[isf-wifidog] Gateway Lockup and Auth Server Errors
Matthew Tavenor
mtavenor at nlpl.ca
Mar 15 Avr 14:16:38 EDT 2008
Hi Alex,
I have tried completely uninstalling mod_security and the problem of the
Wifidog gateway still persist. The gateway will lockup / freeze and have to
be terminated and restarted in-order to work again. This problem can be
duplicated if say I log in after a fresh start-up on both laptop and
gateway. Then if I shut the laptop off and wait 2 minutes. Turn it back on
the laptop will go through without a hitch but nobody else can sign up and
the wifidog gateway freezes/locks.
I wish I could get an error message but there is nothing. Please help!
-----Original Message-----
From: wifidog-bounces at listes.ilesansfil.org
[mailto:wifidog-bounces at listes.ilesansfil.org] On Behalf Of acv
Sent: Tuesday, April 15, 2008 10:32 AM
To: WiFiDog Captive Portal
Subject: Re: [isf-wifidog] Gateway Lockup and Auth Server Errors
Try disabling mod_security in your apache setup. The wifidog HTTP
implementation is as minimal as possible and it looks like your mod_security
is rejecting part of the protocol.
Alex
On Tue, Apr 15, 2008 at 09:13:45AM -0230, Matthew Tavenor wrote:
> From: "Matthew Tavenor" <mtavenor at nlpl.ca>
> To: <wifidog at listes.ilesansfil.org>
> Date: Tue, 15 Apr 2008 09:13:45 -0230
> X-Mailer: Microsoft Office Outlook 12.0
> Subject: [isf-wifidog] Gateway Lockup and Auth Server Errors
>
> Greetings,
>
>
>
> I have a few questions on my test setup for Wifidog Hotspot. I am in
> the process of trying to get this up and running so that we can deploy
> it in 96+ Library locations across my Province. The test setup and
> problems that occur are list below:
>
>
>
> Wifidog Gateway (Revision:1344) - Dell Optiplex 755 Small Form Factor
>
> - Fedora 8 - 64bit (Using built in iptables firewall for basic
> masquerading)
>
> - SELinux Off
>
> - Linksys WRV200 w/Ranger Booster - Wireless AP
>
>
>
> Wifidog Auth Server (Revision:1343) - Dell Optiplex 755 Small Form
> Factor
>
> - Fedora 8 - 32bit (no Firewall at the moment because of testing)
>
> - Apache 2.2.8
>
> - Postgresql 8.2.7
>
> - PHP 5.2.4
>
>
>
>
>
> Wifidog.conf
>
> ----------------
>
> GatewayID ggrwifi
>
> ExternalInterface eth0
>
> GatewayInterface eth1
>
> GatewayAddress 10.0.0.1
>
>
>
> AuthServer {
>
> Hostname 192.168.0.205
>
> SSLPort 443
>
> HTTPPort 80
>
> Path /
>
> }
>
>
>
> GatewayPort 2060
>
> HTTPDName WiFiDog
>
> HTTPDMaxConn 100
>
> CheckInterval 120
>
> ClientTimeout 10
>
> FirewallRuleSet global {
>
> FirewallRule block tcp port 25
>
> FirewallRule block to 192.168.0.0/16
>
> }
>
> FirewallRuleSet validating-users {
>
> FirewallRule allow to 0.0.0.0/0
>
> }
>
> FirewallRuleSet known-users {
>
> FirewallRule allow to 0.0.0.0/0
>
> }
>
> FirewallRuleSet unknown-users {
>
> FirewallRule allow udp port 53
>
> FirewallRule allow tcp port 53
>
> FirewallRule allow udp port 67
>
> FirewallRule allow tcp port 67
>
> }
>
> FirewallRuleSet locked-users {
>
> FirewallRule block to 0.0.0.0/0
>
> }
>
> -------------------
>
>
>
> Pg_hba.conf
>
> ---------------
> local wifidog wifidog md5
>
> local all all ident sameuser
>
> # IPv4 local connections:
>
> host wifidog wifidog 127.0.0.1/32 md5
>
> host all all 127.0.0.1/32 ident sameuser
>
> # IPv6 local connections:
>
> #host all all ::1/128 ident sameuser
>
> ---------------
>
>
>
> I hope I have provided enough information for my questions. Here they
are.
>
>
>
> 1) Everything seems to work fine, I get the login/portal page you can
> sign up and validation works, browse the web for as long as you like.
> If you sit idle for say 30 minutes, then try to browse with an open
> browser, the Wifidog gateway locks and will lose connection to the Auth
server.
>
> 2) I can't find a way to get the Wifidog to give me more information
> besides running it with the command Wifidog -f -d 7 ? No information
> anywhere else besides this on the screen right before it locks.
>
> [7][Mon Apr 14 16:39:42 2008][2909](auth.c:83) Running fw_counter()
>
> [7][Mon Apr 14 16:39:42 2008][2909](fw_iptables.c:510) Read outgoing
> traffic for 10.0.0.120: Bytes=62228
>
>
>
> 3) Here is the error on the /var/log/httpd/error_log
>
> [Mon Apr 14 16:38:24 2008] [error] [client 192.168.0.212] ModSecurity:
> Warning. Match of "rx ^OPTIONS$" against "REQUEST_METHOD" required.
> [id "960015"] [msg "Request Missing an Accept Header"] [severity
> "CRITICAL"] [hostname "192.168.0.205"] [uri
> "/auth/?stage=counters&ip=10.0.0.120&mac=00:16:6F:6B:B6:9A&token=2fe63
> 78088b 8adc4d3e64d7ef3345ac8&incoming=385513&outgoing=62180"]
> [unique_id "AgVSLn8AAAEAAAhmPRUAAAAB"]
>
> [Mon Apr 14 16:38:28 2008] [error] [client 192.168.0.212] ModSecurity:
> Warning. Match of "rx ^OPTIONS$" against "REQUEST_METHOD" required.
> [id "960015"] [msg "Request Missing an Accept Header"] [severity
> "CRITICAL"] [hostname "192.168.0.205"] [uri
> "/ping/?gw_id=ggrwifi&sys_uptime=3503&sys_memfree=1357812&sys_load=0.0
> 2&wifi dog_uptime=2524"] [unique_id "AkIxF38AAAEAAAhnPWoAAAAC"]
>
>
>
> Please help as I really excited about this project and I want to use
> this product as it does exactly what we want it to do.
>
> Thanks,
>
> Matt
>
> _______________________________________________
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
Plus d'informations sur la liste de diffusion WiFiDog