[ previous ] [ next ] [ threads ]
 
 From:  sylikc <sylikc at gmail dot com>
 To:  Krzysztof Syguda <krzys at wroclaw dot dialog dot net dot pl>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] wishlist
 Date:  Wed, 23 Mar 2005 09:59:36 -0800
Krzysztof,

> Is it possible to add to the m0n0wall
> 1. walled garden in captive portal - policy for unauth users -block/allow
> IP/ports

That sounds kind of complicated, but surely would be useful. 
Currently it just blocks any and all traffic, but having certain rules
wouldn't be bad.  You could use the passthru IPs and stuff along with
some rules to get things going kinda.

I posted another request quite awhile back that also included having
the MAC passthrough and not require hosts actually hitting a web page
(for routers without a browser) but that's not changed yet...
http://m0n0.ch/wall/list/?action=show_msg&actionargs[]=110&actionargs[]=37


> 2. "Forward" rule to the firewall rule set?

This request sounds much like NAT.  Rather than having a forward
firewall rule, the current way to have it set up is to set up a NAT
port, where an external WAN port (or range) forwards traffic into an
internal host port (or range).  Then, a matching firewall permit rule
is inserted to actually allow the traffic to be passed.  This allows
more flexibility than a straight forward rule.


/sylikc