[isf-wifidog] Understanding the WiFidog Firewall process

Mer 27 Jan 10:56:33 EST 2010

Since the list is I'm copy I'll switch to English for everybody else :)

By timeout for users I mean a time limit per user or per node. For
instance a user is connected and denied access after 10 minutes and
won't be able to access the internet in the next 30 minutes.

That kind of mechanism.

Le 27 janv. 2010 à 16:53, Jean-Philippe Menil
<jean-philippe.menil at univ-nantes.f
r> a écrit :

> Michael Thomas a ï¿½crit :
>> Bonjour Jean Philippe,
>> Dï¿½solï¿½ de m'adresser directement ï¿½ toi, mais je lis
>> souvent de tes contributions qui sont souvent pertinentes :)
>> Je me demandais si dans ton implï¿½mentation de wifidog tu avais r
>> ï¿½ussi ï¿½ inclure le timeout pour les clients. J'ai cru
>> comprendre d'aprï¿½s ce que j'ai lu que l'ABUSE_CONTROL se base en
>>  fait sur les infos contenues dans la base, ce qui veut dire que l
>> es utilisateurs se verront refuser l'accï¿½s ï¿½ posteriori.
>> Correct ?
>> Si je peux aider ï¿½ implï¿½menter cette fonction avec mes
>> maigres connaissances PHP, je serai ravi.
>> A bientot
>> Michael
>> 2010/1/27 Jean-Philippe Menil <jean-philippe.menil at univ-nantes.fr <mailto:jean-philippe.menil at univ-nantes.fr
>> >>
>>    Steve Congrave a ï¿½crit :
>>        I'm trying to understand the WiFidog firewall process (sorry
>> for
>>        newbie
>>        questions LOL) and have read the developer docs at
>>        http://dev.wifidog.org/wiki/doc/developer/FlowDiagram
>>        The Gateway Firewall rules (iptables) mangles the initial user
>>        request and
>>        starts the auth process.
>>        I'm ok with this and the auth process but what I find hard to
>>        understand is
>>        how is the firewall opened up for an authenticated client?
>>        What is the process and ruleset that allows a client that
>> has been
>>        authenticated, access through the firewall, and how is that
>> then
>>        closed down
>>        after the client has been de-authenticated (if they run out of
>>        access time
>>        allowance for example)?
>>        I'm trying to understand the role of iptables and whether
>> there
>>        are changes
>>        made to it dynamically or if something else is tagging the
>>        traffic before it
>>        hits the firewall
>>        Thanks for any help
>>        Steve
>>        _______________________________________________
>>        WiFiDog mailing list
>>        WiFiDog at listes.ilesansfil.org <mailto:WiFiDog at listes.ilesansfil.org
>> >
>>        http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
>>    Hi,
>>    here you can find a good map of the wifidog firewall rules:
>>    http://wireless-speed.blogspot.com/2009/04/wifidog-hack-iptables-map-rules.html
>>    Regards.
>>    _______________________________________________
>>    WiFiDog mailing list
>>    WiFiDog at listes.ilesansfil.org <mailto:WiFiDog at listes.ilesansfil.org
>> >
>>    http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> Bonjour,
>
> pour des raisons de performances, nous n'utilisons plus la partie
> serveur d'authentification de wifidog.
> Mais, je ne suis pas sï¿½r de comprendre ce que tu entends par
> timeout?
> Peux-tu prï¿½ciser?
>
> Cordialement.
> <jean-philippe_menil.vcf>