Nicolas Schmitz | 6 Jun 17:14 2006
Picon

force user logout

Hi,
is there a way with NoCat to disconnect a user from a shell script on 
the gateway  ?

Thanks.

--

-- 
Nicolas Schmitz

Centre de Ressources Informatiques 		
Ecole Centrale de Nantes                 	
twistedpickles | 9 Jun 01:54 2006
Picon

Re: force user logout

path/to/access.fw deny [mac address] [ip address] [Class]

example below

/usr/local/nocat/gateway/bin/access.fw deny 00:0e:d7:20:5d:ec 10.0.200.16 Mem
ber

On 6/6/06, Nicolas Schmitz <Nicolas.Schmitz <at> ec-nantes.fr> wrote:
> Hi,
> is there a way with NoCat to disconnect a user from a shell script on
> the gateway  ?
>
> Thanks.
>
> --
> Nicolas Schmitz
>
> Centre de Ressources Informatiques
> Ecole Centrale de Nantes
>
>
> _______________________________________________
> NoCat mailing list
> NoCat <at> lists.nocat.net
> http://lists.nocat.net/mailman/listinfo/nocat
>

--

-- 
::twistedPickles:: :
(Continue reading)

Nicolas Schmitz | 9 Jun 14:21 2006
Picon

Re: force user logout

Thanks but I don't think it's the good way because the next time the 
computer will try to use the wifi, nocat will not run the iptable 
script, and the client will stay in a login loop.

twistedpickles a écrit :
> path/to/access.fw deny [mac address] [ip address] [Class]
>
> example below
>
>
> /usr/local/nocat/gateway/bin/access.fw deny 00:0e:d7:20:5d:ec 10.0.200.16 Mem
> ber
>
>
> On 6/6/06, Nicolas Schmitz <Nicolas.Schmitz <at> ec-nantes.fr> wrote:
>   
>> Hi,
>> is there a way with NoCat to disconnect a user from a shell script on
>> the gateway  ?
>>
>> Thanks.
>>
>> --
>> Nicolas Schmitz
>>
>> Centre de Ressources Informatiques
>> Ecole Centrale de Nantes
>>
>>
>> _______________________________________________
(Continue reading)

twistedpickles | 9 Jun 19:56 2006
Picon

Re: force user logout

On 6/9/06, Nicolas Schmitz <Nicolas.Schmitz <at> ec-nantes.fr> wrote:
> Thanks but I don't think it's the good way because the next time the
> computer will try to use the wifi, nocat will not run the iptable
> script, and the client will stay in a login loop.
>
>

Not exactly sure what you are talking about. This technique works for
me all the time. It will force users to log back in.
frowns | 9 Jun 22:20 2006
Picon

NC_LoginTimeout Max

Hello. I recently modified and compiled the ewrt 0.4.1 source with
nocatsplash for a small hotel, and everything is working AWESOME (on a
wrt54gl). My question: what is the MAX you can set the timeout
(NC_LoginTimeout) to? I searched but couldn't find it anywhere. If no one
knows i may try a week and report back with the results.

In another, kind of off topic matter, I have been reading advice in forums
to adjust  ip_conntrack_max to help with p2p traffic like bit torrent. I did
a little research, looked at the netfilter source, and am confused as to why
people would to suggest quadrupling the conntracks to 4096 on a box with
16MB of RAM. Isn't it set by the RAM size, and going over the max (mine is
1024 for 16MB) would freeze the router? What good would setting the max
connections to a value over what the machine would crash at do? Does it
count connections deleted by garbage collector or something? Am I missing
something? hrrmmm...

Thanks!
-jason
Sonam Wangmo | 15 Jun 16:40 2006
Picon

help to find the doc for NoCatSplash

hi,
I am just starting to install NocatSplash and  I have not been able to find
the documentation.
What is the next step after the installation?
i get the following message:

 /usr/bin/install -c -m 644 './man/splashd.8'
'/usr/local/man/man8/splashd.8'
test -z "/usr/local/share/nocat/pgp" || mkdir -p -- .
"/usr/local/share/nocat/pgp"
 /usr/bin/install -c -m 644 'pgp/trustedkeys.gpg'
'/usr/local/share/nocat/pgp/trustedkeys.gpg'
make[2]: Leaving directory `/usr/local/NoCatSplash-0.93pre2'
make[1]: Leaving directory `/usr/local/NoCatSplash-0.93pre2'
[root <at> localhost NoCatSplash-0.93pre2]#

is that good news or bad?

cheers
a totally new user
sonam
Wayne Wynn | 18 Jun 09:05 2006
Picon

NoCat in EWRT and DD-WRT

Looking for help getting NoCatSplash working in a WRT54GL router. Have 
flashed WRT54GL with DD-WRT and EWRT.  Want no authentication, just 
splash.html followed by home.html. Have been trying sample splash.html 
files and have modified them some.

Tried various combinations in NoCat in both packages.E.g., (from EWRT):

    * Splash Page default of //jffs/nocat, or blank, or remote splash url
    * Remote Splash entered
    * Forced Redirect is enabled
    * Home Page URL entered
    * External Mgt Hosts blank or entered.
    * Allow non-local DNS enabled and disabled.
    * Include and Exclude Ports alwasy blank
    * Allowed web hosts blank or entered (e.g., "shaw.ca
      members.sahw.ca" without the quotes)
    * MAC WhileList blank
    * Disable NAT is disabled.

Depending on the combination of NoCatSplash entries, when wireless 
client with blank home page tries to go www.google.com either they get 
through or the URL becomes

    http://192.168.1.1:5280/?redirect=http%3A%2F%2Fwww.google.com%2F

and the status bar shows Done. Nothing else happens. When this occurs, I 
infer that NoCatSplash is at least active and trying to work, but have 
not been able to get it to do more.

Have tried to manage the router via WinSCP, telnet and ftp. At one point 
(Continue reading)

x_patriot paracetamol | 18 Jun 14:14 2006
Picon

pfctl permission denied

Hi all,
it may be stupid question for all of you...i get some error on running
nocathauth-gateway, im using freebsd 6 and installing Nocat from Ports...
-------------------------------------------
pfctl: Permission denied
print: not found
[[: not found
[[: not found
------------------------------------------
i run the software as Root but it seems like i don't have enough privelleges
to run that "pfctl"..

help me..

thanks.,

chole
Babak Schiffer | 23 Jun 01:05 2006
Picon

iptables and redirection problem!

Hi,

I´m running NoCat-GW( NoCatAuth-0.82) on linux(2.6) and first I want to test 
my GW with auth.nocat.net
but I have a trouble with redirection.I get no LoginPage at all.
It seems Nocat-GW works "fine" .Here is the nocat log:

[2006-06-22 13:13:13] Gateway running on port 5280.
[2006-06-22 13:18:23] Gathering stats from firewall with cmd='stats.fw  '.

And here the Gateway config(all other important atts are commented):

GatewayMode Passive

LoginTimeout 600

TrustedGroups Any

AuthServiceAddr auth.nocat.net

AuthServiceURL https://$AuthServiceAddr/cgi-bin/login

LogoutURL https://$AuthServiceAddr/logout.html

ExternalDevice eth0

InternalDevice eth1

AccountingMethod None

(Continue reading)

Arun Chatterjee | 25 Jun 05:54 2006

login timeout

Is there a way to change the LoginTimeout *per login*? I am running the 
gateway in passive mode and can insert the desired value for login 
timeout in the redirect from the auth server back to the gateway during 
login. I can see (in nocat.log) that the correct value is read by pgp. 
But then the default LoginTimeout (or the value set in nocat.conf) seems 
to the one that gets used. I can tell this by timing the logout and by 
looking up 196.168.168.1:5280/status.

thanks
-arun

Gmane