[isf-wifidog] gateway problem
Mina Naguib
mina at naguib.ca
Mer 10 Mai 09:00:52 EDT 2006
Hi Cara
Did you change the MAC address below to 20:20:20:20:20:20, or is that
what it showed ?
Also after authentication, could you send us the output of `iptables -
t filter -L`, `iptables -t nat -L` and `iptables -t mangle -L`
On 10-May-06, at 2:30 AM, Cara Ward wrote:
> Hi,
>
> I am testing wifidog for possible deployment in a large scale
> wireless community network project in Chicago, but am unable to get
> the gateway working properly. Hosts are directed to the portal and
> are able to successfully authenticate via radius, but instead of
> gaining access online the are redirected back to the login screen.
> The gateway is an ibm server running debian 2.6.16.12 with
> netfilter and ipt_mac statically compiled into the kernel.
> The output of lsmod is below.
>
>
> Im still learning iptables, but I think, the wifidog debug log
> shows that everything should be working, however when I issue
> iptables --list I do not see the WiFiDog_Outgoing/Incoming chain at
> all. Here is a portion of my log:
>
> [6][Tue May 9 12:43:07 2006][2877](auth.c:209) Got ALLOWED from
> central
> server authenticating token 0ad18c2ff45f31842e832013a141a7b0 from
> 192.168.5.113 at 20:20:20:20:20:20 - adding to firewall and
> redirecting
> them to portal
> [7][Tue May 9 12:43:07 2006][2877](firewall.c:87) Allowing
> 192.168.5.113
> 20:20:20:20:20:20 with fw_connection_state 2
> [7][Tue May 9 12:43:07 2006][2877](fw_iptables.c:79) Executing
> command:
> iptables -t mangle -A WiFiDog_Outgoing -s 192.168.5.113 -m mac
> --mac-source 20:20:20:20:20:20 -j MARK --set-mark 2
> [7][Tue May 9 12:43:07 2006][2877](util.c:108) Waiting for PID
> 2984 to
> exit
> [7][Tue May 9 12:43:07 2006][2877](gateway.c:256) Handler for SIGCHLD
> called. Trying to reap a child
> [7][Tue May 9 12:43:07 2006][2877](gateway.c:260) Handler for SIGCHLD
> reaped child PID -1
> [7][Tue May 9 12:43:07 2006][2877](util.c:110) Process PID 2984
> exited
> [7][Tue May 9 12:43:07 2006][2877](fw_iptables.c:79) Executing
> command:
> iptables -t mangle -A WiFiDog_Incoming -d 192.168.5.113 -j ACCEPT
>
> lsmod
>
> Module Size Used by
> ipt_REJECT 4992 0
> ipt_TCPMSS 3840 0
> ipt_REDIRECT 2432 0
> xt_mark 2048 0
> iptable_mangle 2816 0
> ipt_MASQUERADE 3584 1
> xt_state 2304 1
> iptable_filter 2944 1
> ip_nat_irc 2688 0
> ip_nat_ftp 3200 0
> iptable_nat 7172 1
> ip_nat 16940 5
> ipt_REDIRECT,ipt_MASQUERADE,ip_nat_irc,ip_nat_ftp,iptable_nat
> ip_conntrack_irc 6384 1 ip_nat_irc
> ip_conntrack_ftp 7280 1 ip_nat_ftp
> ip_conntrack 47404 8
> ipt_MASQUERADE,xt_state,ip_nat_irc,ip_nat_ftp,iptable_nat,ip_nat,ip_co
> nntrack_irc,ip_conntrack_ftp
> i2c_i801 7564 0
> i2c_core 19856 1 i2c_i801
> generic 4484 0 [permanent]
> hw_random 5400 0
> ata_piix 10116 0
> libata 52240 1 ata_piix
> tg3 91780 0
> iptable_raw 2304 0
> ip_tables 13144 4
> iptable_mangle,iptable_filter,iptable_nat,iptable_raw
> ip_gre 12320 0
> ipt_ttl 1920 0
> ipt_TOS 2304 0
> ipt_tos 1792 0
> xt_mac 2176 0
> ipip 9956 0
> ipt_addrtype 2048 0
> psmouse 34056 0
> ide_generic 1536 0 [permanent]
> ide_disk 14976 0
> ide_cd 36228 0
> ide_core 107188 4 generic,ide_generic,ide_disk,ide_cd
> genrtc 9600 0
> ....
>
> I've set this up on two different machines with the same problem so
> I'm guessing I'm missing something crucial on both.
> Thanks in advance for any suggestions you can provide -
>
> Cara Ward
>
> _______________________________________________
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
More information about the WiFiDog
mailing list