Tengo que montar un portal, he elejido usar wifidog sobre debian (¿como no?). Estoy siguiendo la documentación de la pagina web de wifidog, instalando todo en una única maquina. En principio no he tenido problemas para instalar el AuthServer (he empezado por detrás, (que le vamos ha hacer), no tengo problemas en configurarlo ni en instalarlo, tampoco en la parte de postgres, tampoco en el cliente. Pero tras instalar el cliente y ejecutar "wifidog -f -d 7" no pasa nada de nada, sigo pudiendo navegar sin que aparezca el portal cáptivo. ¿Alguien puede darme norte? Por si sirve de algo las reglas de iptables sin el wifidog son:
# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT udp -- anywhere anywhere udp multiport dports bootps,bootpc ACCEPT udp -- anywhere anywhere udp multiport dports bootps,bootpc ACCEPT udp -- anywhere anywhere udp multiport dports bootps,bootpc LOG all -- anywhere anywhere LOG level debug prefix "BANDWIDTH_IN:" ACCEPT tcp -- anywhere anywhere tcp dpt:webmin ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcpflags: ACK/ACK ACCEPT all -- anywhere anywhere state ESTABLISHED ACCEPT all -- anywhere anywhere state RELATED ACCEPT udp -- anywhere anywhere udp spt:domain dpts:1024:65535 ACCEPT icmp -- anywhere anywhere icmp echo-reply ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp source-quench ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp parameter-problem ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp dpt:http Chain FORWARD (policy DROP) target prot opt source destination LOG all -- anywhere anywhere LOG level debug prefix "BANDWIDTH_OUT:" LOG all -- anywhere anywhere LOG level debug prefix "BANDWIDTH_IN:" ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination LOG all -- anywhere anywhere LOG level debug prefix "BANDWIDTH_OUT:" DROP udp -- anywhere anywhere udp multiport sports bootps,bootpc DROP udp -- anywhere anywhere udp multiport dports bootps,bootpc # iptables -L -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- anywhere anywhere tras ejecutar "wifidog -f -d 7" las reglas son: # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT udp -- anywhere anywhere udp multiport dports bootps,bootpc ACCEPT udp -- anywhere anywhere udp multiport dports bootps,bootpc ACCEPT udp -- anywhere anywhere udp multiport dports bootps,bootpc LOG all -- anywhere anywhere LOG level debug prefix "BANDWIDTH_IN:" ACCEPT tcp -- anywhere anywhere tcp dpt:webmin ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcpflags: ACK/ACK ACCEPT all -- anywhere anywhere state ESTABLISHED ACCEPT all -- anywhere anywhere state RELATED ACCEPT udp -- anywhere anywhere udp spt:domain dpts:1024:65535 ACCEPT icmp -- anywhere anywhere icmp echo-reply ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp source-quench ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp parameter-problem ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp dpt:http Chain FORWARD (policy DROP) target prot opt source destination LOG all -- anywhere anywhere LOG level debug prefix "BANDWIDTH_OUT:" LOG all -- anywhere anywhere LOG level debug prefix "BANDWIDTH_IN:" ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination LOG all -- anywhere anywhere LOG level debug prefix "BANDWIDTH_OUT:" DROP udp -- anywhere anywhere udp multiport sports bootps,bootpc DROP udp -- anywhere anywhere udp multiport dports bootps,bootpc Chain WiFiDog_vlan1000_AuthServers (0 references) target prot opt source destination ACCEPT all -- anywhere localhost Chain WiFiDog_vlan1000_Global (0 references) target prot opt source destination Chain WiFiDog_vlan1000_Known (0 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain WiFiDog_vlan1000_Locked (0 references) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain WiFiDog_vlan1000_Unknown (0 references) target prot opt source destination ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT tcp -- anywhere anywhere tcp dpt:domain ACCEPT udp -- anywhere anywhere udp dpt:bootps ACCEPT tcp -- anywhere anywhere tcp dpt:bootps REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain WiFiDog_vlan1000_Validate (0 references) target prot opt source destination ACCEPT all -- anywhere anywhere # iptables -L -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination WiFiDog_vlan1000_Outgoing all -- anywhere anywhere Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- anywhere anywhere Chain WiFiDog_vlan1000_AuthServers (1 references) target prot opt source destination ACCEPT all -- anywhere localhost Chain WiFiDog_vlan1000_Global (1 references) target prot opt source destination Chain WiFiDog_vlan1000_Outgoing (1 references) target prot opt source destination WiFiDog_vlan1000_WIFI2Router all -- anywhere 172.17.0.1 Chain WiFiDog_vlan1000_Unknown (0 references) target prot opt source destination WiFiDog_vlan1000_AuthServers all -- anywhere anywhere WiFiDog_vlan1000_Global all -- anywhere anywhere REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 2060 Chain WiFiDog_vlan1000_WIFI2Router (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere -- To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/1401367340.27500.8.ca...@trujo.hvn.sas.junta-andalucia.es