diff options
author | Ermal Luçi <eri@pfsense.org> | 2009-09-20 14:20:40 +0000 |
---|---|---|
committer | Ermal Luçi <eri@pfsense.org> | 2009-09-20 14:20:40 +0000 |
commit | f6fbd03e872be59f0bd45f8c840df8c99b6ed5de (patch) | |
tree | 06011dfffd9b25cd0f8df5e14b5ba96d2e5b8031 /usr/local/captiveportal | |
parent | 88b8fdd032afb1bac70ef8a08a426f4bfa8ed7a2 (diff) | |
download | pfsense-f6fbd03e872be59f0bd45f8c840df8c99b6ed5de.zip pfsense-f6fbd03e872be59f0bd45f8c840df8c99b6ed5de.tar.gz |
Teach captiveportal code to use the mac in tables functionality. Change the default ruleset to reflect this.
Diffstat (limited to 'usr/local/captiveportal')
-rwxr-xr-x | usr/local/captiveportal/index.php | 27 |
1 files changed, 17 insertions, 10 deletions
diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php index af6f867..dd12911 100755 --- a/usr/local/captiveportal/index.php +++ b/usr/local/captiveportal/index.php @@ -324,22 +324,29 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut if ($peruserbw && !empty($bw_up) && is_numeric($bw_up)) { $bw_up_pipeno = $ruleno + 20000; mwexec("/sbin/ipfw pipe $bw_up_pipeno config bw {$bw_up}Kbit/s queue 100"); - mwexec("/sbin/ipfw table 3 add {$clientip} {$bw_up_pipeno}"); + + if (!isset($config['captiveportal']['nomacfilter'])) + mwexec("/sbin/ipfw table 3 add {$clientip} mac {$clientmac} {$bw_up_pipeno}"); + else + mwexec("/sbin/ipfw table 3 add {$clientip} {$bw_up_pipeno}"); } else { - mwexec("/sbin/ipfw table 3 add {$clientip}"); + if (!isset($config['captiveportal']['nomacfilter'])) + mwexec("/sbin/ipfw table 3 add {$clientip} mac {$clientmac}"); + else + mwexec("/sbin/ipfw table 3 add {$clientip}"); } if ($peruserbw && !empty($bw_down) && is_numeric($bw_down)) { $bw_down_pipeno = $ruleno + 20001; mwexec("/sbin/ipfw pipe $bw_down_pipeno config bw {$bw_down}Kbit/s queue 100"); - mwexec("/sbin/ipfw table 4 add {$clientip} {$bw_down_pipeno}"); + if (!isset($config['captiveportal']['nomacfilter'])) + mwexec("/sbin/ipfw table 4 add {$clientip} mac {$clientmac} {$bw_down_pipeno}"); + else + mwexec("/sbin/ipfw table 4 add {$clientip} {$bw_down_pipeno}"); } else { - mwexec("/sbin/ipfw table 4 add {$clientip}"); - } - - /* add ipfw rules for layer 2 */ - if (!isset($config['captiveportal']['nomacfilter'])) { - exec("/sbin/ipfw add $ruleno set 3 deny all from $clientip to any not MAC any $clientmac layer2 in"); - exec("/sbin/ipfw add $ruleno set 3 deny all from any to $clientip not MAC $clientmac any layer2 out"); + if (!isset($config['captiveportal']['nomacfilter'])) + mwexec("/sbin/ipfw table 4 add {$clientip} mac {$clientmac}"); + else + mwexec("/sbin/ipfw table 4 add {$clientip}"); } if ($attributes['voucher']) |