[Chilli] coova-chilli 1.3.0 problem with WISPr-Redirection-URL
Xabier Oneca -- xOneca
xoneca at gmail.com
Fri Sep 20 08:08:45 UTC 2013
Hello Sourav,
Sorry I have no clue how to fix that.
Maybe it has something to do with 'Acct-Interim-Interval' set too low
(value must be >=60 and you have 30).
In fact, we only set 'Session-Timeout' and 'Idle-Timeout', so maybe you
could completely remove the 'Acct-Interim-Interval' response.
If that doesn't work, I don't know what could probably be...
HTH,
Xabier Oneca_,,_
El 20/09/2013 09:37, "Sourav" <sourav.chakraborty at netcommwireless.com>
escribió:
> Hi All,
> I'm still stuck with the problem mentioned below......all the
> info,logs,config etc are mentioned in the mail chain below......please let
> me know what is going wrong here.....this is an urgent situation....please
> help.
>
> Warm Regards,
> Sourav
> On 19/09/13 17:36, Sourav wrote:
>
> Hi All,
> Please help me solve this issue,as I'm totally stuck in this urgent
> situation........feeling hopeless at the moment not getting any help from
> anywhere......please help.
>
> Warm Regards,
> Sourav
> On 17/09/13 17:05, Sourav wrote:
>
> Hi David,
> I guess you should take a look at this problem I'm facing as I'm using
> chilliController.js and ChilliLibrary.js ....
>
> In your blog --http://coova.org/node/80 you mentioned that this is still
> under development. I'm using coova-chilli 1.3.0. Is the feature "Any page a
> login page" not available in this version?
>
> I'm seeing Access-Request go to FreeRadius Server and can also see
> Access-Accept getting received by coovachilli, but it does not send out
> Accounting Start msg to Freeradius after that. Also further browsing to any
> site is not possible.
>
> Warm Regards,
> Sourav
> On 17/09/13 09:52, Sourav wrote:
>
> If the uncomment #HS_MACAUTH=on in config file, then Accounting Start msg
> goes to radius server and browsing is possible. I want to have the same
> behaviour for the user/pwd authentication using UAM, which is not happening
> now......currently on entering username/pwd on the hotspotlogin.html and
> pressing "connect", Acess-Request goes to freeradius server, which replies
> back with Access-Accept. Now coovachilli should handle this
> Access-Accept(confirmed that it received this msg from the logs), and send
> Accounting Start to radius server and the user should be able to browse
> pages on the internet. This is not happening at present.
>
> Warm Regards,
> Sourav
> On 16/09/13 18:28, Russell Mike wrote:
>
> Hi Sourav,
>
> Please excuse if you have already verified. It could be firewall or any
> other device blocking account. Port 1813/UDP. No ?
>
> Thanks / RM --
>
> On Mon, Sep 16, 2013 at 8:15 AM, Sourav <
> sourav.chakraborty at netcommwireless.com> wrote:
>
>> Hi MIke,
>> Thanks for the suggestion....but the problem seems to be at the
>> coovachilli end and not at the radius server end......coovachilli is not
>> sending out Accounting Start msg to radius server after it receives
>> Access-Accept from the radius server.
>>
>> Warm Regards,
>> Sourav
>>
>> On 16/09/13 17:45, Russell Mike wrote:
>>
>> Hi,
>>
>> The following is working one, check if helps.
>>
>> server accept_everyone {
>> authorize {
>> files
>> sql
>> if(ok) {
>> update control {
>> Login-Time := 'Any0000-1259'
>> Auth-Type := "Accept"
>> }
>> }
>> update reply {
>> WISPr-Redirection-URL := ""
>> }
>> else {
>>
>> update control {
>> Auth-Type := "Reject"
>> }
>> update reply {
>> WISPr-Redirection-URL := "http://41.139.28.1"
>> }
>> }
>> }
>>
>> Thanks / RM --
>>
>>
>> On Thu, Sep 12, 2013 at 4:12 AM, Sourav <
>> sourav.chakraborty at netcommwireless.com> wrote:
>>
>>> BTW the radius exchanges look this way --
>>>
>>> rad_recv: Access-Request packet from host 192.168.1.1 port 39125, id=40,
>>> length=287
>>> ChilliSpot-Version = "1.3.0"
>>> User-Name = "hhgk"
>>> CHAP-Challenge = 0x4a82bfa6b164f1171f7aa616439a0c21
>>> CHAP-Password = 0x00db346919de9293942fc6cf7d5014a228
>>> Service-Type = Login-User
>>> Acct-Session-Id = "5231317c00000001"
>>> Framed-IP-Address = 10.1.0.4
>>> NAS-Port-Type = Wireless-802.11
>>> NAS-Port = 1
>>> NAS-Port-Id = "00000001"
>>> Calling-Station-Id = "00-08-CA-46-7D-11"
>>> Called-Station-Id = "00-60-64-89-20-60"
>>> NAS-IP-Address = 10.1.0.1
>>> NAS-Identifier = "nas01"
>>> WISPr-Location-ID = "isocc=,cc=,ac=,network=Coova,"
>>> WISPr-Location-Name = "My_HotSpot"
>>> WISPr-Logoff-URL = "http://10.1.0.1:3990/logoff"<http://10.1.0.1:3990/logoff>
>>> Message-Authenticator = 0xd50a548a33cf2e0c31d95951ae676f60
>>> # Executing section authorize from file
>>> /usr/local/etc/raddb/sites-enabled/default
>>> +- entering group authorize {...}
>>> ++[preprocess] returns ok
>>> [chap] Setting 'Auth-Type := CHAP'
>>> ++[chap] returns ok
>>> ++[mschap] returns noop
>>> ++[digest] returns noop
>>> [suffix] No '@' in User-Name = "hhgk", looking up realm NULL
>>> [suffix] No such realm "NULL"
>>> ++[suffix] returns noop
>>> [eap] No EAP-Message, not doing EAP
>>> ++[eap] returns noop
>>> [files] users: Matched entry DEFAULT at line 71
>>> ++[files] returns ok
>>> ++[expiration] returns noop
>>> ++[logintime] returns noop
>>> [pap] WARNING: Auth-Type already set. Not setting to PAP
>>> ++[pap] returns noop
>>> Found Auth-Type = Accept
>>> Auth-Type = Accept, accepting the user
>>> # Executing section post-auth from file
>>> /usr/local/etc/raddb/sites-enabled/default
>>> +- entering group post-auth {...}
>>> ++[exec] returns noop
>>> Sending Access-Accept of id 40 to 192.168.1.1 port 39125
>>> Idle-Timeout = 1200
>>> ChilliSpot-Bandwidth-Max-Down = 1024
>>> ChilliSpot-Bandwidth-Max-Up = 512
>>> Session-Timeout = 1800
>>> Acct-Interim-Interval = 30
>>> Finished request 8.
>>> Going to the next request
>>> Waking up in 4.9 seconds.
>>> Cleaning up request 8 ID 40 with timestamp +1041
>>> Ready to process requests.
>>>
>>> Warm Regards,
>>> Sourav
>>>
>>> On 12/09/13 14:02, Sourav wrote:
>>>
>>> Hi,
>>> I have been sending out SOS for the past 2 days ........please help me
>>> out as I am stuck and cannot progress further without your help.
>>>
>>> I have setup coova-chilli 1.3.0 with Freeradius and have set up a
>>> captive portal page(hotspotlogin.html).
>>> On trying to login from a PC using Wireless, Radius Access-Request
>>> reaches Freeradius(which sends Access-Accept as I have set up(in users
>>> file) --
>>> DEFAULT Auth-Type := Accept
>>>
>>>
>>> But no RADIUS "Acct-Status-Type=Start" msg is sent by coovachilli after this, redirection
>>> happens to hotspotlogin.html again, after a while. Further browsing to any site, takes
>>> me to the captive portal page and not to the site. Please help me
>>> resolve this as this is urgently required.
>>>
>>>
>>> Please find logs for the problem which I am facing as mentioned in my
>>> mail below------please help me out on this ....
>>> dhcp.c: 411: 0 (Debug) dhcp_send()
>>> len=54
>>> dhcp.c: 4965: 0 (Debug) dhcp_decaps: src=00:08:ca:46:7d:11
>>> dst=00:60:64:89:20:60 pr
>>> dhcp.c: 3497: 0 (Debug) function
>>> dhcp_receive_ip()
>>> tun.c: 1089: 0 (Debug) tun_encaps(tun0)
>>> len=52
>>> redir.c: 3278: 0 (Debug) Calling
>>> redir_getstate()
>>> redir.c: 3323: 0 (Debug) Receiving HTTP
>>> Request
>>> redir.c: 2103: 0 (Debug) The path:
>>> json/logon
>>> redir.c: 2118: 0 (Debug) The (json format) path:
>>> logon
>>> redir.c: 2153: 0 (Debug) Query string:
>>> username=hhgk&response=db346919de9293942fc6c
>>> redir.c: 2175: 0 (Debug) Host: 10.1.0.1:3990
>>>
>>> redir.c: 2160: 0 (Debug) end of
>>> http-request
>>> redir.c: 1877: 0 (Debug)
>>> getparam(&lang=)
>>> redir.c: 1877: 0 (Debug)
>>> getparam(&username=)
>>> redir.c: 1903: 0 (Debug) The parameter username is:
>>> [hhgk]
>>> redir.c: 2267: 0 (Debug) -->> Setting
>>> username=[hhgk]
>>> redir.c: 1877: 0 (Debug)
>>> getparam(&userurl=)
>>> redir.c: 1903: 0 (Debug) The parameter userurl is: [
>>> http://www.telegesis.com/]
>>> redir.c: 2273: 0 (Debug) -->> Setting userurl=[http://www.telegesis.com/]
>>>
>>> redir.c: 1877: 0 (Debug)
>>> getparam(&continue=)
>>> redir.c: 1877: 0 (Debug)
>>> getparam(&WISPrVersion=)
>>> redir.c: 2295: 0 (Debug) using uamprotocol: WISPr 1.0 (1)
>>> redir.c: 1877: 0 (Debug)
>>> getparam(&ntresponse=)
>>> redir.c: 1877: 0 (Debug)
>>> getparam(&response=)
>>> redir.c: 1903: 0 (Debug) The parameter response is:
>>> [db346919de9293942fc6cf7d5014a2
>>> redir.c: 1877: 0 (Debug)
>>> getparam(&ident=)
>>> redir.c: 3388: 0 (Debug) Processing HTTP
>>> Request
>>> redir.c: 3696: 0 (Debug) Processing received
>>> request
>>> redir.c: 3794: 0 (Debug) redir_accept: Sending RADIUS
>>> request
>>> radius.c: 1315: 0 (Debug) RADIUS client 0.0.0.0:0
>>>
>>> tun.c: 802: 0 (Debug) tun_decaps(idx=0,
>>> len=52)
>>> chilli.c: 2657: 0 (Debug) sending to :
>>> 10.1.0.4
>>> dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length
>>> 66
>>> dhcp.c: 411: 0 (Debug) dhcp_send()
>>> len=66
>>> redir.c: 2642: 0 (Debug) created radius packet (code=1, id=40,
>>> len=33)
>>>
>>>
>>> redir.c: 2654: 0 (Debug) SECRET:
>>> [change-me]
>>> redir.c: 2803: 0 (Debug) sending radius packet (code=1, id=40,
>>> len=287)
>>>
>>>
>>> radius.c: 321: 0 (Debug) Allocating RADIUS
>>> packet
>>> radius.c: 1898: 0 (Debug) Received RADIUS packet
>>> id=40
>>> radius.c: 421: 0 (Debug) Freeing RADIUS
>>> packet
>>> radius.c: 426: 0 (Debug) RADIUS queue-out id=40
>>> idx=0
>>> redir.c: 2431: 0 (Debug) Received RADIUS
>>> response
>>> chilli.c: 3901: 0 (Debug) Received too small radius
>>> Acct-Interim-Interval: 30;
>>> redir.c: 2531: 0 (Debug) +attribute EAP msg (0
>>> bytes):
>>> redir.c: 3804: 0 (Debug) Received RADIUS
>>> reply
>>> redir.c: 3818: 0 (Debug) redir_main handling
>>> Access-Accept
>>> redir.c: 1877: 0 (Debug)
>>> getparam(&callback=)
>>> redir.c: 1903: 0 (Debug) The parameter callback is:
>>> [chilliJSON.reply]
>>> redir.c: 1394: 0 (Debug) sending json:
>>> chilliJSON.reply({"version":"1.0","*clientSta**te":1*
>>> ,"redir":{"originalURL":"http://www.telegesis.com/"<http://www.telegesis.com/>
>>> ,"redirectionURL":"","logoutURL":"http://10.1.0.1:3990/logoff"<http://10.1.0.1:3990/logoff>
>>> ,"ipAddress":"10.1.0.4","macAddress":"00-08-CA-46-7D-11"},"session":{"sessionId":"5231317c00000001","userName":"hhgk","startTime":1378955693,"sessionTimeout":1800,"idleTimeout":1200},"accounting":{"sessionTime":0,"idleTime":0,"inputOctets":0,"outputOctets":0,"inputGigawords":0,"outputGigawords":0,"viewPoint":"client"}}
>>>
>>>
>>>
>>>
>>>
>>> redir.c: 1455: 0 (Debug)
>>> redir_write(749)
>>> tun.c: 802: 0 (Debug) tun_decaps(idx=0,
>>> len=789)
>>> chilli.c: 2657: 0 (Debug) sending to :
>>> 10.1.0.4
>>> dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length
>>> 803
>>> dhcp.c: 411: 0 (Debug) dhcp_send()
>>> len=803
>>> chilli.c: 5840: 0 (Debug) UAM login with unknown IP address:
>>> 10.1.0.4
>>> redir.c: 3854: 0 (Debug) -->> Msg userurl=[http://www.telegesis.com/]
>>>
>>>
>>>
>>> redir.c: 3077: 0 (Debug)
>>> close_exit
>>> dhcp.c: 4965: 0 (Debug) dhcp_decaps: src=00:08:ca:46:7d:11
>>> dst=00:60:64:89:20:60 pr
>>> dhcp.c: 3497: 0 (Debug) function
>>> dhcp_receive_ip()
>>> tun.c: 1089: 0 (Debug) tun_encaps(tun0)
>>> len=40
>>> tun.c: 802: 0 (Debug) tun_decaps(idx=0,
>>> len=52)
>>> chilli.c: 2657: 0 (Debug) sending to :
>>> 10.1.0.4
>>> dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length
>>> 66
>>> dhcp.c: 411: 0 (Debug) dhcp_send()
>>> len=66
>>> tun.c: 802: 0 (Debug) tun_decaps(idx=0,
>>> len=40)
>>> chilli.c: 2657: 0 (Debug) sending to :
>>> 10.1.0.4
>>> dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length
>>> 54
>>> dhcp.c: 411: 0 (Debug) dhcp_send()
>>> len=54
>>> chilli.c: 379: 0 (Debug) caught 17 via
>>> selfpipe
>>> chilli.c: 310: 0 (Debug) child 6326
>>> terminated
>>> chilli.c: 135: 0 (Debug) Freed child process 6326
>>> [[redir]]
>>> dhcp.c: 4965: 0 (Debug) dhcp_decaps: src=00:08:ca:46:7d:11
>>> dst=00:60:64:89:20:60 pr
>>> dhcp.c: 3497: 0 (Debug) function
>>> dhcp_receive_ip()
>>> tun.c: 1089: 0 (Debug) tun_encaps(tun0)
>>> len=40
>>> tun.c: 802: 0 (Debug) tun_decaps(idx=0,
>>> len=40)
>>> chilli.c: 2657: 0 (Debug) sending to :
>>> 10.1.0.4
>>> dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length
>>> 54
>>> dhcp.c: 411: 0 (Debug) dhcp_send()
>>> len=54
>>> dhcp.c: 4965: 0 (Debug) dhcp_decaps: src=00:08:ca:46:7d:11
>>> dst=00:60:64:89:20:60 pr
>>> dhcp.c: 3497: 0 (Debug) function
>>> dhcp_receive_ip()
>>> dhcp.c: 2558: 0 (Debug) Resetting connection on port
>>> 56160->443
>>> dhcp.c: 411: 0 (Debug) dhcp_send()
>>> len=54
>>> dhcp.c: 3908: 0 (Debug) dropping packet; not
>>> nat'ed
>>> dhcp.c: 4965: 0 (Debug) dhcp_decaps: src=00:08:ca:46:7d:11
>>> dst=00:60:64:89:20:60 pr
>>> dhcp.c: 3497: 0 (Debug) function
>>> dhcp_receive_ip()
>>> dhcp.c: 2558: 0 (Debug) Resetting connection on port
>>> 56165->443
>>> dhcp.c: 411: 0 (Debug) dhcp_send()
>>> len=54
>>> dhcp.c: 3908: 0 (Debug) dropping packet; not
>>> nat'ed
>>> tun.c: 802: 0 (Debug) tun_decaps(idx=0,
>>> len=52)
>>> chilli.c: 2657: 0 (Debug) sending to :
>>> 10.1.0.4
>>> dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length
>>> 66
>>> dhcp.c: 2674: 0 (Debug) Resetting connection on port 443->56160
>>> (undo)
>>> dhcp.c: 411: 0 (Debug) dhcp_send()
>>> len=54
>>> tun.c: 1089: 0 (Debug) tun_encaps(tun0)
>>> len=40
>>> dhcp.c: 5390: 0 (Debug) dhcp_undoDNAT() returns
>>> true
>>> tun.c: 802: 0 (Debug) tun_decaps(idx=0,
>>> len=52)
>>> chilli.c: 2657: 0 (Debug) sending to :
>>> 10.1.0.4
>>> dhcp.c: 5321: 0 (Debug) adding 14 to IP frame length
>>> 66
>>> dhcp.c: 2674: 0 (Debug) Resetting connection on port 443->56165
>>> (undo)
>>> dhcp.c: 411: 0 (Debug) dhcp_send()
>>> len=54
>>>
>>>
>>>
>>> After a little while --
>>> dhcp.c: 4965: 0 (Debug) dhcp_decaps: src=00:08:ca:46:7d:11
>>> dst=00:60:64:89:20:60 pr
>>> dhcp.c: 3497: 0 (Debug) function
>>> dhcp_receive_ip()
>>> tun.c: 1089: 0 (Debug) tun_encaps(tun0)
>>> len=52
>>> redir.c: 3278: 0 (Debug) Calling
>>> redir_getstate()
>>> redir.c: 3323: 0 (Debug) Receiving HTTP
>>> Request
>>> redir.c: 2103: 0 (Debug) The path:
>>> json/status
>>> redir.c: 2118: 0 (Debug) The (json format) path:
>>> status
>>> redir.c: 2153: 0 (Debug) Query string:
>>> callback=chilliJSON.reply&0.5259556404780596
>>> redir.c: 2175: 0 (Debug) Host: 10.1.0.1:3990
>>>
>>> redir.c: 2160: 0 (Debug) end of
>>> http-request
>>> redir.c: 3388: 0 (Debug) Processing HTTP
>>> Request
>>> redir.c: 3696: 0 (Debug) Processing received
>>> request
>>> redir.c: 1877: 0 (Debug)
>>> getparam(&callback=)
>>> redir.c: 1903: 0 (Debug) The parameter callback is:
>>> [chilliJSON.reply]
>>> redir.c: 1394: 0 (Debug) sending json:
>>> chilliJSON.reply({"version":"1.0","*clientSta**te":0*,"challenge":"00000000000000000000000000000000","location":{"name":"My
>>> HotSpot"},"redir":{"originalURL":"","redirectionURL":"","logoutURL":
>>> "http://10.1.0.1:3990/logoff" <http://10.1.0.1:3990/logoff>
>>> ,"ipAddress":"10.1.0.4","macAddress":"00-08-CA-46-7D-11"}})
>>>
>>>
>>>
>>> redir.c: 1455: 0 (Debug)
>>> redir_write(542)
>>> redir.c: 3077: 0 (Debug)
>>> close_exit
>>> tun.c: 802: 0 (Debug) tun_decaps(idx=0,
>>> len=40)
>>> chilli.c: 2657: 0 (Debug) sending to :
>>> 10.1.0.4
>>>
>>> Warm Regards,
>>> Sourav
>>> On 11/09/13 13:10, Sourav wrote:
>>>
>>> Hi All,
>>> I have setup coova-chilli 1.3.0 with Freeradius and have set up a
>>> captive portal page(hotspotlogin.html).
>>> On trying to login from a PC using Wireless, Radius Access-Request
>>> reaches Freeradius(which sends Access-Accept as I have set up(in users
>>> file) --
>>> DEFAULT Auth-Type := Accept
>>> WISPr-Redirection-URL=http://google.com.au
>>>
>>>
>>> But instead of getting redirected to google.com.au, the redirection
>>> happens to hotspotlogin.html again. Further browsing to any site, takes
>>> me to the captive portal page and not to the site. Please help me
>>> resolve this as this is urgently required.
>>>
>>> Thanks
>>>
>>>
>>>
>>>
>>> --
>>> Warm Regards,
>>> Sourav
>>>
>>>
>>> ______________________________________________________________________
>>> This communication contains information which may be confidential or
>>> privileged. The information is intended solely for the use of the
>>> individual or entity named above. If you are not the intended recipient, be
>>> aware that any disclosure, copying, distribution or use of the contents of
>>> this information is prohibited. If you have received this communication in
>>> error, please notify me by telephone immediately.
>>> ______________________________________________________________________
>>>
>>>
>>>
>>> --
>>> Warm Regards,
>>> Sourav
>>>
>>>
>>> ______________________________________________________________________
>>> This communication contains information which may be confidential or
>>> privileged. The information is intended solely for the use of the
>>> individual or entity named above. If you are not the intended recipient, be
>>> aware that any disclosure, copying, distribution or use of the contents of
>>> this information is prohibited. If you have received this communication in
>>> error, please notify me by telephone immediately.
>>> ______________________________________________________________________
>>>
>>> _______________________________________________
>>> Chilli mailing list
>>> Chilli at coova.org
>>> http://lists.coova.org/cgi-bin/mailman/listinfo/chilli
>>>
>>>
>>
>>
>> --
>> Warm Regards,
>> Sourav
>>
>>
>> ______________________________________________________________________
>> This communication contains information which may be confidential or
>> privileged. The information is intended solely for the use of the
>> individual or entity named above. If you are not the intended recipient, be
>> aware that any disclosure, copying, distribution or use of the contents of
>> this information is prohibited. If you have received this communication in
>> error, please notify me by telephone immediately.
>> ______________________________________________________________________
>>
>
>
>
> --
> Warm Regards,
> Sourav
>
>
>
> --
> Warm Regards,
> Sourav
>
>
> ______________________________________________________________________
> This communication contains information which may be confidential or
> privileged. The information is intended solely for the use of the
> individual or entity named above. If you are not the intended recipient, be
> aware that any disclosure, copying, distribution or use of the contents of
> this information is prohibited. If you have received this communication in
> error, please notify me by telephone immediately.
> ______________________________________________________________________
>
>
>
> --
> Warm Regards,
> Sourav
>
>
> ______________________________________________________________________
> This communication contains information which may be confidential or
> privileged. The information is intended solely for the use of the
> individual or entity named above. If you are not the intended recipient, be
> aware that any disclosure, copying, distribution or use of the contents of
> this information is prohibited. If you have received this communication in
> error, please notify me by telephone immediately.
> ______________________________________________________________________
>
>
>
> --
> Warm Regards,
> Sourav
>
>
> ______________________________________________________________________
> This communication contains information which may be confidential or
> privileged. The information is intended solely for the use of the
> individual or entity named above. If you are not the intended recipient, be
> aware that any disclosure, copying, distribution or use of the contents of
> this information is prohibited. If you have received this communication in
> error, please notify me by telephone immediately.
> ______________________________________________________________________
>
> _______________________________________________
> Chilli mailing list
> Chilli at coova.org
> http://lists.coova.org/cgi-bin/mailman/listinfo/chilli
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20130920/9aa543a7/attachment-0001.html>
More information about the Chilli
mailing list