[isf-wifidog] Understanding the WiFidog Firewall process

Steve Congrave steve at congrave.com
Mer 27 Jan 10:38:58 EST 2010

-----Original Message-----
From: wifidog-bounces at listes.ilesansfil.org
[mailto:wifidog-bounces at listes.ilesansfil.org] On Behalf Of Jean-Philippe
Sent: Wednesday, January 27, 2010 8:34 AM
To: WiFiDog Captive Portal
Subject: Re: [isf-wifidog] Understanding the WiFidog Firewall process

Steve Congrave a écrit :
> I'm trying to understand the WiFidog firewall process (sorry for 
> newbie questions LOL) and have read the developer docs at 
> http://dev.wifidog.org/wiki/doc/developer/FlowDiagram
> The Gateway Firewall rules (iptables) mangles the initial user request 
> and starts the auth process.
> I'm ok with this and the auth process but what I find hard to 
> understand is how is the firewall opened up for an authenticated client?
> What is the process and ruleset that allows a client that has been 
> authenticated, access through the firewall, and how is that then 
> closed down after the client has been de-authenticated (if they run 
> out of access time allowance for example)?
> I'm trying to understand the role of iptables and whether there are 
> changes made to it dynamically or if something else is tagging the 
> traffic before it hits the firewall
> Thanks for any help
> Steve


>here you can find a good map of the wifidog firewall rules:




I can see the diagram but not familiar with the Arabic text :)

So iptables chains/rulesets are static and don't change.

How can we see the list and status of users on the node so that I can
determine their 'pathway' through the iptables chains? Is this information
available or could it be logged by a hack to the source?


Plus d'informations sur la liste de diffusion WiFiDog