Wifidog

My internet If is eth0 (192.168.1.0 network). my wifi ap IF is wlan1 (192.168.242.0 network). The following is my iptalbes-save rules set by wifidog only(in my linux box, there's no other application interference): # iptables-save # Generated by ... [More] iptables-save v1.4.4 on Mon Nov 15 21:33:49 2010 *nat :PREROUTING ACCEPT [5501:442295] :POSTROUTING ACCEPT [1266:84147] :OUTPUT ACCEPT [1266:84147] :WiFiDog_wlan0_AuthServers - [0:0] :WiFiDog_wlan0_Global - [0:0] :WiFiDog_wlan0_Outgoing - [0:0] :WiFiDog_wlan0_Unknown - [0:0] :WiFiDog_wlan0_WIFI2Internet - [0:0] :WiFiDog_wlan0_WIFI2Router - [0:0] :WiFiDog_wlan1_AuthServers - [0:0] :WiFiDog_wlan1_Global - [0:0] :WiFiDog_wlan1_Outgoing - [0:0] :WiFiDog_wlan1_Unknown - [0:0] :WiFiDog_wlan1_WIFI2Internet - [0:0] :WiFiDog_wlan1_WIFI2Router - [0:0] -A PREROUTING -i wlan0 -j WiFiDog_wlan0_Outgoing -A PREROUTING -i wlan1 -j WiFiDog_wlan1_Outgoing -A WiFiDog_wlan0_AuthServers -d 127.0.0.1/32 -j ACCEPT -A WiFiDog_wlan0_Outgoing -d 192.168.1.49/32 -j WiFiDog_wlan0_WIFI2Router -A WiFiDog_wlan0_Outgoing -j WiFiDog_wlan0_WIFI2Internet -A WiFiDog_wlan0_Unknown -j WiFiDog_wlan0_AuthServers -A WiFiDog_wlan0_Unknown -j WiFiDog_wlan0_Global -A WiFiDog_wlan0_Unknown -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 2060 -A WiFiDog_wlan0_WIFI2Internet -m mark --mark 0x2 -j ACCEPT -A WiFiDog_wlan0_WIFI2Internet -m mark --mark 0x1 -j ACCEPT -A WiFiDog_wlan0_WIFI2Internet -j WiFiDog_wlan0_Unknown -A WiFiDog_wlan0_WIFI2Router -j ACCEPT -A WiFiDog_wlan1_AuthServers -d 127.0.0.1/32 -j ACCEPT -A WiFiDog_wlan1_Global -p icmp -j ACCEPT -A WiFiDog_wlan1_Outgoing -d 192.168.242.1/32 -j WiFiDog_wlan1_WIFI2Router -A WiFiDog_wlan1_Outgoing -j WiFiDog_wlan1_WIFI2Internet -A WiFiDog_wlan1_Unknown -j WiFiDog_wlan1_AuthServers -A WiFiDog_wlan1_Unknown -j WiFiDog_wlan1_Global -A WiFiDog_wlan1_Unknown -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 2060 -A WiFiDog_wlan1_WIFI2Internet -m mark --mark 0x2 -j ACCEPT -A WiFiDog_wlan1_WIFI2Internet -m mark --mark 0x1 -j ACCEPT -A WiFiDog_wlan1_WIFI2Internet -j WiFiDog_wlan1_Unknown -A WiFiDog_wlan1_WIFI2Router -j ACCEPT COMMIT # Completed on Mon Nov 15 21:33:49 2010 # Generated by iptables-save v1.4.4 on Mon Nov 15 21:33:49 2010 *mangle :PREROUTING ACCEPT [224240:87552377] :INPUT ACCEPT [215165:86881063] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [199481:17862812] :POSTROUTING ACCEPT [126188:13497475] :WiFiDog_wlan0_Incoming - [0:0] :WiFiDog_wlan0_Outgoing - [0:0] :WiFiDog_wlan0_Trusted - [0:0] :WiFiDog_wlan1_Incoming - [0:0] :WiFiDog_wlan1_Outgoing - [0:0] :WiFiDog_wlan1_Trusted - [0:0] -A PREROUTING -i wlan1 -j WiFiDog_wlan1_Trusted -A PREROUTING -i wlan1 -j WiFiDog_wlan1_Outgoing -A POSTROUTING -o wlan1 -j WiFiDog_wlan1_Incoming -A POSTROUTING -o wlan0 -j WiFiDog_wlan0_Incoming COMMIT # Completed on Mon Nov 15 21:33:49 2010 # Generated by iptables-save v1.4.4 on Mon Nov 15 21:33:49 2010 *filter :INPUT ACCEPT [215476:87089823] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [199713:17876135] :WiFiDog_wlan0_AuthServers - [0:0] :WiFiDog_wlan0_Global - [0:0] :WiFiDog_wlan0_Known - [0:0] :WiFiDog_wlan0_Locked - [0:0] :WiFiDog_wlan0_Unknown - [0:0] :WiFiDog_wlan0_Validate - [0:0] :WiFiDog_wlan0_WIFI2Internet - [0:0] :WiFiDog_wlan1_AuthServers - [0:0] :WiFiDog_wlan1_Global - [0:0] :WiFiDog_wlan1_Known - [0:0] :WiFiDog_wlan1_Locked - [0:0] :WiFiDog_wlan1_Unknown - [0:0] :WiFiDog_wlan1_Validate - [0:0] :WiFiDog_wlan1_WIFI2Internet - [0:0] -A FORWARD -i wlan1 -j WiFiDog_wlan1_WIFI2Internet -A FORWARD -i wlan0 -j WiFiDog_wlan0_WIFI2Internet -A WiFiDog_wlan0_AuthServers -d 127.0.0.1/32 -j ACCEPT -A WiFiDog_wlan0_Known -j ACCEPT -A WiFiDog_wlan0_Locked -j REJECT --reject-with icmp-port-unreachable -A WiFiDog_wlan0_Unknown -p udp -m udp --dport 53 -j ACCEPT -A WiFiDog_wlan0_Unknown -p tcp -m tcp --dport 53 -j ACCEPT -A WiFiDog_wlan0_Unknown -p udp -m udp --dport 67 -j ACCEPT -A WiFiDog_wlan0_Unknown -p tcp -m tcp --dport 67 -j ACCEPT -A WiFiDog_wlan0_Unknown -j REJECT --reject-with icmp-port-unreachable -A WiFiDog_wlan0_Validate -j ACCEPT -A WiFiDog_wlan0_WIFI2Internet -m state --state INVALID -j DROP -A WiFiDog_wlan0_WIFI2Internet -o wlan0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu -A WiFiDog_wlan0_WIFI2Internet -j WiFiDog_wlan0_AuthServers -A WiFiDog_wlan0_WIFI2Internet -m mark --mark 0x254 -j WiFiDog_wlan0_Locked -A WiFiDog_wlan0_WIFI2Internet -j WiFiDog_wlan0_Global -A WiFiDog_wlan0_WIFI2Internet -m mark --mark 0x1 -j WiFiDog_wlan0_Validate -A WiFiDog_wlan0_WIFI2Internet -m mark --mark 0x2 -j WiFiDog_wlan0_Known -A WiFiDog_wlan0_WIFI2Internet -j WiFiDog_wlan0_Unknown -A WiFiDog_wlan1_AuthServers -d 127.0.0.1/32 -j ACCEPT -A WiFiDog_wlan1_Global -p icmp -j ACCEPT -A WiFiDog_wlan1_Known -j ACCEPT -A WiFiDog_wlan1_Locked -j REJECT --reject-with icmp-port-unreachable -A WiFiDog_wlan1_Unknown -p udp -m udp --dport 53 -j ACCEPT -A WiFiDog_wlan1_Unknown -p tcp -m tcp --dport 53 -j ACCEPT -A WiFiDog_wlan1_Unknown -p udp -m udp --dport 67 -j ACCEPT -A WiFiDog_wlan1_Unknown -p tcp -m tcp --dport 67 -j ACCEPT -A WiFiDog_wlan1_Unknown -j REJECT --reject-with icmp-port-unreachable -A WiFiDog_wlan1_Validate -j ACCEPT -A WiFiDog_wlan1_WIFI2Internet -m state --state INVALID -j DROP -A WiFiDog_wlan1_WIFI2Internet -o eth0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu -A WiFiDog_wlan1_WIFI2Internet -j WiFiDog_wlan1_AuthServers -A WiFiDog_wlan1_WIFI2Internet -m mark --mark 0x254 -j WiFiDog_wlan1_Locked -A WiFiDog_wlan1_WIFI2Internet -j WiFiDog_wlan1_Global -A WiFiDog_wlan1_WIFI2Internet -m mark --mark 0x1 -j WiFiDog_wlan1_Validate -A WiFiDog_wlan1_WIFI2Internet -m mark --mark 0x2 -j WiFiDog_wlan1_Known -A WiFiDog_wlan1_WIFI2Internet -j WiFiDog_wlan1_Unknown COMMIT # Completed on Mon Nov 15 21:33:49 2010 And after sucessful login, the wifidog -f -d 7 console echos: [6][Mon Nov 15 21:35:23 2010][19725](centralserver.c:168) Auth server returned authentication code 1 [7][Mon Nov 15 21:35:23 2010][19725](auth.c:126) Locking client list [7][Mon Nov 15 21:35:23 2010][19725](auth.c:126) Client list locked [6][Mon Nov 15 21:35:23 2010][19725](auth.c:184) Got ALLOWED from central server authenticating token c795da5a86a7cb2d04b45b289c115c3a from 192.168.242.123 at 00:e0:4c:01:81:ad - adding to firewall and redirecting them to portal [7][Mon Nov 15 21:35:23 2010][19725](firewall.c:94) Allowing 192.168.242.123 00:e0:4c:01:81:ad with fw_connection_state 2 [7][Mon Nov 15 21:35:23 2010][19725](fw_iptables.c:111) Executing command: iptables -t mangle -A WiFiDog_wlan1_Outgoing -s 192.168.242.123 -m mac --mac-source 00:e0:4c:01:81:ad -j MARK --set-mark 2 [7][Mon Nov 15 21:35:23 2010][19725](util.c:122) Waiting for PID 19959 to exit [7][Mon Nov 15 21:35:23 2010][19725](gateway.c:259) Handler for SIGCHLD called. Trying to reap a child [7][Mon Nov 15 21:35:23 2010][19725](gateway.c:263) Handler for SIGCHLD reaped child PID -1 [7][Mon Nov 15 21:35:23 2010][19725](util.c:124) Process PID 19959 exited [7][Mon Nov 15 21:35:23 2010][19725](fw_iptables.c:111) Executing command: iptables -t mangle -A WiFiDog_wlan1_Incoming -d 192.168.242.123 -j ACCEPT [7][Mon Nov 15 21:35:23 2010][19725](gateway.c:259) Handler for SIGCHLD called. Trying to reap a child [7][Mon Nov 15 21:35:23 2010][19725](gateway.c:263) Handler for SIGCHLD reaped child PID 19964 [7][Mon Nov 15 21:35:23 2010][19725](util.c:122) Waiting for PID 19964 to exit [7][Mon Nov 15 21:35:23 2010][19725](util.c:124) Process PID -1 exited [3][Mon Nov 15 21:35:23 2010][19725](fw_iptables.c:118) iptables command failed(8): iptables -t mangle -A WiFiDog_wlan1_Incoming -d 192.168.242.123 -j ACCEPT [7][Mon Nov 15 21:35:23 2010][19725](http.c:208) Redirecting client browser to  http://wireless.lazycoffe.com.tw:80/wifidog/portal/?gw_id=hostapd [7][Mon Nov 15 21:35:23 2010][19725](auth.c:215) Unlocking client list [7][Mon Nov 15 21:35:23 2010][19725](auth.c:215) Client list unlocked [7][Mon Nov 15 21:35:23 2010][19725](httpd_thread.c:68) Returned from httpdProcessRequest() for 192.168.242.123 [7][Mon Nov 15 21:35:23 2010][19725](httpd_thread.c:73) Closing connection with 192.168.242.123 Anything I went wrong? Thanks in advance! [Less]

Hi there, I have received many complaints from our users that when they try to login using firefox they experience problems and can't log in. Here's what happens... 1) login page loads, the user types in the username in the username field 2) ... [More] user clicks on the password field to enter password or 1) login page loads, the user clicks on the username field to enter username 3) the page freezes and user can't do anything on the page anymore 4) if they refresh the page, they can enter the username or password again. If they press tab to move to the between fields or submit button it works fine but as soon as they use the mouse to click on the fields the page freezes up and doesn't work anymore until they refresh the page. THis only happens on Firefox using Windows. IE, Safari and Firefox on Mac seems to be ok. Any ideas on how to resolve this issue is greatly appreciated. thanks for your help, much appreciated [Less]

Every time I reach the User Creation Page I enter the details then it returns to the start of the process. I start again and try to create an admin and again. It seems it doesn't create the user at all Ali

Hello. Can you add a nodogsplash-like force timeout? Which means "the desired number of minutes before a user is automatically 'deauthenticated', whether active or not" Thank you.

invalid: Please use the mailing list for support requests.  https://dev.wifidog.org/wiki/Contact%20/%20Support

I installed WifiDog Auth Server and currently authenticating users on external Freeradius server. Authentication is working fine but Accounting is not working. Im not seeing any accounting request coming in on my radius. I tested my radius ... [More] accounting capability using other 3rd part client and it works. Im thinking that my WifiDog Auth Server doesnt automatically produce accounting request. Is WifiDog gateway mandatory to make accounting works? My plan is use WifiDog as authentication server and use other equipment for enforcement and not by WifiDog Gateway. How can I make WifiDog Auth Server generate accounting message that includes subscriber IP address? Please advice. Another problem I found out using WifiDog Auth is "User :: setCurrentUser" found on line 176 of AuthenticatorRadius?.php file is resulting my username set to null. I commented it out and makes authentication via radius works. Maybe there someone out there who has the same problem. [Less]

(diff)

(diff)

(diff)

(diff)