[ previous ] [ next ] [ threads ]
 From:  Lee Sharp <leesharp at hal dash pc dot org>
 To:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Hotspot Billing
 Date:  Sat, 27 Feb 2010 09:02:32 -0600
Frederic J. Breitwieser wrote:
>>> Note that this only works if they do http traffic first.  
>>> Go to a secure website (https) first, it they will not 
>>> authenticate.  You might consider allowed IP addresses, 
>>> and static DHCP assignments.
> For lack of a better idea, my portal.html in my m0n0wall uses an HTTP
> redirect to a server that's one IP address away, bringing the
> not-authenticated user to a "pay now" screen, and various fields to enter to
> collect dollars.  Upon paying, which I can handle through my bank's API
> "kit", I need to somehow tell m0n0wall to let them through - preferably MAC
> address as that would always match the device if they get disconnected and
> immediately reconnect.

Cutting the rest...  Wow!  Rube Goldburg comes to mine. :)  Why not just 
put your payment system in "Allowed IP addresses, and a link to that 
payment system on your login page?    The login in page would be, "Login 
Here, or pay for an account Here."  At the end of buying an account, you 
go back to http://gateway-address:8000 and use that new login.  It then 
authenticates against the radius database and works for however long you 

All the parts are there, and you don't need to reinvent this mac stuff.