How to Deal with Wireless Freeloaders

Oh, man, how deviously fun!!

Encryption is for sissies. If you have a wireless network in your home that your neighbor is mooching off of, this page gives you a few pointers on how to make their web experience more entertaining: Upside-Down-Ternet

I prefer the blurry net rather than any sort of redirecting.

This certainly tempts me to open up our network…

(Thanks, Pete Stevens!)

Upside-Down-Ternet

My neighbours are stealing my wireless internet access. I could encrypt it or alternately I could have fun.

Split the network

I’m starting here by splitting the network into two parts, the trusted half and the untrusted half. The trusted half has one netblock, the untrusted a different netblock. We use the DHCP server to identify mac addresses to give out the relevant addresses.

/etc/dhcpd.conf

ddns-updates off; ddns-update-style interim; authoritative; shared-network local { subnet *.*.*.* netmask 255.255.255.0 { range *.*.*.* *.*.*.*; option routers *.*.*.*; option subnet-mask 255.255.255.0; option domain-name “XXXXX”; option domain-name-servers *.*.*.*; deny unknown-clients; host trusted1 { hardware ethernet *:*:*:*:*:*; fixed-address *.*.*.*; } } subnet 192.168.0.0 netmask 255.255.255.0 { range 192.168.0.2 192.168.0.10; option routers 192.168.0.1; option subnet-mask 255.255.255.0; option domain-name-servers 192.168.0.1; allow unknown-clients; } }

IPtables is Fun!

Suddenly everything is kittens! It’s kitten net.

/sbin/iptables -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -j DNAT –to-destination 64.111.96.38

For the uninitiated, this redirects all traffic to kittenwar.

For more fun, we set iptables to forward everything to a transparent squid proxy running on port 80 on the machine.

/sbin/iptables -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -m tcp –dport 80 -j DNAT –to-destination 192.168.0.1

That machine runs squid with a trivial redirector that downloads images, uses mogrify to turn them upside down and serves them out of it’s local webserver.

The redirection script

#!/usr/bin/perl $|=1; $count = 0; $pid = $$; while (<>) { chomp $_; if ($_ =~ /(.*.jpg)/i) { $url = $1; system(”/usr/bin/wget”, “-q”, “-O”,”/space/WebPages/images/$pid-$count.jpg”, “$url”); system(”/usr/bin/mogrify”, “-flip”,”/space/WebPages/images/$pid-$count.jpg”); print “http://127.0.0.1/images/$pid-$count.jpgn”; } elsif ($_ =~ /(.*.gif)/i) { $url = $1; system(”/usr/bin/wget”, “-q”, “-O”,”/space/WebPages/images/$pid-$count.gif”, “$url”); system(”/usr/bin/mogrify”, “-flip”,”/space/WebPages/images/$pid-$count.gif”); print “http://127.0.0.1/images/$pid-$count.gifn”; } else { print “$_n”;; } $count++; }

Then the internet looks like this!

And if you replace flip with -blur 4 you get the blurry-net

This entry was posted on Thursday, July 27th, 2006 at 12:27 pm and is filed under Cool Stuff, mod7 Studio Life. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.