[ previous ] [ next ] [ threads ]
 
 From:  "Nate Osborne" <nosborne at purchasingpower dot com>
 To:  "Lee Sharp" <leesharp at hal dash pc dot org>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Using Captive Portal offline?
 Date:  Sat, 20 Jan 2007 17:13:56 -0500
Perfect, that works great.  Thanks!

As long as I have an internet connection for DNS, this forwards all valid URLs to my local server,
through the CP.

Much appreciated!

-----Original Message-----
From: Lee Sharp [mailto:leesharp at hal dash pc dot org]
Sent: Fri 1/19/2007 6:21 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] Using Captive Portal offline?
 
From: "Nate Osborne" <nosborne at purchasingpower dot com>

> Thanks, but it looks like the FW rules are applied before it hits the 
> CP --
> so unless the client gets a valid DNS for the URL they type in ~and~ has
> permission to access that URL, the request never hits the captive portal.

There is an old NAT rule to redirect SMTP.

 <nat>
 <rule>
  <protocol>tcp</protocol>
  <external-port>25</external-port>
  <target>192.168.1.5</target>
  <local-port>25</local-port>
  <interface>lan</interface>
  <descr>redirect SMTP to LAN SMTP server</descr>
 </rule>
 </nat>


Have it redirect 80 to your web server on another interface.  It will 
trigger the CP, and still not allow outbound web.  Moreover, all outbound 
web that tries will go to your web server. 


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch