diff --git a/README.md b/README.md index 5717102b19e..3e1c7d6b19f 100644 --- a/README.md +++ b/README.md @@ -95,4 +95,3 @@ Licensed under the GNU General Public License v2. [mailing_lists]: https://packetfence.org/support/index.html#/community "Community Mailing Lists" - diff --git a/lib/pf/services/manager/pfacct.pm b/lib/pf/services/manager/pfacct.pm index 64d643752a3..b4b161e76e0 100644 --- a/lib/pf/services/manager/pfacct.pm +++ b/lib/pf/services/manager/pfacct.pm @@ -15,10 +15,14 @@ use warnings; use pf::util; use Moo; use Template; +use pf::log; use pf::cluster; use pf::config qw( $management_network + %Config + @radius_ints ); +use List::MoreUtils qw(any uniq); extends 'pf::services::manager'; with 'pf::services::manager::roles::env_golang_service'; @@ -58,15 +62,37 @@ Generate the environment variables for running the container sub generate_container_environments { my ($self, $tt) = @_; - my $management_ip = $management_network->tag('ip'); - - my $port = '1813'; - if ($cluster_enabled) { - $port = '1823'; + my $logger = get_logger(); + my @listen_ips; + + my $port = '-p 1813:1813/udp'; + my $port_save; + my $listeningIp = ""; + if ($cluster_enabled || isenabled($Config{services}{radiusd_acct})) { + my $management_ip = $management_network->tag('ip'); + $port = "-p $management_ip:1823:1813/udp"; + $port_save = "1823" + } + if ($cluster_enabled && isenabled($Config{services}{radiusd_acct})) { + $port = "-p 1833:1813/udp"; + $port_save = "1833"; + } + my $listen = $port; + if (isenabled($Config{services}{radiusd_acct})) { + $listeningIp = '127.0.0.1'; + $listen = "-p $listeningIp:$port_save:1813/udp"; + } else { + if (!$cluster_enabled) { + foreach my $interface ( uniq(@radius_ints) ) { + push @listen_ips, $interface->tag('ip'); + } + my @interfaces = map { $_.":1813:1813/udp" } @listen_ips; + $listen = "-p " . join " -p ",@interfaces; + } } my $vars = { env_dict => { - PFACCT_ADDRESS=> "$port", + PFACCT_ADDRESS=> "$listen", }, }; $tt->process("/usr/local/pf/containers/environment.template", $vars, "/usr/local/pf/var/conf/acct.env") or die $tt->error(); diff --git a/lib/pf/services/manager/radiusd_child.pm b/lib/pf/services/manager/radiusd_child.pm index bcad8c26861..42ea6efd26a 100644 --- a/lib/pf/services/manager/radiusd_child.pm +++ b/lib/pf/services/manager/radiusd_child.pm @@ -1079,7 +1079,15 @@ EOT if(isenabled($Config{services}{pfacct})) { my $management_ip = defined($management_network->tag('vip')) ? $management_network->tag('vip') : $management_network->tag('ip'); - $tags{'pfacct'} = <<"EOT"; + my $port = '1813'; + if ($cluster_enabled || isenabled($Config{services}{radiusd_acct})) { + $port = '1823'; + } + if ($cluster_enabled && isenabled($Config{services}{radiusd_acct})) { + $port = '1833'; + } + + $tags{'pfacct'} = <<"EOT"; # pfacct configuration realm pfacct { @@ -1094,7 +1102,7 @@ home_server_pool pfacct_pool { home_server pfacct_local { type = acct ipaddr = 127.0.0.1 - port = 1813 + port = $port secret = '$local_secret' src_ipaddr = $management_ip } diff --git a/sbin/pfacct-docker-wrapper b/sbin/pfacct-docker-wrapper index 9fd91102e4a..2a5fbb64c1d 100755 --- a/sbin/pfacct-docker-wrapper +++ b/sbin/pfacct-docker-wrapper @@ -12,6 +12,6 @@ args=`base_args $name` args="$args -v /usr/local/pf/raddb:/usr/local/pf/raddb" args="$args -v /usr/share/freeradius:/usr/share/freeradius" args="$args -p 2056:2056/udp" -args="$args -p $PFACCT_ADDRESS:1813/udp" +args="$args $PFACCT_ADDRESS" run $name "$args"