I'm looking at pfsense 1.2.3.
We have a requirement to push several subnets through a captive portal, so
expected pfsense to be able to do this (with the "Disable MAC filtering"
option).
However any clients, other than on the local LAN network, that attempt to route
through the pfsense box get no packets back at all - no redirect to the portal
web page, nothing.
This is due to the following pf rule being used to push packets to the captive
portal stuff:-
pass in quick on $lan from 192.168.50.0/24 to any keep state \
label "USER_RULE: Default LAN -> any"
I can hack stuff so that things do work by changing /etc/inc/filter.inc (diff
has been white space mangled to stop it wrapping):-
diff -u filter.inc.orig filter.inc
--- filter.inc.orig 2010-02-23 15:24:02.000000000 +0000
+++ filter.inc 2010-02-23 15:24:04.000000000 +0000
@@ -1752,7 +1752,7 @@
$src = $lanip;
break;
case 'lan':
- $src = "{$lansa}/{$lansn}";
+ $src = "any";
break;
case 'pptp':
$src = "{$pptpsa}/{$pptpsn}";
which feels like doing surgery with a chainsaw...
Can anyone suggest a better fix for this? And how do I do a proper bug report
to get this fixed in the next release...
Nigel.
--
[ Nigel Metheringham [email protected] ]
[ - Comments in this message are my own and not ITO opinion/policy - ]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
