www.chilliwave.com

Wifi Network Distribution and Billing Server
It is currently Sat Feb 29, 2020 5:36 am

All times are UTC - 8 hours [ DST ]




Post new topic Reply to topic  [ 34 posts ]  Go to page Previous  1, 2, 3  Next
Author Message
 Post subject:
PostPosted: Tue Apr 29, 2008 8:07 am 
Offline
Site Admin
User avatar

Joined: Fri Mar 17, 2006 4:52 pm
Posts: 4413
Location: Bend, Oregon
Martin.. No problem.. Thank you very much..

I was mainly wanting you to know the actual process that would be involved to get that going so you wouldn't beat your head against the wall on it..

As this evolves, ideas like this bubble to the surface and we would certainly add whatever you guys want and are willing to donate to get accomplished.. That is the whole point here and we would gladly work with anyone who needs some custom work done.. We will do it for the project at large also.. of course..

That would be a cool thing to add, but it would massively affect the way the system works now, so there would have to be a switch to turn the function on and off, but all of that can be done..

Let's keep Loren focused on the list we have going, which will be done in a few days, and then we will look at things like this and a few other ideas rolling out there and see what direction we want to take next..

Maybe this could be an add-on module that people could donate for separately, which would be a good motivator for Loren to write it and would only cost $20 or so for each person who wants it, rather than you paying the whole bill for it..

Basically, we have to come up with about $200 for each day of work that we ask the professional programmers to do or they will just stick with their day job, because they make at least that much there... They are not trying to stick it to us either, they just need a reason to work for us rather than people who actually pay regularly... lol... So we are at a bit of a disadvantage because our payments to people like this are willy-nilly and all over the board, so we are lucky when we get a programmer like Loren or cjkeeme to work with us and our screwed up payment program, or lack of it..

That is what we are up against, but anything we want bad enough we can have...

Does that make sense?

So yes, no, maybe, probably, we'll see............

How's that for an answer.... :lol:

Chuck


Top
 Profile  
 
 Post subject:
PostPosted: Wed Apr 30, 2008 4:49 am 
I like this idea but mainly like it for people?s devices to pass through chilli

I just bought a Skype phone that has no web page functions its purely fires up then scans wifi connects to router/repeater then fails because there is no input for a username/password so i got the devices Mac code entered like chuck has said and voila we have lift off

So there are a lot of wifi enabled devices out there that work in the same manner and it will be a pain in the bum if we have to manually add all the Mac codes individually and match them up to who is paying and when a user?s account expires and add it back when they pay again

I liked steves idea to match this up with a mysql entry

That contact page that i use if i add another field for Mac code a user could enter their devices Mac code along with their details and the Mac code will be entered into the mysql

All we would need then is a way for the /etc/freeradius/users file to grab the Mac code data from the mysql

Is that something we can do?


http://www.hot5pot.com/contact.html

That is linked to a mysql database and messages are retrieved here

http://www.hot5pot.com/contact_management.php

username root
pass ifiw321

oh yes the mac code entry would have to only work if the have paid and stop working when account expired


Top
  
 
 Post subject:
PostPosted: Mon May 05, 2008 10:45 am 
Reading this, I got two questions.

1. If I add the settings for mac authentification as described by chuck, chilli would check for the mac address. Does it disable access after a given (bought) time or is access then always open?

2. Is it possible to grab the mac-address of each connected device and add it to the database when it first connects?

My idea is as follows:

The Wifi-Device connects to the router. Chilli gives the IP-Adress and generate a username and adds this to the mysql-database along with the mac-address and zero time to a radius-database (mysql).

The Owner of the Wifi-Device go to the counter and buy Access-Time. The operator there needs a interface, where he can see all users with mac-adress and remaining time or zero time. He then can add simply the Minutes bought by the Owner to that device.

I know, this is not the way for automated selling time via paypal, but for most hotspots which want to sell their time on their own it would be a great deal. Also it would be possible to connect devices without web interface like Wifi-Phones etc.

With regards,

Frank


Top
  
 
 Post subject:
PostPosted: Mon May 05, 2008 11:22 am 
Offline
Site Admin
User avatar

Joined: Fri Mar 17, 2006 4:52 pm
Posts: 4413
Location: Bend, Oregon
We've talked about this, as you are correct, that would be a really slick way to authenticate people, so we have it on our wish list and as soon as we pass the first milestone in the next few days of announcing that all currently known bugs are fixed and have an update for that, then we can look at stuff like this..

Right now they would be permanantly authenticated until you remove that mac address from

/etc/freeradius/users

I hope that helps.. All you really need to do in the chill.conf file for now, is turn on the "mac-auth" dunction and leave it at that.. The server handles the list of mac's...

Chuck


Top
 Profile  
 
 Post subject:
PostPosted: Mon May 05, 2008 3:59 pm 
I tried this sort of Authentication now and its really great. Have created a user (by hand) in radcheck with UserName filled with the mac address XX-XX-XX-XX-XX-XX and the attributes Max-All-Session, Simultaneous-Use, User-Password, Expiration and Auth-Type.

User-Password has to be the password set in chilli.conf tag macpassword, also uncomment macauth tag as described by chuck before.
Local-Auth has to be Local.

I can connect with my laptop without getting the login-page, but if the time is used up or the account is expired, I will land on the login page. So this works as expected. The only thing which has to be solved now to get my Idea running is to create the mac-adress user at the first connect.

I will see if this is possible.

[[EDIT]] Had a look at the freeRadius Site. I think it will be possible using perl in the authentification section. I will try this maybe tomorrow.

Good Night


Top
  
 
 Post subject:
PostPosted: Sat May 10, 2008 2:42 pm 
I think it would be possible to have a system in radcheck like

username|mac_address

Im not sure what script actually does the authentication when you log into a router. The logic would be to explode the username by | so you would have both the user name and mac address.
This would give you the best of both worlds.

I have looked at hotspotlogin but there is something else at work here

I'm sure the router sends back a lot of info when it authenticates a user, possibly we could get it to send back the mack for the username and update radcheck with the macaddress after the user name.

using explode we could see that $macaddress !=''; and then use it that way

if ($macaddress != ''){
// we have a mac address and can authenticate the mac
}

else{
we dont have a mac address so ask for user name and password.
}

This is just my first glance at this thread and may be way off in left feild


Top
  
 
 Post subject:
PostPosted: Sun May 11, 2008 3:44 am 
If you use Mac-Authentication, the User-Name Attribute is filled with the Mac-Address of the device. And this is the same value as in Calling-Station-Id.

I'm programming a perl module which should run in front of the authentication process and add a user entry in the radcheck-table for the device.

It's my first try using perl but I think it should be ready until tomorrow. I will post the results when they are ready.

with regards, Frank


Top
  
 
 Post subject:
PostPosted: Mon May 12, 2008 4:59 pm 
I have added a script which is doing this in this thread: http://oregonmicroscience.com/hotspotfo ... php?p=4907


Top
  
 
 Post subject:
PostPosted: Fri Aug 22, 2008 8:38 am 
I would like to set the people to log using the mac of their computers as fneudert explained so that when the time expires they get the login page. I want to do it manually and I've tried to follow this thread. but I can't make it work. Can someone make a step by step?
Thanks
Wilberto


Top
  
 
 Post subject:
PostPosted: Fri Aug 22, 2008 9:27 am 
Offline
Site Admin
User avatar

Joined: Fri Mar 17, 2006 4:52 pm
Posts: 4413
Location: Bend, Oregon
You have to reboot the server or restart freeradius for those changes to take affect..

Tell me if you did that and I will take it from there.. There is a full description of how this works on the first post of this thread..

Chuck


Top
 Profile  
 
 Post subject:
PostPosted: Fri Aug 22, 2008 12:46 pm 
I restarted freeradius. I used this command:

/etc/init.d/freeradius stop
/etc/init.d/freeradius start

This is what I did:

1. Added the Mac address of the PC in the "users" file and also modified the other file as per your instructions.
2. Created a new user.
3. In the database table radcheck I substituted the username in all 4 fields with the mac address and changed the password to "password"
4. Restarted freeradius

What do you think?

Take care,

Wilberto


Top
  
 
 Post subject:
PostPosted: Fri Aug 22, 2008 1:42 pm 
I found it!! I forgot to enable macauth in the router. Now its working.

Thanks a lot!!

Wilberto


Top
  
 
 Post subject:
PostPosted: Fri Aug 22, 2008 8:01 pm 
Offline
Site Admin
User avatar

Joined: Fri Mar 17, 2006 4:52 pm
Posts: 4413
Location: Bend, Oregon
Nice.. A little peristence will do it every time.. Good job..

You did not need to alter anything in the database.. All you have to do is add the person to the /etc/freeradius/users file and restart freeradius and that user is now permanently authenticated..

If you do put the basic attributes directly into the radcheck table of the database you can give them an ending time when they will be shut off..

anyway, glad you got it.. It's usually the simple things that get you on this stuff..

Take care,
Chuck


Top
 Profile  
 
 Post subject:
PostPosted: Sat Feb 21, 2009 10:55 am 
Have anyone tried to just make another line in radcheck that says:
Mac-adress,Auth-Type,:=,Local

It seems to work for me.


Top
  
 
 Post subject:
PostPosted: Sat Feb 21, 2009 11:03 am 
Offline
Site Admin
User avatar

Joined: Fri Mar 17, 2006 4:52 pm
Posts: 4413
Location: Bend, Oregon
twinmos.... this thread is so old and obsolete, I should probably delete it..

You have mac authentication built in and working on your system now, but it is a hidden button you have to turn on..

I will be right back with how to do it..

Chuck


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 34 posts ]  Go to page Previous  1, 2, 3  Next

All times are UTC - 8 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group