Captive Portal loosing client authentification

xperimental · 15 November 2022 07:14

Hi,

first I want to say that I encountered that problem twice within a few weeks.

A client (laptop) is connected via BLUE to IPFire. The captive portal grands access to the network. That seems to work fine, but after a while the client won’t get access to the network anymore. I deactivate/activate the WLAN of the client and the captive portal website appears. I restart IPFire and it’s working again.

I watched the logs but couldn’t find any problems. I don’t have any entries in the captive portal section at all. How to investigate this?

Thx.

xperimental · 23 December 2022 22:24

Same problem again. This time with a different device: RaspPi4B. This is not reliable at all.

xperimental · 25 December 2022 08:03

3rd device affected. I enabled it at my parents home and after a while my laptop lost internet access and the captive portal website appeared. I didn’t restart the device (left it as it is) and this morning my laptop is back online without doing anything (laptop stayed on tonight).

Checked my RaspPi → also not internet access available. I entered the voucher code for my laptop that has been used before and it was accepted! I don’t think that a already used voucher code is supposed to be used and accepted a second time again.

xperimental · 25 January 2023 22:21

I also figured out that this problem only accures between 11pm to 12pm with UTC+1 time zone.

cfusco · 26 January 2023 10:29

Do you have an hypothesis on what happens during that hour? Any rule in fcron concerning captive portal ? Maybe DHCP leasing?

jon · 26 January 2023 18:27

are there any messages in the captive portal log?

EDIT:
Set the Day: to All

xperimental · 26 January 2023 18:40

No. DHCP is still working, but I can’t access anything anymore. It randomly effects all clients and all of my ipfire installations. If I disable and reenable captive portal for blue it’s working again.

xperimental · 26 January 2023 18:40

No no logs.

jon · 26 January 2023 19:20

Anything in the connection scheduler?

https://wiki.ipfire.org/configuration/network/connectionscheduler

or a scheduled firewall rule?

https://wiki.ipfire.org/configuration/firewall/rules#additional-settings

EDIT:
FWIW - there have been no direct changes to the captive portal in a few months.

xperimental · 27 January 2023 05:17

The connection scheduler has only one entry: daily reboot at 3am.

There are no firewall rules with time constaints.

Haven’t used it before October.

xperimental · 27 January 2023 05:23

I checked another firewall.

Sometimes there are entries like that:

Deleted client in use 172.25.4.41 1667474587 hours valid expires on 0 remark - Connection will be terminated

gzdgzk · 14 February 2023 13:37

I too have exactly the same issue like this. Whenever its 11PM its starts the captive portal to get broken. It will needs me to restart captivectl or firewall to gain access and back ro normal again. WAN stays connected and not affected. But for Green and Blue interfaces this is repeatedly happens every night.
And this occurs to all the IPFire versions that Ive use since 2021 up to todays release.

Hope someone will come up for at least a workaround to it.

Thanks for your great effort!

Gzdgzk

xperimental · 21 May 2023 22:02

This bug is getting on my nuts!

bonnietwin · 21 May 2023 22:16

I don’t see it in the IPFire bugzilla.

xperimental · 5 June 2023 14:10

This is also getting on my nuts. And you haven’t created a ticket for us!!! …

Whenever this issue happenes, I see the log message I’ve posted above with its strange time calculation. Just thought that it exceeded a signed 32 bit integer, but it doesn’t. This time is exactly equal 190.350 years .

bonnietwin · 5 June 2023 16:24

The cgi code for the captive portal page shows that message when a client is active and the wastebin icon has been pressed for that client in the table of active clients. It should show the IP for the client being deleted and how many hours are still valid for the connection and when it would have terminated. The Connection will be terminated is indicating that the clients connection will be stopped and the connection will no longer be valid.

The numbers you see are very odd. Maybe something has rolled over for both the hours and when it is still valid till.

Are you using T&C’s or Coupons. What expiry time did the client from that message have or were they running unlimited?

Was the client that was terminated still using the captive portal when the connection was terminated?

xperimental · 5 June 2023 16:36

I use coupons only and they never expire (unlimited).

xperimental · 5 June 2023 16:36

The captive portal page comes up again.

bonnietwin · 5 June 2023 16:45

Although the message says hours for the remaining time the number is not hours.

I just ran a client with a coupon that defined for 24 hours. After a minute or so I deleted the client by pressing the wastebin icon.

Following message was in the log:-

Deleted client in use 192.168.27.50 1685982685 hours valid expires on 86400 remark - Connection will be terminated

The hours valid number is of a similar magnitude as you had. The only difference is that I still have a number in the expires on section.

EDIT:

I re-ran the test using unlimited as you have and got the following message when deleting the active connection.

Deleted client in use 192.168.27.50 1685983619 hours valid expires on 0 remark - Connection will be terminated

So the expires on 0 in the message is related to the coupon being unlimited.

So those log messages you are seeing are when that client has been deleted in the WUI page.

Did you actively delete the client at the time the message is in the log?

xperimental · 5 June 2023 16:53

OK the remark numer is in seconds: 86.400/60/60 == 24h. So why have unlimited clients a remark of 0 and get terminated (but only within 11-12pm).