Project

General

Profile

Actions

Bug #8441

closed

Manually disconnecting a captive portal user leaves the IPFW table entry

Added by Jim Pingle almost 6 years ago. Updated almost 6 years ago.

Status:
Resolved
Priority:
Normal
Category:
Captive Portal
Target version:
Start date:
04/06/2018
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4.3
Affected Architecture:
All

Description

When a captive portal user is manually disconnected their entry is removed from the portal database, but the entry remains in the ipfw table (Check ipfw table <name>_auth_up list)

Some more debugging from the forum:
https://forum.pfsense.org/index.php?topic=146046.msg795216#msg795216

(pfsense 2.4.3-RELEASE (amd64))
When a user press the disconnect button, in /usr/local/captiveportal/index.php (line 151) calls the captiveportal_disconnect_client function. This function first removes the information about the session from the captive portal database (file /etc/inc/captiveportal.inc line 1098), then the function captiveportal_disconnect (line 1104) is called. In captiveportal_disconnect, before removing an ip from the ipfw tables (lines 1038-1041), it is checked (lines 1035, 1036) whether this ip is logged. Because the information about the session is removed from the database, it bypass lines 1037-1041. As a result of this disconnection from the Internet does not occur.
I commented the lines 1035, 1036, 1042. The Captiva portal began to disconnect users.

I was able to reproduce the problem by logging into the portal and then disconnecting the user from Status > Captive Portal

Actions

Also available in: Atom PDF