Grabbing user IPs to apply rules
-
Is it possible to grab a user's IP add when they login PLUS identify if they used user creds or a voucher code,
then based on this, be able to add their IPs on a firewall rule?I'm aiming to give different surfing privileges for users. Thanks!
-
Grabbing the user IP, of course. Even the MAC is available.
But ….. not without some PHP scripting, starting with /usr/local/captiveportal/index.php and /etc/inc/captiveportal.inc
-
Sorry if I wasn't clear enough. I know grabbing those is possible.
My question is if I can automatically put those IPs under an updated alias, so the firewall rule always knows which IPs to block even after users log out or new ones log in. thanks -
….
My question is if I can automatically put those IPs under an updated alias, so the firewall rule always knows which IPs to block even after users log out or new ones log in. thanksThis is the answer :
@Gertjan:….
But ..... not without some PHP scripting, starting with /usr/local/captiveportal/index.php and /etc/inc/captiveportal.inc -
Haha thanks man, but by "is it possible?", I actually meant "what codes do I need?".
Fault's on me. Sorry…So yeah, your reply answers my literal question.. thanks.
To add to it, I just wanna ask if editing the captiveportal.inc needs reconfiguration whenever pfSense is updated.. It reverts it back, right? -
if you want to seperate voucher & user/pass users, its probably easier to setup a different network altogether (& running a seperate CP for each).
i haven't come across of anyone who hacked something together todo what you wish, but its probably no all too difficult for someone who knows the codebase. ( try a bounty if you can't do it yourself )
the problem is not to get it working. the problem is to get it working, so it can be useful for multiple people in different scenarios.
for example:- it should work for local users( integration in the pfsense user/group manager)
-it should work for seperate voucher-rolls - it should work for radius/active-directory users/groups/ou's
- …. whatever else i've forgot
just wanna ask if editing the captiveportal.inc needs reconfiguration whenever pfSense is updated.. It reverts it back, right?it gets overwritten, unless you manage to get the feature added to https://github.com/pfsense for the next major release (2.4)
- it should work for local users( integration in the pfsense user/group manager)
-
Yeah, I agree to pretty much everything you said.. :) Thanks
