Detect captive portals when connecting to WiFi [$100]

Bug #1039042 reported by Daniel Fore on 2012-08-20
This bug affects 11 people
Affects Status Importance Assigned to Milestone
Captive Portal Assistant
Fix Released
Cameron Norman

Bug Description

NetworkManager doesn't quite understand train/airport/cafe/public Wifi. The network will connect, but without agreeing to the ToS I can't use any internet-hungry apps like Update Manager.

We should somehow detect these captive portals provide an app-mode instance of Midori (if it's not already open) to handle these pages.

Daniel Fore (danrabbit) on 2012-08-20
Changed in elementaryos:
importance: Undecided → Wishlist

Great work item for networkmanager and/or connman.

Would be nice if somebody told the devs about it, actually.

These are called captive portals and are really easy to detect. When you detect a new wireless connection, try and hit a URL with a 204 response (obviously something known ahead of time). If you get anything but a 204, you know you've hit a captive portal (or something similar) and present the "next step" of configuring the wireless: signing in to the wireless network.

Android does something similar and it works really well on a technical level, though it doesn't do it soon/obviously enough so I guess users miss the norification.

summary: - Handle Train/Airport Wifi
+ Detect captive portals when connecting to WiFi
Daniel Fore (danrabbit) on 2013-04-16
Changed in elementaryos:
status: New → Confirmed
description: updated
description: updated

Somewhat hacky (though possible) way of doing it outside of NetworkManager: use NetworkManager's DBus API to watch for connecting to a wireless network. Once a connection is made, try and hit an external page and detect if there's a captive portal. If not, do nothing. If there is, then prompt the user to sign in.

summary: - Detect captive portals when connecting to WiFi
+ Detect captive portals when connecting to WiFi [$25]
tags: added: bounty

Of note: this is also considered a walled garden in addition to captive portal. In case that helps anyone. Also, here is the code Android uses to do its detection:

This works because a captive portal will not return a 204 if it is rerouting traffic.

Sergio Spinatelli (spinatelli) wrote :

I'd like to remind you that also wired networks may redirect you to a login page, so this discussion regards also wired connections in my opinion.

Sergio Spinatelli (spinatelli) wrote :

I tinkered with this bug a bit, and got a solution that (seems to) work.
It simply consists in keeping the attached script in the /etc/NetworkManager/dispatcher.d directory with execution permissions.
NetworkManager runs all scripts in that directory. What the script does is:
1) check if the event is an "up" event, i.e a new connection
2) test if "" returns 204, if not we are in a walled garden
3) if we are in a walled garden, launch the default browser, trying to open, which should then "trigger" the captive portal (uses xdg-open, is it actually the best way to open a link in the default browser?)

What do you think?

Sergio Spinatelli (spinatelli) wrote :

Oooops! I tested it with sensible-browser and then uploaded it after trying xdg-open, which breaks it.. sorry! Attached there is the actually script that works! :)
Sorry again!

It should probably just open the 204 page in the browser. Also, should we get our web team to make a 204 URL so we aren't relying on Google?

Colin Watson (cjwatson) wrote :

Sounds like a good addition alongside existing things like

Sergio Spinatelli (spinatelli) wrote :

Yes it would be good to have a 204 page to not have to rely on Google.
About the opening page,if we are in a walled garden,for every page we try to load we should be redirected to the login page of the captive portal..I can easily change :)

Sergio, that's true. However, some might try and redirect you back to your previous request and not everyone will want to go to ;)

Sergio Spinatelli (spinatelli) wrote :

The linked branch already contains the modified version of the script, using instead of :)

Sergio: okay, sorry for being annoying, but could you set it to I'm also working with the web team to throw a 204 page up so we don't have to rely on an undocumented Google page. Unless you think that'd be more reliable than doing it on our own server.

Hm... After testing this some more, it assumes it's a captive portal when I just don't have any Internet connectivity (I.e. I'm on a LAN that's not connected to the Internet).

Sergio Spinatelli (spinatelli) wrote :

Cassidy, could you retry? I updated the branch :)

Sergio Spinatelli (spinatelli) wrote :

Also, I know it's not really good to rely on google provide that service, but there's also the fact that google services are (basically) always up, so unless they remove that page (thus changing the way android checks for captive portals) I think we're ok.
Changing the 204 page to look up obviously needs no effort at all :)

Daniel Fore (danrabbit) wrote :

Sergio, I registered a project page for the Captive Network Assistant. Can you move your branches there?

It should be under the ownership of elementary-apps at the moment. I'm not sure if you're a member of that team. If not, we can add you ;)

Sergio Spinatelli (spinatelli) wrote :

Thank you for adding me, I moved the script to capnet-assist, but if you also would like to have it together with the login "app", I need a bit of help for the packaging stuff. At the moment it only uses cmake.. :)

Elijah Lynn (elijah-lynn) wrote :

Just +$35'd the bounty!

Sergio Spinatelli (spinatelli) wrote :

Has anyone tried I received no feedback yet :(

Cody Garver (codygarver) on 2013-08-30
Changed in elementaryos:
milestone: none → isis-beta1
status: Confirmed → In Progress
Cody Garver (codygarver) on 2013-08-30
affects: network-manager → audience
no longer affects: audience
Cody Garver (codygarver) on 2013-08-30
Changed in elementaryos:
status: In Progress → Fix Committed
status: Fix Committed → In Progress
summary: - Detect captive portals when connecting to WiFi [$25]
+ Detect captive portals when connecting to WiFi [$60]


I have not tried Captive Network Assistant yet, mainly because I don't know how to install from source yet and haven't had the time to pursue how. That is why I put $35 in the bounty. That being said, if anyone could guide me towards installing this then I think I can spare some time now.

Elijah Lynn (elijah-lynn) wrote :


Good read on xdg-open vs gnome-open etc. =>

"xdg-open is a shell-script which works independent from the desktop-environment. It will inspect your environment and if it can detect that you are running Gnome, KDE, XFCE or LXDE it will use the correct tool from your Desktop Environment (such as exo-open under XFCE). If it can't detect your environment it will try to open the file itself. "

Elijah Lynn (elijah-lynn) wrote :

I cloned the capnet-assist repo with bzr. Installed cmake. It failed with not finding Vala, added a PPA for Vala, installed valac, and now I am at the point where it cannot find gtk3+ and webkitgtk3+. I am not entirely certain which packages I need at this point, can anyone help me out with this part of things?

"sudo apt-get install libwebkitgtk-3.0-dev " should install these two missing dependencies for you.

Elijah Lynn (elijah-lynn) wrote :

Thanks Sergey,

After I installed Webkit I was able to build and install without errors. Nothing happens when connecting to the captive portal though, I also tried restarting but no success.

Do you have any suggestions on how to debug this?

Thanks again

summary: - Detect captive portals when connecting to WiFi [$60]
+ Detect captive portals when connecting to WiFi [$75]

Hey Elijah!
Sorry I didn't answer you sooner, some stuff happened..however, try to update the source from the repository with 'bzr pull' and then reinstall the script and run 'sudo service network-manager restart'.
Try to connect to the captive portal again, but before you connect to the WiFi network run 'sudo tail -f /var/log/syslog | grep CapNetAssist'. This should show you the logs just for the NetworkManager script. :)
Sorry again for the delay in the answer :)

Cody Garver (codygarver) on 2014-04-09
Changed in elementaryos:
milestone: isis-beta1 → isis-beta2

Hi ! I would like to help solve this. Should I work on a Daily Image of Isis ? (it is the first time I contribute to an open source project)

Daniel Fore (danrabbit) wrote :

@aithamouda belaid, nope this code isn't specific to ISIS afaik. Check the related branch:

Lewis Goddard (lewisgoddard) wrote :
summary: - Detect captive portals when connecting to WiFi [$75]
+ Detect captive portals when connecting to WiFi [$100]
Lewis Goddard (lewisgoddard) wrote :

Just FYI, this is how Chrome OS has started prompting people to finish connecting. Notification links to, which should prompt a redirect.

Cody Garver (codygarver) on 2014-10-05
Changed in elementaryos:
milestone: freya-beta2 → freya+1-beta1
Daniel Fore (danrabbit) on 2015-03-04
affects: elementaryos → capnet-assist
Changed in capnet-assist:
milestone: loki-beta1 → none
assignee: nobody → Cameron Norman (cameronnemo)
status: In Progress → Fix Committed
Cody Garver (codygarver) on 2015-03-04
Changed in capnet-assist:
milestone: none → freya-rc1
Cody Garver (codygarver) on 2015-04-07
Changed in capnet-assist:
status: Fix Committed → Fix Released
Andrey Skvortsov (skv) wrote :

Hi, folks.
As I understand the problem is fixed.
$75 bounty for the problem can now be claimed.

Money goes to Cameron Norman? Inform him please.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers