############################################################################## # # Sample CoovaChilli configuration file # ############################################################################## # General settings config general # Enable this flag to include debug information. option debug 0 # Re-read configuration file at this interval. Will also cause new domain # name lookups to be performed. Value is given in seconds. option interval 3600 # File to store information about the process id of the program. # The program must have write access to this file/directory. option pidfile /var/run/chilli.pid # Directory to use for nonvolatile storage. # The program must have write access to this directory. # This tag is currently ignored #option statedir ./ # TUN parameters config tun # IP network address of external packet data network # Used to allocate dynamic IP addresses and set up routing. # Normally you do not need to uncomment this tag. option net 192.168.182.0/24 # Dynamic IP address pool # Used to allocate dynamic IP addresses to clients. # If not set it defaults to the net tag. # Do not uncomment this tag unless you are an experienced user! #option dynip 192.168.182.0/24 # Static IP address pool # Used to allocate static IP addresses to clients. # Do not uncomment this tag unless you are an experienced user! #option statip 192.168.182.0/24 # Primary DNS server. # Will be suggested to the client. # If omitted the system default will be used. # Normally you do not need to uncomment this tag. #option dns1 172.16.0.5 # Secondary DNS server. # Will be suggested to the client. # If omitted the system default will be used. # Normally you do not need to uncomment this tag. #option dns2 172.16.0.6 # Domain name # Will be suggested to the client. # Normally you do not need to uncomment this tag. option domain key.chillispot.org # Script executed after network interface has been brought up. # Executed with the following parameters: # Normally you do not need to uncomment this tag. #option ipup /etc/chilli.ipup # Script executed after network interface has been taken down. # Executed with the following parameters: # Normally you do not need to uncomment this tag. #option ipdown /etc/chilli.ipdown # Script executed after a user has been authenticated. # Executed with the following parameters: # # Normally you do not need to uncomment this tag. #option conup /etc/chilli.conup # Script executed after a user has disconnected. # Executed with the following parameters: # # Normally you do not need to uncomment this tag. #option condown /etc/chilli.condown # DHCP Parameters config dhcp # Ethernet interface to listen to. # This is the network interface which is connected to the access points. # In a typical configuration this tag should be set to eth1. option dhcpif eth1 # Use specified MAC address. # An address in the range 00:00:5E:00:02:00 - 00:00:5E:FF:FF:FF falls # within the IANA range of addresses and is not allocated for other # purposes. # Normally you do not need to uncomment this tag. #option dhcpmac 00:00:5E:00:02:00 # Time before DHCP lease expires # Normally you do not need to uncomment this tag. #option lease 600 # Radius parameters config radius # IP address to listen to # Normally you do not need to uncomment this tag. #option radiuslisten 127.0.0.1 # IP address of radius server 1 # For most installations you need to modify this tag. option radiusserver1 rad01.chillispot.org # IP address of radius server 2 # If you have only one radius server you should set radiusserver2 to the # same value as radiusserver1. # For most installations you need to modify this tag. option radiusserver2 rad02.chillispot.org # Radius authentication port # The UDP port number to use for radius authentication requests. # The same port number is used for both radiusserver1 and radiusserver2. # Normally you do not need to uncomment this tag. #option radiusauthport 1812 # Radius accounting port # The UDP port number to use for radius accounting requests. # The same port number is used for both radiusserver1 and radiusserver2. # Normally you do not need to uncomment this tag. #option radiusacctport 1813 # Radius shared secret for both servers # For all installations you should modify this tag. #option radiussecret testing123 # Radius NAS-Identifier # Normally you do not need to uncomment this tag. #option radiusnasid nas01 # Radius NAS-IP-Address # Normally you do not need to uncomment this tag. #option radiusnasip 127.0.0.1 # Radius Called-Station-ID # Normally you do not need to uncomment this tag. #option radiuscalled 00133300 # WISPr Location ID. Should be in the format: isocc=, # cc=,ac=,network= # Normally you do not need to uncomment this tag. #option radiuslocationid isocc=us,cc=1,ac=408,network=ACMEWISP_NewarkAirport # WISPr Location Name. Should be in the format: # , # Normally you do not need to uncomment this tag. #option radiuslocationname ACMEWISP,Gate_14_Terminal_C_of_Newark_Airport # Radius proxy parameters config proxy # IP address to listen to # Normally you do not need to uncomment this tag. #option proxylisten 10.0.0.1 # UDP port to listen to. # If not specified a port will be selected by the system # Normally you do not need to uncomment this tag. #option proxyport 1645 # Client(s) from which we accept radius requests # Normally you do not need to uncomment this tag. #option proxyclient 10.0.0.1/24 # Radius proxy shared secret for all clients # If not specified defaults to radiussecret # Normally you do not need to uncomment this tag. #option proxysecret testing123 # Universal access method (UAM) parameters config uam # URL of web server handling authentication. option uamserver https://radius.chillispot.org/hotspotlogin # URL of welcome homepage. # Unauthenticated users will be redirected to this URL. If not specified # users will be redirected to the uamserver instead. # Normally you do not need to uncomment this tag. #option uamhomepage http://192.168.182.1/welcome.html # Shared between chilli and authentication web server #option uamsecret ht2eb8ej6s4et3rg1ulp # IP address to listen to for authentication requests # Do not uncomment this tag unless you are an experienced user! #option uamlisten 192.168.182.1 # TCP port to listen to for authentication requests # Do not uncomment this tag unless you are an experienced user! #option uamport 3990 # Comma separated list of domain names, IP addresses or network segments # the client can access without first authenticating. # It is possible to specify this tag multiple times. # Normally you do not need to uncomment this tag. #list uamallowed www.chillispot.org #list uamallowed 10.11.12.0/24 # If this flag is given unauthenticated users are allowed to use # any DNS server. # Normally you do not need to uncomment this tag. #uamanydns # MAC authentication config macauth # If this flag is given users will be authenticated only on their MAC # address. # Normally you do not need to enable this flag. option macauth 0 # List of MAC addresses. # The MAC addresses specified in this list will be authenticated only on # their MAC address. # This tag is ignored if the macauth tag is given. # It is possible to specify this tag multiple times. # Normally you do not need to uncomment this tag. #list macallowed 00-0A-5E-AC-BE-51 #list macallowed 00-30-1B-3C-32-E9 # Password to use for MAC authentication. # Normally you do not need to uncomment this tag. #option macpasswd password # Suffix to add to MAC address in order to form the username. # Normally you do not need to uncomment this tag. #option macsuffix suffix