/ - Diff - pfSense - pfSense bugtracker

« Previous | Next »

Revision 421f8b5f

Added by Scott Ullrich over 17 years ago

ID 421f8b5faa721658b5f55d4ca6dc0334f260f450
Parent 8b86df37
Child e180a6e3

Sometimes when the user enters the hostname of the HTTPs captive portal server it resolves the IP address to $LANIP. Allow access to $LANIP in addition to the $CPIP so that we can speedup captive portal by 10000* in these cases.

     	$cpifn = $config['captiveportal']['interface'];
     	$cpif = $config['interfaces'][$cpifn]['if'];
     	$cpip = $config['interfaces'][$cpifn]['ipaddr'];
     	$lanip = $config['interfaces']['lan']['ipaddr'];
     	/* note: the captive portal daemon inserts all pass rules for authenticated
     	   clients as skipto 50000 rules to make traffic shaping work */
-...
     add 1300 set 1 pass udp from any to $cpip 53 in
     add 1301 set 1 pass udp from $cpip 53 to any out
     # allow access to our DNS forwarder if it incorrectly resolves the hostname to $lanip
     add 1300 set 1 pass udp from any to $lanip 53 in
     add 1301 set 1 pass udp from $lanip 53 to any out
     # allow access to our web server
     add 1302 set 1 pass tcp from any to $cpip 8000 in
     add 1303 set 1 pass tcp from $cpip 8000 to any out
     # allow access to lan web server incase the dns name resolves incorrectly to $lanip
     add 1302 set 1 pass tcp from any to $lanip 8000 in
     add 1303 set 1 pass tcp from $lanip 8000 to any out
     EOD;
     	if (isset($config['captiveportal']['httpslogin'])) {
     		$cprules .= <<<EOD
     add 1304 set 1 pass tcp from any to $cpip 8001 in
     add 1305 set 1 pass tcp from $cpip 8001 to any out
     add 1302 set 1 pass tcp from any to $lanip 8001 in
     add 1303 set 1 pass tcp from $lanip 8001 to any out
     EOD;
+    	}

Also available in: Unified diff

Project

General

Profile

pfSense

Revision 421f8b5f

Added by Scott Ullrich over 17 years ago