Topic: Chillispot Firewall - Open question to ajauberg
Hi,
I have chillispot 1.0 working with freeradius 1.17 and mysql 5.0. I only use use the following attributes:
User-Password
Simultaneous-Use
Max-All-Session
Expiration
I now want to implement some WISPr and/or Chillispot. I understand from previous other posts on other forums that all wifi traffic must be pushed through the tunnel (tun0) that Chillispot uses, so the parameters can be enforced.
Can I ask regarding the great Howto you posted with the S35firewall script - will this script indeed force the traffice through the tunnel opened by chillispot? Even if it is not tun0 but, say, tun1?
What needs to be chnaged in the script (if anything), to allow traffic through a second tunnel, for openvpn for example? Or will S35firewall still work and just some entry in fiewall.user is sufficient? I have currently added the line
iptables -A forwarding_rule -i tun0 -j ACCEPT
ro allow chillispot to go through and
iptables -A forwarding_rule -i tun1 -j ACCEPT
to firewall.user, which enables openvpn to go through in combination with the stock standard WRT54GL firewall script in /etc/init.d
Do I still have to make these entries? Will the entry for tun1 break the forcing of all ethernet traffic though tun0?
I (and some more people, I am sure) would really value your clarification.
Thanks
*************
Auckland, New Zealand