2012-07-23 - Re: [GRASE-Hotspot] One Network Interface

Header Data

From: Tim White <ti***8@gmail.com>
Message Hash: f4526c6cb83f0e566999e0c4ead9db9e2b4c21495ad45fff119011c05e2e2779
Message ID: <500E3FB8.3000503@gmail.com>
Reply To: <000001cd65ca$a77e64d0$f67b2e70$@bidfordgrange.com>
UTC Datetime: 2012-07-23 23:24:56 UTC
Raw Date: Tue, 24 Jul 2012 16:24:56 +1000

Raw message

On 20/07/12 02:22, Laura Coles wrote:
>
> Is it possible to run Grase with only one network interface?
>
Hi Laura. Please subscribe to the mailing list.

It is technically possible, if you have VLAN's and other crazy setup 
stuff. However, with the way the captive portal works, every packet must 
go through the Captive Portal software, and so for this reason you need 
2 network cards. The main reason for it, is so there is no way to bypass 
the security.

In a normal network, you can have your "gateway" be on 2 networks with 
one network card, however, clients on the network could bypass the 
gateway as they have pathway through the network without using the 
gateway. (i.e. ignore DHCP and sniff the other network). With VLAN's, 
you can have "virtual" network cards, but it still requires VLAN capable 
switchs/access points.

So unfortunately, Grase won't support one network interface as its too 
difficult and hardware dependent to maintain security.

Tim

Thread

• Return to July 2012

• Return to “Laura Coles <la***a@bidfordgrange.com>”

• Return to “Tim White <ti***8@gmail.com>”

• 2012-07-19 (Thu, 19 Jul 2012 17:22:12 +0100) - [GRASE-Hotspot] One Network Interface - Laura Coles <la***a@bidfordgrange.com>
  • 2012-07-23 (Tue, 24 Jul 2012 16:24:56 +1000) - Re: [GRASE-Hotspot] One Network Interface - Tim White <ti***8@gmail.com>