|
本帖最后由 jetliuzhe 于 2013-9-13 09:11 编辑
OpenWRT+CoovaChilliIntroduction
Today I am going to share my experience in Installing CoovaChilli on a router.
My first attempt with this endeavor ended up with me having a very expensive brick instead of a captive portal. So for those who want to avoid this costly experience I am laying out this simple installation process for you to follow and hopefully succeed. Once you get comfortable with it you can then venture into more riskier approach, like compiling your own OpenWRT.
I am using TP-Link's MR3220 as my router. Though I haven't tried it yet, I hope the same approach will work on other routers based on Altheros AR71xx.
Let's start!
Initialize OpenWRT
For first time login, you have to set root’s password. Follow these steps.
1. Still connected to your router, open ssh and connect to 192.168.1.1
2. Once logged in you should be see a display similar to this:
BusyBox v1.19.4 (2012-11-18 23:21:39 EST) built-in shell (ash) Enter 'help' for a list of built-in commands. _______ ________ __ | |.-----.-----.-----.| | | |.----.| |_ | - || _ | -__| || | | || _|| _| |_______|| __|_____|__|__||________||__| |____| |__| W I R E L E S S F R E E D O M ----------------------------------------------------- BARRIER BREAKER (Bleeding Edge, r34253) ----------------------------------------------------- * 1/2 oz Galliano Pour all ingredients into * 4 oz cold Coffee an irish coffee mug filled * 1 1/2 oz Dark Rum with crushed ice. Stir. * 2 tsp. Creme de Cacao ----------------------------------------------------- root@OpenWrt:~#
3. To set root’s password type passwd the press return key
4. Type in root’s new password, press return, then re-type the password for confirmation
After setting the password you should quit telnet and login to the router using ssh
Setup Wireless Configuration
1. Login to the router using ssh
ssh root@192.168.1.1
2. Edit /etc/config/wireless
vi /etc/config/wireless
3. Comment or delete the line “option disabled 1” to enable wireless LAN
4. Optionally change the SSID by changing the value of “option ssid”, from OpenWRT to your choice
5. Save and close the file
6. Execute wifi to force the system to re-read the wireless configuration file and start wireless LAN
Install CoovaChilli
1. Log back in to the router
ssh root@192.168.1.1
2. Go to /tmp and install the packages in the following order
opkg install librt
opkg install libpthread
opkg install kmod-tun
opkg install coova-chilli
opkg install haserl
Setup CoovaChilli Configuration File
1. Open /etc/chilli/defaults and change the following lines
from “# HS_WANIF=eth0 # WAN Interface toward the Internet” to “HS_WANIF=eth1 # WAN Interface toward the Internet” from “HS_LANIF=eth1 # Subscriber Interface for client devices” to “HS_LANIF=wlan0 # Subscriber Interface for client devices”
2. Change the DNS server in defaults file.
3. Save and close the file
Start-up Script
Now we need to create the startup script for coova-chilli. Coova-chilli package does not provide this so we have to create this by hand
Create a the file /etc/init.d/chilli with the following content
#!/bin/sh /etc/rc.common
# - init script for chilli -
START=60
STOP=90
NAME=chilli
RUN_D=/var/run
CMDSOCK=$RUN_D/$NAME.sock
PIDFILE=$RUN_D/$NAME.pid
option_cb() { [ -n "$2" ] && echo "HS_$(echo $1|tr 'a-z' 'A-Z')=\"$2\"" | sed 's/\$/\\\$/g'; }
config_load hotspot > /etc/chilli/config
. /etc/chilli/functions
start() {
case ${hs_type:-$HS_TYPE} in
facebook)
HS_PROVIDER=Coova
HS_UAMSERVER="apps.facebook.com"
HS_UAMHOMEPAGE="http://\$HS_UAMLISTEN:\$HS_UAMPORT/www/coova.html"
HS_UAMFORMAT="http://\$HS_UAMSERVER/coova-hotspot/?owner=\$HS_FACEBOOK_ID"
HS_UAMSERVICE="https://coova.org/app/uam/auth"
HS_UAMDOMAINS=${HS_UAMDOMAINS:+"$HS_UAMDOMAINS,.facebook.com,.recaptcha.net,.fbcdn.net"}
HS_UAMDOMAINS=${HS_UAMDOMAINS:-".facebook.com,.recaptcha.net,.fbcdn.net"}
HS_RADIUS="rad01.coova.org"
HS_RADIUS2="rad02.coova.org"
HS_RADAUTH="1812"
HS_RADACCT="1813"
HS_RADCONF="off"
HS_UAMSECRET=
;;
internal)
HS_PROVIDER=Coova
HS_USELOCALUSERS="on"
HS_MACAUTHMODE="local"
# HS_UAMSERVER="localhost.ap.coova.org"
HS_UAMSERVER=$HS_UAMLISTEN
HS_UAMHOMEPAGE="http://\$HS_UAMLISTEN:\$HS_UAMPORT/www/coova.html"
HS_RADCONF="off"
HS_LOCAL="on"
HS_UAMUIPORT=3442
# (grep -v $HS_UAMSERVER /etc/hosts; echo "$HS_UAMLISTEN $HS_UAMSERVER")>/tmp/hosts
# grep $HS_UAMSERVER /tmp/hosts >/dev/null && mv /tmp/hosts /etc/hosts
case ${hs_reg_proto:-$HS_REG_PROTO} in
http) HS_LOCAL_PROTO="http"; HS_LOCAL_PORT="3442" ;;
*) HS_LOCAL_PROTO="https"; HS_LOCAL_PORT="3443" ;;
esac
case ${hs_reg_mode:-$HS_REG_MODE} in
tos) page="tos" ;;
*) page="login" ;;
esac
HS_UAMFORMAT="$HS_LOCAL_PROTO://\$HS_UAMSERVERHS_LOCAL_PORT/www/$page.chi"
;;
*chilli*)
;;
*)
echo "Not running hotspot"
exit
;;
esac
# HS_SSID=$(wl status|grep '^SSID:'|awk '{print $2}'|sed s/\"//g)
# HS_NASMAC=$(grep perm_etheraddr /proc/net/wl0|awk '{print toupper($2)}'|sed s/:/-/g|head -n1)
# HS_WANIF=$(nvram get wan_ifname)
# HS_NASIP=${HS_WANIF:+$(ifconfig $HS_WANIF 2>/dev/null|grep 'inet addr'|awk -F: '{print $2}'|awk '{print $1}')}
HS_DNS_DOMAIN=${HS_DNS_DOMAIN:-cap.coova.org}
HS_DNS1=${HS_DNS1:-$HS_UAMLISTEN}
HS_DNS2=${HS_DNS2:-$HS_NASIP}
HS_NASID=${HS_NASID:-$HS_NASMAC}
HS_MACAUTHMODE=${HS_MACAUTHMODE:-local}
HS_USELOCALUSERS=${HS_USELOCALUSERS:-off}
HS_PROXY_TYPE=${HS_PROXY_TYPE:-none}
HS_RADCONF_URL=${HS_RADCONF_URL:-http://ap.coova.org/config/tos.conf}
HS_CFRAME_URL=${HS_CFRAME_URL:-http://coova.org/cframe/default/}
HS_CFRAME_SZ=${HS_CFRAME_SZ:-100}
HS_DEFSESSIONTIMEOUT=${HS_DEFSESSIONTIMEOUT:-0}
HS_DEFIDLETIMEOUT=${HS_DEFIDLETIMEOUT:-0}
HS_DEFINTERIMINTERVAL=${HS_DEFINTERIMINTERVAL:-300}
HS_LAN_ACCESS=${HS_LAN_ACCESS:-deny}
HS_CFRAME_POS=${HS_CFRAME_POS:-top}
HS_PROVIDER=${HS_PROVIDER:-Coova}
HS_PROVIDER_LINK=${HS_PROVIDER_LINK:-http://coova.org/}
HS_LOC_NAME=${HS_LOC_NAME:-My HotSpot}
HS_LOC_NETWORK=${HS_LOC_NETWORK:-Coova}
HS_OPENIDAUTH=${HS_OPENIDAUTH:-off}
HS_ANYIP=${HS_ANYIP:-off}
[ -z "$HS_LANIF" ] && {
[ -e /tmp/device.hotspot ] && {
stop
}
HS_LANIF=$(wlanconfig ath create wlandev wifi0 wlanmode ap)
for i in 0 1 2 3 4; do ifconfig ath$i mtu 1500; done 2>/dev/null
echo $HS_LANIF > /tmp/device.hotspot
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iwconfig $HS_LANIF essid ${HS_SSID:-Coova} 2>/dev/null
}
writeconfig
radiusconfig
# (crontab -l 2>&- | grep -v $0
# echo "*/10 * * * * $0 checkrunning"
# test ${HS_ADMINTERVAL:-0} -gt 0 && echo "*/$HS_ADMINTERVAL * * * * $0 radconfig"
# test ${HS_CHECKARP:-0} -gt 0 && echo "*/$HS_CHECKARP * * * * $0 arping"
# ) | crontab - 2>&-
[ -d $RUN_D ] || mkdir -p $RUN_D
/sbin/insmod tun >&- 2>&-
/usr/sbin/chilli
}
stop() {
[ -f $PIDFILE ] && kill $(cat $PIDFILE)
# crontab -l 2>&- | grep -v $0 | crontab -
rm -f $PIDFILE $LKFILE $CMDSOCK 2>/dev/null
iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
wlanconfig $(cat /tmp/device.hotspot) destroy
rm /tmp/device.hotspot
}
enable permissions
chmod a+x /etc/init.d/chilli
Automatically Start CoovaChilli
Create a symbolic link to /etc/init.d/chilli in /etc/rc.d and name it S60chilli
cd /etc/rc.d
ln -s ../init.d/chilli S60chilli
This will automatically start CoovaChilli everytime you start your router.
Login Page
Lastly we need to create the login pages for CoovaChilli. CoovaChilli's package for OpenWRT does not include this and so we have to download CoovaChilli's source code and copy the contents of the miniportal forder
1. Back in your computer, download CoovaChilli's source code
wget http://ap.coova.org/chilli/coova-chilli-1.2.9.tar.gz
2. Untar the package
tar -xzvf coova-chilli-1.2.9.tar.gz
3. Goto the miniportal folder
cd coova-chilli-1.2.9/miniportal
4. Edit the files functions.sh.in, config-local.sh.in, uam.sh.in and replace @SBINDIR@ and @ETCCHILLI@ with /usr/sbin and /etc/chilli respectively
5. Rename the files that end in ".in", removing ".in" part
e.g. functions.sh.in will be renamed to functions.sh
6. Copy the contents of miniportal folder to your router's /etc/chilli/www
scp * root@192.168.1.1:/etc/chilli/www/
We're done. All you have to do is reboot your router and connect to it once it starts up.
When you open your browser and starts browsing you will be redirected to CoovaChilli's login page.
|
|