[isf-wifidog] Understanding the WiFidog Firewall process
Michael Thomas
madmaiike at gmail.com
Mer 27 Jan 10:56:33 EST 2010
Since the list is I'm copy I'll switch to English for everybody else :)
By timeout for users I mean a time limit per user or per node. For
instance a user is connected and denied access after 10 minutes and
won't be able to access the internet in the next 30 minutes.
That kind of mechanism.
Le 27 janv. 2010 à 16:53, Jean-Philippe Menil
<jean-philippe.menil at univ-nantes.f
r> a écrit :
> Michael Thomas a �crit :
>> Bonjour Jean Philippe,
>> D�sol� de m'adresser directement � toi, mais je lis
>> souvent de tes contributions qui sont souvent pertinentes :)
>> Je me demandais si dans ton impl�mentation de wifidog tu avais r
>> �ussi � inclure le timeout pour les clients. J'ai cru
>> comprendre d'apr�s ce que j'ai lu que l'ABUSE_CONTROL se base en
>> fait sur les infos contenues dans la base, ce qui veut dire que l
>> es utilisateurs se verront refuser l'acc�s � posteriori.
>> Correct ?
>> Si je peux aider � impl�menter cette fonction avec mes
>> maigres connaissances PHP, je serai ravi.
>> A bientot
>> Michael
>> 2010/1/27 Jean-Philippe Menil <jean-philippe.menil at univ-nantes.fr <mailto:jean-philippe.menil at univ-nantes.fr
>> >>
>> Steve Congrave a �crit :
>> I'm trying to understand the WiFidog firewall process (sorry
>> for
>> newbie
>> questions LOL) and have read the developer docs at
>> http://dev.wifidog.org/wiki/doc/developer/FlowDiagram
>> The Gateway Firewall rules (iptables) mangles the initial user
>> request and
>> starts the auth process.
>> I'm ok with this and the auth process but what I find hard to
>> understand is
>> how is the firewall opened up for an authenticated client?
>> What is the process and ruleset that allows a client that
>> has been
>> authenticated, access through the firewall, and how is that
>> then
>> closed down
>> after the client has been de-authenticated (if they run out of
>> access time
>> allowance for example)?
>> I'm trying to understand the role of iptables and whether
>> there
>> are changes
>> made to it dynamically or if something else is tagging the
>> traffic before it
>> hits the firewall
>> Thanks for any help
>> Steve
>> _______________________________________________
>> WiFiDog mailing list
>> WiFiDog at listes.ilesansfil.org <mailto:WiFiDog at listes.ilesansfil.org
>> >
>> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
>> Hi,
>> here you can find a good map of the wifidog firewall rules:
>> http://wireless-speed.blogspot.com/2009/04/wifidog-hack-iptables-map-rules.html
>> Regards.
>> _______________________________________________
>> WiFiDog mailing list
>> WiFiDog at listes.ilesansfil.org <mailto:WiFiDog at listes.ilesansfil.org
>> >
>> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> Bonjour,
>
> pour des raisons de performances, nous n'utilisons plus la partie
> serveur d'authentification de wifidog.
> Mais, je ne suis pas s�r de comprendre ce que tu entends par
> timeout?
> Peux-tu pr�ciser?
>
> Cordialement.
> <jean-philippe_menil.vcf>
Plus d'informations sur la liste de diffusion WiFiDog