[ previous ] [ next ] [ threads ]
 
 From:  Paul Taylor <PaulTaylor at winn dash dixie dot com>
 To:  Jonathan De Graeve <Jonathan dot De dot Graeve at imelda dot be>, m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall-dev] Captive Portal Mac Pass-thru
 Date:  Mon, 20 Feb 2006 11:01:15 -0500
Yes, this answered my questions!  Thanks...  

So, since this client doesn't actually end up hitting the captive portal web
page, it never gets authenticated... This client in an appliance that
connects off to a web server on a high port.. If it had tried to hit port 80
for something, the mac pass-thru would have worked...

Paul

-----Original Message-----
From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be] 
Sent: Monday, February 20, 2006 10:12 AM
To: Paul Taylor; m0n0wall dash dev at lists dot m0n0 dot ch
Subject: RE: [m0n0wall-dev] Captive Portal Mac Pass-thru

Mac-passthrough works differently then ip-passthrough.

Ip-passthrough is statically defined at startup (or when reconfiguring)

Mac-passtrough works almost like radius-mac authentication.

When a client HITS the captive portal page it is checked if the
mac-address is contained within the mac-address database. If that's the
case, the computer may login.

So to mac-passthrough to work you first need to hit the CP page whereas
with IP-passthrough you already have access before you even hit the CP
page.

Hope, this solves your problem?

J.


> -----Oorspronkelijk bericht-----
> Van: Paul Taylor [mailto:PaulTaylor at winn dash dixie dot com]
> Verzonden: maandag 20 februari 2006 15:26
> Aan: m0n0wall dash dev at lists dot m0n0 dot ch
> Onderwerp: [m0n0wall-dev] Captive Portal Mac Pass-thru
> 
> 
> I need someone to educate me on this a bit, as I'm confused...
> 
> A month or so back, we had trouble with Mac Pass-thru.. Instead of
looking
> into why, our first troubleshooting step was to add an IP pass-thru
rule
> and
> it worked.  We were busy at the time, so we didn't think too much more
> about
> it...  Today, we added another Mac pass-thru rule for a different
device,
> and it also did not work...  We added an IP pass-thru rule and it
worked
> fine..
> 
> I had a bit of time to look into it today, so I decided to dive into
the
> code to see if I could find something wrong.
> 
> Unfortunately, I don't see how the pass-thru MAC stuff ever worked,
based
> on
> what I'm seeing now.  Perhaps I'm overlooking something.  Granted, I'm
not
> very familiar with ipfw, but from what I see, the
> captiveportal_allowedip_configure function creates a database of IP
> addresses that are allowed through and adds appropriate rules.
Similarly,
> the captiveportal_passthrumac_configure function creates a database,
but
> doesn't add any rules.  I can't locate any other code that references
> either
> the $config['captiveportal']['passthrumac'] variable or the
> captiveportal_mac.db file.
> 
> Am I missing something?  Is this feature working for anyone?  (I'm
running
> 1.21r92)
> 
> Thanks,
> Paul
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash dev dash help at lists dot m0n0 dot ch
> 
> 



---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash dev dash help at lists dot m0n0 dot ch