-   Linux - Security (
-   -   wireless shared internet service: which authentication implementation? (

F1uX 01-15-2004 07:05 PM

wireless shared internet service: which authentication implementation?
Hi u all!
I've an high bandwidth connection to the internet that I'd like to share with some of my neighbours that own a wireless card each.

As I'm a newbie in security issues like this one, I'd like to know what is the best solution for implementing a linux server that has the following capabilities:
- a firewalling service for protecting the internal machines of my LAN from the outside unwanted wireless users
- an authentication service for my neighbours
- some banwidth limiting facilities, to avoid someone to take the whole shared band

I was thinking of using iptables + transparent proxy to a squid server, but here the problems are 2:
- This way, peer to peer clients could have no way to download all the stuff they want
- I don't know what's the best authentication method to use in my case on squid

Maybe also the idea of a socks proxy could be useful, but I haven't found an opensource free product that I could use for this.

Thanx in advance for your help...

Capt_Caveman 01-21-2004 04:05 AM

There are actually a numbers of different ways to implement a shared network layout. You might want to check out NoCat (specifically NoCatAuth) which might be a little more geared towards what you want to setup (wireless authentication, bandwidth throttling). The NoCat documentation is well, pretty crappy so you might want to look for a good howto first. Here's a little more general info on NoCat:

F1uX 01-21-2004 06:01 AM

Great stuff!!!
Nocat is exactly what I was looking for!!!
I'll try it immediately... it seems that there's also a growing community behind this project, and an active development.
Thanx a lot for the advice!

Capt_Caveman 01-21-2004 07:43 AM

Some of the O'Reilly series of wireless books have pretty good info on NoCat if you can borrow one. As far as seeing it in action, I've come across a number of wireless portals that used NoCat and it seemed to do a pretty good job. Its community is definitely active and will only grow larger as 802.11 becomes more and more common. Good luck!

All times are GMT -5. The time now is 11:56 PM.