Captive Portal - individual/dynamic rules possible? (bounty inquiry)



  • I may post a bounty if this can work:
    After a username successfully authenticates in the Captive Portal, is it possible to set temporary rules (for bandwidth) on their IP, then remove the temporary rules from that IP when the user logs off or timeout?  Or, perhaps there is a better way to accomplish userid based rules of which I am unaware?
    I wish to control the number of simultaneous logins (on different IPs) per username, auto logging out the oldest IP when exceeded.
    I want the CP to ignore MAC because we use an IP routed network.
    When a user logs in, I wish to obtain values from the user's profile and:
    -Set bandwidth caps for upload and download on their IP.
    -When multiple logins are allowed for a user, set whether to apply bandwidth caps per IP or apply to all of the user's IPs as a group.
    -Ability to allow multiple logins only with specified subnet(s).  For example, I could type this in the user's profile to allow multiple logins within these two Class-C ranges only: "192.168.1.0/24;192.168.20.0/24"
    -Set a time limit that forces an IP to logout after a specified time limit and not allow re-login until a second timeout value expires, and the option to apply this time limit to the userid no matter the IP, or apply the user's timeout separately per IP they are logged in on.
    -log most recent login/logout/password-failure activity to another pc (via syslog server?).
    This should be all we need to do.  Any suggestions appreciated. Thank you, -Pete.



  • develmend off the cp is done by the team from http://m0n0.ch/wall/
    the pfsense team only copy it from monowal to pfsense



  • That is correct.  May want to email the m0n0wall dev list and ask if someone over there is interested in this.



  • Oh, I see.  I'll go check their lists/boards and perhaps post there.  Thanks.


Locked