[HELP] Connecting ipfire on rasppi3b+ behind a hostel captive portal

jeff · 1 January 2022 12:54

Hello
RaspPi3b+/IPFire_2.27
In a hostel, i have a rj45 in the room.
Objective is to build my network behind ipfire for laptops who will connect via hostapd.
Wan connexion is authenticated via user/pass, captive portal from the hostel.
So :
laptops → wifi → hostapd_ipfire → lan_ipfire → lan_hostel_captive_portal → internet

How to script an automatic authentication for the hostel_captive_portal, to not have to enter user/pass each time i launch laptops?
I’m client of the hostel, i’m on a mission, I have the user/pass, renewed each month, and i need my subnet, cause differents usage/clients.

Thanks for help
Best Regards
Jeff

pmueller · 4 January 2022 21:11

Hi,

first, welcome to the IPFire community!

Hm, this depends on the captive portal they are using. Without having any details regarding it at hand, you should be able to extract some session tokens by using curl or wget, automatically conducting a POST request with your username, password, and the token.

That is, unless they implemented something like a Captcha which you cannot bypass easily without human interaction. Also, since your credentials expire every month, you will need to update them periodically as well.

Perhaps the captive portal does not require a reauthentication if IPFire is kept online all the time? If so, this would not solve the problem, but at least make it less worse…

Thanks, and best regards,
Peter Müller

jeff · 5 January 2022 17:19

Hello

Working on it, you’re right with curl/wget.
Trying to transpose this to ethernet connexion :

https://blog.rom1v.com/2011/07/authentification-automatique-a-un-reseau-wifi-avec-networkmanager/

Best Regards
Jeff

pmueller · 6 January 2022 10:12

Hi,

on your IPFire installation, there is a directory named /etc/init.d/networking/red.up/, which contains various scripts to be executed after the RED interface went up:

[root@maverick ~]# ls -lah /etc/init.d/networking/red.up/
total 68K
drwxr-xr-x 2 root root 4.0K Oct 31 17:41 .
drwxr-xr-x 4 root root 4.0K Nov 22 21:21 ..
-rwxr-xr-- 1 root root  727 Aug 10  2019 01-conntrack-cleanup
-rwxr-xr-- 1 root root  189 Aug 10  2019 10-multicast
-rwxr-xr-- 1 root root   83 Aug 10  2019 10-static-routes
-rwxr-xr-- 1 root root   47 Aug 10  2019 20-firewall
-rwxr-xr-- 1 root root 1.1K Dec 14  2019 23-suricata
lrwxrwxrwx 1 root root   36 Aug 10  2019 24-RS-qos -> ../../../../../usr/local/bin/qosctrl
-rwxr-xr-- 1 root root   80 Feb  4  2020 25-update-dns-forwarders
lrwxrwxrwx 1 root root   11 Aug 10  2019 27-RS-squid -> ../../squid
-rwxr-xr-- 1 root root   43 Aug 10  2019 30-ddns
-rwxr-xr-- 1 root root   72 Oct 31 15:35 35-guardian
-rwxr-xr-- 1 root root   45 Aug 10  2019 50-ipsec
-rwxr-xr-- 1 root root  118 Aug 10  2019 50-ovpn
-rwxr-xr-- 1 root root   54 Aug 10  2019 98-leds
-rwxr-xr-- 1 root root   71 Dec 14  2019 99-beep
-rwxr-xr-- 1 root root  209 Aug 10  2019 99-fireinfo
-rwxr-xr-- 1 root root  335 Oct 22  2019 99-geoip-database
-rwxr-xr-- 1 root root   76 Aug 10  2019 99-pakfire-update

Please refer to the man page of run-parts for details on the execution order of such structures. You should be able to place your own script there (named 99-hostel-captive for example), and it will run every time your IPFire’s RED interface goes up.

Thanks, and best regards,
Peter Müller