mass modification captive-portal file (ansible)

  • Hello
    we have a hundred captive portal with pfsens e of installations.
    we have a small modification on the portal authentication page.

    I tried to modify the files by hand in:


    but after saving in the captive portal tab.
    the values will appear as before ...

    I am going through editor in the diagnostic / edit tab, but also via SSH.

    I later wish to modify the files via Ansible but without the first step of validating.
    we will therefore have to modify all the captive portal via the file manager tab of the captive portal and Portal page contents.

    thank you in advance

  • afaik all of it is stored in config.xml

    you could probably find a way to change it directly in it.

  • ok the files in config.xml it's encrypted :( don't modify

  • its not encrypted. its base64 encoded.

    like so:


    this can be easily decoded by using the builtin base64 functions in (m)any programming/scripting languages.

    even online you can easily find websites that do it for you:

  • Hello

    OK, thanks

    • I will therefore have to:
    • decode the part that interests me.
    • modify line
    • then encode it
    • and then rinse it out.

  • The config.xml contains all the settings, of any configuration file on pfSense.
    You have hundred pfSEnse installs in the field yet that very first strong point of pfSense is unknown to you ?

    When you read :
    Install pfSense 'from scratch', then import ONE congig file ans everything is setup, what do you make of that ?
    It must be something like : from the config.xml file, all system config files are created. Right ?
    Among them : (your own ) captive portal landing-login page.

    If the uploaded file is the default one, you can get it right out of your browser : just look at the html .....
    Every browser has a page inspection facility.
    Still, you need to look up "in the manual" what actually in that file, because some are variables, put in place "on the fly" when the page is send to the visitor.

    Or use :


    and then uses this info :


    to complete the minimal framework to get to a usable login page.

    That's all there is.

    So, no need to look and de-base64 parts of the config.xml.
    It would work, that's for sure.

    The final work flow will be :

    1. You make your page - start with the default one (see below).
    2. Import it using the GUI.
    3. Test, if no-go, goto 1)
    4. Done.

    Where step 4) might as well be the most difficult one ;)

Log in to reply