My guess is to put deny rule to WAN interface.

Jewell, Mike wrote:

>I'm having an issue with my captive portal.
>
>We have set up rules allowing for our Virus Quarantine network behind the
>captive portal to have access to major Antivirus and Windows update sites
>and deny traffic to all others. This part works wonderful.
>
>The problem is the firewall rules are apparently evaluated prior to the
>portal page being sent to the end users.
>
>Example 1
>	Joe has his homepage set to www.sarc.com.
>	Sarc.com is allowed by the firewall rules.
>	When Joe opens his browser he gets the portal page.
>
>Example 2
>	Bob has his homepage set to www.msn.com
>	msn.com by default deny rule is not allowed.
>	When Bob opens his browser, he gets server not found.
>	If bob then goes to www.sarc.com, portal page is brought up.
>
>
>Any suggestions on how to configure m0n0wall in such a way as to allow the
>captive portal page to be returned even when a firewall deny rule is in
>place? Any particular area of the code that deals with this?
>
>-Mike Jewell
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
>  
>