I've just started using packetfence 6.3.0 (on CentOS 7)and it's mostly configured and customised as I need now. One thing I can't get working yet is iptables logging though.
PF is running in inline mode (inline interface 10.18.255.254/16) and management on a different interface/subnet 10.11.0.0/16.
I have followed the post at https://www.mail-archive.com/packetf.../msg06213.html to enable iptables logging but when I modify the /usr/local/pf/conf/iptables.conf file I can no longer pass traffic from a client (or access the captive page by either name or ip). Reverting the iptables.conf file restores normal functionality.
I tried posting this to the packetfence mailing list earlier this week but haven't had any replies.
I know pfsense is more favored here but was hoping someone here might be a packetfence user and willing to make some suggestions....