Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wifidog don't block traffic #296

Open
medrockstar opened this issue Apr 18, 2018 · 4 comments
Open

Wifidog don't block traffic #296

medrockstar opened this issue Apr 18, 2018 · 4 comments

Comments

@medrockstar
Copy link

medrockstar commented Apr 18, 2018
edited
Loading

Hi,

My wifidog don't block traffic

config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'

config globals 'globals'
option ula_prefix 'fd3d:1fb3:5baf::/48'

config interface 'lan'
option ifname 'eth0'
option force_link '1'
option type 'bridge'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.1.66'
option gateway '192.168.1.1'
option dns '192.168.1.1'

===========================================

root@OpenWrt:~# /etc/init.d/wifidog status
WiFiDog status

Version: 1.2.1
Uptime: 0d 0h 0m 4s
Has been restarted: no
Internet Connectivity: yes
Auth server reachable: yes
Clients served this session: 0

0 clients connected.

Authentication servers:
Host: auth.ilesansfil.org (108.163.136.106)

====================================

[7][Wed Apr 18 10:33:23 2018]3752 Auth Server Says: Pong
[7][Wed Apr 18 10:34:21 2018]3752 Running fw_counter()
[7][Wed Apr 18 10:34:22 2018]3752 Handler for SIGCHLD called. Trying to reap a child
[7][Wed Apr 18 10:34:22 2018]3752 Handler for SIGCHLD reaped child PID 4014
[7][Wed Apr 18 10:34:22 2018]3752 Handler for SIGCHLD called. Trying to reap a child
[7][Wed Apr 18 10:34:22 2018]3752 Handler for SIGCHLD reaped child PID 4016
[7][Wed Apr 18 10:34:22 2018]3752 Locking client list
[7][Wed Apr 18 10:34:22 2018]3752 Client list locked
[7][Wed Apr 18 10:34:22 2018]3752 Unlocking client list
[7][Wed Apr 18 10:34:22 2018]3752 Client list unlocked
[7][Wed Apr 18 10:34:22 2018]3752 Running ping()
[7][Wed Apr 18 10:34:22 2018]3752 Entering ping()
[7][Wed Apr 18 10:34:22 2018]3752 Locking config
[7][Wed Apr 18 10:34:22 2018]3752 Config locked
[7][Wed Apr 18 10:34:22 2018]3752 Level 1: Calculated 1 auth servers in list
[7][Wed Apr 18 10:34:23 2018]3752 Level 1: Resolving auth server [auth.ilesansfil.org]
[7][Wed Apr 18 10:34:23 2018]3752 Locking wd_gethostbyname()
[7][Wed Apr 18 10:34:23 2018]3752 wd_gethostbyname() locked
[7][Wed Apr 18 10:34:23 2018]3752 Unlocking wd_gethostbyname()
[7][Wed Apr 18 10:34:23 2018]3752 wd_gethostbyname() unlocked
[7][Wed Apr 18 10:34:23 2018]3752 Level 1: Resolving auth server [auth.ilesansfil.org] succeeded = [108.163.136.106]
[7][Wed Apr 18 10:34:23 2018]3752 Level 1: Connecting to auth server auth.ilesansfil.org:80
[7][Wed Apr 18 10:34:23 2018]3752 Level 1: Successfully connected to auth server auth.ilesansfil.org:80
[7][Wed Apr 18 10:34:23 2018]3752 Unlocking config
[7][Wed Apr 18 10:34:23 2018]3752 Config unlocked
[7][Wed Apr 18 10:34:23 2018]3752 Connected to auth server
[7][Wed Apr 18 10:34:23 2018]3752 Sending HTTP request to auth server: [GET /ping/?gw_id=90F6522BFAC0&sys_uptime=45772&sys_memfree=6260&sys_load=0.00&wifidog_uptime=603 HTTP/1.0
User-Agent: WiFiDog 1.2.1
Host: auth.ilesansfil.org

]

[7][Wed Apr 18 10:34:23 2018]3752 Reading response
[7][Wed Apr 18 10:34:23 2018]3752 Read 253 bytes
[7][Wed Apr 18 10:34:23 2018]3752 HTTP Response from Server: [HTTP/1.1 200 OK
Date: Wed, 18 Apr 2018 10:34:23 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-0+deb7u11
Set-Cookie: authpuppy=74gc4a6avkdeauugd6n9kost97; path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8

Pong
]
[7][Wed Apr 18 10:34:23 2018]3752 Auth Server Says: Pong
@benoitg
Copy link
Member

benoitg commented Apr 19, 2018

Are you sure you have GatewayInterface set to the proper interface, your client's side of the router? Are you sure you are NATing or routing through your router, not just using it as an access point.

@medrockstar
Copy link
Author

medrockstar commented Apr 19, 2018
edited
Loading

My access point is behind router.

how to check NATing or routing ?
internet-router-access point.

my config :

#GatewayID default

ExternalInterface wlan0

GatewayInterface br-lan

#GatewayAddress 192.168.1.1

@JJEU
Copy link

JJEU commented Apr 24, 2018
edited
Loading

Hello,

there is a problem with your config.
benoit is right, your router is not configured like a router, it's just an access point.

to have router configuration, you need to edit /etc/config/network
or you can do this via the web interface but it's more difficult.

A definition of a router is a network device with 2 interface : LAN (toward the clients) and WAN (towards the internet).
a router is able to give communication to xxx number of client, accross a single IP on it's WAN interface. this is called NAT.
each client is identified with a single IP adress. this adress is used by the router to distribute the packets to the clients. it's called routing

let's see you /etc/config/network :

config interface 'lan' -> this identifies this section as the configuration of the LAN interface. wich name is "lan"
option ifname 'eth0' -> this link the "lan" interface to the hardware interface named "eth0". interfaces are named by the manufacturer like "eth0", "eth1", etc
option force_link '1'
option type 'bridge' -> this means that your device just transfers the packet. it's ats like a switch, not like a router. thus NAT is DISABLED and wifidog can't work !

following is the ip configuration of the lan interface :
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.1.66'
option gateway '192.168.1.1'
option dns '192.168.1.1'

now lets see your wifidog.conf file

ExternalInterface wlan0 -> this means that your router is connecting to the internet with the wifi interface. usually it's not the case. in most case you connect to the internet with the RJ45 wire. so there it should be eth1 i guess

GatewayInterface br-lan -> this tells your router to use an interface name "br-lan" to connect the clients.
it's better to comment this line so wifidog auto detects, but usually you woud put here the same name as the lan interface configured in /etc/config/network.

what is your network looks like ? how it is plugged to the internet ?
also to know what is the name of each physical interface. you would have to check the wiki of openwrt with the name of your device.

Exemple : see here an exemple of a page listing the properties of a random router. if you scroll down you see how the ethernet assignation is done
https://wiki.openwrt.org/toh/pcengines/alix

My advice :
just download and install the latest stable version of openwrt to your hardware.
by default all the config files would be configured correctly.
you just have to connect in ssh, type "pswd to create a new password, reboot, and enter in the web configuration. go in software, update the list , the search for "wifidog, and install it. install nano too

go in ssh and type nano
and edit wifidog.conf with the name of your authpuppy server
then connect to the wifi with your cellphone, and try to browse an HTTP website (NOT HTTPS)

information about wifidog installation : https://openwrt.org/docs/guide-user/services/captive-portal/wireless.hotspot.wifidog?s%5B%5D=wifidog

@medrockstar
Copy link
Author

medrockstar commented Jun 30, 2018
edited
Loading

Tks,

My installation is like this :

Internet - router (192.168.1.1) - switch - Openwrt (Wifidog)

Your configuration is for this installation ? because I already had router in network.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@benoitg @JJEU @medrockstar