Voucher database synchronization
-
Hi,
I think I found kinda relation between the duration of the voucher and the length of the ticket.
Looks like only the 1st digit is actually "active" in the end.
For example:
I create 3 vouchers:
200 min
300 min
400 min
and on the test page(status_captiveportal_test.php) it shows :
FqGkVaxLwZc (3/4) good for 400 Minuteswhen a voucher is actullay used it shows in the system logs -> captive portal
Voucher login good for 4 min.: FqGkVaxLwZc,Same with 300 min, and then its valid 3 min duration, 200 min -> 2min duration…
Maybe this helps a little
Stefanero -
Can you please test with latest snapshot and also post the system log on the problematic portal.
-
Hi erml,
thank you for the reply,
I am now running
2.0-RC1 (i386)
built on Mon Mar 7 12:03:17 EST 2011I created some new voucher, when I go to test page first:
status_captiveportal_vouchers.php –> active_vouchers page
Warning: file(/var/db/voucher_active_4.db): failed to open stream: No such file or directory in /usr/local/www/status_captiveportal_vouchers.php on line 61 Warning: Invalid argument supplied for foreach() in /usr/local/www/status_captiveportal_vouchers.php on line 62but the rest test itself is okey,
PchcMGLVFct (4/3) good for 500 Minutes
Access granted for 500 Minutes in total.on the pfsense system logs
Last 50 system log entries Mar 8 16:09:56 php: : The command 'pfctl -K ' returned exit code '1', the output was 'pfctl: option requires an argument -- K usage: pfctl [-AdeghmNnOqRrvz] [-a anchor] [-D macro=value] [-F modifier] [-f file] [-i interface] [-K host | network] [-k host | network ] [-b host | network ] [-o [level]] [-p device] [-s modifier ] [-t table -T command [address ...]] [-x level]' Mar 8 16:09:56 php: : The command 'pfctl -k ' returned exit code '1', the output was 'pfctl: option requires an argument -- k usage: pfctl [-AdeghmNnOqRrvz] [-a anchor] [-D macro=value] [-F modifier] [-f file] [-i interface] [-K host | network] [-k host | network ] [-b host | network ] [-o [level]] [-p device] [-s modifier ] [-t table -T command [address ...]] [-x level]' Mar 8 16:09:56 php: : The command '/sbin/ipfw table 2 delete ' returned exit code '64', the output was 'ipfw: IP address required' Mar 8 16:09:56 php: : The command '/sbin/ipfw table 1 delete ' returned exit code '64', the output was 'ipfw: IP address required' Mar 8 16:09:46 php: /index.php: CaptivePortalVoucherSync XMLRPC reload data success with http://ip-addr:8080:8080 (pfsense.exec_php). Mar 8 16:09:46 php: /index.php: Captive Portal Voucher XMLRPC sync data http://ip-addr:8080:8080.Last 50 Portal Auth log entries Mar 8 16:09:56 logportalauth[52446]: TIMEOUT: , , Mar 8 16:09:46 logportalauth[63795]: Voucher login good for 5 min.: PchcMGLVFct, , ip-addr-laptopbtw, when I redo the test, with the current logged in voucher I get:
PchcMGLVFct (4/2) active and good for 1 Minutes Access granted for 1 Minutes in total.hope to help
stefanero -
hmm
I just tryed some more, and now the user is at least not logged out anymore after the 5min in this case.
but i wonder if he ever will be logged out, since the voucher is not shown in the "active vouchers" page anymore.
and, when I now use the voucher again in the test page it sais -> denied.
stefanero
-
Well good morning,
I tryed latestet snapsshot
2.0-RC1 (i386) built on Wed Mar 9 18:16:20 EST 2011 You are on the latest version.and deleted all my existing vouchers on the system in the LAN, then created a new roll and syncted it to the DMZ server.
but still -> no go
system logs on dmz box:
Mar 10 08:11:22 php: /index.php: CaptivePortalVoucherSync XMLRPC reload data success with http://lan-server-ip:8080:8080 (pfsense.exec_php). Mar 10 08:11:22 php: /index.php: Captive Portal Voucher XMLRPC sync data http://lan-server-ip:8080:8080.captive logs on dmz box:
Mar 10 08:13:05 logportalauth[36258]: TIMEOUT: qNday4Qihc63, , ip-addr Mar 10 08:11:22 logportalauth[60559]: Voucher login good for 1 min.: qNday4Qihc63, , ip-addrand its a 1440 min voucher :-\ so again only the 1st digit is taken into account for voucher lifetime
the tests on the test pages were showing informations just fine.
Also in the Lan-pfsense I can see in the voucher status page:
qNday4Qihc63 1 03/10/2011 08:11:22 1432 min 03/11/2011 08:11:22cu
stefanero -
Hi again,
thought I tryed latest snapshot again.
But problem still present.
2.0-RC1 (i386) built on Sun Mar 13 06:53:56 EDT 2011Mar 14 09:36:31 logportalauth[61338]: Voucher login good for 1 min.: sJ74hkCMmQz, , 172.31.128.9cu
stefanero -
Hello,
still not working btw, "mar 20th" snapshot
-
Can you show me a screenshot of how you have configured the sync voucher section on pfSense?
-
Hi erml,
sure I can attached is a screenshot.
The internal pfsense runs on a class 10 - priv network, we use a different user and run on port 8080 instead of the default.
Like I already wrote in my previous posts, I think the syncronization is kinda working.
Going to Status -> Captive Portal, I can see the rolls from the Lan - pfSense and also the test page with a voucher from lan works fine.
Its only a matter when I actually use a voucher on a laptop.
cu
stefanero
-
Check tomorrow's snapshot. I am about to commit a fix for this.
-
Thank you very much.
I will let you know as soon as possible.
cu
stefanero -
Can this be implemented to sync on a non pfsense machine? To send info an sync with another DB?
-
If you can talk the same xmlrpc than yes you can implement it somewhere else.
-
Good morning,
well sry to tell but still no difference to the situation before.
Voucher Roll Activated at Expires in Expires at adjYYXFyUe73 1 03/25/2011 08:34:21 0 min 03/25/2011 08:35:21It should have been a 1440 min voucher and not just 1 minute. The sync works as before, I can test the vouchers on the test page showing up fine with a duration of 1440 minutes,
but when they get entered in the client, the duration is just the first digit of the duration of the voucher.so when a voucher runs 200 minutes, the duration is 2, when a voucher is valid 300 minutes the duration is 3… and so on.
regards
Stefanero -
Now should be all functioning properly.
Test with latest snapshots. -
Hi ermal,
this is looking good now, finally working :)
thnx a lot to you and sullrich
stefanero