Project

General

Profile

Actions

Bug #13323

open

Captive Portal breaks policy based routing for mac address bypassed clients after upgrade to 22.05

Added by Axel Taferner about 1 month ago. Updated about 1 month ago.

Status:
Feedback
Priority:
Normal
Category:
Captive Portal
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
22.11
Release Notes:
Default
Affected Version:
Affected Architecture:

Description

Relevant information about my network

LAN segment
VLAN for IoT and wifi devices
WAN1 is used as the default gateway
WAN2 is used as the gateway for devices on the IoT and wifi VLAN
Captive portal is configured on the IoT and wifi VLAN

Here is the issue:
When the captive portal is disabled everything is routed as described above.

But when I enable the captive portal, devices that are allowed to bypass the captive portal via mac address are suddenly routed through the default gateway instead of WAN2.
Only devices that authenticate through the captive portal are still correctly routed over WAN2.


Files

13323.patch (2.36 KB) 13323.patch Marcos M, 07/04/2022 02:05 PM
Actions #1

Updated by Jim Pingle about 1 month ago

  • Assignee set to Kristof Provost
  • Priority changed from High to Normal
  • Target version changed from 22.11 to 2.7.0
Actions #3

Updated by Kristof Provost about 1 month ago

The draft patch wouldn't work, but a similar fix does:

https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/831

Actions #4

Updated by Axel Taferner about 1 month ago

Kristof, the link you posted doesn't work. DNS_PROBE_FINISHED_NXDOMAIN
You probably linked to something internal that's not accessible to the public.

Actions #5

Updated by Kristof Provost about 1 month ago

Yes, that's internal. It'll turn up in the public tree once I find a victim to review it. That's going to take a day or two, because most of the team is celebrating Independence day right now.

Actions #6

Updated by Marcos M about 1 month ago

If you'd like to test it and provide feedback, here's the patch - apply it with the System Patches package.

Actions #7

Updated by Axel Taferner about 1 month ago

I've applied the patch and it fixed the problem for me. Thanks a bunch!

Actions #8

Updated by Kristof Provost about 1 month ago

  • Status changed from New to Feedback
Actions

Also available in: Atom PDF