summaryrefslogtreecommitdiffstats
path: root/etc/inc/captiveportal.inc
Commit message (Collapse)AuthorAgeFilesLines
* Include filter.inc for the ipfw load function.Ermal2010-05-191-0/+1
|
* Check if interface exists before issuing a command when disabling captiveportal.Ermal2010-05-071-6/+8
|
* The gui defaults to https in 2.0 correct it to make sure it is not stopped ↵Ermal2010-05-051-3/+3
| | | | by CP on the CP interface[s].
* Ticket #565. Correct deleting passthru mac entries. revert back to always ↵Ermal2010-05-031-28/+36
| | | | allow a passthru mac as with allowed ips. Remove the check during login for passthru mac entries they will never make it to the login page.
* Ticket #566. Reimplement the allowed ips keeping previous funcitonality and ↵Ermal2010-05-031-39/+110
| | | | improving by adding a both direction. The problem with previous commit is that it always assumes that allowed ip address would have a pipe configured and entires without one would just get dropped.
* Make pasthrough GUI code catch-up with the latest changes.Ermal2010-04-201-1/+1
|
* Use tables of ipfw for passthrough mac entries. This makes it scale way ↵Ermal2010-04-201-68/+13
| | | | better than previously. Fix multiple entries on adding mac through entries automatically after login for the same user. The changes allow even pass through mac to be controlled from the Status->Captiveportal. Use serialize/unserialize on some files that keep temporary information to speed up calculations. Really allow mac passthrough to follow radius rules or time out rules when present.
* Add a new option which allows the admin user to configure CP so that it ↵Ermal2010-04-201-114/+175
| | | | automatically enters an MAC passthru entry. The MAC is taken from login details and has to be removed manually. Also do improvements on rules handling and pipes. Add some optmizations. Teach the GUI/backend on ip/mac passthrough to configure a bw limit for this entries.
* radius.inc already has this includes so do not include them explicitly. This ↵Ermal2010-04-141-2/+0
| | | | unbreaks the loading of bcmath module since PEAR.inc is not yet included!
* Use the ipfw(4) list functionality to reduce rules even more. Add allow ↵Ermal2010-03-171-28/+38
| | | | rules for accessing pfSense webgui to not lock out operators behind the CP. Remove redundant rule regarding dns. Probably every dns request should be forwarded to the local dns server to not force clients to use the pfSense forwarder!
* Add intermmediate certificate support to CP config page.Ermal Luçi2010-03-011-1/+5
|
* Include propper includes.Ermal Luçi2010-02-261-0/+2
|
* Put this code on propper context.Ermal Luçi2010-02-261-6/+6
|
* correct icmptypes so CP IP can be pingedChris Buechler2010-02-211-3/+3
|
* Try to prevent empty interfaces.Ermal Luçi2009-12-071-2/+4
|
* Rework includes/require. This saves about 4 megabytes.Scott Ullrich2009-11-211-2/+0
| | | | Simplify get_memory(). Tested on mips/i386
* Properly correct ipfw rule.Ermal Luçi2009-11-151-2/+2
|
* Revert "Correct ipfw rule."Ermal Luçi2009-11-151-2/+2
| | | | | | Error of copy paste This reverts commit 0f6fdf29a2f31bbf816eb3df33c3f1fc38c8b2a6.
* Correct ipfw rule.Ermal Luçi2009-11-151-2/+2
|
* Not sure why this was changed like this. As is, you couldn't disconnect the ↵Chris Buechler2009-11-151-4/+2
| | | | first client. I don't see any reason to do it that way, and this is the way it's done in RELENG_1_2
* always return the IP address hosting the page, rather than forcing to the ↵Chris Buechler2009-11-141-0/+10
| | | | hostname, requiring functional DNS name resolution which possibly doesn't exist. Restores 1.2.x behavior where client IP isn't in the same subnet as any CP-enabled interface.
* actually allow DNS to forwarder. CP is still broken, but this is closer at ↵Chris Buechler2009-11-141-1/+3
| | | | | | least. pointy-hat-to: eri
* Allow udp only from/to our local dns server. If wanted pass through can be ↵Ermal Luçi2009-11-111-2/+2
| | | | added.
* - Should fix captive portal on carps Issue #116Ermal Luçi2009-11-101-3/+20
| | | | | - Should fix the captive portal not working reports and Issue #118 NOTE: Now Captive portal is open on dns so no more is needed to add dns servers to pass through ips.
* Forward all udp request to port 53(DNS) to our local server. This allows ↵Ermal Luçi2009-09-231-1/+1
| | | | people with other dns configured other than the one in pfSense to still be able to authenticate in the CP.
* Only unload ipfw.ko if it is loaded. DohScott Ullrich2009-09-211-1/+2
|
* set 2/3 are no more used with ipfw.Ermal Luçi2009-09-201-2/+0
|
* Move the allowed ips to set 1 as well.Ermal Luçi2009-09-201-4/+4
|
* Forward everything to the CP portal page since some people might have ↵Ermal Luçi2009-09-201-1/+1
| | | | proxies in between.
* Remove the anti lockout rule on captive portal ruleset this opens a can of ↵Ermal Luçi2009-09-201-10/+0
| | | | worms.
* Teach captiveportal code to use the mac in tables functionality. Change the ↵Ermal Luçi2009-09-201-8/+4
| | | | default ruleset to reflect this.
* It seems upon captive portal startup the captiveportal.db file is not ↵Scott Ullrich2009-09-171-0/+3
| | | | written out until the /etc/rc.prunecaptiveportal script is run. If the Operator decides to visit status -> captive portal right after enabling the service they will be greated with some nasty nasty errors. Silence this nonsense by creating a blank captiveportal.db file right after nuking it.
* Return NULL when captive portal is not enabledScott Ullrich2009-09-171-1/+1
|
* Do not process IPFW rules if captive portal is disabled.Scott Ullrich2009-09-171-1/+2
|
* Fix multiple radius server handling.Ermal Luçi2009-09-141-18/+8
|
* Before configuring CP make sure that all interfaces are not set for ↵Ermal Luçi2009-09-131-1/+4
| | | | filtering with ipfw. Otherwise some wrong misconfigurations might happen when changing the interface on an active CP config.
* Flush all tables when restarting/saving a CP configuration.Ermal Luçi2009-09-131-1/+2
|
* Add pfSense_BUILDER_BINARIES: and pfSense_MODULE: additionsScott Ullrich2009-09-121-4/+9
|
* Spelling and comment formatting changes, no code changes.stompro2009-09-081-8/+10
|
* Correct typo. Reported-by: ↵Ermal Luçi2009-09-051-1/+1
| | | | stompro(forums:http://forum.pfsense.org/index.php/topic,18841.0.html)
* Merge branch 'master' of git://rcs.pfsense.org/pfsense/nigel-ca-chain into ↵Scott Ullrich2009-08-241-4/+4
|\ | | | | | | | | | | | | | | review/master Conflicts: etc/inc/certs.inc etc/inc/upgrade_config.inc
| * Added a missing argument in the lighty configuration for captive portal.Nigel Graham2009-05-261-2/+2
| |
| * Added support for certificate chains to manager so that lighty can deliver ↵Nigel Graham2009-05-241-2/+2
| | | | | | | | them via SSL.
* | Add my copyright.Ermal Luçi2009-08-141-0/+1
| |
* | Forgotten increase of the limit.Ermal Luçi2009-08-141-1/+1
| |
* | * Convert captive portal rules to use tables. This reduces the number of ↵Ermal Luçi2009-08-141-96/+88
| | | | | | | | | | | | | | | | | | | | rules ALOT. * Make the peruserbw setting use tables also by taking advantage of the tablearg option. * Convert statistics to use the new improvements of ipfw tables merged previously. * Make the limit of users allowed around 25000 instead of 9999 of before. NOTE: The only thing remaining for full optimization on ipfw(4) side is converting passthrumac and layer2 secure rules to tables aswell.
* | Use ipfw tables for allowed ips. This reduces the number of rules needed for ↵Ermal Luçi2009-08-131-53/+41
| | | | | | | | them and speedups things when this list is big. This simplifies even deleteing an allowed ip from services->captiveportal->allowedips since we just need to remove them from the table.
* | Fix some logic on enabling or disabling ipfw filtering on interfaces.Ermal Luçi2009-08-121-2/+5
| |
* | Readd rule since it makes the policy easier to read.Ermal Luçi2009-08-121-0/+1
| |
* | Reduce some unneeded overhead in CP generated ipfw rules.Ermal Luçi2009-08-111-30/+4
| |
OpenPOWER on IntegriCloud