Manualshelf

Developers guide

ManualsBrandsRed Hat ManualsComputer equipmentNETWORK 4.1.0 -
31323334353637383940
Chapter 5
Copyright © 2008-2013 Inverse inc.
Configuration 34
Log files
Here are the most important PacketFence log files:
/usr/local/pf/logs/packetfence.log PacketFence Core Log
/usr/local/pf/logs/portal_access_log Apache – Captive Portal Access Log
/usr/local/pf/logs/portal_error_log Apache – Captive Portal Error Log
/usr/local/pf/logs/admin_access_log Apache – Web Admin/Services Access Log
/usr/local/pf/logs/admin_error_log Apache – Web Admin/Services Error Log
/usr/local/pf/logs/admin_debug_log Apache – Web Admin Debug Log
/usr/local/pf/logs/webservices_access_log Apache – Webservices Access Log
/usr/local/pf/logs/webservices_error_log Apache – Webservices Error Log
There are other log files in /usr/local/pf/logs/ that could be relevant depending on what issue you
are experiencing. Make sure you take a look at them.
The logging system’s configuration file is /usr/local/pf/conf/log.conf. It contains the configuration
for the packetfence.log file (Log::Log4Perl) and you normally don’t need to modify it.
Passthrough
In order to use the passthrough feature in PacketFence, you need to enable it from the GUI in Configuration
� Trapping and check Passthrough.
There are two solutions for passthroughs - one using DNS resolution and iptables and the other one using
Apache’s mod_proxy module. When enabled, PacketFence will use pfdns if you defined Passthroughs, or
Apache mod-proxy if you defined Proxy Passthroughs to allow trapped devices to reach web sites.
*DNS passthrough: Add a new FQDN (should be a wildcard domain like *.google.com) in the Passthroughs
section. When PacketFence receives a DNS request for this domain, it will answer the real IP address and
punch a hole in the firewall (using iptables) to allow access. With this method, PacketFence must be the
default gateway of your device.
*mod_proxy passthrough: Add a new FQDN (should be a wildcard domain like *.google.com) in the Proxy
Passthroughs section. For this FQDN, PacketFence will answer the IP address of the captive portal and when
a device hits the captive portal, PacketFence will detect that this FQDN has a passthrough configuration
and will forward the traffic to mod_proxy.
These two methods can be used together but DNS-based passthroughs have higher priority.