Changes

From SME Server
Jump to navigationJump to search

CoovaChilli (view source)

Revision as of 12:07, 8 September 2008

252 bytes added ,  12:07, 8 September 2008
no edit summary
Line 1: Line 1:  
{{Languages}}
 
{{Languages}}
 
{{Cleanup}}
 
{{Cleanup}}
==Maintainer==
+
 
 +
==Coova-Chilli for sme server==
 +
 
 +
===Maintainer===
 
[[User:VIP-ire|Daniel B.]]<br/>
 
[[User:VIP-ire|Daniel B.]]<br/>
 
[http://www.firewall-services.com Firewall Services]<br>
 
[http://www.firewall-services.com Firewall Services]<br>
 
mailto:daniel@firewall-services.com
 
mailto:daniel@firewall-services.com
   −
== Introduction ==
+
=== Description ===
    
[http://www.coova.org CoovaChilli] is a (GNU GPL) captive portal based on chillispot. It will allow your SME in server and gateway mode to have a third interface. On this new interface, you can plug AP(s) or switchs, and chilli daemon will act as a dhcp server. Every clients connected on this new "lan" will have to authenticate themeself before coova-chilli allows traffic to pass.
 
[http://www.coova.org CoovaChilli] is a (GNU GPL) captive portal based on chillispot. It will allow your SME in server and gateway mode to have a third interface. On this new interface, you can plug AP(s) or switchs, and chilli daemon will act as a dhcp server. Every clients connected on this new "lan" will have to authenticate themeself before coova-chilli allows traffic to pass.
Line 17: Line 20:  
smeserver-coova-chilli integrates coova-chilli on your server. There's no panel for the configuration for now, but the it's quite easy with some db commands.
 
smeserver-coova-chilli integrates coova-chilli on your server. There's no panel for the configuration for now, but the it's quite easy with some db commands.
   −
== Release Notes ==
+
=== Requirements ===
+
*Server in server&gateway mode
* Version: 0.2-2
+
*a 3rd network interface
* Tested on: SME 7.3 > current
  −
 
  −
* Note: Install on SME in '''server-gateway mode only.'''
  −
 
  −
*'''Warning:  This contrib should not be installed on production machines. It is currently (2008-08-23) under development and beta testing. Use at your own risk.'''
  −
 
  −
*[http://forums.contribs.org/index.php?topic=40667.0;all SME Forum Link]
  −
 
  −
 
  −
=== Add a network card ===
      
The first step is to add a third network card on your server.
 
The first step is to add a third network card on your server.
   −
!!! '''Warning''' !!! When rebooting, if you have several identical NICs, it is possible that the server has swapped two of them, so you may have to reconfigure your Internal/External interface (login as admin, then configure this server). Once that's finished, you should have a new 'eth2' card not configured (it's ok, you do not need to configure it).
+
{{ibox
 +
|img={{{img|Warning.png}}}
 +
|msg=When rebooting, if you have several identical NICs, it is possible that the server has swapped two of them, so you may have to reconfigure your Internal/External interface (login as admin, then configure this server). Once that's finished, you should have a new 'eth2' card not configured (it's ok, you do not need to configure it).|{{{1}}}
 +
|type={{{type|Warning:}}}
 +
|color=#FFEED9
 +
}}
 +
=== Installation ===
   −
=== Get and install the rpms ===
+
*install the rpms
    
  yum --enablerepo=smecontribs install smeserver-coova-chilli
 
  yum --enablerepo=smecontribs install smeserver-coova-chilli
Line 41: Line 40:  
(For now, you may also have to enable the repo smetest as smeserver-coova-chilli requires e-smith-radiusd => 1.0.0-18 which is in smetest repo)
 
(For now, you may also have to enable the repo smetest as smeserver-coova-chilli requires e-smith-radiusd => 1.0.0-18 which is in smetest repo)
   −
=== Set up and activate the service ===
+
*Enable the service
   −
By default, the service is turned off, but the rest of the config should be fine for most installations. To activate the service
+
By default, the service is turned off, but the rest of the config should be fine for most installations. To enable the service:
    
  db configuration setprop chilli status enabled
 
  db configuration setprop chilli status enabled
 
  signal-event chilli-update
 
  signal-event chilli-update
   −
*Check that the demon is running
+
*Check that the daemon is running
    
  ps aux | grep chilli
 
  ps aux | grep chilli
Line 56: Line 55:  
  root 10726 0.7 0.1 5884 2152? Ss Apr07 6:50 /usr/sbin/chilli
 
  root 10726 0.7 0.1 5884 2152? Ss Apr07 6:50 /usr/sbin/chilli
   −
=== Create a group ===
+
*Create a group
    
In the server-manager, create a group called "chilli", and place in this group all users of the system that you want to give access to the wifi network (or anything you've pluged on eth2).
 
In the server-manager, create a group called "chilli", and place in this group all users of the system that you want to give access to the wifi network (or anything you've pluged on eth2).
   −
=== Attach an AP ===
+
*Attach an AP
    
The final step is to connect an AP on the NIC. I'm talking about a AP and not a router. If you have a WiFi router, it is possible to work if these conditions are met:
 
The final step is to connect an AP on the NIC. I'm talking about a AP and not a router. If you have a WiFi router, it is possible to work if these conditions are met:
Line 70: Line 69:  
You can also connect a switch to eth2, and add as many AP you want.
 
You can also connect a switch to eth2, and add as many AP you want.
   −
=== Login ===
+
*Login
 
Connect a client, and try to open a web page, you should fall on a page like this:
 
Connect a client, and try to open a web page, you should fall on a page like this:
   Line 80: Line 79:  
[[Image:Login-with-guest.jpg]]
 
[[Image:Login-with-guest.jpg]]
   −
== List of db parameters ==
+
=== List of db parameters ===
      Line 130: Line 129:  
it'll re-generate the necessary files and restart needed services.
 
it'll re-generate the necessary files and restart needed services.
   −
== The login page ==
+
=== The login page ===
    
The login page is a mix of the CGI provided with chillispot and some modifications of other login pages.
 
The login page is a mix of the CGI provided with chillispot and some modifications of other login pages.
Line 145: Line 144:  
*/opt/chilli/css/sme.css    : This CSS file is used to choose the background color, font class, logo etc... It can be customized, it won't be overriden on upgrades
 
*/opt/chilli/css/sme.css    : This CSS file is used to choose the background color, font class, logo etc... It can be customized, it won't be overriden on upgrades
   −
== The authorized group(s) ==
+
=== The authorized group(s) ===
    
By default, only members of the group "chilli" have access to the portal. You can change this behavior
 
By default, only members of the group "chilli" have access to the portal. You can change this behavior
Line 209: Line 208:       −
== What authenticated users have access to ? ==
+
=== What authenticated users have access to ? ===
    
By default, not much.
 
By default, not much.
Line 225: Line 224:  
Services names need to correspond to those defined in the configuration db
 
Services names need to correspond to those defined in the configuration db
   −
'''Note''': This will just open the corresponding port(s), you need to make sure the service listen on the correct interface.
+
{{Note box|This will just open the corresponding port(s), you need to make sure the service listen on the correct interface.}}
    
*AllowedOutgoing will allow more outgoing traffic. It's list of proto/host/port clients will be able to contact on the internet (These rules only apply to forwarded traffic, nothing will be allowed to the private network). Wildcard '*' (or keyword any) can replace host or port. Eg:
 
*AllowedOutgoing will allow more outgoing traffic. It's list of proto/host/port clients will be able to contact on the internet (These rules only apply to forwarded traffic, nothing will be allowed to the private network). Wildcard '*' (or keyword any) can replace host or port. Eg:
Line 236: Line 235:  
*Any host will be accessible on port 123 with tcp
 
*Any host will be accessible on port 123 with tcp
   −
'''Note''': proto can be tcp or udp only for now, there's now way to add icmp rules with db commands for now.
+
{{ Note box|proto can be tcp or udp only for now, there's now way to add icmp rules with db commands.}}
   −
== Troubleshoot ==
+
=== Troubleshoot ===
    
If the contrib doesn't work, check in the order:
 
If the contrib doesn't work, check in the order:
Line 258: Line 257:  
*Check your client can use DNS. If you get a timeout when you try to open a web page from the client, it's possible that the problem comes from some DNS issue. Try to enter an ip in your browser, even a fake on (http://11.12.13.4/ for example), if you see the login page, then, you should try to configure the DNS of your ISP in the db
 
*Check your client can use DNS. If you get a timeout when you try to open a web page from the client, it's possible that the problem comes from some DNS issue. Try to enter an ip in your browser, even a fake on (http://11.12.13.4/ for example), if you see the login page, then, you should try to configure the DNS of your ISP in the db
 
  db configuration setprop chilli dns1 <ip> dns2 <ip>
 
  db configuration setprop chilli dns1 <ip> dns2 <ip>
 +
 +
=== Uninstall ===
 +
yum remove smeserver-coova-chilli coova-chilli
 +
 +
=== Source ===
 +
The source for this contrib can be found in the smeserver [http://smeserver.cvs.sourceforge.net/smeserver/smeserver-coova-chilli/ CVS] on sourceforge.
 +
=== Bugs ===
 +
Please raise bugs under the SME-Contribs section in [http://bugs.contribs.org/enter_bug.cgi bugzilla]
 +
and select the smeserver-coova-chilli component or use {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-coova-chilli|title=this link}}
 +
 
----
 
----
 
[[Category:Contrib]]
 
[[Category:Contrib]]
Retrieved from "https://wiki.koozali.org/Special:MobileDiff/10567"

Navigation menu