[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

OT (sort of): Best current practise for "open" access points ?

Can ayone point me at receipes for setting up "open" wireless access points with pf that allow for "good" traffic, while preventing "undesirable". I know that "good" and "undesirable" are in the eye of the beholder, hence the quotes.

I can think of two areas to protect - (1) bandwidth / resources and (2) reputation (of IP addresses / upstream AUPs etc.). Bandwidth via queues etc. and reputation by reducing possibilities for abuse.

I think what I want things like blocked outbound port 25 traffic, while allowing MSA, blocking common outbound virus traffic, having some sort of hierarchical queueing based on client IP addresses (via DHCP) etc. but I am not sure what I really want, hence the request for pointers.