This is an old revision of the document!
sudo apt-get install build-essential libssl-dev libjson-c-dev gengetopt sudo apt install devscripts debhelper
tar -xzvf 1.5.tar.gz cd coova-chilli-1.5/ vi debian/control #Look for this part #------ #Depends: # ${shlibs:Depends}, # iptables, # haserl, # adduser, #------ #------ CHANGE TO THIS (remove haserl as a dependency) #------ #Depends: # ${shlibs:Depends}, # iptables, # adduser, #----- debuild -i -us -uc -b cd .. sudo dpkg --install coova-chilli_1.4_amd64.deb
sudo dpkg --install coova-chilli_1.4_amd64.deb [sudo] password for system: Selecting previously unselected package coova-chilli. (Reading database ... 119514 files and directories currently installed.) Preparing to unpack coova-chilli_1.4_amd64.deb ... Unpacking coova-chilli (1.4) ... Setting up coova-chilli (1.4) ... Chilli default off. Look at /etc/default/chilli Processing triggers for libc-bin (2.27-3ubuntu1) ... Processing triggers for systemd (237-3ubuntu10.33) ... Processing triggers for ureadahead (0.100.0-21) ... Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
sudo vi /etc/default/chilli
START_CHILLI=1 CONFFILE="/etc/chilli.conf" HS_USER="chilli"
#First enable the service so it will start up during boot sudo systemctl enable chilli # Feedback code should be... # chilli.service is not a native service, redirecting to systemd-sysv-install. # Executing: /lib/systemd/systemd-sysv-install enable chilli sudo systemctl start chilli
sudo systemctl status chilli
● chilli.service - LSB: Start CoovaChilli daemon at boot time Loaded: loaded (/etc/init.d/chilli; generated) Active: active (exited) since Fri 2019-12-20 20:07:51 UTC; 1s ago Docs: man:systemd-sysv-generator(8) Process: 14452 ExecStop=/etc/init.d/chilli stop (code=exited, status=0/SUCCESS) Process: 14491 ExecStart=/etc/init.d/chilli start (code=exited, status=0/SUCCESS) Dec 20 20:07:51 osboxes chilli[14580]: TX queue length set to 100 Dec 20 20:07:51 osboxes coova-chilli[14585]: PID 14585 loading binary options file /var/run/chilli.14580.cfg.bin Dec 20 20:07:51 osboxes coova-chilli[14585]: Loading modules Dec 20 20:07:51 osboxes coova-chilli[14585]: USER root(0/0), GROUP root(0/0) CHILLI[UID 113, GID 116] Dec 20 20:07:51 osboxes coova-chilli[14585]: Running /etc/chilli/up.sh (0/0) Dec 20 20:07:51 osboxes chilli[14580]: No such device: ioctl(SIOCSIFFLAGS) failed on eth1 Dec 20 20:07:51 osboxes chilli[14580]: No such device: ioctl(SIOCSIFFLAGS) failed Dec 20 20:07:51 osboxes chilli[14580]: No such device: ioctl(SIOCSIFADDR) failed Dec 20 20:07:51 osboxes chilli[14580]: No such device: ioctl(d=2, request=35111) failed Dec 20 20:07:51 osboxes chilli[14580]: Failed to create dhcp listener on eth1
ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 08:00:27:fe:57:09 brd ff:ff:ff:ff:ff:ff inet 192.168.1.111/24 brd 192.168.1.255 scope global dynamic enp0s3 valid_lft 256221sec preferred_lft 256221sec inet6 fe80::a00:27ff:fefe:5709/64 scope link valid_lft forever preferred_lft forever 3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 08:00:27:8c:d3:32 brd ff:ff:ff:ff:ff:ff inet6 fe80::a00:27ff:fe8c:d332/64 scope link
File | Comment |
---|---|
config | start as a copy of defaults and is edited to override specific variables defined in defaults |
defaults | To avoid the splash screen we have to remove one line from this file |
ipup.sh | Custom firewall rules for start-up |
ipdown.sh | Custom firewall rule clean-up during shut-down. |
HS_WANIF=enp0s3 # WE ALSO Need to specify this HS_LANIF=enp0s8 # Subscriber Interface for client devices HS_NETWORK=10.1.0.0 # HotSpot Network (must include HS_UAMLISTEN) HS_NETMASK=255.255.0.0 # HotSpot Network Netmask HS_UAMLISTEN=10.1.0.1 # HotSpot IP Address (on subscriber network) HS_UAMPORT=3990 # HotSpot UAM Port (on subscriber network) HS_UAMUIPORT=4990 # HotSpot UAM "UI" Port (on subscriber network, for embedded portal) HS_NASID=localhost HS_RADIUS=localhost HS_RADIUS2=localhost HS_RADSECRET=testing123 # Set to be your RADIUS shared secret HS_UAMSECRET=greatsecret # Set to be your UAM secret HS_UAMALIASNAME=chilli HS_SSID="Struisbaai" HS_NASIP=127.0.0.1 # To explicitly set NAS-IP-Address HS_UAMSERVER=$HS_UAMLISTEN HS_UAMFORMAT=http://\$HS_UAMLISTEN/cake3/rd_cake/dynamic-details/chilli-browser-detect/ HS_MACAUTH=on # To turn on MAC Authentication HS_TCP_PORTS="80 23 8000" HS_MODE=hotspot HS_TYPE=chillispot HS_WWWDIR=/etc/chilli/www HS_WWWBIN=/etc/chilli/wwwsh HS_PROVIDER=Coova HS_PROVIDER_LINK=http://www.coova.org/ HS_LOC_NAME="My HotSpot" # WISPr Location Name and used in portal HS_COAPORT=3799 #Please specify the DNS servers of your choice here #Here we specified out own DSL router and as a fallback one of the Google servers HS_DNS1=192.168.1.1 HS_DNS2=8.8.8.8
# Same principal goes for HS_UAMHOMEPAGE. #HS_UAMHOMEPAGE=http://\$HS_UAMLISTEN:\$HS_UAMPORT/www/coova.html
#UAM server specified as 10.1.0.1 iptables -I INPUT -i tun0 -p tcp -m tcp --dport 80 --dst 10.1.0.1 -j ACCEPT iptables -I INPUT -i tun0 -p tcp -m tcp --dport 443 --dst 10.1.0.1 -j ACCEPT iptables -I INPUT -i tun0 -p tcp -m tcp --dport 22 --dst 10.1.0.1 -j ACCEPT iptables -I INPUT -i tun0 -p tcp -m tcp --dport 8000 --dst 10.1.0.1 -j ACCEPT # force-add the final rule necessary to fix routing tables (Enabling NAT) iptables -F POSTROUTING -t nat iptables -I POSTROUTING -t nat -o $HS_WANIF -j MASQUERADE
#UAM server specified as 10.1.0.1 iptables -D INPUT -i tun0 -p tcp -m tcp --dport 80 --dst 10.1.0.1 -j ACCEPT iptables -D INPUT -i tun0 -p tcp -m tcp --dport 443 --dst 10.1.0.1 -j ACCEPT iptables -D INPUT -i tun0 -p tcp -m tcp --dport 22 --dst 10.1.0.1 -j ACCEPT iptables -D INPUT -i tun0 -p tcp -m tcp --dport 8000 --dst 10.1.0.1 -j ACCEPT
sudo systemctl stop chilli sudo systemctl status chilli sudo systemctl start chilli
sudo systemctl status chilli ....... ● chilli.service - LSB: Start CoovaChilli daemon at boot time Loaded: loaded (/etc/init.d/chilli; generated) Active: active (running) since Sat 2019-12-21 03:05:26 UTC; 2s ago Docs: man:systemd-sysv-generator(8) Process: 7619 ExecStart=/etc/init.d/chilli start (code=exited, status=0/SUCCES Tasks: 1 (limit: 1108) CGroup: /system.slice/chilli.service └─7706 /usr/sbin/chilli -c /etc/chilli.conf Dec 21 03:05:26 osboxes systemd[1]: Started LSB: Start CoovaChilli daemon at boo Dec 21 03:05:26 osboxes chilli[7706]: PID 7706 saving options to /var/run/chilli Dec 21 03:05:26 osboxes chilli[7706]: PID 7706 loading binary options file /var/ Dec 21 03:05:26 osboxes chilli[7706]: Loading modules Dec 21 03:05:26 osboxes chilli[7706]: CoovaChilli 1.4. Copyright 2002-2005 Mondr Dec 21 03:05:26 osboxes chilli[7706]: TX queue length set to 100 Dec 21 03:05:26 osboxes coova-chilli[7713]: PID 7713 loading binary options file Dec 21 03:05:26 osboxes coova-chilli[7713]: Loading modules Dec 21 03:05:26 osboxes coova-chilli[7713]: USER root(0/0), GROUP root(0/0) CHIL Dec 21 03:05:26 osboxes coova-chilli[7713]: Running /etc/chilli/up.sh (0/0) .......
sudo chilli_query list 08-00-27-54-A5-85 10.1.0.3 dnat 157706717100000002 0 08-00-27-54-A5-85 0/0 0/0 0/0 0/0 0 0 0/0 0/0 - 08-00-27-8C-D3-32 10.1.0.2 dnat 157706713900000001 0 08-00-27-8C-D3-32 0/0 0/0 0/0 0/0 0 0 0/0 0/0 -
#Show the current list sudo chilli_query list 08-00-27-54-A5-85 10.1.0.3 dnat 157706717100000002 0 08-00-27-54-A5-85 0/0 0/0 0/0 0/0 0 0 0/0 0/0 http://detectportal.firefox.com/success.txt 08-00-27-8C-D3-32 10.1.0.2 dnat 157706713900000001 0 08-00-27-8C-D3-32 0/0 0/0 0/0 0/0 0 0 0/0 0/0 - #Authorize the client we want to test sudo chilli_query authorize ip 10.1.0.3 #Note how 'dnat' now changed to 'pass' and the 5th field changed from 0 to 1 system@osboxes:~$ sudo chilli_query list 08-00-27-54-A5-85 10.1.0.3 pass 157706717100000002 1 08-00-27-54-A5-85 6/0 0/0 7073/0 3253/0 0 0 0%/0 0%/0 http://detectportal.firefox.com/success.txt 08-00-27-8C-D3-32 10.1.0.2 dnat 157706713900000001 0 08-00-27-8C-D3-32 0/0 0/0 0/0 0/0 0 0 0/0 0/0 -
sudo chilli_query logoff ip 10.1.0.3 #'pass' changed again back to 'dnat' system@osboxes:~$ sudo chilli_query list 08-00-27-54-A5-85 10.1.0.3 dnat 157706939200000002 0 08-00-27-54-A5-85 0/0 0/0 460326/0 146821/0 0 0 0/0 0/0 http://detectportal.firefox.com/success.txt 08-00-27-8C-D3-32 10.1.0.2 dnat 157706713900000001 0 08-00-27-8C-D3-32 0/0 0/0 0/0 0/0 0 0 0/0 0/0 -
ping www.radiusdesk.com PING radiusdesk.com (164.160.91.12) 56(84) bytes of data. ^C --- radiusdesk.com ping statistics --- 2 packets transmitted, 0 received, 100% packet loss, time 1025ms