pfSense

We are a hotspot provider and have many potential customers who are looking to use our service and love their pfSense setup. We have been testing your firewall and have got it working but would like to ask if the following request can be implemented. It will also help other hotspot providers, and is not unique to our solution.

Would it be possible to add an additional option to the radius called-station-id types to support a standard MAC of the pfSense box rather than an IP address or client MAC. Called-Station-Id should be the MAC of the NAS (i.e. the pfSense MAC itself). Most hotspot providers need the Called-Station-Id to be this MAC.

So, could this be added as standard?

in /usr/local/captiveportal/radius_authentication.inc

switch($radiusvendor) {

        case 'cisco':
                $calledstationid = $clientmac;
                $callingstationid = $clientip;
                break;
+        case 'wanmac':
+                $calledstationid = mac_format(get_interface_mac(get_real_interface("wan")));
+                $callingstationid = $clientmac;
+                break;

in /usr/local/www/services_captiveportal.php

$radiusvendors = array("cisco","wanmac");

Additionally, is it also possible to all the captive portal login request from an external server accept GET as well as POST, i.e. instead of having to POST this:

<form action="http://192.168.0.254:8000/" method="post" />
<input type="hidden" name="auth_user" value="123" />
<input type="hidden" name="auth_pass" value="456" />
<input type="submit" name="accept" value="Log in" />
</form>

We could just redirect the browser to this (and thus a GET requst):

http://192.168.0.254:8000/?auth_user=123&auth_pass=456&accept=Log+in

Thanks in advance,

James