[isf-wifidog] gateway problem

Mina Naguib mina at naguib.ca
Mer 10 Mai 09:00:52 EDT 2006


Hi Cara

Did you change the MAC address below to 20:20:20:20:20:20, or is that  
what it showed ?

Also after authentication, could you send us the output of `iptables - 
t filter -L`, `iptables -t nat -L` and `iptables -t mangle -L`

On 10-May-06, at 2:30 AM, Cara Ward wrote:

> Hi,
>
> I am testing wifidog for possible deployment in a large scale  
> wireless community network project in Chicago, but am unable to get  
> the gateway working properly.  Hosts are directed to the portal and  
> are able to successfully authenticate via radius, but instead of  
> gaining access online the are redirected back to the login screen.  
> The gateway is an ibm server running debian 2.6.16.12 with  
> netfilter and ipt_mac statically compiled into the kernel.
> The output of lsmod is below.
>
>
> Im still learning iptables, but I think, the wifidog debug log  
> shows that everything should be working, however when I issue  
> iptables --list I do not see the WiFiDog_Outgoing/Incoming chain at  
> all. Here is a portion of my log:
>
> [6][Tue May  9 12:43:07 2006][2877](auth.c:209) Got ALLOWED from  
> central
> server authenticating token 0ad18c2ff45f31842e832013a141a7b0 from
> 192.168.5.113 at 20:20:20:20:20:20 - adding to firewall and  
> redirecting
> them to portal
> [7][Tue May  9 12:43:07 2006][2877](firewall.c:87) Allowing  
> 192.168.5.113
> 20:20:20:20:20:20 with fw_connection_state 2
> [7][Tue May  9 12:43:07 2006][2877](fw_iptables.c:79) Executing  
> command:
> iptables -t mangle -A WiFiDog_Outgoing -s 192.168.5.113 -m mac
> --mac-source 20:20:20:20:20:20 -j MARK --set-mark 2
> [7][Tue May  9 12:43:07 2006][2877](util.c:108) Waiting for PID  
> 2984 to
> exit
> [7][Tue May  9 12:43:07 2006][2877](gateway.c:256) Handler for SIGCHLD
> called. Trying to reap a child
> [7][Tue May  9 12:43:07 2006][2877](gateway.c:260) Handler for SIGCHLD
> reaped child PID -1
> [7][Tue May  9 12:43:07 2006][2877](util.c:110) Process PID 2984  
> exited
> [7][Tue May  9 12:43:07 2006][2877](fw_iptables.c:79) Executing  
> command:
> iptables -t mangle -A WiFiDog_Incoming -d 192.168.5.113 -j ACCEPT
>
> lsmod
>
> Module                  Size  Used by
> ipt_REJECT              4992  0
> ipt_TCPMSS              3840  0
> ipt_REDIRECT            2432  0
> xt_mark                 2048  0
> iptable_mangle          2816  0
> ipt_MASQUERADE          3584  1
> xt_state                2304  1
> iptable_filter          2944  1
> ip_nat_irc              2688  0
> ip_nat_ftp              3200  0
> iptable_nat             7172  1
> ip_nat                 16940  5  
> ipt_REDIRECT,ipt_MASQUERADE,ip_nat_irc,ip_nat_ftp,iptable_nat
> ip_conntrack_irc        6384  1 ip_nat_irc
> ip_conntrack_ftp        7280  1 ip_nat_ftp
> ip_conntrack           47404  8  
> ipt_MASQUERADE,xt_state,ip_nat_irc,ip_nat_ftp,iptable_nat,ip_nat,ip_co 
> nntrack_irc,ip_conntrack_ftp
> i2c_i801                7564  0
> i2c_core               19856  1 i2c_i801
> generic                 4484  0 [permanent]
> hw_random               5400  0
> ata_piix               10116  0
> libata                 52240  1 ata_piix
> tg3                    91780  0
> iptable_raw             2304  0
> ip_tables              13144  4  
> iptable_mangle,iptable_filter,iptable_nat,iptable_raw
> ip_gre                 12320  0
> ipt_ttl                 1920  0
> ipt_TOS                 2304  0
> ipt_tos                 1792  0
> xt_mac                  2176  0
> ipip                    9956  0
> ipt_addrtype            2048  0
> psmouse                34056  0
> ide_generic             1536  0 [permanent]
> ide_disk               14976  0
> ide_cd                 36228  0
> ide_core              107188  4 generic,ide_generic,ide_disk,ide_cd
> genrtc                  9600  0
> ....
>
> I've set this up on two different machines with the same problem so  
> I'm guessing I'm missing something crucial on both.
> Thanks in advance for any suggestions you can provide -
>
> Cara Ward
>
> _______________________________________________
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog



More information about the WiFiDog mailing list