Difference between revisions of "OpenWRT: Setup Coova-Chilli"

From OnnoWiki
Jump to navigation Jump to search
(New page: See either the /etc/chilli/defaults or /usr/local/etc/chilli/defaults (depending on how you installed chilli) file for details on possible configurations. Copy this file to config (in the ...)
 
Line 1: Line 1:
See either the /etc/chilli/defaults or /usr/local/etc/chilli/defaults (depending on how you installed chilli) file for details on possible configurations. Copy this file to config (in the same directory) and edit the settings. To load the settings and start chilli, run "/etc/init.d/chilli start". This will generate main.conf, local.conf, and hs.conf files in "/etc/chilli/" or "/local/sbin/chilli/" for you. In order to make changes to the settings at a later date, rerun chilli start.
+
OpenWRT+CoovaChilli
 +
Introduction
 +
Today I am going to share my experience in Installing CoovaChilli on a router.
 +
 
 +
My first attempt with this endeavor ended up with me having a very expensive brick instead of a captive portal. So for those who want to avoid this costly experience I am laying out this simple installation process for you to follow and hopefully succeed. Once you get comfortable with it you can then venture into more riskier approach, like compiling your own OpenWRT.
 +
 
 +
I am using TP-Link's MR3220 as my router. Though I haven't tried it yet, I hope the same approach will work on other routers based on Altheros AR71xx.
 +
Let's start!
 +
 
 +
 
 +
Download required Packages
 +
1. Download openwrt-ar71xx-generic-tl-mr3220-v1-squashfs-factory.bin from http://downloads.openwrt.org/snapshots/trunk/ar71xx/.
 +
2. Download the following from http://downloads.openwrt.org/snapshots/trunk/ar71xx/packages/
 +
 
 +
    coova-chilli_1.2.9-1_ar71xx.ipk
 +
    haserl_0.9.29-1_ar71xx.ipk
 +
    kmod-tun_3.3.8-1_ar71xx.ipk
 +
    libpthread_0.9.33.2-1_ar71xx.ipk
 +
    librt_0.9.33.2-1_ar71xx.ipk
 +
 
 +
Flash OpenWRT for MR3220
 +
 
 +
    Use a LAN cable to connect your computer to one of the LAN ports of the router
 +
    Start a browser and go to http://192.168.1.1 (this is the router's default IP address, change this accordingly if you already changed your router's IP address)
 +
    Choose System Tools --> Firmware Upgrade
 +
    Click the Browse button
 +
    Locate and select openwrt-ar71xx-generic-tl-mr3220-v1-squashfs-factory.bin file
 +
    Click the Upgrade button
 +
    Wait until it says rebooting
 +
 
 +
In this stage OpenWRT is already installed in your router and you will not be able to access your router’s web interface
 +
Initialize OpenWRT
 +
For first time login, you have to set root’s password. Follow these steps.
 +
 
 +
    Still connected to your router, open telnet and connect to 192.168.1.1
 +
    Once logged in you should be see a display similar to this:
 +
 
 +
      BusyBox v1.19.4 (2012-11-18 23:21:39 EST) built-in shell (ash)
 +
      Enter 'help' for a list of built-in commands.
 +
     
 +
      _______                    ________        __
 +
      |      |.-----.-----.-----.|  |  |  |.----.|  |_
 +
      |  -  ||  _  |  -__|    ||  |  |  ||  _||  _|
 +
      |_______||  __|_____|__|__||________||__|  |____|
 +
      |__| W I R E L E S S  F R E E D O M
 +
      -----------------------------------------------------
 +
      BARRIER BREAKER (Bleeding Edge, r34253)
 +
      -----------------------------------------------------
 +
      * 1/2 oz Galliano        Pour all ingredients into
 +
      * 4 oz cold Coffee        an irish coffee mug filled
 +
      * 1 1/2 oz Dark Rum      with crushed ice. Stir.
 +
      * 2 tsp. Creme de Cacao
 +
      -----------------------------------------------------
 +
      root@OpenWrt:~#
 +
 
 +
    To set root’s password type passwd the press return key
 +
    Type in root’s new password, press return, then re-type the password for confirmation
 +
 
 +
After setting the password you should quit telnet and login to the router using ssh
 +
Setup Wireless Configuration
 +
 
 +
    Login to the router using ssh
 +
 
 +
    ssh root@192.168.1.1
 +
    Edit /etc/config/wireless
 +
    vi /etc/config/wireless
 +
    Comment or delete the line “option disabled 1” to enable wireless LAN
 +
    Optionally change the SSID by changing the value of “option ssid”, from OpenWRT to your choice
 +
    Save and close the file
 +
    Execute wifi to force the system to re-read the wireless configuration file and start wireless LAN
 +
 
 +
Install CoovaChilli
 +
 
 +
    Go to your computer’s terminal and copy the rest of the packages to router’s /tmp directory
 +
    scp coova-chilli_1.2.9-1_ar71xx.ipk haserl_0.9.29-1_ar71xx.ipk kmod-tun_3.3.8-1_ar71xx.ipk libpthread_0.9.33.2-1_ar71xx.ipk librt_0.9.33.2-1_ar71xx.ipk root@192.168.1.1:/tmp
 +
    Log back in to the router
 +
    ssh root@192.168.1.1
 +
    Go to /tmp and install the packages in the following order
 +
    opkg install librt_0.9.33.2-1_ar71xx.ipk
 +
    opkg install libpthread_0.9.33.2-1_ar71xx.ipk
 +
    opkg install kmod-tun_3.3.8-1_ar71xx.ipk
 +
    opkg install coova-chilli_1.2.9-1_ar71xx.ipk
 +
    opkg install haserl_0.9.29-1_ar71xx.ipk
 +
 
 +
Setup CoovaChilli
 +
Configuration File
 +
 
 +
    Open /etc/chilli/defaults and change the following lines
 +
 
 +
     
 +
      from “# HS_WANIF=eth0                      # WAN Interface toward the Internet”
 +
      to “HS_WANIF=eth1                          # WAN Interface toward the Internet”
 +
     
 +
      from “HS_LANIF=eth1                        # Subscriber Interface for client devices”
 +
      to “HS_LANIF=wlan0                        # Subscriber Interface for client devices”
 +
     
 +
      from “HS_RADIUS=locahost”
 +
      to “HS_RADIUS=<your RADIUS IP address>”
 +
     
 +
      from "HS_RADSECRET=testing123              # Set to be your RADIUS shared secret"
 +
      to "HS_RADSECRET=<your RADIUS password>    # Set to be your RADIUS shared secret
 +
 
 +
    Save and close the file
 +
 
 +
 
 +
Start-up Script
 +
Now we need to create the startup script for coova-chilli. Coova-chilli package does not provide this so we have to create this by hand
 +
Create a the file /etc/init.d/chilli with the following content
 +
 
 +
    #!/bin/sh /etc/rc.common
 +
    # - init script for chilli -
 +
 
 +
    START=60
 +
    STOP=90
 +
 
 +
    NAME=chilli
 +
    RUN_D=/var/run
 +
    CMDSOCK=$RUN_D/$NAME.sock
 +
    PIDFILE=$RUN_D/$NAME.pid
 +
 
 +
    option_cb() { [ -n "$2" ] && echo "HS_$(echo $1|tr 'a-z' 'A-Z')=\"$2\"" | sed 's/\$/\\\$/g'; }
 +
    config_load hotspot > /etc/chilli/config
 +
 
 +
    . /etc/chilli/functions
 +
 
 +
    start() {
 +
        HS_DNS_DOMAIN=${HS_DNS_DOMAIN:-cap.coova.org}
 +
        HS_DNS1=${HS_DNS1:-$HS_UAMLISTEN}
 +
        HS_DNS2=${HS_DNS2:-$HS_NASIP}
 +
        HS_NASID=${HS_NASID:-$HS_NASMAC}
 +
        HS_MACAUTHMODE=${HS_MACAUTHMODE:-local}
 +
        HS_USELOCALUSERS=${HS_USELOCALUSERS:-off}
 +
        HS_PROXY_TYPE=${HS_PROXY_TYPE:-none}
 +
        HS_RADCONF_URL=${HS_RADCONF_URL:-http://ap.coova.org/config/tos.conf}
 +
        HS_CFRAME_URL=${HS_CFRAME_URL:-http://coova.org/cframe/default/}
 +
        HS_CFRAME_SZ=${HS_CFRAME_SZ:-100}
 +
        HS_DEFSESSIONTIMEOUT=${HS_DEFSESSIONTIMEOUT:-0}
 +
        HS_DEFIDLETIMEOUT=${HS_DEFIDLETIMEOUT:-0}
 +
        HS_DEFINTERIMINTERVAL=${HS_DEFINTERIMINTERVAL:-300}
 +
        HS_LAN_ACCESS=${HS_LAN_ACCESS:-deny}
 +
        HS_CFRAME_POS=${HS_CFRAME_POS:-top}
 +
        HS_PROVIDER=${HS_PROVIDER:-Coova}
 +
        HS_PROVIDER_LINK=${HS_PROVIDER_LINK:-http://coova.org/}
 +
        HS_LOC_NAME=${HS_LOC_NAME:-My HotSpot}
 +
        HS_LOC_NETWORK=${HS_LOC_NETWORK:-Coova}
 +
        HS_OPENIDAUTH=${HS_OPENIDAUTH:-off}
 +
        HS_ANYIP=${HS_ANYIP:-off}
 +
 
 +
        [ -z "$HS_LANIF" ] && {
 +
            [ -e /tmp/device.hotspot ] && {
 +
                stop
 +
            }
 +
            HS_LANIF=$(wlanconfig ath create wlandev wifi0 wlanmode ap)
 +
            for i in 0 1 2 3 4; do ifconfig ath$i mtu 1500; done 2>/dev/null
 +
            echo $HS_LANIF > /tmp/device.hotspot
 +
            iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
 +
            iwconfig $HS_LANIF essid ${HS_SSID:-Coova} 2>/dev/null
 +
        }
 +
 
 +
        writeconfig
 +
        radiusconfig
 +
                                                                                           
 +
        [ -d $RUN_D ] || mkdir -p $RUN_D
 +
 
 +
        /sbin/insmod tun >&- 2>&-
 +
        /usr/sbin/chilli
 +
    }
 +
 
 +
    stop() {
 +
        [ -f $PIDFILE ] && kill $(cat $PIDFILE)
 +
        rm -f $PIDFILE $LKFILE $CMDSOCK 2>/dev/null
 +
        iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
 +
        wlanconfig $(cat /tmp/device.hotspot) destroy
 +
        rm /tmp/device.hotspot
 +
    }
 +
 
 +
 
 +
Automatically Start CoovaChilli
 +
Create a symbolic link to /etc/init.d/chilli in /etc/rc.d and name it S60chilli
 +
 
 +
cd /etc/rc.d
 +
ln -s ../init.d/chilli S60chilli
 +
 
 +
This will automatically start CoovaChilli everytime you start your router.
 +
 
 +
Login Page
 +
Lastly we need to create the login pages for CoovaChilli. CoovaChilli's package for OpenWRT does not include this and so we have to download CoovaChilli's source code and copy the contents of the miniportal forder
 +
 
 +
    Back in your computer, download CoovaChilli's source code
 +
    wget http://ap.coova.org/chilli/coova-chilli-1.2.9.tar.gz
 +
    Untar the package
 +
    tar -xzvf coova-chilli-1.2.9.tar.gz
 +
    Goto the miniportal folder
 +
    cd coova-chilli-1.2.9/miniportal
 +
    Edit the files functions.sh.in, config-local.sh.in, uam.sh.in and replace @SBINDIR@ and @ETCCHILLI@ with /usr/sbin and /etc/chilli respectively
 +
    Rename the files that end in ".in", removing ".in" part
 +
    e.g. functions.sh.in will be renamed to functions.sh
 +
 
 +
 
 +
    Copy the contents of miniportal folder to your router's /etc/chilli/www
 +
    scp * root@192.168.1.1:/etc/chilli/www/
 +
 
 +
 
 +
We're done. All you have to do is reboot your router and connect to it once it starts up.
 +
 
 +
When you open your browser and starts browsing you will be redirected to CoovaChilli's login page.
 +
 
 +
Enjoy!!!
 +
 
 +
 
  
Per default, it is assumed that Ethernet device eth0 is your connection to the Internet and eth1 is the interface you want to have clients (subscribers) on. If this is not the case, then change the HS_WANIF configuration to be your Internet connected device and HS_LANIF to be your WiFi device, for example. With the right devices configured, restart chilli and you are on your way.
 
  
  
Line 8: Line 216:
 
* http://www.hotspotsystem.com/installation-guide-openwrt
 
* http://www.hotspotsystem.com/installation-guide-openwrt
 
* http://coova.org/CoovaChilli/Documentation
 
* http://coova.org/CoovaChilli/Documentation
 +
* http://emandeguzman.blogspot.hk/2012/11/openwrtcoovachilli.html

Revision as of 17:00, 16 July 2015

OpenWRT+CoovaChilli

Introduction Today I am going to share my experience in Installing CoovaChilli on a router.

My first attempt with this endeavor ended up with me having a very expensive brick instead of a captive portal. So for those who want to avoid this costly experience I am laying out this simple installation process for you to follow and hopefully succeed. Once you get comfortable with it you can then venture into more riskier approach, like compiling your own OpenWRT.

I am using TP-Link's MR3220 as my router. Though I haven't tried it yet, I hope the same approach will work on other routers based on Altheros AR71xx. Let's start!


Download required Packages 1. Download openwrt-ar71xx-generic-tl-mr3220-v1-squashfs-factory.bin from http://downloads.openwrt.org/snapshots/trunk/ar71xx/. 2. Download the following from http://downloads.openwrt.org/snapshots/trunk/ar71xx/packages/

   coova-chilli_1.2.9-1_ar71xx.ipk
   haserl_0.9.29-1_ar71xx.ipk
   kmod-tun_3.3.8-1_ar71xx.ipk
   libpthread_0.9.33.2-1_ar71xx.ipk
   librt_0.9.33.2-1_ar71xx.ipk

Flash OpenWRT for MR3220

   Use a LAN cable to connect your computer to one of the LAN ports of the router
   Start a browser and go to http://192.168.1.1 (this is the router's default IP address, change this accordingly if you already changed your router's IP address)
   Choose System Tools --> Firmware Upgrade
   Click the Browse button
   Locate and select openwrt-ar71xx-generic-tl-mr3220-v1-squashfs-factory.bin file
   Click the Upgrade button
   Wait until it says rebooting

In this stage OpenWRT is already installed in your router and you will not be able to access your router’s web interface Initialize OpenWRT For first time login, you have to set root’s password. Follow these steps.

   Still connected to your router, open telnet and connect to 192.168.1.1
   Once logged in you should be see a display similar to this:
     BusyBox v1.19.4 (2012-11-18 23:21:39 EST) built-in shell (ash)
     Enter 'help' for a list of built-in commands.
     
     _______                     ________        __
     |       |.-----.-----.-----.|  |  |  |.----.|  |_
     |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
     |_______||   __|_____|__|__||________||__|  |____|
     |__| W I R E L E S S   F R E E D O M
     -----------------------------------------------------
     BARRIER BREAKER (Bleeding Edge, r34253)
     -----------------------------------------------------
     * 1/2 oz Galliano         Pour all ingredients into
     * 4 oz cold Coffee        an irish coffee mug filled
     * 1 1/2 oz Dark Rum       with crushed ice. Stir.
     * 2 tsp. Creme de Cacao
     -----------------------------------------------------
     root@OpenWrt:~# 
   To set root’s password type passwd the press return key
   Type in root’s new password, press return, then re-type the password for confirmation

After setting the password you should quit telnet and login to the router using ssh Setup Wireless Configuration

   Login to the router using ssh
   ssh root@192.168.1.1
   Edit /etc/config/wireless
   vi /etc/config/wireless
   Comment or delete the line “option disabled 1” to enable wireless LAN
   Optionally change the SSID by changing the value of “option ssid”, from OpenWRT to your choice
   Save and close the file
   Execute wifi to force the system to re-read the wireless configuration file and start wireless LAN

Install CoovaChilli

   Go to your computer’s terminal and copy the rest of the packages to router’s /tmp directory
   scp coova-chilli_1.2.9-1_ar71xx.ipk haserl_0.9.29-1_ar71xx.ipk kmod-tun_3.3.8-1_ar71xx.ipk libpthread_0.9.33.2-1_ar71xx.ipk librt_0.9.33.2-1_ar71xx.ipk root@192.168.1.1:/tmp
   Log back in to the router
   ssh root@192.168.1.1
   Go to /tmp and install the packages in the following order
   opkg install librt_0.9.33.2-1_ar71xx.ipk
   opkg install libpthread_0.9.33.2-1_ar71xx.ipk
   opkg install kmod-tun_3.3.8-1_ar71xx.ipk
   opkg install coova-chilli_1.2.9-1_ar71xx.ipk
   opkg install haserl_0.9.29-1_ar71xx.ipk 

Setup CoovaChilli

Configuration File
   Open /etc/chilli/defaults and change the following lines


     from “# HS_WANIF=eth0                      # WAN Interface toward the Internet”
     to “HS_WANIF=eth1                          # WAN Interface toward the Internet”
     
     from “HS_LANIF=eth1                        # Subscriber Interface for client devices”
     to “HS_LANIF=wlan0                         # Subscriber Interface for client devices”
     
     from “HS_RADIUS=locahost”
     to “HS_RADIUS=<your RADIUS IP address>”
     
     from "HS_RADSECRET=testing123              # Set to be your RADIUS shared secret"
     to "HS_RADSECRET=<your RADIUS password>    # Set to be your RADIUS shared secret
   Save and close the file


Start-up Script Now we need to create the startup script for coova-chilli. Coova-chilli package does not provide this so we have to create this by hand Create a the file /etc/init.d/chilli with the following content

    #!/bin/sh /etc/rc.common
    # - init script for chilli -
    START=60
    STOP=90
    NAME=chilli
    RUN_D=/var/run
    CMDSOCK=$RUN_D/$NAME.sock
    PIDFILE=$RUN_D/$NAME.pid
    option_cb() { [ -n "$2" ] && echo "HS_$(echo $1|tr 'a-z' 'A-Z')=\"$2\"" | sed 's/\$/\\\$/g'; }
    config_load hotspot > /etc/chilli/config
    . /etc/chilli/functions
    start() {
        HS_DNS_DOMAIN=${HS_DNS_DOMAIN:-cap.coova.org}
        HS_DNS1=${HS_DNS1:-$HS_UAMLISTEN}
        HS_DNS2=${HS_DNS2:-$HS_NASIP}
        HS_NASID=${HS_NASID:-$HS_NASMAC}
        HS_MACAUTHMODE=${HS_MACAUTHMODE:-local}
        HS_USELOCALUSERS=${HS_USELOCALUSERS:-off}
        HS_PROXY_TYPE=${HS_PROXY_TYPE:-none}
        HS_RADCONF_URL=${HS_RADCONF_URL:-http://ap.coova.org/config/tos.conf}
        HS_CFRAME_URL=${HS_CFRAME_URL:-http://coova.org/cframe/default/}
        HS_CFRAME_SZ=${HS_CFRAME_SZ:-100}
        HS_DEFSESSIONTIMEOUT=${HS_DEFSESSIONTIMEOUT:-0}
        HS_DEFIDLETIMEOUT=${HS_DEFIDLETIMEOUT:-0}
        HS_DEFINTERIMINTERVAL=${HS_DEFINTERIMINTERVAL:-300}
        HS_LAN_ACCESS=${HS_LAN_ACCESS:-deny}
        HS_CFRAME_POS=${HS_CFRAME_POS:-top}
        HS_PROVIDER=${HS_PROVIDER:-Coova}
        HS_PROVIDER_LINK=${HS_PROVIDER_LINK:-http://coova.org/}
        HS_LOC_NAME=${HS_LOC_NAME:-My HotSpot}
        HS_LOC_NETWORK=${HS_LOC_NETWORK:-Coova}
        HS_OPENIDAUTH=${HS_OPENIDAUTH:-off}
        HS_ANYIP=${HS_ANYIP:-off}
        [ -z "$HS_LANIF" ] && {
            [ -e /tmp/device.hotspot ] && {
                stop
            }
            HS_LANIF=$(wlanconfig ath create wlandev wifi0 wlanmode ap)
            for i in 0 1 2 3 4; do ifconfig ath$i mtu 1500; done 2>/dev/null
            echo $HS_LANIF > /tmp/device.hotspot
            iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
            iwconfig $HS_LANIF essid ${HS_SSID:-Coova} 2>/dev/null
        }
        writeconfig
        radiusconfig
                                                                                           
        [ -d $RUN_D ] || mkdir -p $RUN_D
        /sbin/insmod tun >&- 2>&-
        /usr/sbin/chilli
    }
    stop() {
        [ -f $PIDFILE ] && kill $(cat $PIDFILE)
        rm -f $PIDFILE $LKFILE $CMDSOCK 2>/dev/null
        iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
        wlanconfig $(cat /tmp/device.hotspot) destroy
        rm /tmp/device.hotspot
    }


Automatically Start CoovaChilli Create a symbolic link to /etc/init.d/chilli in /etc/rc.d and name it S60chilli

cd /etc/rc.d ln -s ../init.d/chilli S60chilli

This will automatically start CoovaChilli everytime you start your router.

Login Page Lastly we need to create the login pages for CoovaChilli. CoovaChilli's package for OpenWRT does not include this and so we have to download CoovaChilli's source code and copy the contents of the miniportal forder

   Back in your computer, download CoovaChilli's source code
   wget http://ap.coova.org/chilli/coova-chilli-1.2.9.tar.gz
   Untar the package
   tar -xzvf coova-chilli-1.2.9.tar.gz
   Goto the miniportal folder
   cd coova-chilli-1.2.9/miniportal
   Edit the files functions.sh.in, config-local.sh.in, uam.sh.in and replace @SBINDIR@ and @ETCCHILLI@ with /usr/sbin and /etc/chilli respectively
   Rename the files that end in ".in", removing ".in" part
   e.g. functions.sh.in will be renamed to functions.sh


   Copy the contents of miniportal folder to your router's /etc/chilli/www
   scp * root@192.168.1.1:/etc/chilli/www/  


We're done. All you have to do is reboot your router and connect to it once it starts up.

When you open your browser and starts browsing you will be redirected to CoovaChilli's login page.

Enjoy!!!



Referensi