[25.7] Unable to add Fingerprint data from Captive Portal and save on allow.py

[andrea95r]

Hello to everybody.
I'm new to this distribution and I really appreciate it.

I'm studying it for university tests and purposes and I want to approach a zero trust network and log much information as possible.

I'd like to send to splunk inside allow.py with an HEC function data such as: username, client ip-mac, session ID, and fingerprint (user agent..)

I successfully implemented front.end fingerprinting on index.html web page.

Anyway I'm nable to make it works. Everytime I got this error:

Script action failed with Command '/usr/local/opnsense/scripts/captiveportal/allow.py --zoneid='0' --username='user' --ip_address='192.168.3.100' --authenticated_via='Local Database' --fingerprint='test' returned non-zero exit status 127

This is the workflow I followed:

- Edit index.html to send with ajax a stringify version of client fingerprint data
- Edit allow.py to push it → parser.add_argument('--fingerprint', help='client fingerprint JSON', type=str)
- Edit AccessController.php to pass function to 'configdpRun' with additional param
- Edit actions_captiveportal.conf with new param --fingerprint=%s (* I managed to swap double -- with only one, but didn't work for me)
- Restart everything

I checked many times each step but can't make it works.

Funny thing:
python3 /usr/local/opnsense/scripts/captiveportal/allow.py \
--username=user \
--zoneid=0 \
--ip_address=192.168.3.100 \
--authenticated_via="Local Database" \
--fingerprint='{"User+Agent":" Chrome/142.0.0.0",Language":"en-US"}'

This works, so the problem is between controller and allow.py. Am I right?

Thanks in Advance