|
||||||||||
Sorry, I mis-inturpreted what I saw.. In fact what happens is, traffic from the 'routed' networks, does'nt make it through. They get an incomplete web page. I am told on good authourity that this is because the Portal uses the MAC address in the code. >Gave it a try, and what happens is not that hosts on routed networks are >simply allowed to pass through the portal, but instead they just get an >empty/truncated page all the time. This is because the captive portal >script bails out if it's unable to find the MAC address that corresponds to >the client's IP address. The MAC address is used in various places in the >code to serve as a unique client identifier. Obviously in a routed network >it's not possible to get the client's MAC. This may not be the end of the story ( it may be possible to modify the code ), but right now, this is the case. -----Original Message----- From: sylikc [mailto:sylikc at gmail dot com] Sent: Sunday, October 10, 2004 11:46 PM To: Andrew Frazer Cc: Mitch (WebCob); m0n0wall at lists dot m0n0 dot ch Subject: Re: [m0n0wall] Captive Portal for networks that are routed to... Andrew, > In this case I am not running any NAT, on either of Router X, or Y, or on > Mono.. Just plain old boring straight routing. In Sylikc's post from below, > I imagine he is referring to where the router is doing NAT/PAT for all the > hosts below it. In that case, his comments would be correct. I have in fact > ( by accident ), have tried that scenario, and the results suggested below > are what I observed. Well, right, I was thinking in NAT. But as Mitch pointed out, even without NAT, there would be many IPs and 1 MAC. It's because of the Layer3 routing that would obscure the the real MAC addresses of your hosts from m0n0. I wouldn't know why m0n0 would just bypass the hosts on the other networks though (I don't have that many routers to play with). /sylikc |