pfSense 2.5.0 Captive Portal Per User Limit is Not Working
-
@limez17 that's strange, no one has complained of this...
Could you make sure that the checkbox "Enable per-user bandwidth restriction" is checked? There was a bug that has been resolved in 2.5.0, "the limiter continue to operate even if this checkbox is unchecked". Perhaps that's the reason?
are you using a radius server? If yes, are you advertising pfSense-Bandwidth-Max-Up/Down in your Access-Accept ?
-
@free4 Thank you for replying.
I did not enable that since it will affect all connected users.
What I did was set IP rule, each IP have defined bandwidthup.down limit:
Yes, its strange. This kind of setup is working for me for almost 3 years now.
-
@limez17 said in pfSense 2.5.0 Captive Portal Per User Limit is Not Working:
@free4 Thank you for replying.
I did not enable that since it will affect all connected users.
What I did was set IP rule, each IP have defined bandwidthup.down limit:
Yes, its strange. This kind of setup is working for me for almost 3 years now.
may I ask if you assign or set a static mapping for each ip address to their respective mac address? thanks!
-
works as expected on 2.5:
# ipfw table all list | grep 192.168.88.77 192.168.88.77/32 2002 0 0 0 192.168.88.77/32 2003 0 0 0 # ipfw pipe show 02002: 3.800 Mbit/s 0 ms burst 0 q133074 100 sl. 0 flows (1 buckets) sched 67538 weight 0 lmax 0 pri 0 droptail sched 67538 type FIFO flags 0x0 16 buckets 0 active 02003: 3.700 Mbit/s 0 ms burst 0 q133075 100 sl. 0 flows (1 buckets) sched 67539 weight 0 lmax 0 pri 0 droptail sched 67539 type FIFO flags 0x0 16 buckets 0 active 02000: unlimited 0 ms burst 0 q133072 100 sl. 0 flows (1 buckets) sched 67536 weight 0 lmax 0 pri 0 droptail sched 67536 type FIFO flags 0x0 16 buckets 0 active 02001: unlimited 0 ms burst 0 q133073 100 sl. 0 flows (1 buckets) sched 67537 weight 0 lmax 0 pri 0 droptail sched 67537 type FIFO flags 0x0 16 buckets 0 active -
@viktor_g thanks for the confirmation (i was about to perform the same test)
Given the situation, i'd say it's an issue with the DHCP leases which changed and messed up all the bandwith rules ?
-
@1ntr0v3rt3ch said in pfSense 2.5.0 Captive Portal Per User Limit is Not Working:
address
Thank you for your response @1ntr0v3rt3ch
Yes, there's a static mapping for all connected devices. Just to recap. My setup is working on my original setup version 2.4.X. But upon upgrading to 2.5.0, Per User Limit is not working.I've been monitoring the traffic graph of this box, connected devices are reaching the maximum bandwidth of its assigned gateway.
-
@viktor_g thank you for your response,
I just noticed that your GUI is different from mine.
Please see below screenshot:
"Direction" is not present.
-
@free4 Thank you for your response.
I disagree, i didn't change my config. I just upgraded my version.
-
Update:
I tried to fresh install version 2.5.0. Captive Portal's IP Rule GUI is same now with @viktor_g.
I also tested that the bandwidth limit is working.Is it safe to say that this is a bug when upgrading version from 2.4.X into 2.5.0?
-
@limez17 said in pfSense 2.5.0 Captive Portal Per User Limit is Not Working:
Update:
I tried to fresh install version 2.5.0. Captive Portal's IP Rule GUI is same now with @viktor_g.
I also tested that the bandwidth limit is working.Is it safe to say that this is a bug when upgrading version from 2.4.X into 2.5.0?
yesterday, I upgrade my setup from 2.4.4 p3 to 2.4.5 and then to 2.5. captive portal's ip rule gui is the same as @viktor_g showed. so i don't think its a bug whe upgrading.
nice to hear that it's working now! congrats!
-
@1ntr0v3rt3ch its working on a test box. On the original box, its still the same. Not fixed. Is there a way to update the Captive Portal package?
-
@limez17 said in pfSense 2.5.0 Captive Portal Per User Limit is Not Working:
Is it safe to say that this is a bug when upgrading version from 2.4.X into 2.5.0?
No...it's not.
I was a bit worried so I went to the hole process for a test : I did set up a captive portal on pfSense 2.4.5-p1. Enabled a speed limit to 64kbps for one user (using the MAC menu). Then I upgraded my pfSense to 2.5.0
It worked as expected like a charm. on the v2.5.0, the captive portal is correctly slowing down this user. I also checked the ipfw pipes ( the technology behind the captive portal for speed limit) and everything seems fine:
I'm not denying there could be a bug somewhere, but it seems quite unlikely ...
Few things I am considering :- One device changed MAC address (why?)
- A new device went on your network. This device is taking all the bandwidth
- There's an issue with the speed limiter? (through it's honestly quite unlikely...)
Could you confirm (using Diagnostics -> ARP table) that your devices didn't change mac address and that the MACs in your ARP table match MACs in the captive portal configuration?
Also, could you make sure (using Diagnostics -> pfTop) that the device(s) using all the bandwidth is(/are) really connected to the captive portal's interface?
If that's also the case....then could you execute the following commands on the command prompt?
ipfw table all listandipfw pipe list. The first one list connected users, the second one list ongoing speed limits. Could you make sure that the right MAC are displayed, and that the speed limits are correct? -
Hi @free4,
Thank you again for your response, also your testing.
I just found out that ipfw_nat64.ko and ipfw.ko are both missing:
My other pfsense box that have a working Captive Portal Per User Bandwidth Limiter have it:
Is there a way to manually install this missing .ko file?
-
Update on this.
I already found the "ipfw.ko" kernel module. It's not loaded that is why Captive Portal Per User Limit is Not Working.
I tried loading it manually from the terminal. And guess what, my box went down. I had no choice but to fresh install then restore backup config.Its restored now. Also the Per User Bandwidth Limit is now working.
