summaryrefslogtreecommitdiffstats
path: root/etc/inc/captiveportal.inc
Commit message (Collapse)AuthorAgeFilesLines
* don't include 255.255.255.255 hereChris Buechler2010-08-091-3/+9
|
* Add a subnet option to allowed ip addresses on CP.Ermal2010-07-221-2/+5
|
* Fixes #741. Restore behaviour of CP in 1.2.x by allowing in ipfw rules ↵Ermal2010-07-221-33/+2
| | | | anything to the host ip on the interfaces configured for CP.
* Use proper locking.Ermal2010-06-211-4/+11
|
* Do not flush all tables unless Save was hit on webgui. This avoids flushing ↵Ermal2010-06-211-6/+19
| | | | the tables that keep logged in users.
* Do not reconfigure CP on every event of interfaces or while reloading the ↵Ermal2010-06-181-129/+127
| | | | webGUI. Create 2 new function to just rewrite rules and restart the webserver for CP repctively for interface events and webGUI restart events.
* Ooops curly missing.Ermal2010-06-171-3/+4
|
* Actually correctly handle some vip types ips for getNasIP.Ermal2010-06-171-1/+4
|
* Teach even getNasIP for the new callingstation ip setting.Ermal2010-06-171-5/+12
|
* correct the limiter, it reversed up/down beforeChris Buechler2010-06-161-3/+3
|
* Mute this command so people do not think something went wrong.Ermal2010-06-021-1/+1
|
* Use the new functions on CP code too.Ermal2010-06-021-6/+6
|
* Make the logout page configurable like the other pages. The only difference ↵Ermal2010-05-281-0/+44
| | | | is that this page/code will be treated as a .php page so it may contain internal php CP variables referenced.
* Remove part of the message displayed some people might find its completely ↵Ermal2010-05-281-1/+1
| | | | ok to use it.
* Add a function to find the mac address on a passthrough mac entry by ↵Ermal2010-05-281-0/+12
| | | | username(if present) in the <username> tag of the entry.
* Allow php code to be included in the primary captive portal page. Add new ↵Scott Ullrich2010-05-211-0/+16
| | | | ORIGINAL_PORTAL_IP post item which will be experimenting with a master mutli voucher setup.
* Include filter.inc for the ipfw load function.Ermal2010-05-191-0/+1
|
* Check if interface exists before issuing a command when disabling captiveportal.Ermal2010-05-071-6/+8
|
* The gui defaults to https in 2.0 correct it to make sure it is not stopped ↵Ermal2010-05-051-3/+3
| | | | by CP on the CP interface[s].
* Ticket #565. Correct deleting passthru mac entries. revert back to always ↵Ermal2010-05-031-28/+36
| | | | allow a passthru mac as with allowed ips. Remove the check during login for passthru mac entries they will never make it to the login page.
* Ticket #566. Reimplement the allowed ips keeping previous funcitonality and ↵Ermal2010-05-031-39/+110
| | | | improving by adding a both direction. The problem with previous commit is that it always assumes that allowed ip address would have a pipe configured and entires without one would just get dropped.
* Make pasthrough GUI code catch-up with the latest changes.Ermal2010-04-201-1/+1
|
* Use tables of ipfw for passthrough mac entries. This makes it scale way ↵Ermal2010-04-201-68/+13
| | | | better than previously. Fix multiple entries on adding mac through entries automatically after login for the same user. The changes allow even pass through mac to be controlled from the Status->Captiveportal. Use serialize/unserialize on some files that keep temporary information to speed up calculations. Really allow mac passthrough to follow radius rules or time out rules when present.
* Add a new option which allows the admin user to configure CP so that it ↵Ermal2010-04-201-114/+175
| | | | automatically enters an MAC passthru entry. The MAC is taken from login details and has to be removed manually. Also do improvements on rules handling and pipes. Add some optmizations. Teach the GUI/backend on ip/mac passthrough to configure a bw limit for this entries.
* radius.inc already has this includes so do not include them explicitly. This ↵Ermal2010-04-141-2/+0
| | | | unbreaks the loading of bcmath module since PEAR.inc is not yet included!
* Use the ipfw(4) list functionality to reduce rules even more. Add allow ↵Ermal2010-03-171-28/+38
| | | | rules for accessing pfSense webgui to not lock out operators behind the CP. Remove redundant rule regarding dns. Probably every dns request should be forwarded to the local dns server to not force clients to use the pfSense forwarder!
* Add intermmediate certificate support to CP config page.Ermal Luçi2010-03-011-1/+5
|
* Include propper includes.Ermal Luçi2010-02-261-0/+2
|
* Put this code on propper context.Ermal Luçi2010-02-261-6/+6
|
* correct icmptypes so CP IP can be pingedChris Buechler2010-02-211-3/+3
|
* Try to prevent empty interfaces.Ermal Luçi2009-12-071-2/+4
|
* Rework includes/require. This saves about 4 megabytes.Scott Ullrich2009-11-211-2/+0
| | | | Simplify get_memory(). Tested on mips/i386
* Properly correct ipfw rule.Ermal Luçi2009-11-151-2/+2
|
* Revert "Correct ipfw rule."Ermal Luçi2009-11-151-2/+2
| | | | | | Error of copy paste This reverts commit 0f6fdf29a2f31bbf816eb3df33c3f1fc38c8b2a6.
* Correct ipfw rule.Ermal Luçi2009-11-151-2/+2
|
* Not sure why this was changed like this. As is, you couldn't disconnect the ↵Chris Buechler2009-11-151-4/+2
| | | | first client. I don't see any reason to do it that way, and this is the way it's done in RELENG_1_2
* always return the IP address hosting the page, rather than forcing to the ↵Chris Buechler2009-11-141-0/+10
| | | | hostname, requiring functional DNS name resolution which possibly doesn't exist. Restores 1.2.x behavior where client IP isn't in the same subnet as any CP-enabled interface.
* actually allow DNS to forwarder. CP is still broken, but this is closer at ↵Chris Buechler2009-11-141-1/+3
| | | | | | least. pointy-hat-to: eri
* Allow udp only from/to our local dns server. If wanted pass through can be ↵Ermal Luçi2009-11-111-2/+2
| | | | added.
* - Should fix captive portal on carps Issue #116Ermal Luçi2009-11-101-3/+20
| | | | | - Should fix the captive portal not working reports and Issue #118 NOTE: Now Captive portal is open on dns so no more is needed to add dns servers to pass through ips.
* Forward all udp request to port 53(DNS) to our local server. This allows ↵Ermal Luçi2009-09-231-1/+1
| | | | people with other dns configured other than the one in pfSense to still be able to authenticate in the CP.
* Only unload ipfw.ko if it is loaded. DohScott Ullrich2009-09-211-1/+2
|
* set 2/3 are no more used with ipfw.Ermal Luçi2009-09-201-2/+0
|
* Move the allowed ips to set 1 as well.Ermal Luçi2009-09-201-4/+4
|
* Forward everything to the CP portal page since some people might have ↵Ermal Luçi2009-09-201-1/+1
| | | | proxies in between.
* Remove the anti lockout rule on captive portal ruleset this opens a can of ↵Ermal Luçi2009-09-201-10/+0
| | | | worms.
* Teach captiveportal code to use the mac in tables functionality. Change the ↵Ermal Luçi2009-09-201-8/+4
| | | | default ruleset to reflect this.
* It seems upon captive portal startup the captiveportal.db file is not ↵Scott Ullrich2009-09-171-0/+3
| | | | written out until the /etc/rc.prunecaptiveportal script is run. If the Operator decides to visit status -> captive portal right after enabling the service they will be greated with some nasty nasty errors. Silence this nonsense by creating a blank captiveportal.db file right after nuking it.
* Return NULL when captive portal is not enabledScott Ullrich2009-09-171-1/+1
|
* Do not process IPFW rules if captive portal is disabled.Scott Ullrich2009-09-171-1/+2
|
OpenPOWER on IntegriCloud