Captive Portal ipfw rules missing local IP allow
In all previous versions, rules were added to allow all traffic to and from the interface IP where captive portal is enabled. 2.0 does not have these rules, which breaks scenarios such as where the RADIUS server resides on the interface where captive portal is enabled. These should be added back. One example from 1.2.3:
00500 10180 1574992 allow ip from 192.168.11.1 to any out via em1 00501 9524 1615062 allow ip from any to 192.168.11.1 in via em1
#1 Updated by Ermal Luçi over 9 years ago
The problem with this is that it will open all the services on the host.
Why not call this a configuration problem and tell people to just bind radius to localhost!
From developer point of view opening the pfSense host simplifies a lot of initialization code.(for reference)