<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head><title></title>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<style type="text/css"><!--
body {
margin: 5px 5px 5px 5px;
background-color: #ffffff;
}
/* ---------- Text Styles ---------- */
hr { color: #000000}
body, table /* Normal text */
{
font-size: 9pt;
font-family: 'Courier New';
font-style: normal;
font-weight: normal;
color: #000000;
text-decoration: none;
}
span.rvts1 /* Heading */
{
font-size: 10pt;
font-family: 'Arial';
font-weight: bold;
color: #0000ff;
}
span.rvts2 /* Subheading */
{
font-size: 10pt;
font-family: 'Arial';
font-weight: bold;
color: #000080;
}
span.rvts3 /* Keywords */
{
font-size: 10pt;
font-family: 'Arial';
font-style: italic;
color: #800000;
}
a.rvts4, span.rvts4 /* Jump 1 */
{
font-size: 10pt;
font-family: 'Arial';
color: #008000;
text-decoration: underline;
}
a.rvts5, span.rvts5 /* Jump 2 */
{
font-size: 10pt;
font-family: 'Arial';
color: #008000;
text-decoration: underline;
}
span.rvts6
{
font-size: 11pt;
font-family: 'tahoma';
font-weight: bold;
color: #ffffff;
background-color: #0000ff;
}
span.rvts7
{
font-size: 11pt;
font-family: 'tahoma';
}
a.rvts8, span.rvts8
{
font-size: 11pt;
font-family: 'tahoma';
font-weight: bold;
color: #0000ff;
text-decoration: underline;
}
a.rvts9, span.rvts9
{
font-size: 11pt;
font-family: 'tahoma';
color: #0000ff;
text-decoration: underline;
}
span.rvts10
{
font-size: 8pt;
font-family: 'arial';
font-style: italic;
color: #c0c0c0;
}
a.rvts11, span.rvts11
{
font-size: 8pt;
font-family: 'arial';
color: #0000ff;
text-decoration: underline;
}
/* ---------- Para Styles ---------- */
p,ul,ol /* Paragraph Style */
{
text-align: left;
text-indent: 0px;
padding: 0px 0px 0px 0px;
margin: 0px 0px 0px 0px;
}
.rvps1 /* Centered */
{
text-align: center;
}
--></style>
</head>
<body>
<p>Well, first, I hate hacking stuff myself. I'm no guru for PHP, and I'd rather leave PHP and associated security with someone else. (There's a lot of things I DO know and I'd rather spend time on those things and do them right than go off and do stuff I don't know half-assed. [No implication you are, just speaking for myself.])</p>
<p><br></p>
<p>When you say "localhost" I assume you don't mean active Linux accounts, but local as in PGSql...</p>
<p><br></p>
<p>I suppose there's no huge benefit at all. In fact, it's an additional thing to setup and maintain, but it's easy for me.</p>
<p>The user accounts and passwords are all in a text file - users - in radius. (If you use MySQL db backend support, I think there are web user admin modules already setup for FreeRadius that will allow you really easy user management.)</p>
<p><br></p>
<p>How are you going to manage users in PGSql/locally? Either you write your own web pages and have some security overlaid, or you'll be installing or learning how to use PGSql on the command line or a graphical tool - that's not much easier than installing Radius.</p>
<p><br></p>
<p>As I've said before, having someone else maintain the code for a wide group of people really cuts down on the load for a single guy. I've done custom code and apps, but then you're married to the thing. Security is hard to get right, and doing it by yourself is even worse.</p>
<p><br></p>
<p>Upsides? </p>
<p>If at sometime in the future, we want to allow the system to do WPA-Radius, it's all configured to go since I've got radius already setup on the box. (And I must say, WPA-Radius is very, very cool - I've implemented it on other systems!)</p>
<p><br></p>
<p>Anyway, I'd rather leverage something that someone else built and maintains than hand-tool a bunch of code myself. I think the quality of code is better, is likely more secure, and gets better scrutiny. When I must absolutely have something custom, then I'll consider it. But I've seen too many places with gobs of bad code that's not documented that the organization's come to rely on, and they end up paying a boat-load of cash to keep it running because they can't live without it...but it can't run on a new version of the DB, or Perl, or something else. And upgrading it's out of the question - it would be too expensive, and no-one knows what's going to break etc...</p>
<p><br></p>
<p>Snap-in radius protects me in the long term as things change in WifiDog. Security isn't a issue that I have to worry about. If Radius is found insecure, than a patch/upgrade for Radius fixes it. Same with WiFiDog. WiFiDog DB changes won't impact me either.</p>
<p><br></p>
<p>Plus I don't have to document for someone else how my custom scripts work. Read the WiFiDog docs and Radius docs. I don't do anything non-standard. (Just document the user move from Users to Admin in the PGSql tables for admin access- but I'm going to add that to the WiFiDog documentation myself anyway...)</p>
<p><br></p>
<p>As long as WiFiDog supports Radius, I've got an in. (And I suspect Radius support is just going to get better not worse!)</p>
<p><br></p>
<p>Radius really is a pretty neat tool. Lots of stats if you want 'em and such...</p>
<p><br></p>
<p>I guess the basic reasoning is - I'd rather add to the public commons and build and use the universal tools so everyone can leverage the methods and effort of everyone else.</p>
<p><br></p>
<p>-Greg</p>
<p><br></p>
<div><table border=0 cellpadding=1 cellspacing=2 style="border-color: #000000; border-style: solid;">
<tr valign=top>
<td width=12 style="background-color: #0000ff;">
<p><span class=rvts6>></span></p>
</td>
<td width=862 style="background-color: #ffffff;">
<p><span class=rvts7>Hi Greg,</span></p>
<p><span class=rvts7>I always wondered whats the real advantage of a RADIUS server.I too have done a setup of wifidog captive system for a Hotel and i only hacked into the local database and php codes to customize it for the needs. </span></p>
<p><br></p>
<p><span class=rvts7>Now as you use RADIUS whats the benefit that you get compared to localhost authentication??</span></p>
<p><br></p>
<p><br></p>
<p><br></p>
<p><span class=rvts7>Regards,</span></p>
<p><span class=rvts7>Vinay</span></p>
<p><br></p>
<p><br></p>
<p><span class=rvts7>On 10/26/06, </span><a class=rvts8 href="mailto:listserv.traffic@sloop.net">listserv.traffic@sloop.net</a><span class=rvts7> <</span><a class=rvts9 href="mailto:listserv.traffic@sloop.net">listserv.traffic@sloop.net</a><span class=rvts7>> wrote:</span></p>
<p><br></p>
<p><span class=rvts7>I had initially started working on a Chilli install, but abandoned it. (Horribly unimpressed...)</span></p>
<p><br></p>
<p><span class=rvts7>I don't care for the fact that DHCP, firewalling, routing etc, is all built into Chilli. (At least that's what I understood - perhaps I'm wrong.)</span></p>
<p><br></p>
<p><span class=rvts7>I had quite a lot of trouble and the community there seemed dead. I couldn't get replies to virtually anything, and their forum had spam postings all over the place...</span></p>
<p><br></p>
<p><span class=rvts7>Anyway, I heard rumor that Mac's had problems with the DHCP server built into Chilli, and that's a serious problem for me. I can't be baby sitting this thing all the time. So, having something that just works, and uses as many standard linux apps as possible will make life a lot easier I suspect. (Why recreate the wheel...and all... And when something doesn't work right, which will get fixed quicker, Chilli or the DHCP Daemon, or IPTables etc!) </span></p>
<p><br></p>
<p><span class=rvts7>I've got WifiDog working mostly the way I want, though doing modifications of the web-forms is a bit messy.</span></p>
<p><br></p>
<p><span class=rvts7>Radius seems to work well! (Cheers to who ever did the radius thing!)</span></p>
<p><br></p>
<p><span class=rvts7>Using PGAdmin3 allowed me to easily add the User ID to the "Admin" table too, so that's fixed! [Getting an "Admin" equiv radius login.] (Thanks Benoit!)</span></p>
<p><br></p>
<p><span class=rvts7>I already had a few WRT54GL's sitting here for this project and I'm loading Coova right now. (Man, that thing is really very, *very* nice. I've never messed with OpenWRT, but Coova is just simply slick, painless. Yay for the Coova folks. </span></p>
<p><br></p>
<p><span class=rvts7>Anyway, other than some messy template edits, which I'll address later - things are going quite well. (I'm in way too many hours to recoup it all in fees, but I learned a lot, and frankly, I think WifiDog is one of the best multi-purpose tools out there. Unfortunately, multi-purpose tools tend to be fairly complex and difficult to ramp up on...) </span></p>
<p><br></p>
<p><span class=rvts7>Anyway - I must say, I'm impressed with the WD group here. The documentation is thin, as it is on many GPL/Opensource projects, but the list-serv is populated by a lot of you that want to help. Thanks, a lot!!</span></p>
<p><br></p>
<p><span class=rvts7>I'll do what I can to help on the documentation side - at least to help someone duplicate what I've done and overcome some of the issues I've encountered. (I've already edited the Wiki to help on the PG security issue that many of us encounter.) </span></p>
<p><br></p>
<p><span class=rvts7>Thanks again!</span></p>
<p><span class=rvts7>-Greg</span></p>
<p><br></p>
<div><table border=0 cellpadding=1 cellspacing=2 style="border-color: #000000; border-style: solid;">
<tr valign=top>
<td width=20 style="background-color: #0000ff;">
<p><span class=rvts7>></span></p>
</td>
<td width=814 style="background-color: #ffffff;">
<p><span class=rvts7>You may want to look at this tutorial. </span></p>
<p><a class=rvts9 href="http://www.howtoforge.com/wifi_hotspot_setup">http://www.howtoforge.com/wifi_hotspot_setup</a></p>
<p><br></p>
<p><span class=rvts7>It uses Radius + DD-WRT firmware with chillispot and user management software called phpMyPrepaid. I tested this set during summer and it might be a good solution for your need. </span></p>
<p><br></p>
<p><span class=rvts7>---</span></p>
<p><span class=rvts7>V Patel</span></p>
<p><br></p>
<p><br></p>
</td>
</tr>
</table>
</div>
<p><br></p>
<p><br></p>
<p><br></p>
<p><br></p>
<p><br></p>
<p><span class=rvts7>_______________________________________________</span></p>
<p><span class=rvts7>WiFiDog mailing list</span></p>
<p><a class=rvts9 href="mailto:WiFiDog@listes.ilesansfil.org">WiFiDog@listes.ilesansfil.org</a></p>
<p><a class=rvts9 href="http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog">http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog</a></p>
<p><br></p>
</td>
</tr>
</table>
</div>
<p><br></p>
<p><br></p>
<p><br></p>
<p><br></p>
<p><span class=rvts10>-- </span></p>
<p><span class=rvts10>Best regards,</span></p>
<p><span class=rvts10> listserv </span><a class=rvts11 href="mailto:listserv.traffic@sloop.net">mailto:listserv.traffic@sloop.net</a></p>
</body></html>