LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 12-15-2015, 04:19 PM   #1
mailtomsa
LQ Newbie
 
Registered: Nov 2015
Posts: 21

Rep: Reputation: Disabled
Accessing public captive portal WIFIs from Linux clients


Hello,

I have had a problem recently where I was the only guy not being able to use an event facility's public WIFI.
At some point it dawned on me that I was also the only guy running Linux and after rebooting into Windows (dual boot setup), everything worked fine.

I did some research later and it seems like Linux in general has a problem using captive portals because those rely on mechanisms that usually are used in malicious attacks like DNS spoofing, and that most distributions have setups that are supposed to protect them from those attacks and thus as a side effect also make it impossible to use WIFIs that are using captive portal mechanisms.

I tried to find a solution, but the only thing I found was how to set up a captive portal with various distros or tools, but not how to simply access one as a client.

Is there an easy solution?

I found a link that said switch the browser to private browsing mode, but that sounds too easy. I have not had a chance to test that yet, unfortunately...

Thank you in advance...
 
Old 12-16-2015, 12:43 AM   #2
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680

Rep: Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373
I tend to use Chromium in private browsing mode (I always use it in that mode anyhow) for captive portals and haven't had a problem in years.
I've not tried with Firefox, my usual browser, as I use NoScript and Adblock Plus and it would be a pain to temporarily disable them just for things like that so I tend to use Chromium in private mode whenever I want to just let a site run scripts and the like.
 
1 members found this post helpful.
Old 12-17-2015, 05:14 PM   #3
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,573

Rep: Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142
What browser do you use? I travel a lot and most hotel and airport wifi networks use these portals, I've never had an issue on Chrome.
 
Old 12-17-2015, 11:02 PM   #4
mailtomsa
LQ Newbie
 
Registered: Nov 2015
Posts: 21

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by suicidaleggroll View Post
What browser do you use? I travel a lot and most hotel and airport wifi networks use these portals, I've never had an issue on Chrome.
I used Firefox; whatever the latest version was back in October. The same browser under windows had no problem.

Will try chrome next time. Does it have to be chrome (Google's) or does chromium work as well?.
 
Old 12-18-2015, 12:49 AM   #5
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680

Rep: Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373
Quote:
Originally Posted by mailtomsa View Post
I used Firefox; whatever the latest version was back in October. The same browser under windows had no problem.

Will try chrome next time. Does it have to be chrome (Google's) or does chromium work as well?.
Chromium has worked just fine for me in airports, hotels and the like.
 
Old 12-19-2015, 03:56 AM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Quote:
Originally Posted by mailtomsa View Post
I found a link that said switch the browser to private browsing mode, but that sounds too easy. I have not had a chance to test that yet, unfortunately...
So all we have here is words but facts (no system, network, sysctl, browser or captive portal details) to work with. I do understand that you would like to just get on with whatever it is you're supposed to be doing but next time please first gather nfo that could help deduce what the problem exactly is. Also, since there's no security-related nfo all that's left is a networking issue so I'll transfer this thread to the Network forum.
 
Old 12-20-2015, 02:19 PM   #7
Steven_G
Member
 
Registered: Dec 2015
Location: Western US
Distribution: Home spun
Posts: 142

Rep: Reputation: 67
This was supposed to be fixed a while back, looks like it's still an issue (unless you're still running an old set up). You're on ubuntu w/ firefox, right?

The combo can't handle the DNS redirect in a walled garden.

I.E: You have to log in to a web interface, agree to terms and then you're allowed to browse.

In simple terms, in that scenario you complete the TCP handshake w/ the gateway then get redirected through DNS to the terms page, there you pick up a token in your browser that lets the firewall stack know that you're kosher and for it to pass your traffic.

You're actually connecting to the gateway. You're just not getting redirected to pick up the token.

So, talk to the clerk or look at the sign, get the password, log in to the wifi, right click your inet connection in the task bar, click connection properties, then copy, paste and go to the "default route" address in your FF address bar. This will kick you over to the terms page so that you can pick up the token and be on you merry way.

And a word to the wise from the truly paranoid: I won't touch google crap w/ a 50 meter cattle prod. They're just too snoopy and slap too much crap to too many places all over your system and give you too little control. The only exception is watching netflix; which should only be done in a dedicated hardened virtual machine.
 
1 members found this post helpful.
Old 12-20-2015, 02:36 PM   #8
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680

Rep: Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373
Quote:
Originally Posted by Steven_G View Post
And a word to the wise from the truly paranoid: I won't touch google crap w/ a 50 meter cattle prod. They're just too snoopy and slap too much crap to too many places all over your system and give you too little control. The only exception is watching netflix; which should only be done in a dedicated hardened virtual machine.
There's no need for Google for captive portals -- just use Chromium.
I am surprised that Firefox doesn't work nowadays but I'm not interested enough to find a captive portal and create a new Firefox profile without ABP, NoScript, Ghostery, Privacy Badger and all history switched off to find out, sorry.
 
1 members found this post helpful.
Old 12-20-2015, 02:49 PM   #9
Steven_G
Member
 
Registered: Dec 2015
Location: Western US
Distribution: Home spun
Posts: 142

Rep: Reputation: 67
Quote:
Originally Posted by 273 View Post
There's no need for Google for captive portals -- just use Chromium.
Um, I didn't mean Google the search engine. I meant Google the subsidiary of Alphabet whose CEO thinks that algos should sensor free speech and the fact that purely IMHO anything they even come near (like chromium) should be treated like toxic waste.
 
Old 12-20-2015, 02:50 PM   #10
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680

Rep: Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373
Quote:
Originally Posted by Steven_G View Post
Um, I didn't mean Google the search engine. I meant Google the subsidiary of Alphabet whose CEO thinks that algos should sensor free speech and the fact that purely IMHO anything they even come near (like chromium) should be treated like toxic waste.
So you think that an open-source browser is spying on you even though nobody has managed to find anything remotely like that in the code? Or do you have some facts?
 
1 members found this post helpful.
Old 12-20-2015, 03:04 PM   #11
Steven_G
Member
 
Registered: Dec 2015
Location: Western US
Distribution: Home spun
Posts: 142

Rep: Reputation: 67
Quote:
Originally Posted by 273 View Post
So you think that an open-source browser is spying on you even though nobody has managed to find anything remotely like that in the code? Or do you have some facts?
Being snarky is not nice. I wasn't snarky with you. I expressly couched it as an *opinion*.

But, for *just one* FACT on the kind of crap that google pulls with chromium in particular and not touching the general nature of all the crap they pull, well here ya go:

Google eavesdropping tool installed on computers without permission


As I said: *IMHO* everything that comes out of google in general and alphabet in particular is no better than toxic waste.

And *personally* I hate to touch it, just as much for political reasons as technical. Only do so grudgingly. Only do so when I have to. And only do so when I've hardened the effected systems as much as I practically can.
 
Old 12-20-2015, 04:45 PM   #12
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680

Rep: Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373
Quote:
Originally Posted by Steven_G View Post
Being snarky is not nice. I wasn't snarky with you. I expressly couched it as an *opinion*.

But, for *just one* FACT on the kind of crap that google pulls with chromium in particular and not touching the general nature of all the crap they pull, well here ya go:

Google eavesdropping tool installed on computers without permission


As I said: *IMHO* everything that comes out of google in general and alphabet in particular is no better than toxic waste.

And *personally* I hate to touch it, just as much for political reasons as technical. Only do so grudgingly. Only do so when I have to. And only do so when I've hardened the effected systems as much as I practically can.
See, providing a fact helped those reading to decide whether they would trust Chromium. I wasn't being snarky I was asking you to provide evidence rather than conjecture. As it happens I tend, to the extent I do anything, to trust Chromium precisely because these things are discovered in open source projects.
 
1 members found this post helpful.
Old 12-20-2015, 06:57 PM   #13
Steven_G
Member
 
Registered: Dec 2015
Location: Western US
Distribution: Home spun
Posts: 142

Rep: Reputation: 67
Actually, no, you were pretty snarky and more than a little holier than thou.

That "there's never been any proof" crack shows pretty plainly that right off the bat you assumed:

1) I'm a moron.
2) You know more than I do.

Obviously neither is true.
 
Old 12-21-2015, 12:57 AM   #14
mailtomsa
LQ Newbie
 
Registered: Nov 2015
Posts: 21

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Steven_G View Post
This was supposed to be fixed a while back, looks like it's still an issue (unless you're still running an old set up). You're on ubuntu w/ firefox, right?
Not exactly - it's LinuxMint and Firefox. LinuxMint being based on Ubuntu, though, but with a different WM (Cinnamon) and other differences.

Quote:
Originally Posted by Steven_G View Post
[...]right click your inet connection in the task bar, click connection properties, then copy, paste and go to the "default route" address in your FF address bar[...]
So if I understand you correctly, if I wanted to use the command line instead of the right-click in the task bar, I would call "route" from a shell, copy and paste the "Gateway" value from the line that has "default" as "Destination" and then tell the browser to go to that gateway?

Thank you
 
Old 12-21-2015, 09:06 AM   #15
Steven_G
Member
 
Registered: Dec 2015
Location: Western US
Distribution: Home spun
Posts: 142

Rep: Reputation: 67
Quote:
Originally Posted by mailtomsa View Post
Not exactly - it's LinuxMint and Firefox. LinuxMint being based on Ubuntu, though, but with a different WM (Cinnamon) and other differences.



So if I understand you correctly, if I wanted to use the command line instead of the right-click in the task bar, I would call "route" from a shell, copy and paste the "Gateway" value from the line that has "default" as "Destination" and then tell the browser to go to that gateway?

Thank you
There's always more than one way to skin a cat, That *should* do it. If not then you're having a different issue.

*Supposedly* that problem was going to be fixed sometime in last 18 months or so. I haven't read up on it in a while. ~2 years ago I read a big, long snarky exchange between the ubuntu devs and the mozilla devs pointing fingers at each other about whose fault it was.

If that trick doesn't get her done then start looking at your DNS configuration. I know Clem and his team work hard at what they do and a lot of people love their work. But I for one find some of the technical changes they makes to basic stuff to be questionable; which is why I don't personally use Mint.

If it's not the generic issue from further up the line I wouldn't put it past Clem's team to have done something wonky to DNS.
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Captive Portal depam Linux - Software 1 01-30-2013 12:48 PM
Setting up a Captive portal VeeDubbs Linux - Networking 3 05-31-2009 11:55 AM
LXer: Tutorial: Zeroshell Linux: Captive Portal, Internet Gateway and Router (part3) LXer Syndicated Linux News 0 05-18-2009 10:10 PM
captive portal and iptables dutch1918 Linux - Wireless Networking 0 12-16-2005 09:21 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:31 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration