Captive Portal Bandwidth settings issue after 2.1.2 update?
-
-
I'm not a programmer, so I have to go by the documentation. The default BW limits have not been totally useless. Because:
-
I read that post before but it didn't make sense to me. Have you used the bandwidth limiting feature on the captive portal before 2.1.1?
Shudnawz says the bandwidth limiter on the main setup page doesn't do anything unless the host is authorized. I presume by "authorized host" he means hosts that have been added to the passthrough MAC or allowed IP/hostname lists, since users that are otherwise unauthorised will not have internet access.
That is not what I have experienced since 1.2.3 though. The bandwidth limiter on the main setup page absolutely limits the speed for users that have logged in to the captive portal, just as its description says: "If this option is set, the captive portal will restrict each user who logs in to the specified default bandwidth."
So - if a user logs in to the captive portal, they will be restricted to the specified default bandwidth.
If a user does not log in (because they're on the passthrough MAC list), their speed does not get restricted, as long as no bandwidth limit is set on the passthrough or allowed list of course.
I also came across this post by cmb in 2011. I figured an admin would be an accurate source for how things work.
https://forum.pfsense.org/index.php?topic=38069.msg196731#msg196731He describes the way it used to work, i.e. a computer that's listed in the Allowed IP or MAC passthrough lists (with no individual bandwidth limit set) will not be subject to any bandwidth limits.
Now, the bandwidth limit is applied to clients who log in as well as those entries in the allowed/mac lists, even though the entries don't have a bandwidth limit set.
- Which came first - the description or the source code? Is the bug in the description, or the updated source code?
Thinking about it, perhaps I should lodge a feature request to allow selecting between pre-bugfix behaviour and post-bugfix behaviour rather than requesting for the description to be changed, since the pre-bugfix method has been around for so many years and some people have evidently relied on that behaviour.
Thanks.
-
-
Pre-bugfix behaviour made exactly zero sense. When you add something to MAC/IP passthrough, configure the BW limits accordingly. Instead of requiring people to configure everything else because the default limit will NOT apply otherwise at all. (IOW, the default limits did NOTHING.) Default means "it will apply to everyone unless explicitly configured otherwise". Not "it will not apply at all."
-
Pre-bugfix behaviour made exactly zero sense.
As with most things, "zero sense" depends on how it is being used.
When you add something to MAC/IP passthrough, configure the BW limits accordingly.
Yes, that's how it will have to be done now. That said, entering in 0 does not disable it like you'd think it should - the field just gets cleared after saving. I presume entering 9999999 would. I hope it doesn't increase resource use or add latency though.
Instead of requiring people to configure everything else because the default limit will NOT apply otherwise at all.
After at least 4 years of the original behaviour, everyone who has set it up the old way will now be required to reconfigure every single entry on their mac passthrough list one-by-one.
(IOW, the default limits did NOTHING.) Default means "it will apply to everyone unless explicitly configured otherwise". Not "it will not apply at all."
So which came first - the description, or the bug in the code? Because the description doesn't seem to match what you're saying.
I quote the description again:
"If this option is set, the captive portal will restrict each user who logs in to the specified default bandwidth. RADIUS can override the default settings. Leave empty or set to 0 for no limit."IOW, each user who logs in will be restricted to the specified default bandwidth. Therefore, users who don't have to log in will not be restricted. Otherwise I would expect it to say "If this option is set, the captive portal will restrict everyone to the specified default bandwidth."
It also says to leave it empty or set to 0 for no limit.
In the mac passthrough screen you can explicitly specify the bandwidth for each entry. It is empty by default, so that user should have no limit. However now, after the bugfix, the bandwidth field is empty but that client is still subject to the limit on the main config screen. And as I mentioned earlier, leaving it empty or setting it to 0 does not result in no limit.
-
Sigh, this debate goes clearly nowhere. Which came first is irrelevant and does not make failure to apply default values and rendering the defaults limits feature completely useless any less of a bug. Neither does "oh it's been broken for 4 years".
As said, if you absolutely cannot live with the description, it can be changed.
However now, after the bugfix, the bandwidth field is empty but that client is still subject to the limit
Yeah, see, that's what the "default" means as I already explained multiple times. If you desire different limits applied to some explicitly configured clients, you can configure them explicitly. Configure nothing means the default applies. Pretty damn obvious.
If this is undesired, why are you configuring the default values at all if you do not want them? ::)
-
My point was that pre-bugfix, the limiting worked just as the descriptions describe it.
Post-bugfix, it doesn't.
So I was curious as to whether or not the change was truly intentional, since the feature now no longer seems to match the description.
-
Pre-bugfix, the default limiting did NOT work at all. Those were totally useless configuration fields not honored at all.
-
Pre-bugfix, the default limiting did NOT work at all. Those were totally useless configuration fields not honored at all.
As I mentioned earlier, that is incorrect. Pre-bugfix, the default limiting applied to ALL clients who log in to the portal. If you did a search on the forum you'd find people using it. Otherwise it wouldn't have gone unnoticed for so long.
The limits did not apply to clients on the mac bypass list. That behaviour matches the description of the feature, as I understand it. But now it doesn't.
-
No, that thing did not work with "Pass-through MAC Auto Entry" either, at least.
Let me state again that a default value should always apply - unless you explicitly configured other values for other cases. It does NOT mean it should
- be ignored in half of cases
- be ignored in most of cases
- be ignored in random cases not thought of before
- apply only when a random user finds it convenient to apply, based on guessing/crystall ball/…
Any of the above is just completely unintuitive design causing confusion and more bugs.
That behaviour matches the description of the feature, as I understand it. But now it doesn't.
Great. So, how about
- fixing the description so that it does not describe buggy behaviour that's no longer in place
- NOT configuring default limits in situations when it's clearly undesired?
Would sound like a problem solved, no? ::)
-
No, that thing did not work with "Pass-through MAC Auto Entry" either, at least.
Are we talking about the same thing? I'm referring to the "Per-user bandwidth restriction" in the Captive Portal configuration screen.
It absolutely, definitely worked exactly as the description describes it.i.e.
On pfSense 1.2.3 till 2.1:
I set a bandwidth limit of 256/64k.
A user logs in to the captive portal.
Their download and upload speed is capped at 256/64k.
A device that has its MAC address in the bypass list with 0 or no entry in the bandwidth limit field can access the internet at full speed.That absolutely worked, 100%.
Let me state again that a default value should always apply - unless you explicitly configured other values for other cases. It does NOT mean it should
- be ignored in half of cases
- be ignored in most of cases
- be ignored in random cases not thought of before
- apply only when a random user finds it convenient to apply, based on guessing/crystall ball/…
Any of the above is just completely unintuitive design causing confusion and more bugs.
The description very clearly states when it applies - to logged-in users. No confusion there.
Post-bugfix however, there's now confusion as to how to assign no limits to an entry in the mac bypass list. Setting the bandwidth values to 0 or empty does not result in no limits, as the instructions on the main config page describes.
Great. So, how about
- fixing the description so that it does not describe buggy behaviour that's no longer in place
- NOT configuring default limits in situations when it's clearly undesired?
Would sound like a problem solved, no? ::)
Sure, the description can be changed.
But what was the original intended behaviour? To me, it looks like it was working just as it was intended to. Now, the bugfix resulted in behaviour that does not match the original description. Was it changed by mistake?
Obviously I can tell you prefer the new behaviour that doesn't seem to match the original description, but it does look like you don't even use the captive portal yourself - otherwise you would have mentioned it or flagged it years ago, no?
I'm not the only person who raised this question and I'm sure there are others who don't post here who might be facing the same situation, so I just wanted to find out if the change was intentional, not whether or not you prefer the new behaviour.
Thanks for the replies though.
-
Yeah the behaviour has been that way but even until 2.1 there was no bw limits you could apply to such hosts.
The behaviour has been changed to match the configuration since an allowed host is still a user.What you can do is specify 0 when you configure such hosts or the required bw.
This is mostly to be consistent all over with the limits. -
@ermal:
Yeah the behaviour has been that way but even until 2.1 there was no bw limits you could apply to such hosts.
Hmm, which hosts are you referring to? The ones in the mac passthrough list? The bw limits definitely worked for all users who logged in through the captive portal.
The behaviour has been changed to match the configuration since an allowed host is still a user.
What you can do is specify 0 when you configure such hosts or the required bw.
This is mostly to be consistent all over with the limits.That doesn't seem to be working for me - 0 isn't accepted. When I change an existing entry in the MAC passthrough list to have 0 as both the upload and download values, when I click on Save and open that entry again, the values are blank. If I set a number other than 0, it is saved.
All the entries on my mac list have the up and down bandwidth blank. Following the description on the main config page, setting it to 0 or blank means that host will have no limit. However, the hosts are still limited.
Thanks!