FANDOM


back to http://scratchpad.wikia.com/wiki/Sasecurity

This is probably a very stupid question but i am going to ask it anyways. In wiana it shows leases which seems to be any wireless device that the mesh node assigns a dhcp lease to at that node authenticated or not. then if i select SHOW ALL LEASES i get information that is somewhat the same but not always the same as for that particular node. and sometimes some nodes dont show up at all in SHOW ALL LEASES list. some leases are on totally different nodes than the first. someone like to explain that?

Probably the different lists are constructed by different scripts, and so some data might be out of sync depending upon when the data was uploaded. Second question is.. what file and path in an active node can the authentications that the node has given out be found??

if you do IpTables -L, this will show all current rules for the firewall. If you go through the splash screen and authenticate, a rule is added for your MacAddress. All the rules refer to the MacAddress. {{{ >All i have been able to find is the file that shows the mac >addresses that i have mac authenticated thru wiana. is the actual >list of authenticated users stored on wiana and used somehow real >time?

The list of users able to authenticate is stored on wiana, and the radius check is done in real time.

> the reason i am asking this because at random times my customers >just CANT surf the internet for random amounts of time 30 seconds to >30 minutes(within the limits of authorization times set) and the >nodes are all working fine and can ping back to my T1 router with no >problem and with 0 packet loss. all my signals between clients and >nodes and node2node will cook hotdogs and are rock solid.

use

CwRadius username password

to check the authentication.


The setting itself is not that hard. At least not on the command line. Assuming 192.168.2.0/24 is your SubNet

IpTables -A FORWARD -d 192.168.2.0/24 -j REJECT

This would reject all traffic to the SubNet, but allow logins from the meshbox to that subnet.

Of course you'll need a rule to allow traffic to the gateway, i.e. 192.168.2.1

  1. iptables -A FORWARD -d 192.168.2.1 -j ACCEPT or similar (I'm not very

familiar with iptables lingo)

Question however is, will these settings be overridden by any wiana setting?


>Is there any wiana setting that would prohibit users that login via a >meshbox to access the network the meshbox finds his gateway through? > >Say we have a c class network 192.168.1.0 with a gateay to the internet >on 192.168.1.1 and a server on 192.168.1.10, some clients on >192.168.1.13-20. > >We connect a meshbox to this network that receives an ip number >192.168.1.200 from a dhcp server. > >The meshbox itself hands out ip numbers to wireless clients in the c >network 192.168.240.0 > > >How can I stop clients in the 192.168.240.0 network deny access to the >192.168.1.10 and 192.168.1.13-20 servers, while I allow them access to >the 192.168.1.1 gateway. > >Could I do this with a setting in wiana or would I have to set up a set >of firewall rules? }}}

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.