• Hi,

    Does it exist a way to bulk adding local users from, say a csv file? Has anybody made a script for this purpose…?

    If I enable the captive portal feature, can I have logs or status info which links authenticated users to IP or MAC addresses?



  • Hi again,

    Is the answer no and no to these two questions, or can someony confirm / deny atleast the last one.  I'm very interested in knowing if it is possible to get a given cp user's IP address…

    Thanks anyway ,-)


  • No, there is no import script for this. When dealing with a larger amont of users you probably want to use a radius server.

    You get some details about CP logins at status>systemlogs, portal auth.

  • Hoba,

    Unfortunately my pfsense box is in production, so currently I cannot check which captive portal data I will find in the system logs.

    Thanks a lot if you or someone else who is using captive portal would be willing to give me a few details on which properties in addition to the username I will find in these logs.  If possible a screenshot would be fine.

    I'm particulary interested in if the user's IP or MAC address is associated with the username, or if there are other logs where I can find an association between username and workstation data (netbios name and network addresses).

    Thanks again for feedback on this



  • You get something like the following:

    Mar 13 18:03:44 logportalauth[11031]: LOGIN: hotspot, 00:13:ce:ef:99:d6,
    Mar 13 00:59:26 logportalauth[34493]: TIMEOUT: hotspot, 00:19:7d:48:7d:1f,
    Mar 13 00:42:15 logportalauth[33190]: TIMEOUT: hotspot, 00:13:ce:ef:99:d6,
    Mar 13 00:26:09 logportalauth[31937]: TIMEOUT: hotspot, 00:13:ce:8b:8f:58,
    Mar 12 20:19:15 logportalauth[12302]: LOGIN: hotspot, 00:19:7d:48:7d:1f,
    Mar 12 20:18:49 logportalauth[12219]: FAILURE: hotspor, 00:19:7d:48:7d:1f,
    Mar 12 20:13:48 logportalauth[11842]: CONCURRENT LOGIN - REUSING OLD SESSION: hotspot, 00:13:ce:8b:8f:58,
    Mar 12 20:13:38 logportalauth[11842]: LOGIN: hotspot, 00:13:ce:8b:8f:58,
    Mar 12 20:13:22 logportalauth[11759]: FAILURE: HotSpot, 00:13:ce:8b:8f:58,
    Mar 12 20:12:58 logportalauth[11745]: FAILURE: Hotspot, 00:13:ce:8b:8f:58,
    Mar 12 20:12:42 logportalauth[11727]: CONCURRENT LOGIN - REUSING OLD SESSION: hotspot, 00:13:ce:8b:8f:58,
    Mar 12 20:12:32 logportalauth[11727]: LOGIN: hotspot, 00:13:ce:8b:8f:58,
    Mar 12 20:11:19 logportalauth[11580]: LOGIN: hotspot, 00:13:ce:8b:8f:58,
    Mar 12 18:06:56 logportalauth[2189]: LOGIN: hotspot, 00:13:ce:ef:99:d6,

  • Thanks a lot, hoba.  Just what I needed to see.

    The integers inside the brackets are those the actual usernames or isn't there any association to the name of the account is this log?

    If I would like to add the workstation's NetBIOS name at the end of the log line, does this have to be done in monowall or can this be done in pfsense..?



  • "hotspot" is actually the username of the user who is logging on. It's a Hotelinstallation that uses 1 User for all guests, just to prevent people from the street using their WLAN. Additionally you see the MACadress and the IP of the machine that logs in. Together with the DHCP leases/logs you can associate them to machine names, at least if the client registered with it's hostname when grabbing the lease.

  • Excellent!

    Just as the frosting on the cake, can anyone here give me some clues on where to look / what to do to associate the NetBIOS name with the IP/MAC address in the CP logfile just as it is done in the DHCP leases / ARP table?



  • I can tell you to look in /var/log/portalauth…its a good starting point