Public internet access with dhcp server authorization?

[int2str]

Hi!

This is a little hard to explain...
Imagine the following hardware setup:

[ Internet ] <---> [ Gentoo Router ] <---> [ Wifi Access point ]

I would like to open up my access point to be available for everyone. However, I would like to configure my Gentoo router to display a custom web site where the users need to accept some terms and conditions and only then are they allowed to access the internet. Optionally, I would like to be able to permanently block abusers.

The gentoo machine already runs iptables and apache. I will also install a dhcp server next.

Anybody have a similar setup?
Which tools did you use?

Thanks,
Andre
_________________
Adpot an unanswered post today!

[JRV]

Ok, in principle, the CGI script sitting behind the form that you'd have to accept could change firewall rules accordingly.

For example, 192.168.0.5 first gets its DHCP lease, but you have iptables set up on your router so that it drops all outgoing packets by default.

Then, when a client accepts the conditions, the script adds a firewall rule allowing packets from the host to be forwarded.

But you'd still have to figure out a clean way to detect when such a firewall rule is not needed anymore. When another client gets the same IP address as a previous one, you don't want the old rule still sitting there or otherwise you could get through without accepting the conditions...

JRV