On Sun, 23 May 2004, Manuel Kasper wrote:

> The captive portal just got better: we now have RADIUS authentication
> support, thanks again to Dinesh Nair! By specifying a RADIUS server,

and with thanx to jason grimm for providing a radius server to test
against.

> port and shared secret, as well as adding two input fields
> (user/pass) to your captive portal page, you can have your users

the input fields should be named auth_user and auth_pass. if the radius
server auth is enabled and if either of these two fields dont exist, then
radius authentication will always fail. this could be used to implement
simple mac filtering (though non-foolproof) behind the captive portal.

in addition to this, the captive portal allowed ip functionality now
allows specification of IPs on both sides of the captive portal.
specifying From IPs would mean that clients with this IP address would
bypass the captive portal authentication, while specifying To IPs would
mean that all unauthenticated clients would be able to access these IPs
from behind the captive portal.

Regards,                           /\_/\   "All dogs go to heaven."
dinesh at alphaque dot com                (0 0)    http://www.alphaque.com/
+==========================----oOO--(_)--OOo----==========================+
| for a in past present future; do                                        |
|   for b in clients employers associates relatives neighbours pets; do   |
|   echo "The opinions here in no way reflect the opinions of my $a $b."  |
| done; done                                                              |
+=========================================================================+