I would like to use Monowall behind a router with the captive portal
Since version 1.2b2, it's possible to disable the mac filtering which is
usefull in a routed environment.
However, we lower the security in this mode because IP spoofing is very
easy. So, why not using the Logout window as a renewal mechanism ? the HTML
tag refresh would fire a request to the server with our unique Tag based on
regular intervals. When the server doesn't see the request after a specific
amount of time (equals to the idle timeout ?), monowall removes the user. So
even if someone gets an Ip address of an authenticated user, it doesn't have
the logout window which means that it will be kicked off after the timeout.
Some of you will argue that HTML is not secure....It's true so SSL should be
used in the renewal request.
For a better understanding of what i've said ( English is not my mother
toung), download & install Nocat to see how it works.
Express yourself instantly with MSN Messenger! Download today it's FREE!