佐须之男 发布的文章

wifidog 功能

Auth server (Current)

  • Node-specific content features. Wifidog-auth has a very cool local content architecture.
    RSS feed support (optional, with magpierss), one feed per node (url stored in the database, works great, but no gui to edit it yet) and one network-wide RSS feed.
  • Configuration and integration
    No need to set any path in the web server config files
    All paths are editable from the config file
    Quick setup: the network name, url, default RSS, and similar data are set from the config file, and will be displayed as needed throughout the system.
    Can import all users and passwords from a NoCat password file [WWW] More info].
  • Development
    Demo page to let people to hack on it more easily
    Database abstraction layer with very nice debugging features (just append true at the end of the call and you'll see the query, the results, the query plan, and the number of affected rows. Porting to another database only requires porting one file. Currently uses Postgres.)
  • User management (end user)
    Users can create and activate accounts without admin intervention. The user will be granted a 15 minute grace period after signing up in order to retrieve and validate his email.
    Users can request that the server re-send the validation email
    Users can change their passwords
    Users who forget their username can have it mailed to them.
    Users who lose their password can ask the system to generate a new one and mail it to them.
    Email must be valid but isn't displayed in order to preserve user privacy.
    Users can login using either email or username
    Enforces (politely) that duplicate email addresses are not allowed in the database
  • Logging and monitoring
    MAC address logging (in case it is a legal requirement in your country)
    Sends the original url before redirecting to the central server in order to allow linking on the portal page
    Multi-language support
    Script and sql execution time breakdown. Already implemented, just needs to be packaged to be usable by the templates.
  • Reports and Statistics

Gateway (Current)

  • Supports using backup auth servers if the primary one doesn't respond.
  • Runtime query interface
  • One rule to jump in, one to jump out rejects, one to jump out accepts
  • Detects the IP address of a network interface automatically, instead of specifying it separately in the configuration file.

本文章由 http://www.wifidog.pro/2015/01/07/wifidog-%E5%8A%9F%E8%83%BD.html 整理编辑,转载请注明出处

Wifidog’s Features

Wifidog was designed as a replacement to existing captive portal solutions which we felt didn't fit the needs of next generation community groups. Specifically, we wanted both personalized and community wide content for each hotspot, no pop ups, no client software and centralized management. Mainly as a replacement for portals currently using NoCat. A lot of other vendors use WiFiDog (especially the client) as a base for their solutions.

Main Features

  • Captive portal which lets hotspot owners communicate with their users
  • Wifidog gateway was designed for and runs on GNU/Linux servers and embedded linux devices, e.g. Linksys WRT54G with OpenWRT. For a current list of supported devices and installation instructions please click Here.
  • Multilingual support (through browser detection and user selection) with the ability to add more languages using a .po editor.Current implemented languages are:
    English
    French
    German
    Spanish
    Italian
    Greek
    Portuguese (also Brazilian)
    Swedish
    Bulgarian
    Japanese
    Catalan
  • Maintain the client (hotspot users) connection by checking network activity through a ping command, instead of a javascript window (like used in NoCat). This allows PDAs and cellphones and other devices without javascript support to connect.
  • Support for differing types of hotspots:
    Splash Only mode: Users are redirected to the portal, but do not have to login in order to use services
    Normal Mode: Users are unique and must have a valid email address in order to open an account.
  • Users are able to create a working account directly from any hotspot. New users sign on from any hotspot, create their account and are granted access for 15 minutes to confirm an email. If they don't, they are disconnected and have to sign up again.
  • Hotspot/node monitoring by two way heart beating, so the central server always knows which hotspots/nodes are up, regardless of dynamic DNS, firewalls, etc.
  • Reports and Statistics including:
    10 highest bandwidth consumers
    10 most frequent users
    10 most mobile users
    Anoymised SQL data export (for academic research)
    Breakdown of how many users actually use the network
    Connection log
    Content display and click through report
    Graph on network use (per hour, weekday and month)
    Individual user report, most popular nodes (by visit)
    Network status information
    Node status information
    Registration log
    User registration report
  • Automatic node creation (if the person creating the node has the relevant permissions and the feature is enabled).

引用自:http://dev.wifidog.org/wiki/Features

本文章由 http://www.wifidog.pro/2015/01/07/wifidog%E5%8A%9F%E8%83%BD.html 整理编辑,转载请注明出处

About The Wifidog Captive Portal

The Wifidog project is a complete and embeddable captive portal solution for those who wish to operate a open hotspot or network of hotspots while preventing abuse of their Internet connection.

The Wifidog project was started by Île sans fil and is currently in production. Existing captive portal solutions were either almost impossible to embed ( NoCat, which relies on perl, GnuPG , OpenSSL), or only designed to display disclaimers with no access control at all (NoCatSplash and others). Wifidog is designed to have optional centralized access control, full bandwidth accounting, node heartbeating and local content specific to each hotspot. It does not rely on a javascript window, so it works with any platform with a web browser, including PDAs and cellphones. It is developed in C to make it easy to include in embedded systems (It has been designed for the Linksys WRT54G, but runs on any recent Linux platform). A typical install only takes 30kb on i386, and a fully functionnal install could be made in under 10 kb if necessary.

The portal suite is mainly an authentication server coded in PHP using a PostgreSQL database. On the other side, the Wifidog gateway connects to the auth-server for directive based on information submited by users in one of the hotspots. All administration/logical stuff are in the authentication server and the gateway is only playing with gateway firewall rules to allow or deny the users access.

Also of note are the extensive LBC (location-based content) management features available. There are some LBS (location-based service) features available and they continue to be an area of development.

引用自:http://dev.wifidog.org/wiki/About
本文章由 http://www.wifidog.pro/2015/01/07/wifidog%E5%8A%9F%E8%83%BD.html 整理编辑,转载请注明出处

wifidog添加到openwrt

Openwrt编译x86,for VMware虚拟机

记录一下自己编译x86的过程

从make menuconfig说起

目标系统(Target System)当然是选择x86了,至于Subtarget和Target Profile,使用默认的Generic就可以了

然后是目标镜像(Tartget Images),选择ext4和Build VMware image files (VMDK)
(在trunk版中是ext4,在backfire中是ext2,两个都可以的)

接下来,在内核模块(Kernel modules)的网络设备(Network Devices)中,选中VMware网卡
Openwrt官网写着必须选中e1000,但仅有这个是不够的,而且目标系统选择了x86,e1000就自动必选了
不知道VMware是什么网卡的,可以在自己的Ubuntu里lspci下(我是用Ubuntu编译Openwrt,看你自己了)

然后就是选择一些自己需要的模块了,完了就make V=99
(悲剧的是trunk中选了php5编译失败,backfire就可以)

等编译完成,新建一个虚拟机,然后删除该虚拟机的硬盘
将编译得到的镜像拷贝到该虚拟机目录
重新添加一个硬盘,指定使用编译的镜像

至于网卡嘛,第一块就是eth0,再添加一块就是eth1,依次类推
比如我用第一块做lan,第二块做wan,(VMnet9是一个普通的虚拟机网段,不是桥接,不是NAT,也不是host-only)

然后开机(Openwrt),编辑network,添加一个wan接口,同时给lan加了个nat参数

于是,就可以上网了
当然,如果第2块网卡使用桥接,就可以用Openwrt进行拨号
其他虚拟机只要把网卡设置为VMnet9,就能自动获取Openwrt DHCP分配的地址

本文章由 http://www.wifidog.pro/2015/01/06/openwrt%E6%B7%BB%E5%8A%A0wifidog.html 整理编辑,转载请注明出处