[Chilli] Fwd: Fwd: Fwd: Fwd: Re: confirm 12aac753c13ff4f88a698eadf2d84d0568b1e13a

Sourav sourav.chakraborty at netcommwireless.com
Tue Sep 10 06:03:42 UTC 2013


Hi,
I have resolved yesterday's issues. Now coovachilli is sending out 
Radius Access-Request msgs to freeradius and the authentication is 
successful. However on an authenticated client browser, the redirection 
is always happening to the authentication page(hotspotlogin.html).....it 
should have allowed internet access to authenticated clients,which is 
not happening now....please help me out on this.


Also after sometime ,coovachilli stops sending radius access request 
msgs to freeradius.....it resumes sending them after a restart of the 
router. Please help me out on this as well.

Warm Regards,
Sourav


-------- Original Message --------
Subject: 	Fwd: Fwd: Fwd: Re: confirm 
12aac753c13ff4f88a698eadf2d84d0568b1e13a
Date: 	Mon, 09 Sep 2013 16:35:46 +1000
From: 	Sourav <sourav.chakraborty at netcommwireless.com>
To: 	chilli at coova.org



I am not seeing RADIUS Access-Request go out of coovachilli. Please help 
me out.

Warm Regards,
Sourav


-------- Original Message --------
Subject: 	Fwd: Fwd: Re: confirm 12aac753c13ff4f88a698eadf2d84d0568b1e13a
Date: 	Mon, 09 Sep 2013 16:33:40 +1000
From: 	Sourav <sourav.chakraborty at netcommwireless.com>
To: 	chilli at coova.org



Further ifconfig result is thus --
root:/etc/chilli# ifconfig
br0       Link encap:Ethernet  HWaddr 00:60:64:89:20:5F
           inet addr:192.168.1.1  Bcast:192.168.1.255 Mask:255.255.255.0
           inet6 addr: fe80::260:64ff:fe89:205f/64 Scope:Link
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:120721 errors:0 dropped:0 overruns:0 frame:0
           TX packets:80766 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:11363082 (10.8 MiB)  TX bytes:39376543 (37.5 MiB)

eth0      Link encap:Ethernet  HWaddr 00:60:64:89:20:5F
           inet6 addr: fe80::260:64ff:fe89:205f/64 Scope:Link
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:81849 errors:4 dropped:0 overruns:0 frame:0
           TX packets:81990 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:1000
           RX bytes:8988390 (8.5 MiB)  TX bytes:29518628 (28.1 MiB)
           Interrupt:25 Base address:0xc000

lo        Link encap:Local Loopback
           inet addr:127.0.0.1  Mask:255.0.0.0
           inet6 addr: ::1/128 Scope:Host
           UP LOOPBACK RUNNING  MTU:16436  Metric:1
           RX packets:9688 errors:0 dropped:0 overruns:0 frame:0
           TX packets:9688 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0
           RX bytes:281764 (275.1 KiB)  TX bytes:281764 (275.1 KiB)

ra0       Link encap:Ethernet  HWaddr 00:60:64:89:20:60
           inet6 addr: fe80::260:64ff:fe89:2060/64 Scope:Link
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:1000
           RX bytes:579729052 (552.8 MiB)  TX bytes:34214719 (32.6 MiB)

tun0      Link encap:UNSPEC  HWaddr 
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
           inet addr:10.1.0.1  P-t-P:10.1.0.1  Mask:255.255.255.0
           UP POINTOPOINT RUNNING  MTU:1500  Metric:1
           RX packets:783 errors:0 dropped:0 overruns:0 frame:0
           TX packets:844 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:100
           RX bytes:35448 (34.6 KiB)  TX bytes:54105 (52.8 KiB)

wwan0     Link encap:Ethernet  HWaddr B2:8E:C5:48:02:07
           inet addr:123.209.59.212  Bcast:123.255.255.255 
Mask:255.255.255.255
           inet6 addr: fe80::b08e:c5ff:fe48:207/64 Scope:Link
           UP BROADCAST RUNNING NOARP MULTICAST  MTU:1358 Metric:1
           RX packets:30395 errors:0 dropped:0 overruns:0 frame:0
           TX packets:33962 errors:0 dropped:4294967294 overruns:0 carrier:0
           collisions:0 txqueuelen:1000
           RX bytes:15761860 (15.0 MiB)  TX bytes:4231567 (4.0 MiB)



-------- Original Message --------
Subject: 	Fwd: Re: confirm 12aac753c13ff4f88a698eadf2d84d0568b1e13a
Date: 	Mon, 09 Sep 2013 15:25:29 +1000
From: 	Sourav <sourav.chakraborty at netcommwireless.com>
To: 	chilli at coova.org




Furthermore, my /etc/chilli/config is --
# -*- mode: shell-script; -*-
#
#   Coova-Chilli Default Configurations.
#   To customize, copy this file to /etc/chilli/config
#   and edit to your liking. This is included in shell scripts
#   that configure chilli and related programs before file 'config'.


###
#   Local Network Configurations
#

# HS_WANIF=eth0            # WAN Interface toward the Internet
#HS_WANIF=br0            # WAN Interface toward the Internet
HS_LANIF=ra0               # Subscriber Interface for client devices
HS_NETWORK=10.1.0.0        # HotSpot Network (must include HS_UAMLISTEN)
HS_NETMASK=255.255.255.0   # HotSpot Network Netmask
HS_UAMLISTEN=10.1.0.1      # HotSpot IP Address (on subscriber network)
HS_UAMPORT=3990            # HotSpot UAM Port (on subscriber network)
HS_UAMUIPORT=4990          # HotSpot UAM "UI" Port (on subscriber 
network, for embe

# HS_DYNIP=
# HS_DYNIP_MASK=255.255.255.0
# HS_STATIP=
# HS_STATIP_MASK=255.255.255.0
# HS_DNS_DOMAIN=

# OpenDNS Servers
HS_DNS1=10.1.0.1
HS_DNS2=208.67.220.220

###
#   HotSpot settings for simple Captive Portal
#
HS_NASID=nas01
HS_RADIUS=192.168.1.107
HS_RADIUS2=localhost
HS_UAMALLOW=www.coova.org
HS_RADSECRET=testing123    # Set to be your RADIUS shared secret
#HS_UAMSECRET=change-me     # Set to be your UAM secret
HS_UAMALIASNAME=chilli

#  Configure RADIUS proxy support (for 802.1x + captive portal support)
#HS_RADPROXY=on
#HS_RADPROXY_LISTEN=127.0.0.1
#HS_RADPROXY_CLIENT=127.0.0.1
#HS_RADPROXY_PORT=1645
#HS_RADPROXY_SECRET=$HS_RADSECRET
#  Example OpenWrt /etc/config/wireless entry for hostapd
#    option encryption wpa2
#    option server $HS_RADPROXY_LISTEN
#    option port $HS_RADPROXY_PORT
#    option key $HS_RADPROXY_SECRET


#   To alternatively use a HTTP URL for AAA instead of RADIUS:
# HS_UAMAAAURL=http://my-site/script.php

#   Put entire domains in the walled-garden with DNS inspection
# HS_UAMDOMAINS=".paypal.com,.paypalobjects.com"

#   Optional initial redirect and RADIUS settings
# HS_SSID=<ssid>           # To send to the captive portal
# HS_NASMAC=<mac address>  # To explicitly set Called-Station-Id
# HS_NASIP=<ip address>    # To explicitly set NAS-IP-Address

#   The server to be used in combination with HS_UAMFORMAT to
#   create the final chilli 'uamserver' url configuration.
HS_UAMSERVER=$HS_UAMLISTEN
#   Use HS_UAMFORMAT to define the actual captive portal url.
#   Shell variable replacement takes place when evaluated, so here
#   HS_UAMSERVER is escaped and later replaced by the pre-defined
#   HS_UAMSERVER to form the actual "--uamserver" option in chilli.
#HS_UAMFORMAT=http://\$HS_UAMLISTEN:\$HS_UAMUIPORT/www/login.chi
#HS_UAMFORMAT=http://\$HS_UAMLISTEN:\$HS_UAMUIPORT/www/mylogin.chi
#HS_UAMFORMAT=http://\$HS_UAMLISTEN:\$HS_UAMUIPORT/www/index.html
HS_UAMFORMAT=http://\$HS_UAMLISTEN:\$HS_UAMUIPORT/www/hotspotlogin.html

#   Same principal goes for HS_UAMHOMEPAGE.
HS_UAMHOMEPAGE=http://\$HS_UAMLISTEN:\$HS_UAMPORT/www/coova.html

#   This option will be configured to be the WISPr LoginURL as well
#   as provide "uamService" to the ChilliController. The UAM Service is
#   described in: http://www.coova.org/CoovaChilli/UAMService
#
HS_UAMSERVICE=http://\$HS_UAMLISTEN:\$HS_UAMUIPORT/www/hotspotlogin.html


###
#   Features not activated per-default (default to off)
#
# HS_RADCONF=off           # Get some configurations from RADIUS or a 
URL ('on' and
#
# HS_ANYIP=on              # Allow any IP address on subscriber LAN
#
# HS_MACAUTH=on            # To turn on MAC Authentication
#
# HS_MACAUTHDENY=on        # Put client in 'drop' state on MAC Auth 
Access-Reject
#
# HS_MACAUTHMODE=local     # To allow MAC Authentication based on 
macallowed, not R
#
# HS_MACALLOW="..."      # List of MAC addresses to authenticate (comma 
seperated)
#
# HS_USELOCALUSERS=on      # To use the /etc/chilli/localusers file
#
# HS_OPENIDAUTH=on         # To inform the RADIUS server to allow OpenID 
Auth
#
HS_WPAGUESTS=on    # To inform the RADIUS server to allow WPA Guests
#
# HS_DNSPARANOIA=on        # To drop DNS packets containing something other
#                          # than A, CNAME, SOA, or MX records
#
# HS_OPENIDAUTH=on         # To inform the RADIUS server to allow OpenID 
Auth
- config 114/205 55%
# HS_USE_MAP=on            # Short hand for allowing the required google
#                          # sites to use Google maps (adds many google 
sites!)
#
###
#   Other feature settings and their defaults
#
# HS_DEFSESSIONTIMEOUT=0   # Default session-timeout if not defined by 
RADIUS (0 fo
#
# HS_DEFIDLETIMEOUT=0      # Default idle-timeout if not defined by 
RADIUS (0 for u
#
# HS_DEFBANDWIDTHMAXDOWN=0   # Default WISPr-Bandwidth-Max-Down if not 
defined by R
#
# HS_DEFBANDWIDTHMAXUP=0           # Default WISPr-Bandwidth-Max-Up if 
not defined

###
# Centralized configuration options examples
#
# HS_RADCONF=url           # requires curl
# HS_RADCONF_URL=https://coova.org/app/ap/config

# HS_RADCONF=on            # gather the ChilliSpot-Config attributes in
#                          # Administrative-User login
# HS_RADCONF_SERVER=rad01.coova.org              # RADIUS Server
- config 139/205 67%
# HS_RADCONF_SECRET=coova-anonymous              # RADIUS Shared Secret
# HS_RADCONF_AUTHPORT=1812                       # Auth port
# HS_RADCONF_USER=chillispot                     # Username
# HS_RADCONF_PWD=chillispot                      # Password


###
#   Firewall issues
#
# Uncomment the following to add ports to the allowed local ports list
# The up.sh script will allow these local ports to be used, while the 
default
# is to block all unwanted traffic to the tun/tap.
#
#HS_TCP_PORTS="80 443"

###
#   Standard configurations
#
HS_MODE=hotspot
HS_TYPE=chillispot
HS_RADAUTH=1812
HS_RADACCT=1813
# HS_ADMUSR=chillispot
- config 162/205 79%
# HS_ADMPWD=chillispot


###
#   Post-Auth proxy settings
#
# HS_POSTAUTH_PROXY=<host or ip>
# HS_POSTAUTH_PROXYPORT=<port>

#   Directory specifying where internal web pages can be served
#   by chilli with url /www/<file name>. Only extentions like .html
#   .jpg, .gif, .png, .js are allowed. See below for using .chi as a
#   CGI extension.
HS_WWWDIR=/etc/chilli/www

#   Using this option assumes 'haserl' is installed per-default
#   but, and CGI type program can ran from wwwsh to process requests
#   to chilli with url /www/filename.chi
HS_WWWBIN=/etc/chilli/wwwsh

#   Some configurations used in certain user interfaces
#
HS_PROVIDER=Coova
HS_PROVIDER_LINK=http://www.coova.org/


###
#   WISPr RADIUS Attribute support
#

HS_LOC_NAME="My HotSpot"           # WISPr Location Name and used in portal

#   WISPr settings (to form a proper WISPr-Location-Id)
# HS_LOC_NETWORK="My Network"      # Network name
# HS_LOC_AC=408                    # Phone area code
# HS_LOC_CC=1                      # Phone country code
# HS_LOC_ISOCC=US                  # ISO Country code

# Embedded miniportal
# HS_REG_MODE="tos" # or self, other
# HS_RAD_PROTO="pap" # or mschapv2, chap
HS_RAD_PROTO="mschapv2"
# HS_USE_MAP=on
- config 205/205 100%





Further I'm seeing the following debug messages from coovachilli --
:
"
tun.c: 802: 0 (Debug) tun_decaps(idx=0, len=52)
chilli.c: 2657: 0 (Debug) sending to : 10.1.0.2
dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length 66
dhcp.c: 411: 0 (Debug) dhcp_send() len=66
dhcp.c: 4965: 0 (Debug) dhcp_decaps: src=00:08:ca:46:7d:11 
dst=00:60:64:89:20:60 prot=0800 2048 len=66
dhcp.c: 3497: 0 (Debug) function dhcp_receive_ip()
tun.c: 1089: 0 (Debug) tun_encaps(tun0) len=52
tun.c: 802: 0 (Debug) tun_decaps(idx=0, len=52)
chilli.c: 2657: 0 (Debug) sending to : 10.1.0.2
dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length 66
dhcp.c: 411: 0 (Debug) dhcp_send() len=66
dhcp.c: 4965: 0 (Debug) dhcp_decaps: src=00:08:ca:46:7d:11 
dst=00:60:64:89:20:60 prot=0800 2048 len=54
dhcp.c: 3497: 0 (Debug) function dhcp_receive_ip()
tun.c: 1089: 0 (Debug) tun_encaps(tun0) len=40
tun.c: 802: 0 (Debug) tun_decaps(idx=0, len=40)
chilli.c: 2657: 0 (Debug) sending to : 10.1.0.2
dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length 54
dhcp.c: 411: 0 (Debug) dhcp_send() len=54
dhcp.c: 4965: 0 (Debug) dhcp_decaps: src=00:08:ca:46:7d:11 
dst=00:60:64:89:20:60 prot=0800 2048 len=698
dhcp.c: 3497: 0 (Debug) function dhcp_receive_ip()
redir.c: 3278: 0 (Debug) Calling redir_getstate()
redir.c: 3323: 0 (Debug) Receiving HTTP Request
redir.c: 2103: 0 (Debug) The path: json/status
redir.c: 2118: 0 (Debug) The (json format) path: status
redir.c: 2153: 0 (Debug) Query string: 
callback=chilliJSON.reply&0.9959248343948275
redir.c: 2175: 0 (Debug) Host: 10.1.0.1:3990
redir.c: 2160: 0 (Debug) end of http-request
redir.c: 3388: 0 (Debug) Processing HTTP Request
redir.c: 3696: 0 (Debug) Processing received request
tun.c: 1089: 0 (Debug) tun_encaps(tun0) len=684
tun.c: 802: 0 (Debug) tun_decaps(idx=0, len=40)
chilli.c: 2657: 0 (Debug) sending to : 10.1.0.2
dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length 54
dhcp.c: 411: 0 (Debug) dhcp_send() len=54
dhcp.c: 4965: 0 (Debug) dhcp_decaps: src=00:08:ca:46:7d:11 
dst=00:60:64:89:20:60 prot=0800 2048 len=66
dhcp.c: 3497: 0 (Debug) function dhcp_receive_ip()
tun.c: 1089: 0 (Debug) tun_encaps(tun0) len=52
tun.c: 802: 0 (Debug) tun_decaps(idx=0, len=52)
chilli.c: 2657: 0 (Debug) sending to : 10.1.0.2
dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length 66
dhcp.c: 411: 0 (Debug) dhcp_send() len=66
redir.c: 3932: 0 (Debug) ---->>> resetting challenge: 
d54a78a4ff15e2f51525ef268d09a9dd
chilli.c: 5840: 0 (Debug) UAM login with unknown IP address: 10.1.0.2
redir.c: 1877: 0 (Debug) getparam(&callback=)
redir.c: 1903: 0 (Debug) The parameter callback is: [chilliJSON.reply]
redir.c: 1394: 0 (Debug) sending json: 
chilliJSON.reply({"version":"1.0","clientState":0,"challenge":"d54a78a4ff15e2f51525ef268d09a9dd","location":{"name":"MyHotSpot"},"redir":{"originalURL":"","redirectionURL":"","logoutURL":"http://10.1.0.1:3990/logoff","ipAddress":"10.1.0.2","macAddress":"00-08-CA-46-7D-11"}})

redir.c: 1455: 0 (Debug) redir_write(542)
tun.c: 802: 0 (Debug) tun_decaps(idx=0, len=582)
chilli.c: 2657: 0 (Debug) sending to : 10.1.0.2
dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length 596
dhcp.c: 411: 0 (Debug) dhcp_send() len=596
redir.c: 3077: 0 (Debug) close_exit
tun.c: 802: 0 (Debug) tun_decaps(idx=0, len=40)
chilli.c: 2657: 0 (Debug) sending to : 10.1.0.2
dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length 54
dhcp.c: 411: 0 (Debug) dhcp_send() len=54
chilli.c: 379: 0 (Debug) caught 17 via selfpipe
chilli.c: 310: 0 (Debug) child 25175 terminated
chilli.c: 135: 0 (Debug) Freed child process 25175 [[redir]]
tun.c: 802: 0 (Debug) tun_decaps(idx=0, len=40)
chilli.c: 2657: 0 (Debug) sending to : 10.1.0.2
dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length 54
dhcp.c: 411: 0 (Debug) dhcp_send() len=54
dhcp.c: 4965: 0 (Debug) dhcp_decaps: src=00:08:ca:46:7d:11


Warm Regards,
Sourav


-------- Original Message --------
Subject: 	Re: confirm 12aac753c13ff4f88a698eadf2d84d0568b1e13a
Date: 	Mon, 09 Sep 2013 10:32:58 +1000
From: 	Sourav <sourav.chakraborty at netcommwireless.com>
To: 	chilli-request at coova.org <chilli-request at coova.org>



On 09/09/13 10:29,chilli-request at coova.org  wrote:
> Mailing list subscription confirmation notice for mailing list Chilli
>
> We have received a request fromsourav.chakraborty at netcommwireless.com
> for subscription of your email address,
>"sourav.chakraborty at netcommwireless.com", to thechilli at coova.org
> mailing list.  To confirm that you want to be added to this mailing
> list, simply reply to this message, keeping the Subject: header
> intact.  Or visit this web page:
>
>http://lists.coova.org/cgi-bin/mailman/confirm/chilli/12aac753c13ff4f88a698eadf2d84d0568b1e13a
>
>
> Or include the following line -- and only the following line -- in a
> message tochilli-request at coova.org:
>
>      confirm 12aac753c13ff4f88a698eadf2d84d0568b1e13a
>
> Note that simply sending a `reply' to this message should work from
> most mail readers, since that usually leaves the Subject: line in the
> right form (additional "Re:" text in the Subject: is okay).
>
> If you do not wish to be subscribed to this list, please simply
> disregard this message.  If you think you are being maliciously
> subscribed to the list, or have any other questions, send them to
>chilli-owner at coova.org.


-- 
Warm Regards,
Sourav











______________________________________________________________________
This communication contains information which may be confidential or privileged. The information is intended solely for the use of the individual or entity named above.  If you are not the intended recipient, be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited.  If you have received this communication in error, please notify me by telephone immediately.
______________________________________________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20130910/2b694a92/attachment-0001.html>


More information about the Chilli mailing list