authpf method with a HTTP Server?
Laurent LEVIER
llevier at argosnet.com
Fri Jun 29 16:43:43 UTC 2007
Hi
At 17:58 29/06/2007, Huzeyfe Onal wrote:
>what you are trying to achieve is very is easy with using captive
>portal. But i think you want to write web interface for authpf.
>There was some discussion about authpf web interface in
>2004[1] which gives you an idea about it's feasible.
I am not familiar with captive portals.
I used WiFi term, this does not reflect the real full need.
The idea is to authenticate users passing the FW not only over a WiFi link.
So authenticating users when they build their tunnel, for example, is
too restrictive.
To me, it is either the spirit of a SSO able to authenticate only
once the user so he can build his tunnel, pass a transparent proxy
and pass FW rules,
or the same as a captive portal, but also able to work over basic
wired connectivity.
As a summ, I dont intend to prevent access to AP, but directly
control only the passthru of the Firewall with a transparent proxy.
Not sure a captive portal can do that.
I'm digging in parallel to learn more about this principle.
Thanks
Brgrds
Laurent LEVIER
Systems & Networks Senior Security Expert, CISSP CISM
More information about the freebsd-pf
mailing list