From owner-freebsd-questions@FreeBSD.ORG Sun Aug 10 16:02:10 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D272B1065671 for ; Sun, 10 Aug 2008 16:02:10 +0000 (UTC) (envelope-from eculp@casasponti.net) Received: from ns2.bafirst.com (72-12-2-19.static.networktel.net [72.12.2.19]) by mx1.freebsd.org (Postfix) with ESMTP id A2DB28FC18 for ; Sun, 10 Aug 2008 16:02:10 +0000 (UTC) (envelope-from eculp@casasponti.net) Received: from casasponti.net ([201.155.7.3]) by ns2.bafirst.com with esmtp; Sun, 10 Aug 2008 11:02:08 -0500 id 000D52C4.489F1100.0000A629 Received: from localhost (localhost [127.0.0.1]) (uid 80) by casasponti.net with local; Sun, 10 Aug 2008 11:02:07 -0500 id 00130CFA.489F10FF.000146C2 Received: from dsl-189-190-8-164.prod-infinitum.com.mx (dsl-189-190-8-164.prod-infinitum.com.mx [189.190.8.164]) by pontinet.casasponti.net (Horde Framework) with HTTP; Sun, 10 Aug 2008 11:02:07 -0500 Message-ID: <20080810110207.15442ibe13re104k@pontinet.casasponti.net> Date: Sun, 10 Aug 2008 11:02:07 -0500 From: "Edwin L. Culp" To: freebsd-questions@freebsd.org References: <489D855C.6010903@lvor.halvorsen.cc> <878wv6tiry.fsf@kobe.laptop> <00d801c8fa28$d19cd010$74d67030$@za.net> In-Reply-To: <00d801c8fa28$d19cd010$74d67030$@za.net> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; DelSp="Yes"; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: quoted-printable User-Agent: Internet Messaging Program (IMP) H3 (5.0-cvs) X-Remote-Browser: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.8.1.16) Gecko/20080803 Firefox/2.0.0.16 X-IMP-Server: 201.155.7.3 X-Originating-IP: 189.190.8.164 X-Originating-User: eculp@casasponti.net Subject: RE: Free wireless network (access point, router, transparent HTTP proxy setup) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Aug 2008 16:02:10 -0000 Marcel Grandemange escribi=F3: > Sounds To Me Also too much work for little gain... > Easist would be to use a product called "Mikrotik" you will have that enti= re > system up & running in 15mins tops. > http://www.mikrotik.com/download.html > > + Runs on underspec machines perfectly as it's designed for embedded > systems. > > I always found myself using it instead of doing all the work myself becaus= e > of time constraints. > It's linux based, but everything is done through a client. > > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Giorgos Keramida= s > Sent: Saturday, August 09, 2008 3:34 PM > To: Svein Halvor Halvorsen > Cc: questions@freebsd.org > Subject: Re: Free wireless network (access point, router, transparent HTTP > proxy setup) > > On Sat, 09 Aug 2008 13:54:04 +0200, Svein Halvor Halvorsen > wrote: >> Hello, fellow FreeBSD-ers! >> >> I'd like to a good neighbor and share my DSL line and set up an >> unencrypted free wireless access point. I often find myself wanting >> more free access points around the city, so I thought I'd stand up >> as a good example for others :-) >> >> I want people to know that they can use the network (easy, use ssid >> "free internet"), but I want them to know that they should be nice, >> and it's meant for casual browsing, and that misuse will cause a ban. >> >> So, what I'd like: >> >> 1) Setup a wireless network card in infrastructure mode, I think. >> 2) Setup a DHCP server and DNS forwarder on this interface >> 3) Setup routing from one interface to my other network >> 4) Use a firewall to close down lots of stuff, maybe also limit >> bandwith per mac-address, and a way to deny access to certain NICs. >> 5) Insert a message in all text/html over HTTP, basically saying: >> "Hi, guest! Feel free to use our free internet, but be nice!" And a >> close-button, which I guess needs to send a POST to a http server as >> well, and that I need to record this action in a database, and use >> the same database to dynamically insert the message above or not. > > This sounds like too much work for a doubtful amount of gain. It is > probably a lot easier to use ipfw or pf+altq to rate limit the bandwidth > "others" can use :) Hmmm, is there a way to limit bandwidth on incoming connections with pf+altq= ? Squid, afaik, can only limit incoming web traffic. My major concern =20 would be p2p file sharing. How would you limit that? ed