[ previous ] [ next ] [ threads ]
 
 From:  "Michael Mee" <mm2001 at pobox dot com>
 To:  <m0n0wall dash dev at lists dot m0n0 dot ch>
 Subject:  How to add captive portal?
 Date:  Thu, 22 Jan 2004 17:50:19 -0800
I admit I'm out of my depth here when it comes to the level of hacking
required for this, but I figure I know enough to be dangerous and can kick
start this conversation, so here goes. Manuel asked
(http://m0n0.ch/wall/list/?action=show_msg&actionargs[]=25&actionargs[]=14):

"Did you check that it fits in with the rest of m0n0wall without requiring a
complete overhaul thereof? I mean - you know that ipfilter doesn't do layer
2 filtering, and that ipfw has got a kinda "reserved" function for the
traffic shaper, which must work no matter if the captive portal is on or
off. Same goes for other functions like VPN etc. of course."

Two different ways I've heard of implementing captive portals are:
1) change the filtering rules to re-direct newly leased IPs to a specific
page, then reset the rules when they're approved
2) change the DHCP server to initially supply very short leases in a
different, walled-off, subnet and then provide a new IP when they're
approved.

One problem with (2) is that someone might simply create their own static IP
in the right (2nd) range, but if (1) proves hard, maybe its a good 80%
solution?

I think NoCatSplash is an example of (1),
http://nocat.net/download/NoCatSplash/.

Perhaps a better starting point is http://www.geekspeed.net/wicap/, which is
a captive portal that runs on OpenBSD (presumably closer to FreeBSD than
Linux?).

Comments / thoughts?
cheers, michael

PS: since there's no archive for this group, I've posted this same message
at: http://socalfreenet.org/node/view/64)