[isf-wifidog] gateway problem

Cara Ward cara at onshore.com
Mer 10 Mai 02:30:19 EDT 2006 

Hi,

I am testing wifidog for possible deployment in a large scale wireless 
community network project in Chicago, but am unable to get the gateway 
working properly.  Hosts are directed to the portal and are able to 
successfully authenticate via radius, but instead of gaining access online 
the are redirected back to the login screen. The gateway is an 
ibm server running debian 2.6.16.12 with netfilter and ipt_mac statically compiled into the kernel.
The output of lsmod is below.


Im still learning iptables, but I think, the wifidog 
debug 
log shows that everything should 
be working, however when I issue iptables --list I do not see the 
WiFiDog_Outgoing/Incoming chain at all. 
Here is a portion of my log:

[6][Tue May  9 12:43:07 2006][2877](auth.c:209) Got ALLOWED from central
server authenticating token 0ad18c2ff45f31842e832013a141a7b0 from
192.168.5.113 at 20:20:20:20:20:20 - adding to firewall and redirecting
them to portal
[7][Tue May  9 12:43:07 2006][2877](firewall.c:87) Allowing 192.168.5.113
20:20:20:20:20:20 with fw_connection_state 2
[7][Tue May  9 12:43:07 2006][2877](fw_iptables.c:79) Executing command:
iptables -t mangle -A WiFiDog_Outgoing -s 192.168.5.113 -m mac
--mac-source 20:20:20:20:20:20 -j MARK --set-mark 2
[7][Tue May  9 12:43:07 2006][2877](util.c:108) Waiting for PID 2984 to
exit
[7][Tue May  9 12:43:07 2006][2877](gateway.c:256) Handler for SIGCHLD
called. Trying to reap a child
[7][Tue May  9 12:43:07 2006][2877](gateway.c:260) Handler for SIGCHLD
reaped child PID -1
[7][Tue May  9 12:43:07 2006][2877](util.c:110) Process PID 2984 exited
[7][Tue May  9 12:43:07 2006][2877](fw_iptables.c:79) Executing command:
iptables -t mangle -A WiFiDog_Incoming -d 192.168.5.113 -j ACCEPT

lsmod

Module                  Size  Used by
ipt_REJECT              4992  0
ipt_TCPMSS              3840  0
ipt_REDIRECT            2432  0
xt_mark                 2048  0
iptable_mangle          2816  0
ipt_MASQUERADE          3584  1
xt_state                2304  1
iptable_filter          2944  1
ip_nat_irc              2688  0
ip_nat_ftp              3200  0
iptable_nat             7172  1
ip_nat                 16940  5 
ipt_REDIRECT,ipt_MASQUERADE,ip_nat_irc,ip_nat_ftp,iptable_nat
ip_conntrack_irc        6384  1 ip_nat_irc
ip_conntrack_ftp        7280  1 ip_nat_ftp
ip_conntrack           47404  8 
ipt_MASQUERADE,xt_state,ip_nat_irc,ip_nat_ftp,iptable_nat,ip_nat,ip_conntrack_irc,ip_conntrack_ftp
i2c_i801                7564  0
i2c_core               19856  1 i2c_i801
generic                 4484  0 [permanent]
hw_random               5400  0
ata_piix               10116  0
libata                 52240  1 ata_piix
tg3                    91780  0
iptable_raw             2304  0
ip_tables              13144  4 
iptable_mangle,iptable_filter,iptable_nat,iptable_raw
ip_gre                 12320  0
ipt_ttl                 1920  0
ipt_TOS                 2304  0
ipt_tos                 1792  0
xt_mac                  2176  0
ipip                    9956  0
ipt_addrtype            2048  0
psmouse                34056  0
ide_generic             1536  0 [permanent]
ide_disk               14976  0
ide_cd                 36228  0
ide_core              107188  4 generic,ide_generic,ide_disk,ide_cd
genrtc                  9600  0
....

I've set this up on two different machines with the same 
problem so I'm guessing I'm missing something crucial on both.
Thanks in advance for any suggestions you can provide -

Cara Ward

More information about the WiFiDog mailing list