Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Temporary block indyvidual vouchers

    Scheduled Pinned Locked Moved Captive Portal
    5 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fr0t
      last edited by

      Hi All,

      I was wondering if there is any easy way to temporary block selected vouchers. I.e. if I have "bad" guy in the network with voucher valid for one week, but he get over daily usage I would like to block him for another day or few hours. So far I am blocking per device using MAC or IP in firewall rules, but if someone have 2 or more laptops or phones its become to be cat and mouse game.

      Would be handy to have an extra tab next to MAC tab in CP zones website and create something like groups per time/period. I.e. 1 day ban list, 1 week ban list or 2hrs ban list.

      Did someone have managed to do something like this?

      Regards
      fr0t

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        Hi,

        No one can make that firewall rule that blocks 'some one'. You'll have to use IP or MAC addresses.

        A click-interface  that let you block "an IP or MAC for x time" doesn't exist. Most of use are provide Internet to adult people, so we can apply the simple solution : preempt the voucher and case closed.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • F
          fr0t
          last edited by

          I think You didn't catch what is my idea…

          I want to do that when I kick (read: disconnect) user then login page will appear on his laptop again, then when he put voucher in, system will check if its allowed to use or not and then pass or block - simmilar like Allowed/blocked MAC list but with vouchers + to be able to configure period (time/date "up to"), so I wouldnt have to rememmber to unblock it later on.

          1 Reply Last reply Reply Quote 0
          • GertjanG
            Gertjan
            last edited by

            I guess I did understand what you want ;)

            Expiring vouchers will not allow users to use it again. They will be thrown of, because the vouchers timed out.
            Status > Captive Portal > zone > Expire Vouchers
            They "the one that were thrown out" have to come to you to get a new voucher.

            The way you want it, "I'll block you temporary - and you'll regain access later on" is more school-, family- or parental-firewall function, and I guess pfSense isn't really intended to these kind of fine tuned demands.

            Anyway, want you want IS possible, of course. It can be arranged here : https://forum.pfsense.org/index.php?board=34.0 ;)

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            1 Reply Last reply Reply Quote 0
            • F
              fr0t
              last edited by

              Instead of pay for it I can do it myself,

              My intention was to do something like this as standard in further versions of pfSense, to give developers idea to improve Captive Portal.

              Problem will be if I upgrade pfSense into next version probably I will lose my functionality and again and again with the next versions.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.