Results 1 to 1 of 1
  1. #1
    Webmaster-Site founder Admin's Avatar
    Join Date
    Apr 2011
    Location
    Planet Earth !!!
    Posts
    17,415
    Uploads
    5418
    Blog Entries
    40
    Thanks
    6,554
    Thanked 1,313 Times in 499 Posts

    Debian Wi-Fi hotspot using CoovaChilli, FreeRadius, MySQL and daloRADIUS

    Debian Wi-Fi hotspot using CoovaChilli, FreeRadius, MySQL and daloRADIUS

    March 24th, 2010 | Tags: CoovaChilli, daloRADIUS, debian, FreeRadius, hotspot, MySQL, NAT, network, routing, wi-fi
    I decide to create hotspot from my server to allow other connect to Internet for free. I used “Captive portal” solution based on these applications:


    When somebody wants to connect to Internet using my wifi, the first page he can see is the register/login page (whatever page he wants to visit).
    After registration/login he is able to connect to Internet.
    So let’s see how I did it.
    Let’s have one server with two network interfaces – first (eth0) goes to Internet, the second one (eth1) is the wifi for “unknown” clients.

    radius.jpg
    Install basic software:
    aptitude install mysql-server phpmyadmin freeradius freeradius-utils freeradius-mysql apache2 php-pear php-db
    a2enmod ssl
    a2ensite default-ssl
    service apache2 restart
    cd /tmp && wget 'http://downloads.sourceforge.net/project/daloradius/daloradius/daloradius-0.9-8/daloradius-0.9-8.tar.gz'
    tar xvzf daloradius-0.9-8.tar.gz
    mv /tmp/daloradius-0.9-8 /var/www/daloradius
    chown -R www-data:www-data /var/www/daloradius
    cp -r /var/www/daloradius/contrib/chilli/portal2/* /var/www/
    rm /var/www/index.html

    Because my machine is 64 bit I need to build CoovaChilli package myself:
    aptitude --assume-yes install dpkg-dev debhelper libssl-dev
    cd /tmp
    wget -c http://ap.coova.org/chilli/coova-chilli-1.2.2.tar.gz
    tar xzf coova-chilli*.tar.gz
    cd coova-chilli*
    dpkg-buildpackage -rfakeroot

    Install CoovaChilli:
    cd ..
    dpkg -i coova-chilli_*_amd64.deb

    Configure FreeRadius

    Change /etc/freeradius/clients.conf:
    client 127.0.0.1 {
    secret = mysecret
    }

    Change /etc/freeradius/sql.conf:
    server = "localhost"
    login = "root"
    password = "xxxx"

    Uncomment in /etc/freeradius/sites-available/default:
    authorize {
    sql
    }

    accounting {
    sql
    }

    Uncomment in /etc/freeradius/radiusd.conf:
    $INCLUDE sql.conf

    Configure MySQL database for FreeRadius

    mysql -u root --password=xxxx
    mysql> CREATE DATABASE radius;
    mysql> exit

    mysql -u root --password=xxxx radius < /var/www/daloradius/contrib/db/fr2-mysql-daloradius-and-freeradius.sql

    daloRADIUS configuration

    Modify this file /var/www/daloradius/library/daloradius.conf.php
    [/cc]
    $configValues['CONFIG_DB_PASS'] = 'xxxx';
    $configValues['CONFIG_MAINT_TEST_USER_RADIUSSECRET'] = 'mysecret';
    $configValues['CONFIG_DB_TBL_RADUSERGROUP'] = 'radusergroup';

    You also need to modify following configuration files to setup sign in web pages /var/www/signup-*/library/daloradius.conf.php:
    $configValues['CONFIG_DB_PASS'] = 'xxxx';
    $configValues['CONFIG_DB_NAME'] = 'radius';
    $configValues['CONFIG_DB_TBL_RADUSERGROUP'] = 'radusergroup';
    $configValues['CONFIG_SIGNUP_SUCCESS_MSG_LOGIN_LINK'] = "<br />Click <b>here</b>".
    " to return to the Login page and start your surfing<br /><br />";

    Chnage lines in /var/www/signup*/index.php to (changed ‘User-Password’ -> ‘Cleartext-Password’ and ‘==’ -> ‘:=’):
    $sql = "INSERT INTO ".$configValues['CONFIG_DB_TBL_RADCHECK']." (id, Username, Attribute, op, Value) ".
    " VALUES (0, '$username', 'Cleartext-Password', ':=', '$password')";

    Another file need to be modified to communicate with CoovaChilli is /var/www/hotspotlogin/hotspotlogin.php
    $uamsecret = "uamsecret";

    Now you should be able to reach daloRADIUS installation on http://127.0.0.1/daloradius/
    username: administrator
    password: radius

    Routing

    We should not forget to enable packet forwarding and setup NAT:
    iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
    echo 1 > /proc/sys/net/ipv4/ip_forward
    sed --in-place=.old 's/^#\(net.ipv4.ip_forward=1\)/\1/' /etc/sysctl.conf
    sysctl -p

    CoovaChilli configuration

    Let’s start with /etc/chilli/defaults:
    HS_NETWORK=192.168.10.0
    HS_UAMLISTEN=192.168.10.1

    HS_RADSECRET=mysecret
    HS_UAMSECRET=uamsecret
    HS_UAMFORMAT=https://\$HS_UAMLISTEN/hotspotlogin/hotspotlogin.php
    HS_UAMHOMEPAGE=https://\$HS_UAMLISTEN

    Then don’t forget to enable CoovaChilli to start in /etc/default/chilli
    START_CHILLI=1

    Maybe you need to execute chilli and radius server with some debug options to see “errors” during client connection:
    chilli --fg --debug
    freeradius -X

    Few links we created:


    This how-to describe simple configuration of CoovaChilli so there are many things to configure. I didn’t mentioned anything about security – so it’s up to you to tweak it yourself.
    You can find additional info on this web page:
    https://help.ubuntu.com/community/WifiDocs/CoovaChilli
    Engoy…

    Source : linux.xvx.cz
    Attached Images Attached Images

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •