Project

General

Profile

Actions

Bug #13736

closed

Captive Portal service restart needed after MAC bypass

Added by Mike Moore about 2 months ago. Updated about 2 months ago.

Status:
Not a Bug
Priority:
Normal
Assignee:
-
Category:
Captive Portal
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
23.01
Release Notes:
Force Exclusion
Affected Version:
Affected Architecture:

Description

When using either MAC or IP address bypass in Captive Portal for a Guest WLAN setup, when entering a MAC address for example, and allowing it to pass, when the user connects they are never able to browse the internet(or any network). Windows client does show that they are connected but with no Internet. DNS doesnt resolve but the client receives an IP address.
The known solution is to restart the Captive Portal service after each entry that is added or removed.

Not a blocker but there needs to be a warning to the admin that the Captive Portal service needs to be restarted after each addition/deletion of a MAC or IP address that's added.

Perhaps the service can restart after each save? Not sure if this impacts other users currently using CP.

Actions #1

Updated by Mike Moore about 2 months ago

Found perhaps an associated issue with this bug.
Once the clients are added to the whitelist on Captive Portal, Firewall logs will no longer show the IP assigned to the client (via GUI). This can be reproduced. Add an client to the bypass list , restart CP. Check firewall logs and now the clients assigned IP will no longer show up.

Actions #2

Updated by Jim Pingle about 2 months ago

  • Project changed from pfSense Plus to pfSense
  • Category changed from Captive Portal to Captive Portal
  • Status changed from New to Feedback
  • Affected Plus Version deleted (22.05)

Can you try this on a development snapshot? There have been a number of captive portal fixes there after 22.05 and that has most likely already been fixed.

Actions #3

Updated by Mike Moore about 2 months ago

Thanks for the feedback Jim.
Would you happen to have the changelog just for Captive Portal?

Its going to take me sometime to spin up another pf with a devel snapshot.

Actions #4

Updated by Jim Pingle about 2 months ago

Here are a list of specific issues in Captive Portal on 23.01 (most are already resolved):

https://redmine.pfsense.org/projects/pfsense/issues?utf8=%E2%9C%93&set_filter=1&sort=id%3Adesc&f%5B%5D=cf_6&op%5Bcf_6%5D=%3D&v%5Bcf_6%5D%5B%5D=23.01&f%5B%5D=category_id&op%5Bcategory_id%5D=%3D&v%5Bcategory_id%5D%5B%5D=10&f%5B%5D=&c%5B%5D=tracker&c%5B%5D=category&c%5B%5D=status&c%5B%5D=priority&c%5B%5D=subject&c%5B%5D=assigned_to&c%5B%5D=updated_on&group_by=&t%5B%5D=

But there are other changes in the underlying OS/source and base system that are possibly related. The only real way to know for certain is to try it out in your environment.

Actions #5

Updated by Marcos M about 2 months ago

I was not able to reproduce this issue on 23.01. After the MAC was added in Captive Portal, the client was able to access the internet. This is likely related to one of the number of issues resolved since 22.05 - or potentially there's an issue with your environment given your report of https://redmine.pfsense.org/issues/13742.

Actions #6

Updated by Marcos M about 2 months ago

  • Target version set to 2.7.0
  • Plus Target Version set to 23.01
  • Release Notes changed from Default to Force Exclusion
  • Affected Architecture deleted (6100)
Actions #7

Updated by Marcos M about 2 months ago

  • Status changed from Feedback to Not a Bug
Actions

Also available in: Atom PDF