I have a network set up and it’s working perfectly. I deliver internet to a local network and each of my clients is inside an ARP list. No hotspot, DHCP or anything like that.
I can block a certain user from the ARP list and (s)he is not going to have internet access. However, I would like to present blocked users with a single page that will show some information. In my scenario, this will be to tell them come and pay their internet fee.
Ideally, the page will be stored on my computer that belongs to this network. If that’s complicated, then storing the page in the router itself is also an option, scince there’s plently of space there.
If you use static ARP that could be a problem of someone comes with unauthorised MAC since he will not be able to make any connection to network at all.
Otherwise i do it by using port forwarding. I ahve one port forwarding rule that forwards all conections to http to local web server if user is not licenced. It works fine.
Problemis that web server must accept connections regardingof URL. It sghould simply respond to any request with single page which informs user that he is not licenced.
A handy tool for solving this without deploying a cumbersome full-up server like Apache is thttpd, which allows easy arrangement of custom error pages. Symlink the custom 404 page to the “you are a deadbeat” page and you’re all set, no matter what URL the client requests.
Well, that’s actually my question. HOW to do this port forwarding thing? The server that will hold the page already has Apache running as is even accessable from outside the network (a simple NAT-ing).
The problem is to redirect every unauthorized request to that page (the server + the path to the page.). I don’t know where to specify this rule.
You can’t easily (unless MT has some --real-- magic, heh!) rewrite the URL the client is attempting to access inside the network stack, so you have to go about it slightly differently.
NAT to a web server that knows how to handle a 404 for the purpose, in other words to a server with custom error page handling, with your 404 page being the “deadbeat” page.
Apache became a configuration swamp long ago (the Sendmail of web servers??) but I think custom error pages are fairly basic to set up.
All you’re looking to do is handle 404 pages on a server listening on a particular address+port. That’s why a lightweight server such as thttpd is good for this job; the server’s only going to be doing this duty, so it can small and thus cast a small footprint. As opposed to running another instance of Apache…
So, you could run thttpd side-by-side on the same box on which Apache’s running, for instance.
O… k… NAT-ing again… but how to do that so that ARP enabled users could still have normal internet access?
Any sample configuration (command like would do) that you could show me? One that will work for a single ARP enabled client and disable the rest? I don’t mind adding the same rule for each customer in the ARP list, if disabling it from there would be enough in the future.
Oh, and taking your “another instance” idea into consideration, I think I’ll simply let Apache listen on another port and create a virtual host on that port. The server won’t be used for this sole purpose, so adding another application is useless and a custom 404 won’t be logical. Besides, I’m familiar with Apache’s directives. I don’t want to dig into new server’s configurations.