- CoovaChilli 是一个开源的软件访问控制工具(access controller), 基于曾经流行的ChilliSpot项目, 并且被原来的ChilliSpot贡献者们维护.
- CoovaChilli 是一个功能丰富的软件访问控制工具提供一个网页认证(captive portal) / walled-garden 环境和使用RADIUS或者HTTP协议来访问控制(access provisioning)和账户认证(accounting).
- CoovaChillis是CoovaAP OpenWRT固件的一部分, 专门用于热点.
CoovaChilli在很多情况下可以完全取代ChilliSpot, 他基于ChilliSpot 1.0, 集成了1.1的大多数features, 并且添加了许多features和fixes
- http://blog.iservery.com/2013/06/25/pridani-luci-app-coovachilli-to-openwrt-image/
- https://github.com/stephank/luci/tree/master/applications/luci-coovachilli
- https://www.linkedin.com/groups/Use-HSRADCONF-remote-administration-ChilliSpotConfig-158903.S.186535173
- http://coova.org/node/3115
- --disable-leakybucket
- --disable-chillixml: 不使用chillixml (safe to do in most cases)
- --disable-json
- --disable-sessgarden: 不支持session walled garden
- --disable-ieee8021q: Disable support for IEEE 802.1Q (VLAN tagging on dhcpif interface)
- --enable-proxyvsa: Enable support for VSA(Vendor-Specific Attributes) attribute proxy
- --enable-largelimits: Enable larger limits for use with non-embedded systems. Bigger memory usage for more users
- --enable-binstatusfile: Enable support for binary status file. The status bin file saves and restores session state
- --enable-statusfile: Enable support for status file. The status file is informational only
- --enable-chilliproxy: Enable support for HTTP AAA Proxy. Required for uamaaaurl
- --enable-chilliradsec: Enable support for RadSec AAA Proxy. Required SSL support
- --enable-chilliredir: Enable support for redir server. Required for uamregex
- --enable-miniportal: Enable support Coova miniportal. Includes a simple haserl captive portal
- --enable-rtmon: Enable support for route monitoring deamon (experimental)
- --enable-netnat: Enable net interface nat (experimental)
- --with-openssl: enable support for OpenSSL. Required for radsec, redirssl, or uamuissl
- --with-matrixssl: enable support for MatrixSSL. Required for radsec, redirssl, or uamuissl
- --with-nfqueue: enable support for Netfilter_queue
- --with-nfcoova: enable support for coova kernel module
- --with-pcap: enable support for pcap
- --with-curl: enable support for curl (optional and used with --enable-chilliproxy)
- --with-mmap: enable support for mmap (experimental)
- --with-poll: enable support for poll (epoll is auto-detected and used if available)
- --with-ipc-msg: enable support for msgsnd/msgrcv SV IPC
package/feeds/oldpackages/coova-chilli/Config.in
opkg install coova-chilli-> 会安装coova-chilli, kmod-tun, librt, libpthreadopkg install haserl-> miniportal依赖
- 拷贝
/etc/chilli/defaults到/etc/chilli/config, 然后修改config里面配置 - 启动
/etc/init.d/chilli start会在/etc/chilli/生成main.conf,local.conf,hs.conf defaults中默认认为eth0是WAN口,eth1是LAN口, 可以修改HS_WANIF为WAN口,HS_LANIF为LAN口.
- 就是允许在无法链接到认证服务器的时候 仍然可以上网
- noradallow 这个选项 在1.3.0支持, 再按照如下链接的内容打patch就可以搞定, http://lists.coova.org/pipermail/chilli/2013-December/002485.html
- http://lists.coova.org/pipermail/chilli/2013-December/002481.html
UNIX_SOCKET=$(find /var/run -name *sock |grep 'chilli')
chilli_query -s $UNIX_SOCKET list > /tmp/chilli_clients
- mobile first design, responsive web design
- jQuery
- http://manoon.me/?p=668
- http://www.dd-wrt.com/wiki/index.php/Chillispot/zh_cn
- http://www.hotspotsystem.com/installation-guide-openwrt
- http://www.kissthink.com/archive/c-o-o-v-a-c-h-i-l-l-i-wu-xian-ren-zheng.html
- http://emandeguzman.blogspot.com/2012/11/openwrtcoovachilli.html
- main chilli configuration file, 可以包含全部的配置项, 或者包含其他文件. 默认情况下, 这个文件包含3个其他文件: main.conf, hs.conf, 和 local.conf. main.conf 和 hs.conf由functions shell文件中的函数创建, 基于下面提到的配置文件的配置和可能获取配置来自RADIUS server或者URL. local.conf是保留用于location specific configurations.
- 包含你的 main coinfigurations
- 包含你的由RADIUS传递的配置(使用Adminstrative-User login)
- 任何其他你有可能手动配置为了特殊的安装.
- 默认被chilli
init.d和functionsscripts使用, 创建实际的配置文件. 可以详细看里面的注释来了解如何配置chilli和相关的脚本和embedded content.
- 被chilli
init.d和functionsscripts使用的Location specific configurations. 拷贝上面的defaults, 然后修改.这个文件是在defaults文件之后被加载, 因此, 会覆盖配置.
- 通过加载上面的配置文件来帮助配置chilli, 设置一些默认参数, 并且提供函数来写入main.conf, hs.conf, 和local.conf基于local和possibily centralized RADIUS 服务器或者URL. 见chilli.conf(5)
- chilli的init.d file默认使用上面的配置来编译一个配置集合在
/etc/chilli目录, 利用local configurations和可能来自RADIUS 或一个URL的centralized configurations. 见chilli.conf(5)
- 用于daemon communication的UNIX socket, 见chilli_query(1)
- Process ID文件
- chilli serve up的embedded web content的典型目录, 使用一个minimal web server. 一个方便的位置用于splash page, embedded captive portal, 和JSON javascript resources.
- bstring
- json-c
- http://www.open-abc.com/robin-144.html
- chilli - main.c 主进程
- chilli_opt - main-opt.c 解析命令行和配置文件参数, 并写入二进制配置文件
- chilli_query - main-query.c 查询主进程chilli的连接状态
- chilli_radconfig - main-radconfig.c
- chilli_response - main-response.c pap或nt的challenge测试
- http://worldspot.net/
- http://www.hotspotsystem.com/
- http://www.wirelessorbit.com/ 已被hotspotsystem收购
- http://www.radiusdesk.com/user_guide/chilli/coovaap
- http://blog.trifork.com/2013/01/15/building-a-captive-portal-controlling-access-to-the-internet-from-your-network/
- http://trizelka.wordpress.com/coovachilli-with-radius/
- https://help.ubuntu.com/community/WifiDocs/CoovaChilli#Install_Radius_server_and_Database
- http://a810162.blogspot.com/2010/11/captive-portal-coovachilli.html
- http://emandeguzman.blogspot.hk/2012/11/coovachilli-mac-address-authentication.html
- http://serverfault.com/questions/266286/coovachilli-mac-authentication
- http://www.coova.org/node/77
- http://emandeguzman.blogspot.com/2012/11/openwrtcoovachilli.html
- http://lists.coova.org/pipermail/chilli/2013-February/002186.html
- http://wiki.contribs.org/CoovaChilli
- http://forums.contribs.org/index.php?topic=47339.0
- http://www.chillispot.org/chilliforum/topic134-chillispot-configuration-mac-authentication.html
- http://tobepragmatic.blogspot.hk/2014/05/coovachilli-setting-up-mac-based.html
- http://emandeguzman.blogspot.com/2012/11/openwrtcoovachilli.html
- http://blog.trifork.com/2013/01/15/building-a-captive-portal-controlling-access-to-the-internet-from-your-network/
- http://wiki.contribs.org/CoovaChilli
good job