I'm brand new to the OpenWRT world. Having already received great help with one problem here, we now have a second issue.
We would like all traffic coming from DHCP devices to be directed to a specific website. This means: If a device is connected via LAN and wants to surf, the device should immediately redirect to a website (which we have created ourselves).
The question is, of course, whether this also works with a URL or only with an IP?
Furthermore, it would of course be great if we could say that the DHCP devices cannot see or talk to each other if there are several of them in the DHCP server.
If possible, I'd like the instructions via GUI - but SSH is also possible
As @frollic said, the opennds package does this and the functionality is indeed a captive portal as indicated by @lleachii.
Be aware though, for any captive portal, this will not be a redirect. It is actually a "direct to a portal url on connection".
Just about all modern client/user operating systems have built in captive portal detection. This is to provide protection against MITM attacks and the captive portal package has to work with this built in safety checking or the client device will not get anywhere and will most likely give the user a stream of dire warning messages.
Thanks for all the input. The background is that the routers should actually only temporarily receive a DHCP address and then configure themselves via ACS and receive their PPPoE data via option 43 to the ACS.
However, if a customer connects the router incorrectly, he should not be able to surf, but should be shown a page: Your router is not configured. There should be no Internet connection except the connection via option 43 to the ACS. Is the Capative Portal suitable for this?
With Linux DHCP, it is currently the case that a switch is often connected in front of it and the router's network is then released. Hence the question of whether it is possible to prohibit communication with each other so that customers do not set up their own network via the DHCP.
And is it possible to set a whitelist of MAC addresses for the DHCP somewhere? However, not a complete MAC address but only the first 6 characters of the MAC, i.e. from a supplied charge.
So what are you trying to do? I have never heard of someone using DHCP to set PPPoE data. This wouldn't be the case for a captive portal since that is for something like guest wifi.
What are the customers in this case? I could be wrong but this sounds like a bit of over engineering. OpenWRT isn't necessarily intended to be shipped to end users and it lacks some of the reliability provided by more hardware specific solutions. If you are shipping hardware to a customer why can't you just preconfigure the PPPoE data?
It would be really helpful if you could provide some details.
There is obviously a lot you are not telling us. It seems you are trying to set up an ISP like environment.
The circumstantial evidence of what you are saying combined with my cynical instincts tell me you are after some free consultation for your commercial business startup...
Show me that I am wrong and I will apologise.
I suggest you contact suitable companies in your area to get quotes for the development work.
There is obviously a lot you are not telling us. It seems you are trying to set up an ISP like environment.
That is correct. I also wanted to use it. It should just replace an LInux DHCP. It is questionable whether this is possible. I didn't realise that this is not appreciated here.
What is not appreciated is trying to make a "hidden" financial gain from the unpaid and freely given efforts of the members of this community.
If you had been honest and forthcoming with at least basic information you would, I am sure, have had a very constructive discussion, at least from the point of view of feasibility. That is how it works here.
I'm sorry if I've irritated you and haven't disclosed everything here. I have installed OpenWRT for myself privately to see if we can use it for business. So I'm interested in using it first, but I'll actually use it at work later.
And since I also use a translator, I try to keep it short and direct. I'll keep testing it myself for now. Let's see if I can do anything.
