Install Freeradius 2.1.12.
Actually the
same as before in easyhotspot with centos 6.4 section, just a
few different configurations. I explain it all so as not to confuse.
yum
install freeradius freeradius-mysql freeradius-utils
chkconfig
--level 235 radiusd on
ipaddr
= 127.0.0.1
secret
= easyhotspot
nastype
= other
Edit
/etc/raddb/radiusd.conf and in the "module" section, uncomment
$INCLUDE
sql.conf
$INCLUDE
sql/mysql/counter.conf
Then, in the
"instantiate" section, add
max_all_mb
noresetcounter
Then in
/etc/raddb/sites-enabled/default in the "authorize" section, uncomment
"sql" and add the new counters so that
it is now,
sql
max_all_mb
noresetcounter
and then
later in /etc/raddb/sites-enabled/default in the "accounting", "session" and
"post auth" section uncomment the sql
sql
Edit the
/etc/raddb /sql/mysql/counter.conf file and in that at the end, add the following,
sqlcounter
noresetcounter {
counter-name
= Session-Timeout
check-name
= Session-Timeout
reply-name
= Session-Timeout
sqlmod-inst
= sql
key
= User-Name
reset
= never
query
= "SELECT SUM(Acctsessiontime) FROM radacct WHERE UserName='%{%k}'"
}
sqlcounter
max_all_mb {
counter-name
= Max-All-MB
check-name
= Max-All-MB
reply-name
= ChilliSpot-Max-Total-Octets
sqlmod-inst
= sql
key
= User-Name
reset
= never
query
= "SELECT SUM(AcctInputOctets)/(1024*1024) + SUM(AcctOutputOctets)/(1024*1024)
FROM radacct WHERE UserName='%{%k}'"
}
Edit
/etc/raddb/sql.conf file, at the sql section,
database = "mysql"
driver =
"rlm_sql_${database}"
server = "localhost"
#port = 3306
login = "easyhotspot"
password = "easyhotspot"
radius_db =
"easyhotspot_opensource"
Run freeradius.
If there is no error, that's mean freeradius is running normally.
Radiusd
-X
Install CoovaChilli
If you have installed chillispot, please remove the chillispot. Chillispot functions will be replaced by coovachilli. Follow the instruction below to remove the chillispot.
service chillispot stop
chkconfig --del chillispot
Find the chillispot.
whereis chilli
chilli: /usr/sbin/chilli /etc/chilli.ipup
/etc/chilli.conf /etc/chilli /usr/local/sbin/chilli /usr/local/etc/chilli
rm –Rf /usr/sbin/chilli
rm -Rf /etc/chilli.ipup
rm –Rf /etc/chilli.conf
rm –Rf /etc/chilli
rm –Rf /usr/local/sbin/chilli
rm –Rf /usr/local/etc/chilli
rm /etc/init.d/firewall.iptables
rm -Rf /etc/chilli.ipup
rm –Rf /etc/chilli.conf
rm –Rf /etc/chilli
rm –Rf /usr/local/sbin/chilli
rm –Rf /usr/local/etc/chilli
rm /etc/init.d/firewall.iptables
Download and install coovachilli
wget
http://ap.coova.org/chilli/coova-chilli-1.3.0.tar.gz
tar zxvf coova-chilli-1.3.0.tar.gz
cd coova-chilli-1.3.0
./configure
Then if you continue to running
command "make" you will find error.
cc1: warnings being treated as
errors/treat warring as error
make; make install
Create some link,
# ln -s /usr/local/etc/chilli /etc/
# ln -s /usr/local/etc/chilli.conf /etc/
# ln -s /usr/local/etc/init.d/chilli /etc/init.d/
# ln -s /usr/local/sbin/chilli /sbin/
# ln -s /usr/local/sbin/chilli_opt /sbin/
# ln -s /usr/local/sbin/chilli_query /sbin/
# ln -s /usr/local/sbin/chilli_radconfig /sbin/
# ln -s /usr/local/sbin/chilli_response /sbin/
# ln -s /var /usr/local/
# ln -s /usr/local/etc/chilli.conf /etc/
# ln -s /usr/local/etc/init.d/chilli /etc/init.d/
# ln -s /usr/local/sbin/chilli /sbin/
# ln -s /usr/local/sbin/chilli_opt /sbin/
# ln -s /usr/local/sbin/chilli_query /sbin/
# ln -s /usr/local/sbin/chilli_radconfig /sbin/
# ln -s /usr/local/sbin/chilli_response /sbin/
# ln -s /var /usr/local/
Edit file /etc/chilli/defaults, and make sure configuration below.
HS_WANIF=eth2 # WAN Interface toward the Internet
HS_LANIF=eth1 # Subscriber Interface for client
devices
HS_NETWORK=192.168.182.1 # HotSpot Network (must include
HS_UAMLISTEN)
HS_NETMASK=255.255.255.0 # HotSpot Network Netmask
HS_UAMLISTEN=192.168.182.1 # HotSpot IP Address (on subscriber
network)
HS_UAMPORT=3990 # HotSpot UAM Port (on subscriber network)
HS_UAMUIPORT=4990 #
HS_DNS1=192.168.182.1
HS_DNS2=8.8.8.8
HS_NASID=nas01
HS_RADIUS=localhost
HS_RADIUS2=localhost
HS_UAMALLOW=www.coova.org
HS_RADSECRET=easyhotspot # Set to be your RADIUS shared secret
HS_UAMSECRET=easyhotspot # Set to be your UAM secret
HS_UAMALIASNAME=chilli
HS_UAMFORMAT=https://192.168.182.1/cgi-bin/hotspotlogin.cgi
HS_UAMHOMEPAGE=http://192.168.182.1:3990/prelogin
HS_TCP_PORTS="80
443"
HS_WWWDIR=/usr/local/etc/chilli/www
HS_WWWBIN=/usr/local/etc/chilli/wwwsh
HS_PROVIDER=Coova
HS_PROVIDER_LINK=http://www.coova.org/
HS_LOC_NAME="My
HotSpot"
Save and
then copy defaults to config in the same folder
cp /etc/chilli/defaults /etc/chilli/config
edit file
/etc/init.d/chilli. Add coaport 3799, like example blow.
#!/bin/sh
#
#
chilli CoovaChilli init
#
#
chkconfig: 2345 65 35
#
description: CoovaChilli
###
BEGIN INIT INFO
#
Provides: chilli
#
Required-Start: network
#
Should-Start:
#
Required-Stop: network
#
Should-Stop:
#
Default-Start: 2 3 5
#
Default-Stop:
#
Description: CoovaChilli access
controller
###
END INIT INFO
[
-f /usr/local/sbin/chilli ] || exit 0
.
/usr/local/etc/chilli/functions
MULTI=$(ls
/usr/local/etc/chilli/*/chilli.conf 2>/dev/null)
[
-z "$DHCPIF" ] && [ -n "$MULTI" ] && {
for c in $MULTI;
do
echo "Found configuration $c"
DHCPIF=$(basename $(echo $c|sed
's#/chilli.conf##'))
export DHCPIF
echo "Running DHCPIF=$DHCPIF $0
$*"
sh $0 $*
done
exit
}
if
[ -n "$DHCPIF" ]; then
CONFIG=/usr/local/etc/chilli/$DHCPIF/chilli.conf
pidfile=/usr/local/var/run/chilli.$DHCPIF.pid
else
CONFIG=/usr/local/etc/chilli.conf
pidfile=/usr/local/var/run/chilli.pid
fi
[
-f $CONFIG ] || {
echo "$CONFIG Not found"
exit 0
}
check_required
RETVAL=0
prog="chilli"
case
$1 in
start)
echo -n "Starting $prog: "
/sbin/modprobe tun >/dev/null
2>&1
echo 1 >
/proc/sys/net/ipv4/ip_forward
[ -e /dev/net/tun ] || {
(cd /dev;
mkdir net;
cd net;
mknod tun c 10 200)
}
writeconfig
radiusconfig
test ${HS_ADMINTERVAL:-0} -gt 0
&& {
(crontab -l 2>&- | grep -v
$0
echo "*/$HS_ADMINTERVAL * * * * $0
radconfig"
) | crontab - 2>&-
}
ifconfig $HS_LANIF 0.0.0.0
if [ "$(which
start-stop-daemon)" = "" ]; then
/usr/local/sbin/chilli -c $CONFIG
--pidfile=$pidfile --coaport 3799 &
else
start-stop-daemon -S
--pidfile=$pidfile --user=chilli \
--exec /usr/local/sbin/chilli
-- -c $CONFIG &
fi
echo
;;
radconfig)
[ -e $MAIN_CONF ] || writeconfig
radiusconfig
;;
reload)
killall -HUP chilli
;;
restart)
$0 stop
sleep 1
$0 start
RETVAL=$?
;;
stop)
echo -n $"Shutting down $prog:
"
crontab -l 2>&- | grep -v $0 |
crontab -
if [ "$(which
start-stop-daemon)" != "" ]; then
start-stop-daemon -K
--pidfile=$pidfile --user=chilli \
/usr/local/sbin/chilli
fi
[ -f $pidfile ] && {
kill $(cat $pidfile)
RETVAL=$?
[ $RETVAL = 0 ] && {
rm -f $pidfile 2>/dev/null
}
}
echo
;;
*)
echo "Usage: $0
{start|stop|restart|reload|radconfig}"
exit 1
esac
exit
$?
Edit /etc/sysconfig/iptables.
Add command to allow port 80. You can add command to allow or deny port
according you needed. Below it's mine as an example,
#
Firewall configuration written by system-config-firewall
#
Manual customization of this file is not recommended.
*filter
:INPUT
ACCEPT [0:0]
:FORWARD
ACCEPT [0:0]
:OUTPUT
ACCEPT [0:0]
-A
INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A
INPUT -p icmp -j ACCEPT
-A
INPUT -i lo -j ACCEPT
-A
INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A
INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A
INPUT -j REJECT --reject-with icmp-host-prohibited
-A
FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
Edit /etc/chilli/up.sh,
in the end line, add just one line like below
iptables
-I POSTROUTING -t nat -o $HS_WANIF -j MASQUERADE
Then
continue with command to make automatically running service when rebooting
chkconfig –level 235 chilli on
reboot
Ok finish. Now check chilli, running or not.
ifconfig
tun0 Link encap:UNSPEC HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:192.168.182.1 P-t-P:192.168.182.1 Mask:255.255.255.0
UP
POINTOPOINT RUNNING MTU:1500 Metric:1
RX packets:29
errors:0 dropped:0 overruns:0 frame:0
TX packets:28
errors:0 dropped:0 overruns:0 carrier:0
collisions:0
txqueuelen:100
RX bytes:2132
(2.0 KiB) TX bytes:3690 (3.6 KiB)
ps ax | grep chilli
1416 ? Ss
0:00 /usr/local/sbin/chilli -c /usr/local/etc/chilli.conf -- pidfile=/usr/local/var/run/chilli.pid
coaport 3799
If you get
tun0 or a number PID process, like above, that's mean chilli running
successfully. Now test from your
computer client. Computer client should get ip address 192.168.182.xxx, and when
browsing should be redirect to login page. It's not over.
New Login
I modify yfi login, for easyhotspot login, so this is more interesting. Download File Easyhotspot.zip. Unzip the file, and you will find folder coova_json. Place the folder coova_json in /var/www/html/.
Then edit file /etc/chilli/defaults, modify section Uamformat and Uamhomepage.
HS_UAMFORMAT=https://192.168.182.1/coova_json/hs_land.php
HS_UAMHOMEPAGE=http://192.168.182.1/coova_json/splash.php
Done. Testing again from computer client. If everything is normal, client will get a new page login.
Below link to my backup file , maybe it's useful.
Link 1 : backup my configuration EasyHotspot.zip
Link 2 : File new login Easyhotspot.zip
Reference : http://rafeequl.files.wordpress.com/2009/08/easyhotspot-install-guide-for-0-2.pdf
Licence : EasyHotspot released under GPL, so that you can use it freedom.
Licence : EasyHotspot released under GPL, so that you can use it freedom.
Hello
ReplyDeleteI followed your instructions to the letter. However when i connect to the internet there is no login. Eth0 is connected to the internet (isp) and eth1 to wifi router (wan port) with dhcp disabled. Everything seems to be working radius etc.
When i type ifconfig i dont see this:
ReplyDeletetun0 Link encap:UNSPEC HWaddr 00-00-00-00-
If you dont find tun0, that's mean the problem in the chovachilli / chillispot. Have you install coovachilli / chillispot ?? then make sure coovachilli / chillispot is running.
DeleteWhen i grep chili i get somethings like this:
DeleteError opening configuration files.....
Could not generate....
coovachilli or chillispot ?
Deletetry to reinstall the chilli.
I followed instructions from this page. Double checked everything each time. Using coovachilli as per instructions on this page.I will try to install again. By the way am i correct in connecting the eth1 to the wan port on the router? and if i need to add access points (range extenders) do i just plug in to the lan port of the router connected to the easyhotpot?
ReplyDeleteif you have access point router, dont use the access point as router.
Deleteyou will get problem if you do that. so...
1. dont use port wan.
2. disable dhcp in the access point.
3. then from router easyhotsot, eth1 connect to port lan access point.
4. user computer / laptop should get IP address from coovachilli in router easyhotspot.
Hi
ReplyDeleteI reinstalled coova once again everything step by step but still i get this error when trying to start chilli manually from /init.d:
options.c could not generate configuration file /usr/local/var/run/chillicfg.bin ?
There is something seriously wrong. That message options.c could not generate configuration file /usr/local/var/run/chillicfg.bi sleeping one second etc..keeps filling the screen. When i try to stop chili it says no daemon found. it wont stop and keeps filling the screen whatever i try to do. Even if i reboot it keeps doing that
ReplyDeleteyou didn't install gcc gcc-c++
DeleteI have explained it before (please see the top 2 lines).
this post is related with previos post. I assumed you have followed my previos post.
Hello,
ReplyDeleteThanks for the post. I already have a working solution here. Have you noticed that it only redirects when the traffic goes straight to the port 80? Is that right?
thank you
that's right, only traffic to the port 80 will be redirect to page login... thanks...
DeleteYou were right ... read carefully and process all steps.
ReplyDeleteIt works!
I can login the admin
and the user login also works
And the user has internetacces
Now a question
Why is the Chilli config page not showing any data?
All empty exept for the last - COAPORT
because the page was made for chillispot configuration... not for coovachilli...
Deletedon't worry, it should not be problem... if you want to change anything about coovachilli, you just go to /usr/local/etc/chilli/
many thanx for your brilliant steps ..
ReplyDeleteit's dangerously ngeri :))
Hi! excelent blog ;)
ReplyDeleteI add a third ethernet interface eth2 but coovachilli stop working (it assign ip address but I can't see a login page).
Now I have 3 interfaces:
HS_WANIF=eth0
HS_LANIF=eth1
and eth2 -> DHCP
any hint?
check your firewall... make sure your firewall running well for all interface (not deny/reject traffic)...
DeleteHi, I've followed every step from above and the other post about easyhotspot. Chilli, radius, mysql, apache is running.
ReplyDeleteClient gets proper IP from DHCP server, when it tries to connect to internet the splash page showed up well, but the login page didn't show up. The browser says "unable to connect to 192.168.182.1".
This is really weird, because my friend try this and worked, but it is not working in my case.
Any solution?
Thx.
repeat from beginning, make sure you follow every steps carefully.
DeleteI have got to the point where I need file Easyhotspot.zip. But the files I get from the linked site are all .exe's that trigger E-Set as viruses. Is there another location to get that file.
ReplyDeleteOn my link above, it's just my backup file configuration when I made easyhotspot. If you like it, you can download it, I have fixed the links...
DeleteThat's fine thank you. I've got the file. I'm having all kinds of problems getting EasyHotspot to work on Centos 6.4/php5.3. I get a blank web page In codeignighter.php there are these lines, including my crude debug entries to try to trace where this is going wrong.
Deleteprint "Line 201";
print "Value of class is ".$class;
$CI = new $class();
print "Line 203";
I'm not a php developer at all but I get the print of line 201 and the value of class, which is "home" but the 'Print "Line 203";' never gets executed.
I have simply downloaded EasyHotspot to a Centos5/php5.1 system and it works without any problems.
Any suggestions most welcome
Thanks
Ken
download easyhotspot web from https://github.com/rafeequl.
Deletedid you read my posting, http://myconfigure.blogspot.com/2013/03/easyhotspot-in-centos-64.html
try to follow my steps in the posting..
For me Chilli itself is not starting, i followed all the steps mentioned in this blog diligently yet I ran into issues, appreciate any help in this regard.
ReplyDelete[root@UBN chilli]# service chilli restart
Shutting down chilli: [FAILED]
Starting chilli: [/bin/bash: /usr/sbin/chilli: No such file or directory
OK ]
Starting chilli: [/bin/bash: /usr/sbin/chilli: ---->>> that's the problems.
Deleteplease try to reinstall the CoovaChilli, followed steps above until finish, carefully...
i follow every step on this but in the end i get the error "could not generate configuration (usr/local/var/run/chilli.XXXX.cfg.bin)..
ReplyDeleteAny help!!! Thanks in advance
this post relates to link, http://myconfigure.blogspot.com/2013/03/easyhotspot-in-centos-64.html ..
Deletedid you read and follow the link... ??
did you follow this steps... ??
yum update
yum install gcc gcc-c++ make
did you follow steps for creating link ??
# ln -s /var /usr/local/
yeah i follow it step by step...
Deletebtw, i'm using centos 6.5 64bit? is there some issues using 64 bit for coova?
i think i know the problem.. its my OS, i need to use 32bit instead of 64bit...
DeleteNOTE: both coovachilli and chillispot don't work with 64bit OS. RADIUS authentication is flawed in those setups. from https://help.ubuntu.com/community/WifiDocs/CoovaChilli
thanks for sharing your problem
DeleteSo, look in file src/Makefile,in the folder coova-chilli-1.3.0. Search "–Werror", and remove. Save. And do the same in the file src/Makefile.in and src/Makefile.am. Now continue to running command "make".
ReplyDeletei stuck at here can u explain it..
edit file src/Makefile using your favorite editor (vi, vim, mc, nano, ort what ever you want). you should find the word "-werror". remove the word. save and quit.
Deleteafter you quit, you should be on terminal, continue to running command make....
After I installed coova, i couldnt found /etc/default/chilli for edit.
ReplyDeleteWhat I do?
skip it... /etc/default/... just for ubuntu, debian, etc...
DeleteIm using ubuntu and i couldnt found it.
DeleteI have two virtual machines, my network settings on Vbox:
VM1: adaptert1 (attached to NAT) -> eth0 ( 10.0.2.14) , i also tried briedge (192.168.1.1)
adapter2( attached to internalNetwork) ->eth1 (10.1.0.2)
i have tun0, inet adr:10.1.0.1
VM2: adapter1(attached to internal) ->eth1 (10.1.0.3)
The interfaces are using DHCP.
I cant acess internet on VM2. I have IP, i can ping 10.1.0.1.
But when i used my browser and acess google.com for example
I dont have internet and I'm not redirected to the authentication page.
I did this: http://myconfigure.blogspot.pt/2012/03/install-hotspot-yfi-part-2.html and parte1.
Thanks a lot, really.
on your browser use ip address, for example, http://10.0.2.14 or 192.168.1.1
Deletewhat's the result ?
Browser show me when I acess http://10.0.2.14
Delete-VM1: "It works! this is the default web page for this server...."
-VM2: cant acess. IP eth0 10.1.0.3
thank for help me.
check your firewall / iptables...
DeleteGood suggestion may actually be the firewall.
DeleteHow can I check?
iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
DROP all -- anywhere anywhere
ACCEPT icmp -- anywhere 10.1.0.1
ACCEPT udp -- anywhere 10.1.0.1 udp dpt:domain
ACCEPT udp -- anywhere 10.1.0.1 udp dpts:bootps:bootpc
ACCEPT udp -- anywhere 255.255.255.255 udp dpts:bootps:bootpc
ACCEPT tcp -- anywhere 10.1.0.1 tcp dpt:4990
ACCEPT tcp -- anywhere 10.1.0.1 tcp dpt:3990
...
Edit /etc/chilli/up.sh, in the end line, add just one line like below
Deleteiptables -I POSTROUTING -t nat -o $HS_WANIF -j MASQUERADE
or
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
or
iptables -t nat -A postrouting -o eth0 -j MASQUERADE
After:
DeleteFLOCK=$(which flock)
if [ -n "$FLOCK" ] && [ -z "$LOCKED_FILE" ]
then
export LOCKED_FILE=/tmp/.chilli-flock
flock -x $LOCKED_FILE -c "$0 $@"
else
run_up
fi
I put it in the end and didnt work:
[ -e "/var/run/chilli.iptables" ] && sh /var/run/chilli.iptables 2>/dev/null
iptables -I POSTROUTING -t nat -o $HS_WANIF -j MASQUERADE
Can you show me your file: /etc/network/interfaces?
ReplyDeletesorry I removed my lab...
Delete1. on the terminal. type this...
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
or type this...
iptables -t nat -A postrouting -o eth0 -j MASQUERADE
2. if not working... try to install shorewall....
look at this links...
www.shorewall.net
and look at here too...
http://myconfigure.blogspot.com/2012/04/optimizing-and-security-hotspot-yfi_28.html
The point is, your problem is on the firewall... nothing else... and remember, your hotspot must connect to internet.
sometimes i have this problem:
ReplyDelete$ifup eth1
Internet Systems Consortium DHCP Client V3.1.3
Copyright 2004-2009 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Listening on LPF/eth1/
Sending on LPF/eth1/
Sending on Socket/fallback
DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 8
DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 9
DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 11
DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 11
DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 11
DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 8
DHCPDISCOVER on eth1 to 255.255.255.255 port 67 interval 3
No DHCPOFFERS received.
No working leases in persistent database - sleeping.
i am redirected to login page but got login failure plz help
ReplyDeletethe same here i get logging in please wait for a while and redirect back to login fail is there any solution to this pls
ReplyDeletewhen i visited apache logs this was the error message
ReplyDeletefile does not exist: /var/www/html/fcgi-bin