How do I use Squid to harden my Public Wi-fi?

Hi Experts,

I have been asked to setup 2 public wifi access points for my company both are unsecured their idea not mine!  Anyways was trying to develop some thing that could be used to stop 95% of people logging onto the network. The public wifi is on it's own private range and is firewalled by an IPcop. Have been playing around with squid and I beleive something like the following would suffice:

I need squid to forward all web requests unless authenticated to a web page
This web page will consist of a login page for use with the public wifi which users will use the username and password supplied by myself which will then give them Internet access. Ideally logging client MAC address so streamlining future connections, but probably beyond my expertise.

Have taken some principles from the Upsidedownternet (http://ex-parrot.com/~pete/upside-down-ternet.html) as a form of trial and error

Very new to IPtables, Squid and Perl so any help is appreciated  

Also IPcop is different in the way it uses its proxy (I cant seem to find the squid.conf file to make changes)


Many Thanks
mrawliAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnjcesCommented:
If I were you, I would move form IPCop to ClarkConnect. The community version is free and you can do everything you need and easily form a web based GUI, from bandwidth management, time restrictions, allow users to log on for Internet access and etc. It does use Squid. It has been very stable and is simply very good.

http://www.clarkconnect.com
http://www.clarkconnect.org/forums  (Forums have been very helpful)

You will need several NICs in an old PC, one for the WAN and others for each separate network you are planning. It also has a wireless side of things which I have never played with but I think that is for a hardware wireless NIC that will turn a CC box into a full blown AP/Router.

I have used CC for ... well since it came out and that has been many years ago.

John
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JohnjcesCommented:
I wish I could type... form := from
0
2hypeCommented:
You could try something like the CopSpot Addon for IPCOP.  Its an addon to add captive portal functionallity to the IPCOP Box.

http://www.ban-solms.de/t/IPCop-copspot.html
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.