[Chilli] CoovaChiili Permit Server IP

Luis Ferreira lferreira at cabocom.cv
Tue May 21 18:10:08 UTC 2013


Hi David,

Can you clarify on the conup?
>From what I understood, you are saying that is a script that is run every
time a client connects to the network. (correct?)
If true, will that work in my case, with another server running ISC-DHCP?
Where can I configure it? Where is it located?


Regards,
Luis

-----Mensagem original-----
De: chilli-bounces at coova.org [mailto:chilli-bounces at coova.org] Em nome de
David Bird
Enviada: terça-feira, 21 de Maio de 2013 16:01
Para: chilli at coova.org
Assunto: Re: [Chilli] CoovaChiili Permit Server IP

There could be an option similar to macallowed (plus macallowlocal) but for
layer3 mode using ip addresses. Using a script like the one suggested would
also work - though, I think you'd want 'authorize'
instead of 'login' since you don't have RADIUS. You can also do something
similar from the conup script so that as soon as the station connects, you
authorize it. 


On Tue, 2013-05-21 at 09:23 -0100, Luis Ferreira wrote:
> Hi Russell,
> 
>  
> 
> Here we had the same problem, and were able to fix it with the 
> following script:
> 
> 
> 
> #!/bin/bash
> 
>  
> 
> usercheck=$(/usr/local/sbin/chilli_query
> -s /usr/local/var/run/chilli.vlanxx.sock list |grep -c "1 
> accountusername ")
> 
>  
> 
> if [ $usercheck = '0' ];
> 
> then
> 
>         echo "Logging in accountname"
> 
>         /usr/local/sbin/chilli_query
> -s /usr/local/var/run/chilli.vlanxx.sock login ip 192.168.10.251 
> username accountusername password accountpassword
> 
> fi
> 
> 
> 
>  
> 
> Replace account name, account password and IP for the correct ones.
> Also check the location of the sock files.
> 
>  
> 
> This script is running every minute. If the IP is not present, Chilli 
> will not perform the login and ignore it. But if it is present (client
> connected) it will trigger the account login.
> 
>  
> 
> This is a very dirty hack, but we have been using it for more than 2 
> years and it never failed (except when the account would ran out of 
> credit J ).
> 
>  
> 
> Btw, if someone as a different (and less hacked) way of doing this on 
> layer 3, please share it.
> 
>  
> 
> Regards,
> 
> Luis
> 
>  
> 
>  
> 
> Dear Coova Gurus,
> 
>  
> 
> 
> CoovaChilli Layer3, Working great. But for some days now, i am working 
> CoovaChilli to allow some devices to allow access without 
> authentication AND have Static IP address. (Servers, IP phones, Apple 
> TV etc..).
> 
> 
>  
> 
> 
> MAC auth do not help because of L3 setup. Have anyone got the idea.
> How can configure coovachilli to allow access 10 static ip address out 
> of a subnet by default.
> 
> 
>  
> 
> 
> Thanks in advance. 
> 
> 
>  
> 
> 
> Thanks / Regards
> 
> 
> _______________________________________________
> Chilli mailing list
> Chilli at coova.org
> http://lists.coova.org/cgi-bin/mailman/listinfo/chilli

--
--
David Bird
http://www.linkedin.com/in/dwbird/

_______________________________________________
Chilli mailing list
Chilli at coova.org
http://lists.coova.org/cgi-bin/mailman/listinfo/chilli
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20130521/26557370/attachment.html>


More information about the Chilli mailing list