WiFi: HotSpot - CoovaChilli Fitur dan Keterangan Tambahan
Beberapa File CoovaChilli
- /etc/chilli.conf - file konfigurasi utama.
- /etc/chilli/defaults - file konfigurasi default oleh chilli init.d
- /etc/chilli/config - lokasi konfigurasi
- /etc/chilli/functions - mengkonfigurasi chilli dengan cara memload konfigurasi
Helps configure chilli by loading the above configurations, sets some defaults, and provides functions for writing main.conf, hs.conf, and local.conf based on local and possibily centralized. See chilli.conf(5)
*
/etc/init.d/chilli
The init.d file for chilli which defaults to using the above configurations to build a set of configurations files in the /etc/chilli directory - taking local configurations and optionally centralized configurations from RADIUS or a URL. See chilli.conf(5)
- /var/run/chilli.sock - UNIX socket yang digunakan untuk komunikasi daemon.
- /var/run/chilli.pid - File Process ID.
- /etc/chilli/www/ - lokasi minimal web server.
The typical location of location content served up by chilli using a minimal web server. SIGNALS
Sending HUP to chilli will cause the configuration file to be reread and DNS lookups to be performed.
The configuration options are not affected by sending HUP: fg, conf, pidfile, statedir, net, dynip, statip, uamlisten, uamport, radiuslisten, coaport, coanoipcheck, proxylisten, proxyport, proxyclient, proxysecret, dhcpif, dhcpmac, lease, or eapolenable
The above configuration options can only be changed by restarting the daemon.
Optional Features
extra authentication parameters
you can add a column to the radcheck table for example: is the user account still valid? with this command:
alter table radcheck add column `Valid` tinyint(1) default 0 not null;
than in the
/etc/freeradius/sql.conf
change the variable authorize_check_query by adding and Valid = 1 after where username = “%{SQL-User-Name}” \
in the future time you can change the valid to serve many purposes for example email authorization, ...
xml service for the freeradius database
this cgi bash script is experimental for analysing an xml file and for inserting the parsed data into a mysql database. it is used for inserting a new user to the radcheck table or to modify an user of freeradius in combination with coovachilli.
Post Install Trouble Shooting
When coovachilli is started it automatically installs required modules and network access. Use the following commands to check:
Packet Forwarding
Test the current setting of the kernel:
cat /proc/sys/net/ipv4/ip_forward
Manual Install
Immediately allow the forwarding of packets. The configuration is not preserved on reboot but sets a flag in the kernel itself.
echo 1 > /proc/sys/net/ipv4/ip_forward
EnableTUN/TAP device driver support
Test the current setting of the kernel:
lsmod
Look for the module tun
The TUN/TAP driver is required for proper operation of the chilli server. Linux kernels later than 2.4.7 already include the driver, but could be loaded manually with modprobe tun or automaticly by adding tun to the /etc/modules configuration file.
Manual Install
sudo modprobe tun
Firewall / Port Forward
On start up coovachilli runs a firewall script defining rules. Rules are as follows:
# Generated by iptables-save v1.3.8 on Sun Aug 10 14:59:34 2008 *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [1:530] :OUTPUT ACCEPT [1:530] COMMIT # Completed on Sun Aug 10 14:59:34 2008 # Generated by iptables-save v1.3.8 on Sun Aug 10 14:59:34 2008 *mangle :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1:530] :POSTROUTING ACCEPT [1:530] COMMIT # Completed on Sun Aug 10 14:59:34 2008 # Generated by iptables-save v1.3.8 on Sun Aug 10 14:59:34 2008 *filter :INPUT ACCEPT [181:23233] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [148:77128] -A INPUT -d 192.168.2.1 -i tun0 -p tcp -m tcp --dport 3990 -j ACCEPT -A INPUT -d 192.168.2.1 -i tun0 -p tcp -m tcp --dport 3991 -j ACCEPT -A INPUT -d 255.255.255.255 -i tun0 -p udp -m udp --dport 67:68 -j ACCEPT -A INPUT -d 192.168.2.1 -i tun0 -p udp -m udp --dport 53 -j ACCEPT -A INPUT -d 192.168.2.1 -i tun0 -j DROP -A INPUT -i tun0 -j DROP -A FORWARD -i tun0 -o ! eth0 -j DROP -A FORWARD -o tun0 -j ACCEPT -A FORWARD -i tun0 -j ACCEPT -A FORWARD -o eth1 -j DROP -A FORWARD -i eth1 -j DROP COMMIT # Completed on Sun Aug 10 14:59:34 2008
Pranala Menarik
- WiFi: HotSpot - CoovaChilli Pendahuluan
- WiFi: HotSpot - CoovaChilli Kebutuhan Hardware dan Software
- WiFi: HotSpot - CoovaChilli Instalasi Radius Server
- WiFi: HotSpot - Instalasi CoovaChilli
- WiFi: HotSpot - CoovaChilli Instalasi Firewall
- WiFi: HotSpot - CoovaChilli Instalasi Apache dan SSL
- WiFi: HotSpot - CoovaChilli Fitur dan Keterangan Tambahan
- WiFi: HotSpot