[isf-wifidog] no-nat gateway
Jean-Philippe Menil
jean-philippe.menil at univ-nantes.fr
Mar 14 Juil 03:17:56 EDT 2009
Jacob Marble a écrit :
> Hello, I've been using the WiFiDog gateway (wrote my own auth server)
> for about 4 months now. Things are going well.
>
> I would like to use wifidog on a router that does *not* have NAT
> running. Something like:
>
> eth0: 192.168.0.123/16
> eth1: 192.168.1.1/24
>
> with static routes, etc. I have modified the wifidog source code for
> my needs in the past, but I'm having a hard time really following the
> iptables tricks that wifidog plays.
>
> Does anyone out there use wifidog in a non-NAT router? Can you get me
> started? Thanks in advance,
>
> Jake (a happy wifidog-gateway user)
> _______________________________________________
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
>
Hi,
why exactly don't you need nat?
In wifidog, the nat have two use:
-nat the internal adresses of the clients to the public adresse of the
server (logic)
-redirect the client to the authentication portal
For the first one, you can route directly your client (ip route add ...)
For the second, if it is what you want, you can try with the tproxy
option in iptables.
Here is the full map of the wifidog iptables:
http://dev.wifidog.org/browser/trunk/wifidog/doc/wifidog_firewall_diagram.dia?format=raw
And here another map:
http://bp3.blogger.com/_SqhWTvnRJyY/RspVa2bYi_I/AAAAAAAAACI/JwXT_CPuLGo/s1600-h/Iptables-rule-map.jpg
Hope this help.
--
Menil Jean-Philippe
Dsi de l'Université de Nantes
tél: 02 51 12 53 92
Fax: 02 51 12 58 60
Jean-Philippe.Menil at univ-nantes.fr
Plus d'informations sur la liste de diffusion WiFiDog