[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Jonathan Melhuish wrote:I know :-) Plus *I* want to go and surf the 'net in the park, obviously.
I'm thinking of setting up a public wi-fi hotspot, probably by plugging
a network bridge into a second network card on my server, then suitably
configuring routing on that box to forward only out to the Internet
router and selected services on my server.
Very public spirited.
lol, I *tried* to read the advanced bandwidth limiting HOW-TOs but got a bit lost :-( I think it's a bit of a non-issue, we've got 2Mbps ADSL and we never use all of it anyway.It'd be nice to have some kind of usage monitoring, just to see if
anybody actually uses it and how much of our bandwidth they're using. MTRG looks cool, but it seems to be centred around grabbing stats off
SNMP-compatible routers. Can I config it to monitor activity on the
local network connections instead?
Do you care? Read the advanced routing docs on bandwidth limiting to
make sure they don't tread (too much) on your bandwidth, then you'll
only give away what you don't use.
That sounds sensible. Although presumably they could send as much spam as they like through our ISP's mail server - which our ISP might not be very happy about :-(
Also, the only thing I don't really want it used for is sending spam. I
know it's probably not that big a deal, but presumably rate-limiting the
outgoing mail is going to involve setting up my own mail server and
configuring it to forward mail out to our ISP's SMTP server?
You could force all port 25 to the ISPs smtp outbound relay using
IPtables - it is pretty easy once you know what you want.
Setting up your own mail server would rate limit it to the speed withErm, I very much doubt it's going to get that much legitimate mail going through it! Bear in mind this park is largely populated by squirrels ;-)
which your disk can commit data and I don't think you'd want that if it
gets busy.
I think spam is a non-issue - just blacklist the MAC addresses if it"Sorry sarge, he was using my connection to send spam" ;-o
happens (AND GO OUT AND BEAT THE PERSON UP - AS THEY'LL BE IN RANGE - NO
JURY WOULD EVER CONVICT ;-).
The bigger issue is the approach your upstream takes to the incident, but compared to the number of infected Windows boxes, hotspots by peopleThat's true. I seem to be getting loads of short, but random-ish messages with Zip files attatched at the mo. I must install Razor sometime...
who have a clue are not going to be a big issue.
Didn't quite follow that. Maybe my brain's dead. But I wasn't looking to authenticate anyone to do anything, really...
Also, (whilst I'm at it!) I saw somebody had configured their hotspot so
that the first page served through the network was a "welcome" page
detailing services available, regardless of what was requested.
We are doing it with authentication built into provider hotspots, but that is probably more work and expense than you want.
Some people use fancy DNS stuff to do this - which frightens me.
I would have thought try and restrict it to port 80 traffic only. Our professional service will mandate login as we want to be paid, but if you just want to share, don't force a login for non port 80 stuff - that would be a bit like putting a wildcard in the .com zone to find lost web pages, breaks every other protocol for the (dubious) sake of one.
Bad Karma.
I think SQUID may have some features - have a look. A proxy might be aYes, I think perhaps that's how they did it, by proxying port 80. If it isn't easy though, then I can't be bothered...
good thing anyway.
From man apt:Somebody really ought to make a "wifi-hotspot" Debian superpackage that
installs everything you need for a fully featured, secure public hotspot
and has a nice easy debconf-based installation. Maybe I ought to have a
look into creating some packages... I wouldn't know where to start.
man apt ;)
"BUGS
This manpage isn't even started."-- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.