Running Chilli on FreeBSD
outbackdingo at gmail.com
Mon Nov 17 19:40:45 UTC 2008
> <begin main.conf>
> #copy this file into /usr/local/chilli
> #& create 2 empty files named hs.conf & local.conf
> # http://www.geeklan.co.uk/files/coova-main.conf
> 1. cmdsocket /var/run/chilli.sock
> 2. pidfile /var/run/chilli.pid
> 3. net 192.168.1.0/255.255.255.0
> 4. uamlisten 192.168.1.101
> 5. uamport 3990
> 6. dhcpif vr0
> 7. adminuser chillispot
> 8. adminpasswd chillispot
> 9. uamallowed coova.org,coova.org,rad01.coova.org,coova.org
> 11. domain lan
> 12. dns1 192.168.1.1
> 13. uamhomepage http://192.168.1.101:3990/coova/coova.html
> 14. wisprlogin https://coova.org/app/uam/auth
> 15. wwwdir /usr/local/www/chilli
> 16. wwwbin /usr/local/etc/chilli/wwwsh
> 17. locationname "ROWTech Securitet"
> 18. radiuslocationname ROWTech_HotSpot
> 19. radiuslocationid isocc=,cc=,ac=,network=Coova,
> 20. radiusserver1 rad01.coova.org
> 21. radiusserver2 rad01.coova.org
> 22. radiussecret coova-anonymous
> 23. radiusauthport 1812
> 24. radiusacctport 1813
> 25. uamserver https://coova.org/app/uam/chilli
> 26. radiusnasid nas01
> Let's say I have a dual-homed box, with vr0 being the public interface and
> fxp0 being the private interface. And say I run a DHCP server on the
> internal interface.
> Also say I run FreeRADIUS (with MySQL support) on the same box. I also run
> my Apache22 on this very box, so it is "everything to me". I have the IP
> 192.168.1.101 on the internal/private interface (fxp0). Can someone
> explain to me what items 6-10, 14, 19, 25 should be?
> I am especially not sure how 14 and 25 are being arrived at.
6 is the interface you want chilli to basically listen for dhcp requests on
7 and 8 are radius authentication attibutes, if using that type of auth for
9 is a list of allowed urls surfable without authentication first
10 means it will aloow any dns server, say if a client has one set manually
other then what you rovided from dhcp
14 is for the WISPR login URL
19 is the NAS information for radius
25 is the physical location of the UAM server, should be the same as the
uamhomepage ip or address
> I also have the file named "defaults" which I need to copy to "config".
> They are both in /usr/local/etc/chilli/. Looking at them, I see that most of
> the parameters are almost like what I see in main.conf. This has left me
> confused as what purpose the "config" file is supposed to serve.
the config file is for your customized parameters, where default is the
default coova settings, it reads variables from default, looks at config for
customizations and the writes main.conf, this file is generated by functions
> All my chilli files are accesible on my webserver via /coova (an Apache
> Alias pointer). Now where /app are supposed to come from still beats me.
> Am I supposed to be running my own DHCP server or does coova-chilli have
> some sort of built-in DHCP server?
chilli does have an internal dhcp system
> At some point, I believe I am going to introduce a Wireless Access Point
> into this mix, connected to my DHCP interface, yes? This is how the clients
> are going to communicate with the system, correct?
its exactly how i am configured though chilli runs on my APs not on my auth
> My other problem are two files- up.sh and down,sh: I can run either PF or
> IPFilter/IPNat on the FreeBSD box, but not IPTABLES. So I am wondering what
> the purpose of these two files. What do they do? I do believe IPTables is
> for Linux only. Is there a FreeBSD use who can share their *BSD versions of
> these two files?
> I also had to install haserl from http://haserl.sourceforge.net/ but I
> still wonder if it's necessary in my setup. I still haven't quite caught up
> speed on this so please excuse my ignorance.
yes, and no, if you are running the coova web interface / internal portal
then yes, if not then essentailly no
my config and main.conf for APs looks like
HS_LANIF=ath0 # Subscriber Interface for client devices
HS_UAMLISTEN=18.104.22.168 # HotSpot IP Address (on subscriber network)
HS_UAMPORT=3990 # HotSpot Port (on subscriber network)
HS_RADIUS=22.214.171.124 # replace with your radius server's ip
HS_RADSECRET=edited-out # you should probably choose a
better shared secret
HS_LOC_NAME="OptimWIFI HotSpot" # WISPr Location Name and used in
my server is on 126.96.36.199 with radius / apache / uam hostspotlogin, and
notice i do use variables in my config, if you read them it might help you
understand the way it puts this together
> Thank you so much for your time. Let me not ask too much on this mail:-)
> Best regards,
> Odhiambo WASHINGTON,
> _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
> "Oh My God! They killed init! You Bastards!"
> --from a /. post
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Chilli