[isf-wifidog] wifidog + friefunk

Frederico Marques frederico at marques.cx
Ven 12 Oct 13:13:57 EDT 2007


Hi Larry,

Well, I had a similar problem dealing with wifidog + freifunk olsr. I  
had a mesh network where some of the nodes running wifidog/olsr would  
contact the wifidog server through the wifi interface, that is the  
same where the clients are connecting. So, you have the iptables  
firewall rules from wifidog denying  packets from clients and on this  
setup other nodes are considered clients, so, you can't contact the  
server. The solution that I come up to was to whitelist the mac  
address of the nodes on each of the wifidog.conf setup  
(TrustedMACList) and a small cron script to alter one of the iptables  
rules to allow client authentication. Something like this:

iptables -t filter -R WiFiDog_WIFI2Internet 3 -i eth1 -s ! 10.0.0.0/8  
-m state --state NEW,INVALID -j DROP


I had the NAT/OLSR configuration on Freifunk. All the clients  
connecting through each node are NAT'ed to the mesh with the ip  
address of the node (eth1/mesh side). It worked for me, don't know if  
it works with you.

Regards,

--fred

On Oct 5, 2007, at 7:33 PM, Larry DiBona wrote:

> Hello,
>
> I have been working on a similar project using Xwrt and the native  
> OLSR
> package and Wifidog.  It works well. I have a problem I would like to
> address.
>
> When an access point running Wifidog works correctly using the WAN  
> ports
> to authenticate over the WEB to the Authentication server, and is part
> of a mesh, if you remove the WAN connection, it can't find the server
> using the mesh alone.
>
> I have the system set up in a standard fashion, and the OLSR mesh
> network is in place.  Using 2 router access points and both having the
> WAN ports connected to the Internet, I can connect and authenticate
> against one or the other of the routers using the WifiDog server, all
> works well.  I can also login and administer either router through the
> mesh (without associating), which proves the OLSR mesh is working.
>
> If I remove the WAN connection from the 1st router and it is only
> connected using the OLSR mesh (Which puts it on the network with  
> the 2nd
> router) the 1st router cannot find the Wifidog Server.  The router's
> Wifidog green page informs me that it can't find the server.   
> Connecting
> to the LAN ports makes no difference. I have placed the mac  
> addresses in
> the wifidog config to allow access.  Has anyone solved this?
>
> -Larry
>
>
> Michael Lenczner wrote:
>> ---------- Forwarded message ----------
>> From: michel memeteau <mmemeteau at marseille-wireless.org>
>> Date: Sep 27, 2007 2:39 PM
>> Subject: [wsfii-discuss] Some words about upcoming POLARIS firmware
>> release from France Wireless
>> To: community at freenetworks.org, wsfii-discuss at lists.okfn.org
>>
>>
>> Hi everybody,
>>
>> I'm cross posting Wsfii & freenetwoks mailiing to reach a max of  
>> people.
>>
>> I m part of France Wireless :  a group gathering most of the wireless
>> groups in France as Redlibre in spain for example.
>>
>> We worked together to make the setup of a Wireless node ( Mesh +
>> captive portal ) for gratis access. the current name of the firmware
>> is POLARIS. We use freifunk and wifidog mostly ( and tinyproxy if
>> needed ) .
>>
>> the TRAC is here : http://dev.wireless-fr.org , sorry as english
>> translation is not ready , you can browse it through google translate
>> :
>>
>>
>> Current firmware is here
>>
>> and setup guide here
>>
>>  We release in few Weeks the POLARIS 0.2 : see the roadmap
>>
>>
>> This project is just a playground , I guess most of your communities
>> have already an easy to setup firmware for meshing & captif portal.
>> Oui aim is not to do better than all the other projects but to gather
>> simple requirement to make my mother being able to create a free
>> hotspot with her WRT  .....
>>
>>
>> So this mail is more to do a summary of what has been done in each
>> community; I remember
>>
>>
>> Melbourne ( australia ) has done a web based firmware generator
>> red libre , I don't remember
>> Wifree project is quite dead ?
>> and I guess there are several other projects  ?
>> i'd like to know if you feel like me that wireless access could be
>> more spread if an easy installer for available for current flashable
>> devices.
>>
>> thanks for your attention :-)
>>
>>
>>
> _______________________________________________
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog



Plus d'informations sur la liste de diffusion WiFiDog