OpenWrt use WiFiDog to implement mandatory authentication for WiFi hotspots

First install the WiFiDog to OpenWrt router:

OPKG Update

Opkg Install WiFiDog

WiFiDog relies on the following modules:

Iptables-mod-extra

Iptables-mod-ipopt

Kmod-ipt-nat

Iptables-mod-nat-extra

Libpthread

Because trunk firmware update will be more frequent, will lead to direct opkg install WiFiDog installation, if you happen to not back up with the firmware corresponding packages, you need to http://downloads.openwrt.org/ Snapshots/trunk upgrade the firmware, and then install the WiFiDog. I backed up a July 2013 (kernel =3.10.3-1-9da5017d589c0594e545ab00a51eecea) version of packages, which I need to use:

Http://openwrt.sinapp.net

If your router is not an officially supported version of OPENWRT, then you need to compile the firmware yourself. After make menuconfig, select WiFiDog in the Network–>captive portals.

After the installation is complete,

/etc/init.d/wifidog Enable

/etc/init.d/wifidog start

An error is thrown because we have not set the Authserver information yet. For more information on installing WiFiDog, refer to: Http://wiki.openwrt.org/doc/howto/wireless.hotspot.wifidog

Install auth Server below, according to the official statement:

Authpuppy is the next Generation authentication server for Wifidog networks.

Source Document

But seemingly this wifidog and authpuppy have been n long not updated ...

Authputty is required to install apache2, PHP5 and MySQL. Details are here: http://www.authpuppy.org/doc/Getting_Started (Windows edition point here).

After successful installation, access to Authpuppy will require you to set up some database information, you can see the home page after all settings are complete:

Of course, we also need to set up an administrator's account.

Enter Manage Plugins,install Apauthlocaluserplugin, remember to enable this plugin.

Then, click Manage Nodes to change the status of the default node to deployed. This GW (Gateway) ID default is used when configuring wifidog.conf.

Here, the basic configuration of the authpuppy is complete.

Below back to the router, edit wifidog.conf, in general, we then configure Externalinterface,gatewayinterface and Authserver these three items will be available, other default. Here is my configuration:

Gatewayiddefault #注意这个ID必须跟AuthPuppy的GW ID Consistent

# Parameter:externalinterface

# Default:none

# Optional

#

# Set this to the external interface (the one going out to the inernet or your larger LAN).

# typically vlan1 for OpenWrt, and eth0 or ppp0 otherwise,

# normally autodetected

Externalinterface eth0 #路由器外网的物理接口

# Parameter:gatewayinterface

# Default:none

# Mandatory

#

# Set this to the internal interface (typically your WiFi interface).

# typically Br-lan for OpenWrt, and eth1, Wlan0, ath0, etc. otherwise

Gatewayinterface Wlan0 #路由器内网的物理接口

Authserver {

Hostname 192.170.1.104

Sslavailable No

Path/

Checkinterval 60

ClientTimeout 5

Firewallruleset Global {

}

Firewallruleset Validating-users {

Firewallrule Allow to 0.0.0.0/0

}

Firewallruleset Known-users {

Firewallrule Allow to 0.0.0.0/0

}

Firewallruleset Unknown-users {

Firewallrule allow UDP port 53

Firewallrule allow TCP port 53

Firewallrule Allow UDP port 67

Firewallrule Allow TCP port 67

}

Firewallruleset Locked-users {

Firewallrule block to 0.0.0.0/0

}