ConfigurationDeWifidog

Un article de MarseilleWirelessWiki.

voisi quelques points du fichier de configuration

GatewayID -> POur l'instant on mets la MAC mais ce serait mieux de faire comme puteaux genre NodePrenomNom

ExternalInterface eth0 sur wrt54G

1. Parameter: GatewayInterface
2. Default: NONE
3. Mandatory
5. Set this to the internal interface. Typically br0 for OpenWrt, and eth1 otherwise

GatewayInterface : C'est l'interface Wifi - eth1 pour openwrt sur WRT54GS

1. Parameter: GatewayAddress
2. Default: Find it from GatewayInterface
3. Optional
5. Set this to the internal IP address of the gateway

1. GatewayAddress 192.168.1.1 ( faculatatif )

1. AuthServer {
2. Hostname auth.ilesansfil.org
3. SSLAvailable yes
4. Path /
5. }

Actuellement pour le serveur est

Hostname auth.marseille-wireless.org

SSLAvailable yes

Path /wifidog/

Ici l'idée serait de sauthetifier à trois serveurs différent : ville , pays , monde , mais ce n'est pas possible pour l'instant

L'utilité dans le cas d'une node qui n'a aucun accès a internet serait aussi que si on ne spécifie pas de serveur, wifidog rediriges vers localhost , comme nocat aurait fait. Cela permet d'annoncer aux visiteurs sur quelle node ils sont et quels services sont proposés

Le reste est à detailler  :

1. AuthServer {
2. Hostname auth2.ilesansfil.org
3. SSLAvailable yes
4. Path /
5. }

1. AuthServer {
2. Hostname auth3.ilesansfil.org
3. SSLAvailable yes
4. Path /
5. }

1. Parameter: Portal
2. Default: none
3. Optional
5. Set this to a URL for your portal, if you run without an auth server
6. Portal http://www.ilesansfil.org/

1. Parameter: Daemon
2. Default: 1
3. Optional
5. Set this to true if you want to run as a daemon
6. Daemon 1

1. Parameter: GatewayPort
2. Default: 2060
3. Optional
5. Listen on this port
6. GatewayPort 2060

1. Parameter: HTTPDName
2. Default: WiFiDog
3. Optional
5. Define what name the HTTPD server will respond
6. HTTPDName WiFiDog

1. Parameter: HTTPDMaxConn
2. Default: 10
3. Optional
5. How many sockets to listen to
6. HTTPDMaxConn 10

1. Parameter: CheckInterval
2. Default: 60
3. Optional
5. How many seconds should we wait between timeout checks

CheckInterval 60

1. Parameter: ClientTimeout
2. Default: 5
3. Optional
5. Set this to the desired of number of CheckInterval of inactivity before a client is logged out
6. The timeout will be INTERVAL * TIMEOUT

ClientTimeout 5

1. Parameter: TrustedMACList
2. Default: none
3. Optional
5. Comma separated list of MAC addresses who are allowed to pass
6. through without authentication
7. TrustedMACList 00:00:DE:AD:BE:AF,00:00:C0:1D:F0:0D

1. Parameter: FirewallRuleSet
2. Default: none
3. Mandatory
5. Groups a number of FirewallRule statements together.

1. Parameter: FirewallRule
2. Default: none
4. Define one firewall rule in a rule set.

1. Rule Set: global
3. Used for rules to be applied to all other rulesets except locked.
4. This is the default config for the Teliphone service.

FirewallRuleSet global {

   FirewallRule allow udp to 69.90.89.192/27
   FirewallRule allow udp to 69.90.85.0/27
   FirewallRule allow tcp port 80 to 69.90.89.205

}

1. Rule Set: validating-users
3. Used for new users validating their account

FirewallRuleSet validating-users {

   FirewallRule block tcp port 25
   FirewallRule allow to 0.0.0.0/0

}

1. Rule Set: known-users
3. Used for normal validated users.

FirewallRuleSet known-users {

   FirewallRule allow to 0.0.0.0/0

}

1. Rule Set: unknown-users
3. Used for unvalidated users, this is the ruleset that gets redirected.
5. XXX The redirect code adds the Default DROP clause.

FirewallRuleSet unknown-users {

   FirewallRule allow udp port 53
   FirewallRule allow tcp port 53
   FirewallRule allow udp port 67
   FirewallRule allow tcp port 67

}

1. Rule Set: locked-users
3. Used for users that have been locked out.

FirewallRuleSet locked-users {

   FirewallRule block to 0.0.0.0/0

}