@heper yeah, that's probably the one. It was solved. I was using 2.7.2 in the post for a while and had no issues what so ever.

I will dig it. Many thanks!

@carlosi7 Hover the mouse over the Stop button : [image: 1728994216628-1fc11747-ea64-46c2-b13d-3b8481586f5b-image.png] The "Services Status" status dash board widget is a file you can find here : /usr/local/www/widgets/widgets/smart_status.widget.php This file will bring you straight to /etc/inc/services-utils.inc, where services like the captive portal can be stopped and started. As cron task can be an executable (so you have to build your own^^) or, most often, look at all the pfSense cron tasks already present, a script file. Now you know where to find the examples that shows you how to do that.

@chinraam said in Nginx "404 Not Found" Error after POST action to "$PORTAL_ACTION%2quot;: Can you please guide or let me know how to overcome? I'm not modifying or editing any of the pfSense PHP files. So I have no issues neither errors. I can't do "self registration" as I'm not allowed (and not want to, neither maintain) ask for any private info like phone numbers or email addresses.

@FSC830 hello I'm researching about some like this, exist some github repo? it will be nice because the community can contribute this is grate i will test soon thanks

@Gertjan said in Does anyone know how to get count of logged users in Captive Portal ?: php -q /root/captiveportal_count_online_users.php PERFECT! Tks,

@Gertjan @JonathanLee It has been fixed, found the same issue. https://redmine.pfsense.org/issues/15404

@msalavee said in Ips allowed in Captive Portal pfsense 2.7.2 does not work: 2.6.0 I've been using 2.7.2 for a while and then switched to pfSense Plus, currently 24.03. Did you saw the last post in the thread I've shown ?

@msalavee It's always a language issue ;) See your other post.

After two years of work, I was able to create a captive portal system on IPv6. installation guide on YouTube: https://youtu.be/iNjzQ0beCaA?si=6PNOC3vEFhUfPJe4 Download link for the trial version: https://drive.google.com/file/d/1cbmzbUVbu6Wg_kWNLfXjOb7QZB8LlZFS/view Best regards

@Intone said in Relationship between uploaded HTML and index.php in Captive portal.: the relationship When the device hits the captive portal's web server at @IP-Portal:800x the index.php is used. "index.php" because : see the nginx main configuration file - one for http and one for https. [image: 1726739465297-9c814fc8-8d56-4bad-acdb-fc7a62a19dc5-image.png] If the user isn't already logged in, the index.php doesn't do match and falls trough the index.php up until this point. The function portal_reply_page is called with $type set "login" so the main 'html' login page is sourced (line 1835), this is your uploaded html file, variables are put in place, stuff like #PORTAL_ZONE#, and then the magic happens at line 1868. echo $htmltext; and done. When you hit "Connect", now your 'posting', the same index file is used, and you reach the most common point where user and password entries are tested, and if ok, access is granted. short survey : You can use php in your self made 'html' page. edit : go for the easy mode : create a link text (URL) that links to another web page that you upload into pfSense. You will have to write some back end code (script) to handle the user input. Get a copy of the default build in login page (you can see it here) for an example.

@andreychernik999 Not something you can do on pfSense. And not an issue neither. As soon as devices are connected and authenticated against the captive portal, everything works as if there was no captive portal. So gmail, whatsapp, telegram and everything else just plain works.

I saw your network diagram. Normally, afaik, captive portal users are non-trusted users. Cameras, normally should be made accessible for trusted users. Try this : declare every camera as a host in one of these : [image: 1725218457531-ed7ad9c0-9cb4-4c65-bc6b-dfc9b835370c-image.png] so no portal access rule (and counters) are used to access the cameras ? (I'm not sure but easy to try out )

@dimsum said in How can I get a user sent/received size: idea Like this ?

@Gertjan Yes but it didn't work, the problem was still there

Using SQL and chosing for SQLight ? Didn't know that was possible / was an option. I use FreeRadius, but use a 'SQL' server (MariaDB on my NAS). "SELECT value FROM radcheck WHERE username = '$username' AND attribute = 'Max-Monthly-Data'"); Did you modify the FreeRadius config files manyally so it adds "attribute" in the radcheck table ? I see just this : [image: 1724249247048-2540284a-b474-4dd1-95de-9b8bb8b373c9-image.png] = the user name and password. No other colums. edit : wait : by default, this table is empty as pfSense uses the GUI to create a file ( this file : /usr/local/etc/raddb/mods-config/files/authorize ) that contains the users, passwords and some other stuff. Be ware : FreeRadius can have thousands of options, pfSense uses (enables) just a few of them. The rest is hard coded / not used. @fakearia said in pfSense Captive Portal + FreeRADIUS + SQLite Configuration Issues: Why is this happening, and how can I prevent it? pfSense controls the construction of config files of every and any process on the system. The the core essence of what is pfSense all about. If you want to have your own config files, you should modify the files that create these files (modifying pfSense, itself)

@ricardocasagrande said in Captive Portal + freeradius + LightSquid: so, maybe you have a better solution for my problem. Normally, there is the concept of being responsible for what is done with your Internet connection. So when I set up a captive portal for a hotel somewhere in 2006 using m0n0wall, pfSense was forked from it, I was looking for securing what portal clients could access. Today, I'm using pfBlockerng to block the most obvious host names (DNSBL) and if I suspect something, I can route all portal traffic over a VPN connection. Never had any issues with my ISP, knowing that I know they are looking, as I saw the warnings they send out when they detect something : a couple of my friends / neighbors were 'caught' while streaming and or sharing "Disney content". The real streamer / downloader uses a VPN anyway. Or is just to scared to connect to a network he doesn't know/trust. And, IMHO, all this has nothing to do with pfSense. If you want to use a proxy so you can analyze content, you need to know : What the "Internet" actually is, down to the packet. You need to know how proxies are set up and maintained. You need to have a good list with rules so you can actually detect something. You have to stay on to it permanently, as handling false positives will happen all the time. More and more sites just can't be proxied anyway. I've decided already a long time ago : it's not worth it. I already host my own web servers on my own dedicated Debian 12 dedicated server, a "big iron" device. I'm doing my own DNS domain name zone hosting using bind. When that was running, I've added DNSSEC everywhere, added my own postfix mail server for all my domains, fully compliant with all the modern mail constraints. No GUI what so ever to maintain all this, everything is set up the old way. All this to say : I've started to know what 'Internet' is, and I know also I still don't know enough.