标签 wifidog认证 wifidog安装 wifidog原理 wifidog分析 wifidog配置 wifidog流程 wifidog服务器 wifidog-ddwrt wifidog openwrt 下的文章

openwrt 的 wifidog 安装说明

条件检查:

1 基本的linux环境,并且熟练使用

2 内核中带有netfilter的linux系统

3 iptables 包

4 gcc编译器,其他的编译器可能也行,但是没有经过测试

5 从sourceforge 获得的最新的wifidog的源码

安装准备工作

确保一切正常运行再继续进行下一步安装wifidog!!

  • 路由器能正常启动
  • 路由器可以启动接口
  • 路由器的路由正常运行
  • 路由器可以连接到internet
  • dns可以设置运行
  • dhcp正常运行
  • ipt_mac.o内核模块必须提前加载
  • 如果使用了NAT,路由器必须在iptables中正确的设置NAT/伪装 规则
  • wifi的客户的能够链接internet

以上条件在路由器启动或者重启后能自动的正常运行

开始安装

像任何开源的软件一样,先下载源码tarball,然后按照如下步骤安装 :

./autogen.sh

make

make install

在openwrt下安装wifidog:

mkdir ~/wifidog.openwrt
cd ~/wifidog.openwrt
wget http://downloads.openwrt.org/whiterussian/newest/OpenWrt-SDK-Linux-i686-1.tar.bz2
tar -jxvf OpenWrt-SDK-Linux-i686-1.tar.bz2
svn checkout https://dev.wifidog.org/svn/trunk/wifidog
cd wifidog
./autogen.sh
make ipk OPENWRTSDK=~/wifidog.openwrt/OpenWrt-SDK-Linux-i686-1

编译完成的包在:~/wifidog.openwrt/OpenWrt-SDK-Linux-i686-1/bin/packages

配置wifidog:编辑/etc/wifidog.conf

运行wifidog:

wifidog -f -d 7
  -f means to run in foreground (do not become a background daemon)
  -d 7 increases debug output level to the maximum

打开任意wifi的客户端,查看wifidog输出信息。

本文章由 http://www.wifidog.pro/2015/02/27/wifidog%E5%AE%89%E8%A3%85%E8%AF%B4%E6%98%8E.html 整理编辑,转载请注明出处

openwrt安装wifidog教程

Preparation

Prerequisites

Required Packages

  • iptables-mod-extra
  • iptables-mod-ipopt
  • kmod-ipt-nat
  • iptables-mod-nat-extra
  • libpthread

Installation

opkg update
opkg install wifidog
vi /etc/wifidog.conf
/etc/init.d/wifidog enable
/etc/init.d/wifidog start
netstat -a

You can also run wifidog in foreground/debug mode:

wifidog -f -d 7
  -f means to run in foreground (do not become a background daemon)
  -d 7 increases debug output level to the maximum

Configuration

Start on boot

To enable/disable start on boot:
/etc/init.d/wifidog enable this simply creates a symlink: /etc/rc.d/S?0??? → /etc/init.d/???
/etc/init.d/wifidog disable this removes the symlink again

本文章由 http://www.wifidog.pro/2015/02/27/openwrt%E5%AE%89%E8%A3%85wifidog-2.html 整理编辑,转载请注明出处

install wifidog in linux

Pre-installation

This is where a lot of people run into problems, so let's state this in bold:
MAKE SURE EVERYTHING WORKS FIRST BEFORE INTRODUCING Wifidog INTO THE ENVIRONMENT
That especially means:

  • The router must boot properly
  • The router must bring up the interfaces properly
  • The router must set up the routes properly
  • The router must connect to the internet properly
  • DNS settings must be set or obtained properly. DNS must work.
  • DHCP settings (client, server or both) must be set or obtained properly.
  • The ipt_mac.o kernel module must be loaded.
  • If using NAT, the router must setup NAT/masquerading rules with iptables properly
  • Clients on the desired (WIFI) network must be able to bind, associate, lease and connect the internet properly
  • All the above must happen automatically when the router starts or gets rebooted

Do NOT proceed with installing Wifidog until you've satisfied the above. It will not work otherwise and you will waste lots of time.

Installation

Wifidog, like many open source projects, is distributed with standard autotools utilities to make installation easy. Unpack the tarball (from Sourceforge) or get the lastest source from SVN (see Download menu), then follow the standard:

./autogen.sh
make
make install

If you do not install it with make install, then you will find the compiled wifidog gateway binary in src/wifidog (also don't forget to copy wifidog.conf to /etc).

OpenWrt? ipkg

mkdir ~/wifidog.openwrt
cd ~/wifidog.openwrt
wget http://downloads.openwrt.org/whiterussian/newest/OpenWrt-SDK-Linux-i686-1.tar.bz2
tar -jxvf OpenWrt-SDK-Linux-i686-1.tar.bz2
svn checkout https://dev.wifidog.org/svn/trunk/wifidog
cd wifidog
./autogen.sh
make ipk OPENWRTSDK=~/wifidog.openwrt/OpenWrt-SDK-Linux-i686-1

If there were no errors, your package should be in ~/wifidog.openwrt/OpenWrt-SDK-Linux-i686-1/bin/packages

Configuration

Edit /etc/wifidog.conf and follow the instructions in the file. Things should be self-explanatory.

Running Wifidog for the first time

Run Wifidog with the following switches:

wifidog -f -d 7
  -f means to run in foreground (do not become a background daemon)
  -d 7 increases debug output level to the maximum

Testing

As a client on the WiFi network (or whatever interface is configured as the LAN interface in /etc/wifidog.conf), open a web browser and try to browse to your favourite web site.

Monitor the output of the running Wifidog to see what it's doing.

本文章由 http://www.wifidog.pro/2015/02/27/linux%E5%AE%89%E8%A3%85wifidog%E6%95%99%E7%A8%8B.html 整理编辑,转载请注明出处

公共场所wifi认证解决方案wifidog+authpuppy(2)

二、 配置服务器和插件管理
1、 访问http://localhost ,通过管理员账户登录,配置authserver
1.png

配置完成后再次访问http://localhost 就会出现如下界面
2.png

2、 点击Manageplugins,点击View all available plugins and updates添加插件,点击后发现无法跳转,原因应该是插件的网站被墙了,大家让服务器科学上网一下就可以了。
安装apAuthLocalUserPlugin这个插件,并启用,就可以对登录账号进行管理了,更多插件的使用可以自己慢慢摸索。
3.png

三、 配置网络结点和路由器认证
1、 访问http://localhost 以管理员身份登录,点击Managenodes进行结点的管理,服务器默认为我们创建了一个叫My first node的结点,我们对其进行编辑,修改Name :wifidog,gw id:123456,deployment status 选择Deployed

2、 配置路由器,路由器在编译openwrt固件的时候,makemenuconfig后,在Network–>Captive Portals中选择wifidog.这样在刷完固件后路由器就有wifidog插件了:
4.png

3、 通过命令行访问路由器,windows下可以使用putty登录,执行如下命令,启动wifidog

/etc/init.d/wifidogenable
/etc/init.d/wifidog start

此时会报错,因为此时还没配置好服务器的信息。
4、 编辑/etc/wifidog.conf,window用户如果不会用vi等编辑器,可以使用winscp软件访问并修改,需要配置的主要有三项:

#这个需要与服务器中gw id相对应
GatewayID 123456
#查看自己的路由器进行配置,外网接口
ExternalInterfaceeth0.2
#路由器内网接口
GatewayInterface br-lan
#服务器配置
AuthServer {
    #服务器的ip地址
    Hostname192.168.0.224
    SSLAvailable yes
    Path /
}

5、 重启wifidog,连接该无线网络,开始验证。

四、wifidog的认证需要https的,于是开始安装https服务
1、 安装ssl

sudo apt-get install apache2

複製代碼
2、 开启ssl

sudo a2enmod ssl

複製代碼
3、 重启apache

sudo service apache2 restart

複製代碼
4、 创建一个ssl目录

sudo mkdir /etc/apache2/ssl

複製代碼
5、 创建一个自己认证的证书

sudo openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

複製代碼
输入信息得到:/etc/apache2/ssl/apache.key
7、 配置证书

sudo gedit /etc/apache2/sites-available/default-ssl.conf

複製代碼
8、 在ServerAdmin下添加一行,服务器域名或者ip地址

ServerName 127.0.1.1:443
ServerAlias authpuppy.test<span style="line-height: 1.5; background-color: rgb(255, 255, 255);">                          </span>

複製代碼
并修改如下内容:

SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key

複製代碼
9、 开启ssl并重启apache

sudo a2ensite default-ssl
sudo service apache2 reload

複製代碼
10、 此时访问https://localhost 可以访问,但是localhost下的其他路径时404错误
修改/etc/apache2/sites-enabled/default-ssl.conf 添加443虚拟目录

<VirtualHost *:443>
        DocumentRoot /var/www/html/authpuppy/web
        ServerName authpuppy.localhost
        SSLEngine on
        SSLCertificateFile /etc/apache2/ssl/apache.crt
        SSLCertificateKeyFile /etc/apache2/ssl/apache.key

        DocumentRoot /var/www/html/authpuppy/web
        DirectoryIndex index.php
        <Directory /var/www/html/authpuppy/web/>
               Options Indexes FollowSymLinks MultiViews
               AllowOverride All
               Order allow,deny
               allow from all
        </Directory>
</VirtualHost>

本文章由 http://www.wifidog.pro/2015/02/26/wifidog-authpuppy%E5%AE%89%E8%A3%85-2.html整理编辑,转载请注明出处