Hello!
A while ago I switched my wifi hotspot captive portal software to m0n0wall 1.3; the server is a standard x86
pc running some quite fast pentium IV (approx. 2 ghz), with 1 gig of RAM and two quality Intel NICs.
I boot m0n0wall from a cdrom with configuration data stored on a floppy disk.
The box's WAN interface is connected to our in-house network with a static IP assigned. The LAN interface is attached
to a cascade of about 20 wifi routers in several locations. M0n0 acts as DHCP server in the LAN.
The in-house's internet connection is as fast as 10mbps. wifi speed should be limited to a small fraction of that as we need a lot
of bandwidth in the wired portion of the net.
Traffic shaping is turned on with following Magic shaper rules: P2P traffic to lowest ON / share evenly OFF / downstream 950 kbps / upstream 256 kbps.
Following firewall rules prevent wifi (aka LAN) users from accessing the inhouse net:
| ACTION | proto | source | port | destination | port | description |
| block | * | * | * | 192.168.0.1/8 | * | blocks in-house net |
| block | TCP/UDP | * | * | * | 25 | blocks SMTP |
| block | TCP/UDP | LAN net | * | 10.10.10.2 | 80 | blocks wifi access to m0n0wall |
| allow | * | LAN net | * | * | * | default LAN -> any |
Advanced outbound nat is disabled. One inbound NAT rule allows m0n0wall http GUI access from WAN.
At first, the connection worked quite well. Now, HTTP(S) connections on the LAN side are awfully slow, way slower than with our previous solution using proprietary software. Switching off traffic shaping does not change anything.
We would really like to stick to open-source; does anyone have a solution?
I think we are missing something in the firewall configuration?!
Best regards,
otto
m0n0wall Forum > m0n0wall Support (English) > General Questions
Topic: m0n0wall 1.3 hotspot on x86 pIV/cdrom - awfully slow