Running Chilli on FreeBSD

Outback Dingo outbackdingo at gmail.com
Mon Nov 17 19:40:45 UTC 2008 

> <begin main.conf>
> #copy this file into /usr/local/chilli
> #& create 2 empty files named hs.conf & local.conf
> # http://www.geeklan.co.uk/files/coova-main.conf
> 1. cmdsocket       /var/run/chilli.sock
> 2. pidfile         /var/run/chilli.pid
> 3. net             192.168.1.0/255.255.255.0
> 4. uamlisten       192.168.1.101
> 5. uamport         3990
> 6. dhcpif          vr0
> 7. adminuser       chillispot
> 8. adminpasswd     chillispot
> 9. uamallowed      coova.org,coova.org,rad01.coova.org,coova.org
> 10.uamanydns
> 11. domain                  lan
> 12. dns1                    192.168.1.1
> 13. uamhomepage             http://192.168.1.101:3990/coova/coova.html
> 14. wisprlogin              https://coova.org/app/uam/auth
> 15. wwwdir                  /usr/local/www/chilli
> 16. wwwbin                  /usr/local/etc/chilli/wwwsh
> 17. locationname            "ROWTech Securitet"
> 18. radiuslocationname      ROWTech_HotSpot
> 19. radiuslocationid        isocc=,cc=,ac=,network=Coova,
> 20. radiusserver1           rad01.coova.org
> 21. radiusserver2           rad01.coova.org
> 22. radiussecret            coova-anonymous
> 23. radiusauthport          1812
> 24. radiusacctport          1813
> 25. uamserver               https://coova.org/app/uam/chilli
> 26. radiusnasid             nas01
> 27.papalwaysok
>  </end>
>
> Let's say I have a dual-homed box, with vr0 being the public interface and
> fxp0 being the private interface. And say I run a DHCP server on the
> internal interface.
> Also say I run FreeRADIUS (with MySQL support) on the same box. I also run
> my Apache22 on this very box, so it is "everything to me". I have the IP
> 192.168.1.101 on the internal/private interface (fxp0). Can someone
> explain to me what items 6-10, 14, 19, 25 should be?
> I am especially not sure how 14 and 25 are being arrived at.
>

6 is the interface you want chilli to basically listen for dhcp requests on
7 and 8 are radius authentication attibutes, if using that type of auth for
radius
9 is a list of allowed urls surfable without authentication first
10 means it will aloow any dns server, say if a client has one set manually
other then what you rovided from dhcp
14 is for the WISPR login URL
19 is the NAS information for radius
25 is the physical location of the UAM server, should be the same as the
uamhomepage ip or address




>
> I also have the file named "defaults" which I need to copy to "config".
> They are both in /usr/local/etc/chilli/. Looking at them, I see that most of
> the parameters are almost like what I see in main.conf. This has left me
> confused as what purpose the "config" file is supposed to serve.
>

the config file is for your customized parameters, where default is the
default coova settings, it reads variables from default, looks at config for
customizations and the writes main.conf, this file is generated by functions


>
> All my chilli files are accesible on my webserver via /coova (an Apache
> Alias pointer). Now where /app are supposed to come from still beats me.
>
> Am I supposed to be running my own DHCP server or does coova-chilli have
> some sort of built-in DHCP server?
>

chilli does have an internal dhcp system


>
> At some point, I believe I am going to introduce a Wireless Access Point
> into this mix, connected to my DHCP interface, yes? This is how the clients
> are going to communicate with the system, correct?
>

its exactly how i am configured though chilli runs on my APs not on my auth
server


>
> My other problem are two files- up.sh and down,sh: I can run either PF or
> IPFilter/IPNat on the FreeBSD box, but not IPTABLES. So I am wondering what
> the purpose of these two files. What do they do? I do believe IPTables is
> for Linux only. Is there a FreeBSD use who can share their *BSD versions of
> these two files?
>
> I also had to install haserl from http://haserl.sourceforge.net/ but I
> still wonder if it's necessary in my setup. I still haven't quite caught up
> speed on this so please excuse my ignorance.


yes, and no,  if you are running the coova web interface / internal portal
then yes, if not then essentailly no


my config and main.conf for APs looks like

HS_LANIF=ath0              # Subscriber Interface for client devices
HS_UAMLISTEN=101.177.51.1    # HotSpot IP Address (on subscriber network)
HS_UAMPORT=3990            # HotSpot Port (on subscriber network)
HS_NETWORK=101.177.51.0
HS_NETMASK=255.255.255.0
HS_NASID=nas01
HS_UAMSERVER=auth.optimwifi.com
HS_UAMURL="/login/hotspotlogin.php"
HS_MACAUTH=on
HS_UAMSECRET=uamsharedsecret
HS_RADIUS=58.147.11.218         # replace with your radius server's ip
HS_RADIUS2=58.147.11.218
HS_RADSECRET=edited-out                   # you should probably choose a
better shared secret
HS_SSID="OptimWIFI"
HS_DNS1=101.177.51.1

HS_UAMALLOWED=www.google.com
HS_RADCONF=off
HS_UAMFORMAT="\${HS_UAMPROTO:-http}://\$HS_UAMSERVER\$HS_UAMURL\$HS_UAMURLEXTRAS"
HS_UAMHOMEPAGE=http://\$HS_UAMSERVER/
HS_MODE=hotspot
HS_TYPE=chillispot
HS_RADAUTH=1812
HS_RADACCT=1813
#HS_ADMUSR=chillispot
#HS_ADMPWD=chillispot

HS_PROVIDER=OptimWIFI
HS_PROVIDER_LINK=http://www.coova.org/
HS_LOC_NAME="OptimWIFI HotSpot"           # WISPr Location Name and used in
portal

my server is on 58.147.26.217 with radius / apache /  uam hostspotlogin, and
notice i do use variables in my config, if you read them it might help you
understand the way it puts this together


>
>
> Thank you so much for your time. Let me not ask too much on this mail:-)
>
>
> --
> Best regards,
> Odhiambo WASHINGTON,
> Nairobi,KE
> +254733744121/+254722743223
> _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
> "Oh My God! They killed init! You Bastards!"
>                        --from a /. post
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20081118/4a1b958a/attachment.htm>

More information about the Chilli mailing list