Project

General

Profile

Actions

Bug #13756

closed

Rules for authenticated Captive Portal users are not removed when a zone is disabled

Added by Steve Wheeler almost 2 years ago. Updated over 1 year ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Captive Portal
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
23.01
Release Notes:
Default
Affected Version:
2.7.0
Affected Architecture:
All

Description

Users that have been authenticated by the captive portal are added as ether pass rules to the 'cpzoneid_X_auth' anchor.

If the captive portal instance is disabled or removed those rules should also be removed but they are not.

That appears to be because the database containing the user list is unlinked before the rule removal function is run:
etc/inc/captiveportal.inc#L407

        /* remove old information */
        unlink_if_exists("{$g['vardb_path']}/captiveportal{$cpzone}.db");
        unlink_if_exists("{$g['vardb_path']}/captiveportal_radius_{$cpzone}.db");
        unlink_if_exists("{$g['vardb_path']}/captiveportal_{$cpzone}.rules");
        /* Release allocated pipes for this zone */
        $pipes_to_remove = captiveportal_free_dnrules();

        captiveportal_delete_rules($pipes_to_remove);

See: https://forum.netgate.com/topic/176400/anchor-rules/

Actions

Also available in: Atom PDF