On Saturday, 30 January 2021 11:06:10 CET Sven Eckelmann wrote: [...]
The information are far to vague to give you anything.
I just got two mails which tried to standard new threads and were therefore rejected. Still I am forwarding the most relevant one of both to this thread.
But I still think that this is completely unrelated to batman-adv. Because it is at the completely wrong layer, doesn't have access to the users device (and the other way around) and the firewall wouldn't even see batman-adv packets:
---------- Forwarded Message ----------
Subject: Users authentication with roaming feature Date: Saturday, 30 January 2021, 14:18:02 CET From: Tushar Malpani tusharmalpani20@gmail.com To: b.a.t.m.a.n@lists.open-mesh.org
Hi, I have a community mesh setup here in India and we have been using B.A.T.M.A.N Adv as our mesh routing protocol. At present, we are using pfSense firewall/router which hosts a captive portal for authenticating a users. Am not sure but somehow it seems to work great with client roaming as the users switches from one node to another but, since it's easy to bypass a captive portal by changing one's IP and MAC address we switched to different authentication methods such and tried using WPA-Enterprise, VPN but none of those gave us a seamless roaming experience. So, we moved baked to captive portal as of now and understood it's working and found that it uses ipfw table under the hood, it adds the authenticated users IP address in ipfw tables and passes all the request made by them. And then we came up with the idea of adding an additional header to each packet which will have a value(which is unique to each user).After the first authentication we add that unique value to our firewall rules which will be similar to what captive portal does but secure since each value is unique to each user. Can this be done by tweaking B.A.T.M.A.N Adv code or this is something which should be done at users devices? Is this idea as good as we think it is or there is already a better solution out there? Can you help point to where to look, learn and build this system?
Thanks and regards Tushar Malpani -----------------------------------------