[ previous ] [ next ] [ threads ]
 
 From:  "samuel underscore wolf at t dash online dot de" <samuel underscore wolf at t dash online dot de>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: =?UTF-8?Q?=5Bm0n0wall=5D?= Captive portal which firewall rule?
 Date:  Thu, 24 Feb 2011 16:50:15 +0100 
Here are the rules for the interface HotSpot:

Proto      Source Port   Destination    Port 	
PASS  *        *        *     HotSpot net     * 	  	
PASS  *        *        *     WAN address  * 

and here are the firewall log, m0n0wall block the access to the wan interface, but why?

PASS 23:36:08.158730    HotSpot 192.168.72.198, port 38542 192.168.72.15, port 53 UDP
PASS 23:36:08.160400    HotSpot 192.168.72.198, port 47824 192.168.72.15, port 53 UDP
BLOCK 23:36:08.224151   HotSpot 192.168.72.198, port 49445 213.xx.xx.xx, port 80 TCP
BLOCK 23:36:11.217804   HotSpot 192.168.72.198, port 49445 213.xx.xx.xx, port 80 TCP



-----Original-Nachricht-----
Subject: [m0n0wall] Captive portal which firewall rule?
Date: Thu, 24 Feb 2011 16:10:01 +0100
From: "samuel underscore wolf at t dash online dot de" <samuel underscore wolf at t dash online dot de>
To: m0n0wall at lists dot m0n0 dot ch


Hello,

using m0n0wall 1.33b2 with three network interfaces.
WAN (PPPoE)
LAN (static IP Adress)
Hotspot (Captive portal).

Problem is now, the captive portal only works if I create a firewall rule on the hotspot interface
which allow traffic from and to *all* destinations.

Dont work if I create a rule with:
"source * destination hotspot subnet *"
AND
"source * destination wan subnet *"

Whats the right firewall rule to allow all traffic ONLY to the WAN interface from the
hotspot/captive portal (after authentication)?

Samuel

----------------------------------------------------------------
Postfach fast voll? Jetzt kostenlos E-Mail Adresse @t-online.de sichern und endlich Platz für
tausende Mails haben.
http://www.t-online.de/email-kostenlos



---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch



----------------------------------------------------------------
Postfach fast voll? Jetzt kostenlos E-Mail Adresse @t-online.de sichern und endlich Platz für
tausende Mails haben.
http://www.t-online.de/email-kostenlos



----------------------------------------------------------------
Postfach fast voll? Jetzt kostenlos E-Mail Adresse @t-online.de sichern und endlich Platz für
tausende Mails haben.
http://www.t-online.de/email-kostenlos