Difference between revisions of "WiFi: HotSpot - CoovaChilli Instalasi Firewall"
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
| Line 7: | Line 7: | ||
Fix up.sh by adding these lines at the very end of the file: | Fix up.sh by adding these lines at the very end of the file: | ||
| − | # may not have been populated the first time; run again | + | # may not have been populated the first time; run again |
| − | [ -e "/var/run/chilli.iptables" ] && sh /var/run/chilli.iptables 2>/dev/null | + | [ -e "/var/run/chilli.iptables" ] && sh /var/run/chilli.iptables 2>/dev/null |
| − | # force-add the final rule necessary to fix routing tables | + | # force-add the final rule necessary to fix routing tables |
| − | iptables -I POSTROUTING -t nat -o $HS_WANIF -j MASQUERADE | + | iptables -I POSTROUTING -t nat -o $HS_WANIF -j MASQUERADE |
/etc/chilli/up.sh calls /etc/chilli/ipup.sh, if it exists. By default, it does not. If you need to run your own commands after the main iptables configuration is done, create /etc/chilli/ipup.sh and populate it however you like, being sure to make it executable (chmod +x /etc/chilli/ipup.sh) when done. | /etc/chilli/up.sh calls /etc/chilli/ipup.sh, if it exists. By default, it does not. If you need to run your own commands after the main iptables configuration is done, create /etc/chilli/ipup.sh and populate it however you like, being sure to make it executable (chmod +x /etc/chilli/ipup.sh) when done. | ||
| Line 16: | Line 16: | ||
In the chilli config above, we set the DNS server to that of the local interface. So, your system should be running a DNS server. In ubuntu, it's just a matter of: | In the chilli config above, we set the DNS server to that of the local interface. So, your system should be running a DNS server. In ubuntu, it's just a matter of: | ||
| − | tasksel | + | tasksel |
Then select DNS Server and install | Then select DNS Server and install | ||
Revision as of 13:24, 7 April 2010
Install Firewall
IPtables
The creators of CoovaChilli have predefined rules for iptables, but their script needs a little help before it works. CoovaChilli's iptables config is done in the /etc/chilli/up.sh script which runs after the tun interface is up, so that the exact tun interface is known.
Fix up.sh by adding these lines at the very end of the file:
# may not have been populated the first time; run again [ -e "/var/run/chilli.iptables" ] && sh /var/run/chilli.iptables 2>/dev/null # force-add the final rule necessary to fix routing tables iptables -I POSTROUTING -t nat -o $HS_WANIF -j MASQUERADE
/etc/chilli/up.sh calls /etc/chilli/ipup.sh, if it exists. By default, it does not. If you need to run your own commands after the main iptables configuration is done, create /etc/chilli/ipup.sh and populate it however you like, being sure to make it executable (chmod +x /etc/chilli/ipup.sh) when done.
In the chilli config above, we set the DNS server to that of the local interface. So, your system should be running a DNS server. In ubuntu, it's just a matter of:
tasksel
Then select DNS Server and install
Pranala Menarik
- WiFi: HotSpot - CoovaChilli Pendahuluan
- WiFi: HotSpot - CoovaChilli Kebutuhan Hardware dan Software
- WiFi: HotSpot - CoovaChilli Instalasi Radius Server
- WiFi: HotSpot - Instalasi CoovaChilli
- WiFi: HotSpot - CoovaChilli Instalasi Firewall
- WiFi: HotSpot - CoovaChilli Instalasi Apache dan SSL
- WiFi: HotSpot - CoovaChilli Fitur dan Keterangan Tambahan
- WiFi: HotSpot