Firewall with bridged interfaces and captive portal
Olivier Nicole
on at cs.ait.ac.th
Wed Dec 3 19:37:18 PST 2008
Hi Chris,
> > I need to implement a firewall with bridged interfaces that offers
> > captive portal (authentication before opening the traffic).
>
> We are using a combination of squid+ipfw. Although we are NATing the
> users, that really just introduces needless complexity that could be
> avoided with a bridging solution.
>
> Our web-app/captive portal/authentication program is written in-house;
> it's very tightly integrated with several existing pieces of
> infrastructure. I don't know if there are any solutions that will work
> out-of-the-box.
>
> I can get you more technical details if this is a direction you'd be
> interested in moving.
Long time ago I have been toying with ipf (for the genral firewall)
and NoCat+ipfw for the captive portal.
But that did not work too well, so any technical information will be
appreciated :)
My long term vision is a quite integrated thing, where users that read
their email and authenticate to POP3/IMAP would be granted the access
without the need to authenticate to the web portal.
Best regards,
Olivier
More information about the freebsd-questions
mailing list