Free wireless network (access point, router, transparent HTTP proxy setup)

Edwin L. Culp eculp at
Sun Aug 10 16:02:10 UTC 2008

Marcel Grandemange <thavinci at> escribió:

> Sounds To Me Also too much work for little gain...
> Easist would be to use a product called "Mikrotik" you will have that entire
> system up & running in 15mins tops.
> + Runs on underspec machines perfectly as it's designed for embedded
> systems.
> I always found myself using it instead of doing all the work myself because
> of time constraints.
> It's linux based, but everything is done through a client.
> -----Original Message-----
> From: owner-freebsd-questions at
> [mailto:owner-freebsd-questions at] On Behalf Of Giorgos Keramidas
> Sent: Saturday, August 09, 2008 3:34 PM
> To: Svein Halvor Halvorsen
> Cc: questions at
> Subject: Re: Free wireless network (access point, router, transparent HTTP
> proxy setup)
> On Sat, 09 Aug 2008 13:54:04 +0200, Svein Halvor Halvorsen
> <svein.h at> wrote:
>> Hello, fellow FreeBSD-ers!
>> I'd like to a good neighbor and share my DSL line and set up an
>> unencrypted free wireless access point. I often find myself wanting
>> more free access points around the city, so I thought I'd stand up
>> as a good example for others :-)
>> I want people to know that they can use the network (easy, use ssid
>> "free internet"), but I want them to know that they should be nice,
>> and it's meant for casual browsing, and that misuse will cause a ban.
>> So, what I'd like:
>> 1) Setup a wireless network card in infrastructure mode, I think.
>> 2) Setup a DHCP server and DNS forwarder on this interface
>> 3) Setup routing from one interface to my other network
>> 4) Use a firewall to close down lots of stuff, maybe also limit
>> bandwith per mac-address, and a way to deny access to certain NICs.
>> 5) Insert a message in all text/html over HTTP, basically saying:
>> "Hi, guest! Feel free to use our free internet, but be nice!" And a
>> close-button, which I guess needs to send a POST to a http server as
>> well, and that I need to record this action in a database, and use
>> the same database to dynamically insert the message above or not.
> This sounds like too much work for a doubtful amount of gain.  It is
> probably a lot easier to use ipfw or pf+altq to rate limit the bandwidth
> "others" can use :)

Hmmm, is there a way to limit bandwidth on incoming connections with pf+altq?

Squid, afaik, can only limit incoming web traffic.  My major concern  
would be p2p file sharing.  How would you limit that?


More information about the freebsd-questions mailing list