[ previous ] [ next ] [ threads ]
 From:  "=?ISO-8859-1?Q?R=F6nnblom_Jan=E5ke_?= /Teknous" <jan dash ake dot ronnblom at skeria dot skelleftea dot se>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  patch for captiveportal and file locking problems
 Date:  Wed, 12 Dec 2007 17:01:46 +0100

Attached is a patch for a few problem that have plauged us for a long time. 

We have had problems with session that have vanished from the CP database but
the firewall rules were left behind. The cause of this
seems to be the locking of the CP database which only lasts for 10 seconds then
the lock is considered stale and broken. However if
you run a slow computer or a loaded CP machine you will have both
prunecaptiveportal and login processes running at the same time
for more than 10 seconds. This will cause a dataloss for you so the user seem
to be logged off or removed from the CP database
but no message is written to syslog and the rules aren't removed from ipfw.

The patch also "fixes" a problem with users that logon and dont send any
trafic. This is a special case for me during my testing and Im
not sure if its something you can encounter in production.

I also "fixed" a problem in the prune_captiveportal where we dont iterate over
all users when trying to logg them off or update the

The patch is in a diff format.

Hopefully this patch will make my problems go away and not create anymore ;)

Janåke Rönnblom
IT avdelningen, Teknous, Skellefteå Kommun
Assistentgatan 23
931 77 Skelleftea (Sweden)
Phone  : +46-910-58 54 24
Mobile : 070-397 07 43
Fax    : +46-910-58 54 99
URL    : http://skeria.skelleftea.se
"Those who do not understand Unix are condemned to reinvent it, poorly." --
Henry Spencer