<div class="gmail_quote">On Tue, Apr 28, 2009 at 6:34 PM, Jerry Vonau <span dir="ltr"><<a href="mailto:jvonau@shaw.ca">jvonau@shaw.ca</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class="im">On Tue, 2009-04-28 at 16:34 -0400, Reuben K. Caron wrote:<br>
> All of the documentation is contained within their download. It<br>
> appears like a nice lightweight solution. It is basically a captive<br>
> portal that requires authentication before allowing access to the<br>
> internet. It takes a different approach then netreg using dynamically<br>
> created iptables generated after a user logs in. Whereas netreg uses<br>
> dhcp to assign one set of ip addresses to an authenticated group of<br>
> users and one set of ip addresses to an unauthenticated set of users.<br>
> It appears in their current implementation nocat would require an<br>
> authentication every time a user connects to the system and netreg<br>
> would require a single authentication event and subsequently would<br>
> read the mac address from the dhcpd.conf file and grant an<br>
> authenticated ip address.<br>
><br>
> Regards,<br>
> Reuben<br>
<br>
</div>Thanks Reuben,<br>
<br>
The part that I like is the hook to query a DB, with a bit of work the<br>
need to login could be removed, and just look up the group membership<br>
that the mac address has in the db.<br>
<br>
Just a thought,<br>
<font color="#888888"><br>
Jerry</font></blockquote><div> </div><div>Keep the thoughts coming! :-) Additionally, this solution would be more secure as it does a dance with iptables versus the netreg way where a user could simply assign themselves an ip in from the authenticated group and gain access to the internet. Both solutions have their merit..first one to program it into XS gets their pick..</div>
<div><br></div><div>Reuben</div></div>