(Note: The following was written before NoCatAuth existed)BR Captive portals allow you to leverage a common browser as a secure authentication device. They also have the potential to allow you to do everything securely via SSL and IPSec and setup per user quality of service rules, and still maintain an open network. If you are curious about why you might want to install a captive portal please see WhyCaptivePortal. You can also see the beginning of our software requirements process at CaptivePortalDefinition.

Captive portals are becoming a popular way for SMS/BSN vendors to provide user authentication and IP flow management (basically traffic shaping and bandwidth control) without a required client application. They work by forcing un-authenticated users to a web page, once you have "captured them" this way by allowing the web page to interact with the router/firewall you can completely control their access.

As far as I am aware no OpenSource software has ever been developed to do this and plan to write this software as part of ThePlan.



Usage Flow:

Comments and Thoughts:

I think that this is all relatively straight forward to implement. It'll basically just be a matter of setting up the user database, and some web scripting to interact with the server to change system settings. The reason for a central user database (instead of sticking with the autonomous system model we use elsewhere) is that it makes authenticated roaming possible and also moves the user database (really the only important data that the portals will store) to a more reliable distributed model. We'll see if it's really as easy as all that ... :-)

Why bother with this? Because I want to avoid the tragedy of the commons. If we just open up our networks sooner or later people will start to abuse it because they didn't work to set it up and they don't know the people that did. I want this to be an open network by choice rather then because we don't have the ability to control it. The time will come when we're going to be forced to control it or the network will die from abuse.

Why do something like this instead of PPPOE, IPSec or Authenticated DHCP?

-- AdamShand

Additional note on potential hardware: FreeGeek has lots of old 486 boxes I bet they would be happy to give by the dozens to act as routers or hubs. (Would need to be router-on-a-floppy or other tiny linux, I suppose, as most large, working hard drives they have, they use.) -JonGracie

Btw, I would assume that NoCatAuth is now a valid system for such a captive portal, is it ?... Maybe a question of the time this was written ? -OlivierBerger

Are you planning on using Radius?

I just found WiCap, a free self-described "captive portal that doesn't suck"

I haven't messed with NoCatAuth, but the authors of WiCap are describing their system as being like NoCat except easier to configure. It supports OpenBSD, and from looking at it quickly, it appears it might be the only OS it supports. That's fine with me. I love OpenBSD.



hi i'm trying to set up nocatauth on openbsd pc and i've to say that's a mess to configure ! took a look on wicap but the manual is absolutely non-existent i'm beginning to despair anyone succeed to set up and run the 2 modules of nocat on 3.4 openbsd ? [CategoryDocumentation]


bruno, if you check this.. a better place to ask this question would be to the General Mailing list. See http://lists.personaltelco.net/


For those looking for a Captive Portal for OpenBSD ~3.5...I got fed up and wrote one, I am calling it WiCap-PHP because it is like WiCap but is actually supported and documented...Search the list for more information. You can also email me and I will tell you all about it. [http://wiki.personaltelco.net/index.cgi/WiCap_2dPHP WiCap-PHP] has a page on this WIKI and is where all updates will be posted.


[CategoryDocumentation] [http://www.etoo.cn/jlb ¼ÆÁ¿±Ã] [http://www.etoo.cn/yiliao/nwgd.htm ÄÚÍâ¹Ì¶¨] [http://www.etoo.cn/yiliao/jkhc.htm ½ø¿ÚºÄ²Ä] [http://www.etoo.cn/yiliao/gkhc.htm ¹Ç¿ÆºÄ²Ä] [http://www.etoo.cn/yiliao/gkqc.htm ¹Ç¿ÆÆ÷²Ä] [http://www.etoo.cn/yiliao/ylqx.htm Ò½ÁÆÆ÷е] [http://www.etoo.cn/yiliao/ylqc.htm Ò½ÁÆÆ÷²Ä] [http://www.16safe.com/qiche/anquan.htm ÂÖÌ¥°²È«] [http://www.16safe.com/qiche/znjc.htm ÖÇÄܼà²â] [http://www.16safe.com/qiche/luntai.htm ÂÖÌ¥·À±¬] [http://www.16safe.com/qiche/qiche.htm Æû³µÂÖÌ¥] [http://www.ltjz2000.com/zhentan.htm 私人侦探] [http://www.ltjz2000.com/sj.htm 私家侦探] [http://www.ltjz2000.com/xunren.htm 寻人] [http://www.ltjz2000.com/hydc.htm 婚姻调查] [http://www.ltjz2000.com/dc.htm 调查] [http://www.ltjz2000.com/zhentan.htm 侦探] [http://www.ltjz2000.com/sj.htm 北京私家侦探] [http://www.ltjz2000.com/dc.htm 调查公司] [http://www.etoo.cn/zhaigao 窄告] [http://www.etoo.cn/zjtg 主机托管] [http://www.etoo.cn/sports 健身器材] [http://www.etoo.cn/sports 健康器材] [http://www.etoo.cn/sports 体育器材] [http://www.etoo.cn/stadium 场馆设备] [http://www.etoo.cn/stadium 跑步机] [http://www.etoo.cn/21win-win 拓展训练] [http://www.wjmgy.com 脉管炎] [http://www.wjmgy.com/1 脉管炎] [http://www.wjmgy.com/hospitaljs.htm 脉管炎] [http://www.wjmgy.com/zhuankejs.htm 脉管炎] [http://www.wjmgy.com/zhuzhiys.htm 脉管炎] [http://www.wjmgy.com/conact.htm 脉管炎] [http://sinodragon.freewebpage.org 网站推广] [http://sinodragon.freewebpage.org 北京网站推广]