[ previous ] [ next ] [ threads ]
 From:  YvesDM <ydmlog at gmail dot com>
 To:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] log visited sites of captive portal users.
 Date:  Thu, 30 Apr 2009 20:30:52 +0200
On Thu, Apr 30, 2009 at 4:42 PM, Lee Sharp <leesharp at hal dash pc dot org> wrote:

> YvesDM wrote:
>> Hi,
>> New laws in europe force us to keep track of our captive portal users.
>> I've been thinking of adding logrules on dest ports 80,443,22,etc and log
>> everything to a remote syslog server.
>> On the other hand we've got quite some hotspots and I'm afraid this will
>> generate tons of traffic.
>> Anyone who has worked out a solution already to do this with m0n0wall?
> Ask a lawyer.  Seriously...  Some of these new requirements are totally
> insane.  One bill here that may still become law will require home users to
> keep logs of everything from there home wifi router for 3 years!

Yes, I know, INSANE !!! But still we 'll have to deal with it when it
becomes law.

> A lawyer can tell you if you can just get away with using radius to track
> captive portal logins, or if you will need more.  There may be some "unfair
> burden" provisions that exempt you from some things if there are not
> supported by your existing equipment.

Yes, radius db can tell me who was logged in on a certain hotspot on a
certain time, but when there were 20 users logged in that time, we still
have a problem as we don't know who visited the "wrong" website. I
understand your way of thinking with the lawyer stuff, but really, if this
becomes law we will have to deal with this.
Official instances really won't care if those things aren't supported with
our existing equipment, they will ask us to change it so we CAN have the
necessary logfiles. I think we better start thinking/testing, wheter we like
it or not.