Since IPFW is redirecting to the captive portal running on 127.0.0.1:
65531 11375 1820680 fwd 127.0.0.1,8000 tcp from any to any in
We need to permit traffic from the Captive Portal interface to 127.0.0.1. Otherwise the portal will not come up without a seperate rule allowing it or a allow all rule.
How to reproduce: Set your captive portal interface rule to allow traffic from its subnet to it's subnet. IE: * OPT1 net * OPT1 net * * none
Try using the captive portal. Now add in this commit and the portal should work without a dedicated user rule permitting traffic to 127.0.0.1.
The other solution is to change the IPFW fwd to redirect to the Captive Portal interface IP address in question but this is much easier and just as clean.
Since IPFW is redirecting to the captive portal running on 127.0.0.1:
65531 11375 1820680 fwd 127.0.0.1,8000 tcp from any to any in
We need to permit traffic from the Captive Portal interface to 127.0.0.1. Otherwise the portal will not come up without a seperate rule allowing it or a allow all rule.
How to reproduce: Set your captive portal interface rule to allow traffic from its subnet to it's subnet. IE: * OPT1 net * OPT1 net * * none
Try using the captive portal. Now add in this commit and the portal should work without a dedicated user rule permitting traffic to 127.0.0.1.
The other solution is to change the IPFW fwd to redirect to the Captive Portal interface IP address in question but this is much easier and just as clean.