smecontribs/smeserver-coova-chilli
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

initial commit of file from CVS for smeserver-coova-chilli on Sat Sep 7 20:15:38 AEST 2024

Browse Source
This commit is contained in:
Trevor Batley
2024-09-07 20:15:38 +10:00
parent ee4df6cdb4
commit 2120fa2210
85 changed files with 1432 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
root/etc/chilli/call_condown.sh Normal file
View File

@@ -0,0 +1,5 @@
#!/bin/bash
exec /usr/bin/sudo /etc/chilli/condown.sh $ADDR $FRAMED_IP_ADDRESS

4
root/etc/chilli/call_conup.sh Normal file
View File

@@ -0,0 +1,4 @@
#!/bin/bash
exec /usr/bin/sudo /etc/chilli/conup.sh $ADDR $FRAMED_IP_ADDRESS

13
root/etc/chilli/condown.sh Normal file
View File

@@ -0,0 +1,13 @@
#!/bin/bash
SQUID_STATUS=$(/sbin/e-smith/db configuration getprop squid status)
WEB_REQ=$(/sbin/e-smith/db configuration getprop chilli WebRequests)
if [[ $SQUID_STATUS == 'enabled' && $WEB_REQ == 'squid' ]]; then
SQUID_PORT=$(/sbin/e-smith/db configuration getprop squid TransparentPort)
/sbin/iptables -D IN_FROM_CHILLI -s $2 \
-p tcp --dport $SQUID_PORT --syn -j ACCEPT
/sbin/iptables -t nat -D PREROUTING_FROM_CHILLI -s $2 \
-p tcp --dport 80 -j DNAT --to $1:$SQUID_PORT
fi

16
root/etc/chilli/conup.sh Normal file
View File

@@ -0,0 +1,16 @@
#!/bin/bash
SQUID_STATUS=$(/sbin/e-smith/db configuration getprop squid status)
WEB_REQ=$(/sbin/e-smith/db configuration getprop chilli WebRequests)
if [[ $SQUID_STATUS == 'enabled' && $WEB_REQ == 'squid' ]]; then
SQUID_PORT=$(/sbin/e-smith/db configuration getprop squid TransparentPort)
# We need to insert rules just before the accept, so we'll have to compute this position
POSITION=$(LANG=C iptables -t nat -L PREROUTING_FROM_CHILLI -n | \
egrep -v '(Chain|target)' | grep -n ACCEPT | cut -d':' -f1)
/sbin/iptables -t nat -I PREROUTING_FROM_CHILLI $POSITION -s $2 \
-p tcp --dport 80 -j DNAT --to $1:$SQUID_PORT
/sbin/iptables -I IN_FROM_CHILLI 7 -s $2 \
-p tcp --dport $SQUID_PORT --syn -j ACCEPT
fi

1
root/etc/e-smith/db/configuration/defaults/chilli/AllowedOutgoing Normal file
View File

@@ -0,0 +1 @@
tcp:any:443

1
root/etc/e-smith/db/configuration/defaults/chilli/TCPPort Normal file
View File

@@ -0,0 +1 @@
3990

1
root/etc/e-smith/db/configuration/defaults/chilli/WebRequests Normal file
View File

@@ -0,0 +1 @@
direct

1
root/etc/e-smith/db/configuration/defaults/chilli/access Normal file
View File

@@ -0,0 +1 @@
private

1
root/etc/e-smith/db/configuration/defaults/chilli/defidletimeout Normal file
View File

@@ -0,0 +1 @@
900

1
root/etc/e-smith/db/configuration/defaults/chilli/defsessiontimeout Normal file
View File

@@ -0,0 +1 @@
7200

1
root/etc/e-smith/db/configuration/defaults/chilli/dhcpend Normal file
View File

@@ -0,0 +1 @@
254

1
root/etc/e-smith/db/configuration/defaults/chilli/dhcpif Normal file
View File

@@ -0,0 +1 @@
eth2

1
root/etc/e-smith/db/configuration/defaults/chilli/dhcpstart Normal file
View File

@@ -0,0 +1 @@
10

1
root/etc/e-smith/db/configuration/defaults/chilli/dns1 Normal file
View File

@@ -0,0 +1 @@
8.8.8.8

1
root/etc/e-smith/db/configuration/defaults/chilli/dns2 Normal file
View File

@@ -0,0 +1 @@
8.8.4.4

1
root/etc/e-smith/db/configuration/defaults/chilli/guestAccess Normal file
View File

@@ -0,0 +1 @@
disabled

1
root/etc/e-smith/db/configuration/defaults/chilli/guestDownLink Normal file
View File

@@ -0,0 +1 @@
400

1
root/etc/e-smith/db/configuration/defaults/chilli/guestUpLink Normal file
View File

@@ -0,0 +1 @@
64

1
root/etc/e-smith/db/configuration/defaults/chilli/net Normal file
View File

@@ -0,0 +1 @@
10.1.0.0/255.255.255.0

1
root/etc/e-smith/db/configuration/defaults/chilli/noc2c Normal file
View File

@@ -0,0 +1 @@
enabled

1
root/etc/e-smith/db/configuration/defaults/chilli/status Normal file
View File

@@ -0,0 +1 @@
disabled

1
root/etc/e-smith/db/configuration/defaults/chilli/tundev Normal file
View File

@@ -0,0 +1 @@
tun0

1
root/etc/e-smith/db/configuration/defaults/chilli/type Normal file
View File

@@ -0,0 +1 @@
service

1
root/etc/e-smith/db/configuration/defaults/chilli/uamallowed Normal file
View File

@@ -0,0 +1 @@

16
root/etc/e-smith/db/configuration/migrate/60Chilli Normal file
View File

@@ -0,0 +1,16 @@
{
my $chilliconf = $DB->get('chilli') || $DB->new_record('chilli', {type => 'service'});
my $uamsecret = $chilliconf->prop('uamsecret') || '';
if ($uamsecret eq ''){
$pass=`/usr/bin/openssl rand -base64 60 | tr -c -d '[:graph:]'`;
$chilliconf->set_prop('uamsecret',$pass);
}
# change default dns server as they are not available anymore
# new default is google
my $dns1 = $chilliconf->prop('dns1') || '212.73.209.226';
my $dns2 = $chilliconf->prop('dns2') || '194.206.120.1';
$chilliconf->set_prop('dns1','8.8.8.8') if $dns1 eq '212.73.209.226';
$chilliconf->set_prop('dns2','8.8.4.4') if $dns2 eq '194.206.120.1';
}

0
root/etc/e-smith/events/chilli-update/services2adjust/.gitignore vendored Normal file
View File

0
root/etc/e-smith/events/chilli-update/templates2expand/etc/chilli.conf Normal file
View File

0
root/etc/e-smith/events/chilli-update/templates2expand/etc/chilli/config Normal file
View File

0
root/etc/e-smith/events/chilli-update/templates2expand/etc/httpd/conf/httpd.conf Normal file
View File

0
root/etc/e-smith/events/chilli-update/templates2expand/etc/raddb/clients.conf Normal file
View File

0
root/etc/e-smith/events/chilli-update/templates2expand/etc/raddb/radiusd.conf Normal file
View File

0
root/etc/e-smith/events/chilli-update/templates2expand/etc/raddb/users Normal file
View File

0
root/etc/e-smith/events/chilli-update/templates2expand/etc/squid/squid.conf Normal file
View File

0
root/etc/e-smith/events/chilli-update/templates2expand/opt/chilli/hotspotlogin-conf.pl Normal file
View File

3
root/etc/e-smith/templates.metadata/opt/chilli/hotspotlogin-conf.pl Normal file
View File

@@ -0,0 +1,3 @@
PERMS=0750
UID="root"
GID="www"

3
root/etc/e-smith/templates/etc/chilli.conf/00setup Normal file
View File

@@ -0,0 +1,3 @@
{
use NetAddr::IP;
}

1
root/etc/e-smith/templates/etc/chilli.conf/10socket Normal file
View File

@@ -0,0 +1 @@
cmdsock /var/run/chilli.sock

1
root/etc/e-smith/templates/etc/chilli.conf/15pid Normal file
View File

@@ -0,0 +1 @@
pidfile /var/run/chilli.pid

2
root/etc/e-smith/templates/etc/chilli.conf/20net Normal file
View File

@@ -0,0 +1,2 @@
net {$chilli{'net'} || '10.1.0.0/255.255.255.0';}

2
root/etc/e-smith/templates/etc/chilli.conf/22dev Normal file
View File

@@ -0,0 +1,2 @@
tundev {$chilli{'tundev'} || 'tun0';}

10
root/etc/e-smith/templates/etc/chilli.conf/25listen Normal file
View File

@@ -0,0 +1,10 @@
{
# Compute the first IP of the network
our $net = $chilli{'net'} || '10.1.0.0/255.255.255.0';
our $chillip = NetAddr::IP->new($net) + 1;
$chillip = $chillip->addr;
$OUT = "uamlisten $chillip\n";
}

2
root/etc/e-smith/templates/etc/chilli.conf/30port Normal file
View File

@@ -0,0 +1,2 @@
uamport {$chilli{'TCPPort'} || '3990';}

2
root/etc/e-smith/templates/etc/chilli.conf/35dhcpif Normal file
View File

@@ -0,0 +1,2 @@
dhcpif {$chilli{'dhcpif'} || 'eth2';}

4
root/etc/e-smith/templates/etc/chilli.conf/37dhcpRange Normal file
View File

@@ -0,0 +1,4 @@
dhcpstart {$chilli{'dhcpstart'} || '10';}
dhcpend {$chilli{'dhcpend'} || '254';}

10
root/etc/e-smith/templates/etc/chilli.conf/40uamallowed Normal file
View File

@@ -0,0 +1,10 @@
{
my @uamalloweds = split(/[;,]/, ($chilli{'uamallowed'} || ''));
$OUT = '';
# TODO: check the entry with a good regex
$OUT .= 'uamallowed '.$_."\n" foreach (@uamalloweds);
}

5
root/etc/e-smith/templates/etc/chilli.conf/45domain Normal file
View File

@@ -0,0 +1,5 @@
domain lan
dns1 {$chilli{'dns1'} || '212.73.209.226';}
dns2 {$chilli{'dns2'} || '194.206.120.1';}
dnsparanoia

14
root/etc/e-smith/templates/etc/chilli.conf/50radius Normal file
View File

@@ -0,0 +1,14 @@
radiusserver1 127.0.0.1
radiusserver2 127.0.0.1
{
use esmith::util;
$pw = esmith::util::LdapPassword;
$pw =~ s/^(.{31}).*$/$1/;
"";
}
radiussecret {$pw || 'azerty';}
radiusauthport {$radiusd{'UDPPort'} || '1812';}
radiusacctport 1813
radiusnasid localhost
radiustimeout 3

11
root/etc/e-smith/templates/etc/chilli.conf/55uamserver Normal file
View File

@@ -0,0 +1,11 @@
{
my $uamsecret = $chilli{'uamsecret'} || 'azerty';
my $uamhomepage = $chilli{'uamhomepage'} || '';
$OUT = "uamserver https://$chillip/chilli/cgi-bin/hotspotlogin.cgi\n";
$OUT .= "uamsecret $uamsecret\n";
$OUT .= "uamhomepage $uamhomepage\n" if ($uamhomepage ne '');
}

3
root/etc/e-smith/templates/etc/chilli.conf/60timeout Normal file
View File

@@ -0,0 +1,3 @@
defsessiontimeout {$chilli{'defsessiontimeout'} || '7200';}
defidletimeout {$chilli{'defidletimeout'} || '900';}

3
root/etc/e-smith/templates/etc/chilli.conf/65conscripts Normal file
View File

@@ -0,0 +1,3 @@
conup /etc/chilli/call_conup.sh
condown /etc/chilli/call_condown.sh

4
root/etc/e-smith/templates/etc/chilli.conf/70UidGid Normal file
View File

@@ -0,0 +1,4 @@
uid={getpwnam("coovachilli");}
gid={getgrnam("coovachilli");}

4
root/etc/e-smith/templates/etc/chilli.conf/75noc2c Normal file
View File

@@ -0,0 +1,4 @@
{
return '' if (($chilli{'noc2c'} || 'enabled') eq 'disabled');
$OUT .= "noc2c\n";
}

15
root/etc/e-smith/templates/etc/chilli.conf/95macallowed Normal file
View File

@@ -0,0 +1,15 @@
macallowlocal
{
my @macalloweds = split(/[;,]/, ($chilli{'macallowed'} || ''));
$OUT = '';
# TODO: check the entry with a good regex
foreach (@macalloweds){
$_ =~ s/:/-/g;
$OUT .= 'macallowed '.uc($_)."\n";
}
}

1
root/etc/e-smith/templates/etc/chilli/config/10dhcpif Normal file
View File

@@ -0,0 +1 @@
HS_LANIF={$chilli{'dhcpif'} || 'eth2';}

2
root/etc/e-smith/templates/etc/chilli/config/20radconf Normal file
View File

@@ -0,0 +1,2 @@
HS_RADCONF=off

31
root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/98chilli Normal file
View File

@@ -0,0 +1,31 @@
{
my $net = $chilli{'net'} || '10.1.0.0/255.255.255.0';
if ($chilli{'status'} eq 'enabled'){
$OUT .=<<END
# Chilli config
ScriptAlias /chilli/cgi-bin /opt/chilli/cgi-bin
Alias /chilli /opt/chilli
<Directory /opt/chilli>
AllowOverride None
<FilesMatch "hotspotlogin-conf.pl">
Require all denied
</FilesMatch>
Require ip $net
</Directory>
<Directory /opt/chilli/cgi-bin>
Options ExecCGI
</Directory>
<Directory /opt/chilli/lang>
Require all denied
</Directory>
END
}
}

8
root/etc/e-smith/templates/etc/raddb/radiusd.conf/25modules31unix Normal file
View File

@@ -0,0 +1,8 @@
#Unix Auth for Chilli
unix \{
cache = yes
cache_reload = 600
passwd = /etc/passwd
shadow = /etc/shadow
group = /etc/group
\}

4
root/etc/e-smith/templates/etc/raddb/radiusd.conf/70authenticate25AuthUnix Normal file
View File

@@ -0,0 +1,4 @@
{
push(@authModules, "\tunix\n");
}

29
root/etc/e-smith/templates/etc/raddb/users/40chilli Normal file
View File

@@ -0,0 +1,29 @@
{
if ((($chilli{'status'} || 'disabled') eq 'enabled') &&
($chilli{'guestAccess'} || 'disabled') eq 'enabled'){
my $downlink = $chilli{'guestDownLink'} || '400';
my $uplink = $chilli{'guestUpLink'} || '64';
$downlink = $downlink * 1000;
$uplink = $uplink * 1000;
$OUT =<<"END";
guest NAS-Identifier == "localhost", Auth-Type := Local, User-Password == 'guest'
WISPr-Bandwidth-Max-Down = $downlink, WISPr-Bandwidth-Max-Up = $uplink
END
}
if (($chilli{'status'} || 'disabled') eq 'enabled'){
$OUT .=<<END;
DEFAULT Group == "chilli", NAS-Identifier == "localhost", Auth-Type := unix
# WISPr-Bandwidth-Max-Down = 512000, WISPr-Bandwidth-Max-Up = 128000
DEFAULT Group != "chilli", NAS-Identifier == "localhost", Auth-Type := Reject
Reply-Message = "Your are not member of the allowed group"
END
}
}

20
root/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli00setup Normal file
View File

@@ -0,0 +1,20 @@
{
# Compute the first IP of the network
our $net = ${'chilli'}{'net'} || '10.1.0.0/255.255.255.0';
my @netaddr = split(/\//,$net);
my $netaddr = $netaddr[0];
my @nums = split(/\./,$netaddr);
my $i = 0;
our $chillip = '';
foreach (@nums){
$chillip .= $_."." if ($i ne '3');
$chillip .= "1" if ($i eq '3');
$i++;
}
our $tundev = ${'chilli'}{'tundev'} || 'tun0';
our $chilliport = ${'chilli'}{'TCPPort'} || '3990';
$OUT .= '';
}

43
root/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli10stop Normal file
View File

@@ -0,0 +1,43 @@
{
$OUT .=<<"HERE";
# This will flush any existing rules for coova-chilli
stopChilli()\{
CHAIN='IN_FROM_CHILLI'
STATE=\$(/sbin/iptables -L -n | grep -c \$CHAIN)
if [ \$STATE -ge 1 ]; then
/sbin/iptables -D INPUT -i $tundev -j \$CHAIN
/sbin/iptables -F \$CHAIN
/sbin/iptables -X \$CHAIN
fi
CHAIN='OUT_TO_CHILLI'
STATE=\$(/sbin/iptables -L -n | grep -c \$CHAIN)
if [ \$STATE -ge 1 ]; then
/sbin/iptables -D OUTPUT -o $tundev -j \$CHAIN
/sbin/iptables -F \$CHAIN
/sbin/iptables -X \$CHAIN
fi
CHAIN='FORWARD_FROM_CHILLI'
STATE=\$(/sbin/iptables -L -n | grep -c \$CHAIN)
if [ \$STATE -ge 1 ]; then
/sbin/iptables -D FORWARD -i $tundev -j \$CHAIN
/sbin/iptables -F \$CHAIN
/sbin/iptables -X \$CHAIN
fi
CHAIN='FORWARD_TO_CHILLI'
STATE=\$(/sbin/iptables -L -n | grep -c \$CHAIN)
if [ \$STATE -ge 1 ]; then
/sbin/iptables -D FORWARD -o $tundev -j \$CHAIN
/sbin/iptables -F \$CHAIN
/sbin/iptables -X \$CHAIN
fi
CHAIN='PREROUTING_FROM_CHILLI'
STATE=\$(/sbin/iptables -t nat -L -n | grep -c \$CHAIN)
if [ \$STATE -ge 1 ]; then
/sbin/iptables -D PREROUTING -t nat -i $tundev -j \$CHAIN
/sbin/iptables -t nat -F \$CHAIN
/sbin/iptables -t nat -X \$CHAIN
fi
\}
HERE
}

46
root/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli20input Normal file
View File

@@ -0,0 +1,46 @@
{
$OUT .=<<"HERE";
# Input (from the wireless client to the server)
inFromChilli()\{
/sbin/iptables -N IN_FROM_CHILLI
/sbin/iptables -A IN_FROM_CHILLI -j state_chk
# DHCP requests are allowed
/sbin/iptables -A IN_FROM_CHILLI -p udp --dport 67:68 --sport 67:68 -s 0.0.0.0 -d 255.255.255.255 -j ACCEPT
/sbin/iptables -A IN_FROM_CHILLI ! -s $net -j denylog
# Allow wireless clients to ping the server
/sbin/iptables -A IN_FROM_CHILLI -p icmp --icmp-type echo-request -j ACCEPT
# Mandatory services for chilli (https, coova-chill)
# /sbin/iptables -A IN_FROM_CHILLI -p tcp --dport ${'httpd-e-smith'}{'TCPPort'} --syn -j ACCEPT
/sbin/iptables -A IN_FROM_CHILLI -p tcp --dport ${'modSSL'}{'TCPPort'} --syn -j ACCEPT
/sbin/iptables -A IN_FROM_CHILLI -p tcp --dport $chilliport --syn -j ACCEPT
HERE
foreach (split(/[;,]/, ${'chilli'}{'AllowedServices'} || '')){
my $service = $_;
next if ((${"$service"}{'status'} || 'disabled') ne 'enabled');
my @tcpports = split(/[;,]/, (${"$service"}{'TCPPort'} || '').",".(${"$service"}{'TCPPorts'} || ''));
my @udpports = split(/[;,]/, (${"$service"}{'UDPPort'} || '').",".(${"$service"}{'UDPPorts'} || ''));
if (@tcpports > 0){
foreach(@tcpports){
$OUT .= " # Acces to $service is allowed:\n" .
" /sbin/iptables -A IN_FROM_CHILLI -p tcp --dport $_ --syn -j ACCEPT\n" if ($_ ne '');
}
}
if (@udpports > 0){
foreach(@udpports){
$OUT .= " # Acces to $service is allowed:\n" .
" /sbin/iptables -A IN_FROM_CHILLI -p udp --dport $_ -j ACCEPT\n" if ($_ ne '');
}
}
# Special case for pptp, which uses GRE proto
if ($service eq 'pptpd'){
$OUT .= " /sbin/iptables -A IN_FROM_CHILLI -p 47 -j gre-in\n";
$OUT .= " /sbin/iptables -I gre-in -s $net -j ACCEPT\n";
}
}
$OUT .= " /sbin/iptables -A IN_FROM_CHILLI -j denylog\n\}\n";
}

14
root/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli30output Normal file
View File

@@ -0,0 +1,14 @@
{
$OUT .=<<"HERE";
# Output (from the server to the wireless clients)
outToChilli()\{
/sbin/iptables -N OUT_TO_CHILLI
/sbin/iptables -A OUT_TO_CHILLI -j state_chk
/sbin/iptables -A OUT_TO_CHILLI -p icmp --icmp-type echo-request -j ACCEPT
/sbin/iptables -A OUT_TO_CHILLI -j denylog
\}
HERE
}

69
root/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli40forwardFrom Normal file
View File

@@ -0,0 +1,69 @@
{
$OUT .=<<"HERE";
# Forward from chilli (from the wireless clients to the internet)
forwardFromChilli()\{
/sbin/iptables -N FORWARD_FROM_CHILLI
/sbin/iptables -A FORWARD_FROM_CHILLI -j state_chk
/sbin/iptables -A FORWARD_FROM_CHILLI ! -s $net -j denylog
/sbin/iptables -A FORWARD_FROM_CHILLI ! -o \$OUTERIF -j denylog
/sbin/iptables -A FORWARD_FROM_CHILLI -p icmp --icmp-type echo-request -j ACCEPT
# Allow http for un-authenticated clients so uamallowed works
# Https need to be allowed in AllowedOutgoing
/sbin/iptables -A FORWARD_FROM_CHILLI -p tcp --dport 80 -j ACCEPT
HERE
my $ReIpNum = qr{([01]?\d\d?|2[0-4]\d|25[0-5])};
my $ReIpAddr = qr{($ReIpNum\.$ReIpNum\.$ReIpNum\.$ReIpNum)|any|ANY|\*};
my $RePort = qr/\d{1,4}|[0-6]\d{4}|any|ANY|\*/;
# Allow services specidied in AllowedOutgoing
foreach (split(/[;,]/, ${'chilli'}{'AllowedOutgoing'} || '')){
# Check the rules has the form proto:remote_host:remote_port
next unless /^(tcp|TCP|udp|UDP):${ReIpAddr}:${RePort}$/;
my @params = split(/:/, $_);
my $proto = $params[0];
my $host = $params[1];
my $dport = $params[2];
$OUT .= " # $_ is allowed:\n";
$OUT .= " /sbin/iptables -A FORWARD_FROM_CHILLI ";
$OUT .= "-p $proto ";
$OUT .= "-d $host " if ($host !~ /(any|\*)/i);
$OUT .= "--dport $dport " if ($dport !~ /(any|\*)/i);
$OUT .= "--syn " if ($proto =~ /tcp/i);
$OUT .= "-j ACCEPT\n"
}
foreach (split(/[;,]/, ${'chilli'}{'uamallowed'} || '')){
# Check the rules has the form proto:remote_host:remote_port
# Or host:port or protocol:host
next unless /^((tcp|TCP|udp|UDP):)?(${ReIpAddr})(:${RePort})?$/;
my @param = split(/:/, $_);
my $proto = $param[0];
my $host = $param[1];
my $dport = $param[2];
$OUT .= " # $_ is allowed:\n";
$OUT .= " /sbin/iptables -A FORWARD_FROM_CHILLI ";
$OUT .= "-p $proto " if (($proto) && ($proto ne ''));
$OUT .= "-d $host ";
$OUT .= "--dport $dport " if (($dport) && ($dport ne ''));
$OUT .= "--syn " if ($proto =~ /tcp/i);
$OUT .= "-j ACCEPT\n"
}
# Allow the two dns servers specified
$OUT .= " # Allow dns requests to ${'chilli'}{'dns1'}\n" .
" /sbin/iptables -A FORWARD_FROM_CHILLI -p udp --dport 53 -d ${'chilli'}{'dns1'} -j ACCEPT\n"
if ((${'chilli'}{'dns1'} || '') ne '');
$OUT .= " # Allow dns requests to ${'chilli'}{'dns2'}\n" .
" /sbin/iptables -A FORWARD_FROM_CHILLI -p udp --dport 53 -d ${'chilli'}{'dns2'} -j ACCEPT\n"
if ((${'chilli'}{'dns2'} || '') ne '');
$OUT .= " /sbin/iptables -A FORWARD_FROM_CHILLI -j denylog\n\}\n";
}

14
root/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli45forwardTo Normal file
View File

@@ -0,0 +1,14 @@
{
$OUT .=<<"HERE";
# Forward to (from the local network or the internet to the wireless clients)
forwardToChilli()\{
/sbin/iptables -N FORWARD_TO_CHILLI
/sbin/iptables -A FORWARD_TO_CHILLI -j state_chk
/sbin/iptables -A FORWARD_TO_CHILLI -p icmp --icmp-type destination-unreachable -j ACCEPT
/sbin/iptables -A FORWARD_TO_CHILLI -j denylog
\}
HERE
}

29
root/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli50prerouting Normal file
View File

@@ -0,0 +1,29 @@
{
$OUT .=<<"HERE";
# Prerouting from chilli (before the server routes paquets from wireless clients)
preroutingFromChilli()\{
/sbin/iptables -N PREROUTING_FROM_CHILLI -t nat
/sbin/iptables -A PREROUTING_FROM_CHILLI -t nat -d $LocalIP -j DNAT --to $chillip
HERE
$OUT .=" /sbin/iptables -A PREROUTING_FROM_CHILLI -t nat -d $ExternalIP -j DNAT --to $chillip\n" if $ExternalIP;
# Redirect also addresses specified in RedirectToChilli
foreach my $ip (split(/[;,]/,(${'chilli'}{'RedirectToChilli'} || ''))){
my $ReIpNum = qr{([01]?\d\d?|2[0-4]\d|25[0-5])};
my $ReIpAddr = qr{($ReIpNum\.$ReIpNum\.$ReIpNum\.$ReIpNum)};
# Check the $ip is a valid ip address
next unless $ip =~ /^${ReIpAddr}$/;
$OUT .=" /sbin/iptables -A PREROUTING_FROM_CHILLI -t nat -d $ip -j DNAT --to $chillip\n";
}
# Accept other connexions in order to skip other pre-routing rules. Note that packets will be filtered
# in the FORWARD_FROM_CHILLI chain
$OUT .=" /sbin/iptables -t nat -A PREROUTING_FROM_CHILLI -j ACCEPT\n";
$OUT .= "\}\n";
}

20
root/etc/e-smith/templates/etc/rc.d/init.d/masq/00Functions01Chilli60start Normal file
View File

@@ -0,0 +1,20 @@
{
$OUT .=<<"HERE";
# Send the paquets from and to chilli to the correct chains
startChilli()\{
inFromChilli
outToChilli
preroutingFromChilli
forwardFromChilli
forwardToChilli
/sbin/iptables -I INPUT -i $tundev -j IN_FROM_CHILLI
/sbin/iptables -I OUTPUT -o $tundev -j OUT_TO_CHILLI
/sbin/iptables -I FORWARD -o $tundev -j FORWARD_TO_CHILLI
/sbin/iptables -I FORWARD -i $tundev -j FORWARD_FROM_CHILLI
/sbin/iptables -I PREROUTING -t nat -i $tundev -j PREROUTING_FROM_CHILLI
\}
HERE
}

11
root/etc/e-smith/templates/etc/rc.d/init.d/masq/91restartChilli Normal file
View File

@@ -0,0 +1,11 @@
# First, remove hotspot rules
stopChilli
# Then, insert it if chilli is enabled
status=$(/sbin/e-smith/config getprop chilli status)
if [ $status = "enabled" ]
then
startChilli
fi

18
root/etc/e-smith/templates/etc/squid/squid.conf/15HTTPPortChilli Normal file
View File

@@ -0,0 +1,18 @@
{
use NetAddr::IP;
my $net = $chilli{'net'} || '10.1.0.0/255.255.255.0';
$net = NetAddr::IP->new($net) + 1;
my $chillip = $net->addr;
my $transparent = ' transparent';
my $squid = `rpm -q --qf %{VERSION} squid`;
$transparent = '' if ($squid =~ /^2\.5/);
$OUT ='';
if ($chilli{'status'} eq 'enabled'){
my $squidport = $squid{'TCPPort'} || '3128';
$OUT = "http_port $chillip:$squidport$transparent\n";
}
}

14
root/etc/e-smith/templates/etc/squid/squid.conf/20ACL10chilli Normal file
View File

@@ -0,0 +1,14 @@
{
if ((($chilli{'status'} || 'disabled') eq 'enabled') &&
(($chilli{'WebRequests'} || 'direct') eq 'squid')){
my $net = $chilli{'net'} || '10.1.0.0/255.255.255.0';
$OUT .=<<END
acl chillisrc src $net
acl chillidst dst $net
END
}
}

6
root/etc/e-smith/templates/etc/squid/squid.conf/40http_access76AllowChilli Normal file
View File

@@ -0,0 +1,6 @@
{
if ((($chilli{'status'} || 'disabled') eq 'enabled') &&
(($chilli{'WebRequests'} || 'direct') eq 'squid')){
$OUT = "http_access allow chillisrc\n";
}
}

3
root/etc/e-smith/templates/etc/sudoers/00ChilliAlias Normal file
View File

@@ -0,0 +1,3 @@
Cmnd_Alias CHILLI = /etc/chilli/conup.sh, /etc/chilli/condown.sh

3
root/etc/e-smith/templates/etc/sudoers/30Chilli Normal file
View File

@@ -0,0 +1,3 @@
coovachilli ALL=(root) NOPASSWD: CHILLI

7
root/etc/e-smith/templates/opt/chilli/hotspotlogin-conf.pl/all Normal file
View File

@@ -0,0 +1,7 @@
$conf\{domain\} = "{"$DomainName";}";
$conf\{contactinfo\} = "admin\@{"$DomainName";}";
$conf\{uamsecret\} = "{($chilli{'uamsecret'} || 'azerty');}";
$conf\{userpassword\} = 1;
$conf\{guestaccess\} = {($chilli{'guestAccess'} || 'disabled') eq 'enabled' ? '1':'0';};
1

485
root/opt/chilli/cgi-bin/hotspotlogin.cgi Normal file
View File

@@ -0,0 +1,485 @@
#!/usr/bin/perl -w
# chilli - ChilliSpot.org. A Wireless LAN Access Point Controller
# Copyright (C) 2003, 2004 Mondru AB.
#
# The contents of this file may be used under the terms of the GNU
# General Public License Version 2, provided that the above copyright
# notice and this permission notice is included in all copies or
# substantial portions of the software.
# Adapted for SME Server by Daniel B. <daniel@firewall-services.com>
use Digest::MD5 qw(md5 md5_hex md5_base64);
# Import the config
require ('../hotspotlogin-conf.pl');
# detect browser language
$language = $ENV{'HTTP_ACCEPT_LANGUAGE'};
@array = split(',',$language);
foreach $var ( @array )
{
$var = substr($var,0,2);
if($var =~ /^fr$/) { $language = "fr"; last; }
if($var =~ /^en$/) { $language = "en"; last; }
}
if(-e "../lang/hotspotlogin.$language.pl"){
require("../lang/hotspotlogin.$language.pl");
}
else{
require('../lang/hotspotlogin.en.pl');
}
# Login page need https
if (!($ENV{HTTPS} =~ /^on$/)) {
print "Content-type: text/html\n\n
<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
<html>
<head>
<title>$conf{domain}/title>
<meta http-equiv=\"Cache-control\" content=\"no-cache\">
<meta http-equiv=\"Pragma\" content=\"no-cache\">
<link rel=\"stylesheet\" type=\"text/css\" href=\"/chilli/css/sme.css\" />
</head>
<body>
<p>&nbsp;</p><p>&nbsp;</p>
<h2>$lang{loginfailed}</H2><br>
$lang{neddencrypted}</body></html>";
exit(0);
}
$loginpath = $ENV{'SCRIPT_NAME'};
# Make sure that the form parameters are clean
$OK_CHARS='-a-zA-Z0-9_.@&=%!';
$_ = (<STDIN> || '');
s/[^$OK_CHARS]/_/go;
$input = $_;
# Make sure that the get query parameters are clean
$OK_CHARS='-a-zA-Z0-9_.@&=%!';
$_ = $query=$ENV{QUERY_STRING};
s/[^$OK_CHARS]/_/go;
$query = $_;
#Read form parameters which we care about
@array = split('&',$input);
$replyencoded = '';
$username = '';
$password = '';
$challenge = '';
$button = '';
$res = '';
$uamip = '';
$uamport = '';
$userurl = '';
$timeleft = '';
$redirurl = '';
$mac = '';
foreach $var ( @array )
{
@array2 = split('=',$var);
if ($array2[0] =~ /^UserName$/) { $username = $array2[1]; }
if ($array2[0] =~ /^Password$/) { $password = $array2[1]; }
if ($array2[0] =~ /^challenge$/) { $challenge = $array2[1]; }
if ($array2[0] =~ /^button$/) { $button = $array2[1]; }
if ($array2[0] =~ /^res$/) { $res = $array2[1]; }
if ($array2[0] =~ /^uamip$/) { $uamip = $array2[1]; }
if ($array2[0] =~ /^uamport$/) { $uamport = $array2[1]; }
if ($array2[0] =~ /^userurl$/) { $userurl = $array2[1]; }
if ($array2[0] =~ /^timeleft$/) { $timeleft = $array2[1]; }
if ($array2[0] =~ /^redirurl$/) { $redirurl = $array2[1]; }
if ($array2[0] =~ /^mac$/) { $mac = $array2[1]; }
# This should be added to 'standard' cgi script also
if ($array2[0] =~ /^reply$/) { $replyencoded = $array2[1]; }
}
#Read query parameters which we care about
@array = split('&',$query);
foreach $var ( @array )
{
@array2 = split('=',$var);
if ($array2[0] =~ /^res$/) { $res = $array2[1]; }
if ($array2[0] =~ /^challenge$/) { $challenge = $array2[1]; }
if ($array2[0] =~ /^uamip$/) { $uamip = $array2[1]; }
if ($array2[0] =~ /^uamport$/) { $uamport = $array2[1]; }
# This should be changed in 'standard' cgi script also
if ($array2[0] =~ /^reply$/) { $replyencoded = $array2[1]; }
if ($array2[0] =~ /^userurl$/) { $userurl = $array2[1]; }
if ($array2[0] =~ /^timeleft$/) { $timeleft = $array2[1]; }
if ($array2[0] =~ /^redirurl$/) { $redirurl = $array2[1]; }
if ($array2[0] =~ /^mac$/) { $mac = $array2[1]; }
}
# This should be added to 'standard' cgi script also
$reply = $replyencoded;
$reply =~ s/\+/ /g;
$reply =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/seg;
$button =~ s/\+/ /g;
$button =~ s/\_/ /g;
$userurldecode = $userurl;
$userurldecode =~ s/\+/ /g;
$userurldecode =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/seg;
$redirurldecode = $redirurl;
$redirurldecode =~ s/\+/ /g;
$redirurldecode =~s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/seg;
# Tim added these two lines:
$username =~ s/\+/ /g;
$username =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/seg;
$password =~ s/\+/ /g;
$password =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/seg;
# If attempt to login
if (($button =~ $lang{login} || $button =~ $lang{guestbutton})) {
$hexchal = pack "H32", $challenge;
if (defined $conf{uamsecret}) {
$newchal = md5($hexchal, $conf{uamsecret});
}
else {
$newchal = $hexchal;
}
$response = md5_hex("\0", $password, $newchal);
$pappassword = unpack "H32", ($password ^ $newchal);
print "Content-type: text/html\n\n";
print "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
<html>
<head>
<title>$conf{domain}</title>
<meta http-equiv=\"Cache-control\" content=\"no-cache\">
<meta http-equiv=\"Pragma\" content=\"no-cache\">";
if ( (defined $conf{uamsecret}) && (defined $conf{userpassword})) {
print "<meta http-equiv=\"refresh\" content=\"0;url=http://$uamip:$uamport/logon?username=$username&password=$pappassword&userurl=$userurl\">";
}
else {
print "<meta http-equiv=\"refresh\" content=\"0;url=http://$uamip:$uamport/logon?username=$username&response=$response&userurl=$userurl\">";
}
print "<link rel=\"stylesheet\" type=\"text/css\" href=\"/chilli/css/sme.css\" />
</head><body>
<center>";
print "<p>&nbsp;</p><p>&nbsp;</p>
<h3>$lang{longgingin}</H3><br>$lang{wait}</center></body></html>";
exit(0);
}
# Default: It was not a form request
$result = 0;
# If login successful
if ($res =~ /^success$/) { $result = 1; }
# If login failed
if ($res =~ /^failed$/) { $result = 2; }
# If logout successful
if ($res =~ /^logoff$/) { $result = 3; }
# If tried to login while already logged in
if ($res =~ /^already$/) { $result = 4; }
# If not logged in yet
if ($res =~ /^notyet$/) { $result = 5; }
# If login from smart client
if ($res =~ /^smartclient$/) { $result = 6; }
# If requested a logging in pop up window
if ($res =~ /^popup1$/) { $result = 11; }
# If requested a success pop up window
if ($res =~ /^popup2$/) { $result = 12; }
# If requested a logout pop up window
if ($res =~ /^popup3$/) { $result = 13; }
# Otherwise it was not a form request
# Send out an error message
if ($result == 0) {
print "Content-type: text/html\n\n
<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
<html>
<head>
<title>$conf{domain}</title>
<meta http-equiv=\"Cache-control\" content=\"no-cache\">
<meta http-equiv=\"Pragma\" content=\"no-cache\">
<link rel=\"stylesheet\" type=\"text/css\" href=\"/chilli/css/sme.css\" />
</head>
<body>
<center>
<p>&nbsp;</p><p>&nbsp;</p>
<h3>$lang{loginfailed}</h3><br>
$lang{chillierror}</center></body></html>";
exit(0);
}
#Generate the output
print "Content-type: text/html\n\n
<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
<html>
<head>
<title>$conf{domain}</title>
<meta http-equiv=\"Cache-control\" content=\"no-cache\">
<meta http-equiv=\"Pragma\" content=\"no-cache\">
<SCRIPT LANGUAGE=\"JavaScript\">
var blur = 0;
var starttime = new Date();
var startclock = starttime.getTime();
var mytimeleft = 0;
var user = \"\";
var password = \"\";
function getCookie(c_name)
{
if (document.cookie.length>0)
{
c_start=document.cookie.indexOf(c_name + \"=\");
if(c_start!=-1)
{
c_start=c_start + c_name.length+1;
c_end=document.cookie.indexOf(\";\",c_start);
if (c_end==-1) c_end=document.cookie.length;
return unescape(document.cookie.substring(c_start,c_end));
}
}
return \"\";
}
function setCookie(c_name,value,expiredays)
{
var exdate=new Date();
exdate.setDate(exdate.getDate()+expiredays);
document.cookie=c_name+ \"=\" +escape(value)+((expiredays==null) ? \"\" : \";expires=\"+exdate.toGMTString());
}
function getCookies()
{
user=getCookie('user');
if(user!=null && user!=\"\")
{
document.form1.UserName.value = user;
document.form1.saveusrpass.checked = true;
}
password=getCookie('password');
if(password!=null && password!=\"\")
{
document.form1.Password.value = password;
}
}
function setCookies()
{
if(!document.form1.saveusrpass.checked)
{
setCookie('user',\"\",365);
setCookie('password',\"\",365);
return;
}
user = document.form1.UserName.value;
password = document.form1.Password.value;
if(user!=null && user!=\"\")
{
if(password!=null && password!=\"\")
{
setCookie('user',user,365);
setCookie('password',password,365);
}
}
}
function doTime() {
window.setTimeout( \"doTime()\", 1000 );
t = new Date();
time = Math.round((t.getTime() - starttime.getTime())/1000);
if (mytimeleft) {
time = mytimeleft - time;
if (time <= 0) {
window.location = \"$loginpath?res=popup3&uamip=$uamip&uamport=$uamport\";
}
}
if (time < 0) time = 0;
hours = (time - (time % 3600)) / 3600;
time = time - (hours * 3600);
mins = (time - (time % 60)) / 60;
secs = time - (mins * 60);
if (hours < 10) hours = \"0\" + hours;
if (mins < 10) mins = \"0\" + mins;
if (secs < 10) secs = \"0\" + secs;
title = \"$lang{onlinetime}: \" + hours + \":\" + mins + \":\" + secs;
if (mytimeleft) {
title = \"$lang{remainingtime}: \" + hours + \":\" + mins + \":\" + secs;
}
if(document.all || document.getElementById){
document.title = title;
}
else {
self.status = title;
}
}
function popUp(URL) {
if (self.name != \"chillispot_popup\") {
chillispot_popup = window.open(URL, 'chillispot_popup', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=500,height=310');
}
}
function doOnLoad(result, URL, userurl, redirurl, timeleft) {
if (timeleft) {
mytimeleft = timeleft;
}
if ((result == 1) && (self.name == \"chillispot_popup\")) {
doTime();
}
if ((result == 1) && (self.name != \"chillispot_popup\")) {
chillispot_popup = window.open(URL, 'chillispot_popup', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=500,height=300');
}
if ((result == 2) || result == 5) {
getCookies();
document.form1.UserName.focus()
}
if ((result == 2) && (self.name != \"chillispot_popup\")) {
chillispot_popup = window.open('', 'chillispot_popup', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=400,height=200');
chillispot_popup.close();
}
if ((result == 12) && (self.name == \"chillispot_popup\")) {
doTime();
if (redirurl) {
window.opener.top.location.href = redirurl;
}
else if (userurl) {
window.opener.top.location.href = userurl;
}
else if (opener.home) {
window.opener.top.location.href.home();
}
else {
window.opener.top.location.href = \"about:home\";
}
self.focus();
blur = 0;
}
if ((result == 13) && (self.name == \"chillispot_popup\")) {
self.focus();
blur = 1;
}
}
function doOnBlur(result) {
if ((result == 12) && (self.name == \"chillispot_popup\")) {
if (blur == 0) {
blur = 1;
self.focus();
}
}
}
function doOnBeforeUnLoad(result) {
if ((result==12) && (self.name=='chillispot_popup')) {
document.location.href=('http://$uamip:$uamport/logoff');
window.close();
}
}
function fillGuestAccess() {
form1.UserName.value = 'guest';
form1.Password.value = 'guest';
}
</script>
<link rel=\"stylesheet\" type=\"text/css\" href=\"/chilli/css/sme.css\" />
</head>
<body onLoad=\"javascript:doOnLoad($result, '$loginpath?res=popup2&uamip=$uamip&uamport=$uamport&userurl=$userurl&redirurl=$redirurl&timeleft=$timeleft&reply=$replyencoded','$userurldecode', '$redirurldecode', '$timeleft')\" onBlur = \"javascript:doOnBlur($result)\" onBeforeUnLoad = \"doOnBeforeUnLoad($result)\"><center>";
# In body onLoad above, after $timeleft, add '&reply=$replyencoded to 'standard' cgi script
if ($result == 2){
print "<p>&nbsp;</p><p>&nbsp;</p><h3>$lang{loginfailed}</h3>";
if ($reply) { print "$reply<br>"; }
}
if ($result == 2 || $result == 5){
print "<p>&nbsp;</p><p>&nbsp;</p>
<form name=\"form1\" method=\"post\" action=\"$loginpath\"\" onSubmit=\"setCookies()\">
<INPUT TYPE=\"hidden\" NAME=\"challenge\" VALUE=\"$challenge\">
<INPUT TYPE=\"hidden\" NAME=\"uamip\" VALUE=\"$uamip\">
<INPUT TYPE=\"hidden\" NAME=\"uamport\" VALUE=\"$uamport\">
<INPUT TYPE=\"hidden\" NAME=\"userurl\" VALUE=\"$userurldecode\">
<INPUT TYPE=\"hidden\" NAME=\"mac\" VALUE=\"$mac\">
<table style=\"width: 570px;\">
<tr>
<td align=\"right\">$lang{username}:</td>
<td><input type=\"text\" name=\"UserName\" size=\"14\" maxlength=\"128\"></td>
</tr>
<tr>
<td align=\"right\">$lang{password}:</td>
<td><input type=\"password\" name=\"Password\" size=\"14\" maxlength=\"128\"></td>
</tr>
<tr>
<td align=\"center\" colspan=\"2\" height=\"23\"><input type=\"submit\" name=\"button\" value=\"$lang{login}\" onClick=\"javascript:popUp('$loginpath?res=popup1&uamip=$uamip&uamport=$uamport&mac=$mac')\"></td></tr>
<tr>
<td align=\"center\" colspan=\"2\">
<input type=\"checkbox\" name=\"saveusrpass\"> $lang{saveuser}";
if($conf{guestaccess}){
print "<tr><td align=\"center\" colspan=\"2\" height=\"23\">$lang{guestdesc}</td></tr><tr><td align=\"center\" colspan=\"2\" height=\"23\"><input type=\"button\" name=\"button_guest\" value=\"$lang{guestbutton}\" onClick=\"javascript:fillGuestAccess()\"></td></tr>";
}
print " </table></form>";
if($lang{loginstring}) { print "<div style=\"width: 90%; height:330px; overflow:auto; padding-right : 12px; align:center;\"><table><td>$lang{loginstring}</td></table></div>"; }
print "</center></body></html>";
}
if ($result == 1){
print "<p>&nbsp;</p><p>&nbsp;</p><h3>$lang{loggedin}</h3><br>";
if ($lang{loggedinstring}) { print "$lang{loggedinstring}<br><br>"; }
if ($reply) { print "$reply</BR></BR>"; }
print "<a href=\"javascript:doOnBeforeUnLoad(12);\">$lang{logout}</a></center></body></html>";
}
if (($result == 4) || ($result == 12)){
print "<p>&nbsp;</p><p>&nbsp;</p><h3>$lang{loggedin}</h3><br>";
if ($lang{loggedinstring}) { print "$lang{loggedinstring}<br><br>"; }
if ($reply) { print "$reply</BR></BR>"; }
print "<a href=\"javascript:doOnBeforeUnLoad(12);\">$lang{logout}</a><br></center></body></html>";
}
if ($result == 11){
print "<p>&nbsp;</p><p>&nbsp;</p><h3>$lang{longgingin}</h3><br>";
print "<br>$lang{wait}</center></body></html>";
}
if (($result == 3) || ($result == 13)){
print "<p>&nbsp;</p><p>&nbsp;</p><h3>$lang{loggedout}</h3><br>";
if ($lang{loggedoutstring}) { print "$lang{loggedoutstring}<br><br>"; }
print "<a href=\"http://$uamip:$uamport/prelogin\">$lang{login}</a></center></body></html>";
}
exit(0);

33
root/opt/chilli/css/sme.css Normal file
View File

@@ -0,0 +1,33 @@
/* mod_auth_tkt example css */
BODY {background-image: url(/chilli/images/smeserver_logo.jpg);
background-repeat: no-repeat;
background-position: 400px 40px;
background-position: top;
font-family: arial, helvetica, sans-serif;
font-size: small;
}
P, TH, TD {
font-family: arial, helvetica, sans-serif;
font-size: small;
}
H1, H2, H3, H4, H5, H6 { color: #006; }
H1 { font-size: x-large; }
H2 { font-size: large; }
H3 { font-size: medium; }
.warning { color: #c00; font-size: medium; font-weight: bold; }
TABLE {
background-color: #eee;
color: #666;
border: 1px solid #ccc;
padding: 20px;
}
/* arch-tag: ac35e093-c2c0-4994-bc18-2d25715b1192 */

BIN
root/opt/chilli/images/smeserver_logo.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.8 KiB

21
root/opt/chilli/lang/hotspotlogin.en.pl Normal file
View File

@@ -0,0 +1,21 @@
$lang{chillierror} = "You can only login while connected to the hotspot.";
$lang{login} = "Login";
$lang{guestdesc} = "You can click here to have a limited guest access";
$lang{guestbutton} = "Guest access";
$lang{logout} = "Logout";
$lang{loginfailed} = "Login failed";
$lang{loggingin} = "Logging in";
$lang{loggedin} = "Logged in";
$lang{loggedout} = "Logged out";
$lang{username} = "User";
$lang{password} = "Password";
$lang{wait} = "Please wait ...";
$lang{onlinetime} = "Online time";
$lang{remainingtime} = "Remaining time";
$lang{needencrypted} = "Login must use encrypted connection (https)";
$lang{saveuser} = "Remember user/password";
# Custom resource vars
$lang{loginstring} = "If you have any question, please contact <a href=mailto:$conf{contactinfo}>$conf{contactinfo}</a>";
$lang{loggedinstring} = "Welcome!<br>Closing this windows will disconnect you..";
$lang{loggedoutstring} = "Thanks for using $conf{domain} hotspot service";

22
root/opt/chilli/lang/hotspotlogin.fr.pl Normal file
View File

@@ -0,0 +1,22 @@
$lang{chillierror} = "L'identification doit se faire &agrave; travers le d&eacute;mon Coova-Chilli";
$lang{login} = "Identification";
$lang{guestdesc} = "Si vous n'avez pas d'identifiants, cliquez sur ce boutton pour obtenir un acc&egrave;s limit&eacute;";
$lang{guestbutton} = "Acc&egrave;s invit&eacute;";
$lang{logout} = "Se d&eacute;connecter";
$lang{loginfailed} = "L'identification a &eacute;chou&eacute;";
$lang{loggingin} = "Identification en cours";
$lang{loggedin} = "Authentifi&eacute;";
$lang{loggedout} = "D&eacute;connec&eacute;";
$lang{username} = "Utilisateur";
$lang{password} = "Mot de passe";
$lang{wait} = "Veuillez patienter ...";
$lang{onlinetime} = "Dur&eacute;e de la session";
$lang{remainingtime} = "Temps restant";
$lang{needencrypted} = "L'identification doit utiliser une connexion s&eacute;curis&eacute; (https)";
$lang{saveuser} = "Se souvenir de mes identifiants";
# Custom resource vars
$lang{loginstring} = "Pour toute question relative au fonctionnement de cet acc&egrave;s, vous pouvez contacter le responsable <a href=mailto:$conf{contactinfo}>$conf{contactinfo}</a>";
$lang{loggedinstring} = "Bienvenue!<br>La fermeture de cette fen&ecirc;tre terminera votre session.";
$lang{loggedoutstring} = "$conf{domain} vous remercie";