[isf-wifidog] WiFiDog and the Nintendo DS
Robin Jones
Robin at networkfusion.co.uk
Mar 13 Mai 12:55:05 EDT 2008
Hi Pascal, Thanks for the reply.
So would the following rule work?
FirewallRule allow tcp port 28910,29900,29901,29920,80,443 to 83.36.93.0/24
From
Robin Jones
From: wifidog-bounces at listes.ilesansfil.org [mailto:wifidog-bounces at listes.ilesansfil.org] On Behalf Of Pascal Charest
Sent: 13 May 2008 11:36
To: WiFiDog Captive Portal
Subject: Re: [isf-wifidog] WiFiDog and the Nintendo DS
Hi,
I do now know exactly how wifidog process its firewall rules, but lets say it simply craft netfilters rules and pass them to iptables.
It this case, you don't have any choices other than specifying the range since the domain-name will be resolved only to one of those addresses and your rule won't match that often.
Once again, i do not know for wifidog, but I know that iptables does work with CIDR mask (example : 192.168.1.0/24)...
Pascal
On Mon, May 12, 2008 at 7:48 PM, Robin Jones <Robin at networkfusion.co.uk> wrote:
I am trying to answer a question on the ticket system #467 (I have asked
the guy to use the mailing list, but to no avail), and yet also would
like to make this work myself...
I know about
https://dev.wifidog.org/wiki/doc/developer/SupportingDevicesWithNoWebBro
wser and the simplest way seems to be 2-Whitelist specific servers
Given the fact that these all have hostnames, can firewall rules contain
these?
If not, can you white list IP Ranges and corresponding ports?
So for example, the servers I would like to white list are as follows:
Contest.nintendo.net - 83.36.93.1 to 83.36.93.255
Contest.nintendo.net - 61.54.24.1 to 61.54.24.255
nas.nintendowifi.net - 192.195.204.1 to 192.195.204.255
gs.nintendowifi.net - 207.38.11.1 to 207.38.11.255
nus.shop.wii.com - 209.67.106.1 to 209.67.106.255
rcw.wc24.wii.com - 125.199.254.1 to 125.199.254.255
cfh.wapp.wii.com - 84.53.134.1 to 84.53.134.255
weather.wapp.wii.com A - 84.53.136.1 to 84.53.136.255
weather.wapp.wii.com B - 213.155.151.1 to 213.155.151.255
opera.com - 213.236.208.1 to 213.236.208.255
american-sk8land.com - 70.86.183.1 to 70.86.183.255
So would the corresponding firewall rules in wifidog.conf work?:
FirewallRule allow tcp port 28910, 29900,29901,29920,80,443 to
83.36.93.1-83.36.93.255
Or
FirewallRule allow tcp port 28910, 29900,29901,29920,80,443 to
Contest.nintendo.net
It has also been recommended to allow all udp traffic, would this be a
security risk?
Thanks,
Robin Jones.
_______________________________________________
WiFiDog mailing list
WiFiDog at listes.ilesansfil.org
http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
--
Pascal Charest, Free software consultant {GNU/Linux}
http://blog.pacharest.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://listes.ilesansfil.org/pipermail/wifidog/attachments/20080513/bd78f3af/attachment.htm
Plus d'informations sur la liste de diffusion WiFiDog