Running Chilli on FreeBSD

Odhiambo Washington odhiambo at gmail.com
Mon Nov 17 20:13:53 UTC 2008 

On Mon, Nov 17, 2008 at 10:40 PM, Outback Dingo <outbackdingo at gmail.com>wrote:

>
> <begin main.conf>
>> #copy this file into /usr/local/chilli
>> #& create 2 empty files named hs.conf & local.conf
>> # http://www.geeklan.co.uk/files/coova-main.conf
>> 1. cmdsocket       /var/run/chilli.sock
>> 2. pidfile         /var/run/chilli.pid
>> 3. net             192.168.1.0/255.255.255.0
>> 4. uamlisten       192.168.1.101
>> 5. uamport         3990
>> 6. dhcpif          vr0
>> 7. adminuser       chillispot
>> 8. adminpasswd     chillispot
>> 9. uamallowed      coova.org,coova.org,rad01.coova.org,coova.org
>> 10.uamanydns
>> 11. domain                  lan
>> 12. dns1                    192.168.1.1
>> 13. uamhomepage             http://192.168.1.101:3990/coova/coova.html
>> 14. wisprlogin              https://coova.org/app/uam/auth
>> 15. wwwdir                  /usr/local/www/chilli
>> 16. wwwbin                  /usr/local/etc/chilli/wwwsh
>> 17. locationname            "ROWTech Securitet"
>> 18. radiuslocationname      ROWTech_HotSpot
>> 19. radiuslocationid        isocc=,cc=,ac=,network=Coova,
>> 20. radiusserver1           rad01.coova.org
>> 21. radiusserver2           rad01.coova.org
>> 22. radiussecret            coova-anonymous
>> 23. radiusauthport          1812
>> 24. radiusacctport          1813
>> 25. uamserver               https://coova.org/app/uam/chilli
>> 26. radiusnasid             nas01
>> 27.papalwaysok
>>  </end>
>>
>> Let's say I have a dual-homed box, with vr0 being the public interface and
>> fxp0 being the private interface. And say I run a DHCP server on the
>> internal interface.
>> Also say I run FreeRADIUS (with MySQL support) on the same box. I also run
>> my Apache22 on this very box, so it is "everything to me". I have the IP
>> 192.168.1.101 on the internal/private interface (fxp0). Can someone
>> explain to me what items 6-10, 14, 19, 25 should be?
>> I am especially not sure how 14 and 25 are being arrived at.
>>
>
> 6 is the interface you want chilli to basically listen for dhcp requests on
>

ok.


>
> 7 and 8 are radius authentication attibutes, if using that type of auth for
> radius
>

RADIUS authentication attributes? The credentials chilli uses to connect to
RADIUS server?


>
> 9 is a list of allowed urls surfable without authentication first
>

ok.


>
> 10 means it will aloow any dns server, say if a client has one set manually
> other then what you rovided from dhcp
>

ok.


>
> 14 is for the WISPR login URL
>

Where is it derived from? I mean, is
/app/uam/auth<https://coova.org/app/uam/auth>derived from some Apache
Alias on my server running the chilli web portal?
What is the actual location on disk?


>
> 19 is the NAS information for radius
>

I still don't understand that one. Why is it in an LDAP like notation?


>
> 25 is the physical location of the UAM server, should be the same as the
> uamhomepage ip or address
>

 Is /app/uam/chilli <https://coova.org/app/uam/chilli> an Apache Alias on
the chilli web portal as well? What is the actual location on disk of the
Alias, if any?




>> I also have the file named "defaults" which I need to copy to "config".
>> They are both in /usr/local/etc/chilli/. Looking at them, I see that most of
>> the parameters are almost like what I see in main.conf. This has left me
>> confused as what purpose the "config" file is supposed to serve.
>>
>
> the config file is for your customized parameters, where default is the
> default coova settings, it reads variables from default, looks at config for
> customizations and the writes main.conf, this file is generated by functions
>

It writes main.conf on the fly??? So I should not create a main.conf?



>> All my chilli files are accesible on my webserver via /coova (an Apache
>> Alias pointer). Now where /app are supposed to come from still beats me.
>>
>> Am I supposed to be running my own DHCP server or does coova-chilli have
>> some sort of built-in DHCP server?
>>
>
> chilli does have an internal dhcp system
>

Wow. So I do not need to have one? Interesting. Thank you for this. It's the
only one I clearly understand now:-)



>> At some point, I believe I am going to introduce a Wireless Access Point
>> into this mix, connected to my DHCP interface, yes? This is how the clients
>> are going to communicate with the system, correct?
>>
>
> its exactly how i am configured though chilli runs on my APs not on my auth
> server
>

chilli runs on your APs? You have different computers acting as APs using
Wireless Access Point hardware??


>
>> My other problem are two files- up.sh and down,sh: I can run either PF or
>> IPFilter/IPNat on the FreeBSD box, but not IPTABLES. So I am wondering what
>> the purpose of these two files. What do they do? I do believe IPTables is
>> for Linux only. Is there a FreeBSD use who can share their *BSD versions of
>> these two files?
>>
>
You did not mention anything about the up.sh and down.sh and the issue on
IPTables.... Do you use FreeBSD, bay any chance? It would be most helpful.



>
>> I also had to install haserl from http://haserl.sourceforge.net/ but I
>> still wonder if it's necessary in my setup. I still haven't quite caught up
>> speed on this so please excuse my ignorance.
>
>
> yes, and no,  if you are running the coova web interface / internal portal
> then yes, if not then essentailly no
>

I don't understand this answer? Is it optional to run coova web
interface/internal portal? If I don't run them, then what else is there to
run?? <LOL>
Excuse my stupidity on this, honestly.



> my config and main.conf for APs looks like
>
> HS_LANIF=ath0              # Subscriber Interface for client devices
> HS_UAMLISTEN=101.177.51.1    # HotSpot IP Address (on subscriber network)
> HS_UAMPORT=3990            # HotSpot Port (on subscriber network)
> HS_NETWORK=101.177.51.0
> HS_NETMASK=255.255.255.0
> HS_NASID=nas01
> HS_UAMSERVER=auth.optimwifi.com
> HS_UAMURL="/login/hotspotlogin.php"
> HS_MACAUTH=on
> HS_UAMSECRET=uamsharedsecret
> HS_RADIUS=58.147.11.218         # replace with your radius server's ip
> HS_RADIUS2=58.147.11.218
> HS_RADSECRET=edited-out                   # you should probably choose a
> better shared secret
> HS_SSID="OptimWIFI"
> HS_DNS1=101.177.51.1
>
> HS_UAMALLOWED=www.google.com
> HS_RADCONF=off
>
> HS_UAMFORMAT="\${HS_UAMPROTO:-http}://\$HS_UAMSERVER\$HS_UAMURL\$HS_UAMURLEXTRAS"
> HS_UAMHOMEPAGE=http://\$HS_UAMSERVER/
> HS_MODE=hotspot
> HS_TYPE=chillispot
> HS_RADAUTH=1812
> HS_RADACCT=1813
> #HS_ADMUSR=chillispot
> #HS_ADMPWD=chillispot
>
> HS_PROVIDER=OptimWIFI
> HS_PROVIDER_LINK=http://www.coova.org/
> HS_LOC_NAME="OptimWIFI HotSpot"           # WISPr Location Name and used in
> portal
>
> my server is on 58.147.26.217 with radius / apache /  uam hostspotlogin,
> and notice i do use variables in my config, if you read them it might help
> you understand the way it puts this together
>

I will read these keenly, honestly.

Don't get tired with me:-)


-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254733744121/+254722743223
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
"Oh My God! They killed init! You Bastards!"
                       --from a /. post
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20081117/202ca489/attachment.htm>

More information about the Chilli mailing list