sudo apt-get install apache2
sudo apt-get install php5

These following commands are optionnals but may be help a lot.
sudo apt-get update
sudo apt-get upgrade --show-upgraded
end of optionnal commands

sudo apt-get install postgresql postgresql-contrib (if you plan to use postresql database)
or
sudo apt-get install mysql-server (if you plan to use mysql database)

*** Both of them (mysql or postgres) are on the same level. Using one of them is only a question of choice ***

sudo apt-get install php5-dev
sudo apt-get install php-pear
sudo apt-get install apache2-prefork-dev build-essential
pecl install apc

in the dynamic extensions part of php.ini
add extension=apc.so in /etc/php5/apache2/php.ini
add extension=apc.so in /etc/php5/cli/php.ini

change short_open_tag=on to off in php.ini (apache dir and cli dir)

by doing
sudo nano /etc/php5/apache2/php.ini
ctrl o ctrl x when everything is written

sudo nano /etc/php5/cli/php.ini
ctrl o ctrl x when everything is written

add subdirectory "authpuppy" in /var/log/apache2
by doing this
cd /var/log/apache2
sudo mkdir authpuppy
cd /

sudo a2enmod rewrite
sudo /etc/init.d/apache2 restart

sudo apt-get install php5-pgsqlp (if you are using postgresql database)
sudo apt-get install php5-mysql (if you are using mysql database)

To make sure that pdo and pdo-mysql or pdo and pdo-pgsql are correctly installed
type this command

sudo php -m

and you should see them among all the php5 modules installed.

sudo apt-get install php5-curl
sudo apt-get install php5-xsl

download last version of authpuppy, copy it in the root tmp dir

cd /tmp
sudo tar xvzf authpuppy--_.tgz
sudo mv authpuppy /var/www/

add these following lines in httpd.conf in the /etc/apache2 directory
by doing
sudo nano /etc/apache2/httpd.conf and copy and paste these following lines

<VirtualHost *:80>
       ServerAdmin webmaster@localhost
       ServerName authpuppy.localhost
       ServerAlias authpuppy.test

       DocumentRoot /var/www/authpuppy/web
       DirectoryIndex index.php
       <Directory /var/www/authpuppy/web/>
               Options Indexes FollowSymLinks MultiViews
               AllowOverride All
               Order allow,deny
               allow from all
       </Directory>

       Alias /sf /var/www/authpuppy/lib/vendor/symfony/data/web/sf
       <Directory "/var/www/authpuppy/lib/vendor/symfony/data/web/sf">
               AllowOverride All
               Allow from All
       </Directory>

       ErrorLog /var/log/apache2/authpuppy/error.log

       # Possible values include: debug, info, notice, warn, error, crit,
       # alert, emerg.
       LogLevel warn

       CustomLog /var/log/apache2/authpuppy/access.log combined

</VirtualHost>

ctrl-o ctrl-x

Note : To make sure that authpuppy will be launched correctly, it can help that the hosts
file in /etc directory have this line

127.0.0.1 authpuppy.localhost

by doing
sudo nano /etc/hosts
ctrl-o ctrl-x
Now, do these commands in terminal :

cd /var/www/authpuppy

sudo chown -R a+w config
sudo chown -R www-data cache
sudo chown -R www-data log
sudo chown -R www-data data
sudo chown -R www-data plugins
sudo chown -R www-data web

cd /

if you are using postgresql :

sudo -s -u postgres
createuser authpuppy --pwprompt
type n for each questions
createdb authpuppy --encoding=UTF-8 --owner=authpuppy

Type exit

if you are using mysql

user@yourserver $> mysqladmin -uroot -p create authpuppy
Enter password: #Enter the root password
user@yourserver $> mysql -uroot -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 45
Server version: 5.0.51a-3ubuntu5.5 (Ubuntu)

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> create user 'authpuppy'@'localhost' identified by 'authpuppydev';
Query OK, 0 rows affected (0.21 sec)

mysql> grant all privileges on authpuppy.* to 'authpuppy'@'localhost'
with grant option;
Query OK, 0 rows affected (0.02 sec)

Type exit

Everything's may be ok now.

To make sure that you have a proper and clean installation
type :

symfony cc

in the /var/wwww/authpuppy directory.

Use your internet browser and type : http://authpuppy.localhost

Do not use chromium browser, there's a bug in it about opening local web server

本文章由 http://www.wifidog.pro/2015/02/25/Debian-install-authpuppy.html 整理编辑，转载请注明出处

在wifidog启动过程中，我们可能会经常看到这种log：
Auth server did NOT say pong!

这个debug信息是再告诉我们，wifidog的ping协议没有收到来自auth server 的pong 回应。
首先解释下什么是ping协议。这种协议是路由器用来告诉auth server 路由器当前的状态，协议格式：
http://auth_server/ping/?gw_id=xxx&sys_uptime=xxx&sys_memfree&sys_load=xxx&wifidog_uptime=xxx
gw_id是路由器的标识符，sys_uptime是路由器启动时间，sys_memfree是路由器的内存剩余，sys_load是系统负载,wifidog_uptime是wifidog启动时间，路由器将这些信息发送给auth server，server 回"Pong" 来表示server知道这台路由器还在工作。

下面是出现上述log的代码：

do {   
        FD_ZERO(&readfds);   
        FD_SET(sockfd, &readfds);   
        timeout.tv_sec = 30; /* XXX magic... 30 second */   
        timeout.tv_usec = 0;   
        nfds = sockfd + 1;   

        nfds = select(nfds, &readfds, NULL, NULL, &timeout);   

        if (nfds > 0) {   
            /** We don't have to use FD_ISSET() because there  
             *  was only one fd. */   
            numbytes = read(sockfd, request + totalbytes, MAX_BUF - (totalbytes + 1));   
            if (numbytes < 0) {   
                debug(LOG_ERR, "An error occurred while reading from auth server: %s", strerror(errno));   
                /* FIXME */   
                close(sockfd);   
                return;   
            }   
            else if (numbytes == 0) {   
                done = 1;   
            }   
            else {   
                totalbytes += numbytes;   
                debug(LOG_DEBUG, "Read %d bytes, total now %d", numbytes, totalbytes);   
            }   
        }
else if (nfds == 0) {   
            debug(LOG_ERR, "Timed out reading data via select() from auth server");   
            /* FIXME */   
            close(sockfd);   
            return;   
        }   
        else if (nfds < 0) {   
            debug(LOG_ERR, "Error reading data via select() from auth server: %s", strerror(errno));   
            /* FIXME */   
            close(sockfd);   
            return;   
        }   
    } while (!done);   
    close(sockfd);   

    debug(LOG_DEBUG, "Done reading reply, total %d bytes", totalbytes);   

    request[totalbytes] = '\0';   

    debug(LOG_DEBUG, "HTTP Response from Server: [%s]", request);   

    if (strstr(request, "Pong") == 0) {   
        debug(LOG_WARNING, "Auth server did NOT say pong!");   
        /* FIXME */   
    }   
    else {   
        debug(LOG_DEBUG, "Auth Server Says: Pong");   
    }

这段log 出现在wifidog 在接收server 的响应包里没有出现Pong字符串。

本文章由 http://www.wifidog.pro/2015/02/25/wifidog%E7%9A%84ping%E5%8D%8F%E8%AE%AE.html 整理编辑，转载请注明出处

次我使用的是php来编写auth_server服务器，因为这样比较简单。
1.首先是login.php

<?php
include './tool/MySQLHelper.php';
if (!empty($_GET["mac"])){
    $result = selectMacByToken($_GET["mac"]);
    if (!empty($result)){
        header("location: http://192.168.1.1:2060/wifidog/auth?token=".$result);
    }
    else {
        header("location: http://xxxxx/WelcomePage.php?mac=".$_GET["mac"]);
    }
}
else {
    header("location: http://xxxxx/WelcomePage.php?mac=".$_GET["mac"]);
}
?>

2.ping.php:

<?php  
echo "Pong";  
?>  

这里没有做额外的处理，只是简单地向wifidog回应一个Pong。
3.auth.php

<?php
// 后门
if ($_GET["token"] == "123"){
    echo "Auth: 1";
    return;
}

if (!empty($_GET["token"]) && isset($_GET["token"])){
   &nbsp;//获取$result的过程//
    isValidate($result);
   &nbsp;//**后续处理**//
    return;
}
else if((!empty ($_GET["mac"])) && isset($_GET["mac"])){
   &nbsp;//**获取result*//
    $result = isSubscribeByMac($_GET["mac"]);
    isValidate($result);
    return;
}
else
{
    echo "Auth: 0";
}

// 输出是否合法.
function isValidate($result){
    if ($result == 1){
        echo "Auth: 1";
    }
    else {
        echo "Auth: 0";
    }
}
?>

这里根据一些参数来获取$result，从而决定是否允许认证。

本文章由 http://www.wifidog.pro/2015/02/15/wifidog%E8%AE%A4%E8%AF%81%E6%9C%8D%E5%8A%A1%E5%99%A8-2.html 整理编辑，转载请注明出处

WIFIdog是一种新的认证方式，这种认证方式的优势在于安全性高，不容易被破解验证。
WIFIdog是一种新的认证方式，这种认证方式的优势在于安全性高，不容易被破解验证。
客户端发出初始化请求，比如访问www.baidu.com
网关的防火墙规则将这个请求重定向到本地网关的端口上。这个端口是Wifidog监听的端口。
Wfidog提供一个HTTP重定向回复，重定向到Web认证页面，重定向的Url的Querystring中包含了Gateway的ID，Gateway的FQDN以及其他的信息。
用户向认证服务器发出认证请求。
网关返回一个（可以是自定义的）splash（也称作“登录”）页面。
用户提供他的凭据信息，比如用户名和密码。
成功认证的话，客户端将会被重定向到网关的自己的web页面上，并且带有一个认证凭据（一个一次性的token）
用户就是用获取到的凭据访问网关。
网关去认证服务器询问token的有效性。
认证服务器确认token的有效性。
网关发送重定向给客户端，以从认证服务器上获取 成功提示页面，重定向到 http://portal_server:port/portal_script 这个位置。
认证服务器通知客户请求成功，可以上网了。
整个过程如下图所示：

本文章由 http://www.wifidog.pro/2015/02/15/395.html 整理编辑，转载请注明出处