After
installed YFI and Easyhotspot as hotspot system billing, it's time to try
another hotspot system billing, and I use Fedora 18 as Operating System. Phpmyprepaid, is interface hotspot system
billing designed to work with a MySQL database and FreeRadius. Phpmyprepaid
has not developed yet. The final version is phpmyprepaid 0.4-RC3, came out in
April 2009. It is the oldest than others. (CMIIW)
Let's
to begin.
As
usually, after installing fedora 18 with
minimalist package, continue to configure network. Make sure some variable is
exist.
vi /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE=Ethernet
BOOTPROTO=dhcp
PEERDNS=yes
PEERROUTES=yes
DEFROUTE=yes
NAME=eth0
ONBOOT=yes
vi /etc/sysconfig/network-scripts/ifcfg-eth1
TYPE=Ethernet
BOOTPROTO=dhcp
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
NAME=eth1
ONBOOT=yes
Service network restart.
I
assume it's connected to internet. If not, don't ever think to continue to next
stages.
Install epel to get extra packages.
yum install wget
cd /usr/local
wget
http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm2cpio epel-release-6-8.noarch.rpm | cpio
-idmv
cp ./etc/yum.repos.d/epel-testing.repo
./etc/yum.repos.d/epel.repo /etc/yum.repos.d/
cp ./etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
/etc/pki/rpm-gpg/
Update and install another packages
yum repolist
yum update
yum install mc vim unzip zip gcc gcc-c++ make
git svn nano tar net-snmp-utils net-tools
yum install mysql-server php httpd php-mysql
php-xml php-gd php-pear rrdtool net-snmp
yum install patch mod_ssl openssl dnsmasq
perl-Digest-MD5
systemctl stop firewalld
systemctl disable firewalld
yum
install iptables-services iptables-utils
yum install
system-config-firewall-tui system-config-firewall
Make
service automatically, find disable service, and make it enable.
systemctl -t service
systemctl list-unit-files | grep service
systemctl enable iptables
systemctl enable snmpd
systemctl enable snmptrapd
systemctl enable mysqld
systemctl enable httpd
systemctl enable dnsmasq
systemctl enable radiusd
systemctl list-unit-files | grep service
reboot
Edit
php.ini
mcedit /etc/php.ini
Check
in /etc/php.ini, make sure some variable below
short_open_tag
= On
date.timezone
= Asia/Makassar
Install Chillispot & haserl
cd /usr/local
wget http://www.chillispot.info/download/chillispot-1.1.0.tar.gz
wget
http://www.0xf8.org/wp-content/uploads/2011/09/chillispot-1.1.0-tun.c_defined.diff
wget
http://www.0xf8.org/wp-content/uploads/2011/09/chillispot-1.1.0-md5.c.diff
ls
tar zxvf chillispot-1.1.0.tar.gz
cd chillispot-1.1.0
./configure
patch -p1 <
/usr/local/chillispot-1.1.0-tun.c_defined.diff
patch -p1 <
/usr/local/chillispot-1.1.0-md5.c.diff
make
make install
cp
/usr/local/chillispot-1.1.0/doc/firewall.iptables /etc/
cp /usr/local/chillispot-1.1.0/doc/chilli.init
/etc/init.d/chillispot
chmod 755 /etc/init.d/chillispot
cp /usr/local/chillispot-1.1.0/doc/chilli.conf
/etc/
cp
/usr/local/chillispot-1.1.0/doc/hotspotlogin.cgi /var/www/cgi-bin/
ln -s /usr/local/sbin/chilli /usr/sbin/
chkconfig --add chillispot
chkconfig --level 235 chillispot on
chkconfig --list
wget
http://sourceforge.net/projects/haserl/files/haserl-devel/0.9.27/haserl-0.9.27.tar.gz/download
mv download
haserl-0.9.27.tar.gz
tar zxvf haserl-0.9.27.tar.gz
cd haserl-0.9.27
./configure; make; make install
ln -s /usr/local/bin/haserl /usr/sbin/
Edit
firewall.iptables file ( /etc/firewall.iptables ).
#!/bin/sh
#
# Firewall
script for ChilliSpot
# A
Wireless LAN Access Point Controller
#
# Uses
$EXTIF (eth0) as the external interface (Internet or intranet) and
# $INTIF
(eth1) as the internal interface (access points).
#
#
# SUMMARY
# * All
connections originating from chilli are allowed.
# * Only
ssh is allowed in on external interface.
# * Nothing
is allowed in on internal interface.
# *
Forwarding is allowed to and from the external interface, but disallowed
# to and from the internal interface.
# * NAT is
enabled on the external interface.
IPTABLES="/sbin/iptables"
EXTIF="eth0"
INTIF="eth1"
#Flush all
rules
$IPTABLES
-F
$IPTABLES
-F -t nat
$IPTABLES
-F -t mangle
#Set
default behaviour
$IPTABLES
-P INPUT DROP
$IPTABLES
-P FORWARD ACCEPT
$IPTABLES
-P OUTPUT ACCEPT
#Allow
related and established on all interfaces (input)
$IPTABLES
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED
-j ACCEPT
#Allow
releated, established and ssh on $EXTIF. Reject everything else.
$IPTABLES
-A INPUT -i $EXTIF -p tcp -m tcp --dport 22 --syn -j ACCEPT
$IPTABLES
-A INPUT -i $EXTIF -p tcp -m tcp --dport 80 --syn -j ACCEPT
$IPTABLES
-A INPUT -i $EXTIF -j REJECT
#Allow
related and established from $INTIF. Drop everything else.
$IPTABLES
-A INPUT -i $INTIF -j DROP
#Allow http
and https on other interfaces (input).
#This is
only needed if authentication server is on same server as chilli
$IPTABLES
-A INPUT -p tcp -m tcp --dport 80 --syn -j ACCEPT
$IPTABLES
-A INPUT -p tcp -m tcp --dport 443 --syn -j ACCEPT
#Allow 3990
on other interfaces (input).
$IPTABLES
-A INPUT -p tcp -m tcp --dport 3990 --syn -j ACCEPT
#Allow ICMP
echo on other interfaces (input).
$IPTABLES
-A INPUT -p icmp --icmp-type echo-request -j ACCEPT
#Allow
everything on loopback interface.
$IPTABLES
-A INPUT -i lo -j ACCEPT
# Drop
everything to and from $INTIF (forward)
# This
means that access points can only be managed from ChilliSpot
$IPTABLES
-A FORWARD -i $INTIF -j DROP
$IPTABLES
-A FORWARD -o $INTIF -j DROP
#Enable NAT
on output device
$IPTABLES
-t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
Make
file rc.local, so firewall.iptables file will run automatically when booting.
vim /etc/rc.d/rc.local
#!/bin/bash
/etc/firewall.iptables
chmod 755 /etc/rc.d/rc.local
Edit
/etc/chilli.conf
net
192.168.182.0/24
dns1
8.8.8.8
dns2
8.8.4.4
domain
Ngeri.co.id
radiuslisten
127.0.0.1
radiusserver1
127.0.0.1
radiusserver2
127.0.0.1
radiusauthport
1812
radiusacctport
1813
radiussecret
testing123
dhcpif eth1
uamserver
https://192.168.182.1/cgi-bin/hotspotlogin.cgi
uamhomepage
http://192.168.182.1:3990/prelogin
uamsecret
greatsecret
uamlisten
192.168.182.1
uamport
3990
coaport
3799
Edit
/etc/init.d/chillispot. Make sure a line below is uncomment.
echo 1 >
/proc/sys/net/ipv4/ip_forward
service chillispot restart
service chillispot restart
Install Freeradius 2.1.12
# yum install freeradius freeradius-mysql
freeradius-utils
Edit
/etc/raddb/clients.conf and in the client "localhost" section make
sure you have,
ipaddr =
127.0.0.1
secret =
testing123
nastype =
other
Edit
/etc/raddb/radiusd.conf and in the "modules" section make sure,
$INCLUDE
sql.conf
$INCLUDE
sql/mysql/counter.conf
Then,
in the "instantiate" section, add,
chillispot_max_bytes
noresetcounter
Then
in /etc/raddb/sites-enabled/default in the authorise section, uncomment
"sql" and add the new
counters,
sql
chillispot_max_bytes
noresetcounter
And
then later in /etc/raddb/sites-enabled/default in the "accounting"
section uncomment the sql. do the same for "session" & "post
auth" section
sql
Edit
the /etc/raddb/sql/mysql/counter.conf file and in that at the end, add the
following,
sqlcounter
chillispot_max_bytes {
counter-name
= ChilliSpot-Max-Total-Octets
check-name
= ChilliSpot-Max-Total-Octets
reply-name
= ChilliSpot-Max-Total-Octets
sqlmod-inst
= sql
key =
User-Name
reset =
never
query =
"SELECT SUM(AcctInputOctets) + SUM(AcctOutputOctets) FROM radacct WHERE
UserName='%{%k}'"
}
Edit
/etc/raddb/sql.conf file, at the sql section, make sure you have configuration,
database = "mysql"
driver = "rlm_sql_${database}"
server = "localhost"
#port = 3306
login = "phpmyprepaid"
password = "phpmyprepaidpasswd"
radius_db = "phpmyprepaiddb"
Do
check the status of the freeradius, with the command radiusd-X
service radiusd stop
radius -X
Install phpmyprepaid
Download phpmyprepaid from sourcheforge.net, then extract it.
unzip phpmyprepaid.zip
mv phpmyprepaid /var/www/
ln -s /var/www/phpmyprepaid/www
/var/www/html/hotspot
Update :
To install PhpMyprepaid, look at posting http://myconfigure.blogspot.com/2013/04/how-to-fix-phpmyprepaid-04rc3.html. I know you can install phpmyprepaid, easily. Because I've already explained in details about it.
Then edit /var/www/cgi-bin/hotspotlogin.cgi and make sure uncomment, both variable below,
To install PhpMyprepaid, look at posting http://myconfigure.blogspot.com/2013/04/how-to-fix-phpmyprepaid-04rc3.html. I know you can install phpmyprepaid, easily. Because I've already explained in details about it.
Then edit /var/www/cgi-bin/hotspotlogin.cgi and make sure uncomment, both variable below,
$uamsecret = "greatsecret";
$userpassword=1;
And,
at last, testing with browsing to http://<your ipaddress>/hotspot. If all
running normally, It should be appear login page for administrator. Input
username and password.
Then
on computer client should get ip address, and when browsing could redirect to
login page. Good luck…!!!
Licence : PhpMyprepaid is under GNU General Public License (GPL)
Licence : PhpMyprepaid is under GNU General Public License (GPL)
when i testing with browsing to http:///hotspot page.I found Forbidden
ReplyDeleteYou don't have permission to access /hotspot on this server.How can i fix!!!!
Yes i did the following two step
Deletemv phpmyprepaid /var/www/
ln -s /var/www/phpmyprepaid/www /var/www/html/hotspot.
I already checked but face the same error.
DeleteI used fedora 18.Now Solve the problem but can't login with username=admin,password=admin123.and find following error on login page.
Delete= '5.1') { // date_default_timezone_set('UTC'); //echo date_default_timezone_get(); } if (!file_exists("./phpmyprepaid.conf.php")) header("Location: ./install/setup.php"); else { include('config.inc.php'); // detect installation dir $file_install_acces = 0; if (file_exists("./install/setup.php")){ $error_msg = "Installation Directory '". getcwd() ."/install/' is accessible. Delete this directory to prevent security problem. Please change directory permissions for'". getcwd(). "' with chmod 755 '". getcwd(). "' "; $file_install_acces = 1; } Session::start(); if (isset($_GET["disconnect"])) { $oreon = & $_SESSION["oreon"]; Session::stop(); Session::start(); } if (isset($_SESSION["oreon"])) { // already connected include("lang/en.php"); $msg_error = $lang['already_logged']; unset($_SESSION["oreon"]); } else { if (isset($_POST["submit"])) { $oreon_db = new OreonDatabase($conf_pra['host'], $conf_pra['user'] ,$conf_pra['password'] ,$conf_pra['db'] ); if (($user_id = $oreon_db->checkUser(addslashes($_POST["useralias"]), $_POST["password"]))) { $user = new User($oreon_db->getUser($user_id)); $_SESSION["oreon"] = new oreon($user, $oreon_db); system("echo \"[" . time() . "] LOGIN from ". $_SERVER["REMOTE_ADDR"] . ";;" . addslashes($_POST["useralias"]) . "\" >> ./include/log/" . date("Ymd") . ".txt"); $_SESSION["oreon"]->add_new_session(session_id(), $_SESSION["oreon"]->user->get_id()); header("Location: ./phpmyprepaid.php"); } else system("echo \"[" . time() . "] Err LOGIN from ". $_SERVER["REMOTE_ADDR"] . ";;" . addslashes($_POST["useralias"]) . "\" >> ./include/log/" . date("Ymd") . ".txt"); } } ?>
Thanks for your patience.:)
I used fedora 18.Now i can browsing to http://ip-address/www but can't login to phpmypreaid.I used username=admin,Password=admin123.
DeleteYes i am downloading phpmyprepaid from your 4shared link but see the same problem.So i report u.Anyway thanks for your job.
DeleteGood Luck.
I am also trying to get Phpmyprepaid running with Freeradius 2.x !
ReplyDeleteThere is a problem with the link to 4shared. I can't download "your" updated phpmyprepaid.zip :( :(
Anyway, thank you for the job and the hope you give me ;)
best regards
I face error on installation phpmyprepaid step and can't solve.Can you explain me more detail from this step.
ReplyDeleteRegards,
When i browsing to http://ip-address/www page.it's ok but cannot login to phpmyprepaid.
ReplyDeleteYes, I did.
DeleteI did everything follow your instruction and at final stage my client computer can't get dhcp ip address from server. Any suggestion
ReplyDeletechillispot service is running.
ReplyDeleteThanks for sharing youir thoughts on lose weight game. Regards
ReplyDeletemy homepage :: free weight loss pills
can you help me please
Delete