Feature #15257
closed
Support using a mask to block MAC addresses in Captive Portal
100%
Description
Blocking a MAC address in pfSense when using a mask is not working. However, if you use the pass option and specify the same mask, it works fine.
So when you add the mac with a mask for example 12:34:56:00:00:00/24 and select block you can still access the captive portal, authenticate and then browse the internet.
When you add the mac with a mask for example 12:34:56:00:00:00/24 and select pass I can browse the internet immediately without having to authenticate against the captive portal, as expected.
When you add a single MAC address without a mask and select block you get redirected to the Blocked MAC address redirect URL. So you know blocking does work but just not when using masks.
Updated by Chris W 9 months ago
- Status changed from New to Confirmed
I can duplicate this on 23.09.1. A MAC address block rule which includes a mask still allows authentication and then access out to the internet. Worth noting that removing the mask does then result in the single MAC address being denied login to the portal.
Updated by Marcos M 9 months ago
- Tracker changed from Bug to Feature
- Subject changed from Captive portal MAC address blocking with mask not working to Support using a mask to block MAC addresses in Captive Portal
- Status changed from Confirmed to Pull Request Review
- Assignee set to Marcos M
- Target version set to 2.8.0
- Plus Target Version set to 24.03
- Affected Version deleted (
2.7.2) - Affected Architecture deleted (
All)
Updated by Marcos M 9 months ago
- Status changed from Pull Request Review to Feedback
- % Done changed from 0 to 100
Applied in changeset 22fe3bd762bd5acd9b5180bab44532889899f754.
Updated by Georgiy Tyutyunnik 8 months ago
Tested on
23.09.1-RELEASE (amd64)
built on Tue Mar 5 21:00:00 UTC 2024
FreeBSD 14.0-CURRENT
patch fixes the issue
Updated by