[isf-wifidog] wifidog + friefunk

Larry DiBona junkyml at verizon.net
Ven 12 Oct 13:49:55 EDT 2007 

Fred

Thanks for the info. I set up a TrustedMAClist before I posted my 
request, but it didn't help. I would like to try your iptables 
suggestion.  Could you tell me what the "WiFiDog_WIFI2Internet" is . Is 
this a system variable set by Wifidog during installation? Should I use 
this iptables command as is or substitute WiFiDog_WIFI2Internet with 
something?

More Info since I last posted: The node that is not connected to the 
Internet ,with no WAN connection and only on the mesh, will find the 
login page of the node that it meshes with that _is_ connected to the 
Internet WAN port.  This only works if I do not set the node to use 
itself as a gateway.  If you look at the mesh web report on the node, 
you can see the gateway that is being used, and the login page I get is 
the login of the gateway.  Somehow OLSR is setting the default gateway 
and that gateway allows the node to see the Auth server, but the login 
page from the gateway displays, not the node. I can live with this, but 
it would be way cooler for a node that is only connected using the mesh 
to find the server directly and display it's own page.

- Larry

Frederico Marques wrote:
> Hi Larry,
>
> Well, I had a similar problem dealing with wifidog + freifunk olsr. I  
> had a mesh network where some of the nodes running wifidog/olsr would  
> contact the wifidog server through the wifi interface, that is the  
> same where the clients are connecting. So, you have the iptables  
> firewall rules from wifidog denying  packets from clients and on this  
> setup other nodes are considered clients, so, you can't contact the  
> server. The solution that I come up to was to whitelist the mac  
> address of the nodes on each of the wifidog.conf setup  
> (TrustedMACList) and a small cron script to alter one of the iptables  
> rules to allow client authentication. Something like this:
>
> iptables -t filter -R WiFiDog_WIFI2Internet 3 -i eth1 -s ! 10.0.0.0/8  
> -m state --state NEW,INVALID -j DROP
>
>
> I had the NAT/OLSR configuration on Freifunk. All the clients  
> connecting through each node are NAT'ed to the mesh with the ip  
> address of the node (eth1/mesh side). It worked for me, don't know if  
> it works with you.
>
> Regards,
>
> --fred
>
> On Oct 5, 2007, at 7:33 PM, Larry DiBona wrote:
>
>   
>> Hello,
>>
>> I have been working on a similar project using Xwrt and the native  
>> OLSR
>> package and Wifidog.  It works well. I have a problem I would like to
>> address.
>>
>> When an access point running Wifidog works correctly using the WAN  
>> ports
>> to authenticate over the WEB to the Authentication server, and is part
>> of a mesh, if you remove the WAN connection, it can't find the server
>> using the mesh alone.
>>
>> I have the system set up in a standard fashion, and the OLSR mesh
>> network is in place.  Using 2 router access points and both having the
>> WAN ports connected to the Internet, I can connect and authenticate
>> against one or the other of the routers using the WifiDog server, all
>> works well.  I can also login and administer either router through the
>> mesh (without associating), which proves the OLSR mesh is working.
>>
>> If I remove the WAN connection from the 1st router and it is only
>> connected using the OLSR mesh (Which puts it on the network with  
>> the 2nd
>> router) the 1st router cannot find the Wifidog Server.  The router's
>> Wifidog green page informs me that it can't find the server.   
>> Connecting
>> to the LAN ports makes no difference. I have placed the mac  
>> addresses in
>> the wifidog config to allow access.  Has anyone solved this?
>>
>> -Larry
>>
>>
>> Michael Lenczner wrote:
>>     
>>> ---------- Forwarded message ----------
>>> From: michel memeteau <mmemeteau at marseille-wireless.org>
>>> Date: Sep 27, 2007 2:39 PM
>>> Subject: [wsfii-discuss] Some words about upcoming POLARIS firmware
>>> release from France Wireless
>>> To: community at freenetworks.org, wsfii-discuss at lists.okfn.org
>>>
>>>
>>> Hi everybody,
>>>
>>> I'm cross posting Wsfii & freenetwoks mailiing to reach a max of  
>>> people.
>>>
>>> I m part of France Wireless :  a group gathering most of the wireless
>>> groups in France as Redlibre in spain for example.
>>>
>>> We worked together to make the setup of a Wireless node ( Mesh +
>>> captive portal ) for gratis access. the current name of the firmware
>>> is POLARIS. We use freifunk and wifidog mostly ( and tinyproxy if
>>> needed ) .
>>>
>>> the TRAC is here : http://dev.wireless-fr.org , sorry as english
>>> translation is not ready , you can browse it through google translate
>>> :
>>>
>>>
>>> Current firmware is here
>>>
>>> and setup guide here
>>>
>>>  We release in few Weeks the POLARIS 0.2 : see the roadmap
>>>
>>>
>>> This project is just a playground , I guess most of your communities
>>> have already an easy to setup firmware for meshing & captif portal.
>>> Oui aim is not to do better than all the other projects but to gather
>>> simple requirement to make my mother being able to create a free
>>> hotspot with her WRT  .....
>>>
>>>
>>> So this mail is more to do a summary of what has been done in each
>>> community; I remember
>>>
>>>
>>> Melbourne ( australia ) has done a web based firmware generator
>>> red libre , I don't remember
>>> Wifree project is quite dead ?
>>> and I guess there are several other projects  ?
>>> i'd like to know if you feel like me that wireless access could be
>>> more spread if an easy installer for available for current flashable
>>> devices.
>>>
>>> thanks for your attention :-)
>>>
>>>
>>>
>>>       
>> _______________________________________________
>> WiFiDog mailing list
>> WiFiDog at listes.ilesansfil.org
>> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
>>     
>
> _______________________________________________
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
>
>

Plus d'informations sur la liste de diffusion WiFiDog