Differences between revisions 4 and 5
Revision 4 as of 2007-04-19 08:55:42
Size: 3687
Comment:
Revision 5 as of 2007-11-23 18:02:39
Size: 3687
Editor: localhost
Comment: converted to 1.6 markup
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
This is a list of frequently asked questions for ["WiCap-PHP"]. This is a list of frequently asked questions for [[WiCap-PHP]].
Line 3: Line 3:
[[TableOfContents]] <<TableOfContents>>
Line 7: Line 7:
No, not currently. ["WiCap-PHP"] is an "Open-Mode-Only" CaptivePortal (I am using NoCat terminology here), meaning that it doesn't support any authentication methods. No, not currently. [[WiCap-PHP]] is an "Open-Mode-Only" CaptivePortal (I am using NoCat terminology here), meaning that it doesn't support any authentication methods.
Line 13: Line 13:
AuthName "WiFi Access" [[BR]]
AuthType Basic [[BR]]
AuthUserFile /usr/local/wicap-php/var/htpasswd.users [[BR]]
AuthName "WiFi Access" <<BR>>
AuthType Basic <<BR>>
AuthUserFile /usr/local/wicap-php/var/htpasswd.users <<BR>>
Line 30: Line 30:
If you end up hacking on ["WiCap-PHP"] to add an authentication system, I would love to see your changes. If you end up hacking on [[WiCap-PHP]] to add an authentication system, I would love to see your changes.
Line 67: Line 67:
# cd /usr/ports/devel/libevent [[BR]] # cd /usr/ports/devel/libevent <<BR>>
Line 76: Line 76:
$ cd wicap-php/source [[BR]]
$ mv makefile makefile.dist [[BR]]
$ mv makefile.freebsd makefile [[BR]]
$ cd wicap-php/source <<BR>>
$ mv makefile makefile.dist <<BR>>
$ mv makefile.freebsd makefile <<BR>>
Line 82: Line 82:
["WiCap-PHP"] works on FreeBSD, so please, drop me an email if it does, or doesn't. [[WiCap-PHP]] works on FreeBSD, so please, drop me an email if it does, or doesn't.

This is a list of frequently asked questions for WiCap-PHP.

Does it support ________ authentication type?

No, not currently. WiCap-PHP is an "Open-Mode-Only" CaptivePortal (I am using NoCat terminology here), meaning that it doesn't support any authentication methods.

If you really want authentication, one easy way would be to use Apache to restrict access to the splash page (using a .htaccess file in /usr/local/wicap-php/htdocs). Here is a little guidance on doing that:

Here is an example of a .htaccess file:

AuthName "WiFi Access"
AuthType Basic
AuthUserFile /usr/local/wicap-php/var/htpasswd.users
require valid-user

Then you use the program "htpasswd" that ships with Apache to manually add users:

$ htpasswd -c /usr/local/wicap-php/var/htpasswd.users firstusername

With subsequent user additions you don't need the "-c" option (which creates the password database).

You may also have a line like this to your httpd.conf in the directory entry for the virtual host for WiCap-PHP (to allow use of a .htaccess file):

AllowOverride AuthConfig Limit

Using Apache for authentication is documented many places on the internet, but these notes should get you started. It should be noted that this isn't the most secure thing in the world. Any use who has login access to the CaptivePortal server will be able to manually feed their lease information to the allow daemon. Also, unless you set the splash page to use HTTPS, you will be sending your authentication info over the wireless link unencrypted, so any listening party can hear it.

If you end up hacking on WiCap-PHP to add an authentication system, I would love to see your changes.

Under what circumstances does a client loose a lease? When the browser window is closed?

Clients lose leases if:

  1. They are idle (so yes, when the browser window has been closed for a little while and they have no other network applications open).
  2. The maximum lease time expires.

the daemon takes two related arguments:

-m max lease time (in seconds)

  • default: 24*60*60 = 24 hours

-i evict interval (in seconds)

  • default: 5*60 = 5 minutes

So, for instance, if you started the daemon like:

/usr/local/wicap-php/bin/allow -m 3600 -i 600

This would cause all leases to lapse after 3600 seconds (one hour) and every 600 seconds (ten minutes) the daemon will expire any idle leases. Leases are idle if their MAC address is not in the ARP table, indicating that they haven't made any traffic for a little while.

If you want to configure these options, you probably want to do it in:

/usr/local/wicap-php/bin/allow.rc

Which is the small shell-script that starts the daemon.

Does it work on FreeBSD?

As of December 23rd, 2005, the answer is yes. At least, it seems to. I have ported the software to FreeBSD 4.9. It should work on newer versions too. At this point, I havn't done much testing on FreeBSD (mostly because I don't have a machine to do the testing on).

To make it work on freebsd, you will need the libevent port:

# cd /usr/ports/devel/libevent
# make && make install

Check out the latest source using subversion:

$ svn co http://svn.smallwhitecube.com/wicap-php/trunk wicap-php

Compile the source with the provided alternate makefile

$ cd wicap-php/source
$ mv makefile makefile.dist
$ mv makefile.freebsd makefile
$ cd ..

Then continue as instructed by the included documentation. I am interested to hear how well WiCap-PHP works on FreeBSD, so please, drop me an email if it does, or doesn't.

WiCap-PHP-FAQ (last edited 2007-11-23 18:02:39 by localhost)