Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    CaptivePortal - Random Time Outs

    Captive Portal
    2
    6
    591
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MadCatZA
      last edited by

      Dear pfSense Community

      For some odd reason my pfSense box has been randomly timing out users after a few seconds. If I restart the Squid/CaptivePortal services it works fine again. What could be the problem? Please see below for reference.

      2.4.4-RELEASE (amd64)
      built on Thu Sep 20 09:03:12 EDT 2018
      FreeBSD 11.2-RELEASE-p3

      Nov 14 16:14:39 logportalauth 333 Zone: captiveportal - ACCEPT: user1, , 192.168.1.11
      Nov 14 16:15:31 logportalauth 67284 Zone: captiveportal - IDLE TIMEOUT: user1, , 192.168.1.11
      Nov 14 16:16:20 logportalauth 333 Zone: captiveportal - ACCEPT: user1, , 192.168.1.11
      Nov 14 16:16:31 logportalauth 93592 Zone: captiveportal - IDLE TIMEOUT: user1, , 192.168.1.11
      Nov 14 16:16:52 logportalauth 333 Zone: captiveportal - ACCEPT: user1, , 192.168.1.11
      Nov 14 16:17:32 logportalauth 21192 Zone: captiveportal - IDLE TIMEOUT: user1, , 192.168.1.11
      Nov 14 16:23:26 logportalauth 333 Zone: captiveportal - ACCEPT: user2, , 192.168.1.28
      Nov 14 16:23:33 logportalauth 66745 Zone: captiveportal - IDLE TIMEOUT: user2, , 192.168.1.28

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        Hi,

        What are your idle and hard timeout settings ?

        Tell us all about your setup. Something horrible has happened :

        Nov 14 16:14:39 logportalauth 333 Zone: captiveportal - ACCEPT: user1, , 192.168.1.11

        Where is the MAC address ?????

        My favourite what happens when you ditch squid ?

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        M 1 Reply Last reply Reply Quote 0
        • M
          MadCatZA @Gertjan
          last edited by

          @gertjan said in CaptivePortal - Random Time Outs:

          Hi,

          What are your idle and hard timeout settings ?

          Tell us all about your setup. Something horrible has happened :

          Nov 14 16:14:39 logportalauth 333 Zone: captiveportal - ACCEPT: user1, , 192.168.1.11

          Where is the MAC address ?????

          My favourite what happens when you ditch squid ?

          Hi Gertjan, idle time is set to 60mins, I have not setup a hard timeout as I feel that might be a bit much and irritate people having to constsntly login every hour. That MAC is from a PC I call drawing3 in the network, however ive disabled all forms of MAC filtering as we dont need it. I used Radius auth to a Windows server using Windows logins as accounts on the captiveportal, not internal user accs from the pfSense box. Anycase, it works fine for days then just randomly starts the time out issue until a restart/reload.

          GertjanG 1 Reply Last reply Reply Quote 0
          • GertjanG
            Gertjan @MadCatZA
            last edited by Gertjan

            @madcatza said in CaptivePortal - Random Time Outs:

            however ive disabled all forms of MAC filtering as we dont need it

            Be aware : the pfSense captive portal is MAC based.

            Your "IDLE TIMEOUT" messages every minute indicates me that the "prune" function stops your connections.
            This one :

            44447  -  Is        0:00.00 /usr/local/bin/minicron 60 /var/run/cp_prunedb_cpzone1.pid /etc/rc.prunecaptiveportal cpzone1

            is run every minute to check if there are candidates that have no traffic (for the last IDLE time = your 1 hour). If so, they are removed.
            If you are capable of reading PHP, check the captiveportal_prune_old function in /etc/inc/captiveportal.inc
            That is the function that throws out the connections.

            The system clock works ?

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            M 1 Reply Last reply Reply Quote 0
            • M
              MadCatZA @Gertjan
              last edited by

              @gertjan said in CaptivePortal - Random Time Outs:

              @madcatza said in CaptivePortal - Random Time Outs:

              however ive disabled all forms of MAC filtering as we dont need it

              Be aware : the pfSense captive portal is MAC based.

              Your "IDLE TIMEOUT" messages every minute indicates me that the "prune" function stops your connections.
              This one :

              44447  -  Is        0:00.00 /usr/local/bin/minicron 60 /var/run/cp_prunedb_cpzone1.pid /etc/rc.prunecaptiveportal cpzone1

              is run every minute to check if there are candidates that have no traffic (for the last IDLE time = your 1 hour). If so, they are removed.
              If you are capable of reading PHP, check the captiveportal_prune_old function in /etc/inc/captiveportal.inc
              That is the function that throws out the connections.

              The system clock works ?

              System clock works. And I also could have a look at the PHP, however if I need to do that it would mean this is a bug, yes?

              GertjanG 1 Reply Last reply Reply Quote 0
              • GertjanG
                Gertjan @MadCatZA
                last edited by Gertjan

                @madcatza said in CaptivePortal - Random Time Outs:

                however if I need to do that it would mean this is a bug, yes?

                No way.
                I tend to use the code as the manual for pfSense. When I understand the code, I know what the GUI settings do - and why things happens, under the exact condition.
                I'm using the portal for many, many years now. People are disconnected when their device isn't communicating any more after 4 hours (my idle time setting). Or after 12 hours what ever happens - the hard time out.
                Of course, you and me are not the only one using the captive portal. Thousands of others use it also.
                If connected clients would be thrown out after one minute sharp, this forum would explode with messages from unhappy users.
                The good new : this issue only happens to you.
                Bad news : this issue only happens to you.

                Global news : as you and we use the same software, only setup and settings are different.

                Thus : what is your setup ? settings ? Explain us, and we'll explain how to correct it.

                No "help me" PM's please. Use the forum, the community will thank you.
                Edit : and where are the logs ??

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.