Menu
▾
▴
Re: [PacketFence-users] Packetfence-ZEN-5-1 bandwidth violation
|
From: Fabrice D. <fd...@in...> - 2015-07-30 12:19:27
|
Hi Hubert, It works when you disconnect because a radius accounting stop is sent, so it probably miss radius interim update. Regards Fabrice Le 2015-07-30 07:29, Hubert Kupper a écrit : > Hi Louis, > > I had a copy of the original violations.conf and copied it into the > pf/conf directory. I edited the bandwidth exampel of the new > violations.conf and now it works! The violation occours when I > download more than 2GB/day but only if I disattach my device from > network. What can be the reason of this? > > Regards, > Hubert > > Am 30.07.2015 um 06:50 schrieb Hubert Kupper: >> Hello Louis, >> >> I turned off pfbandwidth.d as you said. >> >> pf.conf: >> >> [general] >> # >> # general.domain >> # >> # Domain name of PacketFence system. >> domain=our domain >> # >> # general.hostname >> # >> # Hostname of PacketFence system. This is concatenated with the >> domain in Apache rewriting rules and therefore must be resolvable by >> clients. >> hostname=pfence2 >> # >> # general.dnsservers >> # >> # Comma-delimited list of DNS servers. Passthroughs are created to >> allow queries to these servers from even "trapped" nodes. >> dnsservers=IPs of our dns servers,127.0.0.1 >> # >> # general.dhcpservers >> # >> # Comma-delimited list of DHCP servers. Passthroughs are created to >> allow DHCP transactions from even "trapped" nodes. >> dhcpservers=127.0.0.1,IPs of our dhcp servers >> # >> # general.timezone >> # >> # System's timezone in string format. Supported list: >> # http://www.php.net/manual/en/timezones.php >> timezone=Europe/Berlin >> >> [trapping] >> # >> # trapping.range >> # >> # Comma-delimited list of address ranges/CIDR blocks that PacketFence >> will monitor/detect/trap on. Gateway, network, and >> # broadcast addresses are ignored. >> range=our range >> >> [alerting] >> # >> # alerting.emailaddr >> # >> # Email address to which notifications of rogue DHCP servers, >> violations with an action of "email", or any other >> # PacketFence-related message goes to. >> ema...@un... >> >> [database] >> # >> # database.pass >> # >> # Password for the mysql database used by PacketFence. >> pass=foo >> # >> # database.user >> # >> # Username of the account with access to the mysql database used by >> PacketFence. >> user=fooadmin >> >> [expire] >> # >> # expire.node >> # >> # Time before a node is removed due to inactivity. >> # A value of 0D disables expiration. >> # example: >> # node=90D >> node=2m >> >> [services] >> # >> # services.pfsetvlan >> # >> # Should pfsetvlan be managed by PacketFence? >> pfsetvlan=enabled >> # >> # services.snmptrapd >> # >> # Should snmptrapd be managed by PacketFence? >> snmptrapd=enabled >> # database.pass >> # >> # Password for the mysql database used by PacketFence. >> pass=foo >> # >> # database.user >> # >> # Username of the account with access to the mysql database used by >> PacketFence. >> user=fooadmin >> >> [expire] >> # >> # expire.node >> # >> # Time before a node is removed due to inactivity. >> # A value of 0D disables expiration. >> # example: >> # node=90D >> node=2m >> >> [services] >> # >> # services.pfsetvlan >> # >> # Should pfsetvlan be managed by PacketFence? >> pfsetvlan=enabled >> # >> # services.snmptrapd >> # >> # Should snmptrapd be managed by PacketFence? >> snmptrapd=enabled >> >> [inline] >> # >> # inline.interfaceSNAT >> # Choose the interface(s) you want to use to enable snat (by default >> it´s the management interface) >> interfaceSNAT=eth0.209 >> # inline.accounting >> # >> # Should we handle accouting data for inline clients? >> # This controls inline accouting tasks in pfmon. >> accounting=enabled >> >> >> [interface eth0.37] >> enforcement=vlan >> ip=ip for vlan 37 >> type=management >> mask=255.255.255.0 >> >> [interface eth0.209] >> enforcement=vlan >> ip=ip for vlan 209 >> type=internal,monitor >> mask=255.255.255.0 >> >> [interface eth0.212] >> enforcement=vlan >> ip=ip for vlan 212 >> type=internal >> mask=255.255.255.0 >> >> [interface eth0.213] >> enforcement=vlan >> ip=ip for vlan 213 >> type=internal >> mask=255.255.255.0 >> >> Am 29.07.2015 um 15:39 schrieb Louis Munro: >>> Is this inline or out-of-band? >>> >>> Please post your pf.conf. >>> >>> Regards, >>> -- >>> Louis Munro >>> lm...@in... <mailto:lm...@in...> :: www.inverse.ca >>> <http://www.inverse.ca> >>> +1.514.447.4918 x125 :: +1 (866) 353-6153 x125 >>> Inverse inc. :: Leaders behind SOGo (www.sogo.nu >>> <http://www.sogo.nu>) and PacketFence (www.packetfence.org >>> <http://www.packetfence.org>) >>> >>> On Jul 29, 2015, at 3:52 , Hubert Kupper <ku...@un... >>> <mailto:ku...@un...>> wrote: >>> >>>> Hi Louis, >>>> >>>> pfbandwidthd is using 100% cpu time and pfbandwidthd.log shows: >>>> >>>> Jul 20 07:30:57 pfbandwidthd(5868) INFO: pfbandwidthd starting and >>>> writing 5871 to /usr/local/pf/var/run/pfbandwidthd.pid >>>> (pf::services::util::createpid) >>>> Jul 21 02:04:13 pfbandwidthd(5868) FATAL: pfbandwidthd: caught >>>> SIGTERM - terminating (main::normal_sighandler) >>>> Jul 21 02:04:13 pfbandwidthd(5868) FATAL: pfbandwidthd: caught >>>> SIGTERM - terminating at /usr/local/pf/sbin/pfbandwidthd line 285 >>>> (IO::Select::can_read) >>>> Jul 21 02:04:13 pfbandwidthd(5868) ERROR: pfbandwidthd: caught >>>> SIGTERM - terminating at /usr/local/pf/sbin/pfbandwidthd line 285 >>>> (IO::Select::can_read) >>>> Jul 21 02:05:24 pfbandwidthd(6848) INFO: pfbandwidthd starting and >>>> writing 6851 to /usr/local/pf/var/run/pfbandwidthd.pid >>>> (pf::services::util::createpid) >>>> Jul 28 08:06:24 pfbandwidthd(6848) FATAL: pfbandwidthd: caught >>>> SIGTERM - terminating (main::normal_sighandler) >>>> Jul 28 08:06:24 pfbandwidthd(6848) FATAL: pfbandwidthd: caught >>>> SIGTERM - terminating at /usr/local/pf/sbin/pfbandwidthd line 285 >>>> (IO::Select::can_read) >>>> Jul 28 08:06:24 pfbandwidthd(6848) ERROR: pfbandwidthd: caught >>>> SIGTERM - terminating at /usr/local/pf/sbin/pfbandwidthd line 285 >>>> (IO::Select::can_read) >>>> Jul 28 08:06:24 pfbandwidthd(6848) FATAL: panic: leave_scope >>>> inconsistency at /usr/local/pf/sbin/pfbandwidthd line 157. >>>> (main::) >>>> Jul 28 08:06:24 pfbandwidthd(6848) ERROR: panic: leave_scope >>>> inconsistency at /usr/local/pf/sbin/pfbandwidthd line 157. >>>> (main::) >>>> Jul 28 08:06:24 pfbandwidthd(6848) FATAL: panic: leave_scope >>>> inconsistency at /usr/local/pf/sbin/pfbandwidthd line 157. >>>> (main::) >>>> Jul 28 08:06:24 pfbandwidthd(6848) ERROR: panic: leave_scope >>>> inconsistency at /usr/local/pf/sbin/pfbandwidthd line 157. >>>> (main::) >>>> Jul 28 08:07:29 pfbandwidthd(10196) INFO: pfbandwidthd starting and >>>> writing 10199 to /usr/local/pf/var/run/pfbandwidthd.pid >>>> (pf::services::util::createpid) >>>> Jul 29 07:59:56 pfbandwidthd(10196) FATAL: pfbandwidthd: caught >>>> SIGTERM - terminating (main::normal_sighandler) >>>> Jul 29 07:59:56 pfbandwidthd(10196) FATAL: pfbandwidthd: caught >>>> SIGTERM - terminating at /usr/local/pf/sbin/pfbandwidthd line 285 >>>> (main::) >>>> Jul 29 07:59:56 pfbandwidthd(10196) ERROR: pfbandwidthd: caught >>>> SIGTERM - terminating at /usr/local/pf/sbin/pfbandwidthd line 285 >>>> (main::) >>>> Jul 29 08:00:56 pfbandwidthd(12316) INFO: pfbandwidthd starting and >>>> writing 12319 to /usr/local/pf/var/run/pfbandwidthd.pid >>>> (pf::services::util::createpid) >>>> [root@PacketFence-ZEN-5-1 logs]# >>>> >>>> Regards, >>>> Hubert >>>> >>>> Am 28.07.2015 um 20:23 schrieb Louis Munro: >>>>> >>>>> On Jul 28, 2015, at 8:37 , Hubert Kupper <ku...@un... >>>>> <mailto:ku...@un...>> wrote: >>>>> >>>>>> there is traffic on port 1813 from the cisco switch to th server. >>>>>> tcpdump shows it. >>>>>> >>>>>> mysql> select count(*) from radacct; shows count(*) 44 >>>>> >>>>> >>>>> Is the MAC of the device among those listed in radacct? >>>>> >>>>> Something like this should return more: >>>>> >>>>> mysql> select >>>>> callingstationid,acctinputoctets,acctoutputoctets,acctstarttime >>>>> from radacct; >>>>> >>>>> >>>>> Regards, >>>>> -- >>>>> Louis Munro >>>> >>>> ------------------------------------------------------------------------------ >>>> _______________________________________________ >>>> PacketFence-users mailing list >>>> Pac...@li... >>>> <mailto:Pac...@li...> >>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>> >>> >>> >>> ------------------------------------------------------------------------------ >>> >>> >>> _______________________________________________ >>> PacketFence-users mailing list >>> Pac...@li... >>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >> >> >> -- >> _____________________________________________ >> Hubert Kupper >> Universitaetsrechenzentrum in Landau >> Fortstrasse 7, D-76829 Landau >> Tel: +49 6341/28031173 Fax: +49 6341/28031267 >> >> >> >> ------------------------------------------------------------------------------ >> >> >> _______________________________________________ >> PacketFence-users mailing list >> Pac...@li... >> https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > -- > _____________________________________________ > Hubert Kupper > Universitaetsrechenzentrum in Landau > Fortstrasse 7, D-76829 Landau > Tel: +49 6341/28031173 Fax: +49 6341/28031267 > > > > ------------------------------------------------------------------------------ > > > _______________________________________________ > PacketFence-users mailing list > Pac...@li... > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand fd...@in... :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) |
