[isf-wifidog] Understanding the WiFidog Firewall process

Michael Thomas madmaiike at gmail.com
Mer 27 Jan 11:16:07 EST 2010 

Looks precisely like what I want :). I'll do my best to help out.

Michael



Le 27 janv. 2010 à 17:03, Genevieve Bastien <gbastien at versatic.net> a
écrit :

Hi Michael,

We're actually working on implementing a new token architecture that should,
in a not too distant future hopefully, allow to control all these settings.
If you'd like to help out on this one, here's some doc about what will be
implemented https://dev.wifidog.org/wiki/doc/developer/TokenArchitecture,
and we are working on a branch of the code at
https://dev.wifidog.org/svn/branches/newtoken.


-- 
Geneviève Bastien


Michael Thomas wrote:

Since the list is I'm copy I'll switch to English for everybody else :)

By timeout for users I mean a time limit per user or per node. For
instance a user is connected and denied access after 10 minutes and
won't be able to access the internet in the next 30 minutes.

That kind of mechanism.





Le 27 janv. 2010 à 16:53, Jean-Philippe Menil<jean-philippe.menil at univ-nantes.f
r> <jean-philippe.menil at univ-nantes.fr> a écrit :



 Michael Thomas a �crit :


 Bonjour Jean Philippe,
D�sol� de m'adresser directement � toi, mais je lis
souvent de tes contributions qui sont souvent pertinentes :)
Je me demandais si dans ton impl�mentation de wifidog tu avais r
�ussi � inclure le timeout pour les clients. J'ai cru
comprendre d'apr�s ce que j'ai lu que l'ABUSE_CONTROL se base en
 fait sur les infos contenues dans la base, ce qui veut dire que l
es utilisateurs se verront refuser l'acc�s � posteriori.
Correct ?
Si je peux aider � impl�menter cette fonction avec mes
maigres connaissances PHP, je serai ravi.
A bientot
Michael
2010/1/27 Jean-Philippe Menil <jean-philippe.menil at univ-nantes.fr
<mailto:jean-philippe.menil at univ-nantes.fr
<jean-philippe.menil at univ-nantes.fr>
<jean-philippe.menil at univ-nantes.fr>

   Steve Congrave a �crit :
       I'm trying to understand the WiFidog firewall process (sorry
for
       newbie
       questions LOL) and have read the developer docs at
       http://dev.wifidog.org/wiki/doc/developer/FlowDiagram
       The Gateway Firewall rules (iptables) mangles the initial user
       request and
       starts the auth process.
       I'm ok with this and the auth process but what I find hard to
       understand is
       how is the firewall opened up for an authenticated client?
       What is the process and ruleset that allows a client that
has been
       authenticated, access through the firewall, and how is that
then
       closed down
       after the client has been de-authenticated (if they run out of
       access time
       allowance for example)?
       I'm trying to understand the role of iptables and whether
there
       are changes
       made to it dynamically or if something else is tagging the
       traffic before it
       hits the firewall
       Thanks for any help
       Steve
       _______________________________________________
       WiFiDog mailing list
       WiFiDog at listes.ilesansfil.org
<mailto:WiFiDog at listes.ilesansfil.org <WiFiDog at listes.ilesansfil.org>
<WiFiDog at listes.ilesansfil.org>

       http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
   Hi,
   here you can find a good map of the wifidog firewall rules:
   http://wireless-speed.blogspot.com/2009/04/wifidog-hack-iptables-map-rules.html
   Regards.
   _______________________________________________
   WiFiDog mailing list
   WiFiDog at listes.ilesansfil.org <mailto:WiFiDog at listes.ilesansfil.org
<WiFiDog at listes.ilesansfil.org> <WiFiDog at listes.ilesansfil.org>

   http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog

 Bonjour,

pour des raisons de performances, nous n'utilisons plus la partie
serveur d'authentification de wifidog.
Mais, je ne suis pas s�r de comprendre ce que tu entends par
timeout?
Peux-tu pr�ciser?

Cordialement.
<jean-philippe_menil.vcf>


 _______________________________________________
WiFiDog mailing
listWiFiDog at listes.ilesansfil.orghttp://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog


_______________________________________________
WiFiDog mailing list
WiFiDog at listes.ilesansfil.org
http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
-------------- section suivante --------------
Une pièce jointe HTML a été nettoyée...
URL: <http://listes.ilesansfil.org/pipermail/wifidog/attachments/20100127/5e341be2/attachment-0001.htm>

Plus d'informations sur la liste de diffusion WiFiDog