[ previous ] [ next ] [ threads ]
 From:  "Michael Mee" <mm2001 at pobox dot com>
 To:  <m0n0wall dash dev at lists dot m0n0 dot ch>
 Subject:  a workable approach to captive portal?
 Date:  Fri, 30 Jan 2004 11:04:17 -0800
I've found someone implementing a simple captive portal that might be
candidate. Any comments on the basic approach (though of course the devil is
in the details)?

The centeral feature of my design I borrowed from nocat, is that the
redirect goes to a "special" httpd on port 5280,  this server takes not of
the origin URL and presents a special page with an "login" button.  the
login button does a cgi GET passing the "I Agree" and the URL to an https
page on the router which uses (if login mode) Authenticate: to get the
username/password, or just opens the firewall for that IP (previously
provided by DHCP).  A cron job (to be written) keeps track of the
connections and times them out by whatever method is chosen (when idle,
after a set time, etc...)

so far I have everything but the firewall manipulation and cron coded.  This
is all Linux, and a severly hacked httpd.

Now I know we don't have cron but perhaps we can fake it with an appropriate
sleep loop. Also, I assume there's no problem with, worse case, hacking a
different mini_httpd together (though it would use half our 100k memory

Then there's the firewall rule compatibility between ipfw2 and whatever
Linux uses. Anyone have info on that?

cheers, michael