Problem log off of the squid or captive portal



  • First, a salute to the community.
    I am a newbe but I study to what my limits are. I found pfSense from about a week and it was a 24/7 for reading the forum. Il problem is common to many: I have to make some kind of hotspot desktop with 6 desktop + any people with laptops in a public room, stations are free and there is no time limit.

    Setting:
    wan:dhcp
    lan:192.168.0.251
    package: squid+lightsquid+squidguard

    Captive Portal + Squid (transparent) + lightsquid
    everything works but I have a problem 'technical'.
    Turning on popup authentication happens that some customers may eventually go away and do not use the Log Off button in the pop-up or close it by X in the upper right. The next customer, unfortunately … continues to use internet with the username and password above.
    From the PC of the owner can disconnect him from the page pfSense but you can not stay with the all those who go away and check 6 pc!

    If I start homepage of the browser http://mioip:8000, login windows reopen but if the Client2 (just arrived after Client1) puts his password and also enter sailing. Log Client1 is still connected and it never disconnected and then it Client1 Client2 both logged in and that pc. To be in order for this law is very wrong with not knowing who actually is from the log to the PC, Client1 or Client2?

    If I dont use captive portal and I do everything to squid I have to remove the squid in transparent mode and use squid log autentication. It works better because to end the session simply close the browser and restart it, prompting you to login. But the problem is that I enter the proxy in the browser. No problem to do but being no major restrictions on the sites waterways there is always the wise guy who used to install another browser or remove the proxy settings of your browser and ... grrrrrr .. surf without limits and without end on the  log. If I can prevent you from changing the configuration of the browser proxy on 6 pc goes without saying that I can not pretend to impose fixed proxy on laptops.

    We need a firewall rule that would prevent, not squid transparent mode, navigate to non-logged from the same squid. Unfortunately I am not able to construct such a rule and ask for help to solve this problem. Thanks in advance


Locked