[ previous ] [ next ] [ threads ]
 
 From:  "Robert Roosen" <rroosen at ut dot edu>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Captive Portal Problem
 Date:  Wed, 28 Sep 2005 14:21:44 -0400
I know and agree with you , my other option is to change from hard timeout
of 24 hours to inactivity timeout of 15 minutes so if an IP goes back into
the DHCP pool by the time it reassigns it captive portal would have dropped
the entry.
Robert

-----Original Message-----
From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be]
Sent: Wednesday, September 28, 2005 2:03 PM
To: Robert Roosen; m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Captive Portal Problem


Yes indeed BUT:

"I have dhcp running on a windows 2000 box with about 800 leases"

In case of the m0n0wall box, it doesn't know that the ip has been given
back.

Also, it seems like a nice option to implement in M0n0wall to also check
the leases file and get some event when dhcp client release occurs to
logout that user....

J.


--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
Jonathan dot de dot graeve at imelda dot be
-----Oorspronkelijk bericht-----
Van: Robert Roosen [mailto:rroosen at ut dot edu]
Verzonden: woensdag 28 september 2005 19:12
Aan: Jonathan De Graeve
Onderwerp: RE: [m0n0wall] Captive Portal Problem

I agree with you on someone should not be able to steal by using
someones ip
but I did not steal the IP after the person shut off or release their ip
it
went back into the DHCP pool and was issued to me when I turned on
computer
so its a legit IP.

-----Original Message-----
From: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be]
Sent: Wednesday, September 28, 2005 12:44 PM
To: Robert Roosen; m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Captive Portal Problem


This is normal behaviour since the Captive Portal tries to circumvent
the security issue what you are doing. Stealing another ones
bandwidth/access

The captive portal add a firewall rule based on the pairs IP/MAC

That's why you just can't steal an IP and use it.

J.

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
Jonathan dot de dot graeve at imelda dot be
-----Oorspronkelijk bericht-----
Van: Robert Roosen [mailto:rroosen at ut dot edu]
Verzonden: woensdag 28 september 2005 17:47
Aan: m0n0wall at lists dot m0n0 dot ch
Onderwerp: [m0n0wall] Captive Portal Problem

I have m0n0wall 1.2b10  running on a 1 gig with a gig of ram. I have
dhcp
running on a windows 2000 box with about 800 leases. The problem comes
in
when a user accepts the captive portal page and browses for 10 minutes
and
then shuts off their computer ,I turn on mine and pull the ip address
they
just had and open a browser  I do not  get the captive portal page I get
nothing. The captive portal status shows their mac address to that IP
because the hard timeout is 24 hours the system logs show /kernel: arp:
172.20.13.34 moved from 00:12:f0:5b:19:a4 to 00:0d:93:7d:c7:50 on fxp0
so it
knows that my mac now holds that ip but captive portal blocks me.I have
to
delete the entry from captive portal to be prompted by captive portal. I
had
1.1 version and dhcp running on monowall and had same problem so I took
dhcp
off.
Any help is appreciated
Robert



---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch