Changes

*TCPPort: a port where chilli daemon is listening, normally you do not need to change it

*'''TCPPort''': a port where chilli daemon is listening, normally you do not need to change it

*access: Please, let this private. Setting public, which wouldn't be usefull at all, will open chilli daemon on the WAN port, which can be dangerous.

*'''access''': Please, let this private. Setting public, which wouldn't be usefull at all, will open chilli daemon on the WAN port, which can be dangerous.

*defidletimeout: the defined period of inactivity of a client (no traffic) before disconnect (in seconds).

*'''defidletimeout''': the defined period of inactivity of a client (no traffic) before disconnect (in seconds).

*defsessiontimeout: maximum duration of a session. After this time (in seconds, as defidletimeout), the client must reconnect

*'''defsessiontimeout''': maximum duration of a session. After this time (in seconds, as defidletimeout), the client must reconnect

*dhcpif: the physical interface to use, in most cases, it will be eth2

*'''dhcpif''': the physical interface to use, in most cases, it will be eth2

*dns1 and dns2: gives clients the dns servers to use. Here I have placed two public DNS servers.

*'''dns1''' and '''dns2''': gives clients the dns servers to use. Here I have placed two public DNS servers.

They should work for everyone, but you can replace them by example by your ISP's DNS

They should work for everyone, but you can replace them by example by your ISP's DNS

*net: the network range to use. The server uses the first IP available from the network (and thus default 10.1.0.1) and provide customers with addresses in this range.

*'''net''': the network range to use. The server uses the first IP available from the network (and thus default 10.1.0.1) and provide customers with addresses in this range.

*radiussecret: the secret shared between the radius server and chilli daemon. For each installation, a random secret is generated, so you shouldn't have to change it.

*'''radiussecret''': the secret shared between the radius server and chilli daemon. For each installation, a random secret is generated, so you shouldn't have to change it.

*status: there's no trap that defined the state of service, and whether it should be started when the server boots up.

*'''status''': there's no trap that defined the state of service, and whether it should be started when the server boots up.

*tundev: defines the tun interface to use (chilli mask the real interface eth2 and the system sees the traffic as comming from a tun interface).

*'''tundev''': defines the tun interface to use (chilli mask the real interface eth2 and the system sees the traffic as comming from a tun interface).

By default, tun0, you can change if tun0 is already used for a VPN for example.

By default, tun0, you can change if tun0 is already used for a VPN for example.

*uamallowed: A list of host that will be accessible before authentication. It can be a simple list of host, or a list of the form host:port, or protocol:host, or protocol:host:port

*'''uamallowed''': A list of host that will be accessible before authentication. It can be a simple list of host, or a list of the form host:port, or protocol:host, or protocol:host:port

eg:

eg:

  db configuration setprop chilli uamallowed tcp:contribs.org:80,udp:12.13.14.15:1194

  db configuration setprop chilli uamallowed tcp:contribs.org:80,udp:12.13.14.15:1194

*uamsecret: a shared secret between the login page and chilli daemon (to encrypt the password). As for radiussecret, the secret is randomly generated for each installation.

*'''uamsecret''': a shared secret between the login page and chilli daemon (to encrypt the password). As for radiussecret, the secret is randomly generated for each installation.

*AllowedServices: a list of services which will be accessible for chilli clients (see What authenticated users have access to ?)

*'''AllowedServices''': a list of services which will be accessible for chilli clients (see What authenticated users have access to ?)

*AllowedOutgoing: a list of allowed proto/host/port for the client (see What authenticated users have access to ?)

*'''AllowedOutgoing''': a list of allowed proto/host/port for the client (see What authenticated users have access to ?)

*RedirectToChilli: a list of IP address which will be redirected to your server. By default, InternalIP and ExternalIP are already redirected to your server. But in some situation (like if your Public IP isn't the same as ExternalIP), this setting can be usefull

*'''RedirectToChilli''': a list of IP address which will be redirected to your server. By default, InternalIP and ExternalIP are already redirected to your server. But in some situation (like if your Public IP isn't the same as ExternalIP), this setting can be usefull

  db configuration setprop chilli RedirectToChilli 1.2.3.4,5.6.7.8

  db configuration setprop chilli RedirectToChilli 1.2.3.4,5.6.7.8

* WebRequests: direct/squid. Clients will get web access directly or through squid. The default is direct. You can set it to squid if you want to log request, to save some bandwidth, or to filter pages (with squidguard or dansguardian).  

*'''WebRequests''': direct/squid. Clients will get web access directly or through squid. The default is direct. You can set it to squid if you want to log request, to save some bandwidth, or to filter pages (with squidguard or dansguardian).  

*guestAccess: enabled/disabled. If enabled, a radius user will be added with name = guest, password = guest, and a button will be displayed on the login page so guests only have to click on it to get logged in.

*'''guestAccess''': enabled/disabled. If enabled, a radius user will be added with name = guest, password = guest, and a button will be displayed on the login page so guests only have to click on it to get logged in.

*guestDownLink: if guestAccess is enabled, this will limit the downlink bandwidth for the guest (in kbps)

*'''guestDownLink''': if guestAccess is enabled, this will limit the downlink bandwidth for guest user (in kbps)

*guestUpLink: if guestAccess is enabled, this will limit the uplink bandwidth for the guest (in kbps)

*'''guestUpLink''': if guestAccess is enabled, this will limit the uplink bandwidth for guest user (in kbps)

After you've changed the configuration, just run the command  

After you've changed the configuration, just run the command