From ahmet.basmaz at gmail.com Sun Mar 2 00:27:22 2008 From: ahmet.basmaz at gmail.com (Ahmet) Date: Sun, 02 Mar 2008 02:27:22 +0200 Subject: privoxy - framed pages In-Reply-To: <15674315-F1D9-4BFA-A4D4-DC8AED1663EF@mac.com> References: <15674315-F1D9-4BFA-A4D4-DC8AED1663EF@mac.com> Message-ID: <47C9F46A.1060106@gmail.com> Hi, When using privoxy ant tiny together I see some errors on framed pages. Ex: www.w3schools.com/tags/planets.htm (an ordinary framed page) Error is : "Could not load template file connect-failed or one of it's included components" Can privoxy process framed pages? If not, are there any other html pages, tags such as frames that privoxy can not process? AB From wlan at mac.com Sun Mar 2 06:23:05 2008 From: wlan at mac.com (wlan at mac.com) Date: Sun, 2 Mar 2008 07:23:05 +0100 Subject: privoxy - framed pages In-Reply-To: <47C9F46A.1060106@gmail.com> References: <15674315-F1D9-4BFA-A4D4-DC8AED1663EF@mac.com> <47C9F46A.1060106@gmail.com> Message-ID: <8FB620F5-BD9B-45FD-A9C3-5DC2562ED477@mac.com> To be honest, it's been awhile since I've used the captive frame. But, if memory serves, the HTML tag is being searched for in order to insert the code that implements the captive frame. The page you linked to doesn't have a head tag, perhaps that is the reason it fails. There are other sites where the captive frame fails too - any site doing javascript to enforce the page is in the top-most frame, for instance. David On Mar 2, 2008, at 1:27 AM, Ahmet wrote: > Hi, > When using privoxy ant tiny together I see some errors on framed > pages. > Ex: www.w3schools.com/tags/planets.htm (an ordinary framed page) > Error is : "Could not load template file connect-failed or one of it's > included components" > > Can privoxy process framed pages? If not, are there any other html > pages, tags such as frames that privoxy can not process? > > AB > > --------------------------------------------------------------------- > To unsubscribe, e-mail: chilli-unsubscribe at coova.org > For additional commands, e-mail: chilli-help at coova.org > Wiki: http://coova.org/wiki/index.php/CoovaChilli > Forum: http://coova.org/phpBB3/viewforum.php?f=4 > From wlan at mac.com Wed Mar 5 13:49:14 2008 From: wlan at mac.com (wlan at mac.com) Date: Wed, 5 Mar 2008 14:49:14 +0100 Subject: WISPr firefox extension! Message-ID: New, actually useful, hotspot tools from the "Labs" :) It is a Firefox extension taking advantage of the simple WISPr client found in JRadius. I have tested it with both CoovaAP/Chilli and Colubris access controllers, but it should work with just about any WISPr implementation. Check it out! http://coova.org/wiki/index.php/CoovaFirefoxExtension David -------------- next part -------------- An HTML attachment was scrubbed... URL: From ml at t-b-o-h.net Wed Mar 5 18:47:46 2008 From: ml at t-b-o-h.net (Tuc at T-B-O-H.NET) Date: Wed, 5 Mar 2008 13:47:46 -0500 (EST) Subject: [chilli] WISPr firefox extension! In-Reply-To: Message-ID: <200803051847.m25IlkVm057842@himinbjorg.tucs-beachin-obx-house.com> > > It is a Firefox extension taking advantage of the simple WISPr client > found in JRadius. I have tested it with both CoovaAP/Chilli and > Colubris access controllers, but it should work with just about any > WISPr implementation. > Speaking of the WISPr, is there a list somewhere of WISPr enabled devices? I'd like to be able to get one to test a UAM against it to make sure the coding is correct. Thank you, Tuc From mem.corruption at gmail.com Wed Mar 5 19:34:24 2008 From: mem.corruption at gmail.com (David Bird) Date: Wed, 5 Mar 2008 20:34:24 +0100 Subject: [chilli] WISPr firefox extension! In-Reply-To: <200803051847.m25IlkVm057842@himinbjorg.tucs-beachin-obx-house.com> References: <200803051847.m25IlkVm057842@himinbjorg.tucs-beachin-obx-house.com> Message-ID: Not that I know of... there are a number of smart-clients, though. Boingo, iPass, and I believe devices using devicescape. On Wed, Mar 5, 2008 at 7:47 PM, Tuc at T-B-O-H.NET wrote: > > > > It is a Firefox extension taking advantage of the simple WISPr client > > found in JRadius. I have tested it with both CoovaAP/Chilli and > > Colubris access controllers, but it should work with just about any > > WISPr implementation. > > > Speaking of the WISPr, is there a list somewhere of WISPr enabled > devices? I'd like to be able to get one to test a UAM against it to make > sure the coding is correct. > > Thank you, Tuc > > --------------------------------------------------------------------- > To unsubscribe, e-mail: chilli-unsubscribe at coova.org > For additional commands, e-mail: chilli-help at coova.org > Wiki: http://coova.org/wiki/index.php/CoovaChilli > Forum: http://coova.org/phpBB3/viewforum.php?f=4 > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From cfinnegan at csc.com.au Wed Mar 5 23:04:36 2008 From: cfinnegan at csc.com.au (Ciaran Finnegan) Date: Thu, 6 Mar 2008 09:04:36 +1000 Subject: [chilli] WISPr firefox extension! Message-ID: Return Receipt Your Re: [chilli] WISPr firefox extension! document: was Ciaran Finnegan/GIS/CSC received by: at: 03/06/2008 09:04:36 AM ZE10 From ahmet.basmaz at gmail.com Wed Mar 5 23:13:13 2008 From: ahmet.basmaz at gmail.com (Ahmet) Date: Thu, 06 Mar 2008 01:13:13 +0200 Subject: Real hit count with proxy In-Reply-To: <8FB620F5-BD9B-45FD-A9C3-5DC2562ED477@mac.com> References: <15674315-F1D9-4BFA-A4D4-DC8AED1663EF@mac.com> <47C9F46A.1060106@gmail.com> <8FB620F5-BD9B-45FD-A9C3-5DC2562ED477@mac.com> Message-ID: <47CF2909.7010606@gmail.com> Hi, I am trying to count web hits of users. With using proxy it is seems to be easy (I tried squid, tiny, privoxy). But it is obvious that the hits in the logs not purely the hits that users wanted to do. For example when a user goes to cnn.com, cnn.com calls other ad pages or non-ad pages. But because that think happens at users browser it is seen as an user hit in logs. So for real hit count an analysis must be made on logs. Do you know any tool, proxy that can help in such analysis? Second choice is writing own tool that can be parsing the logs and doing an analysis on referer field. But in that case (assuming cnn.com referred pages as non hit) users clicking on a link on the page (cnn.com) can not be distinguished. To further investigate the issue I listened (by ethereal) outgoing packets for a usual user behavior (clicking on a link) and web site called web pages. They all seem to have same headers and similar header values in request packets. So I stucked and could not found any possible piece of evidence to track and distinguish the behaviours. Is there a known theoretical or practical way for distinguishing this behaviours? Not: I know this mailing list is not the most appropriate list to ask this question. But any help will be gratefull. AB From surfingsteve at gmail.com Thu Mar 6 00:04:25 2008 From: surfingsteve at gmail.com (Stephen Potter) Date: Wed, 5 Mar 2008 17:04:25 -0700 Subject: Real hit count with proxy In-Reply-To: <47CF2909.7010606@gmail.com> References: <15674315-F1D9-4BFA-A4D4-DC8AED1663EF@mac.com> <47C9F46A.1060106@gmail.com> <8FB620F5-BD9B-45FD-A9C3-5DC2562ED477@mac.com> <47CF2909.7010606@gmail.com> Message-ID: The request for a webpage and an item in a webpage are syntacticly the same. Your best bet would be to analyze the log files, perhaps analyzing the different file types requested. Steve On Mar 5, 2008, at 4:13 PM, Ahmet wrote: > Hi, > I am trying to count web hits of users. With using proxy it is seems > to > be easy (I tried squid, tiny, privoxy). > But it is obvious that the hits in the logs not purely the hits that > users wanted to do. > For example when a user goes to cnn.com, cnn.com calls other ad > pages or > non-ad pages. But because that think happens at users browser it is > seen > as an user hit in logs. So for real hit count an analysis must be made > on logs. > Do you know any tool, proxy that can help in such analysis? > > Second choice is writing own tool that can be parsing the logs and > doing > an analysis on referer field. But in that case (assuming cnn.com > referred pages as non hit) users clicking on a link on the page > (cnn.com) can not be distinguished. > To further investigate the issue I listened (by ethereal) outgoing > packets for a usual user behavior (clicking on a link) and web site > called web pages. They all seem to have same headers and similar > header > values in request packets. So I stucked and could not found any > possible > piece of evidence to track and distinguish the behaviours. > Is there a known theoretical or practical way for distinguishing this > behaviours? > > Not: I know this mailing list is not the most appropriate list to ask > this question. But any help will be gratefull. > > AB > > --------------------------------------------------------------------- > To unsubscribe, e-mail: chilli-unsubscribe at coova.org > For additional commands, e-mail: chilli-help at coova.org > Wiki: http://coova.org/wiki/index.php/CoovaChilli > Forum: http://coova.org/phpBB3/viewforum.php?f=4 > From wlan at mac.com Thu Mar 6 06:27:39 2008 From: wlan at mac.com (wlan at mac.com) Date: Thu, 6 Mar 2008 07:27:39 +0100 Subject: Real hit count with proxy In-Reply-To: References: <15674315-F1D9-4BFA-A4D4-DC8AED1663EF@mac.com> <47C9F46A.1060106@gmail.com> <8FB620F5-BD9B-45FD-A9C3-5DC2562ED477@mac.com> <47CF2909.7010606@gmail.com> Message-ID: Indeed, it would be very difficult to analyze the traffic perfectly. An idea that comes to mind to help classify URLs is to have a privoxy (or the like) rewrite URLs found in tags. You could have the URLs bounce of a URL of your own (which notes the URL before redirecting to it). But, this isn't a sure thing as there are a number of ways a webpage can send you to another page... David On Mar 6, 2008, at 1:04 AM, Stephen Potter wrote: > The request for a webpage and an item in a webpage are syntacticly > the same. Your best bet would be to analyze the log files, perhaps > analyzing the different file types requested. > > Steve > > > On Mar 5, 2008, at 4:13 PM, Ahmet wrote: > >> Hi, >> I am trying to count web hits of users. With using proxy it is >> seems to >> be easy (I tried squid, tiny, privoxy). >> But it is obvious that the hits in the logs not purely the hits that >> users wanted to do. >> For example when a user goes to cnn.com, cnn.com calls other ad >> pages or >> non-ad pages. But because that think happens at users browser it >> is seen >> as an user hit in logs. So for real hit count an analysis must be >> made >> on logs. >> Do you know any tool, proxy that can help in such analysis? >> >> Second choice is writing own tool that can be parsing the logs and >> doing >> an analysis on referer field. But in that case (assuming cnn.com >> referred pages as non hit) users clicking on a link on the page >> (cnn.com) can not be distinguished. >> To further investigate the issue I listened (by ethereal) outgoing >> packets for a usual user behavior (clicking on a link) and web site >> called web pages. They all seem to have same headers and similar >> header >> values in request packets. So I stucked and could not found any >> possible >> piece of evidence to track and distinguish the behaviours. >> Is there a known theoretical or practical way for distinguishing this >> behaviours? >> >> Not: I know this mailing list is not the most appropriate list to ask >> this question. But any help will be gratefull. >> >> AB >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: chilli-unsubscribe at coova.org >> For additional commands, e-mail: chilli-help at coova.org >> Wiki: http://coova.org/wiki/index.php/CoovaChilli >> Forum: http://coova.org/phpBB3/viewforum.php?f=4 >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: chilli-unsubscribe at coova.org > For additional commands, e-mail: chilli-help at coova.org > Wiki: http://coova.org/wiki/index.php/CoovaChilli > Forum: http://coova.org/phpBB3/viewforum.php?f=4 > From list.coovachilli at mac.com Tue Mar 11 17:19:54 2008 From: list.coovachilli at mac.com (JB) Date: Tue, 11 Mar 2008 18:19:54 +0100 Subject: chilli features... In-Reply-To: References: <4774F21D.3080500@gmail.com> <7B2220C0-1BD5-4D3F-AEE6-ECF1668838AC@mac.com> <47752084.6080304@gmail.com> <56D381E7-F7FF-42EB-900F-D7F074D1405C@mac.com> Message-ID: <1011C93E-0167-4068-A26C-42A92E1F330D@mac.com> Hi, wlan at mac.com (10.02.2008): > I have been working with the feature, but it still needs more > testing before I put it in the wild. I just wanted to ask if there are any news regarding this feature? Thanks, JB From oguzhank at bilkent.edu.tr Wed Mar 12 15:36:45 2008 From: oguzhank at bilkent.edu.tr (Oguzhan Kayhan) Date: Wed, 12 Mar 2008 17:36:45 +0200 (EET) Subject: hello Message-ID: <43997.139.179.14.250.1205336205.squirrel@webmail.bilkent.edu.tr> I installed and started to use coova a few days.. But today... When i restart coova i only receive Unknown Username Or Password errors. When i run freeradius in debug mode i see the username appears correct, but the password seems like garbage characters as User-Password = "\310\254\\my\311\324\361 \240\267X\233n\016\205" but when i test freeradius with radtest command with same shared secret etc, i have no problem in authenticating.. Where should i look for the problem? I didnt change anything in freerad. or coova conf files... From gunther.mayer at googlemail.com Tue Mar 25 14:40:37 2008 From: gunther.mayer at googlemail.com (Gunther Mayer) Date: Tue, 25 Mar 2008 16:40:37 +0200 Subject: Attempt to re-authenticate at the end of a session Message-ID: <47E90EE5.4010603@gmail.com> Hi guys, Is it possible in coova to try and re-authenticate a given client at the end of their session? Reason I'm asking: we have customers who get a free bandwidth allocation and over and above that they have to pay. In order to improve the service offering it would be nice to prioritise the paid traffic over the free one but the only way I can see that being done is through the conup/condown scripts which unfortunately cannot work during a session (only at start and stop). Therefore I can only distinguish between free and paid traffic by using two distinct sessions and therefore I'd like one session to smoothly take over from the previous one (free allocation used up => free session stop => reauthentication => paid session start => traffic prioritisation => paid session stop => undo traffic prioritisation) I remember looking into this re-authentication stuff quite some time ago but cannot remember the specifics and cannot find related config options in the Coova documentation... Gunther From gunther.mayer at googlemail.com Tue Mar 25 19:17:15 2008 From: gunther.mayer at googlemail.com (Gunther Mayer) Date: Tue, 25 Mar 2008 21:17:15 +0200 Subject: hello In-Reply-To: <43997.139.179.14.250.1205336205.squirrel@webmail.bilkent.edu.tr> References: <43997.139.179.14.250.1205336205.squirrel@webmail.bilkent.edu.tr> Message-ID: <47E94FBB.60009@gmail.com> Oguzhan Kayhan wrote: > I installed and started to use coova a few days.. > But today... When i restart coova i only receive Unknown Username Or > Password errors. > When i run freeradius in debug mode i see the username appears correct, > but the password seems like garbage characters as > User-Password = "\310\254\\my\311\324\361 \240\267X\233n\016\205" > but when i test freeradius with radtest command with same shared secret > etc, i have no problem in authenticating.. > > Where should i look for the problem? > I didnt change anything in freerad. or coova conf files... > I know this reply is quite late but perhaps it will still help you. Likely your problem is a uamsecret mismatch in the chilli.conf and web login script which causes the passwords to get mangled. The former is simple to check; the latter we can advise on if you tell us what login script you use. Gunther From wlan at mac.com Wed Mar 26 06:03:51 2008 From: wlan at mac.com (wlan at mac.com) Date: Wed, 26 Mar 2008 07:03:51 +0100 Subject: Attempt to re-authenticate at the end of a session In-Reply-To: <47E90EE5.4010603@gmail.com> References: <47E90EE5.4010603@gmail.com> Message-ID: <2AF8E5F0-1EA8-4E29-A7F1-787D81030B3C@mac.com> Hi Gunther, Reauthenticating sessions isn't a feature... though, to change session parameters mid-session, you can use the 'acctupdate' feature to return this information (in a non-RFC kind of way) in the Accounting response. If someone is transitioning from free to paid, wouldn't you want them to see a login page as a form of notification of the change? David On Mar 25, 2008, at 3:40 PM, Gunther Mayer wrote: > Hi guys, > > Is it possible in coova to try and re-authenticate a given client > at the end of their session? > > Reason I'm asking: we have customers who get a free bandwidth > allocation and over and above that they have to pay. In order to > improve the service offering it would be nice to prioritise the > paid traffic over the free one but the only way I can see that > being done is through the conup/condown scripts which unfortunately > cannot work during a session (only at start and stop). Therefore I > can only distinguish between free and paid traffic by using two > distinct sessions and therefore I'd like one session to smoothly > take over from the previous one (free allocation used up => free > session stop => reauthentication => paid session start => traffic > prioritisation => paid session stop => undo traffic prioritisation) > > I remember looking into this re-authentication stuff quite some > time ago but cannot remember the specifics and cannot find related > config options in the Coova documentation... > > Gunther > > --------------------------------------------------------------------- > To unsubscribe, e-mail: chilli-unsubscribe at coova.org > For additional commands, e-mail: chilli-help at coova.org > Wiki: http://coova.org/wiki/index.php/CoovaChilli > Forum: http://coova.org/phpBB3/viewforum.php?f=4 > From gunther.mayer at googlemail.com Wed Mar 26 16:49:12 2008 From: gunther.mayer at googlemail.com (Gunther Mayer) Date: Wed, 26 Mar 2008 18:49:12 +0200 Subject: Attempt to re-authenticate at the end of a session In-Reply-To: <2AF8E5F0-1EA8-4E29-A7F1-787D81030B3C@mac.com> References: <47E90EE5.4010603@gmail.com> <2AF8E5F0-1EA8-4E29-A7F1-787D81030B3C@mac.com> Message-ID: <47EA7E88.9040203@gmail.com> wlan at mac.com wrote: > Hi Gunther, > > Reauthenticating sessions isn't a feature... though, to change session > parameters mid-session, you can use the 'acctupdate' feature to return > this information (in a non-RFC kind of way) in the Accounting response. I'm aware of the acctupdate feature and was planning on using it in the future in any case but as far as I can tell it doesn't cause another execution of conup. Am I right? I guess what I need for this purpose is an "acctupdateup" script that's executed whenever parameters change mid-session. While I'm sure that wouldn't be difficult to code up I think I don't need that just yet. By the way, what is the standard way of changing session parameters half way through a current session? There was talk some time ago about CoA but all information I've read so far is about unsolicited disconnects... > If someone is transitioning from free to paid, wouldn't you want them > to see a login page as a form of notification of the change? If a user has both freebies and paid credits I want the transition to be seamless, i.e. no logoff, login page, re-login cycle. The change can fairly easily be communicated in the status window. Gunther From wlan at mac.com Wed Mar 26 16:58:44 2008 From: wlan at mac.com (wlan at mac.com) Date: Wed, 26 Mar 2008 17:58:44 +0100 Subject: Attempt to re-authenticate at the end of a session In-Reply-To: <47EA7E88.9040203@gmail.com> References: <47E90EE5.4010603@gmail.com> <2AF8E5F0-1EA8-4E29-A7F1-787D81030B3C@mac.com> <47EA7E88.9040203@gmail.com> Message-ID: <552753C9-7FEA-4877-AD7D-FFBA502CA411@mac.com> You can indeed change session parameters in a CoA too. That method is preferred over using acctupdate if you can do it (meaning, your chilli isn't behind a NAT or has port forwarding for RADIUS). also, check out: http://coova.org/phpBB3/viewtopic.php?f=4&t=642&p=2501#p2501 chilli without a tun/tap interface... what? :) David On Mar 26, 2008, at 5:49 PM, Gunther Mayer wrote: > wlan at mac.com wrote: >> Hi Gunther, >> >> Reauthenticating sessions isn't a feature... though, to change >> session parameters mid-session, you can use the 'acctupdate' >> feature to return this information (in a non-RFC kind of way) in >> the Accounting response. > I'm aware of the acctupdate feature and was planning on using it in > the future in any case but as far as I can tell it doesn't cause > another execution of conup. Am I right? I guess what I need for > this purpose is an "acctupdateup" script that's executed whenever > parameters change mid-session. While I'm sure that wouldn't be > difficult to code up I think I don't need that just yet. > > By the way, what is the standard way of changing session parameters > half way through a current session? There was talk some time ago > about CoA but all information I've read so far is about unsolicited > disconnects... >> If someone is transitioning from free to paid, wouldn't you want >> them to see a login page as a form of notification of the change? > If a user has both freebies and paid credits I want the transition > to be seamless, i.e. no logoff, login page, re-login cycle. The > change can fairly easily be communicated in the status window. > > Gunther > > --------------------------------------------------------------------- > To unsubscribe, e-mail: chilli-unsubscribe at coova.org > For additional commands, e-mail: chilli-help at coova.org > Wiki: http://coova.org/wiki/index.php/CoovaChilli > Forum: http://coova.org/phpBB3/viewforum.php?f=4 > From gunther.mayer at googlemail.com Wed Mar 26 21:00:06 2008 From: gunther.mayer at googlemail.com (Gunther Mayer) Date: Wed, 26 Mar 2008 23:00:06 +0200 Subject: Attempt to re-authenticate at the end of a session In-Reply-To: <552753C9-7FEA-4877-AD7D-FFBA502CA411@mac.com> References: <47E90EE5.4010603@gmail.com> <2AF8E5F0-1EA8-4E29-A7F1-787D81030B3C@mac.com> <47EA7E88.9040203@gmail.com> <552753C9-7FEA-4877-AD7D-FFBA502CA411@mac.com> Message-ID: <47EAB956.7000007@gmail.com> wlan at mac.com wrote: > You can indeed change session parameters in a CoA too. That method is > preferred over using acctupdate if you can do it (meaning, your chilli > isn't behind a NAT or has port forwarding for RADIUS). Ah, seeing that I'm currently implementing a centralised VPN setup for all our nas's perhaps I should aim to use CoA rather. But the challenge still remains and the more I think about it the more complex it gets. Let me elaborate: A given user gets a certain free daily portion of Internet but also purchased some Internet. The free traffic must be normal but the paid for traffic prioritised (QoS) so that the user is getting value for money. How do I, without interrupting the session, fire an event (a QoS script) at the time when the free portion has been spent and the paid for portion takes over? My current thoughts: * coa packet sometime before the "free" session times out, patch chilli to let me fire an event upon CoA. Gotcha: easy to do with time based but really tricky with volume accounting (how do you know when the user will run out given a max-octets?) * the original subject: patch chilli so that upon logout it will send accounting stop, followed immediately by a re-authentication attempt (with timeout of, say, 10 seconds) and only if re-authentication unsuccessful place the user back into the unauthenticated(dnat) state. Re-authentication would trigger a conup which can then do the QoS. Minor gotcha: users may get an extra few seconds of Internet should the radius server be slow to react (but perhaps re-authentication can be flagged by radius during session initialisation?) Any other ideas? > > also, check out: > http://coova.org/phpBB3/viewtopic.php?f=4&t=642&p=2501#p2501 > > chilli without a tun/tap interface... what? :) Interesting... though not something we would use anytime soon. Gunther -------------- next part -------------- An HTML attachment was scrubbed... URL: