> If you are running a routed network behind m0n0, then all m0n0 sees is
> the IP of the interface of the router connected to m0n0. That's 1 IP
> and 1 MAC. I am guessing if you authenticated one host behind it,
> then the entire network would be permitted by m0n0, because of this
> IP<-->MAC association by m0n0. There's been talk of modifying the
> captive portal and not depending on the MAC or whatnot, but that sort
> of defeats the purpose of the captive portal ;)
Not quite true...
The mono see's ALL the IP's, but only one MAC... this gets back to the case
surrounding the posting you are quoting - my desire to use the gateway as a
password protected firewall to allow users IN to a network.
The problem iirc is that in this case, the code would have to be changed to
ignore the MAC - I think Dinesh was going to look at this at some point...