Hi,
> lurking at Liberté Linux' source for inspiration regarding our wifi
> hotspots todo item [0], settings in your firewall somehow surprised
> me:
>
> # Ports used by HotSpot registration pages
> hotspot=http,https,webcache,tproxy,3128,3660,8088,11523,58080,1024:65535
I have certainly encountered non-standard ports in hotels, and the
list above (before 1024:65535) is from searching for transparent Wi-Fi
gateway suppliers/configurations on the net and scouring
/etc/services. However, there is the problem that the list can't be
exhaustive since you never know what custom configuration will be used
by any given ISP. And, consequently, I have received reports that the
unsafe browser in 2010.1 worked in one hotspot and didn't in another.
So I opted for allowing all non-privileged ports (and leaving the
former list intact for informational purposes), and making sure that
the user is aware that the unsafe browser must only be used when
necessary.
> Bye, keep up with the good work!
Thanks, and I am certainly looking for ideas in T(A)ILS as well! For
instance, I implemented kexec-based reboot/shutdown (with a custom
memory wiper).