Ah… That would explain it. I didn’t realize the firewall took precedence. I have changed the forward chains.
My forward chain’s default is to drop packets, but I enabled forwarding from eth02 (The wireless subnet) to eth01 (the outside world). Given that I want to keep the same effect of the firewall (i.e., don’t forward anything except packets from eth02 to eth01 and forward all related/established connections from eth01 to eth02), how do I get Captive Portal to work as intended? Thanks.
Yes, I did see that in the FAQ, but wanted clarification because it functions unlike other captive-portal-like software where all traffic is intially denied except for 80/443 which is then taken to the login page. The FAQ actually does make it seem like all IP traffic is blocked except for 80/443 which is redirected. The current implementation isn’t sufficient for my needs. I already have them on a separate subnet, but giving access to everything but port 80/443 is not quite what I am looking for. It would be nice if we had the option to block all traffic in a subsequent release. Thanks.