[isf-wifidog] port 443 allowed without authentication?

Ian White ian.white at datamile-computers.com
Sam 24 Juin 10:06:49 EDT 2006


Read http://dev.wifidog.org/wiki/doc/install/openwrt

Firewall rules ¶
If you set up your OpenWrt-powered router with a bridged network interface (default), the current firewall rules of OpenWrt do not permit to block all outgoing TCP/UDP ports except port 80 until a user has authenticated via WiFiDog's login page. 

You are going to have to disable forwarding from the bridge interface to the wan interface: 

# The following have been commented out for WiFiDog to work
# iptables -A FORWARD -i br0 -o br0 -j ACCEPT
# iptables -A FORWARD -i $LAN -o $WAN -j ACCEPT
----- Original Message ----- 
  From: Tarken Winn 
  To: WiFiDog Captive Portal 
  Sent: Saturday, June 24, 2006 1:49 PM
  Subject: [isf-wifidog] port 443 allowed without authentication?


  Hi all,

  I am running wifidog on a WRTGL. I have just discovered that although HTTP (port 80) requests are redirected to the Wifidog gateway, https (port 443) and other requests are not. This means that a user can access any https URL without logging in. I presume this problem/issue has already been resolved, but a Google search of the mailing list archives for 443 yielded no (English) results. I'd like to redirect all ports to the wifidog gateway for login status validation.

  Does anyone have any tips or suggestions?

  Cheers,

  Tarken



------------------------------------------------------------------------------


  _______________________________________________
  WiFiDog mailing list
  WiFiDog at listes.ilesansfil.org
  http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
-------------- section suivante --------------
Une pièce jointe HTML a été enlevée...
URL: http://listes.ilesansfil.org/pipermail/wifidog/attachments/20060624/34ff8e37/attachment.html


Plus d'informations sur la liste de diffusion WiFiDog