Hi, Suppose I have a wireless network, with different AP linked to a router-modem (same device). I decided that, internet access should be granted to only clients with logins. I don't want them to exchange logins (so 1 MAC to 1 Logins). I thought about installing squid as an Authentication proxy and the idea of the transparent mode is really tempting me, although I found many people denying its possibility... So what about the IP tables prerouting technique, I didn't test it but what do you think about it? I read about https issues too, any guidance? Anyway, so I'll need to generate logins, and choose an expiry duration... So my question is, if squid accepted a client for valid logins, after how long time it will recheck again if they're still valid? Is it with every Http request? (I need to know when expired logins will stop working) Besides, could you suggest an implementation of this system, how will expired accounts get deleted? and how I will implement 1 Mac <=> 1 account, without asking the client for his mac address beforehand. I know you hate lazy people, so I'll give you my modest approach: I believe Auth helper could be functioning with Mysql database so I'll add mac@ field and it gets populated in the first authentication, and from that step a valid account will be correct user+password+mac@. Will the proxy receive the mac of the cient with each request? Then, I'll make a thread that will keep checking for expired accounts and deletes them from the MySql DB. I would be pleased with any of your suggestions and advices, I'm sure there's always a more efficient way to do it! Thanks
