Como havia explicado em um email anterior, criei uma ferramenta de portal cativo para FreeBSD
O seguinte script é chamado quando o sistema (captivepinger) da a partida : #!/bin/sh ipfw -q -f flush # Delete all rules # Set variables oif="rl0" # out interface iif="dc0" # in intertace iifaddr="192.168.2.1" # in interface ip lannet="192.168.2.0/24" # LAN subnet redirector="1932" # captive portal redirector portal="1934" # captive portal admin="1933" # captive portal admin page squid="3128" # squid # Divert to NAT /sbin/ipfw add 2 divert 8668 ip4 from any to any via rl0 # Allow estabilished traffic /sbin/ipfw add 3 check-state # Allow anything loopback /sbin/ipfw add 4 allow ip from any to any via lo0 # deny external access to our loopback /sbin/ipfw add 5 deny ip from any to 127.0.0.0/8 /sbin/ipfw add 6 deny ip from 127.0.0.0/8 to any # allow anything outgoing (and returning for internally generated traffic) /sbin/ipfw add 7 allow all from any to any via ${oif} keep-state # allow any port in on our firewall /sbin/ipfw add 8 allow ip from ${lannet} to ${iifaddr} via ${iif} keep-state # allow any DNS /sbin/ipfw add 9 allow tcp from ${lannet} to any dst-port 53 via ${iif} keep-state /sbin/ipfw add 9 allow udp from ${lannet} to any dst-port 53 via ${iif} keep-state # by default, send to our captive redirector /sbin/ipfw add 65000 fwd ${iifaddr},${redirector} tcp from ${lannet} to any dst-port 80 in via ${iif} keep-state /sbin/ipfw add 65100 deny ip from any to any /sbin/ipfw add 65200 allow ip from any to any ----- Este outro script eh chamado quando um usuario loga ( ${1} é o id no cadastro ${2} é o IP no cadastro ${3} é a banda de subida ${4} é a banda de descida, são parametros da linha de comando do script) #!/bin/sh # Set variables oif="rl0" # out interface iif="dc0" # in intertace iifaddr="192.168.2.1" # in interface ip lannet="192.168.2.0/24" # LAN subnet redirector="1932" # captive portal redirector portal="1934" # captive portal admin="1933" # captive portal admin page squid="3128" # squid /sbin/ipfw pipe ${1}1 config bw ${4}KBit/s /sbin/ipfw pipe ${1}2 config bw ${3}KBit/s /sbin/ipfw add 1${1}1 pipe ${1}2 ip from ${2} to any in /sbin/ipfw add 1${1}1 pipe ${1}1 ip from any to ${2} out /sbin/ipfw add 1${1}2 fwd 127.0.0.1,${squid} ip from ${2} to any dst-port 80 in via ${iif} /sbin/ipfw add 1${1}3 skipto 65200 ip from ${2} to any in via ${iif} /sbin/ipfw add 1${1}3 skipto 65200 ip from any to ${2} out via ${iif} ----- Este é o script chamado quando o usario fica offline { ${1} id ${2} ip ) #!/bin/sh # Set variables oif="rl0" # out interface iif="vr0" # in intertace iifaddr="192.168.1.1" # in interface ip redirector="1932" # captive portal redirector portal="1934" # captive portal admin="1933" # captive portal admin page squid="3128" # squid ipfw delete 1${1}1 ipfw delete 1${1}2 ipfw delete 1${1}3 ipfw pipe delete ${1}1 ipfw pipe delete ${1}2 ------------ fim ----------- do jeito que esta ai o usuario é interceptado na entrada e é levado ao portal cativo, quando loga, passa a ser interceptado pelo squid e nao pelo portal, ate cair o meu problema é que o controle de banda simplesmente não funciona ! ------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd