[ previous ] [ next ] [ threads ]
 From:  Adam Nellemann <adam at nellemann dot nu>
 Cc:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall-dev] Captive portal support!
 Date:  Mon, 10 May 2004 02:42:08 +0200
Hi Manuel,

As always I love to try out new features, even if I don't really have 
any use for them. So of course I installed the new beta and tried a 
simple portal setup. As I've come to expect, this new beta feature 
worked without a flaw. Great work once again, and in a single weekend too!

Of course, it wouldn't be true to my nature if I hadn't a few remarks 
anyway, so here goes:

I don't know if "real" portal admins need this, but for my home 
network it would be nice if I could allow certain hosts to access my 
WLAN without going through the portal. This way I would be able to use 
the WLAN myself, without the inconvinience of going through the 
portal, but still require my guests to use it (and thus also any 
"unwanted guests"). I can see at least two ways of do this: By 
allowing static DHCP mappings to bypass the portal, or by having a 
list on the portal page with "trusted" MAC addresses (or SSIDs or..?) 
But I wouldn't know if either is safe or smart?

I know this feature is still in its infancy, and that the following 
can probably be done better with a stand-alone "portal server" (or 
whatever?) But I'd like to have some kind of built-in authentication 
(which should of course be optional). I imagine a pair of 
user/password fields near the button on the portal page, and a 
corresponding list of users/passwords in the webGUI or something like 
that? Perhaps this could even be made in such a way, as to allow a 
stand-alone portal server to signal m0n0wall when to open or close a 
given host?

There are probably good reasons why it is currently necessary to 
re-login whenever the timeout-period has expired (if nothing else, it 
must be a pain to keep track of the per-host activity I must assume is 
necessary to implement an idle-timout scheme?) Still it would be nice 
if users didn't have to do this from time to time (especially since I 
must assume that a non-browser application, such as mail or ftp, will 
simply be disconnected with no "warning" or possibility of 

This is of course purely a matter of taste (and not of great 
importance), but I'd personally prefer to have the button centered on 
the portal page. Perhaps there could be a drop-down with a few 
placement options for this, such as Left, Right, Center or something 
like that? Or (going overboard) a marker could be used in the body 
HTML window, indicating the placement of the button (ie. the text 
[BUTTON] in the HTML window would be replaced by the actual button on 
the page).

Perhaps you could elaborate a little on your future plans (if any) for 
this feature. I for one would like to know where you plan to take 
this..? (Also it might prevent a lot of suggestions for features your 
already have planned or dismissed!)

Finally, are there any other changes since the previous beta? (Do you 
by any chance have a changelog for the beta versions somewhere on the 
m0n0wall site?)

As always: Thanks for a great product, and for taking the time to 
making it even better!