Unauthorized MAC redirected through Proxy or CP?



  • Hi,
    I have had a good look around the forums, and cannot find the answer to this question without using a VLAN or something similar, and as I don't have a VLAN capable switch, I am looking for another solution.

    My current setup is like this…

    ADSL Modem --- pfSense --- Wireless/Wired Router

    Everything is working fine as it should with what I want, Running Squid/Lightsquid as transparent proxy for caching and suchlikes.
    I have setup a list of MAC Addresses in the DHCP Server for static leases, all good.

    What I want todo it, any user that doesn't match a MAC Address in the list, have all ports blocked (like a captive portal) and be redirected through a squid proxy (seperate one than everyone else uses, either on the pfsense box on different port, or another box on LAN) still have access to the internet, at a restricted speed, but no access to any other ports outgoing.

    Main thing I want todo, is being able to mess with them (this is a SOHO network, WiFi is WPA2, so anyone who gets in, deserves it, or if I decide to mess with my partner) like this http://www.ex-parrot.com/pete/upside-down-ternet.html

    Maybe setup DHCP Server so anyone in the Dynamic Range, is redirected through another squid?

    Is there anyway todo this from within pfsense? Or should I look to set it up through SSH, maybe with IPW? I am not that familiar with FreeBSD, more used to iptables and Linux.

    Sorry for the rambling, hopefully you can understand what I want todo.
    Basically, static ips = go through normal squid/lightsquid and the dynamic range or maybe unauthorized (but still need ip) go through another proxy with speed limiting, port blocking)

    Thank You for your time.
    FriedCPU


Log in to reply