[Chilli] coova-chilli 1.3.0 problem with WISPr-Redirection-URL

Sourav sourav.chakraborty at netcommwireless.com
Tue Sep 17 07:05:44 UTC 2013


Hi David,
I guess you should take a look at this problem I'm facing as I'm using 
chilliController.js and ChilliLibrary.js ....

In your blog --http://coova.org/node/80 you mentioned that this is still 
under development. I'm using coova-chilli 1.3.0. Is the feature "Any 
page a login page" not available in this version?

I'm seeing Access-Request go to FreeRadius Server and can also see 
Access-Accept getting received by coovachilli, but it does not send out 
Accounting Start msg to Freeradius after that. Also further browsing to 
any site is not possible.

Warm Regards,
Sourav
On 17/09/13 09:52, Sourav wrote:
> If the uncomment #HS_MACAUTH=on in config file, then Accounting Start 
> msg goes to radius server and browsing is possible. I want to have the 
> same behaviour for the user/pwd authentication using UAM, which is not 
> happening now......currently on entering username/pwd on the 
> hotspotlogin.html and pressing "connect", Acess-Request goes to 
> freeradius server, which replies back with Access-Accept. Now 
> coovachilli should handle this Access-Accept(confirmed that it 
> received this msg from the logs), and send Accounting Start to radius 
> server and the user should be able to browse pages on the internet. 
> This is not happening at present.
>
> Warm Regards,
> Sourav
> On 16/09/13 18:28, Russell Mike wrote:
>> Hi Sourav,
>>
>> Please excuse if you have already verified. It could be firewall or 
>> any other device blocking account. Port 1813/UDP. No ?
>>
>> Thanks / RM --
>>
>> On Mon, Sep 16, 2013 at 8:15 AM, Sourav 
>> <sourav.chakraborty at netcommwireless.com 
>> <mailto:sourav.chakraborty at netcommwireless.com>> wrote:
>>
>>     Hi MIke,
>>      Thanks for the suggestion....but the problem seems to be at the
>>     coovachilli end and not at the radius server end......coovachilli
>>     is not sending out Accounting Start msg to radius server after it
>>     receives Access-Accept from the radius server.
>>
>>     Warm Regards,
>>     Sourav
>>
>>     On 16/09/13 17:45, Russell Mike wrote:
>>>     Hi,
>>>
>>>     The following is working one, check if helps.
>>>
>>>     server accept_everyone {
>>>            authorize {
>>>     files
>>>     sql
>>>         if(ok) {
>>>                 update control {
>>>                         Login-Time := 'Any0000-1259'
>>>                         Auth-Type := "Accept"
>>>     }
>>>         }
>>>                   update reply {
>>>     WISPr-Redirection-URL := ""
>>>     }
>>>         else {
>>>
>>>                 update control {
>>>                         Auth-Type := "Reject"
>>>     }
>>>                 update reply {
>>>                 WISPr-Redirection-URL := "http://41.139.28.1"
>>>                }
>>>     }
>>>         }
>>>
>>>     Thanks / RM --
>>>
>>>
>>>     On Thu, Sep 12, 2013 at 4:12 AM, Sourav
>>>     <sourav.chakraborty at netcommwireless.com
>>>     <mailto:sourav.chakraborty at netcommwireless.com>> wrote:
>>>
>>>         BTW the radius exchanges look this way --
>>>
>>>         rad_recv: Access-Request packet from host 192.168.1.1 port
>>>         39125, id=40, length=287
>>>             ChilliSpot-Version = "1.3.0"
>>>             User-Name = "hhgk"
>>>             CHAP-Challenge = 0x4a82bfa6b164f1171f7aa616439a0c21
>>>             CHAP-Password = 0x00db346919de9293942fc6cf7d5014a228
>>>             Service-Type = Login-User
>>>             Acct-Session-Id = "5231317c00000001"
>>>             Framed-IP-Address = 10.1.0.4
>>>             NAS-Port-Type = Wireless-802.11
>>>             NAS-Port = 1
>>>             NAS-Port-Id = "00000001"
>>>             Calling-Station-Id = "00-08-CA-46-7D-11"
>>>             Called-Station-Id = "00-60-64-89-20-60"
>>>             NAS-IP-Address = 10.1.0.1
>>>             NAS-Identifier = "nas01"
>>>             WISPr-Location-ID = "isocc=,cc=,ac=,network=Coova,"
>>>             WISPr-Location-Name = "My_HotSpot"
>>>             WISPr-Logoff-URL = "http://10.1.0.1:3990/logoff"
>>>         <http://10.1.0.1:3990/logoff>
>>>             Message-Authenticator = 0xd50a548a33cf2e0c31d95951ae676f60
>>>         # Executing section authorize from file
>>>         /usr/local/etc/raddb/sites-enabled/default
>>>         +- entering group authorize {...}
>>>         ++[preprocess] returns ok
>>>         [chap] Setting 'Auth-Type := CHAP'
>>>         ++[chap] returns ok
>>>         ++[mschap] returns noop
>>>         ++[digest] returns noop
>>>         [suffix] No '@' in User-Name = "hhgk", looking up realm NULL
>>>         [suffix] No such realm "NULL"
>>>         ++[suffix] returns noop
>>>         [eap] No EAP-Message, not doing EAP
>>>         ++[eap] returns noop
>>>         [files] users: Matched entry DEFAULT at line 71
>>>         ++[files] returns ok
>>>         ++[expiration] returns noop
>>>         ++[logintime] returns noop
>>>         [pap] WARNING: Auth-Type already set.  Not setting to PAP
>>>         ++[pap] returns noop
>>>         Found Auth-Type = Accept
>>>         Auth-Type = Accept, accepting the user
>>>         # Executing section post-auth from file
>>>         /usr/local/etc/raddb/sites-enabled/default
>>>         +- entering group post-auth {...}
>>>         ++[exec] returns noop
>>>         Sending Access-Accept of id 40 to 192.168.1.1 port 39125
>>>             Idle-Timeout = 1200
>>>         ChilliSpot-Bandwidth-Max-Down = 1024
>>>         ChilliSpot-Bandwidth-Max-Up = 512
>>>             Session-Timeout = 1800
>>>             Acct-Interim-Interval = 30
>>>         Finished request 8.
>>>         Going to the next request
>>>         Waking up in 4.9 seconds.
>>>         Cleaning up request 8 ID 40 with timestamp +1041
>>>         Ready to process requests.
>>>
>>>         Warm Regards,
>>>         Sourav
>>>
>>>         On 12/09/13 14:02, Sourav wrote:
>>>>         Hi,
>>>>         I have been sending out SOS for the past 2 days
>>>>         ........please help me out as I am stuck and cannot
>>>>         progress further without your help.
>>>>
>>>>         I have setup  coova-chilli 1.3.0 with Freeradius and have set up a
>>>>         captive portal page(hotspotlogin.html).
>>>>         On trying to login from a PC using Wireless, Radius Access-Request
>>>>         reaches Freeradius(which sends Access-Accept as I have set up(in users
>>>>         file) --
>>>>         DEFAULT Auth-Type := Accept
>>>>                   
>>>>
>>>>         But no RADIUS "Acct-Status-Type=Start" msg is sent by coovachilli after this, redirection
>>>>         happens to hotspotlogin.html again, after a while. Further browsing to any site, takes
>>>>         me to the captive portal page and not to the site. Please help me
>>>>         resolve this as this is urgently required.
>>>>
>>>>          Please find logs for the problem which I am facing as
>>>>         mentioned in my mail below------please help me out on this ....
>>>>         dhcp.c: 411: 0 (Debug) dhcp_send() len=54
>>>>         dhcp.c: 4965: 0 (Debug) dhcp_decaps: src=00:08:ca:46:7d:11
>>>>         dst=00:60:64:89:20:60 pr
>>>>         dhcp.c: 3497: 0 (Debug) function dhcp_receive_ip()
>>>>         tun.c: 1089: 0 (Debug) tun_encaps(tun0) len=52
>>>>         redir.c: 3278: 0 (Debug) Calling redir_getstate()
>>>>         redir.c: 3323: 0 (Debug) Receiving HTTP Request
>>>>         redir.c: 2103: 0 (Debug) The path: json/logon
>>>>         redir.c: 2118: 0 (Debug) The (json format) path: logon
>>>>         redir.c: 2153: 0 (Debug) Query string:
>>>>         username=hhgk&response=db346919de9293942fc6c
>>>>         redir.c: 2175: 0 (Debug) Host: 10.1.0.1:3990
>>>>         <http://10.1.0.1:3990>
>>>>         redir.c: 2160: 0 (Debug) end of http-request
>>>>         redir.c: 1877: 0 (Debug) getparam(&lang=)
>>>>         redir.c: 1877: 0 (Debug) getparam(&username=)
>>>>         redir.c: 1903: 0 (Debug) The parameter username is: [hhgk]
>>>>         redir.c: 2267: 0 (Debug) -->> Setting username=[hhgk]
>>>>         redir.c: 1877: 0 (Debug) getparam(&userurl=)
>>>>         redir.c: 1903: 0 (Debug) The parameter userurl is:
>>>>         [http://www.telegesis.com/]
>>>>         redir.c: 2273: 0 (Debug) -->> Setting
>>>>         userurl=[http://www.telegesis.com/]
>>>>         redir.c: 1877: 0 (Debug) getparam(&continue=)
>>>>         redir.c: 1877: 0 (Debug) getparam(&WISPrVersion=)
>>>>         redir.c: 2295: 0 (Debug) using uamprotocol: WISPr 1.0 (1)
>>>>         redir.c: 1877: 0 (Debug) getparam(&ntresponse=)
>>>>         redir.c: 1877: 0 (Debug) getparam(&response=)
>>>>         redir.c: 1903: 0 (Debug) The parameter response is:
>>>>         [db346919de9293942fc6cf7d5014a2
>>>>         redir.c: 1877: 0 (Debug) getparam(&ident=)
>>>>         redir.c: 3388: 0 (Debug) Processing HTTP Request
>>>>         redir.c: 3696: 0 (Debug) Processing received request
>>>>         redir.c: 3794: 0 (Debug) redir_accept: Sending RADIUS request
>>>>         radius.c: 1315: 0 (Debug) RADIUS client 0.0.0.0:0
>>>>         <http://0.0.0.0:0>
>>>>         tun.c: 802: 0 (Debug) tun_decaps(idx=0, len=52)
>>>>         chilli.c: 2657: 0 (Debug) sending to : 10.1.0.4
>>>>         dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length 66
>>>>         dhcp.c: 411: 0 (Debug) dhcp_send() len=66
>>>>         redir.c: 2642: 0 (Debug) created radius packet (code=1,
>>>>         id=40, len=33)
>>>>
>>>>         redir.c: 2654: 0 (Debug) SECRET: [change-me]
>>>>         redir.c: 2803: 0 (Debug) sending radius packet (code=1,
>>>>         id=40, len=287)
>>>>
>>>>         radius.c: 321: 0 (Debug) Allocating RADIUS packet
>>>>         radius.c: 1898: 0 (Debug) Received RADIUS packet id=40
>>>>         radius.c: 421: 0 (Debug) Freeing RADIUS packet
>>>>         radius.c: 426: 0 (Debug) RADIUS queue-out id=40 idx=0
>>>>         redir.c: 2431: 0 (Debug) Received RADIUS response
>>>>         chilli.c: 3901: 0 (Debug) Received too small radius
>>>>         Acct-Interim-Interval: 30;
>>>>         redir.c: 2531: 0 (Debug) +attribute EAP msg (0 bytes):
>>>>         redir.c: 3804: 0 (Debug) Received RADIUS reply
>>>>         redir.c: 3818: 0 (Debug) redir_main handling Access-Accept
>>>>         redir.c: 1877: 0 (Debug) getparam(&callback=)
>>>>         redir.c: 1903: 0 (Debug) The parameter callback is:
>>>>         [chilliJSON.reply]
>>>>         redir.c: 1394: 0 (Debug) sending json:
>>>>         chilliJSON.reply({"version":"1.0","*clientSta**te":1*,"redir":{"originalURL":"http://www.telegesis.com/"
>>>>         <http://www.telegesis.com/>,"redirectionURL":"","logoutURL":"http://10.1.0.1:3990/logoff"
>>>>         <http://10.1.0.1:3990/logoff>,"ipAddress":"10.1.0.4","macAddress":"00-08-CA-46-7D-11"},"session":{"sessionId":"5231317c00000001","userName":"hhgk","startTime":1378955693,"sessionTimeout":1800,"idleTimeout":1200},"accounting":{"sessionTime":0,"idleTime":0,"inputOctets":0,"outputOctets":0,"inputGigawords":0,"outputGigawords":0,"viewPoint":"client"}}
>>>>
>>>>
>>>>
>>>>
>>>>         redir.c: 1455: 0 (Debug) redir_write(749)
>>>>         tun.c: 802: 0 (Debug) tun_decaps(idx=0, len=789)
>>>>         chilli.c: 2657: 0 (Debug) sending to : 10.1.0.4
>>>>         dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length 803
>>>>         dhcp.c: 411: 0 (Debug) dhcp_send() len=803
>>>>         chilli.c: 5840: 0 (Debug) UAM login with unknown IP
>>>>         address: 10.1.0.4
>>>>         redir.c: 3854: 0 (Debug) -->> Msg
>>>>         userurl=[http://www.telegesis.com/]
>>>>
>>>>         redir.c: 3077: 0 (Debug) close_exit
>>>>         dhcp.c: 4965: 0 (Debug) dhcp_decaps: src=00:08:ca:46:7d:11
>>>>         dst=00:60:64:89:20:60 pr
>>>>         dhcp.c: 3497: 0 (Debug) function dhcp_receive_ip()
>>>>         tun.c: 1089: 0 (Debug) tun_encaps(tun0) len=40
>>>>         tun.c: 802: 0 (Debug) tun_decaps(idx=0, len=52)
>>>>         chilli.c: 2657: 0 (Debug) sending to : 10.1.0.4
>>>>         dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length 66
>>>>         dhcp.c: 411: 0 (Debug) dhcp_send() len=66
>>>>         tun.c: 802: 0 (Debug) tun_decaps(idx=0, len=40)
>>>>         chilli.c: 2657: 0 (Debug) sending to : 10.1.0.4
>>>>         dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length 54
>>>>         dhcp.c: 411: 0 (Debug) dhcp_send() len=54
>>>>         chilli.c: 379: 0 (Debug) caught 17 via selfpipe
>>>>         chilli.c: 310: 0 (Debug) child 6326 terminated
>>>>         chilli.c: 135: 0 (Debug) Freed child process 6326 [[redir]]
>>>>         dhcp.c: 4965: 0 (Debug) dhcp_decaps: src=00:08:ca:46:7d:11
>>>>         dst=00:60:64:89:20:60 pr
>>>>         dhcp.c: 3497: 0 (Debug) function dhcp_receive_ip()
>>>>         tun.c: 1089: 0 (Debug) tun_encaps(tun0) len=40
>>>>         tun.c: 802: 0 (Debug) tun_decaps(idx=0, len=40)
>>>>         chilli.c: 2657: 0 (Debug) sending to : 10.1.0.4
>>>>         dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length 54
>>>>         dhcp.c: 411: 0 (Debug) dhcp_send() len=54
>>>>         dhcp.c: 4965: 0 (Debug) dhcp_decaps: src=00:08:ca:46:7d:11
>>>>         dst=00:60:64:89:20:60 pr
>>>>         dhcp.c: 3497: 0 (Debug) function dhcp_receive_ip()
>>>>         dhcp.c: 2558: 0 (Debug) Resetting connection on port
>>>>         56160->443
>>>>         dhcp.c: 411: 0 (Debug) dhcp_send() len=54
>>>>         dhcp.c: 3908: 0 (Debug) dropping packet; not nat'ed
>>>>         dhcp.c: 4965: 0 (Debug) dhcp_decaps: src=00:08:ca:46:7d:11
>>>>         dst=00:60:64:89:20:60 pr
>>>>         dhcp.c: 3497: 0 (Debug) function dhcp_receive_ip()
>>>>         dhcp.c: 2558: 0 (Debug) Resetting connection on port
>>>>         56165->443
>>>>         dhcp.c: 411: 0 (Debug) dhcp_send() len=54
>>>>         dhcp.c: 3908: 0 (Debug) dropping packet; not nat'ed
>>>>         tun.c: 802: 0 (Debug) tun_decaps(idx=0, len=52)
>>>>         chilli.c: 2657: 0 (Debug) sending to : 10.1.0.4
>>>>         dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length 66
>>>>         dhcp.c: 2674: 0 (Debug) Resetting connection on port
>>>>         443->56160 (undo)
>>>>         dhcp.c: 411: 0 (Debug) dhcp_send() len=54
>>>>         tun.c: 1089: 0 (Debug) tun_encaps(tun0) len=40
>>>>         dhcp.c: 5390: 0 (Debug) dhcp_undoDNAT() returns true
>>>>         tun.c: 802: 0 (Debug) tun_decaps(idx=0, len=52)
>>>>         chilli.c: 2657: 0 (Debug) sending to : 10.1.0.4
>>>>         dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length 66
>>>>         dhcp.c: 2674: 0 (Debug) Resetting connection on port
>>>>         443->56165 (undo)
>>>>         dhcp.c: 411: 0 (Debug) dhcp_send() len=54
>>>>
>>>>
>>>>
>>>>         After a little while --
>>>>         dhcp.c: 4965: 0 (Debug) dhcp_decaps: src=00:08:ca:46:7d:11
>>>>         dst=00:60:64:89:20:60 pr
>>>>         dhcp.c: 3497: 0 (Debug) function dhcp_receive_ip()
>>>>         tun.c: 1089: 0 (Debug) tun_encaps(tun0) len=52
>>>>         redir.c: 3278: 0 (Debug) Calling redir_getstate()
>>>>         redir.c: 3323: 0 (Debug) Receiving HTTP Request
>>>>         redir.c: 2103: 0 (Debug) The path: json/status
>>>>         redir.c: 2118: 0 (Debug) The (json format) path: status
>>>>         redir.c: 2153: 0 (Debug) Query string:
>>>>         callback=chilliJSON.reply&0.5259556404780596
>>>>         redir.c: 2175: 0 (Debug) Host: 10.1.0.1:3990
>>>>         <http://10.1.0.1:3990>
>>>>         redir.c: 2160: 0 (Debug) end of http-request
>>>>         redir.c: 3388: 0 (Debug) Processing HTTP Request
>>>>         redir.c: 3696: 0 (Debug) Processing received request
>>>>         redir.c: 1877: 0 (Debug) getparam(&callback=)
>>>>         redir.c: 1903: 0 (Debug) The parameter callback is:
>>>>         [chilliJSON.reply]
>>>>         redir.c: 1394: 0 (Debug) sending json:
>>>>         chilliJSON.reply({"version":"1.0","*clientSta**te":0*,"challenge":"00000000000000000000000000000000","location":{"name":"My
>>>>         HotSpot"},"redir":{"originalURL":"","redirectionURL":"","logoutURL":"http://10.1.0.1:3990/logoff"
>>>>         <http://10.1.0.1:3990/logoff>,"ipAddress":"10.1.0.4","macAddress":"00-08-CA-46-7D-11"}})
>>>>
>>>>
>>>>         redir.c: 1455: 0 (Debug) redir_write(542)
>>>>         redir.c: 3077: 0 (Debug) close_exit
>>>>         tun.c: 802: 0 (Debug) tun_decaps(idx=0, len=40)
>>>>         chilli.c: 2657: 0 (Debug) sending to : 10.1.0.4
>>>>
>>>>         Warm Regards,
>>>>         Sourav
>>>>         On 11/09/13 13:10, Sourav wrote:
>>>>>         Hi All,
>>>>>         I have setup  coova-chilli 1.3.0 with Freeradius and have set up a
>>>>>         captive portal page(hotspotlogin.html).
>>>>>         On trying to login from a PC using Wireless, Radius Access-Request
>>>>>         reaches Freeradius(which sends Access-Accept as I have set up(in users
>>>>>         file) --
>>>>>         DEFAULT Auth-Type := Accept
>>>>>                   WISPr-Redirection-URL=http://google.com.au
>>>>>
>>>>>
>>>>>         But instead of getting redirected togoogle.com.au  <http://google.com.au>, the redirection
>>>>>         happens to hotspotlogin.html again. Further browsing to any site, takes
>>>>>         me to the captive portal page and not to the site. Please help me
>>>>>         resolve this as this is urgently required.
>>>>>
>>>>>         Thanks
>>>>>
>>>>
>>>>
>>>>         -- 
>>>>         Warm Regards,
>>>>         Sourav
>>>>
>>>>         ______________________________________________________________________
>>>>         This communication contains information which may be
>>>>         confidential or privileged. The information is intended
>>>>         solely for the use of the individual or entity named above.
>>>>         If you are not the intended recipient, be aware that any
>>>>         disclosure, copying, distribution or use of the contents of
>>>>         this information is prohibited. If you have received this
>>>>         communication in error, please notify me by telephone
>>>>         immediately.
>>>>         ______________________________________________________________________
>>>
>>>
>>>         -- 
>>>         Warm Regards,
>>>         Sourav
>>>
>>>
>>>         ______________________________________________________________________
>>>         This communication contains information which may be
>>>         confidential or privileged. The information is intended
>>>         solely for the use of the individual or entity named above.
>>>         If you are not the intended recipient, be aware that any
>>>         disclosure, copying, distribution or use of the contents of
>>>         this information is prohibited. If you have received this
>>>         communication in error, please notify me by telephone
>>>         immediately.
>>>         ______________________________________________________________________
>>>
>>>         _______________________________________________
>>>         Chilli mailing list
>>>         Chilli at coova.org <mailto:Chilli at coova.org>
>>>         http://lists.coova.org/cgi-bin/mailman/listinfo/chilli
>>>
>>>
>>
>>
>>     -- 
>>     Warm Regards,
>>     Sourav
>>
>>
>>     ______________________________________________________________________
>>     This communication contains information which may be confidential
>>     or privileged. The information is intended solely for the use of
>>     the individual or entity named above. If you are not the intended
>>     recipient, be aware that any disclosure, copying, distribution or
>>     use of the contents of this information is prohibited. If you
>>     have received this communication in error, please notify me by
>>     telephone immediately.
>>     ______________________________________________________________________
>>
>>
>
>
> -- 
> Warm Regards,
> Sourav


-- 
Warm Regards,
Sourav



______________________________________________________________________
This communication contains information which may be confidential or privileged. The information is intended solely for the use of the individual or entity named above.  If you are not the intended recipient, be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited.  If you have received this communication in error, please notify me by telephone immediately.
______________________________________________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20130917/90814465/attachment-0001.html>


More information about the Chilli mailing list