On 10/28/05, Chris Buechler <cbuechler at gmail dot com> wrote:
> Got some feedback on this from the pfsense devs (thanks Scott and Bill)
> __Captive Portal__
> On captive portal, Scott says "the only problem was I didn't want to
> dive into the C code to extract the last time a captive portal rule
> time was hit, etc.".
sorry, a couple things I missed here.
pf doesn't do MAC filtering, so the switched-entirely-to-pf CP wasn't
exactly like the m0n0wall CP.
Because tags are used with both shaping and pf CP, it's not easy to
make CP and shaping work together in a clean fashion. You end up with
a lot of duplicate rules. This can change if:
1 - you can use ALTQ without pass rules at some point in the future, or
2 - if shaping is done as a part of firewall rules