Date: Thu, 4 Dec 2008 10:37:16 +0700 (ICT) From: Olivier Nicole <on@cs.ait.ac.th> To: ccowart@rescomp.berkeley.edu Cc: freebsd-questions@freebsd.org Subject: Re: Firewall with bridged interfaces and captive portal Message-ID: <200812040337.mB43bGHE015979@banyan.cs.ait.ac.th> In-Reply-To: <20081203222520.GA19693@hal.rescomp.berkeley.edu> (message from Christopher Cowart on Wed, 3 Dec 2008 14:25:20 -0800) References: <200812030508.mB358SUx095910@banyan.cs.ait.ac.th> <20081203222520.GA19693@hal.rescomp.berkeley.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Chris, > > I need to implement a firewall with bridged interfaces that offers > > captive portal (authentication before opening the traffic). > > We are using a combination of squid+ipfw. Although we are NATing the > users, that really just introduces needless complexity that could be > avoided with a bridging solution. > > Our web-app/captive portal/authentication program is written in-house; > it's very tightly integrated with several existing pieces of > infrastructure. I don't know if there are any solutions that will work > out-of-the-box. > > I can get you more technical details if this is a direction you'd be > interested in moving. Long time ago I have been toying with ipf (for the genral firewall) and NoCat+ipfw for the captive portal. But that did not work too well, so any technical information will be appreciated :) My long term vision is a quite integrated thing, where users that read their email and authenticate to POP3/IMAP would be granted the access without the need to authenticate to the web portal. Best regards, Olivier
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200812040337.mB43bGHE015979>