Subj : Re: Wireless ISP To : comp.os.linux From : bluekarthik Date : Wed Aug 11 2004 07:47 am Hi, Can the same be implemented through bluetooth ? Is it not possible via Bluetooth ? karthik bala guru Kevin Brown <-NOSPAM-itismekevinb-NOSPAM-@hotmail.com> wrote in message news:... > Hello all, > > I have been asked to setup a gateway for a wireless ISP. After doing > some research, I have come up with a way for people to login to the > server, but have some questions about its security, expandabilty and > stability. > > First off, I am using Roaring Penguin's pppoe-server program as the > PPPoE server. I am familiar with PPPoE for DSL, so I figured, since it > is widely used, it would be easy for the clients to connect using it. > Once the pppoe-server was setup and running, I just had to make up a few > firewall rules. > > For now I am using NAT. Since, whenever someone connects via pppoe it > creates a ppp interface, I figured, to restrict access, I would let the > NAT take place thru the pppx connections, but not thru the wireless > interface (I tested it with ethernet so that'd be eth1 for me). If I > didn't disalow NAT on eth1 then I could access the internet without > logging in via PPPoE. These are my firewall rules: > > iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE > iptables -A FORWARD -i ppp+ -j ACCEPT > iptables -A FORWARD -i eth1 -j DROP > > where eth0 is my internet connection, eth1 is the ethernet card (will be > the wireless interface with the WISP) going out to the computers which > require PPPoE authentication, and ppp+ are all the verified ppp connections. > > First of all, how secure is this way of authentication? I was thinking > to myself, since passwords probably aren't encrypted, it would be easy > for hackers to find peoples login names and passwords. So, is there a > way to encrypt PPPoE passwords with my setup? Secondly, how do I make > sure two people are not logged in with the same login name? For > bandwidth control should I use 'tc' or is there a better way? And > finally, should I run a DHCP server off eth1? pppoe-server gives the > connected computer an IP address, but should I assign an IP to the > client's wireless card? They're not connecting to the internet through > it, but I am wondering what the professionals think. > > Thank you for all your help in advance, I really appreciate it. > Kevin Brown. .