[ previous ] [ next ] [ threads ]
 From:  David Orman <david dot orman at orblivion dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  m0n0wall/captive portal/hotspot/commercial use questions
 Date:  Sat, 9 Oct 2004 01:19:06 -1000
Hi all :)

	Let me prefix this with the obligatory "I'm new to m0n0wall". I'm a 
longtime FreeBSD user, and happened to come up with an idea that 
required something like m0n0wall, and instead of re-inventing the 
wheel, I'm investigating using m0n0wall, and modifying it to suit if 
need be. Let me start by giving a quick summary of what I am doing, and 
then follow up with my questions. I have been through the archives as 
best I could to find answers (and found many, I had dozens and dozens 
of questions) and also spent time playing around with m0n0wall and a 
few spare machines/etc.

I'm planning to setup wireless access points to cover an entire state. 
These will not be free access points, however, due to the financial 
demand placed on providing that level of service. I've got to fund 
support, bandwidth, up front costs, etc.

The plan is to place a machine/antenna/network feed every X amount of 
distance, and create a wireless mesh to cover all of the area. I'm 
looking at a DS1 for each "hotspot".

In order to provide wireless service, I will have to bill customers 
monthly. I've not yet finished my market analysis, or cost analysis due 
to the variables I am trying to determine by asking my questions here, 
so I have not yet determined the pricing. However, it is irrelevant 
concerning my questions. I think this is enough background in order for 
my questions to be understood.

#1 - I am not a lawyer, and I'd rather not hire one at this time. Does 
the BSD license m0n0wall is under allow me to use it for commercial 
purposes? From my reading, I believe it does. I would just like some 
clarification for peace of mind. :)

#2 - I intend on using the captive portal feature in order to provide 
potential users with a signup page, granting them X amount of time free 
access. Once that time had elapsed, the next time they logged in it 
would provide them a place to enter payment information, and have an 
automated processing system verify their CC information, place the 
charge, and then activate their account for that month. With options to 
allow automatic charging every month until they chose not to, or to 
only one-time charge their card and close the account at the end of the 
month. Is this possible? If so - how? I didn't see it in the 
documentation, and did not see it in the archives (which are quite hard 
to go through, so it is quite possible I missed it).

#3 - Does m0n0wall tie accounts to MAC addresses (I know they are 
spoofable, but it's not a concern of mine, the minority that would go 
to all that trouble are insignificant in the big picture). For 
instance, if person 'A' signs up for an account, if he passes out his 
account info to 10 of his buddies, would it disallow them access since 
their MAC address differed? This would also prevent people from simply 
creating multiple accounts with bogus info to continually get free 
trials (remember the good ole' days with AOL? :P) If so - how?

#4 - In terms of the system, I see two embedded platforms suggested on 
the m0n0wall site. For what I am trying to do, there will be one 
ethernet feed going into the machine (WAN/net) and then wireless access 
from the machine. This is a multi-part question.

a) Would you suggest going with an internal supported wireless card, 
and running an antenna off of it or going with an access point, and 
simply putting in another ethernet in the box, and running it to the 

b) Depending on which scenario above you suggest, which platform would 
you go with? Obviously, only handling 1.5mbit worth of bandwidth, 
processing power is not going to be an issue.

This is all I have thought of so far, and I would greatly appreciate 
any responses. Again, I've searched through the archives and checked 
the documentation. It's very likely I've missed previous answers to 
these questions, but hopefully not. :) Any and all input is welcomed, 
be it answers to my questions or simply suggestions. :)

David Orman

PS - If some of this is not implemented, and there are no plans for it, 
I would be willing to attempt to implement it myself, and provide all 
changes back to the m0n0wall community, as I believe in the open source 
model. :) However, I am no coding god, so I'd obviously prefer 
something from the obviously talented team already working on m0n0wall. 
:) I applaud all of your work so far, from my testing/usage so far, I 
have been nothing but impressed.