|
← Revision 1 as of 2005-11-28 11:31:30 →
Size: 907
Comment: created - cp
|
← Revision 5 as of 2007-11-23 18:02:39
Size: 3687
Comment: converted to 1.6 markup
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| This is a list of frequently asked questions for ["WiCap-PHP"]. | This is a list of frequently asked questions for [[WiCap-PHP]]. |
| Line 3: | Line 3: |
| [[TableOfContents]] |
<<TableOfContents>> === Does it support ________ authentication type? === No, not currently. [[WiCap-PHP]] is an "Open-Mode-Only" CaptivePortal (I am using NoCat terminology here), meaning that it doesn't support any authentication methods. If you really want authentication, one easy way would be to use Apache to restrict access to the splash page (using a .htaccess file in /usr/local/wicap-php/htdocs). Here is a little guidance on doing that: Here is an example of a .htaccess file: AuthName "WiFi Access" <<BR>> AuthType Basic <<BR>> AuthUserFile /usr/local/wicap-php/var/htpasswd.users <<BR>> require valid-user Then you use the program "htpasswd" that ships with Apache to manually add users: $ htpasswd -c /usr/local/wicap-php/var/htpasswd.users firstusername With subsequent user additions you don't need the "-c" option (which creates the password database). You may also have a line like this to your httpd.conf in the directory entry for the virtual host for WiCap-PHP (to allow use of a .htaccess file): AllowOverride AuthConfig Limit Using Apache for authentication is documented many places on the internet, but these notes should get you started. It should be noted that this isn't the most secure thing in the world. Any use who has login access to the CaptivePortal server will be able to manually feed their lease information to the allow daemon. Also, unless you set the splash page to use HTTPS, you will be sending your authentication info over the wireless link unencrypted, so any listening party can hear it. If you end up hacking on [[WiCap-PHP]] to add an authentication system, I would love to see your changes. === Under what circumstances does a client loose a lease? When the browser window is closed? === Clients lose leases if: 1. They are idle (so yes, when the browser window has been closed for a little while and they have no other network applications open). 2. The maximum lease time expires. the daemon takes two related arguments: -m max lease time (in seconds) default: 24*60*60 = 24 hours -i evict interval (in seconds) default: 5*60 = 5 minutes So, for instance, if you started the daemon like: /usr/local/wicap-php/bin/allow -m 3600 -i 600 This would cause all leases to lapse after 3600 seconds (one hour) and every 600 seconds (ten minutes) the daemon will expire any idle leases. Leases are idle if their MAC address is not in the ARP table, indicating that they haven't made any traffic for a little while. If you want to configure these options, you probably want to do it in: /usr/local/wicap-php/bin/allow.rc Which is the small shell-script that starts the daemon. |
| Line 7: | Line 61: |
| I hope to port it to FreeBSD for version ''epsilon''. Versions before ''epsilon'' will not work on FreeBSD. If you need something more quickly, you might want to look at versions of WiCap-PHP written in Perl or Python as they are more likely to be portable out of the box. |
As of December 23rd, 2005, the answer is yes. At least, it seems to. I have ported the software to FreeBSD 4.9. It should work on newer versions too. At this point, I havn't done much testing on FreeBSD (mostly because I don't have a machine to do the testing on). |
| Line 9: | Line 65: |
| Before version "delta", Wicap-PHP was written in Perl, you can download "gamma" here: | To make it work on freebsd, you will need the libevent port: |
| Line 11: | Line 67: |
| * [http://www.smallwhitecube.com/toil/programming/files/php/wicap-php.gamma.tar.gz wicap-php.gamma.tar.gz] |
# cd /usr/ports/devel/libevent <<BR>> # make && make install |
| Line 13: | Line 70: |
| Also, ["BenjaminJencks"] rewrote the Perl version in Python. You can get his version here: | Check out the latest source using subversion: |
| Line 15: | Line 72: |
| * [http://bjencks.net/captive/captive-0.1.tar.gz captive-0.1.tar.gz] | $ svn co http://svn.smallwhitecube.com/wicap-php/trunk wicap-php |
| Line 17: | Line 74: |
| I can't support either of these versions, since they are old. But, they may tide you over until I port the 'C' version to FreeBSD. | Compile the source with the provided alternate makefile |
| Line 19: | Line 76: |
|
$ cd wicap-php/source <<BR>> $ mv makefile makefile.dist <<BR>> $ mv makefile.freebsd makefile <<BR>> $ cd .. |
|
| Line 20: | Line 81: |
|
Then continue as instructed by the included documentation. I am interested to hear how well [[WiCap-PHP]] works on FreeBSD, so please, drop me an email if it does, or doesn't. |
This is a list of frequently asked questions for WiCap-PHP.
Contents
Does it support ________ authentication type?
No, not currently. WiCap-PHP is an "Open-Mode-Only" CaptivePortal (I am using NoCat terminology here), meaning that it doesn't support any authentication methods.
If you really want authentication, one easy way would be to use Apache to restrict access to the splash page (using a .htaccess file in /usr/local/wicap-php/htdocs). Here is a little guidance on doing that:
Here is an example of a .htaccess file:
AuthName "WiFi Access"
AuthType Basic
AuthUserFile /usr/local/wicap-php/var/htpasswd.users
require valid-user
Then you use the program "htpasswd" that ships with Apache to manually add users:
$ htpasswd -c /usr/local/wicap-php/var/htpasswd.users firstusername
With subsequent user additions you don't need the "-c" option (which creates the password database).
You may also have a line like this to your httpd.conf in the directory entry for the virtual host for WiCap-PHP (to allow use of a .htaccess file):
AllowOverride AuthConfig Limit
Using Apache for authentication is documented many places on the internet, but these notes should get you started. It should be noted that this isn't the most secure thing in the world. Any use who has login access to the CaptivePortal server will be able to manually feed their lease information to the allow daemon. Also, unless you set the splash page to use HTTPS, you will be sending your authentication info over the wireless link unencrypted, so any listening party can hear it.
If you end up hacking on WiCap-PHP to add an authentication system, I would love to see your changes.
Under what circumstances does a client loose a lease? When the browser window is closed?
Clients lose leases if:
- They are idle (so yes, when the browser window has been closed for a little while and they have no other network applications open).
- The maximum lease time expires.
the daemon takes two related arguments:
-m max lease time (in seconds)
- default: 24*60*60 = 24 hours
-i evict interval (in seconds)
- default: 5*60 = 5 minutes
So, for instance, if you started the daemon like:
/usr/local/wicap-php/bin/allow -m 3600 -i 600
This would cause all leases to lapse after 3600 seconds (one hour) and every 600 seconds (ten minutes) the daemon will expire any idle leases. Leases are idle if their MAC address is not in the ARP table, indicating that they haven't made any traffic for a little while.
If you want to configure these options, you probably want to do it in:
/usr/local/wicap-php/bin/allow.rc
Which is the small shell-script that starts the daemon.
Does it work on FreeBSD?
As of December 23rd, 2005, the answer is yes. At least, it seems to. I have ported the software to FreeBSD 4.9. It should work on newer versions too. At this point, I havn't done much testing on FreeBSD (mostly because I don't have a machine to do the testing on).
To make it work on freebsd, you will need the libevent port:
# cd /usr/ports/devel/libevent
# make && make install
Check out the latest source using subversion:
$ svn co http://svn.smallwhitecube.com/wicap-php/trunk wicap-php
Compile the source with the provided alternate makefile
$ cd wicap-php/source
$ mv makefile makefile.dist
$ mv makefile.freebsd makefile
$ cd ..
Then continue as instructed by the included documentation. I am interested to hear how well WiCap-PHP works on FreeBSD, so please, drop me an email if it does, or doesn't.