分类 wifidog配置 下的文章

广告路由器开发(一)数据流-wifidog版

最近无事时对广告路由器进行了一个分析
常用的广告路由器一般是通过普通路由器刷openwrt或是ddwrt等固件后安装wifidog组件做的,我们这里分析的即是wifidog加authpuppy
以下数据为截取自authpuppy和wifidog的交互

1.用户请求页面http://www.gov.cn/guowuyuan/2014-09/23/content_2755108.htm  
--------------------------------------------------------------------------------------  
request:  
/login/?gw_address=192.168.4.1&gw_port=2060&gw_id=default&mac=00:0e:c6:f0:06:b2&url=http%3A//www.gov.cn/guowuyuan/2014-09/23/content_2755108.htm  

response:  
<form action="http://192.168.1.251:81/login/?gw_address=192.168.4.1&gw_port=2060&gw_id=default&mac=00:0e:c6:f0:06:b2&url=http%3A//www.gov.cn/guowuyuan/2014-09/23/content_2755108.htm" method="POST">  
    <input type="hidden" name="gw_id" value="default" />  
  <input type="hidden" name="gw_address" value="192.168.4.1" />  
  <input type="hidden" name="gw_port" value="2060" />  
        <input type="hidden" id="authenticators" name="authenticator" value="apAuthLocalUser"/>  
      <div id="authPlugin_apAuthLocalUser" style="display: none">  
            <h1>Local network user authentication</h1>  

                    <input type="submit" name="submit[apAuthLocalUserconnect]" id="submit[apAuthLocalUserconnect]" value="Connect" onClick="deleteLinkElement()" />  
                    <input type="password" name="apAuthLocalUser[password]" value="Pb4AoWdlOhqu4B2T535zDg==" id="apAuthLocalUser_password" />  
                    <label for="apAuthLocalUser_remember_me">Remember me</label>  
                    <input type="checkbox" name="apAuthLocalUser[remember_me]" value="1" checked="checked" id="apAuthLocalUser_remember_me" />  
</form>  

array (  
  'REDIRECT_STATUS' => '200',  
  'HTTP_HOST' => '192.168.1.251:81',  
  'HTTP_ACCEPT' => 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',  
  'HTTP_COOKIE' => 'authpuppy=usb6bslekske7ek5rlorknvf43; localUserCookie=226f362768d281ff14cf428fa3c3b8c87a6c4834',  
  'HTTP_USER_AGENT' => 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/600.1.17 (KHTML, like Gecko) Version/7.1 Safari/537.85.10',  
  'HTTP_REFERER' => 'http://news.baidu.com/',  
  'SCRIPT_FILENAME' => 'F:/phpStudyAll/WWW/authpuppy/web/index.php',  
  'REMOTE_PORT' => '53961',  
  'REDIRECT_QUERY_STRING' => 'gw_address=192.168.4.1&gw_port=2060&gw_id=default&mac=00:0e:c6:f0:06:b2&url=http%3A//www.gov.cn/guowuyuan/2014-09/23/content_2755108.htm',  
  'REDIRECT_URL' => '/login/',  
  'GATEWAY_INTERFACE' => 'CGI/1.1',  
  'SERVER_PROTOCOL' => 'HTTP/1.1',  
  'REQUEST_METHOD' => 'GET',  
  'QUERY_STRING' => 'gw_address=192.168.4.1&gw_port=2060&gw_id=default&mac=00:0e:c6:f0:06:b2&url=http%3A//www.gov.cn/guowuyuan/2014-09/23/content_2755108.htm',  
  'REQUEST_URI' => '/login/?gw_address=192.168.4.1&gw_port=2060&gw_id=default&mac=00:0e:c6:f0:06:b2&url=http%3A//www.gov.cn/guowuyuan/2014-09/23/content_2755108.htm',  
)  
++++++++++++++++++++++++++++++++++++++++++++++++  


2.登录成功以后而返回如下  
--------------------------------------------------------------------------------------  
request:  
/login/?gw_address=192.168.4.1&gw_port=2060&gw_id=default&mac=00:0e:c6:f0:06:b2&url=http%3A//www.gov.cn/guowuyuan/2014-09/23/content_2755108.htm  

response:  
<html><head><meta http-equiv="refresh" content="0;url=http://192.168.4.1:2060/wifidog/auth?token=60bb7efe229270c4d6d36ed60bb5e98886900126"/></head></html>  

array (  
  'REDIRECT_STATUS' => '200',  
  'HTTP_HOST' => '192.168.1.251:81',  
  'CONTENT_TYPE' => 'application/x-www-form-urlencoded',  
  'HTTP_ORIGIN' => 'http://192.168.1.251:81',  
  'HTTP_COOKIE' => 'authpuppy=usb6bslekske7ek5rlorknvf43; localUserCookie=226f362768d281ff14cf428fa3c3b8c87a6c4834',  
  'HTTP_USER_AGENT' => 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/600.1.17 (KHTML, like Gecko) Version/7.1 Safari/537.85.10',  
  'HTTP_REFERER' => 'http://192.168.1.251:81/login/?gw_address=192.168.4.1&gw_port=2060&gw_id=default&mac=00:0e:c6:f0:06:b2&url=http%3A//www.gov.cn/guowuyuan/2014-09/23/content_2755108.htm',  
  'HTTP_ACCEPT_LANGUAGE' => 'en-us',  
  'HTTP_ACCEPT_ENCODING' => 'gzip, deflate',  
  'REMOTE_ADDR' => '192.168.1.106',  
  'REMOTE_PORT' => '53950',  
  'REDIRECT_QUERY_STRING' => 'gw_address=192.168.4.1&gw_port=2060&gw_id=default&mac=00:0e:c6:f0:06:b2&url=http%3A//www.gov.cn/guowuyuan/2014-09/23/content_2755108.htm',  
  'REDIRECT_URL' => '/login/',  
  'GATEWAY_INTERFACE' => 'CGI/1.1',  
  'SERVER_PROTOCOL' => 'HTTP/1.1',  
  'REQUEST_METHOD' => 'POST',  
  'QUERY_STRING' => 'gw_address=192.168.4.1&gw_port=2060&gw_id=default&mac=00:0e:c6:f0:06:b2&url=http%3A//www.gov.cn/guowuyuan/2014-09/23/content_2755108.htm',  
  'REQUEST_URI' => '/login/?gw_address=192.168.4.1&gw_port=2060&gw_id=default&mac=00:0e:c6:f0:06:b2&url=http%3A//www.gov.cn/guowuyuan/2014-09/23/content_2755108.htm',  
  'REQUEST_TIME' => 1411547194,  
)  
++++++++++++++++++++++++++++++++++++++++++++++++  

3. 在2中进行跳转后则WiFiDog服务器向授权服务器端发送GET授权请求 若成功则而返回Auth: 1  
--------------------------------------------------------------------------------------  
request:  
/auth/?stage=login&ip=192.168.4.186&mac=00:0e:c6:f0:06:b2&token=60bb7efe229270c4d6d36ed60bb5e98886900126&incoming=0&outgoing=0&gw_id=default  

response://千万要注意这里Auth:与1之间有一个空格否则不能通过验证  
Auth: 1  

array (  
  'REDIRECT_STATUS' => '200',  
  'HTTP_USER_AGENT' => 'WiFiDog 20130917',  
  'HTTP_HOST' => '192.168.1.251',  
  'SERVER_PORT' => '81',  
  'REMOTE_ADDR' => '192.168.1.106',  
  'REMOTE_PORT' => '33264',  
  'REDIRECT_QUERY_STRING' => 'stage=login&ip=192.168.4.186&mac=00:0e:c6:f0:06:b2&token=60bb7efe229270c4d6d36ed60bb5e98886900126&incoming=0&outgoing=0&gw_id=default',  
  'REDIRECT_URL' => '/auth/',  
  'GATEWAY_INTERFACE' => 'CGI/1.1',  
  'SERVER_PROTOCOL' => 'HTTP/1.0',  
  'REQUEST_METHOD' => 'GET',  
  'QUERY_STRING' => 'stage=login&ip=192.168.4.186&mac=00:0e:c6:f0:06:b2&token=60bb7efe229270c4d6d36ed60bb5e98886900126&incoming=0&outgoing=0&gw_id=default',  
  'REQUEST_URI' => '/auth/?stage=login&ip=192.168.4.186&mac=00:0e:c6:f0:06:b2&token=60bb7efe229270c4d6d36ed60bb5e98886900126&incoming=0&outgoing=0&gw_id=default',  
  'REQUEST_TIME' => 1411547194,  
)  
++++++++++++++++++++++++++++++++++++++++++++++++  

4.WiFiDog在接收到Auth:1之后向服务器端发送/portal/?gw_id=default的GET请求 授权服务器返回立即跳转的页面如下:  
--------------------------------------------------------------------------------------  
request:  
/portal/?gw_id=default  

reponse:  
<html><head><meta http-equiv="refresh" content="0;url=http://www.gov.cn/guowuyuan/2014-09/23/content_2755108.htm"/></head></html>  

array (  
  'REDIRECT_STATUS' => '200',  
  'HTTP_HOST' => '192.168.1.251:81',  
  'HTTP_ORIGIN' => 'http://192.168.1.251:81',  
  'HTTP_COOKIE' => 'authpuppy=usb6bslekske7ek5rlorknvf43; localUserCookie=226f362768d281ff14cf428fa3c3b8c87a6c4834',  
  'HTTP_CONNECTION' => 'keep-alive',  
  'HTTP_ACCEPT' => 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',  
  'HTTP_USER_AGENT' => 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/600.1.17 (KHTML, like Gecko) Version/7.1 Safari/537.85.10',  
  'HTTP_ACCEPT_LANGUAGE' => 'en-us',  
  'HTTP_REFERER' => 'http://192.168.1.251:81/login/?gw_address=192.168.4.1&gw_port=2060&gw_id=default&mac=00:0e:c6:f0:06:b2&url=http%3A//www.gov.cn/guowuyuan/2014-09/23/content_2755108.htm',  
  'HTTP_ACCEPT_ENCODING' => 'gzip, deflate',  
  'REDIRECT_QUERY_STRING' => 'gw_id=default',  
  'REDIRECT_URL' => '/portal/',  
  'GATEWAY_INTERFACE' => 'CGI/1.1',  
  'SERVER_PROTOCOL' => 'HTTP/1.1',  
  'REQUEST_METHOD' => 'GET',  
  'QUERY_STRING' => 'gw_id=default',  
  'REQUEST_URI' => '/portal/?gw_id=default',  
  'SCRIPT_NAME' => '/index.php',  
  'PHP_SELF' => '/index.php',  
  'REQUEST_TIME' => 1411547194,  
)  
++++++++++++++++++++++++++++++++++++++++++++++++  

5.WiFiDog服务器向授权服务器发送ping操作请求 服务器端通过后发送Pong响应串(纯文本)  
--------------------------------------------------------------------------------------  
request:  
/ping/?gw_id=default&sys_uptime=28824&sys_memfree=99284&sys_load=0.08&wifidog_uptime=61  

response:  
Pong  


array (  
  'REDIRECT_STATUS' => '200',  
  'HTTP_USER_AGENT' => 'WiFiDog 20130917',  
  'HTTP_HOST' => '192.168.1.251',  
  'SERVER_SIGNATURE' => '',  
  'SERVER_SOFTWARE' => 'Apache/2.4.9 (Win32) OpenSSL/0.9.8y PHP/5.3.28',  
  'SERVER_NAME' => '192.168.1.251',  
  'SERVER_ADDR' => '192.168.1.251',  
  'SERVER_PORT' => '81',  
  'REMOTE_ADDR' => '192.168.1.106',  
  'DOCUMENT_ROOT' => 'F:/phpStudyAll/WWW/authpuppy/web',  
  'REQUEST_SCHEME' => 'http',  
  'CONTEXT_PREFIX' => '',  
  'CONTEXT_DOCUMENT_ROOT' => 'F:/phpStudyAll/WWW/authpuppy/web',  
  'SERVER_ADMIN' => 'admin@phpStudy.net',  
  'SCRIPT_FILENAME' => 'F:/phpStudyAll/WWW/authpuppy/web/index.php',  
  'REMOTE_PORT' => '33265',  
  'REDIRECT_QUERY_STRING' => 'gw_id=default&sys_uptime=28824&sys_memfree=99284&sys_load=0.08&wifidog_uptime=61',  
  'REDIRECT_URL' => '/ping/',  
  'GATEWAY_INTERFACE' => 'CGI/1.1',  
  'SERVER_PROTOCOL' => 'HTTP/1.0',  
  'REQUEST_METHOD' => 'GET',  
  'QUERY_STRING' => 'gw_id=default&sys_uptime=28824&sys_memfree=99284&sys_load=0.08&wifidog_uptime=61',  
  'REQUEST_URI' => '/ping/?gw_id=default&sys_uptime=28824&sys_memfree=99284&sys_load=0.08&wifidog_uptime=61',  
  'SCRIPT_NAME' => '/index.php',  
  'PHP_SELF' => '/index.php',  
  'REQUEST_TIME' => 1411547224,  
)  
++++++++++++++++++++++++++++++++++++++++++++++++  

6.WiFiDog向服务器发送计费通知  
--------------------------------------------------------------------------------------  

request:  
/auth/?stage=counters&ip=192.168.4.186&mac=00:0e:c6:f0:06:b2&token=60bb7efe229270c4d6d36ed60bb5e98886900126&incoming=4660796&outgoing=192338&gw_id=default  

response:  
Auth: 1//中间一定要有一个空格  

array (  
  'REDIRECT_STATUS' => '200',  
  'HTTP_USER_AGENT' => 'WiFiDog 20130917',  
  'HTTP_HOST' => '192.168.1.251',  
  'SERVER_NAME' => '192.168.1.251',  
  'SERVER_ADDR' => '192.168.1.251',  
  'SERVER_PORT' => '81',  
  'REMOTE_ADDR' => '192.168.1.106',  
  'REMOTE_PORT' => '33266',  
  'REDIRECT_QUERY_STRING' => 'stage=counters&ip=192.168.4.186&mac=00:0e:c6:f0:06:b2&token=60bb7efe229270c4d6d36ed60bb5e98886900126&incoming=4660796&outgoing=192338&gw_id=default',  
  'REDIRECT_URL' => '/auth/',  
  'GATEWAY_INTERFACE' => 'CGI/1.1',  
  'SERVER_PROTOCOL' => 'HTTP/1.0',  
  'REQUEST_METHOD' => 'GET',  
  'QUERY_STRING' => 'stage=counters&ip=192.168.4.186&mac=00:0e:c6:f0:06:b2&token=60bb7efe229270c4d6d36ed60bb5e98886900126&incoming=4660796&outgoing=192338&gw_id=default',  
  'REQUEST_URI' => '/auth/?stage=counters&ip=192.168.4.186&mac=00:0e:c6:f0:06:b2&token=60bb7efe229270c4d6d36ed60bb5e98886900126&incoming=4660796&outgoing=192338&gw_id=default'  
)  
++++++++++++++++++++++++++++++++++++++++++++++++  

7.退出登录  
--------------------------------------------------------------------------------------  

request:  
/auth/?stage=logout&ip=192.168.4.186&mac=00:0e:c6:f0:06:b2&token=60bb7efe229270c4d6d36ed60bb5e98886900126&incoming=0&outgoing=0&gw_id=default  

response:  
Auth: 0  

array (  
  'REDIRECT_STATUS' => '200',  
  'HTTP_USER_AGENT' => 'WiFiDog 20130917',  
  'HTTP_HOST' => '192.168.1.251',  
  'SERVER_NAME' => '192.168.1.251',  
  'SERVER_ADDR' => '192.168.1.251',  
  'SERVER_PORT' => '81',  
  'REMOTE_ADDR' => '192.168.1.106',  
  'REQUEST_SCHEME' => 'http',  
  'CONTEXT_PREFIX' => '','stage=logout&ip=192.168.4.186&mac=00:0e:c6:f0:06:b2&token=60bb7efe229270c4d6d36ed60bb5e98886900126&incoming=0&outgoing=0&gw_id=default',  
  'REDIRECT_URL' => '/auth/',  
  'GATEWAY_INTERFACE' => 'CGI/1.1',  
  'SERVER_PROTOCOL' => 'HTTP/1.0',  
  'REQUEST_METHOD' => 'GET',  
  'QUERY_STRING' => 'stage=logout&ip=192.168.4.186&mac=00:0e:c6:f0:06:b2&token=60bb7efe229270c4d6d36ed60bb5e98886900126&incoming=0&outgoing=0&gw_id=default',  
  'REQUEST_URI' => '/auth/?stage=logout&ip=192.168.4.186&mac=00:0e:c6:f0:06:b2&token=60bb7efe229270c4d6d36ed60bb5e98886900126&incoming=0&outgoing=0&gw_id=default',  
  'SCRIPT_NAME' => '/index.php',  
  'PHP_SELF' => '/index.php',  
  'REQUEST_TIME' => 1411549984,  
)  
++++++++++++++++++++++++++++++++++++++++++++++++  

本文章由 http://www.wifidog.pro/2015/01/30/wifidog%E6%95%B0%E6%8D%AE%E6%B5%81.html 整理编辑,转载请注明出处

wifidog lua字符匹配

匹配下列格式的数据中的 source和MAC地址:

Chain WiFiDog_br-lan_Outgoing (1 references)  
    pkts      bytes target     prot opt in     out     source               destination           
     705   109595 MARK       all  --  *      *       10.1.1.191           0.0.0.0/0            MAC C4:6A:B7:6F:7A:AB MARK or 0x200  
     705   109595 MARK       all  --  *      *       10.1.1.192           0.0.0.0/0            MAC C4:6A:B7:6F:7A:BB MARK or 0x200  
     705   109595 MARK       all  --  *      *       10.1.1.193           0.0.0.0/0            MAC C4:6A:B7:6F:7A:CB MARK or 0x200  
     705   109595 MARK       all  --  *      *       10.1.1.194           0.0.0.0/0            MAC C4:6A:B7:6F:7A:DB MARK or 0x200  

简单实现如下,在已知格式的情况下,使用最简单快捷的方式来解决问题。

local file  

file = io.open("format", "r")  

for line in file:lines() do  
    print(string.match(line, "%d+.%d+.%d+.%d+"))  
    print(string.match(line, "%x+:%x+:%x+:%x+:%x+:%x+"))  
end  
file:close()  

执行结果如下

>lua -e "io.stdout:setvbuf 'no'" "match.lua" 
nil
nil
nil
nil
10.1.1.191
C4:6A:B7:6F:7A:AB
10.1.1.192
C4:6A:B7:6F:7A:BB
10.1.1.193
C4:6A:B7:6F:7A:CB
10.1.1.194
C4:6A:B7:6F:7A:DB
>Exit code: 0

原理如下:

http://www.cnitblog.com/kenlistian/archive/2008/10/15/50292.html

本文章由 http://www.wifidog.pro/2015/01/29/wifidog-lua.html 整理编辑,转载请注明出处

搭建专业商用WIFI热点

在国外一些酒店、餐厅、咖啡厅、商业中心或其他的商家,经常可以看到客人使用笔记本或手机使用商家提供的无线Wifi网络上网。这是一个非常好的手段,客人得到了便利,商家赢得了客流。

其实,架设一个普通的家用WiFi热点是非常简单的。用一个普通的无线路由器(Wireless Router)就可以实现。但是在商业场合,这种方式往往就不能满足需求了。因为,普通家用的开放式的WiFi热点没有安全验证机制,任何用户都可以使用热点,甚至是商家以外的用户也可以“蹭网”。这就大大影响了网络热点的安全性和网络的稳定性。即使用WEP或WAP等验证方式也难以完全保证热点的安全性,而且也会大大限制了热点的便利性。而商用WiFi热点的构筑则是完全不一样的概念。

创建专业的商用WiFi热点的做法是,为欲使用热点的用户提供一个Web认证页面,一般是用强制网络门户系统(Captive Portal)/热点管理系统来实现的。以此认证页面为基础提供对用户多元化的认证方式。用户只有通过认证后,才能接入Wifi热点以使用Internet。同时,商家也可利用强制网络门户系统的后台实现与客户的一定互动。例如,可以在用户认证前向用户提示热点使用协议;或者发布商家或赞助商的广告;向客户推送商家最新促销信息等。甚至,还可以要求热点用户在线支付一定费用后才允许接入热点等等。一般,商家还可在强制网络门户系统的后台实现一些高级安全设置。如,客户端黑名单限制,地址限制,流量控制等。

架设这样的强制网络门户/热点管理系统有多种方法。但技术原理都是类似的,一般需要一个防火墙/网关系统,一个用于认证管理和控制的后台系统。
常见的技术解决方案有NoCat、Wifidog、Chillispot等。这类系统的构筑都分别有各种系统需求和构筑方法,由于构成的组件和子系统比较多,所以相对都比较繁琐。

此外,也有一些整套的服务商解决方案,比如FON,Wiwiz,ile sans fil,Sputnik和FreeSpot等。相对配置简单很多,用户一般只需要购买这些服务商提供的无线路由器设备或自行配置网关设备即可,而后台系统可使用这些服务商提供的后台服务。

这里着重介绍一下Wiwiz,因为Wiwiz是一个开放式的系统,不仅有中文版,安装配置的方式也最为灵活。最方便的是Wiwiz可以使用用户现有的无线路由器或AP设备。如果无线路由器已经安装或支持DD-WRT固件,只需要简单的设置即可。如果用户的无线路由器不支持DD-WRT,还可以使用用户的本地计算机或虚拟机。

笔者进行了对Wiwiz系统试验。因为笔者的无线路由器并不支持DD-WRT,所以笔者采用了虚拟机的安装方式。

介绍一下系统环境。计算机采用普通家用PC机,Windows XP SP2系统。Internet连接采用的是联通的ADSL接入。普通无线路由器一台。

首先,将ADSL调制解调器的网线另一端连接着无线路由器的WAN/Internet口。将另一根网线的一端插入无线路由器的一个LAN口,另一端接到PC的以太网插口。然后,设置无线路由器。在PC上打开浏览器,访问192.168.1.1,输入用户名密码后即可打开路由器的设置页面。设置好ADSL连接后,PC就可以正常访问Internet了。

接下来就要安装和配置Wiwiz的客户端了。因为是采用虚拟机的安装方式,所以先要下载并安装一个虚拟机软件。笔者使用的是免费的VMWare Player。下载之后直接打开安装程序并按照提示的步骤完成安装即可。

然后,下载Wiwiz的虚拟机镜像文件。在Wiwiz官网的下载页面有下载链接。镜像文件为Zip格式,大约180MB。下载后解压缩。双击后缀为.vmx的文件后,VMWare Player就会自动启动这个虚拟机镜像了,然后立即会看到一个提示,选择Keep。接着会看到一个Linux系统正在启动。

当启动完成后,点击虚拟机的界面以进入操作环境。此处要求用户登录系统,默认的用户名是root,密码为wiwiz-user。然后输入命令/usr/local/hsbuilder/hsbuilder_setup.sh setup ,并按回车。

之后一路回车,直到出现设置成功的提示。此时就已经大功告成了。

最后,用一台有无限网卡的电脑(或者有Wifi功能的手机)测试一下。在测试用的电脑上连接笔者的无线路由器的热点,连接成功后,打开任何一个网址都会见到默认认证页面。

因为笔者在虚拟机中执行设置的命令时使用的都是默认的配置,所以显示的热点认证页面也是默认的。其实,用户可以使用Wiwiz的服务后台创建并定制自己的热点。包括认证方式、是否付费及费率、认证页面的外观样式、颜色、图片以及服务条款等都可以进行定制。同时,还有一些高级权限控制的功能。专业版的用户(付费用户)还可以进行更高级别的设置并使用一些附加功能。详细的内容可以参考Wiwiz的官方网站(www.wiwiz.com)。这里就不做深入讲解了。

本文章由 http://www.wifidog.pro/2015/01/29/%E5%95%86%E7%94%A8wifi.html 整理编辑,转载请注明出处

WifiDog移植到Ralink_ApSoC_SDK_4210过程记录

configure的配置体系过于复杂,没有弄懂,只好动用brute force了。
借鉴了Ralink_ApSoC_SDK_4210(以后简称SDK)中ntfs-3g、snmpd的结构和Makefile
顶层Makefile内容:

#manfeel, port wifidog to ralink sdk
DIRS = libhttpd src

all romfs:
    for i in $(DIRS) ; do make -C $$i $@ || exit $?; done

clean:
    for i in $(DIRS) ; do make -C $$i clean ; done

libhttpd中的Makefile内容:

#manfeel, port wifidog to ralink sdk
OBJS = api.o ip_acl.o protocol.o version.o

LIBRARY = libhttpd.a

all: $(LIBRARY)

test:

romfs:

$(LIBRARY): $(OBJS)
    $(AR) rcv $@ $(OBJS)
    -$(RANLIB) $@

clean::
    $(RM) $(OBJS) $(LIBRARY)

src中的Makefile内容:

#manfeel, port wifidog to ralink sdk
WIFIDOG_OBJS =     auth.o client_list.o conf.o firewall.o gateway.o httpd_thread.o safe.o \
                centralserver.o  commandline.o  debug.o  fw_iptables.o  http.o     ping_thread.o   util.o  wdctl_thread.o

WDCTL_OBJS = wdctl.o

CFLAGS += -I../libhttpd 

USELIBS = ../libhttpd/libhttpd.a $(ROOTDIR)/lib/libpthread/libpthread.a

all: wifidog wdctl

test:

wifidog: $(WIFIDOG_OBJS) $(USELIBS)
    $(CC) $(LDFLAGS) -static -o $@ $(WIFIDOG_OBJS) $(USELIBS) $(LDLIBS)

wdctl: $(WDCTL_OBJS)
    $(CC) $(LDFLAGS) -static -o $@ $(WDCTL_OBJS) $(LDLIBS)

romfs:
    $(ROMFSINST) /usr/bin/wifidog
    $(ROMFSINST) /usr/bin/wdctl
    $(ROMFSINST) ../fs/wifidog-init /usr/bin/wifidog-init
    $(ROMFSINST) ../fs/wifidog.conf /etc_ro/wifidog.conf
    $(ROMFSINST) ../fs/wifidog-msg.html /etc_ro/wifidog-msg.html
    mkdir -p $(ROOTDIR)/romfs/etc_ro/init.d
    $(ROMFSINST) ../fs/init.d/wifidog /etc_ro/init.d/wifidog

clean:
    -rm -f $(EXEC) *.gdb *.elf *.o

注意:
1.SDK中没有init.d目录,只有/etc_ro/rcS脚本:
2.romfs中的内容,由vendors/Ralink/MT7620中的Makefile生成
3.ln命令默认没有打开!要在busybox的Coreutils里面打开。
4.rcS中加入wifidog相关内容

#!/bin/sh
mount -a
mkdir -p /var/run
cat /etc_ro/motd
#manfeel added

if [ ! -e /etc/wifidog.conf ] ; then
    ln -s /etc_ro/wifidog-msg.html /etc/wifidog-msg.html
    cp /etc_ro/wifidog.conf /etc/wifidog.conf
fi

nvram_daemon&

# run wifidog background and wait goahead finished
# but the following line does'nt work, cause goahead never finish
#(goahead& wait) && wifidog&

(sleep 30 & wait) && wifidog

#for telnet debugging
telnetd

#for syslogd
mkdir -p /var/log

#for cpe_app
ln -s /etc_ro/init.d /etc/init.d
ln -s /etc_ro/cron /etc/cron

编译之后,运行,发现iptables报错,原来是内核的iptables配置不全。

iptables v1.4.10: can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
修改内核:

CONFIG_IP_NF_FILTER:                                                                                                                     │  
  │                                                                                                                                          │  
  │ Packet filtering defines a table `filter', which has a series of                                                                         │  
  │ rules for simple packet filtering at local input, forwarding and                                                                         │  
  │ local output.  See the man page for iptables(8).                                                                                         │  
  │                                                                                                                                          │  
  │ To compile it as a module, choose M here.  If unsure, say N.                                                                             │  
  │                                                                                                                                          │  
  │ Symbol: IP_NF_FILTER [=y]                                                                                                                │  
  │ Type  : tristate                                                                                                                         │  
  │ Prompt: Packet filtering                                                                                                                 │  
  │   Defined at net/ipv4/netfilter/Kconfig:106                                                                                              │  
  │   Depends on: NET [=y] && INET [=y] && NETFILTER [=y] && IP_NF_IPTABLES [=y]                                                             │  
  │   Location:                                                                                                                              │  
  │     -> Networking support (NET [=y])                                                                                                     │  
  │       -> Networking options                                                                                                              │  
  │         -> Network packet filtering framework (Netfilter) (NETFILTER [=y])                                                               │  
  │           -> IP: Netfilter Configuration                                                                                                 │  
  │             -> IP tables support (required for filtering/masq/NAT) (IP_NF_IPTABLES [=y])   

<*>   Packet filtering
<*>     REDIRECT target support 
<*>   Packet mangling 

烧录运行,又报:iptables: No chain/target/match by that name.

Symbol: NETFILTER_XT_MATCH_STATE [=n]                                                                                                    │  
 │ Type  : tristate                                                                                                                         │  
 │ Prompt: "state" match support                                                                                                            │  
 │   Defined at net/netfilter/Kconfig:979                                                                                                   │  
 │   Depends on: NET [=y] && INET [=y] && NETFILTER [=y] && NETFILTER_XTABLES [=y] && NF_CONNTRACK [=y]                                     │  
 │   Location:                                                                                                                              │  
 │     -> Networking support (NET [=y])                                                                                                     │  
 │       -> Networking options                                                                                                              │  
 │         -> Network packet filtering framework (Netfilter) (NETFILTER [=y])                                                               │  
 │           -> Core Netfilter Configuration                                                                                                │  
 │             -> Netfilter Xtables support (required for ip_tables) (NETFILTER_XTABLES [=y])                                               │ 

1.png

MARK,MAC都要选中,
Xtables matches 的所有match support最好全选中.
<*> "state" match support 必须选中(因为wifidog要用到-m state)

至此,整个移植过程结束。

本文章由 http://www.wifidog.pro/2015/01/27/wifidog%E7%A7%BB%E6%A4%8Dmtk.html 整理编辑,转载请注明出处