Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Deleting Duplicate Voucher Login Regardless of Setting

    Scheduled Pinned Locked Moved Captive Portal
    1 Posts 1 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DerelictD
      Derelict LAYER 8 Netgate
      last edited by

      I am running into a problem where I want a voucher to be usable on multiple (read however many use it) computers.

      When I have the following options set, it seems it should do just that:

      • Disable concurrent logins: Unchecked

      • Enable Pass-through MAC automatic additions: Checked

      • Enable Pass-through MAC automatic addition with username: Checked

      With these settings I get log entries such as this:

      logportalauth[43009]: DUPLICATE 123m52xh LOGIN - TERMINATING OLD SESSION: 123m52xh, 01:04:3f:8a:e4:23, 172.21.227.107

      Without the "Enable Pass-through MAC automatic addition with username" option enabled, it works as expected:

      logportalauth[17205]: Voucher login good for 1369 min.: 123m52xh, 04:0c:ce:23:32:34, 172.21.226.25
      logportalauth[17205]: Voucher login good for 1369 min.: 123m52xh, 04:cc:ce:56:ab:11, 172.21.226.36
      logportalauth[17205]: Voucher login good for 1369 min.: 123m52xh, 23:0c:ce:6e:2b:77, 172.21.227.222

      In captiveportal.inc, in function captiveportal_prune_old_automac() I find the following code:

      if (isset($tmpvoucherdb[$emac['username']])) {
              $temac = $config['captiveportal'][$cpzone]['passthrumac'][$tmpvoucherdb[$emac['username']]];
              $ruleno = captiveportal_get_ipfw_passthru_ruleno($temac['mac']);
              $pipeno = captiveportal_get_dn_passthru_ruleno($temac['mac']);
              if ($ruleno) {
                    captiveportal_free_ipfw_ruleno($ruleno);
                    $macrules .= "delete {$ruleno}";
                    ++$ruleno;
                    $macrules .= "delete {$ruleno}";
              }
              if ($pipeno) {
                    captiveportal_free_dn_ruleno($pipeno);
                    $macrules .= "pipe delete {$pipeno}\n";
                    ++$pipeno;
                    $macrules .= "pipe delete {$pipeno}\n";
              }
              $writecfg = true;
              captiveportal_logportalauth($temac['username'], $temac['mac'], $temac['ip'], "DUPLICATE {$temac['username']} LOGIN - TER
      MINATING OLD SESSION");
              unset($config['captiveportal'][$cpzone]['passthrumac'][$tmpvoucherdb[$emac['username']]]);
      }
      

      Shouldn't that also test to be sure "Disable concurrent logins" is set?

      Chattanooga, Tennessee, USA
      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
      Do Not Chat For Help! NO_WAN_EGRESS(TM)

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.