Difference between revisions of "WiFi: HotSpot - CoovaChilli Instalasi Firewall"

Install Firewall

IPtables

The creators of CoovaChilli have predefined rules for iptables, but their script needs a little help before it works. CoovaChilli's iptables config is done in the /etc/chilli/up.sh script which runs after the tun interface is up, so that the exact tun interface is known.

Fix up.sh by adding these lines at the very end of the file:

1. may not have been populated the first time; run again

[ -e "/var/run/chilli.iptables" ] && sh /var/run/chilli.iptables 2>/dev/null

1. force-add the final rule necessary to fix routing tables

iptables -I POSTROUTING -t nat -o $HS_WANIF -j MASQUERADE

/etc/chilli/up.sh calls /etc/chilli/ipup.sh, if it exists. By default, it does not. If you need to run your own commands after the main iptables configuration is done, create /etc/chilli/ipup.sh and populate it however you like, being sure to make it executable (chmod +x /etc/chilli/ipup.sh) when done.

In the chilli config above, we set the DNS server to that of the local interface. So, your system should be running a DNS server. In ubuntu, it's just a matter of:

tasksel

Then select DNS Server and install

Pranala Menarik

• WiFi: HotSpot - CoovaChilli Pendahuluan
• WiFi: HotSpot - CoovaChilli Kebutuhan Hardware dan Software
• WiFi: HotSpot - CoovaChilli Instalasi Radius Server
• WiFi: HotSpot - Instalasi CoovaChilli
• WiFi: HotSpot - CoovaChilli Instalasi Firewall
• WiFi: HotSpot - CoovaChilli Instalasi Apache dan SSL
• WiFi: HotSpot - CoovaChilli Fitur dan Keterangan Tambahan
• WiFi: HotSpot