Hack 75. Capture Wireless Users on a Small Scale
If you need a simple "splash screen" for your wireless users, try this simple captive portal.
Perl is too heavy of a requirement for some gateway hardware, making it impractical to use NoCatAuth [Hack #74]. Fortunately, there is a captive portal you can use as an alternative.
If you are only looking for a "click here to continue" sort of splash page (without the full authentication mechanism), you might be interested in NoCatSplash, a port of NoCatAuth that is rewritten entirely in C and is under active development. Its requirements are quite small, but it supports only simple open mode portal functionality. The current version works under Linux, and portability to BSD and other systems is planned for the near future.
Owners of a Linksys WRT54G or similar hardware that is capable of running the OpenWRT [Hack #67] Linux distribution can install NoCatSplash as a .ipk package.
To install NoCatSplash, download the current CVS tree or just grab the archive available at http://nocat.net/download/NoCatSplash. Unpack the archive, navigate to NoCatSplash-nightly/, and install it with a simple set of commands:
./configure make make install
This installs splashd to /usr/local/sbin, and puts the nocat.conf configuration file in /usr/local/etc. Edit the nocat.conf file to your tastes, making sure to set the ExternalDevice, InternalDevice, LocalNetwork, and DNSAddr options to fit your network layout. See the comments in the configuration file for details.
Start the portal by running splashd as root:
# /usr/local/sbin/splashd &
NoCatSplash uses the same firewall scripts as NoCatAuth to do the actual iptables firewall manipulation. It installs these scripts to /usr/local/libexec/nocat, making it simple to customize your firewall rules if you need to. With splashd running, any users whose traffic originates on the InternalDevice will be captured and shown the splash page defined in nocat.conf. The default HTML files for the splash page are kept in /usr/local/share/nocat/htdocs, but you can keep them wherever you like by setting the DocumentRoot option in nocat.conf.
While NoCatSplash might not be as feature rich as NoCatAuth, its requirements are simple. It can be ideal for situations where you simply want to give people an idea of whose network they are using, especially if the capabilities of your wireless gateway are limited.