[isf-wifidog] Shorewall Rules for WiFiDog

Menil Jean-Philippe Jean-Philippe.Menil at univ-nantes.fr
Mar 1 Sep 10:27:18 EDT 2009 

Matthew Tavenor a écrit :
> Hello All,
> 
> I am in the process of creating new router/firewall/wifidog boxes for our 96+ Public Libraries.  Currently I am running WifiDog on an Optiplex 755 Small Form Factor running Ubuntu.  This is working out great but I am trying to merge all services/servers into one system in order to save space and keep cost down.
> 
> My question is:  Does anyone know the Shorewall rules needed to make WifiDog work on Ubuntu?
> 
> Current setup is:
> 
> Optiplex 755
> 3 Network Cards - Internet, LAN, WiFi (Internet goes to DSL/Fibre, LAN Gigabit Network, WiFi goes to Linksys WRT54G*Access Point)
> Shorewall
> Dansguardian
> Squid
> DHCP3
> WifiDog
> 
> Everything is working and routing fine, just can't get the captive portal to redirect. (Due to firewall rules)
> 
> Any help would be appreciated.  http://wifi.nlpl.ca
> 
> Thanks,
> Matt
> 
> 
> __________ Information from ESET NOD32 Antivirus, version of virus signature database 4386 (20090901) __________
> 
> The message was checked by ESET NOD32 Antivirus.
> 
> http://www.eset.com
> 
> 
> This communication, including all attachments, is intended solely for the use of the person or persons to whom it is addressed and should be treated as a confidential NLPL document.
> 
> If you are not the intended recipient, any use, distribution, printing, or copying of this email is strictly prohibited.
> 
> If you received this email in error, please immediately delete it from your system and notify the originator. Your cooperation is appreciated.
> _______________________________________________
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
Hi,

it sounds related to the nat table?

verify that you have theses rules:

iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED 
-j ACCEPT
# SNAT (MASQUERADE) sur eth0
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Where eth1 is the interface, your client are connected on.

-- 
Menil Jean-Philippe
DSI de l'Université de Nantes
tél: 02 51 12 53 92
Fax: 02 51 12 58 60
Jean-Philippe.Menil at univ-nantes.fr

Plus d'informations sur la liste de diffusion WiFiDog