advanced iptables shiznit

skisteven1

Senior member
Jul 15, 2003
537
0
0
I'm kind of new to iptables, andw hile I gather that it is very powerful, I'm not sure of how to use all the features. Would someone please let me know if this is feasable? Or am I better off just using a captive portal solution (which one?!)

Have an iptables rule that checks an outgoing mac address from the wireless interface against a local file (list of mac addresses). If it isn't in the list, redirect HTTP connections to a local php page. Allow them to click "ok" on a page, which will add their mac address to a file, using php. Once this happens, they'll pass through the iptables rule that checks to see if their mac is listed in the file, and continue on to the internet via NAT.

Or am I just making this way to complicated?
 

blemoine

Senior member
Jul 20, 2005
312
0
0
any particular reason you need to allow by mac address as opposed to say Active Directory username or group? Is this for wireless users?
 

skisteven1

Senior member
Jul 15, 2003
537
0
0
It is for wireless users, and it's supposed to be public. We'd just like them to fill out a form with their email address or something first. I figured mac address would be the easiest, but I'm certainly open to other suggestions.