You can subscribe to this list here.
2004 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(3) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2005 |
Jan
(4) |
Feb
(6) |
Mar
(2) |
Apr
(6) |
May
(38) |
Jun
(6) |
Jul
(35) |
Aug
(34) |
Sep
(29) |
Oct
(66) |
Nov
(37) |
Dec
(7) |
2006 |
Jan
(4) |
Feb
(77) |
Mar
(102) |
Apr
(40) |
May
(91) |
Jun
(82) |
Jul
(72) |
Aug
(267) |
Sep
(94) |
Oct
(25) |
Nov
(36) |
Dec
(6) |
2007 |
Jan
(11) |
Feb
(19) |
Mar
(24) |
Apr
(23) |
May
(41) |
Jun
(3) |
Jul
(14) |
Aug
(46) |
Sep
(12) |
Oct
(1) |
Nov
(9) |
Dec
(3) |
2008 |
Jan
(5) |
Feb
(15) |
Mar
(4) |
Apr
(12) |
May
(48) |
Jun
(18) |
Jul
(53) |
Aug
(79) |
Sep
(4) |
Oct
(2) |
Nov
(4) |
Dec
(5) |
2009 |
Jan
(6) |
Feb
(1) |
Mar
(4) |
Apr
(2) |
May
|
Jun
(1) |
Jul
(7) |
Aug
(7) |
Sep
(4) |
Oct
(3) |
Nov
(5) |
Dec
(4) |
2010 |
Jan
(2) |
Feb
|
Mar
|
Apr
(6) |
May
(1) |
Jun
(6) |
Jul
(8) |
Aug
(16) |
Sep
(21) |
Oct
(24) |
Nov
(20) |
Dec
(15) |
2011 |
Jan
(28) |
Feb
(40) |
Mar
(28) |
Apr
(18) |
May
(20) |
Jun
(13) |
Jul
(12) |
Aug
(21) |
Sep
(24) |
Oct
(18) |
Nov
(20) |
Dec
(16) |
2012 |
Jan
(22) |
Feb
(13) |
Mar
(31) |
Apr
(41) |
May
(25) |
Jun
(38) |
Jul
(17) |
Aug
(30) |
Sep
(30) |
Oct
(6) |
Nov
(8) |
Dec
(2) |
2013 |
Jan
(2) |
Feb
(3) |
Mar
(7) |
Apr
(47) |
May
(43) |
Jun
(19) |
Jul
(28) |
Aug
(37) |
Sep
(19) |
Oct
(19) |
Nov
(7) |
Dec
(11) |
2014 |
Jan
(20) |
Feb
(15) |
Mar
(29) |
Apr
(31) |
May
(19) |
Jun
(21) |
Jul
(12) |
Aug
(12) |
Sep
(22) |
Oct
(15) |
Nov
(8) |
Dec
(11) |
2015 |
Jan
(4) |
Feb
(22) |
Mar
(14) |
Apr
(10) |
May
(8) |
Jun
(11) |
Jul
(55) |
Aug
(3) |
Sep
(12) |
Oct
(1) |
Nov
(5) |
Dec
(5) |
2016 |
Jan
(3) |
Feb
(4) |
Mar
(4) |
Apr
(10) |
May
(6) |
Jun
(4) |
Jul
(6) |
Aug
(3) |
Sep
|
Oct
(3) |
Nov
(10) |
Dec
(6) |
2017 |
Jan
(5) |
Feb
(1) |
Mar
(9) |
Apr
(1) |
May
(2) |
Jun
(2) |
Jul
(3) |
Aug
(9) |
Sep
(1) |
Oct
|
Nov
|
Dec
|
2018 |
Jan
|
Feb
(2) |
Mar
|
Apr
(3) |
May
|
Jun
|
Jul
(1) |
Aug
(1) |
Sep
(3) |
Oct
|
Nov
(1) |
Dec
|
2019 |
Jan
(1) |
Feb
|
Mar
|
Apr
|
May
(1) |
Jun
|
Jul
|
Aug
(3) |
Sep
(1) |
Oct
|
Nov
(1) |
Dec
|
2020 |
Jan
(5) |
Feb
|
Mar
(7) |
Apr
(2) |
May
|
Jun
(1) |
Jul
|
Aug
(2) |
Sep
(3) |
Oct
(1) |
Nov
|
Dec
|
2021 |
Jan
(6) |
Feb
(3) |
Mar
(7) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
(1) |
Nov
|
Dec
(1) |
2022 |
Jan
|
Feb
(1) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
(1) |
Nov
(2) |
Dec
|
2023 |
Jan
|
Feb
(2) |
Mar
(2) |
Apr
|
May
|
Jun
(2) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
2024 |
Jan
(1) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
From: Satkunas, D. <dsa...@ak...> - 2024-01-23 14:46:38
|
The Inverse team is pleased to announce the immediate availability of PacketFence v13.1. This is a minor release with new features, enhancements and bug fixes. This release is considered ready for production use and upgrading from previous versions is strongly advised. What is PacketFence? PacketFence is a fully supported, trusted, Free and Open Source Network Access Control (NAC) solution. Boasting an impressive feature set, PacketFence can be used to effectively secure small to very large heterogeneous networks. Among the features provided by PacketFence, there are: * powerful BYOD (Bring Your Own Device) capabilities * multiple enforcement methods including Role-Based Access Control (RBAC) and hotspot-style * built-in network behaviour anomaly detection * state-of-the art devices identification with Fingerbank * compliance checks for endpoints present on your network * integration with various vulnerability scanners, intrusion detection solutions, security agents and firewalls * bandwidth accounting for all devices A complete overview of the solution is available from the official website: https://packetfence.org/about.html Changes Since Previous Release New Features * New NTLM authentication service (no more domain joins, Cloud-ready) * Added ACL pre-creation for individual and all switches (#7936) * Integrated Apache Kafka for reporting flows * Rewrote pfqueue in Go language Enhancements * RADIUS proxy configuration documentation and examples * Node import supports IPv4 address (#7808) * Added TCP flags parameter from role configuration in ACL for Cisco * Added documentation for Azure AD EAP-TLS machine authentication * Reuse the websocket buffer to reduce memory usage * Force mechanism LOGIN PLAIN for SMTP (#7813) * Use the same timezone in all Docker images (#7862) * Integrated Fingerbank Perl client into PacketFence's source code * Added many PKI improvements (generate CSR from CA, SCEP server proxy and resign certificate) * Moved Aruba, Fortinet and HP switches to OS-based modules Bug Fixes * Base64 encode the RADIUS request and store it in Redis (#7853) * Improve error handling if the calling station cannot be parsed in pfacct (#7871) * Add MariaDB to the OOM list * Specific Docker configuration to pull images behind a proxy (#7946) * Fix password of the day password generation (#7862) * Add back radiusd thread support (#7963) See https://github.com/inverse-inc/packetfence/compare/v13.0.0...v13.1.0 for the complete change log. See the Upgrade guide for notes about upgrading: https://packetfence.org/doc/PacketFence_Upgrade_Guide.html Getting PacketFence PacketFence is free software and is distributed under the GNU GPL. As such, you are free to download and try it by either getting the new release or by getting the sources: https://packetfence.org/download.html Documentation about the installation and configuration of PacketFence is also available: https://packetfence.org/support/index.html#/documentation How Can I Help? PacketFence is a collaborative effort in order to create the best Free and Open Source NAC solution. There are multiple ways you can contribute to the project: * Documentation reviews, enhancements and translations * Feature requests or by sharing your ideas * Participate in the discussion on mailing lists (https://packetfence.org/support/index.html#/community) * Patches for bugs or enhancements * Provide new translations of remediation pages Getting Support For any questions, do not hesitate to contact us by writing to su...@in...<mailto:su...@in...> You can also fill our online form (https://inverse.ca/#contact) and a representative from Inverse will contact you. Inverse offers professional services to organizations willing to secure their wired and wireless networks with the PacketFence solution. |
From: Jimmy S. <jim...@gm...> - 2023-06-16 14:11:24
|
Hi, I would like to know if there is a prebuild API of packetfence for integration with Crowdstrike and Mimecast. Otherwise, is there any way we can customize the PF API for the purpose? Says integrates with mimecast, and based on Mimecast event logs of malicious attachment in an email sent to a user mailbox, that event get feeds to PF for isolation of the user's laptop. Or integrates with Crowdstrike, based on IOC Or threat detection event of the user's laptop, the events get feeds to PF for isolation of the user laptop from the network. Just want to know if the integration between the 2 and PF is possible? Thanks. Jimmy |
From: Jimmy S. <jim...@gm...> - 2023-06-16 03:07:14
|
Hi, Does anyone know if packetfence can be integrated with mimecast and crowdstrike? Any relevant documentation would be good. Thanks. Jimmy |
From: jhyanagi <jhy...@gm...> - 2023-03-22 00:53:44
|
Hi PacketFence devel, Thanks for your great congratulations and support. I have 2 questions. 1. I want to integrate the captive portal with new hardware. The mac address, ip address and other information should be parsed by the external portal, and it needs to be customized. In this case, I cannot use the switch template based customization, but I need to add a new pm module in pf/lib/pf/Switch Is my understanding correct? 2. If I add a NewSwitch.pm in pf/lib/pf/Switch/ in the running server, I still cannot see it in the admin GUI even if I restarted the server. What is the procedure to make this visible in the GUI? I don't have the code file yet, I just want to try, test and contribute when it is fully working. Any feedback will highly be appreciated. Thank you. |
From: Satkunas, D. <dsa...@ak...> - 2023-03-09 14:45:17
|
The Inverse team is pleased to announce the immediate availability of PacketFence 12.2. This is a minor release with new features, enhancements and bug fixes. This release is considered ready for production use and upgrading from previous versions is strongly advised. What is PacketFence? PacketFence is a fully supported, trusted, Free and Open Source Network Access Control (NAC) solution. Boasting an impressive feature set, PacketFence can be used to effectively secure small to very large heterogeneous networks. Among the features provided by PacketFence, there are: powerful BYOD (Bring Your Own Device) capabilities multiple enforcement methods including Role-Based Access Control (RBAC) and hotspot-style built-in network behaviour anomaly detection state-of-the art devices identification with Fingerbank compliance checks for endpoints present on your network integration with various vulnerability scanners, intrusion detection solutions, security agents and firewalls bandwidth accounting for all devices A complete overview of the solution is available from the official website: https://packetfence.org/about.html New Features Added ContentKeeper firewall SSO support Added support for Unifi OS controllers (#7368) Added support for downloadable ACLs on Cisco and Dell switches Enhancements Allow ProxySQL to be configured to connect to a single external database Allow image files to be uploaded to a connection profile Added System Service and Systemd buttons in Admin UI Online/offline no longer relies on bandwidth accounting Pending Security Events added to network threats visualization Expose the fingerbank_info variable to all HTML portal templates (#7460) VLAN filter actions can now be done synchronously (#7351) Support for wired connections on Ruckus SmartZone Improve support of WebAuth on Aruba AP (#7470) Allow configurability of using the connector during firewall SSO New api call /api/v1/config/role/{role_id}/bulk_reevaluate_access Add warnings/errors when updating ACLs for roles and switches Azure SAML integration documentation Change log-levels of Perl services using environment variable (#7487) Containerize pfacct service Add not_before to PKI certificates (#7454) Bug Fixes Force the destination IP for UDP packets going through the pfconnector (#7323) Clear the active dynamic reverses that exist when a pfconnector reconnects OpenID Authentication Source - Duplicated Username (#7399) Unable to upgrade to Debian 11.6 with PF 11.X and 12.X (#7438) Trust server certificates when provisioning Apple devices for EAP-TLS (#7428) Use WPA2 in place of WPA when provisioning Apple devices (#7428) Creating/modifying/deleting a syslog forwarder prompts to restart rsyslog in the admin (#6532) Fixed UTF-8 encoding in email body (#7422) Escape quotes in LDAP passwords (AD source: complex passwords prevent RADIUS to start #3976) Use the proper file extensions when uploading SAML config files. (ZEN 12.1 - XML file renamed on upload #7439) Return immediately after an async job is complete (Rework pfqueue results polling #7175) Fixed issue with Aruba dACL, only the first ACL was shown in the port ZEN 12.1 installations will generate a new RADIUS key after a reboot (#7568) Disable DNS lookup in sudo to prevent API timeouts and interfaces not detected (#7403) RADIUS source+pfconnector is not working in admin context (#7550) See https://github.com/inverse-inc/packetfence/compare/v12.1.0...v12.2.0 for the complete change log. See the Upgrade guide for notes about upgrading: https://packetfence.org/doc/PacketFence_Upgrade_Guide.html Getting PacketFence PacketFence is free software and is distributed under the GNU GPL. As such, you are free to download and try it by either getting the new release or by getting the sources: https://packetfence.org/download.html Documentation about the installation and configuration of PacketFence is also available: https://packetfence.org/support/index.html#/documentation How Can I Help? PacketFence is a collaborative effort in order to create the best Free and Open Source NAC solution. There are multiple ways you can contribute to the project: Documentation reviews, enhancements and translations Feature requests or by sharing your ideas Participate in the discussion on mailing lists (https://packetfence.org/support/index.html#/community) Patches for bugs or enhancements Provide new translations of remediation pages Getting Support For any questions, do not hesitate to contact us by writing to su...@in<mailto:su...@in>... You can also fill our online form (https://inverse.ca/#contact) and a representative from Inverse will contact you. Inverse offers professional services to organizations willing to secure their wired and wireless networks with the PacketFence solution. |
From: ANISH VK <ita...@mu...> - 2023-02-20 06:37:23
|
Dear Support Team, Kindly instruct with a solution on this error which we are getting. Regards, Anish VK On Sat, Feb 11, 2023 at 6:17 PM ANISH VK <ita...@mu...> wrote: > >> Dear Support Team, >> >> I have recently installed Packetfence on CentOS 8 machine successfully, >> >> Now I am trying to integrate Active directory with packet fence but it is >> continuously throwing an error message, >> >> [image: Nac Error.JPG] >> >> log.winbindd - Logs >> >> [image: NCD.JPG] >> >> Request you to kindly support/advise us to get this issue resolved. >> >> >> Regards, >> Anish VK >> > -- This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies and the original message. Any unauthorized review, use, disclosure,dissemination, forwarding, printing or copying of this email or any action taken in reliance on this e-mail is strictly prohibited and may be unlawful. The recipient acknowledges that Muthoot Finance Ltd or its subsidiaries and associated companies(collectively "The Muthoot Group"),are unable to exercise control or ensure or guarantee the integrity of/over the contents of the information contained in e-mail transmissions and further acknowledges that any views expressed in this message are those of the individual sender and no binding nature of the message shall be implied or assumed unless the sender does so expressly with due authority of Muthoot Finance Ltd. Before opening any attachments please check them for viruses and defects.Virus Warning: Although the company has taken reasonable precautions to ensure no viruses are present in this email. The company cannot accept responsibility for any loss or damage arising from the use of this email or attachment. |
From: ANISH VK <ita...@mu...> - 2023-02-11 12:53:29
|
> > > Dear Support Team, > > I have recently installed Packetfence on CentOS 8 machine successfully, > > Now I am trying to integrate Active directory with packet fence but it is > continuously throwing an error message, > > [image: Nac Error.JPG] > > log.winbindd - Logs > > [image: NCD.JPG] > > Request you to kindly support/advise us to get this issue resolved. > > > Regards, > Anish VK > -- This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies and the original message. Any unauthorized review, use, disclosure,dissemination, forwarding, printing or copying of this email or any action taken in reliance on this e-mail is strictly prohibited and may be unlawful. The recipient acknowledges that Muthoot Finance Ltd or its subsidiaries and associated companies(collectively "The Muthoot Group"),are unable to exercise control or ensure or guarantee the integrity of/over the contents of the information contained in e-mail transmissions and further acknowledges that any views expressed in this message are those of the individual sender and no binding nature of the message shall be implied or assumed unless the sender does so expressly with due authority of Muthoot Finance Ltd. Before opening any attachments please check them for viruses and defects.Virus Warning: Although the company has taken reasonable precautions to ensure no viruses are present in this email. The company cannot accept responsibility for any loss or damage arising from the use of this email or attachment. |
From: Ludovic M. <lma...@in...> - 2022-11-22 16:04:29
|
The Inverse team is pleased to announce the immediate availability of PacketFence v12.1. This is a minor release with new features, enhancements and bug fixes. This release is considered ready for production use and upgrading from previous versions is strongly advised. What is PacketFence? PacketFence is a fully supported, trusted, Free and Open Source Network Access Control (NAC) solution. Boasting an impressive feature set, PacketFence can be used to effectively secure small to very large heterogeneous networks. Among the features provided by PacketFence, there are: powerful BYOD (Bring Your Own Device) capabilities multiple enforcement methods including Role-Based Access Control (RBAC) and hotspot-style built-in network behaviour anomaly detection state-of-the art devices identification with Fingerbank compliance checks for endpoints present on your network integration with various vulnerability scanners, intrusion detection solutions, security agents and firewalls bandwidth accounting for all devices A complete overview of the solution is available from the official website: https://packetfence.org/about.html Changes Since Previous Release New Features Added unbound dynamic PSK support to the OpenWiFi module Added Single-Sign-On capability for the admin interface login (SAML/OAuth/MFA/etc) Improved integration in the PacketFence Forwarder to mirror DNS packets from a Windows DNS server Support for the Fingerbank Collector on the PacketFence Connector Enhancements Improved flexibility in Eduroam source RADIUS server definitions Allow to import only database or configuration Debian package for PacketFence Connector Removed unused savedsearch databases table Removed jQuery dependency in captive portal Present the dynamic PSK on the status page when appropriate Manage pfconfig.conf through upgrade scripts instead of packaging Improve WebAuth support on Extreme controllers File upload in the admin instead of manual SCP/SSH upload Added VPN detection RADIUS attribute for Fortigate Fixed valid_mac that identified some IP addresses as MAC Hardware Token support like Yubikey for Akamai MFA Added SMS/phone as a default method in configuration Bug Fixes Fixed issue with pfconnector where it would reuse a dynamic reverse that is not active anymore (#7218) Fixed issue with RADIUS deauth through pfconnector-remote in a cluster where it was logging as failed although it succeeded Fixed issue with rule match with 'any' and has no conditions the rule is always successful (#3768) Fix issue with database upgrade (#7283) Fix issue with sponsor registration where notes field can not be used on captive portal (#6385) Improved error handling when performing a deauth on the previous switch (#6985) Fixed possible click-jacking on netdata reverse proxy (#7338) Do not re-sync configuration files unnecessarily during restarts (#7360) Regenerate secrets on first boot of ZEN See https://github.com/inverse-inc/packetfence/compare/v12.0.0...v12.1.0 for the complete change log. See the Upgrade guide for notes about upgrading: https://packetfence.org/doc/PacketFence_Upgrade_Guide.html Getting PacketFence PacketFence is free software and is distributed under the GNU GPL. As such, you are free to download and try it by either getting the new release or by getting the sources: https://packetfence.org/download.html Documentation about the installation and configuration of PacketFence is also available: https://packetfence.org/support/index.html#/documentation How Can I Help? PacketFence is a collaborative effort in order to create the best Free and Open Source NAC solution. There are multiple ways you can contribute to the project: Documentation reviews, enhancements and translations Feature requests or by sharing your ideas Participate in the discussion on mailing lists (https://packetfence.org/support/index.html#/community) Patches for bugs or enhancements Provide new translations of remediation pages Getting Support For any questions, do not hesitate to contact us by writing to su...@in... You can also fill our online form (https://inverse.ca/#contact) and a representative from Inverse will contact you. Inverse offers professional services to organizations willing to secure their wired and wireless networks with the PacketFence solution. |
From: Morningstar IM <mor...@ou...> - 2022-11-08 15:08:26
|
Hello sir, I hope you are well. I am currently working on my thesis for my university degree. I chose Packetfence for the many services it provides, the fluidity of its documentation and the possibility to integrate several security solutions. For 1 month now, I'm stuck on two levels and I'm really chased by time. I have to do it quickly. I have already worked well on other solutions like Cisco ISE but I preferred to choose packetfence. Let me explain my problem: My architecture is as follows: I have an AD server, a version 15.2 switch, a windows 10 test pc. I followed the documentation, I installed the PF ISO, I created 3 vlan (For 3 groups) I managed to connect PF to AD, I got the Fingerbank API, I added the authentication source, I added the sw to pf, I configured the profile, I used win 10 for the test. I configured the switch, recreated the vlans, and ip helper-add to the pf. Every time I connect the windows 10, it says authentication failed. and on the switch dot1x failed. The test pc can't get dhcp server addresses. What to do please need your help. I am looking forward to your help. Best regards, MI |
From: Diego G. d. R. <ga...@gm...> - 2022-10-14 15:03:55
|
Hello devs! I was wondering if there were any tutorial / details / examples on how to add an additional parameter to a switch module. In the past, with the previous GUI (pre 9.0), I had done it relatively easily... but with the new GUI im not very sure on how to do so. The idea is to add a "REST-deauth" setting given the choice of performing a "disconnect" or an "authorize" when changing roles / allowing initial access after registration. Depending on the deployment topology for ruckus smartzone, you need to call the "authorize" or the "disconnect" method (it depends if the controller is acting as radius proxy or not, etc). Right now, in my topology, I just edited the ruckus.pm code to replace the API call, but it would be good to expose it as a configurable parameter. Are there any suggestions / code examples I could look at? do any of the switch modules have any custom properties added to the gui? thanks in advance! |
From: Ludovic M. <lma...@in...> - 2022-09-14 17:44:02
|
The Inverse team is pleased to announce the immediate availability of PacketFence v12.0. This is a major release with new features, enhancements and bug fixes. This release is considered ready for production use and upgrading from previous versions is strongly advised. What is PacketFence? PacketFence is a fully supported, trusted, Free and Open Source Network Access Control (NAC) solution. Boasting an impressive feature set, PacketFence can be used to effectively secure small to very large heterogeneous networks. Among the features provided by PacketFence, there are: powerful BYOD (Bring Your Own Device) capabilities multiple enforcement methods including Role-Based Access Control (RBAC) and hotspot-style built-in network behaviour anomaly detection state-of-the art devices identification with Fingerbank compliance checks for endpoints present on your network integration with various vulnerability scanners, intrusion detection solutions, security agents and firewalls bandwidth accounting for all devices A complete overview of the solution is available from the official website: https://packetfence.org/about.html Changes Since Previous Release New Features New assets, communications and threats visualizations Containerization of most PacketFence services New pfconnector service to connect remote locations to a central or cloud PacketFence server Support for role-based enforcement on Meraki wired devices (#7000) Support to split database read and writes to different MySQL servers (#7055) Support for distributed database reads in cluster using ProxySQL Initial Linode IaaS and PacketFence Connector documentation (#7152) Enhancements Unified service store module allowing control of both local and cluster members services Sign a CSR from the PacketFence PKI Added ability to use the MariaDB database or Redis to store the api-frontend tokens Adjust logs for containerized and non-containerized services (#7043) Allow to enabled/disable processing bandwidth accounting (#6934) Sophos VPN support Automatically display mandatory fields in email/sponsor activation emails (#7069) Detect CLI access from Dell N1500 switches (#7070) Deprecate /api/v1/config/fixpermissions and /api/v1/config/checkup Update monit email (#7012) Monit sender address configurable from the admin GUI Full UTF-8 support in the PacketFence database Added MySQL compatibility Added CSV import to switch groups Simplify cluster upgrades (#7180) Bug Fixes Only provide the unregdate action if access_duration is not defined for the local source (#6925) Clone switch template with correct ID (#6941) Add time to the available template switch variables (#6952) Only trigger the node discover security event in the context of RADIUS and pfdhcplistener (#4987) Use TLS 1.2 to communicate with Intune servers (#7021) Align Apache timeout with captive_portal.request_timeout (#7037) Return VIP in DHCP requests if dns_on_vip_only is enabled (#7035) Replace LF by CRLF at end of emails sent by PacketFence (SMS email has "Bare Line Feed Characters" Status code: 550 5.6.11 #5380) The User-Name value in an EAP-TTLS PAP reply will always be the identity of the inner-tunnel (#7017) Multi-line entries in "Role by access list" are returned as a string (#6791) Respect the time of the expiration date of the password (#7003) Monitoring scripting key is not installed correctly when performing an ISO installation (#6965) Set the database location to the system Local timezone (golang) Add missing translations to the captival portal Fix Trapeze Deauth issue Fix the wrong encoding of special char in the REST call to PacketFence (use base64) See https://github.com/inverse-inc/packetfence/compare/v11.2.0...v12.0.0 for the complete change log. See the Upgrade guide for notes about upgrading: https://packetfence.org/doc/PacketFence_Upgrade_Guide.html Getting PacketFence PacketFence is free software and is distributed under the GNU GPL. As such, you are free to download and try it by either getting the new release or by getting the sources: https://packetfence.org/download.html Documentation about the installation and configuration of PacketFence is also available: https://packetfence.org/support/index.html#/documentation How Can I Help? PacketFence is a collaborative effort in order to create the best Free and Open Source NAC solution. There are multiple ways you can contribute to the project: Documentation reviews, enhancements and translations Feature requests or by sharing your ideas Participate in the discussion on mailing lists (https://packetfence.org/support/index.html#/community) Patches for bugs or enhancements Provide new translations of remediation pages Getting Support For any questions, do not hesitate to contact us by writing to su...@in... You can also fill our online form (https://inverse.ca/#contact) and a representative from Inverse will contact you. Inverse offers professional services to organizations willing to secure their wired and wireless networks with the PacketFence solution. |
From: Ludovic M. <lma...@in...> - 2022-02-23 17:22:27
|
The Inverse team is pleased to announce the immediate availability of PacketFence v11.2. This is a major release with new features, enhancements and bug fixes. This release is considered ready for production use and upgrading from previous versions is strongly advised. What is PacketFence? PacketFence is a fully supported, trusted, Free and Open Source Network Access Control (NAC) solution. Boasting an impressive feature set, PacketFence can be used to effectively secure small to very large heterogeneous networks. Among the features provided by PacketFence, there are: powerful BYOD (Bring Your Own Device) capabilities multiple enforcement methods including Role-Based Access Control (RBAC) and hotspot-style built-in network behaviour anomaly detection state-of-the art devices identification with Fingerbank compliance checks for endpoints present on your network integration with various vulnerability scanners, intrusion detection solutions, security agents and firewalls bandwidth accounting for all devices A complete overview of the solution is available from the official website: https://packetfence.org/about.html Changes Since Previous Release New Features Added MAB floating device support to Ruckus/Brocade switches (#6774) Support for roles in VPN access Allow to centralize the virtual IPs on the same server (#6853) Added support for Kandji MDM as a provisioner OpenWiFi switch module Allow to manage devices (unregister) when reaching max nodes (#6860) ISO installer based on Debian 11 (#6803) Enhancements Allow Meraki::MR_v2 module to be able to use a RADIUS Disconnect instead of only a RADIUS CoA Simplify local development of Venom tests (#6711) Integration tests on Fingerbank (#6725, #6786, #6798, #6816) Integration tests on captive portal (#6744) Integration tests for CLI login (#6783) Upgrade to Venom 1.0.0 (#6775) Upload logs of tests (#6784) Management of TLS minimum and maximum versions in GUI (#6773) Integration tests for Inline L2 and L3 (#6769) Drastically improved the performance of the Ruckus unbound DPSK implementation (#6817) Added an admin action to allow RADIUS Probe requests Allow access to the Status/Node Manager/Device Registration pages on SAML auth. Give each monitoring script a maximum of 10 seconds to run (#6828) Resign CA feature in PKI (#6770) Allow to download any certificates without private key using a button (#6778) Fixes date format of the PKI SQL tables (#6823) Use the Digest of the profile on SCEP request (#6823) Improve CLI login support on Ubiquiti Edge switches (#6727) Expose the open locationlog as a variable to switch templates. Improve the speed on the node online query. Message portal module can be used without the portal template. The ip6tables rules are now managed by PacketFence (#6836) Certificate signing requests created via the admin interface now include a Subject Alternative Name (SAN) The Subject Alternative Names of a certificate are now displayed in the admin interface SSL Certificates - RADIUS / HTTPs page Simple GUI Enhancements (wording clarification) (#6613) New mysql-probe service to monitor haproxy-db backends Allow to add environment overrides to Fingerbank collector via the config (#6854) Change the behavior of pf::condition::not_equal to always succeed when match value is undef Allow to renew certificate X days before the expiration date Send email X days before the expiration date to the user email/ profile email / administrator PKI CN provides certificate for the same CN but for different profiles (profile name added in Subject) Auto-revoke certificate if expired PKI actions are now logged to the admin API audit log Reduce list of accepted ciphers in haproxy-portal and haproxy-admin to reinforce security Improved the performance of the bandwidth accounting cleanup process (#6850) Purge binary logs task Integration tests for firewall SSO (HTTPS/RADIUS) (#6822) Add text warning on unreg date when past date is used (#6871) Add an option to sync a single ConfigStore storage in the bin/cluster/sync tool (#6904) Updated PayPal integration documentation Bug Fixes Reply to Windows devices configured through Intune even if they requested a non-existing URL (#6687) Add RADIUS audit log entry in correct tenant when switches are defined by MAC address (#6540) Fixed issue with edition of PKI template (#6713) Fixed issue on PKI template save (#6749) Fixed issue on PKI templates can be modified by a SCEP request (#6751) Fixed issue with PKI From value when sending certificate by email (#6370) Fixed documentation for Huawei (PR #6692) Fixed issue when pulling the wrong certificate only based on the cn (#5861) Fixed regression in the Unifi module for deauthentication of webauth clients when the APs are defined using an IP or CIDR in the configuration (#6686) Fixed revoke certificate on unregistration (#6826) Send certificates by email using alerting settings (#5917) Validate email format on TLS Enrollment form Fixed issue where portal could apply actions from different auth rules (#6896) Handle DBI library ping call dying in pfconfig MySQL backend (#6895) See https://github.com/inverse-inc/packetfence/compare/v11.1.0...v11.2.0 for the complete change log. See the Upgrade guide for notes about upgrading: https://packetfence.org/doc/PacketFence_Upgrade_Guide.html Getting PacketFence PacketFence is free software and is distributed under the GNU GPL. As such, you are free to download and try it by either getting the new release or by getting the sources: https://packetfence.org/download.html Documentation about the installation and configuration of PacketFence is also available: https://packetfence.org/support/index.html#/documentation How Can I Help? PacketFence is a collaborative effort in order to create the best Free and Open Source NAC solution. There are multiple ways you can contribute to the project: Documentation reviews, enhancements and translations Feature requests or by sharing your ideas Participate in the discussion on mailing lists (https://packetfence.org/support/index.html#/community) Patches for bugs or enhancements Provide new translations of remediation pages Getting Support For any questions, do not hesitate to contact us by writing to su...@in... You can also fill our online form (https://inverse.ca/#contact) and a representative from Inverse will contact you. Inverse offers professional services to organizations willing to secure their wired and wireless networks with the PacketFence solution. |
From: Erich F. <ef...@gr...> - 2021-12-13 20:19:14
|
Can we confirm PacketFence is not subject to CVE-2021-44228? |
From: Ludovic M. <lma...@in...> - 2021-10-29 18:09:33
|
The Inverse team is pleased to announce the immediate availability of PacketFence v11.1. This is a major release with new features, enhancements and bug fixes. This release is considered ready for production use and upgrading from previous versions is strongly advised. What is PacketFence? PacketFence is a fully supported, trusted, Free and Open Source Network Access Control (NAC) solution. Boasting an impressive feature set, PacketFence can be used to effectively secure small to very large heterogeneous networks. Among the features provided by PacketFence, there are: powerful BYOD (Bring Your Own Device) capabilities multiple enforcement methods including Role-Based Access Control (RBAC) and hotspot-style built-in network behaviour anomaly detection state-of-the art devices identification with Fingerbank compliance checks for endpoints present on your network integration with various vulnerability scanners, intrusion detection solutions, security agents and firewalls bandwidth accounting for all devices A complete overview of the solution is available from the official website: https://packetfence.org/about.html Changes Since Previous Release New Features Support for Akamai MFA in VPN/CLI RADIUS authentication and on the captive portal Support for TOTP MFA in VPN/CLI RADIUS authentication and on the captive portal Automation of upgrades for standalone installations (#6583) Enhancements MikroTik DHCP MAC authentication support Allow to use the sAMAccountName from the searchattributes in MSCHAP machine authentication (#6586) Improve the Data Access Layer to work in MariaDB's default sql_mode New command pfcmd mariadb [mariadb options] Deauth request can be made on the previous equipment the device was connected Allow the bulk import of config items to be async Remove unused/deprecated sources (AuthorizeNet, Instagram, Twitter, Pinterest, and Mirapay) (#6560) Automation of supported equipment page on PacketFence website (#6611) Use Venom 1.0.0 through Ansible to run integration tests (#6573) Import script will migrate the networks configuration if the new IP is in the same subnet (#6636) EAP-TLS integration tests using manual deployment and SCEP protocol (#6647) Added a monit check to ensure winbindd is still connected (11.1 - AD failover doesn’t work #6655) Improve ZEN builds (#6663) Bug Fixes Match the realm more strictly when its not a regex in EAP-TTLS PAP Populate the LDAP config for enabled LDAP EAP-TTLS PAP realms Only call oauth2 in authorize for the realms that have an Azure AD EAP-TTLS PAP configuration Use source username in LDAP module for EAP-TTLS PAP instead of always using sAMAccoutName Support LDAP certificate client auth for LDAP EAP-TTLS PAP authentication Allow to use Google Workspace LDAP sources in EAP-TTLS PAP authentication Add script for removing WMI scan (#6569) Fix Let's Encrypt renewal process restarting services even if they are disabled (#6606) Removes the deprecated NTLM background job fields and components (#6552) Ignore 'Mark as sponsor' administration rules when finding the access level of a VPN/CLI user (#6349) Reducing time balance only when registered See https://github.com/inverse-inc/packetfence/compare/v11.0.0...v11.1.0 for the complete change log. See the Upgrade guide for notes about upgrading: https://packetfence.org/doc/PacketFence_Upgrade_Guide.html Getting PacketFence PacketFence is free software and is distributed under the GNU GPL. As such, you are free to download and try it by either getting the new release or by getting the sources: https://packetfence.org/download.html Documentation about the installation and configuration of PacketFence is also available: https://packetfence.org/support/index.html#/documentation How Can I Help? PacketFence is a collaborative effort in order to create the best Free and Open Source NAC solution. There are multiple ways you can contribute to the project: Documentation reviews, enhancements and translations Feature requests or by sharing your ideas Participate in the discussion on mailing lists (https://packetfence.org/support/index.html#/community) Patches for bugs or enhancements Provide new translations of remediation pages Getting Support For any questions, do not hesitate to contact us by writing to su...@in... You can also fill our online form (https://inverse.ca/#contact) and a representative from Inverse will contact you. Inverse offers professional services to organizations willing to secure their wired and wireless networks with the PacketFence solution. |
From: Ludovic M. <lma...@in...> - 2021-09-02 17:20:13
|
The Inverse team is pleased to announce the immediate availability of PacketFence v11. This is a major release with new features, enhancements and bug fixes. This release is considered ready for production use and upgrading from previous versions is strongly advised. What is PacketFence? PacketFence is a fully supported, trusted, Free and Open Source Network Access Control (NAC) solution. Boasting an impressive feature set, PacketFence can be used to effectively secure small to very large heterogeneous networks. Among the features provided by PacketFence, there are: powerful BYOD (Bring Your Own Device) capabilities multiple enforcement methods including Role-Based Access Control (RBAC) and hotspot-style built-in network behaviour anomaly detection state-of-the art devices identification with Fingerbank compliance checks for endpoints present on your network integration with various vulnerability scanners, intrusion detection solutions, security agents and firewalls bandwidth accounting for all devices A complete overview of the solution is available from the official website: https://packetfence.org/about.html Changes Since Previous Release New Features Red Hat Enterprise Linux 8 and Debian 11 support Microsoft Azure AD authentication and authorization support (#6380) Google Workspace integration for LDAP and Chromebooks Automation of upgrades from 10.3 and above (#6438) Forwarding support for audit logs stored in database Enhancements Microsoft Intune SCEP support (#6360) Venom inline L3 (PR#6266) Massively improved web admin performance LDAP source now supports client certificates AirWatch SCEP documentation Rewrite the username of the request from RADIUS preProcess filter (#6293) Upgrade to golang 1.16.3 (#6343) pfpki: configure OCSP to listen on specific interfaces (#5825) Get maintenance patches through package manager (#6378) Adjust Intune integration to support pagination of the managed devices (#6135) Add an option to force the vip as the default gateway on layer2 registration network (#6406) Firewall SSO is tenant aware (#6384) Added conditions on owner information in the RADIUS filters (#6324) CLI access support for Avaya Switches (#6398) Authorize a MAC address on all APs of the switch group when using the Unifi module (#6134) Macro documentation for filter engine (#6392) Expose the source directory of documentation from Caddy (#6315) Audit successful admin login in the admin audit log. (#6345) Allow users to resend the SMS pin Improve the speed of retrieving switches (#6321) Bug Fixes Configurator sets valid_from field to current time in place of 1970-01-01 00:00:00 Support switch_group in advanced filters (#6379) Authentication rule condition basedn matching does not work (Authentication rule condition basedn matching does not work #6402) Filter netdata incoming connection (#6303) CLI switch access for Avaya ERS Switches (#6399) Avoid duplicate log entries "User <username> has authenticated on the portal" Backup DB using MariaDB-backup does not work on standalone installations (#6424) Normalize connection_sub_type to use the numeric value (#6326) Expired switches for all tenants (#6024) See https://github.com/inverse-inc/packetfence/compare/v10.3.0...v11.0.0 for the complete change log. See the Upgrade guide for notes about upgrading: https://packetfence.org/doc/PacketFence_Upgrade_Guide.html Getting PacketFence PacketFence is free software and is distributed under the GNU GPL. As such, you are free to download and try it by either getting the new release or by getting the sources: https://packetfence.org/download.html Documentation about the installation and configuration of PacketFence is also available: https://packetfence.org/support/index.html#/documentation How Can I Help? PacketFence is a collaborative effort in order to create the best Free and Open Source NAC solution. There are multiple ways you can contribute to the project: Documentation reviews, enhancements and translations Feature requests or by sharing your ideas Participate in the discussion on mailing lists (https://packetfence.org/support/index.html#/community) Patches for bugs or enhancements Provide new translations of remediation pages Getting Support For any questions, do not hesitate to contact us by writing to su...@in... You can also fill our online form (https://inverse.ca/#contact) and a representative from Inverse will contact you. Inverse offers professional services to organizations willing to secure their wired and wireless networks with the PacketFence solution. |
From: Diego G. d. R. <ga...@gm...> - 2021-03-18 19:26:07
|
Merci! On Thu, Mar 18, 2021 at 3:59 PM Fabrice Durand <fd...@in...> wrote: > perfect, i will review it soon. > > Thanks > > > Le 2021-03-18 à 13 h 33, Diego Garcia del Rio a écrit : > > Hi Fabrice, > > I gave up and built a new branch: > > https://github.com/inverse-inc/packetfence/pull/6201 > > I closed the previous PR. This one should have the same changes but > collapsed in fewer commits (and all under my name) > > Cheers! > > > On Thu, Mar 18, 2021 at 12:08 PM Fabrice Durand <fd...@in...> > wrote: > >> Hello Garcia, >> >> it looks that you can do it this way: >> https://makandracards.com/makandra/1717-git-change-author-of-a-commit >> >> Regards >> >> Fabrice >> >> >> Le 2021-03-18 à 08 h 52, Diego Garcia del Rio a écrit : >> >> Hi Fabrice, >> >> Thanks for the feedback. I dont know if you can force-skip the cla-bot >> check. After all the commit was just pulling in upstream changes... so if >> we can merge as-is, im fine with that. After all, its basically a no-op >> commit. >> >> Cheers! >> >> >> On Thu, Mar 18, 2021 at 12:03 AM Durand fabrice <fd...@in...> >> wrote: >> >>> Hello Diego, >>> >>> your PR is really appreciate !! >>> >>> I did a quick check and i am not sure i can do something on my side to >>> fix the CLA-Bot since it's in your repo. >>> >>> The 2 things i see are that >>> https://docs.github.com/en/github/committing-changes-to-your-project/why-are-my-commits-linked-to-the-wrong-user#commits-are-not-linked-to-any-user >>> or merge it as is. >>> >>> I will ask my coworker tomorrow. >>> >>> Regards >>> >>> Fabrice >>> >>> >>> >>> The other way can maybe to recreate a PR >>> Le 21-03-16 à 19 h 31, Diego Garcia del Rio a écrit : >>> >>> Hello everyone, >>> >>> I have a PR open since around a month now where I added better support >>> for the different authentication mechanisms that ruckus offers, as well as >>> quite a bit of documentation on how to use the RBAC (role-based >>> assigning of ACLs and rate limits) when using both smartzone and >>> zoneDirector controllers for ruckus, >>> >>> I also cleaned up the webService API calls done to the ruckus controller >>> so as to support both HTTP and HTTPS with their corresponding ports (http >>> so as to allow for easier troubleshooting when things arent working). I >>> also added support for the "username" in the API call which is mandatory if >>> using SmartZone in multi-tenant mode (and I guess it should make this >>> compatible with ruckus cloud ) >>> >>> In particular, ruckus has so many different modes of operation (radius >>> local vs proxy-radius with and without WISPR portal on the AP) that things >>> are bound to get confusing. For example, if you're using a remove SmartZone >>> controller, while having packetfence locally installed on-prem, the proxy >>> mode for RADIUS might not be workable as you would have to open port 1812 >>> on your external connection (and you might not even have a static ip!) So >>> in those cases, while authentication is done through radius, the de-auth is >>> done through http/rest API. I added support for forcing the de-auth method >>> if needed and have been testing it succesfully lately. >>> >>> I noticed there is ongoing work for DPSK support for ruckus and I have >>> already integrated those changes in my PR but I havent been able to test >>> them yet. >>> >>> my PR is available here: >>> https://github.com/inverse-inc/packetfence/pull/6141 >>> >>> The only issue I have is that when pulling the upstream changes to the >>> whole trunk, I accidentally kept one commit as "root" rather than "garci66" >>> so the CLA-Bot is complaining... if someone has an "easy" idea on how to >>> fix that.. I'd REALLY appreciate it. >>> >>> I can imagine things are quite busy with inverse being acquired but I >>> would really appreciate if anyone has some cycles to take a look -and >>> ideally approve- the PR. >>> >>> I have access to a lot of ruckus gear and can help test / troubleshoot >>> more complex scenarios if needed. >>> >>> >>> Best Regards, >>> Diego >>> >>> >>> >>> >>> _______________________________________________ >>> PacketFence-devel mailing lis...@li...https://lists.sourceforge.net/lists/listinfo/packetfence-devel >>> >>> _______________________________________________ >>> PacketFence-devel mailing list >>> Pac...@li... >>> https://lists.sourceforge.net/lists/listinfo/packetfence-devel >>> >> >> >> _______________________________________________ >> PacketFence-devel mailing lis...@li...https://lists.sourceforge.net/lists/listinfo/packetfence-devel >> >> -- >> Fabrice Dur...@in... :: +1.514.447.4918 (x135) :: www.inverse.ca >> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) >> >> _______________________________________________ >> PacketFence-devel mailing list >> Pac...@li... >> https://lists.sourceforge.net/lists/listinfo/packetfence-devel >> > > > _______________________________________________ > PacketFence-devel mailing lis...@li...https://lists.sourceforge.net/lists/listinfo/packetfence-devel > > -- > Fabrice Dur...@in... :: +1.514.447.4918 (x135) :: www.inverse.ca > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) > > _______________________________________________ > PacketFence-devel mailing list > Pac...@li... > https://lists.sourceforge.net/lists/listinfo/packetfence-devel > |
From: Fabrice D. <fd...@in...> - 2021-03-18 18:58:45
|
perfect, i will review it soon. Thanks Le 2021-03-18 à 13 h 33, Diego Garcia del Rio a écrit : > Hi Fabrice, > > I gave up and built a new branch: > > https://github.com/inverse-inc/packetfence/pull/6201 > <https://github.com/inverse-inc/packetfence/pull/6201> > > I closed the previous PR. This one should have the same changes but > collapsed in fewer commits (and all under my name) > > Cheers! > > > On Thu, Mar 18, 2021 at 12:08 PM Fabrice Durand <fd...@in... > <mailto:fd...@in...>> wrote: > > Hello Garcia, > > it looks that you can do it this way: > https://makandracards.com/makandra/1717-git-change-author-of-a-commit > <https://makandracards.com/makandra/1717-git-change-author-of-a-commit> > > Regards > > Fabrice > > > Le 2021-03-18 à 08 h 52, Diego Garcia del Rio a écrit : >> Hi Fabrice, >> >> Thanks for the feedback. I dont know if you can force-skip the >> cla-bot check. After all the commit was just pulling in upstream >> changes... so if we can merge as-is, im fine with that. After >> all, its basically a no-op commit. >> >> Cheers! >> >> >> On Thu, Mar 18, 2021 at 12:03 AM Durand fabrice >> <fd...@in... <mailto:fd...@in...>> wrote: >> >> Hello Diego, >> >> your PR is really appreciate !! >> >> I did a quick check and i am not sure i can do something on >> my side to fix the CLA-Bot since it's in your repo. >> >> The 2 things i see are that >> https://docs.github.com/en/github/committing-changes-to-your-project/why-are-my-commits-linked-to-the-wrong-user#commits-are-not-linked-to-any-user >> <https://docs.github.com/en/github/committing-changes-to-your-project/why-are-my-commits-linked-to-the-wrong-user#commits-are-not-linked-to-any-user> >> or merge it as is. >> >> I will ask my coworker tomorrow. >> >> Regards >> >> Fabrice >> >> >> >> The other way can maybe to recreate a PR >> >> Le 21-03-16 à 19 h 31, Diego Garcia del Rio a écrit : >>> Hello everyone, >>> >>> I have a PR open since around a month now where I added >>> better support for the different authentication mechanisms >>> that ruckus offers, as well as quite a bit of documentation >>> on how to use the RBAC (role-based assigning of ACLs and >>> rate limits) when using both smartzone and zoneDirector >>> controllers for ruckus, >>> >>> I also cleaned up the webService API calls done to the >>> ruckus controller so as to support both HTTP and HTTPS with >>> their corresponding ports (http so as to allow for easier >>> troubleshooting when things arent working). I also added >>> support for the "username" in the API call which is >>> mandatory if using SmartZone in multi-tenant mode (and I >>> guess it should make this compatible with ruckus cloud ) >>> >>> In particular, ruckus has so many different modes of >>> operation (radius local vs proxy-radius with and without >>> WISPR portal on the AP) that things are bound to get >>> confusing. For example, if you're using a remove SmartZone >>> controller, while having packetfence locally installed >>> on-prem, the proxy mode for RADIUS might not be workable as >>> you would have to open port 1812 on your external connection >>> (and you might not even have a static ip!) So in those >>> cases, while authentication is done through radius, the >>> de-auth is done through http/rest API. I added support for >>> forcing the de-auth method if needed and have been testing >>> it succesfully lately. >>> >>> I noticed there is ongoing work for DPSK support for ruckus >>> and I have already integrated those changes in my PR but I >>> havent been able to test them yet. >>> >>> my PR is available here: >>> https://github.com/inverse-inc/packetfence/pull/6141 >>> <https://github.com/inverse-inc/packetfence/pull/6141> >>> >>> The only issue I have is that when pulling the upstream >>> changes to the whole trunk, I accidentally kept one commit >>> as "root" rather than "garci66" so the CLA-Bot is >>> complaining... if someone has an "easy" idea on how to fix >>> that.. I'd REALLY appreciate it. >>> >>> I can imagine things are quite busy with inverse being >>> acquired but I would really appreciate if anyone has some >>> cycles to take a look -and ideally approve- the PR. >>> >>> I have access to a lot of ruckus gear and can help test / >>> troubleshoot more complex scenarios if needed. >>> >>> >>> Best Regards, >>> Diego >>> >>> >>> >>> >>> _______________________________________________ >>> PacketFence-devel mailing list >>> Pac...@li... <mailto:Pac...@li...> >>> https://lists.sourceforge.net/lists/listinfo/packetfence-devel <https://lists.sourceforge.net/lists/listinfo/packetfence-devel> >> _______________________________________________ >> PacketFence-devel mailing list >> Pac...@li... >> <mailto:Pac...@li...> >> https://lists.sourceforge.net/lists/listinfo/packetfence-devel >> <https://lists.sourceforge.net/lists/listinfo/packetfence-devel> >> >> >> >> _______________________________________________ >> PacketFence-devel mailing list >> Pac...@li... <mailto:Pac...@li...> >> https://lists.sourceforge.net/lists/listinfo/packetfence-devel <https://lists.sourceforge.net/lists/listinfo/packetfence-devel> > > -- > Fabrice Durand > fd...@in... <mailto:fd...@in...> :: +1.514.447.4918 (x135) ::www.inverse.ca <http://www.inverse.ca> > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu <http://www.sogo.nu>) and PacketFence (http://packetfence.org <http://packetfence.org>) > > _______________________________________________ > PacketFence-devel mailing list > Pac...@li... > <mailto:Pac...@li...> > https://lists.sourceforge.net/lists/listinfo/packetfence-devel > <https://lists.sourceforge.net/lists/listinfo/packetfence-devel> > > > > _______________________________________________ > PacketFence-devel mailing list > Pac...@li... > https://lists.sourceforge.net/lists/listinfo/packetfence-devel -- Fabrice Durand fd...@in... :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) |
From: Diego G. d. R. <ga...@gm...> - 2021-03-18 17:33:42
|
Hi Fabrice, I gave up and built a new branch: https://github.com/inverse-inc/packetfence/pull/6201 I closed the previous PR. This one should have the same changes but collapsed in fewer commits (and all under my name) Cheers! On Thu, Mar 18, 2021 at 12:08 PM Fabrice Durand <fd...@in...> wrote: > Hello Garcia, > > it looks that you can do it this way: > https://makandracards.com/makandra/1717-git-change-author-of-a-commit > > Regards > > Fabrice > > > Le 2021-03-18 à 08 h 52, Diego Garcia del Rio a écrit : > > Hi Fabrice, > > Thanks for the feedback. I dont know if you can force-skip the cla-bot > check. After all the commit was just pulling in upstream changes... so if > we can merge as-is, im fine with that. After all, its basically a no-op > commit. > > Cheers! > > > On Thu, Mar 18, 2021 at 12:03 AM Durand fabrice <fd...@in...> > wrote: > >> Hello Diego, >> >> your PR is really appreciate !! >> >> I did a quick check and i am not sure i can do something on my side to >> fix the CLA-Bot since it's in your repo. >> >> The 2 things i see are that >> https://docs.github.com/en/github/committing-changes-to-your-project/why-are-my-commits-linked-to-the-wrong-user#commits-are-not-linked-to-any-user >> or merge it as is. >> >> I will ask my coworker tomorrow. >> >> Regards >> >> Fabrice >> >> >> >> The other way can maybe to recreate a PR >> Le 21-03-16 à 19 h 31, Diego Garcia del Rio a écrit : >> >> Hello everyone, >> >> I have a PR open since around a month now where I added better support >> for the different authentication mechanisms that ruckus offers, as well as >> quite a bit of documentation on how to use the RBAC (role-based >> assigning of ACLs and rate limits) when using both smartzone and >> zoneDirector controllers for ruckus, >> >> I also cleaned up the webService API calls done to the ruckus controller >> so as to support both HTTP and HTTPS with their corresponding ports (http >> so as to allow for easier troubleshooting when things arent working). I >> also added support for the "username" in the API call which is mandatory if >> using SmartZone in multi-tenant mode (and I guess it should make this >> compatible with ruckus cloud ) >> >> In particular, ruckus has so many different modes of operation (radius >> local vs proxy-radius with and without WISPR portal on the AP) that things >> are bound to get confusing. For example, if you're using a remove SmartZone >> controller, while having packetfence locally installed on-prem, the proxy >> mode for RADIUS might not be workable as you would have to open port 1812 >> on your external connection (and you might not even have a static ip!) So >> in those cases, while authentication is done through radius, the de-auth is >> done through http/rest API. I added support for forcing the de-auth method >> if needed and have been testing it succesfully lately. >> >> I noticed there is ongoing work for DPSK support for ruckus and I have >> already integrated those changes in my PR but I havent been able to test >> them yet. >> >> my PR is available here: >> https://github.com/inverse-inc/packetfence/pull/6141 >> >> The only issue I have is that when pulling the upstream changes to the >> whole trunk, I accidentally kept one commit as "root" rather than "garci66" >> so the CLA-Bot is complaining... if someone has an "easy" idea on how to >> fix that.. I'd REALLY appreciate it. >> >> I can imagine things are quite busy with inverse being acquired but I >> would really appreciate if anyone has some cycles to take a look -and >> ideally approve- the PR. >> >> I have access to a lot of ruckus gear and can help test / troubleshoot >> more complex scenarios if needed. >> >> >> Best Regards, >> Diego >> >> >> >> >> _______________________________________________ >> PacketFence-devel mailing lis...@li...https://lists.sourceforge.net/lists/listinfo/packetfence-devel >> >> _______________________________________________ >> PacketFence-devel mailing list >> Pac...@li... >> https://lists.sourceforge.net/lists/listinfo/packetfence-devel >> > > > _______________________________________________ > PacketFence-devel mailing lis...@li...https://lists.sourceforge.net/lists/listinfo/packetfence-devel > > -- > Fabrice Dur...@in... :: +1.514.447.4918 (x135) :: www.inverse.ca > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) > > _______________________________________________ > PacketFence-devel mailing list > Pac...@li... > https://lists.sourceforge.net/lists/listinfo/packetfence-devel > |
From: Fabrice D. <fd...@in...> - 2021-03-18 15:07:34
|
Hello Garcia, it looks that you can do it this way: https://makandracards.com/makandra/1717-git-change-author-of-a-commit Regards Fabrice Le 2021-03-18 à 08 h 52, Diego Garcia del Rio a écrit : > Hi Fabrice, > > Thanks for the feedback. I dont know if you can force-skip the cla-bot > check. After all the commit was just pulling in upstream changes... so > if we can merge as-is, im fine with that. After all, its basically a > no-op commit. > > Cheers! > > > On Thu, Mar 18, 2021 at 12:03 AM Durand fabrice <fd...@in... > <mailto:fd...@in...>> wrote: > > Hello Diego, > > your PR is really appreciate !! > > I did a quick check and i am not sure i can do something on my > side to fix the CLA-Bot since it's in your repo. > > The 2 things i see are that > https://docs.github.com/en/github/committing-changes-to-your-project/why-are-my-commits-linked-to-the-wrong-user#commits-are-not-linked-to-any-user > <https://docs.github.com/en/github/committing-changes-to-your-project/why-are-my-commits-linked-to-the-wrong-user#commits-are-not-linked-to-any-user> > or merge it as is. > > I will ask my coworker tomorrow. > > Regards > > Fabrice > > > > The other way can maybe to recreate a PR > > Le 21-03-16 à 19 h 31, Diego Garcia del Rio a écrit : >> Hello everyone, >> >> I have a PR open since around a month now where I added better >> support for the different authentication mechanisms that ruckus >> offers, as well as quite a bit of documentation on how to use the >> RBAC (role-based assigning of ACLs and rate limits) when using >> both smartzone and zoneDirector controllers for ruckus, >> >> I also cleaned up the webService API calls done to the ruckus >> controller so as to support both HTTP and HTTPS with their >> corresponding ports (http so as to allow for easier >> troubleshooting when things arent working). I also added support >> for the "username" in the API call which is mandatory if using >> SmartZone in multi-tenant mode (and I guess it should make this >> compatible with ruckus cloud ) >> >> In particular, ruckus has so many different modes of operation >> (radius local vs proxy-radius with and without WISPR portal on >> the AP) that things are bound to get confusing. For example, if >> you're using a remove SmartZone controller, while having >> packetfence locally installed on-prem, the proxy mode for RADIUS >> might not be workable as you would have to open port 1812 on your >> external connection (and you might not even have a static ip!) So >> in those cases, while authentication is done through radius, the >> de-auth is done through http/rest API. I added support for >> forcing the de-auth method if needed and have been testing it >> succesfully lately. >> >> I noticed there is ongoing work for DPSK support for ruckus and >> I have already integrated those changes in my PR but I havent >> been able to test them yet. >> >> my PR is available here: >> https://github.com/inverse-inc/packetfence/pull/6141 >> <https://github.com/inverse-inc/packetfence/pull/6141> >> >> The only issue I have is that when pulling the upstream changes >> to the whole trunk, I accidentally kept one commit as "root" >> rather than "garci66" so the CLA-Bot is complaining... if someone >> has an "easy" idea on how to fix that.. I'd REALLY appreciate it. >> >> I can imagine things are quite busy with inverse being acquired >> but I would really appreciate if anyone has some cycles to take a >> look -and ideally approve- the PR. >> >> I have access to a lot of ruckus gear and can help test / >> troubleshoot more complex scenarios if needed. >> >> >> Best Regards, >> Diego >> >> >> >> >> _______________________________________________ >> PacketFence-devel mailing list >> Pac...@li... <mailto:Pac...@li...> >> https://lists.sourceforge.net/lists/listinfo/packetfence-devel <https://lists.sourceforge.net/lists/listinfo/packetfence-devel> > _______________________________________________ > PacketFence-devel mailing list > Pac...@li... > <mailto:Pac...@li...> > https://lists.sourceforge.net/lists/listinfo/packetfence-devel > <https://lists.sourceforge.net/lists/listinfo/packetfence-devel> > > > > _______________________________________________ > PacketFence-devel mailing list > Pac...@li... > https://lists.sourceforge.net/lists/listinfo/packetfence-devel -- Fabrice Durand fd...@in... :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) |
From: Diego G. d. R. <ga...@gm...> - 2021-03-18 12:52:22
|
Hi Fabrice, Thanks for the feedback. I dont know if you can force-skip the cla-bot check. After all the commit was just pulling in upstream changes... so if we can merge as-is, im fine with that. After all, its basically a no-op commit. Cheers! On Thu, Mar 18, 2021 at 12:03 AM Durand fabrice <fd...@in...> wrote: > Hello Diego, > > your PR is really appreciate !! > > I did a quick check and i am not sure i can do something on my side to fix > the CLA-Bot since it's in your repo. > > The 2 things i see are that > https://docs.github.com/en/github/committing-changes-to-your-project/why-are-my-commits-linked-to-the-wrong-user#commits-are-not-linked-to-any-user > or merge it as is. > > I will ask my coworker tomorrow. > > Regards > > Fabrice > > > > The other way can maybe to recreate a PR > Le 21-03-16 à 19 h 31, Diego Garcia del Rio a écrit : > > Hello everyone, > > I have a PR open since around a month now where I added better support for > the different authentication mechanisms that ruckus offers, as well as > quite a bit of documentation on how to use the RBAC (role-based > assigning of ACLs and rate limits) when using both smartzone and > zoneDirector controllers for ruckus, > > I also cleaned up the webService API calls done to the ruckus controller > so as to support both HTTP and HTTPS with their corresponding ports (http > so as to allow for easier troubleshooting when things arent working). I > also added support for the "username" in the API call which is mandatory if > using SmartZone in multi-tenant mode (and I guess it should make this > compatible with ruckus cloud ) > > In particular, ruckus has so many different modes of operation (radius > local vs proxy-radius with and without WISPR portal on the AP) that things > are bound to get confusing. For example, if you're using a remove SmartZone > controller, while having packetfence locally installed on-prem, the proxy > mode for RADIUS might not be workable as you would have to open port 1812 > on your external connection (and you might not even have a static ip!) So > in those cases, while authentication is done through radius, the de-auth is > done through http/rest API. I added support for forcing the de-auth method > if needed and have been testing it succesfully lately. > > I noticed there is ongoing work for DPSK support for ruckus and I have > already integrated those changes in my PR but I havent been able to test > them yet. > > my PR is available here: > https://github.com/inverse-inc/packetfence/pull/6141 > > The only issue I have is that when pulling the upstream changes to the > whole trunk, I accidentally kept one commit as "root" rather than "garci66" > so the CLA-Bot is complaining... if someone has an "easy" idea on how to > fix that.. I'd REALLY appreciate it. > > I can imagine things are quite busy with inverse being acquired but I > would really appreciate if anyone has some cycles to take a look -and > ideally approve- the PR. > > I have access to a lot of ruckus gear and can help test / troubleshoot > more complex scenarios if needed. > > > Best Regards, > Diego > > > > > _______________________________________________ > PacketFence-devel mailing lis...@li...https://lists.sourceforge.net/lists/listinfo/packetfence-devel > > _______________________________________________ > PacketFence-devel mailing list > Pac...@li... > https://lists.sourceforge.net/lists/listinfo/packetfence-devel > |
From: Durand f. <fd...@in...> - 2021-03-18 03:03:15
|
Hello Diego, your PR is really appreciate !! I did a quick check and i am not sure i can do something on my side to fix the CLA-Bot since it's in your repo. The 2 things i see are that https://docs.github.com/en/github/committing-changes-to-your-project/why-are-my-commits-linked-to-the-wrong-user#commits-are-not-linked-to-any-user or merge it as is. I will ask my coworker tomorrow. Regards Fabrice The other way can maybe to recreate a PR Le 21-03-16 à 19 h 31, Diego Garcia del Rio a écrit : > Hello everyone, > > I have a PR open since around a month now where I added better support > for the different authentication mechanisms that ruckus offers, as > well as quite a bit of documentation on how to use the RBAC > (role-based assigning of ACLs and rate limits) when using both > smartzone and zoneDirector controllers for ruckus, > > I also cleaned up the webService API calls done to the ruckus > controller so as to support both HTTP and HTTPS with their > corresponding ports (http so as to allow for easier troubleshooting > when things arent working). I also added support for the "username" in > the API call which is mandatory if using SmartZone in multi-tenant > mode (and I guess it should make this compatible with ruckus cloud ) > > In particular, ruckus has so many different modes of operation (radius > local vs proxy-radius with and without WISPR portal on the AP) that > things are bound to get confusing. For example, if you're using a > remove SmartZone controller, while having packetfence locally > installed on-prem, the proxy mode for RADIUS might not be workable as > you would have to open port 1812 on your external connection (and you > might not even have a static ip!) So in those cases, while > authentication is done through radius, the de-auth is done through > http/rest API. I added support for forcing the de-auth method if > needed and have been testing it succesfully lately. > > I noticed there is ongoing work for DPSK support for ruckus and I > have already integrated those changes in my PR but I havent been able > to test them yet. > > my PR is available here: > https://github.com/inverse-inc/packetfence/pull/6141 > > The only issue I have is that when pulling the upstream changes to the > whole trunk, I accidentally kept one commit as "root" rather than > "garci66" so the CLA-Bot is complaining... if someone has an "easy" > idea on how to fix that.. I'd REALLY appreciate it. > > I can imagine things are quite busy with inverse being acquired but I > would really appreciate if anyone has some cycles to take a look -and > ideally approve- the PR. > > I have access to a lot of ruckus gear and can help test / troubleshoot > more complex scenarios if needed. > > > Best Regards, > Diego > > > > > _______________________________________________ > PacketFence-devel mailing list > Pac...@li... > https://lists.sourceforge.net/lists/listinfo/packetfence-devel |
From: Diego G. d. R. <ga...@gm...> - 2021-03-16 23:31:32
|
Hello everyone, I have a PR open since around a month now where I added better support for the different authentication mechanisms that ruckus offers, as well as quite a bit of documentation on how to use the RBAC (role-based assigning of ACLs and rate limits) when using both smartzone and zoneDirector controllers for ruckus, I also cleaned up the webService API calls done to the ruckus controller so as to support both HTTP and HTTPS with their corresponding ports (http so as to allow for easier troubleshooting when things arent working). I also added support for the "username" in the API call which is mandatory if using SmartZone in multi-tenant mode (and I guess it should make this compatible with ruckus cloud ) In particular, ruckus has so many different modes of operation (radius local vs proxy-radius with and without WISPR portal on the AP) that things are bound to get confusing. For example, if you're using a remove SmartZone controller, while having packetfence locally installed on-prem, the proxy mode for RADIUS might not be workable as you would have to open port 1812 on your external connection (and you might not even have a static ip!) So in those cases, while authentication is done through radius, the de-auth is done through http/rest API. I added support for forcing the de-auth method if needed and have been testing it succesfully lately. I noticed there is ongoing work for DPSK support for ruckus and I have already integrated those changes in my PR but I havent been able to test them yet. my PR is available here: https://github.com/inverse-inc/packetfence/pull/6141 The only issue I have is that when pulling the upstream changes to the whole trunk, I accidentally kept one commit as "root" rather than "garci66" so the CLA-Bot is complaining... if someone has an "easy" idea on how to fix that.. I'd REALLY appreciate it. I can imagine things are quite busy with inverse being acquired but I would really appreciate if anyone has some cycles to take a look -and ideally approve- the PR. I have access to a lot of ruckus gear and can help test / troubleshoot more complex scenarios if needed. Best Regards, Diego |
From: <ha...@wo...> - 2021-02-09 20:31:59
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="de" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title></title><style type="text/css">html,body{background-color:#fff;color:#333;line-height:1.4;font-family:sans-serif,Arial,Verdana,Trebuchet MS;}</style></head><body><p>Hi,<br><br>I'm sorry, I did not mean to spam. I did not get any reply so I've retried to send the mail again after a day. <br>Please have a look at this huge dely of more than 7(!) days O.O</p> <p>2021-01-31 16:13:22 Client hat Mail erzeugt<br>2021-01-31 16:13:22 dd28620.kasserver.com [85.13.146.35] → dd28620.kasserver.com 0s<br>2021-01-31 16:13:52 dd28620.kasserver.com [85.13.147.28] → sfi-mx-1.v28.lw.sourceforge.com 30s<br>2021-01-31 16:13:53 172.30.20.202 [172.30.20.202] → sfs-ml-2.v29.lw.sourceforge.com 1s<br>2021-02-08 07:30:52 127.0.0.1 [127.0.0.1] → sfs-ml-4.v29.lw.sourceforge.com 659819s <== Delay of 7,6 days!<br>2021-02-08 07:31:19 lists.sourceforge.net [216.105.38.7] → dd28620.kasserver.com 27s<br><br>Regards<br>Harvey</p></body></html> |
From: <ha...@wo...> - 2021-02-02 18:50:42
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="de" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /><title></title><style type="text/css">html,body{background-color:#fff;color:#333;line-height:1.4;font-family:sans-serif,Arial,Verdana,Trebuchet MS;}</style></head><body><p>Hi,<br><br>I'm still using Ubuntu 20.10. libipset is installed in version 6.34-1.<br>This issue is resolved now but I get new errors im the step of "#pfconfig". The debuild process does not create any control files...<br><br>I've included the logs below. I can also provide a foll log.<br>Does someone has some ideas?<br><br>Steps for reproducing on a fresh installation of ubuntu 20.10:<br># sudo apt install asciidoctor devscripts<br># curl -sL <a href="https://deb.nodesource.com/setup_12.x" target="_blank" rel="nofollow noopener">https://deb.nodesource.com/setup_12.x</a> | sudo -E bash -<br># sudo apt-get install nodejs debhelper libparse-recdescent-perl dh-systemd libipset-dev pkg-config jq quilt golang<br># wget <a href="http://ubuntu-master.mirror.tudos.de/ubuntu/pool/main/libm/libmnl/libmnl-dev_1.0.4-3_amd64.deb" target="_blank" rel="nofollow noopener">http://ubuntu-master.mirror.tudos.de/ubuntu/pool/main/libm/libmnl/libmnl-dev_1.0.4-3_amd64.deb</a><br># wget <a href="http://ubuntu-master.mirror.tudos.de/ubuntu/pool/main/i/ipset/libipset3_6.34-1_amd64.deb" target="_blank" rel="nofollow noopener">http://ubuntu-master.mirror.tudos.de/ubuntu/pool/main/i/ipset/libipset3_6.34-1_amd64.deb</a><br># wget <a href="http://ubuntu-master.mirror.tudos.de/ubuntu/pool/main/i/ipset/libipset-dev_6.34-1_amd64.deb" target="_blank" rel="nofollow noopener">http://ubuntu-master.mirror.tudos.de/ubuntu/pool/main/i/ipset/libipset-dev_6.34-1_amd64.deb</a><br># sudo dpkg -i libipset3_6.34-1_amd64.deb<br># sudo dpkg -i libmnl-dev_1.0.4-3_amd64.deb<br># sudo dpkg -i libipset-dev_6.34-1_amd64.deb<br># wget <a href="https://github.com/inverse-inc/packetfence/archive/v10.2.0.tar.gz" target="_blank" rel="nofollow noopener">https://github.com/inverse-inc/packetfence/archive/v10.2.0.tar.gz</a><br># tar -zxvf v10.2.0.tar.gz<br># mv v10.2.0.tar.gz packetfence_10.2.0.orig.tar.gz<br># cd packetfence-10.2.0/<br># debuild<br><br>Regards,<br>Harvey<br><br><br>#pfconfig<br>chmod 0755 /home/ryan/packetfence-10.2.0+20201007132254+199263253+0009+v10.2.0+stretch1/debian/packetfence-config/usr/local/pf/sbin/*<br>dh_makeshlibs<br>dh_makeshlibs: warning: Compatibility levels before 10 are deprecated (level 7 in use)<br>dh_installdeb<br>dh_installdeb: warning: Compatibility levels before 10 are deprecated (level 7 in use)<br>dh_shlibdeps<br>dh_shlibdeps: warning: Compatibility levels before 10 are deprecated (level 7 in use)<br>dh_shlibdeps: warning: Compatibility levels before 10 are deprecated (level 7 in use)<br>dh_shlibdeps: warning: Compatibility levels before 10 are deprecated (level 7 in use)<br>dh_shlibdeps: warning: Compatibility levels before 10 are deprecated (level 7 in use)<br>dh_shlibdeps: warning: Compatibility levels before 10 are deprecated (level 7 in use)<br>dh_shlibdeps: warning: Compatibility levels before 10 are deprecated (level 7 in use)<br>dpkg-shlibdeps: warning: debian/packetfence/usr/local/pf/html/pfappserver/root/static/node_modules/node-sass/vendor/linux-x64-72/binding.node contains an unresolvable reference to symbol _ZN2v88TryCatchD1Ev: it's probably a plugin<br>dpkg-shlibdeps: warning: 90 other similar warnings have been skipped (use -v to see them all)<br>dpkg-shlibdeps: warning: debian/packetfence/usr/local/pf/html/common/node_modules/node-sass/vendor/linux-x64-72/binding.node contains an unresolvable reference to symbol _ZNK2v88External5ValueEv: it's probably a plugin<br>dpkg-shlibdeps: warning: 90 other similar warnings have been skipped (use -v to see them all)<br>dpkg-shlibdeps: warning: debian/packetfence/usr/local/pf/html/pfappserver/root/static.alt/node_modules/node-sass/vendor/linux-x64-72/binding.node contains an unresolvable reference to symbol _ZN2v816FunctionTemplate11GetFunctionENS_5LocalINS_7ContextEEE: it's probably a plugin<br>dpkg-shlibdeps: warning: 90 other similar warnings have been skipped (use -v to see them all)<br>dh_md5sums<br>dh_builddeb<br>dh_builddeb: warning: Not building dbgsym package for packetfence-pfcmd-suid as it has no control file<br>dh_builddeb: warning: Please use dh_gencontrol to avoid this issue<br>dh_builddeb: warning: Not building dbgsym package for packetfence-ntlm-wrapper as it has no control file<br>dh_builddeb: warning: Please use dh_gencontrol to avoid this issue<br>dh_builddeb: warning: Not building dbgsym package for packetfence-golang-daemon as it has no control file<br>dh_builddeb: warning: Please use dh_gencontrol to avoid this issue<br>dpkg-deb: error: failed to open package info file 'debian/packetfence-ntlm-wrapper/DEBIAN/control' for reading: No such file or directory<br>dpkg-deb: error: failed to open package info file 'debian/packetfence/DEBIAN/control' for reading: No such file or directory<br>dpkg-deb: error: failed to open package info file 'debian/packetfence-config/DEBIAN/control' for reading: No such file or directory<br>dh_builddeb: error: dpkg-deb --build debian/packetfence-ntlm-wrapper .. returned exit code 2<br>dh_builddeb: error: dpkg-deb --build debian/packetfence .. returned exit code 2<br>dh_builddeb: error: dpkg-deb --build debian/packetfence-config .. returned exit code 2<br>dpkg-deb: error: failed to open package info file 'debian/packetfence-test/DEBIAN/control' for reading: No such file or directory<br>dh_builddeb: error: dpkg-deb --build debian/packetfence-test .. returned exit code 2<br>dpkg-deb: error: failed to open package info file 'debian/packetfence-golang-daemon/DEBIAN/control' for reading: No such file or directory<br>dpkg-deb: error: failed to open package info file 'debian/packetfence-pfappserver-javascript/DEBIAN/control' for reading: No such file or directory<br>dh_builddeb: error: dpkg-deb --build debian/packetfence-golang-daemon .. returned exit code 2<br>dh_builddeb: error: dpkg-deb --build debian/packetfence-pfappserver-javascript .. returned exit code 2<br>dh_builddeb: error: Aborting due to earlier error<br>make: *** [debian/rules:290: binary-arch] Error 25<br>dpkg-buildpackage: error: fakeroot debian/rules binary subprocess returned exit status 2</p> <div ></div> <p>Fabrice Durand schrieb am 28.01.2021 14:56 (GMT +01:00):</p> <blockquote cite="mid:fec...@in..."> <p>In fact ipset_envopt_parsemoved from libipset/session.h to libipset/ipset.h</p> <p>So try to adapt the lib here <a href="https://github.com/inverse-inc/go-ipset/blob/master/ipset.h#L5" target="_blank" rel="nofollow noopener">https://github.com/inverse-inc/go-ipset/blob/master/ipset.h#L5</a> (#include <libipset/ipset.h>)</p> <div class="moz-cite-prefix"> Le 21-01-28 à 08 h 30, Fabrice Durand a écrit :</div> <blockquote cite="mid:533...@in..."> <p>Hello Harvey,</p> <p>what version of ipset is installed on your system ?</p> <p>Btw you have 2 choices:</p> <p> </p> <p>1- Downgrade ipset to 6.x</p> <p>2- Modify the golang ipset lib to support new versions.</p> <p>Regards</p> <p>Fabrice</p> <p> </p> <div class="moz-cite-prefix">Le 21-01-28 à 07 h 07, <a href="mailto:ha...@wo..." target="_blank" rel="nofollow noopener">ha...@wo...</a> a écrit :</div> <blockquote cite="mid:202...@dd..."> <p>Hi,<br><br>I'm trying to build packetfence 10.2.0 for ubuntu arm64 and I'm getting an strange error with go-ipset.<br>I've allredy tried to change the version of ipset in the packetfence.spec but this wasn't helpfull at all. (<a href="https://github.com/inverse-inc/packetfence/pull/4821" target="_blank" rel="nofollow noopener">https://github.com/inverse-inc/packetfence/pull/4821</a>)<br><br>Also I got the same error-message on amd64...<br><br>Do you have some ideas to solve this issue?<br><br>Greetings,<br>Harvey<br><br></p> <p>develobuntu:~/packetfence-10.2.0$ dpkg-buildpackage -us -uc -rfakeroot<br>....<br>#Golang binary<br>install -d -m0744 /home/ryan/packetfence-10.2.0/debian/packetfence-golang-daemon/usr/local/pf/sbin<br>make -C go all<br>make[1]: Entering directory '/home/ryan/packetfence-10.2.0/go'<br>cd cmd/pfhttpd && \<br>go build && \<br>mv pfhttpd ../..<br># github.com/inverse-inc/go-ipset<br>/home/ryan/go/pkg/mod/github.com/inverse-inc/go-ipset@v0.0.0-20190925174109-4d5749cc4aa6/ipset.go:160:2: could not determine kind of name for C.ipset_envopt_parse<br>make[1]: *** [Makefile:22: pfhttpd] Error 2<br>make[1]: Leaving directory '/home/ryan/packetfence-10.2.0/go'<br>make: *** [debian/rules:160: install] Error 2<br>dpkg-buildpackage: error: fakeroot debian/rules binary subprocess returned exit status 2</p> <br><fieldset class="mimeAttachmentHeader"></fieldset><br><fieldset class="mimeAttachmentHeader"></fieldset> <pre class="moz-quote-pre">_______________________________________________ PacketFence-devel mailing list <a href="mailto:Pac...@li..." target="_blank" rel="nofollow noopener">Pac...@li...</a> <a href="https://lists.sourceforge.net/lists/listinfo/packetfence-devel" target="_blank" rel="nofollow noopener">https://lists.sourceforge.net/lists/listinfo/packetfence-devel</a> </pre> </blockquote> <pre class="moz-signature">-- Fabrice Durand <a href="mailto:fd...@in..." target="_blank" rel="nofollow noopener">fd...@in...</a> :: +1.514.447.4918 (x135) :: <a href="http://www.inverse.ca" target="_blank" rel="nofollow noopener">www.inverse.ca</a> Inverse inc. :: Leaders behind SOGo (<a href="http://www.sogo.nu" target="_blank" rel="nofollow noopener">http://www.sogo.nu</a>) and PacketFence (<a href="http://packetfence.org" target="_blank" rel="nofollow noopener">http://packetfence.org</a>) </pre> <br><fieldset class="mimeAttachmentHeader"></fieldset><br><fieldset class="mimeAttachmentHeader"></fieldset> <pre class="moz-quote-pre">_______________________________________________ PacketFence-devel mailing list <a href="mailto:Pac...@li..." target="_blank" rel="nofollow noopener">Pac...@li...</a> <a href="https://lists.sourceforge.net/lists/listinfo/packetfence-devel" target="_blank" rel="nofollow noopener">https://lists.sourceforge.net/lists/listinfo/packetfence-devel</a> </pre> </blockquote> <pre class="moz-signature">-- Fabrice Durand <a href="mailto:fd...@in..." target="_blank" rel="nofollow noopener">fd...@in...</a> :: +1.514.447.4918 (x135) :: <a href="http://www.inverse.ca" target="_blank" rel="nofollow noopener">www.inverse.ca</a> Inverse inc. :: Leaders behind SOGo (<a href="http://www.sogo.nu" target="_blank" rel="nofollow noopener">http://www.sogo.nu</a>) and PacketFence (<a href="http://packetfence.org" target="_blank" rel="nofollow noopener">http://packetfence.org</a>) </pre> </blockquote></body></html> |
From: <ha...@wo...> - 2021-02-01 10:05:33
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="de" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /><title></title><style type="text/css">html,body{background-color:#fff;color:#333;line-height:1.4;font-family:sans-serif,Arial,Verdana,Trebuchet MS;}</style></head><body><p>Hi,<br><br>I'm still using Ubuntu 20.10. libipset is installed in version 6.34-1.<br>This issue is resolved now but I get new errors im the step of "#pfconfig". The debuild process does not create any control files...<br><br>I've included the logs below. I can also provide a foll log.<br>Does someone has some ideas?<br><br>Steps for reproducing on a fresh installation of ubuntu 20.10:<br># sudo apt install asciidoctor devscripts<br># curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -<br># sudo apt-get install nodejs debhelper libparse-recdescent-perl dh-systemd libipset-dev pkg-config jq quilt golang<br># wget <a href="http://ubuntu-master.mirror.tudos.de/ubuntu/pool/main/libm/libmnl/libmnl-dev_1.0.4-3_amd64.deb" target="_blank" rel="nofollow noopener">http://ubuntu-master.mirror.tudos.de/ubuntu/pool/main/libm/libmnl/libmnl-dev_1.0.4-3_amd64.deb</a><br># wget http://ubuntu-master.mirror.tudos.de/ubuntu/pool/main/i/ipset/libipset3_6.34-1_amd64.deb<br># wget http://ubuntu-master.mirror.tudos.de/ubuntu/pool/main/i/ipset/libipset-dev_6.34-1_amd64.deb<br># sudo dpkg -i libipset3_6.34-1_amd64.deb<br># sudo dpkg -i libmnl-dev_1.0.4-3_amd64.deb<br># sudo dpkg -i libipset-dev_6.34-1_amd64.deb<br># wget https://github.com/inverse-inc/packetfence/archive/v10.2.0.tar.gz<br># tar -zxvf v10.2.0.tar.gz<br># mv v10.2.0.tar.gz packetfence_10.2.0.orig.tar.gz<br># cd packetfence-10.2.0/<br># debuild<br><br>Regards,<br>Harvey<br><br><br>#pfconfig<br>chmod 0755 /home/ryan/packetfence-10.2.0+20201007132254+199263253+0009+v10.2.0+stretch1/debian/packetfence-config/usr/local/pf/sbin/*<br>dh_makeshlibs<br>dh_makeshlibs: warning: Compatibility levels before 10 are deprecated (level 7 in use)<br>dh_installdeb<br>dh_installdeb: warning: Compatibility levels before 10 are deprecated (level 7 in use)<br>dh_shlibdeps<br>dh_shlibdeps: warning: Compatibility levels before 10 are deprecated (level 7 in use)<br>dh_shlibdeps: warning: Compatibility levels before 10 are deprecated (level 7 in use)<br>dh_shlibdeps: warning: Compatibility levels before 10 are deprecated (level 7 in use)<br>dh_shlibdeps: warning: Compatibility levels before 10 are deprecated (level 7 in use)<br>dh_shlibdeps: warning: Compatibility levels before 10 are deprecated (level 7 in use)<br>dh_shlibdeps: warning: Compatibility levels before 10 are deprecated (level 7 in use)<br>dpkg-shlibdeps: warning: debian/packetfence/usr/local/pf/html/pfappserver/root/static/node_modules/node-sass/vendor/linux-x64-72/binding.node contains an unresolvable reference to symbol _ZN2v88TryCatchD1Ev: it's probably a plugin<br>dpkg-shlibdeps: warning: 90 other similar warnings have been skipped (use -v to see them all)<br>dpkg-shlibdeps: warning: debian/packetfence/usr/local/pf/html/common/node_modules/node-sass/vendor/linux-x64-72/binding.node contains an unresolvable reference to symbol _ZNK2v88External5ValueEv: it's probably a plugin<br>dpkg-shlibdeps: warning: 90 other similar warnings have been skipped (use -v to see them all)<br>dpkg-shlibdeps: warning: debian/packetfence/usr/local/pf/html/pfappserver/root/static.alt/node_modules/node-sass/vendor/linux-x64-72/binding.node contains an unresolvable reference to symbol _ZN2v816FunctionTemplate11GetFunctionENS_5LocalINS_7ContextEEE: it's probably a plugin<br>dpkg-shlibdeps: warning: 90 other similar warnings have been skipped (use -v to see them all)<br>dh_md5sums<br>dh_builddeb<br>dh_builddeb: warning: Not building dbgsym package for packetfence-pfcmd-suid as it has no control file<br>dh_builddeb: warning: Please use dh_gencontrol to avoid this issue<br>dh_builddeb: warning: Not building dbgsym package for packetfence-ntlm-wrapper as it has no control file<br>dh_builddeb: warning: Please use dh_gencontrol to avoid this issue<br>dh_builddeb: warning: Not building dbgsym package for packetfence-golang-daemon as it has no control file<br>dh_builddeb: warning: Please use dh_gencontrol to avoid this issue<br>dpkg-deb: error: failed to open package info file 'debian/packetfence-ntlm-wrapper/DEBIAN/control' for reading: No such file or directory<br>dpkg-deb: error: failed to open package info file 'debian/packetfence/DEBIAN/control' for reading: No such file or directory<br>dpkg-deb: error: failed to open package info file 'debian/packetfence-config/DEBIAN/control' for reading: No such file or directory<br>dh_builddeb: error: dpkg-deb --build debian/packetfence-ntlm-wrapper .. returned exit code 2<br>dh_builddeb: error: dpkg-deb --build debian/packetfence .. returned exit code 2<br>dh_builddeb: error: dpkg-deb --build debian/packetfence-config .. returned exit code 2<br>dpkg-deb: error: failed to open package info file 'debian/packetfence-test/DEBIAN/control' for reading: No such file or directory<br>dh_builddeb: error: dpkg-deb --build debian/packetfence-test .. returned exit code 2<br>dpkg-deb: error: failed to open package info file 'debian/packetfence-golang-daemon/DEBIAN/control' for reading: No such file or directory<br>dpkg-deb: error: failed to open package info file 'debian/packetfence-pfappserver-javascript/DEBIAN/control' for reading: No such file or directory<br>dh_builddeb: error: dpkg-deb --build debian/packetfence-golang-daemon .. returned exit code 2<br>dh_builddeb: error: dpkg-deb --build debian/packetfence-pfappserver-javascript .. returned exit code 2<br>dh_builddeb: error: Aborting due to earlier error<br>make: *** [debian/rules:290: binary-arch] Error 25<br>dpkg-buildpackage: error: fakeroot debian/rules binary subprocess returned exit status 2<br><br><br><br></p> <p>Fabrice Durand schrieb am 28.01.2021 14:56 (GMT +01:00):</p> <blockquote cite="mid:fec...@in..."> <p>In fact ipset_envopt_parsemoved from libipset/session.h to libipset/ipset.h</p> <p>So try to adapt the lib here <a href="https://github.com/inverse-inc/go-ipset/blob/master/ipset.h#L5" target="_blank" rel="nofollow noopener">https://github.com/inverse-inc/go-ipset/blob/master/ipset.h#L5</a> (#include <libipset/ipset.h>)</p> <div class="moz-cite-prefix"> Le 21-01-28 à 08 h 30, Fabrice Durand a écrit :</div> <blockquote cite="mid:533...@in..."> <p>Hello Harvey,</p> <p>what version of ipset is installed on your system ?</p> <p>Btw you have 2 choices:</p> <p> </p> <p>1- Downgrade ipset to 6.x</p> <p>2- Modify the golang ipset lib to support new versions.</p> <p>Regards</p> <p>Fabrice</p> <p> </p> </blockquote> <pre class="moz-signature"> </pre> </blockquote></body></html> |