From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp81.iad3a.emailsrvr.com (smtp81.iad3a.emailsrvr.com [173.203.187.81]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by huchra.bufferbloat.net (Postfix) with ESMTPS id 28A4121F387 for ; Thu, 9 Apr 2015 09:37:05 -0700 (PDT) Received: from smtp3.relay.iad3a.emailsrvr.com (localhost.localdomain [127.0.0.1]) by smtp3.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 9712130093C; Thu, 9 Apr 2015 12:37:04 -0400 (EDT) Received: from app17.wa-webapps.iad3a (relay-webapps.rsapps.net [172.27.255.140]) by smtp3.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 499F6300901; Thu, 9 Apr 2015 12:37:04 -0400 (EDT) X-Sender-Id: dpreed@reed.com Received: from app17.wa-webapps.iad3a (relay-webapps.rsapps.net [172.27.255.140]) by 0.0.0.0:25 (trex/5.4.2); Thu, 09 Apr 2015 16:37:04 GMT Received: from reed.com (localhost.localdomain [127.0.0.1]) by app17.wa-webapps.iad3a (Postfix) with ESMTP id 385E128008C; Thu, 9 Apr 2015 12:37:04 -0400 (EDT) Received: by apps.rackspace.com (Authenticated sender: dpreed@reed.com, from: dpreed@reed.com) with HTTP; Thu, 9 Apr 2015 12:37:04 -0400 (EDT) Date: Thu, 9 Apr 2015 12:37:04 -0400 (EDT) From: dpreed@reed.com To: "Dave Taht" MIME-Version: 1.0 Content-Type: text/plain;charset=UTF-8 Content-Transfer-Encoding: quoted-printable Importance: Normal X-Priority: 3 (Normal) X-Type: plain In-Reply-To: References: <81246.1428527679@turing-police.cc.vt.edu> X-Auth-ID: dpreed@reed.com Message-ID: <1428597424.22831487@apps.rackspace.com> X-Mailer: webmail/11.3.13-RC Cc: cerowrt-devel , bloat Subject: Re: [Cerowrt-devel] =?utf-8?q?Suggestions/advice_for_captive_portal_o?= =?utf-8?q?n_gw00/gw10=3F?= X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Apr 2015 16:37:34 -0000 DOn't want to get entangled in the political debate, but just a thought:=0A= =0AIf you track what MAC addrs use what upstream capacity, you could have d= ata on which to judge who is pushing your usage over any caps you happen to= have.=0A=0AHaving some data (not general fears or propaganda generated by = those who want to tell you to be very afraid so you buy their gear or their= arguments) always helps.=0A=0AAnd if you like, you could do something that= doesn't involve all the protocol violations that a captive portal usually = involves (redirecting DNS, ... and putting MITM attacks on https: connectio= ns, ...), e.g. restrict any unknown users to 28 Kb/sec of your upstream, fo= r example, as a way to be non-disruptive. People won't get netflix or yout= ube over 28 kb/sec in any useful way.=0A=0ASecurity is often just a matter = of making it easier to steal from your neighbor, rather than installing an = automatic gun to shoot anyone who trespasses.=0A=0AOn Wednesday, April 8, 2= 015 5:34pm, "Dave Taht" said:=0A=0A> On Wed, Apr 8, 2= 015 at 2:14 PM, wrote:=0A>> On Wed, 08 Apr 2015 = 16:40:10 -0400, leetminiwheat said:=0A>>=0A>>> Sorry again, I found connlim= it in iptables-mod-conntrack-extra. I'll=0A>>> investigate further about a = simple portal and not make it too intrusive,=0A>>> just more of a warning t= hat they're not on their (faster) home WiFi.=0A>>=0A>> It's 74F and sunny o= utside, it's one of the more scenic areas in southwest=0A>> Virginia, I hav= e a Jaguar with an almost full tank of gas in the parking lot,=0A>> and I'm= stuck in this cubicle for a bit longer. So the snark is running high=0A>>= at the moment.=0A>>=0A>> http://www.ex-parrot.com/pete/upside-down-ternet.= html=0A>>=0A>> And add an exception list for device MAC addresses you recog= nize....=0A>>=0A>> That should do the trick. :)=0A> =0A> While amusing, tha= t was not my point.=0A> =0A> My overall point is that not sharing wifi spec= trum sanely, and the=0A> resulting interference is hurting everyone.=0A> = =0A> There is no "theft" of internet access you are not using.=0A> =0A> (A= dmittedly there are (today) increasing amounts of usage caps from=0A> the I= SP, which I do not like either.)=0A> =0A> --=0A> Dave T=C3=A4ht=0A> We CAN = make better hardware, ourselves, beat bufferbloat, and take=0A> back contro= l of the edge of the internet! If we work together, on=0A> making it:=0A> = =0A> https://www.kickstarter.com/projects/onetswitch/onetswitch-open-source= -hardware-for-networking=0A> ______________________________________________= _=0A> Cerowrt-devel mailing list=0A> Cerowrt-devel@lists.bufferbloat.net=0A= > https://lists.bufferbloat.net/listinfo/cerowrt-devel=0A> =0A