Skip to content

Instantly share code, notes, and snippets.

@muffycompo
Last active June 19, 2023 10:26
Show Gist options
  • Save muffycompo/ced32f9422ef1f4319ca20c4ff784580 to your computer and use it in GitHub Desktop.
Save muffycompo/ced32f9422ef1f4319ca20c4ff784580 to your computer and use it in GitHub Desktop.
apt-get update
apt-get install -y g++ automake autoconf libtool libltdl-dev gengetopt make cmake libssl-dev libjson-c2 libjson-c-dev
git clone https://github.com/coova/coova-chilli
./bootstrap
./configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info \
--sysconfdir=/etc --localstatedir=/var --enable-largelimits \
--enable-proxyvsa --enable-miniportal --enable-chilliredir \
--enable-chilliproxy --enable-binstatusfile --enable-chilliscript \
--enable-chilliradsec --enable-dnslog --enable-layer3 --enable-eapol \
--enable-uamdomainfile --enable-redirdnsreq --enable-modules \
--enable-multiroute --enable-extadmvsa --with-openssl --with-poll --enable-json
make && make install
# Basic Config - Starting Point
# https://gist.github.com/muffycompo/b5d6bb587cc14df85c1f18a61ff60d16
# Disabling Ubuntu 16.x Automatic Naming
nano /etc/default/grub
GRUB_CMDLINE_LINUX="net.ifnames=0 biosdevname=0"
grub-mkconfig -o /boot/grub/grub.cfg
# IPUP.SH - Iptable Rules
# UAM server specified as 172.16.1.1
iptables -I INPUT -i tun0 -p tcp -m tcp --dport 80 --dst 172.16.1.1 -j ACCEPT
iptables -I INPUT -i tun0 -p tcp -m tcp --dport 443 --dst 172.16.1.1 -j ACCEPT
iptables -I INPUT -i tun0 -p tcp -m tcp --dport 22 --dst 172.16.1.1 -j ACCEPT
iptables -I INPUT -i tun0 -p tcp -m tcp --dport 8000 --dst 172.16.1.1 -j ACCEPT
# IPDOWN.SH - Iptable Rules
# UAM server specified as 172.16.1.1
iptables -D INPUT -i tun0 -p tcp -m tcp --dport 80 --dst 172.16.1.1 -j ACCEPT
iptables -D INPUT -i tun0 -p tcp -m tcp --dport 443 --dst 172.16.1.1 -j ACCEPT
iptables -D INPUT -i tun0 -p tcp -m tcp --dport 22 --dst 172.16.1.1 -j ACCEPT
iptables -D INPUT -i tun0 -p tcp -m tcp --dport 8000 --dst 172.16.1.1 -j ACCEPT
@pavankn
Copy link

pavankn commented Dec 20, 2021

What does 172.16.1.1contain ?? Is it a webserver serving a test HTML page with username and password ??

@muffycompo
Copy link
Author

That is just an arbitrary IP address for the server hosting CoovaChilli itself and the UAM server. Those rules were just included to show how one will setup iptables to work nicely with CoovaChilli when it comes to HTTP/S, SSH etc. Hope that clarifies it a little.

@pavankn
Copy link

pavankn commented Dec 21, 2021

Thanks for the clarification , I am working on a solution to show Captive Portal page to clients trying to connect to our Android SetTopBox/Raspberry PI . hostapd does a good job to create hotspot but doesnt direct to captive portal , So i am using chilli , with HS_WANIF=eth0 and HS_LANIF=wlan0 , i don't have much knowledge on the server side , what kind of test server do i need for chilli and how to configure the same ? When the solution works at my place , i just want to change the URL to a production URL where captive portal is hosted . Please guide me

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment