Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Captive Portal redirect traffic to squid after auth

    Scheduled Pinned Locked Moved Captive Portal
    8 Posts 3 Posters 3.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      Dizzy_Read
      last edited by

      Hi!

      Need help!

      We have PS 2.2.3-RELEASE (amd64)  Squid3 0.2.8.

      Captive portal (with Radius auth), squid (with Captive portal auth). We need logging users activity (now squid normaly log users names via CP auth).

      CP work fine, users can logon, manualy set squid as proxy in browser, internet work fine  :-X

      BUT, i need auto redirect all traffic (http, https ) after user logon via CP to squid (3128) …

      I try "Patch captive portal" in squid - not working ? or not for this ? ((( try make NAT rule - work is horror (((

      Squid transparent mode = NO, we need logging and make reports by every users, WPAD = NO, we have some vips with MAC pass CP ...

      Plaese, help!!!

      Tnx

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        As answered zillion times before: This will NOT work.

        1 Reply Last reply Reply Quote 0
        • GertjanG
          Gertjan
          last edited by

          Hi,
          Before doing this:
          @Dizzy_Read:

          I try "Patch captive portal" in squid - not working ? or not for this ? ((( try make NAT rule - work is horror (((

          checkout /etc/inc/captiveportal.inc
          After 'patching', checkout /etc/inc/captiveportal.inc again.
          Compare.
          Conclude that the 'patch' totally 'destroyed' the file, so understand that "Squid" will break the captive portal.

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          1 Reply Last reply Reply Quote 0
          • D
            Dizzy_Read
            last edited by

            Hi!

            my captiveporal.ini in attach

            I see only this mod by squid ?

            $ips = "{ 255.255.255.255 or {$ips} }";
            $cprules .= "add {$rulenum} skipto 65314 ip from any to {$ips} 3128 in\n";
            $cprules .= "add {$rulenum} skipto 65314 ip from {$ips} 3128 to any out\n";
            $cprules .= "add {$rulenum} pass ip from any to {$ips} in\n";

            Any ideas ? (((( or way to log and simply report users Internet access via CP ?

            captiveportal_inc.txt

            1 Reply Last reply Reply Quote 0
            • GertjanG
              Gertjan
              last edited by

              Comparing what to what ?

              I consider that this is the base : https://github.com/pfsense/pfsense/blob/master/etc/inc/captiveportal.inc which is, according to https://github.com/pfsense/pfsense/commits/master/etc/inc/captiveportal.inc THE clean pfSense 2.2.3 file version. All other version are outdated at least, totally not supported** at best.
              2376 llines.
              Your file is smaller !! (2248 lines)

              ** not that one body wants to help you, but because no one remembers the bugs from back then ….  ;)

              No "help me" PM's please. Use the forum, the community will thank you.
              Edit : and where are the logs ??

              1 Reply Last reply Reply Quote 0
              • D
                doktornotor Banned
                last edited by

                @Gertjan:

                Your file is smaller !! (2248 lines)

                You need to look at the RELENG_2_2 branch (2246 lines). Regardless, this whole thread is just huge WTF.

                BUT, i need auto redirect all traffic (http, https ) after user logon via CP to squid (3128) …

                Why on earth don't you make the proxy transparent? That's what transparent does. Automatically redirect all the traffic.

                1 Reply Last reply Reply Quote 0
                • D
                  Dizzy_Read
                  last edited by

                  Why on earth don't you make the proxy transparent? That's what transparent does. Automatically redirect all the traffic.

                  transparent squid forward only OR 80 (HTTP) … its 1-st

                  2-nd Squid transparent mode = NO, we need logging and make reports by every users,

                  1 Reply Last reply Reply Quote 0
                  • D
                    doktornotor Banned
                    last edited by

                    Good luck.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.