On 04/11/2014 03:14 PM, P J P wrote:
On Saturday, 12 April 2014 12:40 AM, Bruno Wolff III wrote:
It looks like your proposal is going to break things for people using
some wifi hotspots.
Why, how?
It's a hack designed to handle someone that just connected to the
network and opened a browser, say.
Instead of blocking access, one runs a fake DNS system that responds
with the captive portal's IP to every query.
The httpd service at that IP responds with an "enter your credentials to
get network access" page to all URLs.
An example of such fake DNS server is the following code resolving all
queries to 192.168.123.45
#!/usr/bin/perl
use Net::DNS::Nameserver;
use strict;
use warnings;
sub reply_handler {
my ($qname, $qclass, $qtype, $peerhost) = @_;
my ($rcode, @ans, @auth, @add);
if ($qtype eq "A") {
my ($ttl, $rdata) = (3600, "192.168.123.45");
push @ans, Net::DNS::RR->new("$qname $ttl $qclass $qtype $rdata");
$rcode = "NOERROR";
} else {
$rcode = "NXDOMAIN";
}
# mark the answer as authoritive (by setting the 'aa' flag
return ($rcode, \@ans, \@auth, \@add, { aa => 1 });
}
my $ns = Net::DNS::Nameserver->new(
LocalPort => 53,
ReplyHandler => \&reply_handler,
Verbose => 0,
);
if ($ns) {
$ns->main_loop;
} else {
die "couldn't create nameserver object\n";
}
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct