From owner-freebsd-questions@FreeBSD.ORG Sat Aug 9 13:45:46 2008 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id ADB0A106564A for ; Sat, 9 Aug 2008 13:45:46 +0000 (UTC) (envelope-from keramida@ceid.upatras.gr) Received: from igloo.linux.gr (igloo.linux.gr [62.1.205.36]) by mx1.freebsd.org (Postfix) with ESMTP id 27F4E8FC1B for ; Sat, 9 Aug 2008 13:45:45 +0000 (UTC) (envelope-from keramida@ceid.upatras.gr) Received: from kobe.laptop (adsl157-83.kln.forthnet.gr [62.1.60.83]) (authenticated bits=128) by igloo.linux.gr (8.14.3/8.14.3/Debian-5) with ESMTP id m79DXwcp030028 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Sat, 9 Aug 2008 16:34:05 +0300 Received: from kobe.laptop (kobe.laptop [127.0.0.1]) by kobe.laptop (8.14.2/8.14.2) with ESMTP id m79DXwPm087531; Sat, 9 Aug 2008 16:33:58 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Received: (from keramida@localhost) by kobe.laptop (8.14.2/8.14.2/Submit) id m79DXteI087530; Sat, 9 Aug 2008 16:33:55 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) From: Giorgos Keramidas To: Svein Halvor Halvorsen In-Reply-To: <489D855C.6010903@lvor.halvorsen.cc> (Svein Halvor Halvorsen's message of "Sat, 09 Aug 2008 13:54:04 +0200") Date: Sat, 09 Aug 2008 16:33:37 +0300 Message-ID: <878wv6tiry.fsf@kobe.laptop> References: <489D855C.6010903@lvor.halvorsen.cc> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.60 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-MailScanner-ID: m79DXwcp030028 X-Hellug-MailScanner: Found to be clean X-Hellug-MailScanner-SpamCheck: not spam, SpamAssassin (not cached, score=-3.998, required 5, autolearn=not spam, ALL_TRUSTED -1.80, AWL 0.40, BAYES_00 -2.60) X-Hellug-MailScanner-From: keramida@ceid.upatras.gr X-Spam-Status: No Cc: questions@freebsd.org Subject: Re: Free wireless network (access point, router, transparent HTTP proxy setup) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 09 Aug 2008 13:45:46 -0000 On Sat, 09 Aug 2008 13:54:04 +0200, Svein Halvor Halvorsen wrote: > Hello, fellow FreeBSD-ers! > > I'd like to a good neighbor and share my DSL line and set up an > unencrypted free wireless access point. I often find myself wanting > more free access points around the city, so I thought I'd stand up > as a good example for others :-) > > I want people to know that they can use the network (easy, use ssid > "free internet"), but I want them to know that they should be nice, > and it's meant for casual browsing, and that misuse will cause a ban. > > So, what I'd like: > > 1) Setup a wireless network card in infrastructure mode, I think. > 2) Setup a DHCP server and DNS forwarder on this interface > 3) Setup routing from one interface to my other network > 4) Use a firewall to close down lots of stuff, maybe also limit > bandwith per mac-address, and a way to deny access to certain NICs. > 5) Insert a message in all text/html over HTTP, basically saying: > "Hi, guest! Feel free to use our free internet, but be nice!" And a > close-button, which I guess needs to send a POST to a http server as > well, and that I need to record this action in a database, and use > the same database to dynamically insert the message above or not. This sounds like too much work for a doubtful amount of gain. It is probably a lot easier to use ipfw or pf+altq to rate limit the bandwidth "others" can use :)