Captive portal plus filtering



  • Is it possible to make it so that certain users content is filtered and say an admin login is not.  Real world scenerio the employees internet is filtered and the Owners/Management is not.  Can this be done with pfSense?  If so how reliable will the setup be?  At most 15-20 users, 4Mb both ways internet connection, and hardware would be PC PIII 1ghz 256 or 512 ram,2 100Mb nics, 20gig IDE and maybe a wireless Atheros PCI card.  Will the hardware listed be ok for the task?  One other thing that would be nice is to be able to pull a report of usage.

    I must say that the software looks very nice I downloaded a copy and have been playing with it in Virtual enviroment.

    Thanks
    Jason



  • You can setup pass through mac- and/or IP-Adresses. This way you can allow certain hosts to connect to the outside or certain hosts as destination to bypass the captive portal. Your Hardware is way overkill for the bandwidth you list. Actually a WRAP (266 MHz) already can go up to 32 mbit/s.

    To monitor the usage either install one of the monitoring packages or send you systemlogs to a remote syslogserver and/or view your syslogs at status>syslogs for portal authentications.



  • What about the content filtering of the internet?  They are having trouble with people looking at myspace all day and also IM software.

    Thanks
    Jason



  • You need a proxy for that. The Squidpackage was just fixed where you can add blacklists for example. Other (not as effective method) is to do a nslookup for the domains you ant to block and simply add block rules for these destinations. This has been discussed at the forum befor. Please search.



  • I installed the squid package and had no errors on the screen during the install, but it appears to not be working.  The log has numerous errors about squid.  I started with a fresh install of pfSense before installing squid.  I the log said run squid -z but it still does not start.



  • Make sure you are running pfSense RC2 (was released some hours ago) and uninstall the package again. Then reinstall the package. If that doesn't help please post your systemlogs.



  • Ok downloaded RC2 and did a clean install.  I installed the squid package and got the squid -z error still.  I ran the command in the shell and fixed that.  But it still will not run.  Here is system log

    Aug 2 16:20:56 syslogd: kernel boot file is /boot/kernel/kernel
    Aug 2 16:21:05 squid[5511]: Squid Parent: child process 5514 exited due to signal 15
    Aug 2 16:21:06 Squid_Alarm[6268]: Squid has exited. Reconfiguring filter.
    Aug 2 16:21:06 Squid_Alarm[6270]: Attempting restart…
    Aug 2 16:21:06 squid[6273]: Squid Parent: child process 6276 started
    Aug 2 16:21:09 Squid_Alarm[6286]: Reconfiguring filter…
    Aug 2 16:21:12 php: : SQUID is installed but not started. Not installing redirect rules.
    Aug 2 16:21:12 php: : SQUID is installed but not started. Not installing redirect rules.
    Aug 2 16:21:14 squid[6473]: Squid Parent: child process 6475 started
    Aug 2 16:22:42 dhclient: New IP Address (le0): 192.168.3.156
    Aug 2 16:22:42 dhclient: New Subnet Mask (le0): 255.255.255.0
    Aug 2 16:22:43 dhclient: New Broadcast Address (le0): 192.168.3.255
    Aug 2 16:22:43 dhclient: New Routers (le0): 192.168.3.3
    Aug 2 16:22:43 dhclient: /sbin/route add default 192.168.3.3
    Aug 2 16:22:47 php: : Informational: DHClient spawned /etc/rc.newwanip and the new ip is wan - 192.168.3.156.
    Aug 2 16:22:48 php: : Creating rrd update script
    Aug 2 16:22:48 php: : Creating rrd graph index
    Aug 2 16:22:50 php: : SQUID is installed but not started. Not installing redirect rules.
    Aug 2 16:22:50 php: : SQUID is installed but not started. Not installing redirect rules.
    Aug 2 16:23:43 squid[7449]: Squid Parent: child process 7454 started
    Aug 2 16:23:44 (squid): The dnsserver helpers are crashing too rapidly, need help!
    Aug 2 16:23:44 kernel: pid 7454 (squid), uid 62: exited on signal 6

    Thanks
    Jason

    Could I also suggest that maybe when the squid package is installed it makes a tab on the logs page so you can view the squid logs.


Locked