miketheknife

Forum Replies Created

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • in reply to: Internal Webserver needs to be reachable via two WAN ports #52638
    miketheknife
    Member

    I have found the following thread.

    https://www.zeroshell.org/forum/viewtopic.php?t=2326
    https://www.zeroshell.org/forum/viewtopic.php?t=1283
    https://www.zeroshell.org/forum/viewtopic.php?p=4470

    trying to read, understand and implement accordingly.

    will let you know about success or failure.

    – mike

    in reply to: Custom DynDNS porblem. #47842
    miketheknife
    Member

    same here,

    the only solution i saw was to install the opendns update client on one of my internal servers.

    i switched to dyndns and that works.

    – mike

    in reply to: HOWTO: Captive Portal; more than 100 Free Authorized Clients #50984
    miketheknife
    Member

    @emisebastian wrote:

    i did all that but i can’t make it work!
    can u tell me how?
    did you forget about something?

    tks

    Can you tell me more about what is not working?

    I have just successfully implemented it with another firewall, i am using Beta14. on a Alix Board.

    Greetz Mike

    in reply to: allow some url to bypass captive portal ? #51835
    miketheknife
    Member

    Hello mixahlos,

    under the captive portal you have to add a additional FREE AUTHORIZED SERVICE

    put a descrition, a ip address and a tcp or udp port, in your case it would be tcp port 80 for http.

    greets Mike

    in reply to: Install on mikrotik routerboard #51758
    miketheknife
    Member

    its not possible, microtik is not an X86 hardware

    greez Mike

    in reply to: One Wireless router on two separate LANs? #51044
    miketheknife
    Member

    Hello rooster,

    i tried to setup almost exactly what you wanted.

    I have two Networks, one is my Corporate Network, and the second one is a Guest LAN. I have a wireless adapter in my Zeroshell and I did a multi SSID setup to have two wireless zones, one on the Corporate Network with WPA2-PSK and the other one one the Guest LAN with an Open Network with Captive Portal. My third Network connection is connected to the Internet. So both the Corporate and the Guest LAN are going through this connection to the Internet.

    I bridged the WPA-PSK Wireless Adapter with the one from the Corporate Network, and i bridged the Guest Wireless with the Guest LAN and activated Captive Portal on the Guest Wireless-Guest LAN Bridge.

    BRIDGE 1 > WLAN Corporate (WPA2PSK) + LAN Corporate
    BRIDGE 2 with Captive Portal > WLAN Guest (OPEN) + LAN Guest

    When I connect to the Corporate WLAN using the correct WLAN ssid/key I get connected correctly to my corporate Network and get a DHCP address from the DHCP server as expected.

    When I connect to the Guest WLAN, I try to open a webpage, I get redirected to the Captive Portal login site, and I have to identify myself with username and password and then I am in.

    BUT, I found out about a strange behaviour: Before authentication I get, whatever site I use, to the Captive Portal Login Page as expected. When I Use ping command to some random puplic ip-address I can get through without beeing authenticated. I have never experienced this behaviour in other situations (without wireless) and I am still trying to find out why.

    Instead of bridging, you can also use vlans. You could put the Guest LAN and the Guest Wireless in the same vlan. I have not tired this one you yet.

    -Mike

    in reply to: HOWTO: Captive Portal; more than 100 Free Authorized Clients #50982
    miketheknife
    Member

    Hello all,

    i uncommented the following lines out of the cpAddClient script. As i am not a bourne shell expert, i could not find out what those lines do. Can someone explain to me, or give me a hint where i can find a documentation about this.

    if [ “${LAST:0:1}” == 0 ] ; then
    LAST=”${LAST:1:1}”
    fi

    without those lines the creation of the additional FreeClients work, but when i delete some, i have gaps, and they are not getting refilled. look here (ex the 0003 is missing):

    0000 0006 0010 0014 0018 0022 0026 0030 0034 0038 0042 0046 0050
    0001 0007 0011 0015 0019 0023 0027 0031 0035 0039 0043 0047 0051
    0002 0008 0012 0016 0020 0024 0028 0032 0036 0040 0044 0048 0053
    0004 0009 0013 0017 0021 0025 0029 0033 0037 0041 0045 0049

    I think the above mentioned codebit has to do with this.

    Regards, Mike

    miketheknife
    Member

    Hello Marc,

    after one day of investigation, i came across a command that can be issued on the shell of ZS to insert a authorized free client into the captive portal.

    use the following command:
    /root/kerbynet.cgi/scripts/cpAddClient “Mike” “192.168.111.50” “00:13:A9:E8:D2:D6”

    or in your case only the MAC address:
    /root/kerbynet.cgi/scripts/cpAddClient “Mike” “” “00:13:A9:E8:D2:D6”

    it should now be easy writing a shell script to loop through a uploaded textfile inserting all the mac addresses into the captive portal DB.

    i have read that the maximum number of free clients is 100 (not tested by me yet) ๐Ÿ™ .i have not done the complete ‘decryption’ ๐Ÿ˜‰ of the article in the italian forum yet: http://www.zeroshell.net/forum/viewtopic.php?p=1462 they are talking about a workaround to this limitation.

    == edit ==
    here is how to remove the 100 limitation
    http://www.zeroshell.net/eng/forum/viewtopic.php?t=2451
    == /edit ==

    with the above command i was able to insert clients, now i wanted to remove them.

    i copied the /root/kerbynet.cgi/scripts/cpListFreeClients to /root/kerbynet.cgi/scripts/cpListFreeClientsMike (knowing the script will be gone after the next reboot)

    and modified it accordingly:

    the line 15:
    echo “

    $Desc $IP $MAC

    i changed to:
    echo “$C $Desc $IP $MAC”

    NOTE: if you can interpret html output you dont have to copy the file and modify line 15

    now i was able to list the existing free clients with my new script:

    root@event-01 scripts> /root/kerbynet.cgi/scripts/cpListFreeClientsMike
    00 Mike Any 00:13:A9:E8:D2:D6

    and with the input from the command above i removed the entry “00” from the existing free client list:
    /root/kerbynet.cgi/scripts/cpRemoveClient “00”

    -mike

Viewing 8 posts - 1 through 8 (of 8 total)