Community support is offered through the mailing lists. You can subscribe to them and ask questions related to PacketFence.
The PacketFence community is very large and active so do not hesitate to subscribe to the mailing list and ask questions. However, please make sure to respect the following guidelines when posting a new message:
Join us on IRC! We are in the #packetfence channel on the freenode network.
Please note that while available, IRC is not the preferred option for community support. We recommend using the mailing list.
Network Access Control (NAC) projects are complex in nature because they usually involve many different technologies. We have done hundreds of large-scale deployment projects for prestigious organizations, all around the world. Let us help you make this deployment project a success by using our unmatched expertise!
If you are looking for a PacketFence expert to help you:
Unlimited |
|
---|---|
Duration | 1 year |
Support Method | Support Portal / Phone |
Response Time | 1 hour |
Support Hours | 24 / 7 |
Multi-Server | No |
Notifications | Security / Bug Fixes |
Bug Fixes | Yes |
Included Incidents | Unlimited |
Included Consulting Hours | None - can be purchased separately |
Cost | $5,000 USD per PacketFence server |
Order |
Installation Guide | Download PDF Read Online |
Upgrade Guide | Download PDF Read Online |
Network Devices Configuration Guide | Download PDF Read Online |
Clustering Quick Installation Guide | Download PDF Read Online |
Developer's Guide | Download PDF Read Online |
OpenApi Specification - REST API (Stable) | Read Online |
OpenApi Specification - REST API (Development) | Read Online |
OpenApi Specification - REST API (Per Release) | v13.0 |
PacketFence is built with flexibility in mind allowing users to modify the standard behaviour. To ease this process, extension points were defined such that any function present in pf::vlan::custom will take precedence over the default behaviour in pf::vlan.
If you have many VLANs depending on node attributes (i.e.: categories), SSIDs or MAC attributes, you need to put some effort into redefining the getNormalVlan() function.
Have a look at the following file which already has many examples commented out:
/usr/local/pf/lib/pf/vlan/custom.pm
Here are a few of them. You only have to remove the comments to have them take effect.
sub getNormalVlan {
my ($this, $switch, $ifIndex, $mac, $node_info, $connection_type, $user_name, $ssid) = @_;
my $logger = Log::Log4perl->get_logger();
# custom example: admin category
# return customVlan5 to nodes in the admin category if (defined($node_info->{'category'}) && lc($node_info->{'category'}) eq "admin") {
return $switch->getVlanByName('customVlan5');
}
return $switch->getVlanByName('normalVlan');
}
sub getNormalVlan {
my ($this, $switch, $ifIndex, $mac, $node_info, $connection_type, $user_name, $ssid) = @_;
my $logger = Log::Log4perl->get_logger();
# custom example: simple guest user
# return guestVlan for pid=guest
if (defined($node_info->{pid}) && $node_info->{pid} =~ /^guest$/i) {
return $switch->getVlanByName('guestVlan');
}
return $switch->getVlanByName('normalVlan');
}
sub getNormalVlan {
my ($this, $switch, $ifIndex, $mac, $node_info, $connection_type, $user_name, $ssid) = @_;
my $logger = Log::Log4perl->get_logger();
# custom example: enforce a node's bypass VLAN
# If node record has a bypass_vlan prefer it over normalVlan
if (defined($node_info->{'bypass_vlan'}) && $node_info->{'bypass_vlan'} ne '') {
return $node_info->{'bypass_vlan'};
}
return $switch->getVlanByName('normalVlan');
}
sub getNormalVlan {
my ($this, $switch, $ifIndex, $mac, $node_info, $connection_type, $user_name, $ssid) = @_;
my $logger = Log::Log4perl->get_logger();
# custom example: VLAN by SSID
# return customVlan1 if SSID is 'PacketFenceRocks'
if (defined($ssid) && $ssid eq 'PacketFenceRocks') {
return $switch->getVlanByName('customVlan1');
}
return $switch->getVlanByName('normalVlan');
}
Instead of using the flexible VLAN name where actual VLAN numbers are looked up in switches.conf you can specify VLAN tags directly if you want to. For example a return 5; would put the user in VLAN 5. We favour using VLAN names because you don’t need to change the code to change a VLAN.
If you encounter a possible bug with PacketFence, you can access our github page.
Please make sure to respect the following guidelines when reporting a bug: