You are not logged in. Please login or register.
Chillispot Forum → Posts by easyzonecorp
I have got this problem before and i have resolved it.
What 's your ap ip?
this my method
1. I set eth1 to static and add it 's ip is 192.168.0.1
2. set your ap ip address to 192.168.0.xx
3. you can ping and access to your ap in your local network (only on your chilli server cause on another client ,it was blocked by chilli iptables)
4. but you can not access to your ap from internet because you are blocked from chilli.iptables.
i try to resolve it but now it 's in progress.. comming soon
you may find new hotspotlogin try to find hotspotlogin.php it's work without set not thing
You may set wrong login page on wrt54g.
try to give wrt54g the login page url.
You can do it but you must setup 2 chilli server. it 's to more server.
Problem is your signal not chillispot.
not server. set the best signal better than add more chillispot
Cheer ..
What if the APs are setup with a static IP address?
your AP can set to stactic ip but you will get not ip ,if you disable dhcp.
You can login again with the same account if you do not set the expiration for this account.
Chilli runs with it owne dhcp if you disable it, you can not use it. you can not run different chilli server and dhcp server.
You do not to set on Cisco AP .
You only connect AP with your fedora core 8 then the AP will give client ip.
************* wrote:9dra wrote:It's still not working. If i setup in browser on computer client with "Manual Proxy configuration: HTTP Proxy: 192.168.1.1 Port: 80". It still bypass the chillispot login on computer client and get internet. 192.168.1.1 is my server ip number. Sorry for my bad english
.
What your squid port? i will consider it.
Thanks for your respond.
This my squid.conf# ============================================== # # NETWORK OPTIONS # ============================================== # http_port 8080 transparent icp_port 0 # ============================================== # # OPTIONS WHICH AFFECT THE NEIGHBOUR SELECTION ALGORITHM # ============================================== # dead_peer_timeout 30 seconds mcast_icp_query_timeout 10 log_icp_queries on connect_timeout 2 minutes peer_connect_timeout 30 seconds request_timeout 30 seconds hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY # ============================================== # # OPTIONS WHICH AFFECT THE CACHE SIZE # ============================================== # cache_mem 8 MB cache_swap_low 90 cache_swap_high 95 maximum_object_size 4096 KB maximum_object_size_in_memory 8 KB ipcache_size 1024 ipcache_low 90 ipcache_high 95 fqdncache_size 1024 cache_replacement_policy heap GDSF memory_replacement_policy heap GDSF # =============================================== # # LOGFILE PATHNAMES AND CACHE DIRECTORIES # =============================================== # cache_dir diskd /cache1 12600 29 256 Q1=64 Q2=72 cache_dir diskd /cache2 12600 29 256 Q1=64 Q2=72 cache_dir diskd /cache3 12600 29 256 Q1=64 Q2=72 cache_dir diskd /cache4 12600 29 256 Q1=64 Q2=72 access_log /var/log/squid/access.log cache_log /var/log/squid/cache.log cache_store_log /dev/null mime_table /usr/local/etc/squid/mime.conf # =============================================== # # HTTPD-ACCELERATOR OPTIONS # =============================================== # log_ip_on_direct on dns_nameservers 202.134.0.155 202.134.1.10 203.130.209.242 202.134.2.5 # =============================================== # # MISCELLANEOUS # =============================================== # logfile_rotate 7 digest_generation on digest_bits_per_entry 10 digest_rebuild_period 30 minute digest_rewrite_period 30 minute digest_swapout_chunk_size 6000 bytes client_persistent_connections on server_persistent_connections on pipeline_prefetch on store_dir_select_algorithm round-robin nonhierarchical_direct off prefer_direct off # =============================================== # # ADMINISTRATIVE PARAMETERS # =============================================== # cache_mgr nindra.dw@gmail.com cache_effective_user squid cache_effective_group squid visible_hostname proxy.omega.net # ============================================== # # ACCESS CONTROLS # ============================================== # acl all src 0/0 acl omeganet src 172.16.0.0/24 acl localhost src 127.0.0.0/8 # ============================================== # # ACL Different access # ============================================== # acl SSL_ports port 443 563 acl Safe_ports port 21 80 280 448 591 777 443 563 808 70 210 4190-65535 acl CONNECT method CONNECT acl manager proto cache_object # ============================================== # # Access Denied # ============================================== # http_access deny !Safe_ports http_access deny CONNECT !SSL_ports # ============================================== # # Internet Access # ============================================== # http_access allow manager !localhost http_access allow localhost http_access allow omeganet http_access deny all # =============================================== #I am using Gentoo Linux, Squid-2.6.19-r1, freeradius-1.1.7 dan chillispot-1.1.0. I have used port 3128 and 8080 for squid.
Following to your squid.conf you are using port 8080 for squid . you can change the line http_port 8080 transparent to http_port 3128 transparent
for me i set
icp_port 3130
http_port 3128 transparent
it works with the iptables rules above.
regards
you can find on the string mac=XX-XX-XX-XX
************* wrote:you can add this line to your Chillispot Iptables firewall
##Allow transparent proxy (wiboon 1/2)
$IPTABLES -A INPUT -p tcp -m tcp --dport 3128 --syn -j ACCEPT##Allow transparent proxy (wiboon 2/2)
$IPTABLES -t nat -A PREROUTING -i tun0 -p tcp -m tcp --dport 3128 --syn -j DROP
$IPTABLES -t nat -A PREROUTING -i tun0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 31283128 is your squid port
It's still not working. If i setup in browser on computer client with "Manual Proxy configuration: HTTP Proxy: 192.168.1.1 Port: 80". It still bypass the chillispot login on computer client and get internet. 192.168.1.1 is my server ip number. Sorry for my bad english
What your squid port? i will consider it.
With my config I use mysql and add Acct-Interim-Interval to radreply
don't know more about you config with no sql.
You may set wrong uam secret.
have you check it?
Need more error info that you got .
to tell you what is wrong.
I add the Idle-Timeout to table radreply
you may try this to get the result.
I got this before
may be you forgot to install the freeradius-mysql
please try it
you can add the expiration attribute to your radcheck table set up the date to expire when they first login.
Maybe it problem on Sony Ericsson P1i browser that not support chillispot .
you may use macauthen
Printer can not stay in the chillispot network range cause it will conflict with your client.
And you can not fix your guest computer to get chillispot cause the client must get direct dhcp from chillispot
You make fix printer ip to the last ip such as .182.255 or .182.254 but not garandtee to the conflict problem
you should give printer ip to other network like
modem [192.168.1.1]-[printer 192.168.1.55]-[chilli 192.168.1.2]-->192.168.182.x
if you would setup like this
I have got this problem before
on your chilli.conf
uamserver https://192.168.2.1/cgi-bin/hotspotlogin.cgi
uamhomepage https://192.168.2.1/cgi-bin/hotspotlogin.cgi
your uamhomepage should not https://192.168.2.1/cgi-bin/hotspotlogin.cgi
cause if you set this chilli will redirect to https://192.168.2.1/cgi-bin/hotspotlogin.cgi that without data so chillis will send youu the error
if you don't know the uamhomepage, you should comment you uam homepage and restart your chillispot
I found this solution on coova firmware . you can type exit.lan and then you will logged out.
but on the linux server you much type http://192.168.182.1:3990/logoff
you may create the file in your server to redirect to the url http://192.168.182.1:3990/logoff
such as http://localhost/exit.php
something like this
what do you want to do ? you want chillispot why do you need to disable it.
what do you need?
Hi Man
you don't need to start DHCP on WIFI device cause miss chilli will do this for you.
Disable all dhcp and make you wifi device as normal access point , no need to add any radius ip to your wifi device
regards
For Chillispot that I have been using for one year
The chillispot give ip to user before they authen so miss chilli don't know who are admin who are not admin
You can config ip range on chillispot conf but I think you can not give ip to user group that you need
Maybe someone know how to do what you need , wait for them to reply more
you can add this line to your Chillispot Iptables firewall
##Allow transparent proxy (wiboon 1/2)
$IPTABLES -A INPUT -p tcp -m tcp --dport 3128 --syn -j ACCEPT
##Allow transparent proxy (wiboon 2/2)
$IPTABLES -t nat -A PREROUTING -i tun0 -p tcp -m tcp --dport 3128 --syn -j DROP
$IPTABLES -t nat -A PREROUTING -i tun0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
3128 is your squid port
Chillispot Forum → Posts by easyzonecorp
Powered by PunBB 1.4.4, supported by Informer Technologies, Inc.