From owner-freebsd-questions@FreeBSD.ORG Sat Aug 9 14:24:15 2008 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6CBD91065672 for ; Sat, 9 Aug 2008 14:24:15 +0000 (UTC) (envelope-from matthias.apitz@oclc.org) Received: from hunter.Sisis.de (hunter.sisis.de [193.31.11.194]) by mx1.freebsd.org (Postfix) with ESMTP id AFF638FC0C for ; Sat, 9 Aug 2008 14:24:14 +0000 (UTC) (envelope-from matthias.apitz@oclc.org) Received: (from mail@localhost) by hunter.Sisis.de (8.8.8/8.8.8) id QAA10555; Sat, 9 Aug 2008 16:09:24 +0200 (CEST) (envelope-from matthias.apitz@oclc.org) Received: from ppp-62-216-221-239.dynamic.mnet-online.de(62.216.221.239) by hunter.Sisis.de via smap (V2.1) id xma010517; Sat, 9 Aug 08 16:09:16 +0200 Received: (from guru@localhost) by rebelion.Sisis.de (8.14.2/8.13.8/Submit) id m79EHHWC012695; Sat, 9 Aug 2008 16:17:17 +0200 (CEST) (envelope-from matthias.apitz@oclc.org) X-Authentication-Warning: rebelion.Sisis.de: guru set sender to matthias.apitz@oclc.org using -f Date: Sat, 9 Aug 2008 16:17:17 +0200 From: Matthias Apitz To: Giorgos Keramidas Message-ID: <20080809141717.GB12190@rebelion.Sisis.de> References: <489D855C.6010903@lvor.halvorsen.cc> <878wv6tiry.fsf@kobe.laptop> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <878wv6tiry.fsf@kobe.laptop> User-Agent: Mutt/1.4.2.3i X-Operating-System: FreeBSD 7.0-RELEASE (i386) Cc: Svein Halvor Halvorsen , questions@freebsd.org Subject: Re: Free wireless network (access point, router, transparent HTTP proxy setup) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Matthias Apitz List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 09 Aug 2008 14:24:15 -0000 El día Saturday, August 09, 2008 a las 04:33:37PM +0300, Giorgos Keramidas escribió: > On Sat, 09 Aug 2008 13:54:04 +0200, Svein Halvor Halvorsen wrote: > > Hello, fellow FreeBSD-ers! > > > > I'd like to a good neighbor and share my DSL line and set up an > > unencrypted free wireless access point. I often find myself wanting > > more free access points around the city, so I thought I'd stand up > > as a good example for others :-) > > > > I want people to know that they can use the network (easy, use ssid > > "free internet"), but I want them to know that they should be nice, > > and it's meant for casual browsing, and that misuse will cause a ban. > > > > So, what I'd like: > > > > 1) Setup a wireless network card in infrastructure mode, I think. > > 2) Setup a DHCP server and DNS forwarder on this interface > > 3) Setup routing from one interface to my other network > > 4) Use a firewall to close down lots of stuff, maybe also limit > > bandwith per mac-address, and a way to deny access to certain NICs. > > 5) Insert a message in all text/html over HTTP, basically saying: > > "Hi, guest! Feel free to use our free internet, but be nice!" And a > > close-button, which I guess needs to send a POST to a http server as > > well, and that I need to record this action in a database, and use > > the same database to dynamically insert the message above or not. > > This sounds like too much work for a doubtful amount of gain. It is > probably a lot easier to use ipfw or pf+altq to rate limit the bandwidth > "others" can use :) To the OP: Be aware that depending on the local laws you might (will) be responsible if the NATed IP is used in criminal affairs (downloads, child porno, etc.); at least the local authorities will ask you who used that IP and take your complete system with them for further investigations, scanning your logs and disks; even if it is a nice idea and you have good neighbors, I would not do that here in Germany; matthias -- Matthias Apitz Manager Technical Support - OCLC GmbH Gruenwalder Weg 28g - 82041 Oberhaching - Germany t +49-89-61308 351 - f +49-89-61308 399 - m +49-170-4527211 e - w http://www.oclc.org/ http://www.UnixArea.de/ b http://gurucubano.blogspot.com/ We should all learn from the peoples of The Netherlands, France and Ireland. Aprendamos todos de los pueblos de Holanda, Francia e Irlanda.