Hi, how could pfsense help me out? (capitve portal user using m0n0wall)

Goosemaster · Oct 24, 2006, 10:20 PM

I created a tutorial using m0n0wall and captive portal along time ago @ http://m0n0.myhsr.com

and am currently working on a new project to setup a secure version of that hotspot (for users themselves) without encryption from the AP (wep, wpa etc)

As you'll notice in the video, the user is proxyied around using cgiproxy in an SSL tunnel and is free to navigate away from the intranet proxy server to other https pages or http pages. In addition, I am using a combination of cgi proxy running on a local apache webserver with openssl. I was interested to see waht pfsense could offer me over m0n0wall with this project.

I am running m0n0wall on a soekris embedded pc, but I am willing to install it on a faster desktop if I can find some use for it;)

hoba · Oct 24, 2006, 11:02 PM

The CP itself is pretty much a 100% port of m0n0's cp besides that the webserver in the background is lighttpd and the pfSense CP supports executing php code. On top of this you can install packages (if not running the embedded version) to add further features. You might be able to build a package for the ssl proxy and run it directly at the pfSense rather than having it located at a seperate machine.

Goosemaster · Oct 24, 2006, 11:15 PM

@hoba:

The CP itself is pretty much a 100% port of m0n0's cp besides that the webserver in the background is lighttpd and the pfSense CP supports executing php code. On top of this you can install packages (if not running the embedded version) to add further features. You might be able to build a package for the ssl proxy and run it directly at the pfSense rather than having it located at a seperate machine.

nice. I doubt the 266mhz chip on my soekris machine can handle a few tunnels + traffic shaping.

How mature are the packages btw? Soem of them look rather interesting for use in an internal router and not necessarily for my gateway.

hoba · Oct 24, 2006, 11:22 PM

There are some packages in the pipe (like freenas) that won't work with the current version of pfSense (and therefor won't show up in the packagemanager yet) and require features that are in the head codetree, other packages might be a bit tricky to get going or not every feature of them will work. Others just work fine. The main focus was to release a stable basesystem first.

I suggest just setting up a system on a hdd and do a testdrive to see if pfSense is/does what you need.

Goosemaster · Oct 24, 2006, 11:32 PM

@hoba:

There are some packages in the pipe (like freenas) that won't work with the current version of pfSense (and therefor won't show up in the packagemanager yet) and require features that are in the head codetree, other packages might be a bit tricky to get going or not every feature of them will work. Others just work fine. The main focus was to release a stable basesystem first.

I suggest just setting up a system on a hdd and do a testdrive to see if pfSense is/does what you need.

thanks.