php - pfSense 2.3.4 Captive Portal TCP Handshake IP dominating cURL custom IP -
working on external captive portal page.
i uploaded page on pfsense machine (captive portal), redirects on custom server-page authentication.
my purpose authenticate on captive portal via own external server page.
redirection page (which uploaded pfsense)
<script> document.write('<style>.noscript { display:none }</style>'); </script> <form action="http://192.168.1.2" method="post" id="redirectform"> <input type="hidden" name="client_mac" value="$client_mac$"> <input type="hidden" name="client_ip" value="$client_ip$"> <input name="action" type="hidden" value="$portal_action$"> <input name="redirurl" type="hidden" value="$portal_redirurl$"> <span class="noscript">javascript disabled, click <input name="submitx" type="submit" value="continue" /> </span> </form> <script type="text/javascript"> function doredirect () { var frm = document.getelementbyid("redirectform"); frm.submit(); } window.onload = doredirect; </script>
my customized page
<form method='post' action='goestomycontrollerurl'> <div class="form-horizontal"> <button type="submit" class="col-sm-12 btn btn-primary">submit</button> </div> </form>
here's thing: need authenticate client on captive portal curl script, because form needs uploaded html or php file onto pfsense machine. customization , library usage purposes (freebsd doesn't support many software libraries , packages) i'm putting effort authenticate users pfsense captive portal on external server.
pfsense curl authentication controller (my external server-side)
<?php $ch = curl_init( $url ); curl_setopt( $ch, curlopt_post, true); curl_setopt( $ch, curlopt_postfields, $data); $exec = curl_exec( $ch ); curl_close ($ch); ?>
this 1 working quite too. here's problem:
pfsense captive portal ip: 192.168.1.1 external server ip: 192.168.1.2 client machine: 192.168.1.3
real problem: after portal login attempt 192.168.1.3, check out captive portal web 192.168.1.1 , instead of 192.168.1.3, 192.168.1.2 seen authenticated.
external server being authenticated on captive portal because curl being executed on machine. i need client machine authenticated.
workarounds:
1. yes, know http header requests can changed curl options like:
curl_setopt( $ch, curlopt_httpheader, array("remote_addr: ".$ip, "x_forwarded_for: ".$ip));
but it's not working because curl going through high level protocol. handshake being made tcp protocol.
2.using proxies squid not work either. time pfsense authenticates proxy server instead of client machine (transparent, on, etc options did not work me).
don't want go plain php pages upload them on pfsense machine.
appreciated.
Comments
Post a Comment