Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - eagle2

Pages: [1] 2
Captive Portal / Re: [Software] Web-based voucher management
« on: October 03, 2017, 03:23:33 pm »
Hi Aysman,

I'm actually still somewhat maintaining this since it seems to be quite popular in the German community, so it should generally work. Having said that, the code is really messy, not properly documented and some bits are only in German... Anyway, the "" contains the MySQL database credentials and the name of the database to be used. The error means that there's something wrong in there, probably with the name of the database. Please check the contents of the file, it should generally look like this:

Code: [Select]
@mysql_connect('localhost''username''password') or die("Verbindung zu MySQL gescheitert! Connection to MySQL failed!");
mysql_select_db('databasename') or die("Datenbankzugriff gescheitert! Access to database failed!");
if (!isset(
$lang = new aLang("main""en");

Captive Portal / Re: Captive Portal to Delete MAC after voucher Expire
« on: November 04, 2015, 03:23:40 am »
For some reason, it should work as you expect it if both "auto MAC-passthrough" checkboxes are checked. Sadly, this is still documented nowhere...

Captive Portal / Re: Print Roll Formatted
« on: October 29, 2015, 08:07:16 am »
Well, the vouchergen thing linked above prints into PDF on itself, using fPDF. That doesn't work with unicode chars. So, I replaced that with tFPDF. What you mentioned is actually configurable via GUI (also paper formats, like the US letter vs A4 etc.), but...
- the level of integration with pfSense is exactly zero (beyond importing of the voucher rolls).
- the code is buggy like hell (I made only the very essential fixes to make it run on actually maitained PHP versions.)
- all the comments are in German;
- it uses MySQL as storage.

Don't have time for that, certainly not unless someone produces a reasonable bounty. Plus, until the 2.3 code gets stabilized, it's just a waste of time.

Hi everyone,

I'm the guy who developed the vouchergen thing ;). I'm well aware of the current problems, and will fix at least some stuff since it seems to be somewhat popular in Germany (it was initially developed just for a single use case and I decided to share it afterwards...). Someone actually built something based on some code of my script which integrates into pfSense:

Still not integrated as package or something, but probably closer than my "integration"...

He is probably using my software using his NAS as webspace and had difficulties finding the user frontend to request a code via SMS (which was my fault, I forgot to include it in the latest revision). I just realized that I answered his (quite more specific) question on (or the same question from a user with the same username  ;) ).


I assume that you are from Germany (nickname etc)? If not, I'm sorry, if so, take a look at this tutorial:

I've included English instructions as well in the zip-File, you can download the latest version here:

Best wishes,


I built something like this where you have to be in a certain facebook group to log in. It is (kinda) working, but

  • the portal page has to redirect to an internet portal page, so when the internet connection is down, so is your captive portal
  • the much bigger problem: you need to allow/whitelist the ip range of facebook and akamai (for stylesheets etc), and that is almost impossible. I tried to list everything, but I haven't covered everything and my workaround right now is to override, etc with IPs which are known to belong to facebook and explicitly allowed in the portal. This is a really "quick'n'dirty" solution and may not work forever

Captive Portal / Re: Facebook WLAN with PfSense
« on: July 11, 2014, 02:50:06 pm »

the facebook wifi solution is not working with pfSense, you need to have a special router for this (see

There are some people who tried to build it by themselves. The basic thing you need to do is allow the IP range of facebook and then add "Login with facebook" to your portal page. I am experimenting with this by myself, I'll post something here if it is working ;)

Best wishes,


"offline generating" of vouchers as such is not possible, pfSense needs to now somehow which vouchers are valid and which are not...

Maybe setting up a VPN to the pfSense-Box could help? Someone created a REST API for pfSense Vouchers (, you could build something on top of that, but you still need access to pfsense though...

Best regards (or "Viele Grüße"  ;)),

Hi Gertjan,

I have a little more question; il there a secure way to generate voucher codes offline (i.e. on another system than PFsense) ? I have found that but I can't get it working and I do not know how it works.

So have you ever done that ? And if it is can you point me to the rigth way ?



this is the software I developed, and it is not able to create the vouchers offline. In fact you need to create the vouchers in pfSense (just create a huge number of them so you don't have to do this often), export the .csv and import it into the software. There is a PDF File included which explains how to use it. After you imported vouchercodes into the software, you can generate a PDF file for easy printing and cutting. ;)

Best regards,

Captive Portal / Re: Authorize CP user from another server
« on: May 26, 2014, 03:13:58 am »

look at this thread:

(and please reply if you get it to work, I can't test it right now and there seems to be trouble with the solution posted there...)

Best wishes,

« on: May 26, 2014, 03:01:59 am »

you should be able to do this by setting up the freeradius package (see and then setting bandwith limits for the radius users. Then you can use the captive portal with radius auth or - if your access points support the speed limit - set up radius auth (WPA2-Enterprise) directly on the access points.

Best wishes,

Captive Portal / Re: Vouchers unlimited time
« on: May 21, 2014, 04:06:56 am »
Hey gio,

you could use "Automatic MAC Pass-Through addition" to automatically add the MACs of the users to the Pass-Through table. Although it is not really documented, if you select only one of the two check boxes, the MAC address is added and never deleted; when selecting both check boxes it should add the MAC and delete it after the voucher expires.

Captive Portal / Re: Captive portal vouchers not valid on slave
« on: May 21, 2014, 02:56:20 am »

thanks guys......had it worked;

= got to make the same zone throughout

The zones in both master and slave have to have the same name... (sadly again that the documentation seems to lack this -.-)

Deutsch / Re: Problem mit Facebookanmeldung im Captive Portal
« on: April 30, 2014, 09:14:54 am »
Hallo Alex,

ich habe das ganze gerade mal ausprobiert, und bei mir hat es funktioniert! Ich habe einfach alle IP-Adressen/Netze wie unter aufgeführt unter "Allowed IPs" hinzugefügt, zusätzlich noch eine Testseite von mir freigegeben, und dort dann Login mit Facebook erfolgreich durchgeführt. Login in pfSense habe ich allerdings noch nicht eingebaut, wie hattest du denn die Übergabe zu pfSense bzw. zum Captiveportal implementiert?

Viele Grüße,

Captive Portal / Re: Vouchers spanning multiple days - Thanks
« on: April 16, 2014, 04:03:18 am »
Answer on "is this feature documented somewhere" ;)...

Pages: [1] 2