Captive portal Allowed hostnames not working (well, not entirely)
-
Running 2.2.2. Have been running pfsense for a long time. Attempting to get connectivitycheck.android.com to answer PREAUTH. I have used the DNS forwarder to bind the response to one IP that I know works. I have, within the captive portal config, set the IP address AND the hostname to be allowed. Yet, it continues to get redirected. And what drives me nuts is other things I created in the past are working just fine.
What am I missing here?
Any help is appreciated!!
-
BTW… Some additional information... I am wondering if something is corrupted... In the Captive portal section, for the new IP address ranges I have added to the "allowed section", they do NOT have the green play icons beside them. Even after a reboot, those icons don't have the play icon. The old rules do. Something makes me think that there is a file corrupted, and anything new is getting hosed and not loaded. Would explain why the old stuff gets passed through, but the new stuff doesn't.
-
That's just a cosmetic issue that's part of this.
https://redmine.pfsense.org/issues/4703are you sure the hostname is resolving as you intend?
-
Nope. One of the first things I checked. I hope I don't have to rebuild everything from scratch. I am going to pull the xml tomorrow and see if I can see anything obvious.
-
Could you get me a copy of your config, or remote access to your system? Can PM me to arrange specifics.
-
That's exceptionally nice of you. I will send you the config tomorrow. I have it so locked down I can't do much from home.
-
cbn: I've been doing my best to elimiate things before sending you a config. I think this is a bug. I don't know how far back it goes, but I am about to start backrev'ing to find out.
I built a brand new server, got the captive portal up and working, and after adding the hostnames and ip addresses as the passthru (as well as setting the dns binding), it isn't working. I suspect you'll find the exact same problem if you attempt to replcate. Nothing in the xml looks odd. Everything in its place.
-
Ok. So, I have nailed down the issue. It is either a bug, or a misunderstanding of how this is supposed to work…
Bottom line: If I place 'anything' in the 'allowed hosts' sections (where you place the names, not the IPs, it does jack crap. Nothing. Once I place those things in 'allowed IP addresses', everything works like it is supposed to. I don't know why, but I have confirmed this across multiple platforms now and on brand new installs.
-
Thanks for tracking that down further.
Check "ipfw zone list" to find your zone number. Mine's 2. Then check all the table contents with "ipfw -x 2 table all list". I have pfsense.org in as an allowed hostname, and correctly get:
ipfw -x 2 table all list ---table(0)--- 0.0.0.0/0 49 ---table(3)--- 208.123.73.69/32 2090 ---table(4)--- 208.123.73.69/32 2091But it's not there after a reboot. Edit and save one of the allowed hostnames and it populates them correctly.
https://redmine.pfsense.org/issues/4746Should work now if you just edit and save one of the entries after booting up. That works for me with one or multiple hostnames.