wifidog

To: Debian <debian-user-spanish@lists.debian.org>
Subject: wifidog
From: trujo <trujo@dti2.net>
Date: Thu, 29 May 2014 14:42:20 +0200
Message-id: <[🔎] 1401367340.27500.8.camel@trujo.hvn.sas.junta-andalucia.es>
Tengo que montar un portal, he elejido usar wifidog sobre debian (¿como
no?).
Estoy siguiendo la documentación de la pagina web de wifidog, instalando
todo en una única maquina.
En principio no he tenido problemas para instalar el AuthServer (he
empezado por detrás, (que le vamos ha hacer), no tengo problemas en
configurarlo ni en instalarlo, tampoco en la parte de postgres, tampoco
en el cliente.
Pero tras instalar el cliente y ejecutar "wifidog -f -d 7" no pasa nada
de nada, sigo pudiendo navegar sin que aparezca el portal cáptivo.
¿Alguien puede darme norte?
Por si sirve de algo las reglas de iptables sin el wifidog son:

# iptables -L 
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     udp  --  anywhere             anywhere             udp
multiport dports bootps,bootpc
ACCEPT     udp  --  anywhere             anywhere             udp
multiport dports bootps,bootpc
ACCEPT     udp  --  anywhere             anywhere             udp
multiport dports bootps,bootpc
LOG        all  --  anywhere             anywhere             LOG level
debug prefix "BANDWIDTH_IN:"
ACCEPT     tcp  --  anywhere             anywhere             tcp
dpt:webmin
ACCEPT     tcp  --  anywhere             anywhere             tcp
dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere             tcpflags:
ACK/ACK
ACCEPT     all  --  anywhere             anywhere             state
ESTABLISHED
ACCEPT     all  --  anywhere             anywhere             state
RELATED
ACCEPT     udp  --  anywhere             anywhere             udp
spt:domain dpts:1024:65535
ACCEPT     icmp --  anywhere             anywhere             icmp
echo-reply
ACCEPT     icmp --  anywhere             anywhere             icmp
destination-unreachable
ACCEPT     icmp --  anywhere             anywhere             icmp
source-quench
ACCEPT     icmp --  anywhere             anywhere             icmp
time-exceeded
ACCEPT     icmp --  anywhere             anywhere             icmp
parameter-problem
ACCEPT     icmp --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     tcp  --  anywhere             anywhere             tcp
dpt:http

Chain FORWARD (policy DROP)
target     prot opt source               destination         
LOG        all  --  anywhere             anywhere             LOG level
debug prefix "BANDWIDTH_OUT:"
LOG        all  --  anywhere             anywhere             LOG level
debug prefix "BANDWIDTH_IN:"
ACCEPT     all  --  anywhere             anywhere             state
RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
LOG        all  --  anywhere             anywhere             LOG level
debug prefix "BANDWIDTH_OUT:"
DROP       udp  --  anywhere             anywhere             udp
multiport sports bootps,bootpc
DROP       udp  --  anywhere             anywhere             udp
multiport dports bootps,bootpc
# iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
MASQUERADE  all  --  anywhere             anywhere   


tras ejecutar "wifidog -f -d 7"

las reglas son:

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     udp  --  anywhere             anywhere             udp
multiport dports bootps,bootpc
ACCEPT     udp  --  anywhere             anywhere             udp
multiport dports bootps,bootpc
ACCEPT     udp  --  anywhere             anywhere             udp
multiport dports bootps,bootpc
LOG        all  --  anywhere             anywhere             LOG level
debug prefix "BANDWIDTH_IN:"
ACCEPT     tcp  --  anywhere             anywhere             tcp
dpt:webmin
ACCEPT     tcp  --  anywhere             anywhere             tcp
dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere             tcpflags:
ACK/ACK
ACCEPT     all  --  anywhere             anywhere             state
ESTABLISHED
ACCEPT     all  --  anywhere             anywhere             state
RELATED
ACCEPT     udp  --  anywhere             anywhere             udp
spt:domain dpts:1024:65535
ACCEPT     icmp --  anywhere             anywhere             icmp
echo-reply
ACCEPT     icmp --  anywhere             anywhere             icmp
destination-unreachable
ACCEPT     icmp --  anywhere             anywhere             icmp
source-quench
ACCEPT     icmp --  anywhere             anywhere             icmp
time-exceeded
ACCEPT     icmp --  anywhere             anywhere             icmp
parameter-problem
ACCEPT     icmp --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     tcp  --  anywhere             anywhere             tcp
dpt:http

Chain FORWARD (policy DROP)
target     prot opt source               destination         
LOG        all  --  anywhere             anywhere             LOG level
debug prefix "BANDWIDTH_OUT:"
LOG        all  --  anywhere             anywhere             LOG level
debug prefix "BANDWIDTH_IN:"
ACCEPT     all  --  anywhere             anywhere             state
RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
LOG        all  --  anywhere             anywhere             LOG level
debug prefix "BANDWIDTH_OUT:"
DROP       udp  --  anywhere             anywhere             udp
multiport sports bootps,bootpc
DROP       udp  --  anywhere             anywhere             udp
multiport dports bootps,bootpc

Chain WiFiDog_vlan1000_AuthServers (0 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             localhost           

Chain WiFiDog_vlan1000_Global (0 references)
target     prot opt source               destination         

Chain WiFiDog_vlan1000_Known (0 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            

Chain WiFiDog_vlan1000_Locked (0 references)
target     prot opt source               destination         
REJECT     all  --  anywhere             anywhere
reject-with icmp-port-unreachable

Chain WiFiDog_vlan1000_Unknown (0 references)
target     prot opt source               destination         
ACCEPT     udp  --  anywhere             anywhere             udp
dpt:domain
ACCEPT     tcp  --  anywhere             anywhere             tcp
dpt:domain
ACCEPT     udp  --  anywhere             anywhere             udp
dpt:bootps
ACCEPT     tcp  --  anywhere             anywhere             tcp
dpt:bootps
REJECT     all  --  anywhere             anywhere
reject-with icmp-port-unreachable

Chain WiFiDog_vlan1000_Validate (0 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            




# iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
WiFiDog_vlan1000_Outgoing  all  --  anywhere
anywhere            

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
MASQUERADE  all  --  anywhere             anywhere            

Chain WiFiDog_vlan1000_AuthServers (1 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             localhost           

Chain WiFiDog_vlan1000_Global (1 references)
target     prot opt source               destination         

Chain WiFiDog_vlan1000_Outgoing (1 references)
target     prot opt source               destination         
WiFiDog_vlan1000_WIFI2Router  all  --  anywhere
172.17.0.1          

Chain WiFiDog_vlan1000_Unknown (0 references)
target     prot opt source               destination         
WiFiDog_vlan1000_AuthServers  all  --  anywhere
anywhere            
WiFiDog_vlan1000_Global  all  --  anywhere
anywhere            
REDIRECT   tcp  --  anywhere             anywhere             tcp
dpt:http redir ports 2060

Chain WiFiDog_vlan1000_WIFI2Router (1 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere
Reply to:
Follow-Ups:
- Re: wifidog
  - From: Camaleón <noelamac@gmail.com>
Prev by Date: Re: Problemas con el servidor FTP (era: Más problemas con el servidor)
Next by Date: wifidog
Previous by thread: Re: Inicio.
Next by thread: Re: wifidog
Index(es):
- Date
- Thread