看起来就像在ios7中,设备在连接到wifi后发送请求以检查是否有互联网连接的网址已经改变(更糟糕的是!)
在ios6和更早的版本中,请求是:
GET /library/test/success.html HTTP/1.0
Host: www.apple.com
User-Agent: CaptiveNetworkSupport/1.0 wispr
Connection: close
(source)
但现在在ios7中,它可以访问“多达200个”(根据cisco的说法)。
我自己测试过了,我可以确认请求会随机发送到appleiphonecell.com、captive.apple.com、airport.us、ibook.info等。
所以我的问题是:有没有人有这些网址的完整列表(可能只是苹果自己的每个域名)?我们在wifi上运行了一个强制门户,但只是为了让用户知道他们在连接到wifi后需要连接到VPN。点击强制网络门户登录页面上的取消,有时会显示选项‘在没有互联网的情况下使用’,然后允许用户连接到VPN,但有时,点击‘取消’不会给出这个选项,只是直接断开wifi连接,这意味着用户无法连接到VPN。
在此之前,我们只需伪造对特定URL (library/test/uccess.html)的响应,这将使wifi保持连接。如果我们有一个它可以访问的站点的列表,我们可以再次这样做,否则我们可能不得不重新开始我们的强制门户!(或者等待ios7更新,该更新将选项修复为“不上网使用”,但并不是每次都会出现)。如果可能的话,我想我们现在会考虑基于用户代理的工作。
Edit-wee update,看起来UA保持一致,至少'CaptiveNetworkSupport‘是公分母,所以我们暂时改为UA检查。
发布于 2014-03-09 11:11:52
有趣的是,www.appleiphonecell.com
和captive.apple.com
目前都解析为Akamai地址。
~/ > host captive.apple.com
captive.apple.com is an alias for captive.apple.com.edgekey.net.
captive.apple.com.edgekey.net is an alias for e7279.e9.akamaiedge.net.
e7279.e9.akamaiedge.net has address 23.212.87.91
但是airport.us
和他的朋友们直接选择了苹果的Class A network。
~/ > host airport.us
airport.us has address 17.149.160.87
airport.us has address 17.172.224.81
从这些IP地址中,您可以找到更多具有相同PTR记录的主机名。添加路径/library/test/success.html
通常会导致直接响应或重定向到www.apple.com
主机名上的同一页面。
~/ > host 17.149.160.87
87.160.149.17.in-addr.arpa domain name pointer airport.us.
87.160.149.17.in-addr.arpa domain name pointer ibook.info.
87.160.149.17.in-addr.arpa domain name pointer macbookair.net.
87.160.149.17.in-addr.arpa domain name pointer macintosh.me.
87.160.149.17.in-addr.arpa domain name pointer applecare.info.
87.160.149.17.in-addr.arpa domain name pointer macintosh.info.
87.160.149.17.in-addr.arpa domain name pointer itunes.info.
87.160.149.17.in-addr.arpa domain name pointer itunes.us.
87.160.149.17.in-addr.arpa domain name pointer iphoto.us.
87.160.149.17.in-addr.arpa domain name pointer applecare.us.
87.160.149.17.in-addr.arpa domain name pointer macbook.us.
87.160.149.17.in-addr.arpa domain name pointer itunesmobile.com.
87.160.149.17.in-addr.arpa domain name pointer ipod.us.
87.160.149.17.in-addr.arpa domain name pointer itunestelevision.com.
87.160.149.17.in-addr.arpa domain name pointer macosxversions.com.
87.160.149.17.in-addr.arpa domain name pointer itunes.me.
87.160.149.17.in-addr.arpa domain name pointer itunesaircheck.com.
87.160.149.17.in-addr.arpa domain name pointer mac.us.
87.160.149.17.in-addr.arpa domain name pointer macbookair.us.
87.160.149.17.in-addr.arpa domain name pointer ipod.me.
87.160.149.17.in-addr.arpa domain name pointer applestore.info.
87.160.149.17.in-addr.arpa domain name pointer iphone.me.
87.160.149.17.in-addr.arpa domain name pointer osxlionlaunchpad.com.
87.160.149.17.in-addr.arpa domain name pointer macgestures.com.
87.160.149.17.in-addr.arpa domain name pointer macbookair.org.
87.160.149.17.in-addr.arpa domain name pointer mac.info.
87.160.149.17.in-addr.arpa domain name pointer macos.us.
87.160.149.17.in-addr.arpa domain name pointer myipod.net.
87.160.149.17.in-addr.arpa domain name pointer itunesu.net.
87.160.149.17.in-addr.arpa domain name pointer appleiphonecell.com.
87.160.149.17.in-addr.arpa domain name pointer firewire.us.
87.160.149.17.in-addr.arpa domain name pointer airport.info.
87.160.149.17.in-addr.arpa domain name pointer itunesparty.com.
87.160.149.17.in-addr.arpa domain name pointer applecomputer.info.
87.160.149.17.in-addr.arpa domain name pointer appletv.info.
87.160.149.17.in-addr.arpa domain name pointer applecomputers.us.
87.160.149.17.in-addr.arpa domain name pointer idvd.us.
87.160.149.17.in-addr.arpa domain name pointer osx.info.
87.160.149.17.in-addr.arpa domain name pointer macbookair.info.
87.160.149.17.in-addr.arpa domain name pointer itunesu.org.
87.160.149.17.in-addr.arpa domain name pointer itunesuniversity.com.
87.160.149.17.in-addr.arpa domain name pointer imovie.us.
87.160.149.17.in-addr.arpa domain name pointer theapplestore.org.
87.160.149.17.in-addr.arpa domain name pointer macbookpro.org.
87.160.149.17.in-addr.arpa domain name pointer apple.me.
87.160.149.17.in-addr.arpa domain name pointer itools.info.
87.160.149.17.in-addr.arpa domain name pointer thinkdifferent.us.
87.160.149.17.in-addr.arpa domain name pointer thinkdifferent.info.
87.160.149.17.in-addr.arpa domain name pointer macintosh.us.
87.160.149.17.in-addr.arpa domain name pointer ipod.info.
87.160.149.17.in-addr.arpa domain name pointer applescript.us.
87.160.149.17.in-addr.arpa domain name pointer quicktime.info.
87.160.149.17.in-addr.arpa domain name pointer macosxlionairdrop.com.
87.160.149.17.in-addr.arpa domain name pointer itunesshow.com.
87.160.149.17.in-addr.arpa domain name pointer airtunes.net.
87.160.149.17.in-addr.arpa domain name pointer ipod.net.
87.160.149.17.in-addr.arpa domain name pointer macos.info.
87.160.149.17.in-addr.arpa domain name pointer imac.info.
87.160.149.17.in-addr.arpa domain name pointer imac.us.
87.160.149.17.in-addr.arpa domain name pointer appleiosv.com.
87.160.149.17.in-addr.arpa domain name pointer ipodnano.me.
发布于 2013-11-02 02:27:33
检查Userv Agent 'CaptiveNetworkSupport‘。我在我的nginx网络服务器上进行了测试,在所有的iOS设备上都能完美地工作。
if ($http_user_agent ~* (CaptiveNetworkSupport)) {
return 200;
}
发布于 2014-05-10 00:20:47
将这些添加到
/etc/lighttpd/lighttpd.conf
$HTTP["host"] =~ "^(appleiphonecell.com|captive.apple.com|www.itools.info|www.ibook.info|www.aiport.us|www.thinkdifferent.us|www.apple.com)" {
server.document-root = "/www/library/test/"
index-file.names = ( "success.html" )
dir-listing.activate = "disable"
server.error-handler-404 = "/success.html"
#accesslog.filename = "/var/log/lighttpd/apple-access.log"
#server.errorlog = "/var/log/lighttpd/apple-error.log"
url.rewrite = (
"^/(.*/)" => "/success.html",
)
}
在iOS6和iOS7上测试
https://stackoverflow.com/questions/18891706
复制相似问题