On Mon, Apr 14, 2014 at 9:06 AM, Dan Williams <dcbw(a)redhat.com> wrote:
On Mon, 2014-04-14 at 12:00 -0400, Paul Wouters wrote:
> On Mon, 14 Apr 2014, Dan Williams wrote:
>
> > But another scenario I've seen: older Netgear routers which intercept
> > "www.routerlogin.net" as the setup page. The instructions literally
> > are:
> >
> > 1) connect your computer to the router with a cable
> > 2) go to
www.routerlogin.net
> > 3) follow the setup guide instructions
> >
> > Any idea how dnssec-trigger + unbound would handle this? Since it's
> > router setup, maybe spawning the whole new window for the "portal"
would
> > work, but you'd want to make sure the window didn't go away or DNS
> > didn't change until the user was done setting up the router.
>
> I don't know what they do when you query for anything else. If there is
> no hotspot redirection on port 80/443 and their DNS server works
> properly, and your wifi was secure, you would then get their forward
> and the above would work. If it is an open wifi, we would not install
Since the user is setting things up, they can pick whether it's open or
protected wifi. We don't control that.
> the forward and you would not get there. but in the current setup, you
> can pick "hotspot login" mode and it puts their DNS in place, and than
> you will reach it. Note that manual hotspot login sessions require you
Ok, that could be a problem. This is a user setting up wifi on a router
they just bought, so it has no upstream connection yet, is not yet
configured at all, and they are just following the directions in the
printed brochure they got with the router. Which obviously won't say
anything about "hotspot login" mode.
Also, this is the procedure you follow if you reset the router to
factory defaults, which support people sometimes tell you to do. So
we'd run into the issue if/when the user contacted Netgear technical
support too.
If you want to get really fancy, you could try to detect a state in
which there is no connection to the internet, the router has an
address 192.168.*.1, and the router is listening on TCP port 80, and
suggest an alternate "you are connected to a possibly unconfigured
router" mode.
--Andy