Allow anonymous for a time period but only allow one session per day
-
The easy way i could think of this, create new page for captive portal (index.php). The psuedo will be something like this.
1. Insert an account in mysql (if you are using freeradius with mysql) to accept the account. Radius will check based on MAC address to reply Accept.
2. Call radius auth procedure.
3. Update account status to reject.
4. Redirect to user page.5. Run cron everynight to clear out reject acc. * another procedure.
The problem right now is, I just playing out with pfense n freeradius a week ago.. I still trying to figure out whether hard-time out can be set by radius or only pfsense. If only pfsense, then you can set hard-timeout lets said to one hour.. But all acc will be disconnect after one hour.. Guest acc cannot re-login but other account can re-login. The second one, if the guest user disconnect (even they still not using up to 1 hour) they cannot reconnect until cron clear the account. If wanna user to be able to login need to change no 3. Maybe using cron also to update reject status.
-
Don't forget that you can run php on a cp page. Let the user click on create guest account at your CP page and save his mac adress as passthrough mac. Now add a script at the backend that removes this mac again after some given time. Just a suggestion ;)
-
Good idea too… I'm hoping for one-click ease, though. All the user should have to do is open a browser, try to go somewhere, get redirected to the splash, click accept, and arrive at their intended destination. Something that can do that will aid my project greatly.
-
We also really need this. If you come up with a viable solution, or want someone to pitch in on a bounty, please let me know.
- Pete
- pc@ipro.net
-
This would be a one click solution. The initial .htm captive portal page can meta-redirect and or javascript redirect as a backup to the .php page where the splash page/etc could be displayed. Granted your talking about a custom php splash page at this point but it would work.
-
I guess I don't have the technical wherewithall to pull this off by myself. I'll have to rely on the bounty.
-
i have bean modding the captive portal for guest use
make a portal html file
blabla blacopy the atached file to /usr/local/captiveportal/splash.php
-
Although I haven't tried this yet, the code looks like it's capable of doing what I need, or at least close to that. A few questions:
- This has a dependence on radius, correct?
- I didn't spot in the code where someone could specify a time limit and keep that MAC address off the network after their time expired, did I miss it?
- The client db is a file on the local system, so this wouldn't be a good idea on a device that uses CF as it's storage media?
-
- no it don't it needs the No authentication mode on the captive portal setup page
- use the times on the captive portal setup page this will disconnect the guest when the time is gone
no support for no reconnect just guest mode - the file was from the normal captive portal
on embeded /var is on memory
-
I've tried your add-ons, but I can still reconnect following a timeout. Is there a something I can test to see what is or isn't happening?
-
there is no support for that
it works with code already in the portal
i yust removed the username and password check -
I can do that with no modification to the existing code…why did you feel you needed to create a mod?