf.noarch.rpm Name : perl-SOAP-Lite Relocations: (not relocatable) Version : 0.712 Vendor: Dag Apt Repository, http://dag.wieers.com/apt/ [^] Release : 1.el5.rf Build Date: Wed 23 Feb 2011 10:43:42 AM EST an email have been sent to dag repo regarding this... |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1124 | [PacketFence] upstream | major | have not tried | 2010-11-25 12:10 | 2011-02-28 14:47 |
|
|||||
Reporter: | fgaudreault | Platform: | |||
Assigned To: | fgaudreault | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | 1.9.1 | ||
Product Build: | Resolution: | won't fix | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | 2.0.2 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Snort is not killed by pfcmd | ||||
Description: |
Seen on CentOS 5.5 x86_64, SNORT is not able to be killed using the "pfcmd service snort stop" command while it's working with the same RPM package on CentOS 5.5 i386. Even after compiling the x86_64 RPM, the problem persists. This implies some drawbacks, especially when you are in a HA cluster. PacketFence won't be able to stop properly, so the failover will never happen. It's a major problem. The issue is not related to PacketFence, but to snort. A potential workaround is to modify the code to issue a "pkill -9 snort" instead of the standard "pkill snort". |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1033 | [PacketFence] upstream | minor | have not tried | 2010-07-20 11:20 | 2011-02-25 16:52 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | obilodeau | OS: | |||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | 1.9.0 | ||
Product Build: | Resolution: | no change required | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | RPM dependency error with perl(Archive::Tar) | ||||
Description: |
Errors started to show up on our nightly builds: --> Finished Dependency Resolution perl-Module-Install-0.92-1.el5.rf.noarch from installed has depsolving problems --> Missing Dependency: perl(Archive::Tar) >= 1.44 is needed by package perl-Module-Install-0.92-1.el5.rf.noarch (installed) Error: Missing Dependency: perl(Archive::Tar) >= 1.44 is needed by package perl-Module-Install-0.92-1.el5.rf.noarch (installed) You could try using --skip-broken to work around the problem You could try running: package-cleanup --problems package-cleanup --dupes rpm -Va --nofiles --nodigest Looks upstream since we haven't changed anything. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1152 | [PacketFence] upstream | minor | random | 2011-01-13 12:43 | 2011-01-18 09:54 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | obilodeau | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | not fixable | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | FreeRADIUS hangs in our perl module with: Modification of a read-only value .../DBI.pm line 563 | ||||
Description: |
Error: rlm_perl: perl_embed:: module = /etc/raddb/rlm_perl_packetfence.pl , func = post_auth exit status= Modification of a read-only value attempted at /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/DBI.pm line 563. Launching db connection in FreeRADIUS' CLONE {...} then re-connecting only if necessary should mitigate the issue. Here's a patch for those interested: --- pf/addons/802.1X/rlm_perl_packetfence.pl c967f44b9c3e832b4c2189e5792b47c1006872cd +++ pf/addons/802.1X/rlm_perl_packetfence.pl 4c5b8f74db3f0770ba542f020d98a1e74ffa1371 @@ -37,6 +37,7 @@ use vars qw(%RAD_REQUEST %RAD_REPLY %RAD use vars qw(%RAD_REQUEST %RAD_REPLY %RAD_CHECK); #use Data::Dumper; +our $mysql_connection; # This is hash wich hold original request from radius #my %RAD_REQUEST; # In this hash you add values that will be returned to NAS. @@ -221,6 +222,22 @@ sub log_request_attributes { } } +sub CLONE { + db_connect(); +} + +sub db_connect { + + $mysql_connection = DBI->connect("dbi:mysql:dbname=".DB_NAME.";host=".DB_HOSTNAME, + DB_USER, DB_PASS, {PrintError => 0}); + + if (!defined($mysql_connection)) { + openlog("rlm_perl_packetfence", "perror,pid","user"); + syslog("info", "Can't connect to the database."); + closelog(); + } +} + # Here is the decision process: # # registered, guest, secure => disconnect (-1) @@ -250,14 +267,16 @@ sub getVlan { openlog("rlm_perl_packetfence", "perror,pid","user"); syslog("info", "getVlan called with switch_ip $switch_ip, mac $mac, is_eap_request $is_eap_request"); - - # create database connection - my $mysql_connection = DBI->connect("dbi:mysql:dbname=".DB_NAME.";host=".DB_HOSTNAME, - DB_USER, DB_PASS, {PrintError => 0}); + + if (!defined($mysql_connection) || !$mysql_connection->ping() ) { + syslog("info", "Database connection seems down.. Reconnecting..."); + db_connect(); - if (!defined($mysql_connection)) { - syslog("info", "Can't connect to the database."); - return undef; + if (!defined($mysql_connection) || !$mysql_connection->ping() ) { + syslog("info", "Database still down... Bailing out for this request."); + closelog(); + return; + } } # check if mac exists already in database @@ -402,7 +421,6 @@ sub getVlan { # return the correct VLAN, close resources syslog("info", "returning VLAN $correctVlan for $mac"); closelog(); - $mysql_connection->disconnect(); return $correctVlan; } |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1132 | [PacketFence] upstream | major | random | 2010-12-01 12:05 | 2011-01-11 09:49 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | obilodeau | OS: | |||
Priority: | normal | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | no change required | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | 2.1.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | Mac OS X DHCP issues after a VLAN change on wireless networks | ||||
Description: |
Based on the setup we are sometimes able to reproduce the problem 100% of the time or not at all. The issue: Mac OS X after a wireless deauthentication (desassociation) doesn't do a DHCP Discover. What happens: - we deauth the Mac OS X client - Mac OS X client reconnects, get a different VLAN assigned - it waits for its DHCP lease to expire - it then does DHCP Request on the server where it obtained it's last IP - a default DHCP server configuration will not reply to that DHCP Request thinking it's not for him (wrong IP information on wrong interface) - after a couple of minutes the Mac OS X client abandon the DHCP Requests and do a DHCP Discover - DHCP Server responds - Mac OS X client has an IP in the right VLAN Because of the lease expiry delays and the DHCP Request timeout delays, it takes several minutes to gain network access. This is unacceptable. On Windows, everything works fine. Expected: - we deauth the Mac OS X client - Mac OS X client reconnects, get a different VLAN assigned - Mac OS X issues a DHCP Discover (it's in a new network after all!) - it gets an IP in the good VLAN Workarounds: We are working on workarounds which involves sending a DHCP NAK (non-acknowledge) if we see a DHCP Request coming with the wrong IPs on the wrong interface. This way we reduce the delay window only to the dhcp lease timeout. Here's the flow with the workaround: - we deauth the Mac OS X client - Mac OS X client reconnects, get a different VLAN assigned - it waits for its DHCP lease to expire - it then does DHCP Request on the server where it obtained it's last IP - DHCP Server sends a DHCP NAK to the client - Mac OS X client does a DHCP Discover - DHCP Server responds - Mac OS X client has an IP in the right VLAN As stated earlier, some setups are affected some aren't so we aren't sure where the interaction changes. Here's a list of variables to look after: - ip-helpers based or not (vs bridged layer2 to dhcp) - DHCP Server based on Windows or Linux - Using a Controller or fat Access Points We are investigating on this but any findings would help us a lot! |
||||
Steps To Reproduce: | |||||
Additional Information: |
workarounds: - in bridged mode (no ip-helpers) run a DHCP Server per interface with -pf (pid file) and -cf (different config) in that config put deny all on subnets you should never see on that VLAN - in ip-helpers mode we are still discussing this one (one ip-helper on eth0 doing the right thing or several) |
||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
882 | [PacketFence] upstream | minor | always | 2009-12-17 10:51 | 2010-12-15 11:37 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | obilodeau | OS: | |||
Priority: | high | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | not fixable | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 2.0.0 | ||
Target Version: | 2.0.0 | ||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | perl-SOAP-Lite needs LWP::UserAgent but it isn't declared in package | ||||
Description: |
short term fix: specify it in the RPM spec longer term fix: submit packaging bug upstream |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|
View Issue Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
1020 | [PacketFence] upstream | major | always | 2010-06-24 15:45 | 2010-06-24 16:03 |
|
|||||
Reporter: | obilodeau | Platform: | |||
Assigned To: | obilodeau | OS: | |||
Priority: | none | OS Version: | |||
Status: | resolved | Product Version: | |||
Product Build: | Resolution: | not fixable | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
Target Version: | |||||
fixed in git revision: | |||||
fixed in mtn revision: | |||||
|
|||||
Summary: | VoIP support is broken in port-security mode with 3560 IOS 12.2(25r) | ||||
Description: |
For some reason when securing a MAC address the switch loses an important portion of its config. The line: switchport port-security maximum 1 vlan access disappears. Then, things cannot work. This is a Cisco bug, nothing much we can do. An updated IOS is available. You should upgrade. There was a discussion about it on the -users mailing list. |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Attached Files: |
Notes | |||||
|
|||||
|
|