Topic: no communication between chilli and AP
I have been at this for a while now and I am not getting anywhere.
I have a Linksys WRT54G v6 running dd-wrt v23 and have chillispot v1.1.0 along with freeradius, mysql and apache on a separate machine running linux 2.6.23. I have freeradius, mysql and apache running and configured. freeradius will authenticate off of the mysql database. I have configured chillispot with mostly the defaults, only changing the ip for the apache server and radius servers and secrets. I have eth1 set to master mode (0.0.0.0), though I have tried setting a 192.168 ip as well, with no success. I have used the firewall script from chillispot, adding a bind for port 67 to tun0 as suggested in the forums.
#Allow related and established on all interfaces (input)
$IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
#Allow releated, established and ssh on $EXTIF. Reject everything else.
$IPTABLES -A INPUT -i $EXTIF -p tcp -m tcp --dport 22 --syn -j ACCEPT
$IPTABLES -A INPUT -i $EXTIF -j REJECT
#Allow related and established from $INTIF. Drop everything else.
$IPTABLES -A INPUT -i $INTIF -j DROP
#Allow http and https on other interfaces (input).
#This is only needed if authentication server is on same server as chilli
$IPTABLES -A INPUT -p tcp -m tcp --dport 80 --syn -j ACCEPT
$IPTABLES -A INPUT -p tcp -m tcp --dport 443 --syn -j ACCEPT
#Allow 3990 on other interfaces (input).
$IPTABLES -A INPUT -p tcp -m tcp --dport 3990 --syn -j ACCEPT
$IPTABLES -A INPUT -p udp -m udp --dport 67 -j ACCEPT
#Allow ICMP echo on other interfaces (input).
$IPTABLES -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
#Allow everything on loopback interface.
$IPTABLES -A INPUT -i lo -j ACCEPT
$IPTABLES -A INPUT -i tun0 -j ACCEPT
# Drop everything to and from $INTIF (forward)
# This means that access points can only be managed from ChilliSpot
$IPTABLES -A FORWARD -i $INTIF -j DROP
$IPTABLES -A FORWARD -o $INTIF -j DROP
$IPTABLES -A FORWARD -i tun0 -j ACCEPT
#Enable NAT on output device
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
When I start chilli --debug --fg, it gives no errors and sits waiting for requests.
I have tried setting up the AP in a number of different ways, as I think that this is the problem. I have it set with a static ip that is not within the 192.168.182 range that chilli uses. I have DHCP turned off on both WAN and LAN. I have tried it in AP mode, and in bridged mode. Currently, it will broadcast and I can connect to it, but it does not give out an IP and there is no communication with chilli and no traffic on either eth1 or tun0.
No idea what to do next. Any thoughts?