if you want to run an open wireless network, but are having frustration with having a persistent freeloader, you may appreciate this hack which allows you to send a “knock it off” message, without having to close down your blessed open network.
The Upside-Down-Ternet works like this:
- You set up a DHCP server to assign addresses from one IP netblock to known MAC addresses, and another “untrusted” netblock to unknown MACs.
- The trusted netblock is routed normally, but the untrusted netblock gets all port 80 traffic forwarded to a transparent squid proxy using iptables.
- The squid proxy filters all HTTP traffic, looking for URLs ending in jpg or gif.
- If a jpg or gif is encountered, the image is flipped using morgrify and the untrusted user is sent the upside down image instead of the original.