0.3 C
New York
Sunday, February 23, 2025
HomeComputer Networking
Computer Networking

networking – captive portal on RPi, drawback with blocking or unblocking machine utilizing ip

By codesanitize
0
6
networking – captive portal on RPi, drawback with blocking or unblocking machine utilizing ip


i’ve captive portal setup on RPi which connects to aws distant server for a captive portal mock implementation with the next preliminary ip tables guidelines which ought to enable web entry for all of the gadgets

the RPi connects to web supply on eth0 and hosts the captive portal wifi community on wlan0

sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT
sudo iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A INPUT -i lo -j ACCEPT
sudo iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
sudo iptables -A INPUT -i eth0 -j ACCEPT
sudo iptables -A INPUT -d 13.61.79.152/32 -p tcp -m tcp --dport 443 -j ACCEPT
sudo iptables -A INPUT -p tcp -m tcp --dport 443 -j REJECT --reject-with icmp-port-unreachable
sudo iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i lo -j ACCEPT
sudo iptables -A FORWARD -i eth0 -j ACCEPT
sudo iptables -A FORWARD -d 13.61.79.152/32 -p tcp -m tcp --dport 443 -j ACCEPT
sudo iptables -t nat -P PREROUTING ACCEPT
sudo iptables -t nat -P INPUT ACCEPT
sudo iptables -t nat -P OUTPUT ACCEPT
sudo iptables -t nat -P POSTROUTING ACCEPT
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

dnsmasq config:

no-resolv
server=1.1.1.1
server=8.8.8.8
dhcp-range=192.168.1.2,192.168.1.100,12h
deal with=//

my concept was to dam all gadgets initially utilizing these guidelines which ought to block https and redirect http to port 8080 the place i’ve a service listenting that redirect any http website to my auth website (as a result of i couldnt do that redirect logic instantly with iptables plus wished so as to add some url parameters to the request)

for blocking web i take advantage of

sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp -s $UNAUTHENTICATED_DEVICE_IP --dport 80 -j DNAT --to-destination 192.168.1.1:8080
sudo iptables -A FORWARD -i wlan0 -p tcp -s $UNAUTHENTICATED_DEVICE_IP --dport 443 -j REJECT --reject-with icmp-port-unreachable

and for permitting web i set off a operate to take away the earlier two guidelines

the captive portal acts usually when consumer is blocked and redirects http site visitors to my auth website,

my drawback is
Even when i take away the web block it nonetheless redirects to my auth web site and haven’t any web entry when i open any web site

Previous article6 Insights from OpenAI’s Prompting Information for Reasoning Fashions
Next articleRenewable Power Tasks That Kowtow To King Trump And King Musk Get Funded
codesanitizehttps://codesanitize.com

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

Load more

ABOUT US

Welcome to CodeSanitize, your number one source for all things coding and technology. We’re dedicated to providing you the very best of software development tutorials, tips, and resources, with a focus on clarity, practical examples, and up-to-date content.

© Copyright 2024 - codesanitize.com. All rights reserved