hi Amuza
In order to work with LiMe 1607, you need this version of nodogsplash:
opkg install
http://chef.altermundi.net/downloads/r44952/ar71xx/packages/routing/nodogsp…
and the config file that goes with it is below. the reason for this is
that the original nodogsplash can't deal with the multiple gateway
interfaces of Lime.
bruno
=====================================
GatewayInterface br-lan
GatewayInterfaceExtra bmx+
GatewayInterfaceExtra2 anygw
FirewallRuleSet authenticated-users {
FirewallRule allow to 0.0.0.0/0
}
FirewallRuleSet users-to-router {
# Nodogsplash automatically allows tcp to GatewayPort,
# at GatewayAddress, to serve the splash page.
# However you may want to open up other ports, e.g.
# 53 for DNS and 67 for DHCP if the router itself is
# providing these services.
FirewallRule allow udp port 53
FirewallRule allow tcp port 53
FirewallRule allow udp port 67
# You may want to allow ssh, http, and https to the router
# for administration from the GatewayInterface. If not,
# comment these out.
FirewallRule allow tcp port 22
FirewallRule allow tcp port 80
FirewallRule allow tcp port 443
}
# end FirewallRuleSet users-to-router
FirewallRuleSet preauthenticated-users {
# For preauthenticated users to resolve IP addresses in their initial
# request not using the router itself as a DNS server,
# you probably want to allow port 53 udp and tcp for DNS.
FirewallRule allow tcp port 53
FirewallRule allow udp port 53
# For splash page content not hosted on the router, you
# will want to allow port 80 tcp to the remote host here.
# Doing so circumvents the usual capture and redirect of
# any port 80 request to this remote host.
# Note that the remote host's numerical IP address must be known
# and used here.
#change the IP for the address of the gateway router
FirewallRule allow tcp port 80 to 10.7.122.55
}
# end FirewallRuleSet preauthenticated-users
EmptyRuleSetPolicy preauthenticated-users passthrough
EmptyRuleSetPolicy users-to-router passthrough
#change the IP for the address of the gateway router
GatewayName 10.7.122.55:80
#GatewayPort 80
MaxClients 500
ClientIdleTimeout 720
ClientForceTimeout 14400
#change the range for the ip range of your mesh network
GatewayIPRange 10.7.0.0/16
EnablePreAuth yes
#change to the place where you want to redirect the users after login
RedirectURL
http://www.quintanalibre.org.ar/portada
On Fri, Mar 10, 2017 at 11:50 AM, Pau <pau(a)dabax.net> wrote:
Hi.
AFAIK for the moment there are not plans for implementing this. But you
could open an issue in github so it will be more visible to someone able
to implement it.
Right now, maybe the easiest is to install Nodogsplash into the
gateway(s) node(s).
Another solution is to use the tinyproxy modified version from qMp (it
would require some small modifications)
https://github.com/routek/qMp/tree/testing/packages/qmp-tinyproxy/files
The point for using tinyproxy instead of nodogsplash is that it is able
to detect when a call is a user HTTP call and only shows the portal when
a browser is opened (Telegram or Whatsapp would work normally even
before the user see the captive portal). Also tinyproxy does not copy
the network packets to user space so it is not as damaging as
nodogsplash for the network performance. But of course it does not allow
authentication, only an informative "click to continue" HTML.
Cheers.
On 10/03/17 13:18, Amuza wrote:
Good meshing,
Please do not feel pushed, I am just happily asking things here.
Is there any estimate on when there will be an official captive portal
solution?
In the meantime, is there anything that more or less works with Libremesh?
Sorry to come back again with this topic, we had many emails around
saying different things and I got confused.
Cheers
_______________________________________________
lime-users mailing list
lime-users(a)lists.libremesh.org
https://lists.libremesh.org/mailman/listinfo/lime-users
--
./p4u
_______________________________________________
lime-users mailing list
lime-users(a)lists.libremesh.org
https://lists.libremesh.org/mailman/listinfo/lime-users
--
bruno(a)pobox.com ▀─█▄██▄▀▄
http://brunovianna.net ─█▄██▄▀█▀█▄
skype: randomico▀─█▄██▄▀█▀█▄▌██─█▌█▌