Newbie questions on Captive Portal and freeRadius

  • Hi all!

    I've had pfSense set up as my firewall at home and tried to manage the kids usage through firewall rules. I recently gave up due to the fact that they kept asking me to change the time slots every day.

    So I installed and configured Captive Portal and freeRADIUS instead, thinking this might give them more freedom to when they spend their time online, but will keep it within reasonable amount (initially 200 min/day).

    After a couple of days I can't say it's been working flawlessly and that's the reason I'm asking here (before they rip my head off).

    1. On the first day, my son happily played MineCraft from 9.00 to late afternoon, with a break during lunch. It seemed that the time quota didn't affect his online time at all. Is there a way that the "game traffic" goes unregistered through? Is there a difference if I choose UPD or TCP as protocol in the configuration? It seemed that he needed to open a browser to initially get to the log in page, but maybe for some reason the session stayed open but registered as idle???

    2. Yesterday the kids had a brief session in the morning (less than an hour) then were away during the day and when they went online in the afternoon the system claimed the time was all used up. Is this perhaps a result of modern IT devices with push notices? The only thing I can think of is if they left their IPADs at home during the day and Snapchat and such kept using up their limit while they were away?

    3. Is there a way to monitor/display their current usage? Can I make a webpage (php?) that they can point their browser to and display something like "Agnes: 150/200 min".

    4. I'd also like a page where they can manually log off their session (so no device will keep using their quota when they want to save it for later).

    5. Can I configure things like Snapchat and Facebook to go outside the quotas? So they can keep their social contacts online while not allowing them free access to the whole universe.

    6. Can I manually reset the quotas for a user (or set it to a specific value)? Would be nice if one of them for some reason needs some extra time.

    I'm sure I'll have more questions, but this will keep me busy for a good while…

    Thanx all!


  • Hi Fredrik,
        I have very similar requirements with managing the kids 'online' time. Have you had any luck?


  • Sorry, no luck. Rather a general outcry that nothing was working that forced me to turn it off…
    I think some of the kids services (push notices I suspect) kept the connection open and used up all their quotas while they were at school, so when they came home they found their quota used up and there was a lot of angry phone calls to dad while I was at work...

    I now see there's an allowed IP section, so maybe I can let some things go through there, but I will have a hard time figuring out the IP addressess of things like Snapchat and whatever they decide to use.
    No, I think I need a firm logout button for this to be accepted at home...

    For now, I'm stuck with firewall rules and scedules, paired with a VPN connection so I can close and open things from my mobile if needed.

Log in to reply