Use the captive portal in a different way



  • Hello,
    I need some help with my project with pfSense.
    In my company, we authorise only identified computer to connect to the Internet.
    So each time there is a new computer on the network, we ask for the MAC Address and associate an IP in the DHCP.
    Now, I would like to use the Captive Portal to ask people to fill a form.

    When an unidentified computer connects on the network, the DHCP gives it a IP from a special range which is redirect to the Captive Portal.
    So the computer is directly redirected to the Captive Portal.
    In place of the "normal page", there is a form. When, the form is complete, the user click on submit and an email is generated, sent by the server(pfSense) to the network admin (me).

    Do you know if it's possible? I'm a newbie on pfSense and I sucks at programming  :-\

    I already look around and I think it's possible but I would to be sure.
    Some of my friend advice me to use "Swift Mailer", is it possible to use with pfSense?
    Is it possible to detect the MAC Address directly and send it in the mail? It would be easier for the users!

    Thank you,

    Regards,
    Fourm



  • @fourm101:

    Some of my friend advice me to use "Swift Mailer", is it possible to use with pfSense?

    I don't know why swift mailer was recommended. I don't know what it is. I don't know if it can be used with pfSense.

    @fourm101:

    Is it possible to detect the MAC Address directly and send it in the mail? It would be easier for the users!

    I have done only a little bit of PHP. If you use a PHP script with your captive portal form it is very easy to obtain the requestor's IP address. At worst, with a time stamp on form processing it should be possible to look through the pfSense DHCP server and retrieve the appropriate MAC address. Alternatively it should be fairly straighforward in PHP to issue an arp command and pipe the output through grep to get the MAC address associated with the requestor's IP address. (Of course, this won't work if the requestor is "off LAN".) But you could use the Captive Portal Allowed IP addresses tab to allow any access FROM the specified IP address to bypass the portal.
    There is some PHP code in pfSense to talk with a SMTP server.

    Neither Pass-through MAC nor Allowed IP Addresses will form a serious barrier to a well informed hacker.

    I don't what affect adding new Pass-through MAC addresses or Allowed IP addresses will have on existing connections. For example, adding a new address or removing an address MIGHT cause a short disruption to existing connections.



  • You have to code the way out of this.
    The easy way is to have the form in another webServer and you do the enabling of the user manually.

    Otherwise some coding is needed on pfSense CP to enable that.



  • Hi, Im also looking near the same approach.

    I want to allowed everybody using wifi with 'No Authentication' but only after submission of email address.


Log in to reply