分类 wifidog分析 下的文章

install AuthPuppy On OpenWRT with Lighttpd

  1. Install OpenWRT on an X86 platform.
    Following the instructions here (http://blog.ich8.com/post/4494), which could install a clean installtion of OpenWRT on an x86 platform with version 14.03.

  2. Setup LAMP
    It has been a while that the default sources on OpenWRT is wrong, that the offical sources has re-archit the directories. Here are some instructions.

2.1 Base part

source: http://downloads.openwrt.org/barrier_breaker/14.07/x86/generic/packages/base/
package list: libexpat libgd libjpeg libncurses libncursesw libopenssl libpcre libpng libpthread libreadline librt iptables-mod-extra iptables-mod-nat-extra

Note after install libpcre, system may not find the proper libpcre.so.0, just make a soft link from libpcre.so.1 in /usr/lib will make it work.

2.2 Lighttpd

source: http://downloads.openwrt.org/barrier_breaker/14.07/x86/generic/packages/packages/

package list: lighttpd lighttpd-mod-access lighttpd-mod-alias lighttpd-mod-cgi lighttpd-mod-fastcgi lighttpd-mod-rewrite

2.3 MySQL

source: http://downloads.openwrt.org/barrier_breaker/14.07/x86/generic/packages/oldpackages/

package list: mysql-server libmysqlclient

2.4 PHP

source: http://downloads.openwrt.org/barrier_breaker/14.07/x86/generic/packages/oldpackages/

package list: php5 php5-cgi php5-fastcgi php5-mod-apc php5-mod-gd php5-mod-mysql php5-mod-pdo php5-mod-pdo-mysql php5-mod-xml

  1. Setup PHP
    Modify /etc/php.ini. First make the doc_root empty, and then modify the max-memory size from 8MB to a much larger one.

  2. Setup Lighttpd
    4.1 Enable some plugins in Lighttpd following this page (http://wiki.openwrt.org/doc/howto/lamp)
    4.2 Enbale mod_rewrite which is used in AuthPuppy
    4.3 !IMPORTANT Migrate the rewrite rules in AuthPuppy’s .htaccess to url.rewrite part, like below:

    url.rewrite-once = (".php$" => "$0", ".html$" => "$0", "^$" => "index.html", "^([^.]+)($|\?.*$)" => "index.php/$1$2")

  3. Now you can install authpuppy and wifidog as usual.

It is much easier to record than try to make it.

本文章由 http://www.wifidog.pro/2015/02/26/openwrt-%E5%AE%89%E8%A3%85-wifidog%E8%AE%A4%E8%AF%81%E6%9C%8D%E5%8A%A1%E5%99%A8authpuppy.html 整理编辑,转载请注明出处

wifidog认证服务器authpuppy 安装检测环境失败

安装authpuppy ,做环境检测时报错如下:

[root@authppy src]# php check_configuration.php 
********************************
*                              *
*  symfony requirements check  *
*                              *
********************************

php.ini used by PHP: /usr/local/Zend/etc/php.ini

** WARNING **
*  The PHP CLI can use a different php.ini file
*  than the one used with your web server.
*  If this is the case, please launch this
*  utility from your web server.
** WARNING **

** Mandatory requirements **

  OK        PHP version is at least 5.2.4 (5.2.17)

** Optional checks **

[[WARNING]] PDO is installed: FAILED
            *** Install PDO (mandatory for Propel and Doctrine) ***
[[WARNING]] PHP-XML module is installed: FAILED
            *** Install and enable the php-xml module (required by Propel) ***
[[WARNING]] XSL module is installed: FAILED
            *** Install and enable the XSL module (recommended for Propel) ***
  OK        The token_get_all() function is available
[[WARNING]] The mb_strlen() function is available: FAILED
            *** Install and enable the mbstring extension ***
  OK        The iconv() function is available
  OK        The utf8_decode() is available
[[WARNING]] The posix_isatty() is available: FAILED
            *** Install and enable the php_posix extension (used to colorized the CLI output) ***
[[WARNING]] A PHP accelerator is installed: FAILED
            *** Install a PHP accelerator like APC (highly recommended) ***
[[WARNING]] php.ini has short_open_tag set to off: FAILED
            *** Set it to off in php.ini ***
[[WARNING]] php.ini has magic_quotes_gpc set to off: FAILED
            *** Set it to off in php.ini ***
  OK        php.ini has register_globals set to off
  OK        php.ini has session.auto_start set to off
  OK        PHP version is not 5.2.9

解决方法:
安装php 模块及一些软件包:

[root@authppy src]# yum install -y libxslt libxslt-devel  php-pdo php-xml php-mbstring php-process

关闭php 相应参数:

[root@authppy src]# vi /usr/local/php/etc/php.ini
short_open_tag = Off
magic_quotes_gpc = Off

错误ARC 的解决方法:

[root@authppy src]# wget http://pecl.php.net/get/APC-3.1.13.tgz
[root@authppy src]# tar zxf APC-3.1.13.tgz 
[root@authppy src]# cd APC-3.1.13
[root@authppy APC-3.1.13]# phpize
Configuring for:
PHP Api Version:         20090626
Zend Module Api No:      20090626
Zend Extension Api No:   220090626
[root@authppy APC-3.1.13]# ./configure --enable-apc
[root@authppy APC-3.1.13]# make
[root@authppy APC-3.1.13]# make install
[root@authppy APC-3.1.13]# ls /usr/lib64/php/modules/
apc.so  curl.so  fileinfo.so  json.so  phar.so  zip.so
[root@authppy src]# echo "apc__extension=/usr/lib64/php/modules/apc.so" >> /usr/local/php/etc/php.ini
[root@authppy src]#ln -s /usr/lib64/php/modules/apc.so /usr/lib/

本文章由 http://www.wifidog.pro/2015/02/26/wifidog%E8%AE%A4%E8%AF%81%E6%9C%8D%E5%8A%A1%E5%99%A8authpuppy%E5%AE%89%E8%A3%85%E5%A4%B1%E8%B4%A5.html 整理编辑,转载请注明出处

wifidog报错: Auth server did NOT say pong!

在wifidog启动过程中,我们可能会经常看到这种log:
Auth server did NOT say pong!

这个debug信息是再告诉我们,wifidog的ping协议没有收到来自auth server 的pong 回应。
首先解释下什么是ping协议。这种协议是路由器用来告诉auth server 路由器当前的状态,协议格式:
http://auth_server/ping/?gw_id=xxx&sys_uptime=xxx&sys_memfree&sys_load=xxx&wifidog_uptime=xxx
gw_id是路由器的标识符,sys_uptime是路由器启动时间,sys_memfree是路由器的内存剩余,sys_load是系统负载,wifidog_uptime是wifidog启动时间,路由器将这些信息发送给auth server,server 回"Pong" 来表示server知道这台路由器还在工作。

下面是出现上述log的代码:

do {   
        FD_ZERO(&readfds);   
        FD_SET(sockfd, &readfds);   
        timeout.tv_sec = 30; /* XXX magic... 30 second */   
        timeout.tv_usec = 0;   
        nfds = sockfd + 1;   

        nfds = select(nfds, &readfds, NULL, NULL, &timeout);   

        if (nfds > 0) {   
            /** We don't have to use FD_ISSET() because there  
             *  was only one fd. */   
            numbytes = read(sockfd, request + totalbytes, MAX_BUF - (totalbytes + 1));   
            if (numbytes < 0) {   
                debug(LOG_ERR, "An error occurred while reading from auth server: %s", strerror(errno));   
                /* FIXME */   
                close(sockfd);   
                return;   
            }   
            else if (numbytes == 0) {   
                done = 1;   
            }   
            else {   
                totalbytes += numbytes;   
                debug(LOG_DEBUG, "Read %d bytes, total now %d", numbytes, totalbytes);   
            }   
        }
else if (nfds == 0) {   
            debug(LOG_ERR, "Timed out reading data via select() from auth server");   
            /* FIXME */   
            close(sockfd);   
            return;   
        }   
        else if (nfds < 0) {   
            debug(LOG_ERR, "Error reading data via select() from auth server: %s", strerror(errno));   
            /* FIXME */   
            close(sockfd);   
            return;   
        }   
    } while (!done);   
    close(sockfd);   

    debug(LOG_DEBUG, "Done reading reply, total %d bytes", totalbytes);   

    request[totalbytes] = '\0';   

    debug(LOG_DEBUG, "HTTP Response from Server: [%s]", request);   

    if (strstr(request, "Pong") == 0) {   
        debug(LOG_WARNING, "Auth server did NOT say pong!");   
        /* FIXME */   
    }   
    else {   
        debug(LOG_DEBUG, "Auth Server Says: Pong");   
    }

这段log 出现在wifidog 在接收server 的响应包里没有出现Pong字符串。

本文章由 http://www.wifidog.pro/2015/02/25/wifidog%E7%9A%84ping%E5%8D%8F%E8%AE%AE.html 整理编辑,转载请注明出处

编写自己的WifiDog认证服务器

次我使用的是php来编写auth_server服务器,因为这样比较简单。
1.首先是login.php

<?php
include './tool/MySQLHelper.php';
if (!empty($_GET["mac"])){
    $result = selectMacByToken($_GET["mac"]);
    if (!empty($result)){
        header("location: http://192.168.1.1:2060/wifidog/auth?token=".$result);
    }
    else {
        header("location: http://xxxxx/WelcomePage.php?mac=".$_GET["mac"]);
    }
}
else {
    header("location: http://xxxxx/WelcomePage.php?mac=".$_GET["mac"]);
}
?>

2.ping.php:

<?php  
echo "Pong";  
?>

这里没有做额外的处理,只是简单地向wifidog回应一个Pong。
3.auth.php

<?php
// 后门
if ($_GET["token"] == "123"){
    echo "Auth: 1";
    return;
}

if (!empty($_GET["token"]) && isset($_GET["token"])){
   &nbsp;//获取$result的过程//
    isValidate($result);
   &nbsp;//**后续处理**//
    return;
}
else if((!empty ($_GET["mac"])) && isset($_GET["mac"])){
   &nbsp;//**获取result*//
    $result = isSubscribeByMac($_GET["mac"]);
    isValidate($result);
    return;
}
else
{
    echo "Auth: 0";
}

// 输出是否合法.
function isValidate($result){
    if ($result == 1){
        echo "Auth: 1";
    }
    else {
        echo "Auth: 0";
    }
}
?>

这里根据一些参数来获取$result,从而决定是否允许认证。

本文章由 http://www.wifidog.pro/2015/02/15/wifidog%E8%AE%A4%E8%AF%81%E6%9C%8D%E5%8A%A1%E5%99%A8-2.html 整理编辑,转载请注明出处

  1. 1
  2. ...
  3. 23
  4. 24
  5. 25
  6. 26
  7. 27
  8. 28
  9. 29
  10. ...
  11. 75