Re: Captive portal + YFI

@ xeon, saya sudah coba di jaunty dan berjalan lancar, cuma saya sedang mencaoba untuk membuat login page nya tidak hilang hanya di minimize kaya chillispot (supaya user gampang kalo mo logout ... hehehe)
Udah diaduk2 masih nga bisa tuh !
Mungkin ada ide dari para pakar utk solusi logout ??

Re: Captive portal + YFI

agrd_sn wrote:

keren..
pengen nyoba ah.. ^^

Silahkan dicoba bro.. ditunggu share pengalamannya smile

28 (edited by xeon 25-09-2009 18:00:15)

Re: Captive portal + YFI

obed wrote:

@ xeon, saya sudah coba di jaunty dan berjalan lancar, cuma saya sedang mencaoba untuk membuat login page nya tidak hilang hanya di minimize kaya chillispot (supaya user gampang kalo mo logout ... hehehe)
Udah diaduk2 masih nga bisa tuh !
Mungkin ada ide dari para pakar utk solusi logout ??

Bisa bang obed, tapi bang obed harus pakai hotspotlogin.cgi-nya coova chilli (chillispot). Saya belum coba, soalnya saya lebih suka tanpa popup login/logout. User ditempat saya sengaja/tdk sering menutup popup login/logout tersebut. Dengan json, login page bisa kita edit sesuai selera kita. Sebagai pengganti logout, saya gunakan attribut "idle session" kita bisa atur 2/1 jam. Jadi jika dalam 1/2 jam tdk ada aktifitas dari client, maka akan logout sendiri. smile

Sekedar info, kalo mau coba drupal hotspot manager. Lebih komplit dan keren.
(kelihatannya ada fasilitas untuk login/logout). next project...ASAP smile

Semoga bisa membantu, thanks..:)

Re: Captive portal + YFI

mohon pecerahan.

saya sudah berjaya install kesemuanya..dan captive portal jugak sudah muncul..

namun yang menjadi masalahnya sekarang..saya tidak dapat login menggunakan user permanent @ user yg di create sendiri

dia keluar error Authentication Failure

Reason : Try Again..

mohon pencerahan ya ..terima kasih

Re: Captive portal + YFI

@ slamberrx
Kalau login memakai user bawaan yg dvdwalt@ri bisa ga om?

Re: Captive portal + YFI

tidak dapat masuk jugak mas..authentication failure..sudah tidak tau mau check di mana..hehe

Re: Captive portal + YFI

@ slamberrx
Sudah dicek ulang bang slamberrx? Kelihatannya ada kesalahan konfigurasi atau ada yg kelewatan. Coba dicek ulang step by step smile

BTW, untuk database pakai default (databese:yfi, username & password :yfi) ?

Re: Captive portal + YFI

hehe..sbnrnya saya sedikit bingung dengan command line utk add database yfi tu..sbb saya masih baru dengan linux environment...

di sebabkan oleh itu..saya install phpmyadmin dan gunakannya utk create database.

User Root
Pass : root pass

adakah ini penyebabnya authentication failure?

saya tidak paham macam mana login page tu bleh berhubung dengan yfi..

mohon pencerahan mas xeon

34 (edited by xeon 02-10-2009 15:00:22)

Re: Captive portal + YFI

@slamberrx

Nah..itu kemungkinan penyebabnya bro..
Ok, kalo anda bikin database yfi pakai user: root,pass: root pass. Anda sesuaikan juga File :
1. '/var/www/c2/yfi_cake/config/database.php' Dibagian username dan password.
2. "/usr/local/etc/raddb/rlm_perl_modules/conf/setting.conf" Dibagian username dan password.

Lebih amannya lagi, jangan gunakan root.
Saya malah kurang familiar dgn phpmyadmin, Untuk pembuatan database yfi lewat command line, coba anda ketik di console :

mysql -u root -p
Enter password... (password root)
create database yfi;
GRANT ALL PRIVILEGES ON yfi.* to 'yfi'@'127.0.0.1' IDENTIFIED BY 'yfi';
GRANT ALL PRIVILEGES ON yfi.* to 'yfi'@'localhost' IDENTIFIED BY 'yfi';
exit;

Setelah itu jgn lupa masukkan database sample yfi :

mysql -u root -p yfi < /var/www/c2/yfi_cake/setup/db/yfi.sql

semoga bisa membantu bro.. smile tetap semangat

Re: Captive portal + YFI

ok bro..terima kasih..nanti akan di cuba..mau ulang proses instalasi start dari awal

baru siap format ubuntu..hehe

rasanya lebih aman jika mula dari zero

terima kasih atas feedback yg cpt..

Selamat Hari Raya

ada masalah post lg..hehe

Re: Captive portal + YFI

Sama2 bro..senang bisa membantu smile
Sedikit saran... pakai settingan default dulu (misal : untuk database defaultnya yfi), kalo udah jalan baru dicustom smile

Good luck..

Re: Captive portal + YFI

Buat symbolic link
Code:
cd /var/www
sudo ln -s ./cake_1.2.4.8284 ./c2

Ini salah kodenya, seharusnya
sudo ln -s ./cake ./c2

Re: Captive portal + YFI

anto_DIGIT wrote:

Buat symbolic link
Code:
cd /var/www
sudo ln -s ./cake_1.2.4.8284 ./c2

Ini salah kodenya, seharusnya
sudo ln -s ./cake ./c2

sama aja kog om..

sudo ln -s ./cake_1.2.4.8284 ./c2

ini contoh yg saya ambil dari YFI Wiki

Silahkan kalo mau dicustom smile smile

Thanks

Re: Captive portal + YFI

hi bro..
mau tanya dong
kebetulan lagi maein2 captive portal juga...

jadi yg saya coba.. pake vmware.. dengan ubuntu server 8.10
dengan 2 interface...

jadi topologynya adalah :

internet -- captive -- switch -- pc

yg ke internet dengan eth0, anggap aja ipnya 192.168.1.221/24 dengan gw 192.168.1.1
lalu yg ke lan pake 10.0.0.1 (bukan 10.1.0.1).

waktu di test, radius dsb dsb sih kayaknya nyalah..
dhcp juga nyalah...

jadi saya test dengan PC di LAN, udah dapet IP 10.0.0.3 dengan gw 10.0.0.1
dan saya cek pake nslookup.. bisa resolving ip

tapi kalau saya browsing .. dia diem2 aja (white screen aja)...
kira2 salah dimana yah ????

atau ada lagi yg bisa di cek ?
thanks

Re: Captive portal + YFI

mas saya sudah coba ikutin sama,
sudah bisa keluar loginya tapi kalau di isi loginnya hasilnya:

YFI Authentication Failure

salah di mana ya?

Re: Captive portal + YFI

gaung_999 wrote:

mas saya sudah coba ikutin sama,
sudah bisa keluar loginya tapi kalau di isi loginnya hasilnya:

YFI Authentication Failure

salah di mana ya?

Sudah dicek ulang mas gaung_999 ?

Tut. diatas ada beberapa test tiap stepnya untuk memastikan berhasil atau tidaknya. misal :
Test koneksi YFI cake dengan database mysql

Tes YFi CakePHP Ketik alamat server di browser:
http://127.0.0.1/c2/yfi_cake/users/
Karena saya gunakan Komputer client untuk remote server, saya ketik :
http://192.168.0.2/c2/yfi_cake/users/
Kalau yang ditampilkan adalah halaman login, berarti setting sudah benar:D selamat ya..

Test YFI componen dengan database mysql

Tes Viewer Component
Masukkan alamat berikut di browser : http://127.0.0.1/yfi
Atau http://192.168.0.2/yfi  jika dari Komputer client.

test freeradius

sudo /usr/local/sbin/radiusd -X

dan test terakhir

1. Tes dengan menggunakan komputer client. Setting network interface client ke dhcp, jika client mendapat ip 10.1.0.2 - dst. Berarti coova chilli berjalan normal smile bisa bernafas lega..
2. Coba browsing ke, misal www.google.com. Akan keluar halaman splash ( keren ga??) smile
3. Kemudian diarahkan ke halaman login: hs_land.php (siipp... big_smile)
4. Login dengan user dvdwalt@ri dan password dvdwalt@ri.
5. Jika akses diterima, akan nongol www.google.com

Silahkan dicek ulang step by step smile
Kalau masih ada kesulitan bisa dishare lagi atau by email smile

Thanks

Re: Captive portal + YFI

Tes YFi CakePHP Ketik alamat server di browser:
http://127.0.0.1/c2/yfi_cake/users/
Karena saya gunakan Komputer client untuk remote server, saya ketik :
http://192.168.0.2/c2/yfi_cake/users/
sudah bisa muncul tampilan login

Tes Viewer Component
http://192.168.0.2/yfi
sudah bisa muncul tampilan

sudo /usr/local/sbin/radiusd -X
Hasilnya:....
......................................
..................................
Module: Checking session {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
Module: Instantiating attr_filter.access_reject
  attr_filter attr_filter.access_reject {
        attrsfile = "/usr/local/etc/raddb/attrs.access_reject"
        key = "%{User-Name}"
  }
} # modules
} # server
radiusd: #### Opening IP addresses and Ports ####
listen {
        type = "auth"
        ipaddr = *
        port = 0
}
listen {
        type = "acct"
        ipaddr = *
        port = 0
}
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on proxy address * port 1814
Ready to process requests.

saya test chillinya pakai chilli -df hasilnya:

root@captive:/home/administrator# chilli -df
options.c: 364: 0 (Debug) DHCP Listen: 10.1.0.1
options.c: 365: 0 (Debug) UAM Listen: 10.1.0.1
garden.c: 61: 0 (Debug) Uamallowed coova.org
garden.c: 45: 0 (Debug) Uamallowed IP address #0:128: proto=0 host=174.129.195.118 port=0
garden.c: 61: 0 (Debug) Uamallowed 10.1.0.1
garden.c: 45: 0 (Debug) Uamallowed IP address #1:128: proto=0 host=10.1.0.1 port=0
garden.c: 61: 0 (Debug) Uamallowed rad01.coova.org
garden.c: 38: 0 (Debug) Uamallowed already exists #0:128: proto=0 host=174.129.195.118 port=0
garden.c: 61: 0 (Debug) Uamallowed coova.org
garden.c: 38: 0 (Debug) Uamallowed already exists #0:128: proto=0 host=174.129.195.118 port=0
chilli.c: 3600: 0 (Debug) ChilliSpot version 1.0.13 started.

tun.c: 515: 0 (Debug) TX queue length set to 100
ippool.c: 218: 0 (Debug) Hashlog 8 253 256

redir.c: 994: 0 (Debug) UAM port already in use. Waiting for retry.

masih ada yang salah sepertinya..... smile

mohon pencerahannya mas maklumlah masih belajar...

thanks

Re: Captive portal + YFI

@ gaung_999

bisa lihat settingan login.php di coova_json (/var/www/coova_json/login.php)

Re: Captive portal + YFI

thanks mas XEON untuk bantuannya , di bawah ini setingan login php nya:


<?

    $uamsecret  = 'greatsecret';            //Change this to be the same as your chilli's configuration
        $username   = $_POST['username'];
        $password   = $_POST['password'];
        $challenge  = $_POST['challenge'];
        $redir      = $_POST['userurl'];

        $enc_pwd    = return_new_pwd($password,$challenge,$uamsecret);

        $server_ip      = '10.1.0.1';
        $port           = '3990';
        //$dir          = '/json/logon';
        $dir            = '/logon';

    $target     = "http://$server_ip".':'.$port.$dir."?username=$username&password=$enc_pwd&userurl=$redir";

   // print($target);

        header("Location: $target");

        //Function to do the encryption thing of the password
        function return_new_pwd($pwd,$challenge,$uamsecret){
                $hex_chal   = pack('H32', $challenge);                  //Hex the challenge
                $newchal    = pack('H*', md5($hex_chal.$uamsecret));    //Add it to with $uamsecret (shared between chilli an$
                $response   = md5("\0" . $pwd . $newchal);              //md5 the lot
                $newpwd     = pack('a32', $pwd);                //pack again
                $password   = implode ('', unpack('H32', ($newpwd ^ $newchal))); //unpack again
                return $password;
        }

?>

45 (edited by xeon 28-10-2009 14:50:34)

Re: Captive portal + YFI

sepertinya udah bener.. kalau ga keberatan chilli confignya smile

BTW,

Tes Viewer Component
http://192.168.0.2/yfi
sudah bisa muncul tampilan

Sudah coba login, misal: (dvdwalt@ri password:dvdwalt@ri) bisa masuk ga?:)

Re: Captive portal + YFI

Config yang di /etc/chilli/config,
mas sekalian mau tanya, saya test dengan chilli -df knp hasilnya

tun.c: 515: 0 (Debug) TX queue length set to 100
ippool.c: 218: 0 (Debug) Hashlog 8 253 256

redir.c: 994: 0 (Debug) UAM port already in use. Waiting for retry.

konfigurasi /etc/chilli/config

# -*- /bin/sh -*-
#
#   Coova-Chilli Default Configurations.
#   To customize, copy this file to /etc/chilli/config
#   and edit to your liking. This is included in shell scripts
#   that configure chilli and related programs before file 'config'.


###
#   Local Network Configurations
#

# HS_WANIF=eth0            # WAN Interface toward the Internet
HS_LANIF=eth1           # Subscriber Interface for client devices
HS_NETWORK=10.1.0.0       # HotSpot Network (must include HS_UAMLISTEN)
HS_NETMASK=255.255.255.0   # HotSpot Network Netmask
HS_UAMLISTEN=10.1.0.1       # HotSpot IP Address (on subscriber network)
HS_UAMPORT=3990            # HotSpot Port (on subscriber network)

# HS_DYNIP=
# HS_DYNIP_MASK=255.255.255.0
# HS_STATIP=
# HS_STATIP_MASK=255.255.255.0
# HS_DNS_DOMAIN=
HS_DNS1=202.129.189.201
# HS_DNS2=

###
#   HotSpot settings for simple Captive Portal
#
HS_NASID=nas01
HS_UAMSECRET=greatsecret
HS_RADIUS1=127.0.0.1
HS_RADIUS2=127.0.0.1
HS_RADSECRET=testing123
HS_UAMALLOW=coova.org

#   Put entire domains in the walled-garden with DNS inspection
# HS_UAMDOMAINS=".paypal.com,.paypalobjects.com"

#   Optional initial redirect and RADIUS settings
# HS_SSID=<ssid>       # To send to the captive portal
# HS_NASMAC=<mac address>  # To explicitly set Called-Station-Id
# HS_NASIP=<ip address>    # To explicitly set NAS-IP-Address
HS_NASIP=127.0.0.1
#   The server to be used in combination with HS_UAMFORMAT to
#   create the final chilli 'uamserver' url configuration.
HS_UAMSERVER=10.1.0.1

#   Use HS_UAMFORMAT to define the actual captive portal url.
#   Shell variable replacement takes place when evaluated, so here
#   HS_UAMSERVER is escaped and later replaced by the pre-defined
#   HS_UAMSERVER to form the actual "--uamserver" option in chilli.
HS_UAMFORMAT=http://10.1.0.1/coova_json/hs_land.php

#https://\$HS_UAMSERVER/app/uam/chilli

#   Same principal goes for HS_UAMHOMEPAGE.
#HS_UAMHOMEPAGE=http://\$HS_UAMLISTEN:\$HS_UAMPORT/www/coova.html
HS_UAMHOMEPAGE=http://10.1.0.1/coova_json/splash.php

#   This option will be configured to be the WISPr LoginURL as well
#   as provide "uamService" to the ChilliController. The UAM Service is
#   described in: http://coova.org/wiki/index.php/CoovaChilli/UAMService
#
HS_UAMSERVICE=https://coova.org/app/uam/auth


###
#   Features not activated per-default (default to off)
#
# HS_RADCONF=off       # Get some configurations from RADIUS or a URL ('on' and 'url' respectively)
#
# HS_ANYIP=on           # Allow any IP address on subscriber LAN
#
# HS_MACAUTH=on           # To turn on MAC Authentication
#
# HS_MACAUTHDENY=on       # Put client in 'drop' state on MAC Auth Access-Reject
#
# HS_MACAUTHMODE=local       # To allow MAC Authentication based on macallowed, not RADIUS
#
# HS_MACALLOW="..."      # List of MAC addresses to authenticate (comma seperated)
#
# HS_USELOCALUSERS=on      # To use the /etc/chilli/localusers file
#
# HS_OPENIDAUTH=on       # To inform the RADIUS server to allow OpenID Auth
#
# HS_WPAGUESTS=on       # To inform the RADIUS server to allow WPA Guests
#
# HS_DNSPARANOIA=on       # To drop DNS packets containing something other
#               # than A, CNAME, SOA, or MX records
#
# HS_OPENIDAUTH=on       # To inform the RADIUS server to allow OpenID Auth
#               # Will also configure the embedded login forms for OpenID
#
# HS_USE_MAP=on           # Short hand for allowing the required google
#               # sites to use Google maps (adds many google sites!)
#
###
#   Other feature settings and their defaults
#
# HS_DEFSESSIONTIMEOUT=0   # Default session-timeout if not defined by RADIUS (0 for unlimited)
#
# HS_DEFIDLETIMEOUT=0       # Default idle-timeout if not defined by RADIUS (0 for unlimited)
#
# HS_DEFBANDWIDTHMAXDOWN=0   # Default WISPr-Bandwidth-Max-Down if not defined by RADIUS (0 for unlimited)
#
# HS_DEFBANDWIDTHMAXUP=0       # Default WISPr-Bandwidth-Max-Up if not defined by RADIUS (0 for unlimited)

###
# Centralized configuration options examples
#
# HS_RADCONF=url       # requires curl
# HS_RADCONF_URL=https://coova.org/app/ap/config

# HS_RADCONF=on           # gather the ChilliSpot-Config attributes in
#               # Administrative-User login
# HS_RADCONF_SERVER=rad01.coova.org         # RADIUS Server
# HS_RADCONF_SECRET=coova-anonymous         # RADIUS Shared Secret
# HS_RADCONF_AUTHPORT=1812             # Auth port
# HS_RADCONF_USER=chillispot             # Username
# HS_RADCONF_PWD=chillispot             # Password


###
#   Standard configurations
#
HS_MODE=hotspot
HS_TYPE=chillispot
# HS_RADAUTH=1812
# HS_RADACCT=1813
# HS_ADMUSR=chillispot
# HS_ADMPWD=chillispot


###
#   Post-Auth proxy settings
#
# HS_POSTAUTH_PROXY=<host or ip>
# HS_POSTAUTH_PROXYPORT=<port>

#   Directory specifying where internal web pages can be served
#   by chilli with url /www/<file name>. Only extentions like .html
#   .jpg, .gif, .png, .js are allowed. See below for using .chi as a
#   CGI extension.
HS_WWWDIR=/etc/chilli/www

#   Using this option assumes 'haserl' is installed per-default
#   but, and CGI type program can ran from wwwsh to process requests
#   to chilli with url /www/filename.chi
HS_WWWBIN=/etc/chilli/wwwsh

#   Some configurations used in certain user interfaces
#
HS_PROVIDER=Coova
HS_PROVIDER_LINK=http://www.coova.org/


###
#   WISPr RADIUS Attribute support
#

HS_LOC_NAME="My HotSpot"       # WISPr Location Name and used in portal

#   WISPr settings (to form a proper WISPr-Location-Id)
# HS_LOC_NETWORK="My Network"       # Network name
# HS_LOC_AC=408               # Phone area code
# HS_LOC_CC=1               # Phone country code
# HS_LOC_ISOCC=US           # ISO Country code

47 (edited by xeon 29-10-2009 08:28:13)

Re: Captive portal + YFI

@ gaung_999

# HS_WANIF=eth0

Coba hilangkan tanda pagarnya


redir.c: 994: 0 (Debug) UAM port already in use. Waiting for retry.

Menandakan UAM port telah dipakai, dalam hal ini chilli yg memakai smile its OK

Semoga membantu bro.. Semangat

Re: Captive portal + YFI

mas saya install ulang lagi dari awal tapi pas saya jalanin freeradius -x muncuknya:

Failed binding to socket: Address already in use
/usr/local/etc/raddb/radiusd.conf[240]: Error binding to port for 0.0.0.0 port 1812

gimana caranya ya?... big_smile,

thanks mas

49 (edited by xeon 30-10-2009 08:10:35)

Re: Captive portal + YFI

@ gaung_999

Pakai freeradius versi berapa bro? saran saya pakai versi yg ditutorial (freeradius-server-2.1.6.tar.gz)

BTW, pakai ubuntu hardy, intrepid atau jaunty?

Re: Captive portal + YFI

nanya bro..

waktu jalanin /usr/local/sbin/radiusd –X

yang keluar kok malah failed to link rlm_perl rlm_perl.so ya bro..??

mohon di cerahin..

install di ubuntu server 9.04 dengan paket LAMP + OpenSSH..

trims..