[ previous ] [ next ] [ threads ]
 
 From:  Matt Juszczak <matt at atopia dot net>
 To:  David Cook <david dot cook at jetpress dot com>
 Cc:  "'mirassou at cict dot fr'" <mirassou at cict dot fr>, "'m0n0wall at lists dot m0n0 dot ch'" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] How to go up with a final M0n0Wall user (IP/MAC ad dress) in case of trouble (network attack)?
 Date:  Tue, 28 Sep 2004 11:04:38 -0400
I have a patch for 1.1 that I wrote a bit back that adds an 
"Authentication Log" feature to the source.  Modifies about 4 files.  
This log logs  "[date] username --> mac --> ip address", so that when 
someone authenticates, it tells their source IP and layer 2 address and 
logs it....

Let me know if anyone wants it, I'd have to actually do a diff on the 
sources and generate a patchset.

-Matt

David Cook wrote:

>Denis,
>
>If you turn on 'Advanced outbound NAT' then all traffic is routed, unless a
>specific NAT rule is in place for the source network of the traffic. 
>
>For portal clients to be able to access the Internet, the portal network
>would require a subnet of public IP addreses appropriately routed to the WAN
>interface of the m0n0wall firewall. 
>
>Are you planning to use DHCP logging to then indentify the portal client
>that the IP address was allocated to at the time of the reported event?
>
>  
>
>>-----Original Message-----
>>From: Denis Mirassou [mailto:mirassou at cict dot fr]
>>Sent: 28 September 2004 10:34
>>To:  m0n0wall at lists dot m0n0 dot ch
>>Subject: [m0n0wall] How to go up with a final M0n0Wall user (IP/MAC
>>address) in case of trouble (network attack)?
>>
>>
>>Hi,
>>
>>Im am testing M0n0Wall for captive portal feature primarily.
>>The objective is to set up hot spots for our students staff.
>>
>>For security purpose, we want to be able to go up with a customer in 
>>case of trouble.
>>For example, a sysadmin tells us someone xxx.xxx.xxx.xxx (from 
>>us) hacks 
>>his server on Sept 25 02:57:56.
>>
>>How can i go up with one of our wifi users considering that oubound 
>>requests are send with M0n0Wall WAN IP address ?
>>
>>I would want to get the user IP Address.
>>
>>Thanks,
>>
>>Denis
>>-- 
>>Denis Mirassou

>>Centre Interuniversitaire de Calcul de Toulouse (C.I.C.T)
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>    
>>
>
>JET PRESS LIMITED
>Nunn Close
>Huthwaite
>Nottinghamshire
>NG17 2HW
>UK
>
>Web:	www.jetpress.com
>Tel:	+44-1623-551 800
>Fax: 	+44-1623-551 175
>
>
>Confidentiality Notice 
>This message and its contents are confidential.  The contents are solely for the attention of the
recipient(s) named above and any unauthorised disclosure, copying or distribution is forbidden.  If
you are not the recipient named above, please contact the sender immediately and destroy this
message.  The views expressed in this message are those of the sender and not necessarily those of
JET PRESS LIMITED.
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
>!DSPAM:4159349c21631049114718!
>  
>