Securing Your Hotspot
To activate the captive portal, fire up the webGUI as you did earlier and follow these steps:
- From the left-hand navigation, choose Captive Portal under Services. You are presented with the Captive portal configuration screen.
- Check the Enable Captive Portal check box as shown in Figure 5.
Figure 5 Enabling m0n0wall's Captive Portal service.
- For the Portal Page contents, use the prompt.html file I have provided in the html.zip download.
- Similarly, for the Authentication Error Page contents, choose the file named
error.html from the html.zip download provided.
These files are both pretty simple HTML files which can serve as placeholders until you swap them out with something to your liking. The key thing to realize is that when a user first tries to access a web site after connecting to the hotspot router, she will be redirected and asked to authenticate by m0n0wall, using the prompt.html file as the captive portal front page.
The file prompt.html (shown below) contains a form that sends a couple of variables to m0n0wall as populated by a user trying to authenticate. Namely, the form fields auth_user and auth_pass are populated.
<body> <center> Welcome to the El Cheapo Coffee Shop<br> Please enter your username and password. Visit the front desk to obtain this info. <form method="post" action="$PORTAL_ACTION$"> Username: <input name="auth_user" type="text"><br> Password: <input name="auth_pass" type="password"><br> <input name="redirurl" type="hidden" value="$PORTAL_REDIRURL$"> <input name="accept" type="submit" value="Submit"> </form> </center> </body>
If the values provided by a captive portal user equal to ones recognized by m0n0wall, then the user will be allowed to go on her merry way and surf, else she will be presented with the error page (the HTML source of which is shown below). In short: no pass, no play.
- To enforce authentication, click the Local User Manager option in the Authentication section as shown in Figure 6.
- Save your changes to the configuration before moving on.
Figure 6 Enabling authentication using the local user manager.