[Xorp-hackers] xorp for wireless authentication/access

[Mark Handley]

Adam and I have been discussing the idea of writing XORP components to
provide access control and authentication for wireless users.  This
would use transparent HTTP redirect to a web page on the router itself
to allow users to authenticate themselves - basically the same method
used by lots of wireless hotspots.

This isn't all that hard to do in principle - the hardest part would
probably be unifying all the various components (firewall, dhcpd,
httpd) under the XORP rtrmgr and configuration files.

But this raises one question which we don't know how to answer: what
should the FEA's API be for firewall functionality?  Comparing what is
available on various platforms (especially FreeBSD and Linux), it
seems that there isn't a whole lot of commonality between iptables and
ipfw2. So creating a common API without dumbing it down to the lowest
common denominator seems difficult.

Does anyone have any thoughts on this?

Cheers,
	Mark