Method and system of managing a captive portal with a router

摘要

In one exemplary embodiment, a computer-implemented method of a providing a captive portal with a router includes implementing a hotspot managed by a router. The hotspot comprises an Internet-access over a WLAN through a router communicatively coupled to an Internet service provider. The WLAN is identified with a service set identifier (SSID). A connection with a client device is initiated. An HTTP request to a web server from the client device is detected. An internet communication is restricted, with a firewall rule, to a Transmission Control Protocol (TCP) port used by a HTTP or a TCP port used by an alternative HTTP Secure port. The HTTP request is transparently routed to an internal HTTP proxy server running on an alternative HTTP TCP port in the router. The internal HTTP proxy server determines a requested web site's uniform resource locator (URL) and determines whether the requested web site's URL is allowed into a walled garden maintained by the router.

主权项

1. A computer-implemented method of a providing a captive portal with a router, the method comprising:
implementing a hotspot managed by a router, wherein the hotspot comprises an Internet-access over a wireless local area network (WLAN) through a router communicatively coupled to an Internet service provider, wherein the WLAN is identified with a service set identifier (SSID); initiating a connection with a client device; detecting, with at least one processor, an HTTP request to a web server from the client device; restricting, with a firewall rule, an internet communication to a Transmission Control Protocol (TCP) port used by a Hypertext Transfer Protocol (HTTP) or a TCP port used by an alternative HTTP Secure port; transparently routing the HTTP request to an internal HTTP proxy server running on an alternative HTTP TCP port in the router, wherein the internal HTTP proxy server determines a requested web site's uniform resource locator (URL) and determines whether the requested web site's URL is allowed into a walled garden maintained by the router, wherein the router serves a light HyperText Markup Language (HTML) web page that redirects a web browser of the client device to an internal web server where a captive portal is hosted when the requested web site's URL is not allowed into the walled garden, and wherein the router routes a request for the requested web site's URL by the web browser of the client device to an internal web server associated with the requested web site's URL when the requested web site's URL is allowed into the walled garden; connecting the web browser of the client device with the internal webserver; obtaining, with a web browser in the internal web server, the HTML page served by the internal HTTP proxy server; generating, with the internal web server, a screenshot of a requested web site by calling to the requested website, wherein the captive portal's welcome page is layered over the screen shot in an opaque light-box format; serving, with the internal webserver, a captive portal's welcome page over the screenshot; periodically determining, with a timed thread implemented in the router, that an active session between the router and the client device is less than an allowed session time; determining that the client device is associated to the SSID when the active session between the router and the client device is less than the allowed session time; closing the active session when the client device is not associated to the SSID; removing a permission in a router firewall provided for the client device, and wherein the timed thread determines that the active session between the router and the client device is less than the allowed session at five minutes intervals, and wherein a time-limit of the active session is two hours.