Actions
Bug #3801
closed
Captive Portal on 2.2 does not pass through logged-in users
Start date:
08/11/2014
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.2
Affected Architecture:
All
Description
Users are redirected to the portal, the logins succeed, they show up in the online user list and in the ipfw tables for the zone but the user traffic is still redirected back to the portal no matter what.
Tried with and without MAC filtering, same issue both ways.
Table entries showing the client in the online users:
[2.2-ALPHA][root@pfs22]/root(9): ipfw -x 2 table 1 list 192.168.1.100/32 mac 00:0c:29:18:54:78 2000 [2.2-ALPHA][root@pfs22]/root(10): ipfw -x 2 table 2 list 192.168.1.100/32 mac 00:0c:29:18:54:78 2001
First run of the ipfw show output for the zone:
[2.2-ALPHA][root@pfs22]/root(11): ipfw -x 2 show
65291 0 0 allow pfsync from any to any
65292 0 0 allow carp from any to any
65301 6 222 allow ip from any to any layer2 mac-type 0x0806,0x8035
65302 0 0 allow ip from any to any layer2 mac-type 0x888e,0x88c7
65303 0 0 allow ip from any to any layer2 mac-type 0x8863,0x8864
65307 0 0 deny ip from any to any layer2 not mac-type 0x0800,0x86dd
65310 118 12038 allow ip from any to { 255.255.255.255 or 192.168.1.1 } in
65311 108 36634 allow ip from { 255.255.255.255 or 192.168.1.1 } to any out
65312 0 0 allow icmp from { 255.255.255.255 or 192.168.1.1 } to any out icmptypes 0
65313 0 0 allow icmp from any to { 255.255.255.255 or 192.168.1.1 } in icmptypes 8
65314 0 0 pipe tablearg ip from table(3) to any in
65315 0 0 pipe tablearg ip from any to table(4) in
65316 0 0 pipe tablearg ip from table(3) to any out
65317 0 0 pipe tablearg ip from any to table(4) out
65318 0 0 pipe tablearg ip from table(1) to any in
65319 0 0 pipe tablearg ip from any to table(2) out
65532 54 5416 fwd 127.0.0.1,8002 tcp from any to any dst-port 80 in
65533 45 6589 allow tcp from any to any out
65534 255 18764 deny ip from any to any
65535 0 0 allow ip from any to any
Second run to show the user is still hitting the fwd rule and not the table rule.
[2.2-ALPHA][root@pfs22]/root(14): ipfw -x 2 show
65291 0 0 allow pfsync from any to any
65292 0 0 allow carp from any to any
65301 8 296 allow ip from any to any layer2 mac-type 0x0806,0x8035
65302 0 0 allow ip from any to any layer2 mac-type 0x888e,0x88c7
65303 0 0 allow ip from any to any layer2 mac-type 0x8863,0x8864
65307 0 0 deny ip from any to any layer2 not mac-type 0x0800,0x86dd
65310 133 13562 allow ip from any to { 255.255.255.255 or 192.168.1.1 } in
65311 121 41793 allow ip from { 255.255.255.255 or 192.168.1.1 } to any out
65312 0 0 allow icmp from { 255.255.255.255 or 192.168.1.1 } to any out icmptypes 0
65313 0 0 allow icmp from any to { 255.255.255.255 or 192.168.1.1 } in icmptypes 8
65314 0 0 pipe tablearg ip from table(3) to any in
65315 0 0 pipe tablearg ip from any to table(4) in
65316 0 0 pipe tablearg ip from table(3) to any out
65317 0 0 pipe tablearg ip from any to table(4) out
65318 0 0 pipe tablearg ip from table(1) to any in
65319 0 0 pipe tablearg ip from any to table(2) out
65532 60 6093 fwd 127.0.0.1,8002 tcp from any to any dst-port 80 in
65533 50 7290 allow tcp from any to any out
65534 315 22640 deny ip from any to any
65535 0 0 allow ip from any to any
Updated by Gregory Poudrel about 11 years ago
To have furtherly tested, IPFW rules containing tables are never matched. Same rules with IP address are matched.
Example:
table 3 :
10.0.0.10/32 2002
table 4 :
10.0.0.10/32 2003
These rules are never matched:
65322 0 0 allow ip from table(3) to any in
65323 0 0 allow ip from any to table(4) out
These rules are matched:
65322 0 0 allow ip from { 10.0.0.10/32 } to any in
65323 0 0 allow ip from any to { 10.0.0.10/32 } out
Updated by Ermal Luçi about 11 years ago
- Status changed from New to Feedback
Can you try on latest snapshots.
Updated by Jim Pingle about 11 years ago
- Status changed from Feedback to Resolved
Looks good to me. I can now auth to the portal and then access other sites as expected.
Updated by Gregory Poudrel about 11 years ago
I updated to 12th September snapshot.
As soon as the user logs into the captive portal, kernel crashes (probably after adding MAC in table 1):
Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address = 0xf4acf5bc
fault code = supervisor read, page not present
instruction pointer = 0x20:0xc12474e4
stack pointer = 0x28:0xebde46f4
frame pointer = 0x28:0xebde4730
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 0 (ath0 taskq)
[ thread pid 0 tid 100077 ]
Stopped at bcmp+0x14: repe cmpsl (%esi),%es:(%edi)
db:0:kdb.enter.default> textdump set
textdump set
db:0:kdb.enter.default> capture on
db:0:kdb.enter.default> run lockinfo
db:1:lockinfo> show locks
No such command
db:1:locks> show alllocks
No such command
db:1:alllocks> show lockedvnods
Locked vnodes
db:0:kdb.enter.default> show pcpu
cpuid = 0
dynamic pcpu = 0x645300
curthread = 0xc790e310: pid 0 "ath0 taskq"
curpcb = 0xebde4d60
fpcurthread = none
idlethread = 0xc76e7000: tid 100003 "idle: cpu0"
APIC ID = 0
currentldt = 0x50
db:0:kdb.enter.default> bt
Tracing pid 0 tid 100077 td 0xc790e310
bcmp(c8b21000,1,c45000a,ebde486c,ebde49d6,...) at bcmp+0x14/frame 0xebde4730
ipfw_chk(ebde48c8,e,0,0,ebde4900,...) at ipfw_chk+0x32a2/frame 0xebde48a0
ipfw_check_frame(0,ebde4a1c,c77c9800,1,0,...) at ipfw_check_frame+0x134/frame 0xebde49f8
pfil_run_hooks(c2041d9c,ebde4a68,c77c9800,1,0,...) at pfil_run_hooks+0x85/frame 0xebde4a4c
ether_demux(c77c9800,c867cc00,2,5,c790e310,...) at ether_demux+0x4f/frame 0xebde4a78
ether_nh_input(c867cc00,c793e000,c8716100,c80ff000,c81c3000,...) at ether_nh_input+0x37e/frame 0xebde4ac4
netisr_dispatch_src(9,0,c867cc00) at netisr_dispatch_src+0x83/frame 0xebde4b14
netisr_dispatch(9,c867cc00) at netisr_dispatch+0x20/frame 0xebde4b28
ether_input(c77c9800,c867cc00,c86aa012,93e000,c77c9800) at ether_input+0x19/frame 0xebde4b38
hostap_deliver_data(c81c3000,c80ff000,c867cc00,46,c0cd3afa,...) at hostap_deliver_data+0xb5/frame 0xebde4b60
hostap_input(c80ff000,c867cc00,2e,ffffffa0,c790e310,...) at hostap_input+0x2e2/frame 0xebde4ba0
ath_rx_pkt(c78d9000,c79837fc,41ded80,a90d75c,0,...) at ath_rx_pkt+0x3c2/frame 0xebde4be0
ath_rx_proc(c78d9000,1,0,0,0,...) at ath_rx_proc+0x25e/frame 0xebde4c48
taskqueue_run_locked(c78ec080,c78ec098,0,c13bdb87,0,...) at taskqueue_run_locked+0xea/frame 0xebde4c8c
taskqueue_thread_loop(c78d9748,ebde4d08,aa55aa55,aa55aa55,aa55aa55,...) at taskqueue_thread_loop+0xc7/frame 0xebde4cc4
fork_exit(c0cf5ca0,c78d9748,ebde4d08) at fork_exit+0xa3/frame 0xebde4cf4
fork_trampoline() at fork_trampoline+0x8/frame 0xebde4cf4
--- trap 0, eip = 0, esp = 0xebde4d40, ebp = 0 ---
db:0:kdb.enter.default> ps
pid ppid pgrp uid state wmesg wchan cmd
67652 50255 21 0 S nanslp 0xc1e9fb69 sleep
65561 65427 65561 0 S+ ttyin 0xc799ee70 sh
65427 65303 65427 0 S+ wait 0xc8be82f0 sh
65303 1 65303 0 Ss+ wait 0xc7eca000 login
46850 250 250 0 S accept 0xc80141e6 php-fpm
5992 4446 5992 0 S+ ttyin 0xc7e8e070 tcsh
4446 4118 4446 0 S+ wait 0xc8c92bc0 sh
4118 3649 4118 0 Ss+ wait 0xc8c92000 sh
3649 8341 3649 0 Ss select 0xc8c6a1a4 sshd
80912 1 80912 0 Ss (threaded) ntpd
100183 S select 0xc8c6b164 ntpd
74249 4867 74249 0 Ss (threaded) sshlockout_pf
100180 S nanslp 0xc1e9fb68 sshlockout_pf
100176 S piperd 0xc7eb4990 sshlockout_pf
73876 1 1 0 S nanslp 0xc1e9fb69 getty
64680 64251 64251 0 S nanslp 0xc1e9fb68 minicron
64251 1 64251 0 Ss wait 0xc8c23bc0 minicron
64018 63809 63809 0 S nanslp 0xc1e9fb68 minicron
63809 1 63809 0 Ss wait 0xc8c232f0 minicron
63679 63389 63389 0 S nanslp 0xc1e9fb68 minicron
63389 1 63389 0 Ss wait 0xc8c225e0 minicron
61248 1 61248 0 Ss nanslp 0xc1e9fb69 cron
53892 1 53892 0 Ss select 0xc79ec7a4 igmpproxy
50255 1 21 0 S+ wait 0xc8be85e0 sh
47089 44675 44675 0 S accept 0xc8a06886 php
47055 44675 44675 0 S accept 0xc8a06886 php
46858 44675 44675 0 S accept 0xc8a06886 php
46816 44189 44189 0 S accept 0xc80136de php
46700 44189 44189 0 S accept 0xc80136de php
46579 44189 44189 0 S accept 0xc80136de php
46501 44503 44503 0 S accept 0xc8a06bd6 php
46372 44503 44503 0 S accept 0xc8a06bd6 php
46336 44545 44545 0 S accept 0xc8a06a2e php
46186 44545 44545 0 S accept 0xc8a06a2e php
45862 44545 44545 0 S accept 0xc8a06a2e php
45822 44503 44503 0 S accept 0xc8a06bd6 php
45705 43057 43057 0 S accept 0xc8003bd6 php
45447 43057 43057 0 S accept 0xc8003bd6 php
45411 43057 43057 0 S accept 0xc8003bd6 php
45294 44094 44094 0 S accept 0xc8001536 php
45132 44094 44094 0 S accept 0xc8001536 php
44991 44094 44094 0 S accept 0xc8001536 php
44675 42017 44675 0 Ss wait 0xc8b7b8d0 php
44545 42017 44545 0 Ss wait 0xc8b7bbc0 php
44503 42017 44503 0 Ss wait 0xc8b7c000 php
44189 42017 44189 0 Ss wait 0xc8b7c2f0 php
44094 42017 44094 0 Ss wait 0xc8b7c5e0 php
43057 42017 43057 0 Ss wait 0xc7e15000 php
42717 42394 42394 0 S nanslp 0xc1e9fb68 minicron
42394 1 42394 0 Ss wait 0xc7fd6000 minicron
42017 1 41820 0 S kqread 0xc7e0b600 lighttpd
35534 1 35534 1002 Ss select 0xc7de1a64 dhcpd
27991 1 27991 59 Ss (threaded) unbound
100208 S select 0xc7de14e4 unbound
100123 S select 0xc7e389a4 unbound
25133 1 24795 0 S kqread 0xc89e9f00 lighttpd
17427 17143 17143 0 S piperd 0xc7ee2660 rrdtool
17143 1 17143 0 Ss select 0xc7de1b24 apinger
14084 1 14084 0 Ss select 0xc79e9b64 inetd
13534 1 13534 0 Ss bpf 0xc7e8f600 filterlog
13208 1 13208 0 Ss kqread 0xc89eb080 dhcpleases
9090 1 9090 0 Ss select 0xc7e39164 hostapd
8341 1 8341 0 Ss select 0xc7e3b164 sshd
4867 1 4867 0 Ss select 0xc7e39564 syslogd
276 1 276 0 Ss select 0xc7e3a464 devd
267 265 265 0 S kqread 0xc7e0df00 check_reload_status
265 1 265 0 Ss kqread 0xc7e5a180 check_reload_status
250 1 250 0 Ss kqread 0xc7e0de00 php-fpm
64 0 0 0 DL mdwait 0xc7df1000 [md0]
20 0 0 0 DL vlruwt 0xc7e15bc0 [vnlru]
19 0 0 0 DL syncer 0xc1ebf0c4 [syncer]
18 0 0 0 DL psleep 0xc1ebe804 [bufdaemon]
17 0 0 0 DL pgzero 0xc1fea2a0 [pagezero]
9 0 0 0 DL pollid 0xc1e9e528 [idlepoll]
8 0 0 0 DL psleep 0xc1fe9fc4 [vmdaemon]
7 0 0 0 DL psleep 0xc2047a84 [pagedaemon]
6 0 0 0 DL waiting_ 0xc204238c [sctp_iterator]
5 0 0 0 DL pftm 0xc0f16a60 [pf purge]
16 0 0 0 DL (threaded) [usb]
100064 D - 0xc78afd34 [usbus7]
100063 D - 0xc78afd04 [usbus7]
100062 D - 0xc78afcd4 [usbus7]
100061 D - 0xc78afca4 [usbus7]
100060 D - 0xc78d3b5c [usbus6]
100059 D - 0xc78d3b2c [usbus6]
100058 D - 0xc78d3afc [usbus6]
100057 D - 0xc78d3acc [usbus6]
100056 D - 0xc78cbb5c [usbus5]
100055 D - 0xc78cbb2c [usbus5]
100054 D - 0xc78cbafc [usbus5]
100053 D - 0xc78cbacc [usbus5]
100052 D - 0xc7896b5c [usbus4]
100051 D - 0xc7896b2c [usbus4]
100050 D - 0xc7896afc [usbus4]
100049 D - 0xc7896acc [usbus4]
100044 D - 0xc7860d34 [usbus3]
100043 D - 0xc7860d04 [usbus3]
100042 D - 0xc7860cd4 [usbus3]
100041 D - 0xc7860ca4 [usbus3]
100040 D - 0xc7889b5c [usbus2]
100039 D - 0xc7889b2c [usbus2]
100038 D - 0xc7889afc [usbus2]
100037 D - 0xc7889acc [usbus2]
100036 D - 0xc7883b5c [usbus1]
100035 D - 0xc7883b2c [usbus1]
100034 D - 0xc7883afc [usbus1]
100033 D - 0xc7883acc [usbus1]
100032 D - 0xc7866b5c [usbus0]
100031 D - 0xc7866b2c [usbus0]
100030 D - 0xc7866afc [usbus0]
100029 D - 0xc7866acc [usbus0]
4 0 0 0 DL (threaded) [cam]
100097 D - 0xc1de0ba8 [scanner]
100022 D - 0xc1de0d00 [doneq0]
3 0 0 0 DL crypto_r 0xc1fe8f60 [crypto returns]
2 0 0 0 DL crypto_w 0xc1fe8ea0 [crypto]
15 0 0 0 DL - 0xc1dfad80 [rand_harvestq]
14 0 0 0 DL (threaded) [geom]
100013 D - 0xc203e3e0 [g_down]
100012 D - 0xc203e3dc [g_up]
100011 D - 0xc203e3d8 [g_event]
13 0 0 0 DL (threaded) [ng_queue]
100010 D sleep 0xc1db7710 [ng_queue1]
100009 D sleep 0xc1db7710 [ng_queue0]
12 0 0 0 WL (threaded) [intr]
100105 I [swi1: netisr 1]
100095 I [swi1: pfsync]
100093 I [swi1: pf send]
100090 I [irq15: ata1]
100089 I [irq14: ata0]
100088 I [irq270: em3:link]
100086 I [irq269: em3:tx 0]
100084 I [irq268: em3:rx 0]
100083 I [irq267: em2:link]
100081 I [irq266: em2:tx 0]
100079 I [irq265: em2:rx 0]
100076 I [irq17: ath0]
100075 I [irq264: em1:link]
100073 I [irq263: em1:tx 0]
100071 I [irq262: em1:rx 0]
100070 I [irq261: em0:link]
100068 I [irq260: em0:tx 0]
100066 I [irq259: em0:rx 0]
100065 I [swi0: uart uart+++]
100048 I [irq16: ohci3 ohci4*]
100047 I [irq258: ahci0]
100046 I [irq257: sdhci_pci1]
100045 I [irq256: sdhci_pci0]
100028 I [irq19: ohci0 ohci1*]
100026 I [swi6: task queue]
100020 I [swi5: fast taskq]
100018 I [swi6: Giant taskq]
100008 I [swi4: clock]
100007 I [swi4: clock]
100006 I [swi1: netisr 0]
100005 I [swi3: vm]
11 0 0 0 RL (threaded) [idle]
100004 CanRun [idle: cpu1]
100003 CanRun [idle: cpu0]
1 0 1 0 SLs wait 0xc76e02f0 [init]
10 0 0 0 DL audit_wo 0xc2046384 [audit]
0 0 0 0 RLs (threaded) [kernel]
100143 Run CPU 1 [dummynet]
100096 D - 0xc76e3000 [CAM taskq]
100091 D - 0xc79e4900 [mca taskq]
100087 D - 0xc78d8880 [em3 txq]
100085 D - 0xc78d8900 [em3 rxq]
100082 D - 0xc78d8e00 [em2 txq]
100080 D - 0xc78d8e80 [em2 rxq]
100078 D - 0xc78ec000 [ath0 net80211 taskq]
100077 Run CPU 0 [ath0 taskq]
100074 D - 0xc78ec500 [em1 txq]
100072 D - 0xc78ec580 [em1 rxq]
100069 D - 0xc78eca80 [em0 txq]
100067 D - 0xc78ecb00 [em0 rxq]
100027 D - 0xc75bdb80 [ffs_trim taskq]
100025 D - 0xc75bdd00 [acpi_task_2]
100024 D - 0xc75bdd00 [acpi_task_1]
100023 D - 0xc75bdd00 [acpi_task_0]
100021 D - 0xc76e3180 [kqueue taskq]
100019 D - 0xc76e3300 [thread taskq]
100014 D - 0xc76e4500 [firmware taskq]
100000 D swapin 0xc203e464 [swapper]
db:0:kdb.enter.default> alltrace
Tracing command sleep pid 67652 tid 100193 td 0xc8d5b000
sched_switch(c8d5b000,0,104,98,ebfdaaa4,...) at sched_switch+0x2da/frame 0xebfdaa70
mi_switch(104,0,c8d5b264,ebfdab20,c0cc3bfb,c8d5b000) at mi_switch+0x124/frame 0xebfdaaa4
sleepq_switch(c8d5b000,0,c13d53ce,1a8,6021dc2e,...) at sleepq_switch+0x15b/frame 0xebfdaacc
sleepq_catch_signals(c8d5b264,6021dc2e,134,c0000000,3,...) at sleepq_catch_signals+0x5be/frame 0xebfdab20
sleepq_timedwait_sig(c1e9fb69,6c,134,c0000000,3,...) at sleepq_timedwait_sig+0x14/frame 0xebfdab50
_sleep(c1e9fb69,0,16c,c13d1d08,6021dc2e,...) at _sleep+0x24e/frame 0xebfdab98
kern_nanosleep(bfbfede0,ebfdac18,ebfdac20,2,3c,...) at kern_nanosleep+0x158/frame 0xebfdac00
sys_nanosleep(c8d5b000,ebfdacc8,c8d5b000,f8,60206fe7,...) at sys_nanosleep+0x6b/frame 0xebfdac40
syscall(ebfdad08) at syscall+0x479/frame 0xebfdacfc
Xint0x80_syscall() at Xint0x80_syscall+0x21/frame 0xebfdacfc
--- syscall (240, FreeBSD ELF32, sys_nanosleep), eip = 0x2818c993, esp = 0xbfbfedac, ebp = 0xbfbfedf4 ---
Tracing command sh pid 65561 tid 100189 td 0xc8c2d930
sched_switch(c8c2d930,0,104,c8c2ac00,0,...) at sched_switch+0x2da/frame 0xebfce9b8
mi_switch(104,0,c8c2ac00,ebfcea68,c0c96b14,c8c2d930) at mi_switch+0x124/frame 0xebfce9ec
sleepq_switch(c8c2d930,0,c13d53ce,1a8,ffffffc6,...) at sleepq_switch+0x15b/frame 0xebfcea14
sleepq_catch_signals(c8c2d930,0,c13d53ce,154,f6,...) at sleepq_catch_signals+0x5be/frame 0xebfcea68
sleepq_wait_sig(c799ee70,0,c13d7b91,101,0,...) at sleepq_wait_sig+0x14/frame 0xebfcea94
_cv_wait_sig(c799ee70,c799ee04,ebfcec10,0,ebfceb20,...) at _cv_wait_sig+0x170/frame 0xebfceac4
tty_wait(c799ee00,c799ee70,1,ebfceb0f,c0d6254d,...) at tty_wait+0x1f/frame 0xebfceadc
ttydisc_read(c799ee00,ebfcec10,0,c0d62760,c7e988c0,...) at ttydisc_read+0x105/frame 0xebfceb20
ttydev_read(c79b8b00,ebfcec10,0,1,0,...) at ttydev_read+0x8b/frame 0xebfceb44
devfs_read_f(c7e988c0,ebfcec10,c8b1e980,0,c8c2d930,...) at devfs_read_f+0xb9/frame 0xebfceb74
dofileread(c7e988c0,ebfcec10,ffffffff,ffffffff,0,...) at dofileread+0x99/frame 0xebfceba8
kern_readv(c8c2d930,0,ebfcec10,40000000,bfbfeac3,...) at kern_readv+0x96/frame 0xebfcebf0
sys_read(c8c2d930,ebfcecc8,3,f6,b7905c4e,...) at sys_read+0x5c/frame 0xebfcec40
syscall(ebfced08) at syscall+0x479/frame 0xebfcecfc
Xint0x80_syscall() at Xint0x80_syscall+0x21/frame 0xebfcecfc
--- syscall (3, FreeBSD ELF32, sys_read), eip = 0x282289b7, esp = 0xbfbfe9fc, ebp = 0xbfbfead8 ---
Updated by Ermal Luçi about 11 years ago
- Status changed from Resolved to Feedback
It should be properluy fixed with tomorrows snapshots.
Updated by Gregory Poudrel about 11 years ago
It works ! :)
I can now login through captive portal. Rule is added into ipfw and I can navigate correctly.
Updated by Renato Botelho about 11 years ago
- Status changed from Feedback to Resolved
Actions