Hi,
Suppose I have a wireless network, with different AP linked to a
router-modem (same device). I decided that, internet access should be
granted to only clients with logins. I don't want them to exchange
logins (so 1 MAC to 1 Logins).
I thought about installing squid as an Authentication proxy and the
idea of the transparent mode is really tempting me, although I found
many people denying its possibility... So what about the IP tables
prerouting technique, I didn't test it but what do you think about it?
I read about https issues too, any guidance?
Anyway, so I'll need to generate logins, and choose an expiry
duration... So my question is, if squid accepted a client for valid
logins, after how long time it will recheck again if they're still
valid? Is it with every Http request? (I need to know when expired
logins will stop working)
Besides, could you suggest an implementation of this system, how will
expired accounts get deleted? and how I will implement 1 Mac <=> 1
account, without asking the client for his mac address beforehand.
I know you hate lazy people, so I'll give you my modest approach:
I believe Auth helper could be functioning with Mysql database so I'll
add mac@ field and it gets populated in the first authentication, and
from that step a valid account will be correct user+password+mac@.
Will the proxy receive the mac of the cient with each request?
Then, I'll make a thread that will keep checking for expired accounts
and deletes them from the MySql DB.
I would be pleased with any of your suggestions and advices, I'm sure
there's always a more efficient way to do it!
Thanks
Received on Mon Oct 18 2010 - 12:31:32 MDT
This archive was generated by hypermail 2.2.0 : Mon Oct 18 2010 - 12:00:03 MDT