[isf-wifidog] no-nat gateway
Benoit Grégoire
benoitg at coeus.ca
Mar 14 Juil 15:17:38 EDT 2009
On July 14, 2009, Jean-Philippe Menil wrote:
> Jacob Marble a écrit :
> > Hello, I've been using the WiFiDog gateway (wrote my own auth server)
> > for about 4 months now. Things are going well.
> >
> > I would like to use wifidog on a router that does *not* have NAT
> > running. Something like:
> >
> > eth0: 192.168.0.123/16
> > eth1: 192.168.1.1/24
> >
> > with static routes, etc. I have modified the wifidog source code for
> > my needs in the past, but I'm having a hard time really following the
> > iptables tricks that wifidog plays.
> >
> > Does anyone out there use wifidog in a non-NAT router? Can you get me
> > started? Thanks in advance,
> >
> > Jake (a happy wifidog-gateway user)
> > _______________________________________________
> > WiFiDog mailing list
> > WiFiDog at listes.ilesansfil.org
> > http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
>
> Hi,
>
> why exactly don't you need nat?
>
> In wifidog, the nat have two use:
> -nat the internal adresses of the clients to the public adresse of the
> server (logic)
> -redirect the client to the authentication portal
>
> For the first one, you can route directly your client (ip route add ...)
> For the second, if it is what you want, you can try with the tproxy
> option in iptables.
Unless my memory fails me, wifidog always uses redirects, not NAT to send
clients to the gateway (and then the auth server). Though I've never tested
it personally, it should work unmodified on a network that uses normal routing.
--
Benoit Grégoire
Plus d'informations sur la liste de diffusion WiFiDog