[isf-wifidog] Firewall Iptables

Rob Janes janes.rob at gmail.com
Sam 25 Fév 18:02:45 EST 2006 

Max - where on the wiki?  i can't find it.  also, the wiki does not have 
a list of recent pages, or is there some well known ? string I should 
use that I don't know?

Max Horváth wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Info has been added to the WIKI ...
>
> Cheers, Max!
>
> Am 12.02.2006 um 05:52 schrieb Joe Bowser:
>
>> On Sat, 2006-02-11 at 23:32 -0500, D Frohman wrote:
>>
>>> Is it possible to block all outgoing TCP ports until a user has
>>> authenticated via Wifidog's login page?  If they just connect to the
>>> WAP they can use all ports except port 80.
>>>
>>> We tried blocking the ports in the FORWARD chain of iptables, it
>>> works, but when they authenticate the same rules apply.  Any ideas?
>>>
>>> Thanks in advance.
>>
>>
>> What are your firewall rules like?  If you are running the WiFiDog
>> software on a WRT54G running a later OpenWrt firmware, the current
>> firewall rules do not permit such behaviour.  You are going to have to
>> disable forwarding from the bridge interface to the wan interface:
>>
>> # The following have been commented out for WiFiDog to work
>> # iptables -A FORWARD -i br0 -o br0 -j ACCEPT
>> # iptables -A FORWARD -i $LAN -o $WAN -j ACCEPT
>>
>> Is this in the documentation yet?  I'm sure most of the groups that  use
>> WiFiDog are already aware of this issue, however this does need to  
>> be documented.
>>
>>
>> -- 
>> Joe Bowser <bowserj at unbc.ca>
>>
>> _______________________________________________
>> WiFiDog mailing list
>> WiFiDog at listes.ilesansfil.org
>> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.1 (Darwin)
>
> iD8DBQFD/Iqo+BKgC+eQ3ooRArGsAJ94gsNlff0TtAS07LvsbwUR+UT1pwCgm0pq
> UfD4szojWG8e+lhw4p5O5Pw=
> =3c2S
> -----END PGP SIGNATURE-----
>
>------------------------------------------------------------------------
>
>_______________________________________________
>WiFiDog mailing list
>WiFiDog at listes.ilesansfil.org
>http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
>

More information about the WiFiDog mailing list