[Server-devel] Filtering and authentication
Reuben K. Caron
reuben at laptop.org
Wed Apr 29 00:26:28 EDT 2009
On Tue, Apr 28, 2009 at 6:34 PM, Jerry Vonau <jvonau at shaw.ca> wrote:
> On Tue, 2009-04-28 at 16:34 -0400, Reuben K. Caron wrote:
> > All of the documentation is contained within their download. It
> > appears like a nice lightweight solution. It is basically a captive
> > portal that requires authentication before allowing access to the
> > internet. It takes a different approach then netreg using dynamically
> > created iptables generated after a user logs in. Whereas netreg uses
> > dhcp to assign one set of ip addresses to an authenticated group of
> > users and one set of ip addresses to an unauthenticated set of users.
> > It appears in their current implementation nocat would require an
> > authentication every time a user connects to the system and netreg
> > would require a single authentication event and subsequently would
> > read the mac address from the dhcpd.conf file and grant an
> > authenticated ip address.
> >
> > Regards,
> > Reuben
>
> Thanks Reuben,
>
> The part that I like is the hook to query a DB, with a bit of work the
> need to login could be removed, and just look up the group membership
> that the mac address has in the db.
>
> Just a thought,
>
> Jerry
Keep the thoughts coming! :-) Additionally, this solution would be more
secure as it does a dance with iptables versus the netreg way where a user
could simply assign themselves an ip in from the authenticated group and
gain access to the internet. Both solutions have their merit..first one to
program it into XS gets their pick..
Reuben
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.laptop.org/pipermail/server-devel/attachments/20090429/652a36f7/attachment.htm
More information about the Server-devel
mailing list