Feature Requests

I use Monowall with capitive portal access to public hotspot, but people have access to lan, it would be nice to have access only to wan. I tried to block the view between rules with customers without success.

This is definitely possible (assuming your captive portal runs on an optional interface). How did you set up your firewall rules?

Thanks for the reply, I do not use optional lan, only wan connected via PPPOE in ADSL modem, and Lan connected to 20 access points with a 24-port switch.

 I tried using the blocking rule: * LAN net * LAN net *

If all of your AP's are on the same switch, there's not much you can do at the firewall level.  Is it a managed switch?  If so you may be able to use the switch to prevent each AP from talking to each other somehow (possibly with VLANs?).

Hi, It isn´t a managed switch. I believe the firewall is able to prevent communication network defined in the DHCP range Monowall, I've seen some hotspots that windows 7 show internet only, in my case it shows the local network and internet conexion. I believe the local network is necessary for the autentication of capitive portal. I'm stay with 5 systems running at 3 years and very satisfied with the results and established, just this security issue that still could not solve, but with the help of everyone here at the forum I'm sure I will get.

by sub-netting the network.
i modified and Image , and could have an option in ISC DHCP server up in GUI , to assign certain sub-net mask to clients, as /30.
i hope the hidden options in DHCP to appear in the GUI, and some useful options to be added.
regards