From owner-freebsd-net@freebsd.org  Sun Jan 14 06:38:54 2018
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2F6E8E7EE63
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Sun, 14 Jan 2018 06:38:54 +0000 (UTC)
 (envelope-from eugen@grosbein.net)
Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id B50C06E62D
 for <freebsd-net@freebsd.org>; Sun, 14 Jan 2018 06:38:52 +0000 (UTC)
 (envelope-from eugen@grosbein.net)
Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be
 forged))
 by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id w0E6ciJD021898
 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
 Sun, 14 Jan 2018 07:38:44 +0100 (CET)
 (envelope-from eugen@grosbein.net)
X-Envelope-From: eugen@grosbein.net
X-Envelope-To: vas@mpeks.tomsk.su
Received: from [10.58.0.4] ([10.58.0.4])
 by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTPS id w0E6cdSL033133
 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT);
 Sun, 14 Jan 2018 13:38:39 +0700 (+07)
 (envelope-from eugen@grosbein.net)
Subject: Re: Fwd: Re: Quasi-enterprise WiFi network
To: Victor Sudakov <vas@mpeks.tomsk.su>,
 Marek Zarychta <zarychtam@plan-b.pwste.edu.pl>
References: <CAOjFWZ6kYSTKmPHpQqd+ywrUNVLcG6JNzwFJYPyt5z1H4HeRUw@mail.gmail.com>
 <20180107180422.GA46756@admin.sibptus.transneft.ru>
 <52165.108.68.171.12.1515350430.squirrel@cosmo.uchicago.edu>
 <CAOjFWZ5j+ixKVc0cy6ik=BuU0nmpdUgFyePAVDouKmS=MM9vOg@mail.gmail.com>
 <20180108072035.GB52442@admin.sibptus.transneft.ru>
 <CAOjFWZ6XY2pHaVUqwSxL=hK9VdKh0ZdFMeHMdbhsDC=z8zngYw@mail.gmail.com>
 <20180113095553.GA19901@admin.sibptus.transneft.ru>
 <CAF6rxgkDugr=dcYptufVR71Fn9pdAtmxZfKe8QwQpChUN0ckTQ@mail.gmail.com>
 <20180113110739.GA20415@admin.sibptus.transneft.ru>
 <20180113144157.GA33988@plan-b.pwste.edu.pl>
 <20180114063140.GA28750@admin.sibptus.transneft.ru>
Cc: freebsd-net@freebsd.org
From: Eugene Grosbein <eugen@grosbein.net>
Message-ID: <5A5AFAEA.2010506@grosbein.net>
Date: Sun, 14 Jan 2018 13:38:34 +0700
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101
 Thunderbird/38.7.2
MIME-Version: 1.0
In-Reply-To: <20180114063140.GA28750@admin.sibptus.transneft.ru>
Content-Type: text/plain; charset=koi8-r
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=2.2 required=5.0 tests=BAYES_00, LOCAL_FROM, RDNS_NONE
 autolearn=no autolearn_force=no version=3.4.1
X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1%
 *      [score: 0.0000]
 *  1.9 RDNS_NONE Delivered to internal network by a host with no rDNS
 *  2.6 LOCAL_FROM From my domains
X-Spam-Level: **
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 14 Jan 2018 06:38:54 -0000

14.01.2018 13:31, Victor Sudakov wrote:

> Do you know how commercial captive portals handle this problem? Do they
> install their own box near every customer's AP?

No. For example, UniFi (which is Linux-based AP with iptables/ebtables)
keeps table of MAC addresses of customers passed authorization and redirects
HTTP requests of others to single portal using some kind of socket forwarding or NAT.
And portal informs AP of authorization success for a client to add its MAC to that table.