Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Linux Forums > Linux - Server
User Name
Linux - Server This forum is for the discussion of Linux Software used in a server related context.


  Search this Thread
Old 05-29-2012, 10:52 AM   #1
LQ Newbie
Registered: Aug 2008
Posts: 2

Rep: Reputation: 0
setup hotspot style login using shorewall

I'm managing a linux firewall, using shorewall, for internet access for a charity.

I sometimes need to find out who a specific computer belongs to. (most users have their own laptop)

I was thinking of using a hotspot style login page to get a list of users / mac addresses. Of the peg hotspot software, like chillispot, don't work for me as they want to much control and are overkill.

Was trying to set this up by giving out a different gateway for unknown users, then forward any web traffic using this gateway to my own webserver. From there I can build the rest with php / mysql.

Problem I am running into is that shorewall isn't playing nicely with virtual ethernet cards.

I need to forward all web traffic using eth1:0 as the gateway to the webserver running on eth1:0

This would be quite easy using an extra ethernet card, but am really trying to keep this to a virtual one

Any help on how to do this, or other ideas on how to accomplish the main idea of having someone give their name so that can be logged against their mac address before they can use the internet would be much appreciated.
Old 05-30-2012, 07:37 AM   #2
LQ Newbie
Registered: Aug 2008
Posts: 2

Original Poster
Rep: Reputation: 0
Just solved the problem and thought I'd put the solution here in case it is being picked up by google.

Tried to solve this using REDIRECT, but needed to use DNAT.
Hadn't thought of that because DNAT is usually used to redirect traffic from outside to a server inside.

Also, didn't come up with a way of using the gateway and am now using an ip block instead.
Following is part of my /etc/shorewall/rules file:

REDIRECT loc:! 8080 tcp 80 - !,
DNAT loc: loc: tcp 80 - !

I am capturing all traffic on port 80 to go to the transparent proxy on port 8080, except for traffic going to the firewall itself
All traffic coming from a small portion of the available ip addresses on port 80 is being forwarded to the virtual interface on the firewall is a virtual interface hanging on


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Wifi hotspot (hostapd and shorewall) - can't connect lunaroverlord Linux - Networking 0 10-21-2011 06:24 PM
Shorewall Setup - I have some questions. kylibar Linux - Newbie 5 08-14-2008 10:58 AM
Need help to migrate from mikrotik hotspot to Linux Hotspot for I-net cafe.. thewhitelion Linux - Server 4 10-31-2007 03:47 AM
Need help to migrate from mikrotik hotspot to Linux Hotspot for I-net cafe.. thewhitelion Linux - Enterprise 5 10-03-2007 05:14 PM
bug: choice of login style... Joey Cagle Grafpup 3 06-01-2007 03:57 PM > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 11:10 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration