• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Captive portal on multiple ifaces?

Scheduled Pinned Locked Moved Captive Portal
16 Posts 3 Posters 7.6k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • I
    itsmorefun
    last edited by May 22, 2009, 10:53 AM May 22, 2009, 7:46 AM

    :o Good Work !
    Thank you very much  :)
    :D 8) ;) :) :D

    1 Reply Last reply Reply Quote 0
    • I
      itsmorefun
      last edited by May 22, 2009, 10:10 AM

      Hum,  :-
      Seem not work.
      I have try http://snapshots.pfsense.org/FreeBSD_RELENG_8_0/pfSense_HEAD/livecd_installer/pfSense-2.0-ALPHA-ALPHA-20090522-0021.iso.gz
      If i select LAN, if user on LAN ask google, he have captive portail (ok)
      If i select OPT1, if user on OPT1 ask google, he have captive portail (ok)
      If i select LAN and OPT1, if a user on LAN ask google, he have portail, but if a user of OPT1 ask google he have google.  :'(

      I will add interface and try with captive portail on OPT1 and OPT2…

      Thank in advance.

      1 Reply Last reply Reply Quote 0
      • I
        itsmorefun
        last edited by May 22, 2009, 1:07 PM May 22, 2009, 10:53 AM

        Same result,
        With captive portal enabled on OPT1 and OPT2, only OPT1 packet are intercepted.

        I will try to understand https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/f8b1131038f1a8ced102c79ed6c72ef9dc05e6f1 to find why that don't work…

        Maybe a problem with:
        341 # skip to traffic shaper if not on captive portal interface
        342 add 1000 set 1 skipto 50000 all from any to any not layer2 not $cpif
        343 # pass all layer2 traffic on other interfaces
        344 add 1001 set 1 pass layer2 not $cpif

        If I do "ipfw show | grep ed2" with only OPT1 selected:
        01000     5    5344 skipto 50000 ip from any to any not layer2 not via ed2
        01001     5    5344 allow ip from any to any layer2 not via ed2

        If I do "ipfw show | grep ed3" with only OPT2 selected:
        01000     5    5325 skipto 50000 ip from any to any not layer2 not via ed3
        01001     5    5325 allow ip from any to any layer2 not via ed3

        If I do "ipfw show | grep ed2" with OPT1 and OPT2 selected:
        01000     5    5325 skipto 50000 ip from any to any not layer2 { not via ed2 or via ed3 }
        01001     5    5325 allow ip from any to any layer2 { not via ed2 or via ed3 }

        Maybe the problem is the interpretation of the "not" and the "or" ?

        Thank for any help.

        1 Reply Last reply Reply Quote 0
        • E
          eri--
          last edited by May 22, 2009, 1:31 PM

          Can you update to the latest snapshot or try this modification?
          https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/fca39472782bdbd06722c053cb345de6a8f754bd

          Thanks

          1 Reply Last reply Reply Quote 0
          • I
            itsmorefun
            last edited by May 22, 2009, 2:49 PM May 22, 2009, 2:13 PM

            Yes!!! You are a king  8)

            It work  ;)

            Juste two things,
            ->on Status: Captive portal:
            The last line, the column Session start show: Warning: date() expects parameter 2 to be long, string given in /usr/local/www/status_captiveportal.php on line 107

            ->on Status: System logs: Portal Auth: When user have a firewall blocking input icmp some log with: php[43507]: /index.php: The command '/sbin/ping -c 1 -t 1 172.16.1.11' returned exit code '2', the output was 'PING 172.16.1.11 (172.16.1.11): 56 data bytes –- 172.16.1.11 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss'
            (172.16.1.11 is the ip of the user)

            Very Thank

            1 Reply Last reply Reply Quote 0
            • E
              eri--
              last edited by May 22, 2009, 3:06 PM

              Should be fixed both of them.

              Thanks for teh feedback.

              1 Reply Last reply Reply Quote 0
              • I
                itsmorefun
                last edited by May 22, 2009, 3:44 PM May 22, 2009, 3:42 PM

                @ermal:

                Should be fixed both of them.

                Thanks for teh feedback.

                Nice but https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/4fa2be6d7d7e2351e60805d7cbcb7d734945adb5 not work because $cpent is an array.

                With "if (empty($cpent[0]))" it work

                Thank
                :)

                1 Reply Last reply Reply Quote 0
                • E
                  eri--
                  last edited by May 22, 2009, 4:31 PM May 22, 2009, 3:50 PM

                  Added to the repo a better fix https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/caec9484b7ad9fdf1613db7b05955a14281b4b9c

                  1 Reply Last reply Reply Quote 0
                  • I
                    itsmorefun
                    last edited by May 23, 2009, 7:56 AM

                    @ermal:

                    Added to the repo a better fix https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/caec9484b7ad9fdf1613db7b05955a14281b4b9c

                    Nice, it work too

                    BUT after start the captive portal, while nobody log on, the captiveportal.db file is not created and the
                    status page show:
                    Warning: file(/var/db/captiveportal.db): failed to open stream: No such file or
                    directory in /usr/local/www/status_captiveportal.php on line 67 Warning: Invalid
                    argument supplied for foreach() in /usr/local/www/status_captiveportal.php on line
                    68
                    ;D

                    Thank :)

                    1 Reply Last reply Reply Quote 0
                    • I
                      itsmorefun
                      last edited by May 26, 2009, 6:03 AM

                      Thank Ermal (https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/93ed765955f8891b985805e4d49ba96f8694c6d7)
                      :-)

                      1 Reply Last reply Reply Quote 0
                      • R
                        rt_rex
                        last edited by Sep 4, 2009, 7:22 PM

                        I did not test the captive portal feature on 2.0 .
                        One thing i did not understand about dual iface captive portal.
                        Assuming i have CAPtive portal enable on LAN and OPT1 and the CP interfaces are in diferent subnets (10.0.0.0/24,192.168.1.0/24), how do they do the http redirect to one single address ?
                        Or there is a field to config the two independent URL redirect ,one for each subnet?

                        Thanks

                        Don´t Try this @home go outside!
                        WIFI Link @ 76 km
                        Pfsense with 3G USB

                        1 Reply Last reply Reply Quote 0
                        • E
                          eri--
                          last edited by Sep 5, 2009, 3:07 PM

                          It will show the same login to different subnets.
                          That is all up to you in your login page php code if you want to show them different things.

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                            This community forum collects and processes your personal information.
                            consent.not_received