--Bill
Fragged both routers playing around with CARP remotely to write my previous mail so I can't get in right now .. but no .. I should have any .. since that's the traffic I want to limit. Everything is denied unless the client is passed-through via a mac mapping. There are NAT rules in, but all outbound traffic is stopped as per the default rules created during install.
From: Bill Marquette [mailto:[EMAIL PROTECTED]]
Sent: 12 September 2005 03:17 PM
To: support@pfsense.com
Subject: Re: [pfSense Support] Gentoo Rsync allowed past the Captive Portal
Do you have a pass any rule on that interface? It's overriding the captive portal rules (with exception to the port 80 redirect which uses different logic).
--BillOn 9/12/05, Frimmel, Ivan (ISS South Africa) <[EMAIL PROTECTED]> wrote:
HI all
So I spent most of yesterday trying to figure out why I couldn't emerge a new Gentoo box on my network, weirdly enough emerge ---sync managed to get through the captive portal … but then when it came time to d/l via ftp or wget it would start downloading and then the files would fail on MD5 hash after the " download " had completed.. I eventually realized what was going on when I did an update last night to 0.84 and saw the "foreign" machine being captured by the portal. I quickly added a captive portal mac passthrough rule and all the MD5 checksum errors when away. But why did pf let the rsync stuff through and why did it look like it was downloading stuff, all be it rubbish ? Was it just downloading the captive portal redirect URL all the time and padding the files out with the contents?
Regards,
Ivan Frimmel.
HP South Africa - Sales Specialist, Industry Standard Servers
Mobile : +27 83 409 2077
Direct: +27 11 785 1052
E-Mail and MSN Messenger: [EMAIL PROTECTED]
