[ previous ] [ next ] [ threads ]
 
 From:  Adam Nellemann <adam at nellemann dot nu>
 Cc:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall-dev] Beta 1.1b8
 Date:  Sun, 16 May 2004 18:59:09 +0200
Hi Manuel,

I'm really looking forward to try out this latest beta!


> Thanks to Dinesh Nair, it's now possible to exempt particular client
> MAC addresses from the captive portal (meaning that they are always
> allowed access without seeing the portal page - they have to make an
> HTTP request first though because of the way ipfw layer 2 filtering
> works), and also to allow access to certain IP addresses without
> going through the portal.

Is there ANY chance that you will find a workaround to this ipfw 
limitation? Would it perhaps be possible to avoid this issue if the 
check was done on the IP instead of the MAC?

It really would make the portal much more useful if a client on the 
"exemption list" really was exempted from any kind of access 
limitations otherwise imposed by the portal.

Personally, I feel that it would be a smaller price to pay, having to 
add a static DHCP mapping for such exempted clients, rather than 
requiring such users to ensure that their first request be of the HTTP 
verarity. After all, typically you will only have a few such exempted 
clients, compared to the number of non-exempted clients.

Well, just a thought anyway. I assume that "serious" portal admins 
could simply add an extra interface, specifically for their exempted 
clients (not really an option for me personally though, but then 
again, I'm hardly a "serious" portal admin!)


Adam.