[ previous ] [ next ] [ threads ]
 
 From:  "Mohammed Ismail" <m dot ismael at gmail dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Cc:  "'Mohammed Ismail'" <m dot ismael at gmail dot com>
 Subject:  RE: bridge while captive portal is on.
 Date:  Thu, 17 Sep 2009 21:51:59 +0200
Well now I have Captive portal running on 2 physical interfaces xl1 and ath0

I use dhcp on beridge interface to assign IPs 

I have 10.10.10.1/16 IP range 

I got i.e 10.10.20.1 255.255.0.0 df.gw 10.10.10.1

When I try to ping any of my APs that is physically connected to LAN 'xl1' 

But they has static ips on each one. 10.10.100.1 2 3 /16

I get request timed out. But when I type in cmd (arp -a) I can see the right
mac address of the AP with it's ip but I still cannot bing it .

I checkd with status.php > ipfw show

This is some of it 

01000 236597 122094018 skipto 50000 ip from any to any not layer2 not via
bridge0
01001 240524 123850699 allow ip from any to any layer2 not via bridge0
01100    540     19908 allow ip from any to any layer2 mac-type 0x0806
01101    626    154510 deny ip from any to any layer2 not mac-type 0x0800
01102 278404 134969880 skipto 20000 ip from any to any layer2
01200     81     27506 allow udp from any 68 to 255.255.255.255 dst-port 67
in
01201      7      2586 allow udp from any 68 to 10.10.10.1 dst-port 67 in
01202     22      7216 allow udp from 10.10.10.1 67 to any dst-port 68 out
01203     18      1008 allow icmp from 10.10.10.1 to any out icmptypes 8
01204      5       384 allow icmp from any to 10.10.10.1 in icmptypes 0
01300   1911    140741 allow udp from any to 10.10.10.1 dst-port 53 in
01301   1906    251319 allow udp from 10.10.10.1 53 to any out
01302    794     63792 allow tcp from any to 10.10.10.1 dst-port 8000 in
01303    946    754347 allow tcp from 10.10.10.1 8000 to any out

 

I could not fully understand them, is it one of them blocking ICMP ping?

This is the interfaces I have>

fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=8<VLAN_MTU>
        inet6 fe80::2d0:xxx:xxx:xxx%fxp0 prefixlen 64 scopeid 0x1
        ether 00:d0:b7:xx:xx:xx
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=9<RXCSUM,VLAN_MTU>
        inet6 fe80::204:xxx:xxx:xxx%xl0 prefixlen 64 scopeid 0x2
        inet 196.202.79.225 netmask 0xfffffff8 broadcast 196.202.79.231
        ether 00:04:75:xx:xx:xx
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
ath0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        inet6 fe80::221:xxx:xxx:xxx%ath0 prefixlen 64 scopeid 0x3
        ether 00:21:27:xx:xx:xx
        media: IEEE 802.11 Wireless Ethernet autoselect mode 11b <hostap>
        status: associated
        ssid SOL channel 1 bssid 00:21:27:xx:xx:xx
        authmode OPEN privacy OFF txpowmax 39 bmiss 7 protmode CTS burst
        dtimperiod 1 bintval 100
xl1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        options=9<RXCSUM,VLAN_MTU>
        inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
        inet6 fe80::2c0:xxx:xxx:xxx%xl1 prefixlen 64 scopeid 0x4
        ether 00:c0:4f:xx:xx:xx
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
enc0: flags=41<UP,RUNNING> mtu 1536
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
ng0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu 1492
        inet6 fe80::2d0:b7ff:fe6a:2260%ng0 prefixlen 64 scopeid 0x7
        inet 196.xxx.xxx.xxx --> 163.xxx.xxx.xxx netmask 0xffffffff
ng1: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
ng2: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
ng3: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
ng4: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
ng5: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
ng6: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
ng7: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
ng8: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
ng9: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
ng10: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
ng11: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
ng12: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
ng13: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
ng14: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
ng15: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
ng16: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        inet 10.10.10.1 netmask 0xffff0000 broadcast 10.10.255.255
        ether 92:73:3a:2f:fd:c3
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto stp maxaddr 100 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: xl1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
        member: ath0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>

 

it seems I am missing some thing here 

 

regards,

Mohammed