Captive Portal: disconnect user will be blocked

azurata

Hi,
A fresh install of pfSense-memstick-2.2-BETA-amd64-20140919-1449.img and I tested that if a user is disconnected it will be blocked from the captive portal page.

When user with IP 10.0.0.2 and mac xx:xx:xx:xx:xx:xx is disconnected from captive portal, it will not be removed from table 1 and 2, nevertheless the user will be blocked from access the captive portal page.
It is strange the IP showing at table 1 and 2 is 0.0.0.0 and not the correct 10.0.0.2

$ ipfw -x 2 show
65291  0     0 allow pfsync from any to any
65292  0     0 allow carp from any to any
65301  1    46 allow ip from any to any layer2 mac-type 0x0806,0x8035
65302  0     0 allow ip from any to any layer2 mac-type 0x888e,0x88c7
65303  0     0 allow ip from any to any layer2 mac-type 0x8863,0x8864
65307  0     0 deny ip from any to any layer2 not mac-type 0x0800,0x86dd
65310 39  4880 allow ip from any to { 255.255.255.255 or 192.168.0.2 or 10.0.0.1 } in
65311 49 40155 allow ip from { 255.255.255.255 or 192.168.0.2 or 10.0.0.1 } to any out
65312  0     0 allow icmp from { 255.255.255.255 or 192.168.0.2 or 10.0.0.1 } to any out icmptypes 0
65313  0     0 allow icmp from any to { 255.255.255.255 or 192.168.0.2 or 10.0.0.1 } in icmptypes 8
65314  0     0 pipe tablearg ip from table(3) to any in
65315  0     0 pipe tablearg ip from any to table(4) in
65316  0     0 pipe tablearg ip from table(3) to any out
65317  0     0 pipe tablearg ip from any to table(4) out
65318  0     0 pipe tablearg ip from table(1) to any in
65319  0     0 pipe tablearg ip from any to table(2) out
65531  1   169 fwd 127.0.0.1,8003 tcp from any to any dst-port 443 in
65532 33  1712 fwd 127.0.0.1,8002 tcp from any to any dst-port 80 in
65533  8   424 allow tcp from any to any out
65534  2   176 deny ip from any to any
65535  0     0 allow ip from any to any

$ ipfw -x 2 table 1 list
0.0.0.0/32 mac xx:xx:xx:xx:xx:xx 2000

$ ipfw -x 2 table 2 list
0.0.0.0/32 mac xx:xx:xx:xx:xx:xx 2001

amstramgram

Hi,
Just to confirm,
I have the same issue with the 2.2-BETA (amd64) built on Thu Oct 16 18:20:50 CDT 2014 (and older).
The IP showing at table 1 and 2 is 0.0.0.0 and not the correct to.

If i flush table 1 and table 2, with

ipfw -x 2 table 1 flush
ipfw -x 2 table 2 flush

i can reauthenticate a second time but if the user is disconnected, the problem returns

kind regards

amstramgram

Hi,
Tried with or without mac filter and with 2.2-BETA i386 Architecture and have the same issue

manuel.biz

Hello @ all

Same problem here:
2.2-BETA (amd64)
built on Mon Nov 10 02:26:14 CST 2014
FreeBSD 10.1-RC4-p1

Is must have to use 2.2 because it runs an hyper-v.  ::)

First time login works fine.
After disconect no landing page apears.

Sorry for my bad english.

cmb

confirmed, ticket open
https://redmine.pfsense.org/issues/4001