[isf-wifidog] WiFiDog and the Nintendo DS

Robin Jones Robin at networkfusion.co.uk
Mar 13 Mai 12:55:05 EDT 2008 

Hi Pascal, Thanks for the reply.

 

So would the following rule work?

 

FirewallRule allow tcp port 28910,29900,29901,29920,80,443  to 83.36.93.0/24

 

 

From

Robin Jones

 

 

From: wifidog-bounces at listes.ilesansfil.org [mailto:wifidog-bounces at listes.ilesansfil.org] On Behalf Of Pascal Charest
Sent: 13 May 2008 11:36
To: WiFiDog Captive Portal
Subject: Re: [isf-wifidog] WiFiDog and the Nintendo DS

 

Hi, 

I do now know exactly how wifidog process its firewall rules, but lets say it simply craft netfilters rules and pass them to iptables. 

It this case, you don't have any choices other than specifying the range since the domain-name will be resolved only to one of those addresses and your rule won't match that often.

Once again, i do not know for wifidog, but I know that iptables does work with CIDR mask (example : 192.168.1.0/24)...  

Pascal

On Mon, May 12, 2008 at 7:48 PM, Robin Jones <Robin at networkfusion.co.uk> wrote:

I am trying to answer a question on the ticket system #467 (I have asked
the guy to use the mailing list, but to no avail), and yet also would
like to make this work myself...

I know about
https://dev.wifidog.org/wiki/doc/developer/SupportingDevicesWithNoWebBro
wser and the simplest way seems to be 2-Whitelist specific servers

Given the fact that these all have hostnames, can firewall rules contain
these?

If not, can you white list IP Ranges and corresponding ports?

So for example, the servers I would like to white list are as follows:

Contest.nintendo.net - 83.36.93.1 to 83.36.93.255
Contest.nintendo.net - 61.54.24.1 to 61.54.24.255
nas.nintendowifi.net - 192.195.204.1 to 192.195.204.255
gs.nintendowifi.net - 207.38.11.1 to 207.38.11.255
nus.shop.wii.com - 209.67.106.1 to 209.67.106.255
rcw.wc24.wii.com - 125.199.254.1 to 125.199.254.255
cfh.wapp.wii.com - 84.53.134.1 to 84.53.134.255
weather.wapp.wii.com A - 84.53.136.1 to 84.53.136.255
weather.wapp.wii.com B - 213.155.151.1 to 213.155.151.255
opera.com - 213.236.208.1 to 213.236.208.255
american-sk8land.com - 70.86.183.1 to 70.86.183.255

So would the corresponding firewall rules in wifidog.conf work?:

FirewallRule allow tcp port 28910, 29900,29901,29920,80,443  to
83.36.93.1-83.36.93.255

Or

FirewallRule allow tcp port 28910, 29900,29901,29920,80,443  to
Contest.nintendo.net


It has also been recommended to allow all udp traffic, would this be a
security risk?



Thanks,


Robin Jones.


_______________________________________________
WiFiDog mailing list
WiFiDog at listes.ilesansfil.org
http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog




-- 
Pascal Charest, Free software consultant {GNU/Linux}
http://blog.pacharest.com 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://listes.ilesansfil.org/pipermail/wifidog/attachments/20080513/bd78f3af/attachment.htm

Plus d'informations sur la liste de diffusion WiFiDog