{"id":488,"date":"2017-04-07T07:00:10","date_gmt":"2017-04-07T15:00:10","guid":{"rendered":"http:\/\/andrewwippler.com\/?p=488"},"modified":"2017-03-30T08:25:35","modified_gmt":"2017-03-30T16:25:35","slug":"captive-portal-overview","status":"publish","type":"post","link":"https:\/\/andrewwippler.com\/2017\/04\/07\/captive-portal-overview\/","title":{"rendered":"Captive Portal Overview"},"content":{"rendered":"<p>I originally authored this on Aug 16, 2016 at\u00a0<a href=\"http:\/\/unix.stackexchange.com\/a\/303807\">http:\/\/unix.stackexchange.com<\/a>. Considering my tutorial did not include an overview, I thought I would re-post it on my blog.<\/p>\n<hr \/>\n<p>To make a captive portal appear, you need to stop all internet traffic and provide a <code>302 redirect<\/code>to the client&#8217;s browser. To do this, you need to have a firewall (like <code>iptables<\/code>) redirect all traffic to a webserver (like <code>nginx<\/code>,\u00a0<code>apache<\/code>, etc) where the webserver responds with a <code>302 redirect<\/code> to the url of your login page.<\/p>\n<p>I have written a <a href=\"https:\/\/andrewwippler.com\/2016\/03\/11\/wifi-captive-portal\/\" rel=\"nofollow\">lengthy article<\/a>\u00a0on how to do this with a Raspberry Pi. It basically boils down to the <strong>iptables block\/redirect to webserver<\/strong>:<\/p>\n<pre><code>iptables -t nat -A wlan0_Unknown -p tcp --dport 80 -j DNAT --to-destination 192.168.24.1\r\n<\/code><\/pre>\n<p>and then the webserver (<code>nginx<\/code>) redirecting to the login page:<\/p>\n<pre><code># For iOS\r\nif ($http_user_agent ~* (CaptiveNetworkSupport) ) {\r\n    return 302 http:\/\/hotspot.localnet\/hotspot.html;\r\n}\r\n\r\n# For others\r\nlocation \/ {\r\n    return 302 http:\/\/hotspot.localnet\/;\r\n}\r\n<\/code><\/pre>\n<p>iOS has to be difficult in that it needs the WISP settings. <code>hotspot.html<\/code> contents are as follows:<\/p>\n<pre><code>&lt;!--\r\n&lt;?xml version=\"1.0\" encoding=\"UTF-8\"?&gt;\r\n&lt;WISPAccessGatewayParam xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xsi:noNamespaceSchemaLocation=\"http:\/\/www.wballiance.net\/wispr_2_0.xsd\"&gt;\r\n&lt;Redirect&gt;\r\n&lt;MessageType&gt;100&lt;\/MessageType&gt;\r\n&lt;ResponseCode&gt;0&lt;\/ResponseCode&gt;\r\n&lt;VersionHigh&gt;2.0&lt;\/VersionHigh&gt;\r\n&lt;VersionLow&gt;1.0&lt;\/VersionLow&gt;\r\n&lt;AccessProcedure&gt;1.0&lt;\/AccessProcedure&gt;\r\n&lt;AccessLocation&gt;Andrew Wippler is awesome&lt;\/AccessLocation&gt;\r\n&lt;LocationName&gt;MyOpenAP&lt;\/LocationName&gt;\r\n&lt;LoginURL&gt;http:\/\/hotspot.localnet\/&lt;\/LoginURL&gt;\r\n&lt;\/Redirect&gt;\r\n&lt;\/WISPAccessGatewayParam&gt;\r\n--&gt;<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"<p>I originally authored this on Aug 16, 2016 at\u00a0http:\/\/unix.stackexchange.com. Considering my tutorial did not include an overview, I thought I would re-post it on my blog. To make a captive portal appear, you need to stop all internet traffic and provide a 302 redirectto the client&#8217;s browser. To do this, you need to have a [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[6],"tags":[42,43,50],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[],"jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/posts\/488"}],"collection":[{"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/comments?post=488"}],"version-history":[{"count":1,"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/posts\/488\/revisions"}],"predecessor-version":[{"id":489,"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/posts\/488\/revisions\/489"}],"wp:attachment":[{"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/media?parent=488"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/categories?post=488"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/andrewwippler.com\/wp-json\/wp\/v2\/tags?post=488"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}