openwrt安装wifidog教程

Preparation

Prerequisites

Required Packages

  • iptables-mod-extra
  • iptables-mod-ipopt
  • kmod-ipt-nat
  • iptables-mod-nat-extra
  • libpthread

Installation

opkg update
opkg install wifidog
vi /etc/wifidog.conf
/etc/init.d/wifidog enable
/etc/init.d/wifidog start
netstat -a

You can also run wifidog in foreground/debug mode:

wifidog -f -d 7
  -f means to run in foreground (do not become a background daemon)
  -d 7 increases debug output level to the maximum

Configuration

Start on boot

To enable/disable start on boot:
/etc/init.d/wifidog enable this simply creates a symlink: /etc/rc.d/S?0??? → /etc/init.d/???
/etc/init.d/wifidog disable this removes the symlink again

本文章由 http://www.wifidog.pro/2015/02/27/openwrt%E5%AE%89%E8%A3%85wifidog-2.html 整理编辑,转载请注明出处

install wifidog in linux

Pre-installation

This is where a lot of people run into problems, so let's state this in bold:
MAKE SURE EVERYTHING WORKS FIRST BEFORE INTRODUCING Wifidog INTO THE ENVIRONMENT
That especially means:

  • The router must boot properly
  • The router must bring up the interfaces properly
  • The router must set up the routes properly
  • The router must connect to the internet properly
  • DNS settings must be set or obtained properly. DNS must work.
  • DHCP settings (client, server or both) must be set or obtained properly.
  • The ipt_mac.o kernel module must be loaded.
  • If using NAT, the router must setup NAT/masquerading rules with iptables properly
  • Clients on the desired (WIFI) network must be able to bind, associate, lease and connect the internet properly
  • All the above must happen automatically when the router starts or gets rebooted

Do NOT proceed with installing Wifidog until you've satisfied the above. It will not work otherwise and you will waste lots of time.

Installation

Wifidog, like many open source projects, is distributed with standard autotools utilities to make installation easy. Unpack the tarball (from Sourceforge) or get the lastest source from SVN (see Download menu), then follow the standard:

./autogen.sh
make
make install

If you do not install it with make install, then you will find the compiled wifidog gateway binary in src/wifidog (also don't forget to copy wifidog.conf to /etc).

OpenWrt? ipkg

mkdir ~/wifidog.openwrt
cd ~/wifidog.openwrt
wget http://downloads.openwrt.org/whiterussian/newest/OpenWrt-SDK-Linux-i686-1.tar.bz2
tar -jxvf OpenWrt-SDK-Linux-i686-1.tar.bz2
svn checkout https://dev.wifidog.org/svn/trunk/wifidog
cd wifidog
./autogen.sh
make ipk OPENWRTSDK=~/wifidog.openwrt/OpenWrt-SDK-Linux-i686-1

If there were no errors, your package should be in ~/wifidog.openwrt/OpenWrt-SDK-Linux-i686-1/bin/packages

Configuration

Edit /etc/wifidog.conf and follow the instructions in the file. Things should be self-explanatory.

Running Wifidog for the first time

Run Wifidog with the following switches:

wifidog -f -d 7
  -f means to run in foreground (do not become a background daemon)
  -d 7 increases debug output level to the maximum

Testing

As a client on the WiFi network (or whatever interface is configured as the LAN interface in /etc/wifidog.conf), open a web browser and try to browse to your favourite web site.

Monitor the output of the running Wifidog to see what it's doing.

本文章由 http://www.wifidog.pro/2015/02/27/linux%E5%AE%89%E8%A3%85wifidog%E6%95%99%E7%A8%8B.html 整理编辑,转载请注明出处

公共场所wifi认证解决方案wifidog+authpuppy(2)

二、 配置服务器和插件管理
1、 访问http://localhost ,通过管理员账户登录,配置authserver
1.png

配置完成后再次访问http://localhost 就会出现如下界面
2.png

2、 点击Manageplugins,点击View all available plugins and updates添加插件,点击后发现无法跳转,原因应该是插件的网站被墙了,大家让服务器科学上网一下就可以了。
安装apAuthLocalUserPlugin这个插件,并启用,就可以对登录账号进行管理了,更多插件的使用可以自己慢慢摸索。
3.png

三、 配置网络结点和路由器认证
1、 访问http://localhost 以管理员身份登录,点击Managenodes进行结点的管理,服务器默认为我们创建了一个叫My first node的结点,我们对其进行编辑,修改Name :wifidog,gw id:123456,deployment status 选择Deployed

2、 配置路由器,路由器在编译openwrt固件的时候,makemenuconfig后,在Network–>Captive Portals中选择wifidog.这样在刷完固件后路由器就有wifidog插件了:
4.png

3、 通过命令行访问路由器,windows下可以使用putty登录,执行如下命令,启动wifidog

/etc/init.d/wifidogenable
/etc/init.d/wifidog start

此时会报错,因为此时还没配置好服务器的信息。
4、 编辑/etc/wifidog.conf,window用户如果不会用vi等编辑器,可以使用winscp软件访问并修改,需要配置的主要有三项:

#这个需要与服务器中gw id相对应
GatewayID 123456
#查看自己的路由器进行配置,外网接口
ExternalInterfaceeth0.2
#路由器内网接口
GatewayInterface br-lan
#服务器配置
AuthServer {
    #服务器的ip地址
    Hostname192.168.0.224
    SSLAvailable yes
    Path /
}

5、 重启wifidog,连接该无线网络,开始验证。

四、wifidog的认证需要https的,于是开始安装https服务
1、 安装ssl

sudo apt-get install apache2

複製代碼
2、 开启ssl

sudo a2enmod ssl

複製代碼
3、 重启apache

sudo service apache2 restart

複製代碼
4、 创建一个ssl目录

sudo mkdir /etc/apache2/ssl

複製代碼
5、 创建一个自己认证的证书

sudo openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

複製代碼
输入信息得到:/etc/apache2/ssl/apache.key
7、 配置证书

sudo gedit /etc/apache2/sites-available/default-ssl.conf

複製代碼
8、 在ServerAdmin下添加一行,服务器域名或者ip地址

ServerName 127.0.1.1:443
ServerAlias authpuppy.test<span style="line-height: 1.5; background-color: rgb(255, 255, 255);">                          </span>

複製代碼
并修改如下内容:

SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key

複製代碼
9、 开启ssl并重启apache

sudo a2ensite default-ssl
sudo service apache2 reload

複製代碼
10、 此时访问https://localhost 可以访问,但是localhost下的其他路径时404错误
修改/etc/apache2/sites-enabled/default-ssl.conf 添加443虚拟目录

<VirtualHost *:443>
        DocumentRoot /var/www/html/authpuppy/web
        ServerName authpuppy.localhost
        SSLEngine on
        SSLCertificateFile /etc/apache2/ssl/apache.crt
        SSLCertificateKeyFile /etc/apache2/ssl/apache.key

        DocumentRoot /var/www/html/authpuppy/web
        DirectoryIndex index.php
        <Directory /var/www/html/authpuppy/web/>
               Options Indexes FollowSymLinks MultiViews
               AllowOverride All
               Order allow,deny
               allow from all
        </Directory>
</VirtualHost>

本文章由 http://www.wifidog.pro/2015/02/26/wifidog-authpuppy%E5%AE%89%E8%A3%85-2.html整理编辑,转载请注明出处

公共场所wifi认证解决方案wifidog+authpuppy(1)

服务器:ubuntu 14.04 + authpuppy
路由器:MERCURY MW4530R + wifidog

一、安装authpuppy服务端验证
1、 安装php开发环境:

sudo apt-get install apache2 php5-mysql libapache2-mod-php5 mysql-server

2、 启用apache rewrite,否则会出现(Therequested URL /install/3 was not found on this server.)错误

sudo a2enmod rewrite

3、 到https://launchpad.net/authpuppy 下载最新源码authpuppy-1.0.0-stable,解压并剪切到/var/www/html/authpuppy目录

sudo mv authpuppy /var/www/html/authpuppy

4、 为authpuppy赋予权限

chmod 777 /var/www/html/authpuppy/ -R

5、 修改/etc/apache2/sites-enabled/000-default.conf替换所有内容

sudo gedit /etc/apache2/sites-enabled/000-default.conf

如下:

<VirtualHost *:80>
       ServerAdmin webmaster@localhost
       ServerName authpuppy.localhost
       ServerAlias authpuppy.test

       DocumentRoot /var/www/html/authpuppy/web
       DirectoryIndex index.php
       <Directory /var/www/html/authpuppy/web/>
               Options Indexes FollowSymLinks MultiViews
               AllowOverride All
               Order allow,deny
               allow from all
       </Directory>

       Alias /sf /var/www/html/authpuppy/lib/vendor/symfony/data/web/sf
       <Directory "/var/www/html/authpuppy/lib/vendor/symfony/data/web/sf">
               AllowOverride All
               Allow from All
       </Directory>

       #ErrorLog /var/log/apache2/authpuppy/error.log

       # Possible values include: debug, info, notice, warn, error, crit,
       # alert, emerg.
       LogLevel warn

       #CustomLog /var/log/apache2/authpuppy/access.log combined

  </VirtualHost>

6、 重启apache

sudo service apache2 restart

7、访问http://localhost 出现authpuppy配置页面
1.png

8、 点击下一步继续,这一步会检测系统的环境是否满足authpuppy的要求,不满足的会显示红色,按要求配置好就可以点击下一步了。
2.png

9、创建数据库wifidog,并填写数据库名字、账号密码等信息,此处为了方便,使用root登录,读者可以新建一个user用于访问。
3.png

10、一直点击下一步,直到出现管理员用户配置页面,配置用户信息:
4.png

11、 最后配置成功,出现如下页面,此时authpuppy的基本配置完成:
5.png

12、以后再次访问http://localhost,就会出现如下页面,不需要重新配置了:
6.png

本文章由 http://www.wifidog.pro/2015/02/26/wifidog-authpuppy%E5%AE%89%E8%A3%85-1.html 整理编辑,转载请注明出处