Hi there,<br>
<br>
I have been experimenting with Wifidog (version 1.1.2-1) and have it
successfully up and running on my shiny new Linksys WRT54GL.<br>
<br>
I am now wanting to allow access to a few specific websites without the user being prompted to login.<br>
<br>
I have tried adding them to /etc/wifidog.conf in both the
FirewallRuleSet unknown-users{...} and FirewallRuleSet global {...}
rule sets to no avail. Example below (I have also tried 'allow to
<a href="http://0.0.0.0/0">0.0.0.0/0</a>' and other combos..)<br>
...<br>
FirewallRuleSet unknown-users{ <br>
FirewallRule
allow tcp port 80 to <a href="http://216.193.215.157">216.193.215.157</a> # The IP of the server I want to
be able to access<br>
FirewallRule block to <a href="http://0.0.0.0/0">0.0.0.0/0</a><br>
}<br>
<br>
It appears that something (S45Firewall?) is superceding the
FirewallRules specified in wifidog.conf. It is as if the redirect of
any port 80 requests to the auth server is happening before the
FirewallRules from Wifidog.conf are processed. I am redirected to the
login page regardless of the IP address/site I attempt to access. If I
login then access is granted as expected. [Disclaimer: I don't really
know quite what I'm talking about but have spent a fair amount of time
investigating this] <br>
<br>
The following is selected output from 'iptables -L -v' command:<br>
<br>
Chain WiFiDog_Unknown (1 references)<br>
pkts bytes target prot opt
in out
source
destination<br>
0 0
ACCEPT tcp -- any
any
anywhere
anywhere
tcp dpt:80<br>
11046 535K REJECT all --
any any
anywhere
anywhere
reject-with icmp-port-unreachable<br>
<br>
Chain WiFiDog_WIFI2Internet (1 references)<br>
pkts bytes target prot opt
in out
source
destination<br>
12902 719K WiFiDog_AuthServers all --
any any
anywhere
anywhere<br>
0 0 WiFiDog_Locked
all -- any any
anywhere
anywhere
MARK match 0x254<br>
12864 717K WiFiDog_Global all --
any any
anywhere
anywhere<br>
0 0 WiFiDog_Validate
all -- any any
anywhere
anywhere
MARK match 0x1<br>
1818 182K WiFiDog_Known all --
any any
anywhere
anywhere
MARK match 0x2<br>
11046 535K WiFiDog_Unknown all --
any any
anywhere
anywhere<br>
<br>
I have had a good look through the mailing list archives and didn't
find mention of this issue (although I can't read French) but expect I
am not the first and only person to have it.<br>
<br>
Any suggestions would be much appreciated!<br>
<br>
Thanks in advance,<br>
<br>
Tarken<br>