Re: Software for WLAN Hotspot

[Kay-Michael Voit <debian@voits.net>]

Well, I'll consider Kourosh's  suggestions at first.
But, actually, I've some ideas how I could solve the problem for me and 
probably for some other, too.

Mainly, my idea is limited through my programming skill, but it should 
work though...
Just tell me how you think about my considerations...

If we work with iptables, we have to authenticate the client in some 
way. Though I think it is possible to extend iptables, this would exceed 
my abilitys a lot.
So, I would use existing possibilitys, of which mac address filtering is 
the safest for my purpose.

Now there are two possibilities:
1. Writing a web-based interface, for example with PHP, to log in.
Then a C/C++ based daemon adds some iptablesrules, which allow the 
client to go online.
+: platform independent
-: one has to enter his MAC address, for I don't know any possibility to 
determine ones ip through PHP (and I don't think this is possible?)

2. Daemon as above, but with clientsoftware which sends password and 
MAC-address to server. (because they are one-time, they can be 
transmitted plaintext)
+: See above
-: Clientsoftware...

The daemon uses an SQL database to store information about the time left 
for users.
The program can even be extended that way, that users can log out and 
use the leftover later. (Then one should consider ebncrypted passwords)

What do you think about this concept? Problems? Complete rubish? A good 
start?
This would be the way, I, as a non professional, would solve it after 
one day consideration....

Stefan Neufeind wrote:

> Hey Kay,
>
> thought about such a solution with open-source also already - as well 
> as searched and asked. But wasn't able to find a good and working 
> solution. Well it seems you need to hook up the proxy somehow with 
> variable rules that know if a certain user is currently logged on or 
> not, that auto-logoff the user after a certain inactivity etc.
>
> But combined with that please keep in mind that you also need some 
> way to also allow pop3 etc. So you basically need to hook up firewall 
> rules (netfilter) in my eyes. This might be really brilliant solution 
> if you manage to get it running - but I suppose stable netfilter-
> drivers are hard to write and don't exist in open-source-world yet.
>
> So if you might think of opening a project or maybe find something 
> I'd be happy if you would let me know.
>
>  Stefan
>
> On 15 Aug 2003 at 17:35, Kay-Michael Voit wrote:
>
>  
>
> > Hi,
> > I'm considering to build up a public wlan hotspot. I need time-limited
> > authentification, mainly for identity logging purposes, not for
> > billing. I thougt about buying tickets (perhaps around 1 EUR/h) with
> > time-limited username and password on it.
> >
> > Where should I put in the authentification? At the proxy? Which
> > software should I use? afaik I have to open the wlan, do I? How do
> > commercial solutions work?
> >
> > I need only very basic answer, only something to search for. I don't
> > really know what to begin with....
> >