1 NoCatSplash is a Open Public Network Gateway Daemon. It performs as a
2 [captive/open/active] portal. When run on a gateway/router on a network,
3 all web requests are redirected until the client either logs in or clicks
4 "I Accept" to an AUP. The gateway daemon then changes the firewall rules
5 on the gateway to pass traffic for that client (based on IP address and
8 NoCatSplash is the successor to NoCatAuth, which was written in Perl.
9 NoCatSplash is written in ANSI C in order to be smaller and work better on
10 embedded style devices. NoCatSplash uses the portable GLib library from the
11 GNOME Project for its event loop, memory management, and high-level data
14 NoCatSplash is copyrighted (c) 2004 - 2005 by Schuyler Erle
15 <schuyler@nocat.net> and Rob Flickenger <rob@nocat.net>, and is distributed
16 under the GNU Public License v2 or better.
23 vi /usr/local/etc/nocat.conf
24 /usr/local/sbin/splashd
26 *** Requirements - Current
31 * netfilter kernel modules for NAT, redirection, etc.
32 * GnuPG (passive mode only)
33 * libghttp (remote splash only)
35 *** Requirements - Future Version
38 * ipfw - no MAC address filtering
39 * ipfwv2 - includes MAC address filtering
49 *** Building NoCatSplash for normal operation
51 To build and configure the NoCatSplash gateway, run:
53 $ cd NoCatSplash-nightly
57 iptables must be in your path when you run ./configure! Next, as root:
60 # vi /usr/local/etc/nocat.conf [or use your editor of choice]
62 In addition to the usual GNU ./configure options, NoCatSplash also supports:
64 --prefix=<path to install>
65 defaults to /usr/local
68 If enabled, splashd will attempt to fetch its splash page
69 from the URL specified by SplashURL, rather than using the
70 local one specified by SplashForm. SplashForm is retained
71 as a fallback in the event that SplashURL can't be loaded.
74 Compile for *experimental* authenticating passive mode. Passive mode
75 basically doesn't really work yet. Patches welcome.
77 --with-firewall=loopback
78 Compiles with "loopback" firewall scripts for testing.
81 Also compiles ghttpd for local web server testing.
84 *** Running the NoCatSplash gateway
86 To run the NoCatSplash gateway, you must be root. Run:
88 # export PATH=$PATH:/sbin
91 In particular, you need to make sure that iptables can be found via the
92 PATH environment variable before executing splashd.
94 *** Building NoCatSplash for testing purposes
96 You can build NoCatSplash with the "loopback" firewall scripts in order
97 to test it on a machine without any network connection:
100 $ ./configure --prefix=/tmp/nocat --with-firewall=loopback \
104 $ vi /tmp/nocat/etc/nocat.conf
106 Set "LoginTimeout" to a low value, say, 120 seconds. As root, run:
108 # /tmp/nocat/sbin/ghttpd &
109 # /tmp/nocat/sbin/splashd
111 If you're not currently running a web server, this will start ghttpd, a
112 lightweight web server, running on port 80, serving data out of the
113 DocumentRoot specified in nocat.conf. Then run /tmp/nocat/sbin/splashd. Open a
114 browser, and go to http://localhost/test.html or some other page on your local
115 web server. You should be captured and allowed to log in, at which point you
116 should be directed to the web page you attempted to visit. You should be able
117 to browse your local web server until your login expires.
121 NoCatSplash only runs on Linux at present. Contact me if you are
122 interested in porting it to other operating systems, particularly *BSD,
123 and I will give you pointers on how to do so.
125 People who have been paying attention will note that I've temporarily
126 thrown out my original design for NoCatSplash, and concentrated on
127 building a simplified rendition of the NoCatAuth Open mode in C. This
128 is deliberate. The original design was nice, but too baroque for getting
129 this project off the ground.
131 Anyway, this code is going to change very rapidly. It might
132 not be fancy, but it should work. Comments and questions welcome.
134 SDE <schuyler@nocat.net>