Re: Need advice on Debian Hotspot

To: debian-user@lists.debian.org
Cc: debian-user@lists.debian.org
Subject: Re: Need advice on Debian Hotspot
From: "Antonio Rafael C. Paiva" <arpaiva@cnel.ufl.edu>
Date: Thu, 15 Sep 2005 18:28:39 -0400
Message-id: <[🔎] 4329F597.40805@cnel.ufl.edu>
In-reply-to: <[🔎] 00a101c5ba32$b83d8da0$a20cc60a@amer.sykes.com>
References: <[🔎] 00a101c5ba32$b83d8da0$a20cc60a@amer.sykes.com>

Just about the initial redirection of the users, it seems that thebest (cause its free!) the that NoCat thing. I just looked into theirwebpage and its seams it takes care exactly of that redirection youmention. Apparently, you can even require some form of authentication.Other than that all I know is closed-box solutions at prices $7,000+.

I worked on a project where something like what you say was intendedabout 3 years ago, if only there was this NoCat thing around....


Antonio

Alejandro Bonilla wrote:

Greetings,

I want to set up a local wifi hotspot. I've got a decent
cable internet
connection to feed it, a small switch to connect everything,
the access
points, cabling, and I've just purchased an inexpensive box
to use as the
server for the whole project. Naturally, I want to use Debian for the
server OS, because of apt's ease of management.



This is what I do.

eth0 is WAN and eth1 is LAN.
This works like a charm.
Just put it in /etc/init.d/whatever
cd /etc/init.d/
update-rc.d whatever defaults

TADAA!!

#!/bin/sh
iptables -F; iptables -t nat -F; iptables -t mangle -F
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m state --state NEW -i ! eth0 -j ACCEPT
iptables -P INPUT DROP

iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 80 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 113 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 113 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 21 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 25 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 1194 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 1194 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 110 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 8000 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 8000 -j ACCEPT

iptables -A INPUT -p tcp -m tcp --dport 8001 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 8001 -j ACCEPT



then set the DHCP to have knowledge of the both networks.
dhcpd
subnet 192.168.0.0 netmask 255.255.255.0 {
  range 192.168.0.10 192.168.0.30;
  option broadcast-address 192.168.0.30;
  option domain-name "dns.domain.nameHere";
  option domain-name-servers your.dns.isp.address;
  option routers 192.168.0.1;
}

# The other subnet that shares this physical network (eth0?)
 subnet your.network.here.0 netmask 255.255.255.0 {
  option broadcast-address your.broad.add.here;
  option routers your.defaul.gateway.here;
}


Set the stuff under /etc/networking/interfaces

dammed, I spoiled the fun of this.

(I DUNNO HOW TO MAKE THE USERS TO GO INTO A HTTP BEFORE USING ANYTHIGN ELSE
BEFORE. HOW IS THAT?)

.Alejandro


--
António Rafael C. Paiva

Graduate student
Computational NeuroEngineering Laboratory
Electrical & Computer Engineering Department
University of Florida
Gainesville, FL 32611

Reply to:

References:
- RE: Need advice on Debian Hotspot
  - From: "Alejandro Bonilla" <abonilla@linuxwireless.org>

Prev by Date: Re: announcing the beginning of security support for testing
Next by Date: Re: No Starch Press releases _The Debian System_ by Martin Krafft
Previous by thread: RE: Need advice on Debian Hotspot
Next by thread: Marvell Yukon 88E8053 driver
Index(es):
- Date
- Thread