Project

General

Profile

Bug #9012

Captive Portal authentication in Squid Proxy Server does not work

Added by Kevin Chou 4 months ago. Updated about 2 months ago.

Status:
New
Priority:
Very Low
Assignee:
-
Category:
Squid
Target version:
-
Start date:
10/05/2018
Due date:
% Done:

0%

Estimated time:
Affected Version:
Affected Architecture:

Description

Version pfsense 2.4.4-RELEASE (amd64)
I have configured Authentication Method to "Captive Portal" in Squid Proxy Server -> Authentication
But it does not work, squid cannot get current user and deny access.

History

#1 Updated by Jim Pingle 4 months ago

  • Project changed from pfSense to pfSense Packages
  • Category set to squidguard
  • Priority changed from Normal to Very Low

#2 Updated by Jim Pingle 4 months ago

  • Category changed from squidguard to Squid

#3 Updated by Jer DIe about 2 months ago

In /etc/inc/captiportal.inc (ee /etc/inc/captiveportal.inc)

approximatively line 699 (3128 = proxy port)

############
$cprules .= "# redirect non-authenticated clients to captive portal\n";
$cprules .= captiveportal_create_ipfw_rule("add", $rulenum,
"fwd 127.0.0.1,{$listenporthttp} tcp from any to any dst-port 3128 in");

$cprules .= captiveportal_create_ipfw_rule("add", $rulenum,
"fwd 127.0.0.1,{$listenporthttp} tcp from any to any dst-port 80 in");
$cprules .= "# let the responses from the captive portal web server back out\n";
$cprules .= captiveportal_create_ipfw_rule("add", $rulenum,
"pass tcp from any to any out");
$cprules .= "# This CP zone is over, skip to last rule\n";
$cprules .= captiveportal_create_ipfw_rule("add", $rulenum,
"skipto 65534 all from any to any"); ############

Reboot

list rules : ipfw show

02216 0 0 pipe tablearg ip from any to table(wifi_byod_auth_down) layer2 out
02217 12 1064 fwd 127.0.0.1,8004 tcp from any to any 3128 in
02218 133 14061 fwd 127.0.0.1,8004 tcp from any to any 80 in
02219 127 17404 allow tcp from any to any out

It should work ;-)

Also available in: Atom PDF