Captive portal manual logout page address



  • @EMWEE:

    @amitaussie:

    I am not using https CP.

    It works on http.

    Guide is on de previous page.
    https://forum.pfsense.org/index.php?topic=77143.msg478165#msg478165

    Hi EMWEE,

    Thanks for your reply.

    I am trying to work this solution on LAN interface, but authentication page is not showing, may be I have settings in Firefox " Do no remember history" I ll change this to normal setting and ll try if it works then…

    Regards

    amitaussie



  • Does your captive portal works without the modifications?

    U should get your AUTHENTICATION page by default. So if that doesnt work your captive portal doesnt work out of the box…or u made a mistake in index.php...what would result in a error in your browser.

    Maby post your complete index.php and captiveportal.inc on pastebin and share in it this topic.



  • Hi EMWEE!

    Client is not able to connect to internet if CP is active on LAN interface in pfSense and url on client shows this:

    http://192.168.100.1:8002/index.php?zone=cpzone1&redirurl=http%3A%2F%2F%2Fhttp%3A%2F%2F%2Fhttp%3A%2F%2F%2Fhttp%3A%2F%2F%2Fhttp%3A%2F%2F%2Fhttp%3A%2F%2F%2Fhttp%3A%2F%2F%2Fhttp%3A%2F%2F%2Fhttp%3A%2F%2F%2Fhttp%3A%2F%2F%2Fhttp%3A%2F%2F%2Fhttp%3A%2F%2F%2Fhttp%3A%2F%2F%2Fhttp%3A%2F%2F%2Fhttp%3A%2F%2F%2Fhttp%3A%2F%2F%2Fhttp%3A%2F%2F%2Fhttp%3A%2F%2F%2Fhttp%3A%2F%2F%2Fhttp%3A

    and gives this message in page - The page isn't redirecting properly

    If I do not make changes in pfSense, CP page is showing for authentication on LAN and pop up for log out is working ok.

    below are the files…

    /etc/inc/captiveportal.inc- http://pastebin.com/BUstXyr1

    /usr/local/captiveportal/index.php- http://pastebin.com/ffj69qAb

    Index.php file is copied from Gertjan's pastebin

    File: /usr/local/captiveportal/index.php : http://pastebin.com/scYuKTyw - index.php

    Thanks and Regards

    amitaussie



  • Do you have a html file with the name "zone"-already-connected.html? (ex. Wifi-already-connected.html)

    If your users have a cookie they are redirected to that page.



  • Hi EMWEE!

    Yes I have uploaded that file in CP using File Manager. File I uploaded is copied from Gertjan's pastebin

    I am using default setting of browsers i.e. firefox. Browser is configure to remember history and accept cookies.

    I do not understand how to users have cookie

    If your users have a cookie they are redirected to that page.

    Thanks & Regards

    amitaussie



  • He (amitaussie) PM'ed me with this:
    CP Tab: file Manager status:

                captiveportal-cpzone1-already-connected.html    984 bytes    delete
                captiveportal-style.css                           2 KB       delete
                         TOTAL                                    3 KB
    

    seems good to me.

    I'm put in place his 
    /etc/inc/captiveportal.inc- http://pastebin.com/BUstXyr1
    /usr/local/captiveportal/index.php- http://pastebin.com/ffj69qAb

    on my pfsense - and report back.

    edit.
    Ok, found something - your /usr/local/captiveportal/index.php is nearly ok.
    This : http://pastebin.com/ffj69qAb when I upload it to my server, produces a file coded in "UNIX - UTF 8 w/o BOM".
    Should be "UNIX ANSI."

    Your http://pastebin.com/ffj69qAb does not popup the portal page for me.
    I rebuild http://pastebin.com/scYuKTyw - /usr/local/captiveportal/index.php - entire file - version 2015-02-06 : I took an original "index.php from https://github.com/pfsense/pfsense/blob/RELENG_2_2/usr/local/captiveportal/index.php [ PfSense 2.2 Release ] - added my 2 mods - tested on my pfSense and stored on pastbin.org :: http://pastebin.com/scYuKTyw ]

    Btw: I found out that when coping back the files from pastebin.org to my text editor it converted ther char encoding "UNIX UTF w/o BOM" (there are some nasty non-pure ASCI chars in the file).
    Saving the file (example: index.php) in this format will 'explode' the pfSense web server.
    ALWAYS check you code page : often this info is visible at the bottom of your text editor (Notepad++, or far better : UltraEdit)



  • Hi Gertjan!

    Thank you very much for your effort.

    I ll check it tomorrow and revert back.

    Thanks & Regards

    amitaussie



  • So today i had some free time on the box to test the IP/MAC solution and i cant get it to work. When i revisit the portal page i do get the "already_connected.html" page. But when i press my logout button nothing happends. They only diffrent i can spot is that it doesnt show my #PORTAL_SESSION# string. So i guess thats why i cant logout.

    Here is my code:

    #function already_connected($clientip, $clientmac) {
    global $cpzone;
    
    if (($clientip != "") && ($clientmac != "")) {
    $query = "WHERE ip = '{$clientip}' AND mac = '{$clientmac}'";
    $cpdb = captiveportal_read_db($query);
    /* Lookup the $sessionid */
    foreach ($cpdb as $cpentry) {
    	if (($cpentry[2] == $clientip) && ($cpentry[3] == $clientmac))
    return $cpentry[5];
    	}
     return false;
    	} else
    return false;
    }
    

    So this part works…since i get redirected to the already_connected page.

    function portal_reply_page($redirurl, $type = null, $message = null, $clientmac = null, $clientip = null, $username = null, $password = null) {
            global $g, $config, $cpzone;
    
            /* Get captive portal layout */
            if ($type == "redir") {
                    header("Location: {$redirurl}");
                    return;
            } else if ($type == "login")
                    $htmltext = get_include_contents("{$g['varetc_path']}/captiveportal_{$cpzone}.html");
            else if ($type == "already_connected")
            {
                  #  $sessionid = $_COOKIE['cookie_portal'];
                    $htmltext = get_include_contents("{$g['captiveportal_path']}/captiveportal-{$cpzone}-already-connected.html");
    $htmltext = str_replace("\$PORTAL_SESSION\$", htmlspecialchars($sessionid), $htmltext);
     $htmltext = str_replace("#PORTAL_SESSION#", htmlspecialchars($sessionid), $htmltext);
    

    I guess here is something wrong with the str_replace…but i cant figure it out.

    I have this on bottom of index.php

    else if (already_connected($clientip, $clientmac)) {
    	/* display already connected page */
    	portal_reply_page($redirurl, "already_connected",null,$clientmac,$clientip);
    

    This looks fine by me since i do get redirected.

    And finally, the main part of my zone-already-connected.html:

    
    <form method="post"  ="" action="#PORTAL_ACTION#">
    								<a>IP:</a> <a_curs>#CLIENT_IP#</a_curs>
    
                                    <a>MAC:</a> <a_curs>#CLIENT_MAC#</a_curs>
    
                                    <a>Session:</a> <a_curs>#PORTAL_SESSION#</a_curs>
    
                                      </form>
    
    

    So i dont see any session ID after Session. When i use cookies this works fine. Does this have anything do to with RADIUS (im using RADIUS).

    Or am i missing some part where i need to set sessionid as cpentry[5] in the portal_reply_function?

    Something like this:

            else if ($type == "already_connected")
    	$sessionid = $cpentry[5];
                    $htmltext = get_include_contents("{$g['captiveportal_path']}/captiveportal-{$cpzone}-already-connected.html");
    	$htmltext = str_replace("\$PORTAL_SESSION\$", htmlspecialchars($sessionid), $htmltext);
        $htmltext = str_replace("#PORTAL_SESSION#", htmlspecialchars($sessionid), $htmltext);
    


  • Ok, I understand why you return " $cpentry[5];" in stead of "true":

    function already_connected($clientip, $clientmac) {
    	global $cpzone;
    
    	if (($clientip != "") && ($clientmac != "")) {
    		$query = "WHERE ip = '{$clientip}' AND mac = '{$clientmac}'";
    		$cpdb = captiveportal_read_db($query);
    		foreach ($cpdb as $cpentry) {
    		if (($cpentry[2] == $clientip) && ($cpentry[3] == $clientmac))
    			return $cpentry[5];
    		}
    	}
    	return false;
    }
    

    But, here:

    ....
            else if ($type == "already_connected")
    	$sessionid = $cpentry[5];
    ...
    
    

    Danger : (in function portal_reply_page) : "$cpentry[5]" is unknown there, so it is an empty string == "" == nothing.

    Just look it up, by now you know for sure it exists:

    .....
            else if ($type == "already_connected")
            $sessionid = already_connected($clientip, $clientmac);
    .....
    
    

    After  that, you don't have to do this:

    ....
    $htmltext = str_replace("\$PORTAL_SESSION\$", htmlspecialchars($sessionid), $htmltext);
     $htmltext = str_replace("#PORTAL_SESSION#", htmlspecialchars($sessionid), $htmltext);
    ....
    

    Because its done a couple of line farther along already.

    Check out http://pastebin.com/piamkhNB - line 35 and 45  :D



  • Thanks again for ur fast reply GertJan  :D.

    No wonder that i didnt see a sessionsid when the string was empty. I didnt know it would be unknown at that function.

    So ur solution would fix that problem. Thanks again!



  • Hi Gertjan!

    I have made changes to both files /etc/inc/captiveportal.inc and /usr/local/captiveportal/index.php and these are in UNIX /ANSI encapsulation now. I am using index.php file from your pastebin.

    After using these files now I am able to get CP login page but when I enter login name and password, browser is redirected to an error page and not able to access internet:
    "Fatal error: Call to undefined function sqlite_escape_string() in /etc/inc/captiveportal.inc on line 2057 "

    If I manually disable this line 2057 in captiveportal.inc then browser is redirected to "log out page" but again I am not able to browse internet and if I open  any new page/tab, browser is redirected to this "log out page" but anycase internet is not accessible. If I click logout button, available on the "log out page", then I am redirected to a page:
    "You have been disconnected. Failed setsockoptFailed setsockopt"

    In this post at page no-1 you have mentioned 3 changes in captiveportal.inc file but at no-3, about a change in a function in captiveportal.inc file I am confused:

    1. Replace the entire function portal_allow(…) with this one : http://pastebin.com/jDHVaNwf (actually, I just added nearly at the bottom one line:
      setcookie("cookie_portal", $sessionid);

    I copied this whole function from your pastebin and applied in my file but I am not able to find the change you mentioned:- setcookie("cookie_portal", $sessionid);

    I think my captiveportal.inc file is not ok, so I am getting these errors, can you please upload your entire captivelportal.inc file so that I can use that file and see if it works for me or any other idea?

    Thanks & Regards

    amitaussie



  • if ($writecfg == true)
                        write_config();
    
                $timeout = 0;
                if (!empty($config['captiveportal'][$cpzone]['timeout']) && is_numeric($config['captiveportal'][$cpzone]['timeout'])) {
                        $timeout = time() + $config['captiveportal'][$cpzone]['timeout'] * 60;
                        setcookie("cookie_portal", $sessionid, $timeout);
                } else
                        setcookie("cookie_portal", $sessionid, $timeout);   
    ```Line 2086 in http://pastebin.com/BUstXyr1\. Thats where the cookie is set. The other 2 changes are the functions: already_connected and portal_reply_page
    
    What i didnt find in this topic is what version of pfSense are you using? I tried GertJan's code for 2.1.5 at first and when i got that working i tried to copy it to a 2.2 box…it didnt worked. I just replaced the function by hand in the original captiveportal.inc and index.php files instead of replacing the whole file. Maby you can try that.
    
    Post your captiveportal.inc again to see whats wrong.


  • Hi Gertjan & EMWEE!

    At last I got it working…..

    Problem was the 3rd change in captiveportal.inc file.

    1. Replace the entire function portal_allow(…) with this one : http://pastebin.com/jDHVaNwf (actually, I just added nearly at the bottom one line:

    setcookie("cookie_portal", $sessionid);

    If I copy entire mentioned 3rd function from Gertjan's http://pastebin.com/jDHVaNwf then it is giving that error
    "Fatal error: Call to undefined function sqlite_escape_string() in /etc/inc/captiveportal.inc"
    I copied first 2 functions entirely from Gertjan's pastebin but in last 3rd function I added a line as suggested by gertjan "setcookie("cookie_portal", $sessionid);" in function portal_allow(…) after line...(as told by Gertjan earlier. so do not copy 3rd function entirely from pastebin)

    if ($writecfg == true)
    write_config();
    setcookie("cookie_portal", $sessionid);

    CP page is showing and "log out page" some times appears and some time not but I can recall "log out page" by entering address "192.168.100.1:8002" in url anytime and it also gets disconnected if hit logout button so its working.
    Only 1 problem is left "log out page" gets redirected after entering user name and password so it does not appear always as it should. I have also updated my pastebin files.
    /etc/inc/captiveportal.inc- http://pastebin.com/BUstXyr1
    /usr/local/captiveportal/index.php- http://pastebin.com/ffj69qAb

    But at last great work and great support…..

    Thanks & Regards

    amitaussie



  • 
            $timeout = 0;
            if (!empty($config['captiveportal'][$cpzone]['timeout']) && is_numeric($config['captiveportal'][$cpzone]['timeout'])) {
                    $timeout = time() + $config['captiveportal'][$cpzone]['timeout'] * 60;
                    setcookie("cookie_portal", $sessionid, $timeout);
            } else
                    setcookie("cookie_portal", $sessionid, $timeout); 
    

    Dont know if this works…i only have

    setcookie("cookie_portal", $sessionid)
    

    "log out page" some times appears and some time not

    It should give you a logout page when u revisit 192.168.100.1:8002 and when u have a cookie.

    So no cookie = no logout.

    But I can recall "log out page" by entering address "192.168.100.1:8002" in url anytime and it also gets disconnected if hit logout button so its working.

    This is the opposit of what you stated above….

    Only 1 problem is left "log out page" gets redirected after entering user name and password so it does not appear always as it should.

    So your logout page shows up right after u logged in?



  • "log out page" some times appears and some time not

    By this I want to say that after log in via CP, log out page does not appear as it should, rather I am redirected to intended site. Like if I start to use internet and want to browse google, CP page comes in, I log in , now log out page should appear but it does not, I am redirected to google site and when I need to log out I has to recall log out page. but sometimes I dont get redirected to intended site instead log out page remains.
    cookies are enabled in my browser by default. but log out page should come if cookies are disabled too. is int it?

    Thanks & Regards
    amitaussie



  • @amitaussie:

    By this I want to say that after log in via CP, log out page does not appear as it should, rather I am redirected to intended site.

    This is ok and normal.

    That's why I tell about it on my login page -

    Btw: as said before, the original patches were valid for 2.1.5.
    To make them work on 2.2 you just can't copy entire functions drom (my) pastbin.org - you should have putting in the replacements. The is because other stuff changed also, remember 2.1.5 is not 2.2 - many lines have changed.
    By putting in 2.1.5 functions, you downgraded your 2.2 - and that can give strange results, or worse.
    I should have post diff files on pastebin - or files for each version.

    @amitaussie:

    ….
    cookies are enabled in my browser by default. but log out page should come if cookies are disabled too. is int it?

    Not possible.
    No cookie = logout page can't pop up.
    Just check the code yourself : the cookie has to be found.
    The cookie contains your sessionid
    The sessionsid is looked up in the users database.
    If its found, a logout page is produced and you can see it.

    Btw: IF your are logged in - and you accept cookies, the visiting this page 192.168.100.1:8002 (on your pfSEnse box) will produce the logout page.

    This:

            $timeout = 0;
            if (!empty($config['captiveportal'][$cpzone]['timeout']) && is_numeric($config['captiveportal'][$cpzone]['timeout'])) {
                    $timeout = time() + $config['captiveportal'][$cpzone]['timeout'] * 60;
                    setcookie("cookie_portal", $sessionid, $timeout);
            } else
                    setcookie("cookie_portal", $sessionid, $timeout); 
    
    

    is the nearly same thing as this:

    setcookie("cookie_portal", $sessionid, 0);
    

    The difference is that I test first if a hard timeout is set on the portal interface (in minutes).
    If it exists, its used to set the max live of the cookie, because, the user will be disconnected after that time. No need to keep the cookie alive after that. It will die by itself.
    If the hard timeout isn't set, then a normal

    setcookie("cookie_portal", $sessionid, 0);
    

    will be used, which is the same as:

    setcookie("cookie_portal", $sessionid);
    

    Anyway, since I discovered that CNA is bugging all this severely, I'm still trying to mix up "IP/MAC and cookie" logout …. works is still in progress.



  • Hi Gertjan!

    Thanks for the explanation.

    It would be better if it can work on 2.2 too.

    Thanks & Regards!

    amitaussie



  • It does work on 2.2. Just do the same thing. But dont copy the whole files…just insert the needed parts.

    If you want to be redirected to the logout page right after you logged in you can simply enter the redirected url in the GUI.

    I use this to be redirected to the coporate website.



  • Hi!

    Yes, it is working in 2.2!

    But I found a problem I dont know if I am right?

    I am browsing internet after log in via CP login page, I want to log out, I recall log out page 192.168.100.1:8002, it comes,  but if I close the browser without logging out and later on when I try to log out by recalling log out page, I am redirected to CP Login page and after entering credentials then only I am redirected to log out page.

    Problem is if I am already logged in and I want to log out by recalling 192.168.100.1:8002, then log out page should come, not CP log in page. isnt it?



  • @amitaussie:

    I am browsing internet after log in via CP login page, I want to log out, I recall log out page 192.168.100.1:8002, it comes,  but if I close the browser without logging out and later on when I try to log out by recalling log out page, I am redirected to CP Login page and after entering credentials then only I am redirected to log out page.

    This is by design  ;)
    I already talked about setcookie() and how the browser handles cookies.
    Read again: http://php.net/manual/en/function.setcookie.php
    And this time, see what the THIRD parameter does: expire.

    Remember :

    setcookie("cookie_portal", $sessionid);
    

    is the same thing as

    setcookie("cookie_portal", $sessionid, 0);
    

    What you described in your question:

    The time the cookie expires. This is a Unix timestamp so is in number of seconds since the epoch. In other words, you'll most likely set this with the time() function plus the number of seconds before you want it to expire. Or you might use mktime(). time()+606024*30 will set the cookie to expire in 30 days. If set to 0, or omitted, the cookie will expire at the end of the session (when the browser closes).

    So => closing browser == cookie destroyed == no more log out page.
    This means you have to walk through the login again to get a cookie to be able to logout.
    Exactly as you found out.

    A solution might:

    setcookie("cookie_portal", $sessionid, time()+strtotime("+1 day"));
    

    This cookie will be persistent for one day.



  • Hi Gertjan!

    This solution is perfect now, I hope! working great in 2.2!

    setcookie("cookie_portal", $sessionid, time()+strtotime("+1 day"));

    For one day it is ok.
    Testing it further to see if there's anything to improve (hopefully nothing :))

    Thanks & Regards



  • @amitaussie:

    ….
    Testing it further to see if there's anything to improve (hopefully nothing :))

    Ok, good.
    I conclude that you do not use any smartphones like Androids en iDevices (iPhone, iPads) on your portal network ?
    Because they use CNA 'navigator' which will discard the cookie on login …..
    This means that, as you said already, people have to re-login with their 'real' browser to get a cookie - to be able to log out ....



  • Hi!

    Well…

    People do use smartphones to browse internet in my network. So you mean to say they won't be able to access log out page...oh! ok. If it can be solved then its great! Otherwise not a big issue as everyone uses his own smartphone etc. and if they are not served a log out page.

    Thanks & Regards!


  • Banned

    @amitaussie:

    So you mean to say they won't be able to access log out page…oh! ok. If it can be solved then its great! Otherwise not a big issue as everyone uses his own smartphone etc. and if they are not served a log out page.

    No, no, no… you misunderstood that issue. They will be logged out as soon as they've logged in via the crippled CNA "browser". They need to use their real browser to log in if they want to continue browsing.



  • Hi!

    oh ! Is this CNA browser feature offered by Apple IOS only ? As I have checked with my Samsung mobile, i am offered my CP login page and after log in, I am able to browse and recall log out page. Its working in Samsung mobile.

    Do i have to install any other browser in Apple devices to bypass this CNA feature, like chrome etc.?

    Thanks & Regards!

    amitaussie


  • Banned

    @amitaussie:

    Do i have to install any other browser in Apple devices to bypass this CNA feature, like chrome etc.?

    Will not help. The only way to avoid this junk is to avoid CP detection altogether.



  • No, no, no… you misunderstood that issue. They will be logged out as soon as they've logged in via the crippled CNA "browser". They need to use their real browser to log in if they want to continue browsing.

    When i login via CNA everything works fine. I just use the less secure IP/MAC solution.


  • Banned

    @EMWEE:

    I just use the less secure IP/MAC solution.

    Yeah, so what exactly does this have to do with the manual logout page?



  • @doktornotor:

    No, no, no… you misunderstood that issue. They will be logged out as soon as they've logged in via the crippled CNA "browser". They need to use their real browser to log in if they want to continue browsing.

    They won't be logout…they r just not getting the cookie (or am I missing something). So I use the IP/MACso users can use CNA or browser.


  • Banned

    This entire thread has been discussing how to log out people by using a cookie. So yeah, you can use CNA just fine if you not using logout, just don't get why are you discussing this on a CP manual logout thread…



  • @doktornotor:

    This entire thread has been discussing how to log out people by using a cookie. So yeah, you can use CNA just fine if you not using logout, just don't get why are you discussing this on a CP manual logout thread…

    No its not. It been discussed using IP/MAC too at the first page..and this does work with CNA.  Im just stating this since the cookie solution is troublesome for phones/tablets.



  • doktornotor, you joined in with the "cookie issue with CNA"  which, by the way, destroyed half the fun, not because it was true but because I thought it was working good, or all prove was there that it wasn't  ;) CNA f*cked that up.
    It was lsense, who told use that he uses cookies https://forum.pfsense.org/index.php?topic=77143.msg421812#msg421812
    I wasn't doing so, before. I used a lookup with IP and MAC which I found secure enough because my portal uses https. (But, for some reason, it seems to me that most of us don't)

    Anyway, who cares  :D

    Maybe I should write-up a cookie+(MAC/IP) …. but what I realy need it the answer to his first:
    https://forum.pfsense.org/index.php?topic=77143.msg478165#msg478165
    Last "Btw":
    @lsense:

    modify capture of 1.1.1.1 in ipfw : it gets always redirected, even if authenticated

    "Could you detail this please ? What is de ipfw rule ? Injected where ?"
    (Ok, I know where, but what ipfw rule ? I'm an iptables man)

    I'd like to know how to make a short simple easy-to-remember logout URL, like "logme.out" or even "logout" that get redirected to the captive portal web server.
    Any ideas ?

    Byw: It's easy to circumvent the CNA login culprit.
    Just connect to the Wifi network.
    The CNA pops up.
    Shut it down ! (iDevice: hit de home button).
    Open the real browser, like Safari or whatever you have on your iDevice.
    Login.
    The cookie will be there.
    Tested and works every time on an iDevice.



  • I use a NAT rule: IP of CP port 80 redirect to 8002.

    And a DNS record: logout.me with ip of the CP.

    I bet Isense redirect 1.1.1.1 to CP IP:800x



  • Hi!

    Its working for last more than 24 hours, squid3+transparent proxy+ SSL bump+ squidguard + CP Logout page, no glitches, restarted, everything is working flawless, checked on pcs and mobiles. Everything seems Ok! ;D

    Thanks & Regards!

    amitaussie



  • Hi! All
    I have the same problem
    I want to logout manual
    Please help me step by step.

    Thank



  • See the first pagr on this topic.



  • thank you …



  • @Gertjan:

    Last "Btw":
    @lsense:

    modify capture of 1.1.1.1 in ipfw : it gets always redirected, even if authenticated

    "Could you detail this please ? What is de ipfw rule ? Injected where ?"
    (Ok, I know where, but what ipfw rule ? I'm an iptables man)

    sorry for the timed out reply, I report it here just for reference.
    search for the comment  "Authenticated users rules" in /etc/inc/captiveportal.inc and put those two lines in:

    
    	/* Authenticated users rules. */
    	$cprules .= "add {$rulenum} fwd 127.0.0.1,{$listenporthttp} tcp from any to 1.1.1.1 in\n";
    	$rulenum++;
    	$cprules .= "add {$rulenum} pipe tablearg ip from table(1) to any in\n";
    	$rulenum++;
    	$cprules .= "add {$rulenum} pipe tablearg ip from any to table(2) out\n";
    	$rulenum++;
    
    


  • @Gertjan
    The cookie solution has another disadvantage. If user uses more than one browser in the same session he could logout only with the original login browser. The other one doesn't know the cookie. For me a IP/MAC solution is secure enough. Spoofing the HTTP REMOTE_ADDR is not that easy. You need a proxy server for this. And what is the risk? The effort is high for what? Log-out another user from your hotel network.

    Working with IP address has another advantage. I use "daloradius" to manage my radius database. In daloradius is a logout functionality which isn't working with Pfsense. Psense hasn't the api of PoD (Package of Disconnect) nor CoA (Change of Authorization). With IP logout I could extend "index.php" with two parameters IP & MAC. With this I could call the logout window and I would be able to disconnect a user from daloradius.

    Do we have to patch pfsense always or is there a plan to replace current logout windows in the official Pfsense version? Who is responsible for captiveportal?


  • Rebel Alliance Developer Netgate

    Unrelated to this thread, we committed a change to 2.3 this week to switch index.php to a logout page if you reload the portal URL.

    https://github.com/pfsense/pfsense/commit/d2ecbddc79a9b67cae52fca6cd3b7bebd758b047

    Be sure to read the note on the commit.


Log in to reply