[isf-wifidog] Problème firewalling WRT54G
kaouete
kaouete at crazydwarves.org
Lun 19 Sep 09:05:47 EDT 2005
The openwrt image was taken on openwrt.org and the openwrt package
was compiled with the openwrt SDK and the wifidog SDK files
available here :
http://www.ilesansfil.org/dist/wifidog/bin/openwrt/whiterussian-rc2/OpenWRT-SDK-Wifidog.tar.gz
I dont have your problem but i did not used wlan and lan
separated, so i guess it is normal : )
kaouete
ps: i will tell you soon the iptables info you want to fix this my
problem :)
On Mon, Sep 19, 2005 at 08:13:25AM -0400, Philippe April wrote:
> Yes... If your problem is only that, I'm sure there's a reason we can
> find to explain it and fix it.
>
> Where did you get your package by the way? Did I provide it to you or
> did you build it with the SDK?
>
> The problem I was having, was basically making the router totally
> unusable (no IP connectivity),which makes things much harder to
> troubleshoot!
>
> Philippe April
> GnuPG http://key.philippeapril.com
>
> On 19-Sep-05, at 2:08 AM, kaouete wrote:
>
> >are you talking about the fact that only http redirect is
> >effective and that i can use the the net on other ports even when
> >i'm not auth ?
> >
> >i will tell you these infos, ok
> >
> >kaouete
> >
> >On Sun, Sep 18, 2005 at 09:59:52PM -0400, Philippe April wrote:
> >
> >>-----BEGIN PGP SIGNED MESSAGE-----
> >>Hash: SHA1
> >>
> >>I tested RC3 tonight, and I don't have any issues anymore.
> >>
> >>I'm curious about the issues you mentionned below and I would really
> >>like to troubleshoot instead of modifying the priority of the init
> >>script, as I'm not having the issue. I was having issues big time
> >>with rc2 though.
> >>
> >>Would you mind troubleshooting a bit more?
> >>
> >>Like:
> >>
> >>1. re-installing wifidog and put it the way it was before (completely
> >>flash if you can!)
> >>2. posting your wifidog configuration
> >>3. post output of (after wifidog has started):
> >> iptables -t mangle -L
> >> iptables -t filter -L
> >> iptables -t nat -L
> >>
> >>Otherwise there is very little I can do to fix it, as it's (now)
> >>working at home.
> >>
> >>Loïc (hope you read this), could you try RC3 and see if you still
> >>have the issue?
> >>
> >>Philippe April
> >>GnuPG http://key.philippeapril.com
> >>
> >>On 17-Sep-05, at 1:38 PM, kaouete wrote:
> >>
> >>
> >>>Ok,
> >>>
> >>>so, after a few tests there is the results :
> >>>
> >>>i installed a fresh openwrt whiterussian rc3
> >>>then i installed wifidog, modified the wifidog.conf, restarted the
> >>>wrt.
> >>>
> >>>1) without touching firewall script and cie :
> >>>S65wifidog is started after S45firewall :
> >>>if i try to connect to a website with a wifi client i get the
> >>>wifidog auth page
> >>>BUT i can anyway ssh to the net or any other port than 80.
> >>>
> >>>2) now i mv S65wifidog to S41wifidog (so it is started before
> >>>S45firewall), i comment the iptables flushing tables and cie and
> >>>add a sleep 10 at the beginning of the file to be sure that
> >>>wifidog have the time to load all of its rules.
> >>>
> >>>with a wifi client if i connect to the net : i get the wifidog
> >>>auth portal
> >>>AND i cant access to the net with anything without beeing authed
> >>>\o/
> >>>
> >>>concrusion : the openwrt out-of-box is not compatible with wifidog
> >>>for the moment. I think there should be a nicer way to fix it by
> >>>modifiing wifidog rules .. .. or note :]
> >>>
> >>>kaouete
> >>>
> >>>On Thu, Sep 15, 2005 at 02:33:17PM +0200, kaouete wrote:
> >>>
> >>>
> >>>>ho, sorry :]
> >>>>
> >>>>Follow the link of the bug on sourceforge.
> >>>>
> >>>>For me the problem is that the openwrt firewall script breaks the
> >>>>iptables rules used by wifidog,
> >>>>
> >>>>but maybe it is working anyway, i will do more tests (and maybe
> >>>>other
> >>>>people too :) and will tell you if there are problems and if yes,
> >>>>what are they :]
> >>>>
> >>>>kaouete
> >>>>
> >>>>On Thu, Sep 15, 2005 at 02:17:54PM +0200, Max Horváth wrote:
> >>>>
> >>>>
> >>>>>Hey guys,
> >>>>>
> >>>>>I just those two words problem and firewall.
> >>>>>
> >>>>>As I can't read french, so I'd like to ask you, what kind of
> >>>>>problem
> >>>>>exists and if you could translate it for me.
> >>>>>
> >>>>>Thanks and cheers, Max!
> >>>>>
> >>>>>Am 15.09.2005 um 13:16 schrieb kaouete:
> >>>>>
> >>>>>
> >>>>>
> >>>>>>ok, alors je ferais des tests alors, je vous dirais ce que j'ai
> >>>>>>trouvé.
> >>>>>>
> >>>>>>kaouete
> >>>>>>
> >>>>>>On Thu, Sep 15, 2005 at 07:08:25AM -0400, Philippe April wrote:
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>>-----BEGIN PGP SIGNED MESSAGE-----
> >>>>>>>Hash: SHA1
> >>>>>>>
> >>>>>>>En fait, je viens de relire le bug report et ma réponse à
> >>>>>>>propos de
> >>>>>>>mauvais iptables ne s'applique peut-être pas à 100%, l'auteur
> >>>>>>>semble
> >>>>>>>dire que c'est vraiment un problème d'ordre.
> >>>>>>>
> >>>>>>>Ceci étant dit, le plus de feedback de personnes externes on
> >>>>>>>aura, le
> >>>>>>>mieux on saura si tout est beau maintenant :)
> >>>>>>>
> >>>>>>>Tiens-nous au courant!
> >>>>>>>
> >>>>>>>Philippe April
> >>>>>>>GnuPG http://key.philippeapril.com
> >>>>>>>
> >>>>>>>On 15-Sep-05, at 6:54 AM, kaouete wrote:
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>>A ce propos, et en rapport avec ce bug :
> >>>>>>>>https://sourceforge.net/tracker/index.php?
> >>>>>>>>func=detail&aid=1210428&group_id=102646&atid=632424
> >>>>>>>>
> >>>>>>>>est-ce que ce probleme est reglé avec whiterussian ?
> >>>>>>>>
> >>>>>>>>(et il y a ausii d'autres bug sinon de reportés :)
> >>>>>>>>
> >>>>>>>>kaouete
> >>>>>>>>
> >>>>>>>>On Wed, Sep 14, 2005 at 10:54:46PM -0400, Philippe April wrote:
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>-----BEGIN PGP SIGNED MESSAGE-----
> >>>>>>>>>Hash: SHA1
> >>>>>>>>>
> >>>>>>>>>Disons que dernièrement je me suis mis plus à date, et ISF va
> >>>>>>>>>maintenant commencer à utiliser OpenWrt Whiterussian.
> >>>>>>>>>
> >>>>>>>>>Ce qui veut dire, que nous avons un package compilé pour
> >>>>>>>>>whiterussian
> >>>>>>>>>et qu'on va le tenir à jour!
> >>>>>>>>>
> >>>>>>>>>Donc, cette image (qui vient en fait du site d'openwrt):
> >>>>>>>>>http://www.ilesansfil.org/dist/wifidog/bin/openwrt/
> >>>>>>>>>whiterussian-
> >>>>>>>>>rc2/
> >>>>>>>>>openwrt-wrt54g-squashfs.bin
> >>>>>>>>>
> >>>>>>>>>et ce package:
> >>>>>>>>>
> >>>>>>>>>http://www.ilesansfil.org/dist/wifidog/bin/openwrt/
> >>>>>>>>>whiterussian-
> >>>>>>>>>rc2/
> >>>>>>>>>packages/wifidog_1.1.2-1_mipsel.ipk
> >>>>>>>>>
> >>>>>>>>>Les deux devraient fonctionner parfaitement! Et puis ça
> >>>>>>>>>devrait
> >>>>>>>>>installer toutes les dépendences.
> >>>>>>>>>
> >>>>>>>>>Fait important: il faut utiliser /etc/init.d/S65wifidog (ou
> >>>>>>>>>wifidog-
> >>>>>>>>>init start) pour partir wifidog afin qu'il load les modules du
> >>>>>>>>>kernel
> >>>>>>>>>dont wifidog dépend.
> >>>>>>>>>
> >>>>>>>>>L'image openwrt, est pour un WRT54G et non pas un WRT54GS,
> >>>>>>>>>pour
> >>>>>>>>>la S
> >>>>>>>>>on peut la trouver au même lien, ou sur le site d'openwrt.
> >>>>>>>>>
> >>>>>>>>>Tenez-nous au courant!
> >>>>>>>>>
> >>>>>>>>>Philippe April
> >>>>>>>>>GnuPG http://key.philippeapril.com
> >>>>>>>>>
> >>>>>>>>>On 14-Sep-05, at 9:58 PM, Loïc DEVAUX wrote:
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>><image001.gif>
> >>>>>>>>>>Salut,
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>Je viens de finir l???installation de l???auth server qui
> >>>>>>>>>>s???est
> >>>>>>>>>>passée
> >>>>>>>>>>à merveille sur une debian sarge, merci pour votre magnifique
> >>>>>>>>>>travail.
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>Seulement j???ai des problèmes lors de l???installation de
> >>>>>>>>>>wifidog
> >>>>>>>>>>client sur un WRT54G.
> >>>>>>>>>>
> >>>>>>>>>>Quelle version d???openwrt et quelle version de wifidog
> >>>>>>>>>>dois je
> >>>>>>>>>>utiliser pour ne pas avoir de problèmes ?
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>Merci d???avance pour votre réponse.
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>Loïc DEVAUX
> >>>>>>>>>>
> >>>>>>>>>>10 rue des mésanges
> >>>>>>>>>>
> >>>>>>>>>>63170 AUBIERE France
> >>>>>>>>>>
> >>>>>>>>>>(: (+33) 6 63 69 76 09
> >>>>>>>>>>
> >>>>>>>>>>*: loic.devaux99 at laposte.net
> >>>>>>>>>>
> >>>>>>>>>>Skype : mioz963
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>><image001.gif>
> >>>>>>>>>>_______________________________________________
> >>>>>>>>>>WiFiDog mailing list
> >>>>>>>>>>WiFiDog at listes.ilesansfil.org
> >>>>>>>>>>http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>-----BEGIN PGP SIGNATURE-----
> >>>>>>>>>Version: GnuPG v1.2.4 (Darwin)
> >>>>>>>>>
> >>>>>>>>>iD8DBQFDKOJ3Oq+Ep5Xn/
> >>>>>>>>>aARAkXoAJ93s8aZTuhO2qnRkXDHKyfP4qSbeACfel23
> >>>>>>>>>JJvL2yATW5hSliOPoMXsT9M=
> >>>>>>>>>=TXoM
> >>>>>>>>>-----END PGP SIGNATURE-----
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>_______________________________________________
> >>>>>>>>>WiFiDog mailing list
> >>>>>>>>>WiFiDog at listes.ilesansfil.org
> >>>>>>>>>http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>_______________________________________________
> >>>>>>>>WiFiDog mailing list
> >>>>>>>>WiFiDog at listes.ilesansfil.org
> >>>>>>>>http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>
> >>>>>>>-----BEGIN PGP SIGNATURE-----
> >>>>>>>Version: GnuPG v1.2.4 (Darwin)
> >>>>>>>
> >>>>>>>iD8DBQFDKVYpOq+Ep5Xn/aARAgscAKDCcBMgHzY4ZM0PvQe0M5sRwNxM1wCaA9u6
> >>>>>>>vI5Dym6xZK8pjjtT0aojUFQ=
> >>>>>>>=7Fgh
> >>>>>>>-----END PGP SIGNATURE-----
> >>>>>>>_______________________________________________
> >>>>>>>WiFiDog mailing list
> >>>>>>>WiFiDog at listes.ilesansfil.org
> >>>>>>>http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>_______________________________________________
> >>>>>>WiFiDog mailing list
> >>>>>>WiFiDog at listes.ilesansfil.org
> >>>>>>http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> >>>>>>
> >>>>>>
> >>>>>
> >>>>>_______________________________________________
> >>>>>WiFiDog mailing list
> >>>>>WiFiDog at listes.ilesansfil.org
> >>>>>http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> >>>>>
> >>>>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>>_______________________________________________
> >>>>WiFiDog mailing list
> >>>>WiFiDog at listes.ilesansfil.org
> >>>>http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> >>>>
> >>>>
> >>>_______________________________________________
> >>>WiFiDog mailing list
> >>>WiFiDog at listes.ilesansfil.org
> >>>http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> >>>
> >>
> >>-----BEGIN PGP SIGNATURE-----
> >>Version: GnuPG v1.2.4 (Darwin)
> >>
> >>iD8DBQFDLhuZOq+Ep5Xn/aARAmWCAKCkDzrYtNbqFi9wlV8S84gWt3eD+QCfUqxL
> >>lIEfmXkmDjPq5eOCPEJlL0A=
> >>=4HY2
> >>-----END PGP SIGNATURE-----
> >>_______________________________________________
> >>WiFiDog mailing list
> >>WiFiDog at listes.ilesansfil.org
> >>http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> >>
> >_______________________________________________
> >WiFiDog mailing list
> >WiFiDog at listes.ilesansfil.org
> >http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
>
> _______________________________________________
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
-------------- section suivante --------------
Une pièce jointe non texte a été nettoyée...
Nom: non disponible
Type: application/pgp-signature
Taille: 189 octets
Desc: Digital signature
Url: http://listes.ilesansfil.org/pipermail/wifidog/attachments/20050919/395322ad/attachment.pgp
More information about the WiFiDog
mailing list