[ previous ] [ next ] [ threads ]
 
 From:  "D ced" <d underscore ced at hotmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Feature Request: Captive Portal Client Window Polling.
 Date:  Tue, 09 Nov 2004 14:08:33 +0000
Hi,

I would like to use Monowall behind a router with the captive portal 
feature.

Since version 1.2b2, it's possible to disable the mac filtering which is 
usefull in a routed environment.

However, we lower the security in this mode because IP spoofing is very 
easy. So,  why not using the Logout window as a renewal mechanism ? the HTML 
tag refresh would fire a request to the server with our unique Tag based on 
regular intervals. When the server doesn't see the request after a specific 
amount of time (equals to the idle timeout ?), monowall removes the user. So 
even if someone gets an Ip address of an authenticated user, it doesn't have 
the logout window which means that it will be kicked off after the timeout.

Some of you will argue that HTML is not secure....It's true so SSL should be 
used in the renewal request.

For a better understanding of what i've said ( English is not my mother 
toung), download & install Nocat to see how it works.

regards
Ced

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! 
http://messenger.msn.com/