Captive Portal Non Voucher Blocking

  • Hi All,

    Been working with pfSense for a little bit and thought of an idea which I could use and probably others. Just seeing if anyone has attacked this. I also combed the forms and search results for a while and couldn't find anything, so if it is there I apologize in advance.

    Some places would like a CP don't really want to mess with vouchers but want to limit how long a wifi user is there (think mc donalds, they don't want you taking up a bench if your not buying food).

    One could set the CP to just accept a login (no authenitcation/voucher) but once a timeout (2 hrs for this example) expires they simply log in and are awarded with another two hours. So my question is, is it possible to configure the CP to allow a single 2 hours session and then ban the MAC for a period of time. I would think it would be neat to ban the MAC till the next day (midnight) then flush the MAC ban list. This way a user can only use a single 2 hour block once per day.

    If this isn't done would be interested in implementing it myself (any help welcome) and sharing of course.

  • Usually these implementations use a radius server with mac authentication, coupled with re-authentication!

  • @ermal

    I do understand why they are normally coupled with a radius server. I just don't see why one would need a radius server if no credentials are being authenticated. The aim of this is public consumption (no logins) and no vouchers.

  • Yeah but you can 'implement' authentication with mac-address/ip of the device.