Schedule for Captive Portal



  • Is it possible to limit the captive portal so that wifi is only available during certain hours of the day?  I'm new to pfSense, and have been looking for an option to do this, but I don't want to break something that is currently working trying to figure out how to do this.

    Thanks.



  • You mean that CP login is shown during certain hours and than the interface is not reachble anymore and internet does not work.
    Or have CP only certain hours and after that free wireless for all?



  • @ermal:

    You mean that CP login is shown during certain hours and than the interface is not reachble anymore and internet does not work.
    Or have CP only certain hours and after that free wireless for all?

    I would like to have the CP available only during certain hours, and then have it so no one could access the wifi outside of that time window.



  • If you don't want anyone to access the wifi outside of a time period - setup a time limitation on your access point. Many wireless access points let you schedule shutoff time periods for the wireless radio.

    However, if you want to do it so that someone could get on the wifi only at certain times (connect to the wireless network) but not access anything, you could do it with a couple of little shell scripts and cron entries…

    basically, the disable shell script would add the following ipfw rule

    ipfw add 10 deny log all from any to any

    and the enable shell script would simply delete the previous rule
    ipfw delete 10

    Schedule the disable script to run in cron when you want the portal to be unavailable. Schedule the enable script to run when you want it to be available again.



  • Use the pfsense shedule and put this shedule on the firewall rule on the CP interface.



  • @Nachtfalke:

    Use the pfsense shedule and put this shedule on the firewall rule on the CP interface.

    I suppose that would work as well (and is much simpler)… The pfsense GUI rules are using PF - so my thinking was that adding the ipfw rule would make sure none of the CP ipfw rules are ever executed...



  • Schedule rules can be used to shut down the ability to get to captive portal. No need for hacks, just add a normal firewall rule. We have customers who run coffee shops and similar businesses that don't want people leeching their Internet after hours so it gets cut off on a schedule rule outside of hours they're open.



  • Thanks for the help!  Now a couple more questions.  :o

    Would I make a firewall rule blocking the LAN all the time and then make a firewall rule enabling the LAN and put the schedule into that rule?

    Thanks



  • Rules are processed top down, first match wins. Therefore with those rules you would need the enable rule above the block rule.


Locked