Allow Ports



  • I know currently you can only allow certain IP's in the "allowed list" for captive portal.  But I would like to request and or get feedback on allowing certain ports through as well.
    I know there are plenty of people running LAN parties that would like this, but let me explain why I think it would be useful.

    I run PFSense at a Hotel.  We use pfsense strictly for captive portal and to put non - essential web items behind a NAT.  All guest IP's have a 1:1 mapping with a public address and are wide open for our rules.

    Captive Portal is great… and works great but quite often we get guests that are used to plugging in and connecting with their VPN client without going to the web first.
    this creates a lot of extra work for myself/and or the front desk when they have to explain they have to log on to the web first.

    If we allowed a few VPN ports open to standard LAN/WAN rulings it would make life a whole lot easier for us.
    Or maybe instead of only allowing certain ports... to turn on only capture of packets through port 80?  Just a thought.

    Not sure if this post would better be in the feature request, so apologies moderators if it needs to be moved.  Just curious on peoples feedback.
    Thanks Team!



  • We (pfSense) do not have any desire currently to innovate on the Captive Portal.  The folks over at m0n0wall are actively developing Captive Portal and until this slows down we simply plan on importing their version of the Captive Portal from time to time.

    What I am saying is that you should most likely request features on the m0n0wall list as opposed to here as we will not be adding to the Captive Portal as this increases the complexity to merge from m0n0wall.



  • Perfect! Thanks for the heads up… will do!

    Oh and BTW.... I've been on the mailing list and checking this forum for about 10months now and I have to say I REALLY appreciate you and the Dev teams hard work.  I'm always constantly amazed in your response times and accuracy.  If it were me running this... I would have said "screw you" to us a long time ago :)

    Thanks for creating a great firewall, and helping a great communitity... this project should be a strong example of how open source should be!  THANKS!
    -Tim



  • Thanks!  It can definately be taxing at times.  And the amount of grey hairs on my head seem to be multiplying *4 very rapidly :P


Log in to reply