Re: [m0n0wall] Doh! Captive Portal not letting LAN talk to DMZ (OPT1) without DMZ clients "accepting" to Portal Page

From:	Dave Warren <maillist at devilsplayground dot net>
To:	Dinesh Nair <dinesh at alphaque dot com>, m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Doh! Captive Portal not letting LAN talk to DMZ (OPT1) without DMZ clients "accepting" to Portal Page
Date:	Sun, 12 Sep 2004 02:06:21 -0600

Dinesh Nair wrote:

>ideally, the captive portal blocks all access until the ToS/RADIUS is agreed to. one can use the
Allowed IP and Passthru MACs databases to allow connections to/from specific IP addies or from
specific MAC addresses without going thru ToS/RADIUS.
>
>to attempt to do this just based on protocols/port numbers would be possible, but somehow it
defeats the purpose of a captive portal.
>  
>
It depends on the goal of the captive portal.  I'd love to give access 
to my domain controller's DNS server directly (to allow dynamic updates 
and a few other toys to work) but not to the domain controller itself 
until the user authenticates.

-- 
A: Maybe because some people are too annoyed by top-posting.
Q: Why do I not get an answer to my question(s)?
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?