On 10/09/2004 23:31 Rodman Frowert said the following:
> Melvin wrote:
>> I also see how not being able to ping things there would be an issue.
>> Perhaps rather than only blocking certainly ports, a better choice
>> would be the ability to allow specific ports/protocols, which you
>> would define as whatever your choice for diagnostics would be
> Good idea! Punching a hole through the portal for it to not listen on
> certain ports while it listens on everything else in a great idea.
ideally, the captive portal blocks all access until the ToS/RADIUS is
agreed to. one can use the Allowed IP and Passthru MACs databases to allow
connections to/from specific IP addies or from specific MAC addresses
without going thru ToS/RADIUS.
to attempt to do this just based on protocols/port numbers would be
possible, but somehow it defeats the purpose of a captive portal.
Regards, /\_/\ "All dogs go to heaven."
dinesh at alphaque dot com (0 0) http://www.alphaque.com/
| for a in past present future; do |
| for b in clients employers associates relatives neighbours pets; do |
| echo "The opinions here in no way reflect the opinions of my $a $b." |
| done; done |