WiFiDog Configuration Analysis

authserver {Hostname (Mandatory; Default:none) sslavailable (Optional; Default:no; Possible Values:yes, no) sslport (Optional; Default:443) Httpport (Optional; Default: the) Path (Optional; Default:/wifidog/note:the path must is both prefixed and suffixed by/. Use a single/ forserver root.) Loginscriptpathfragment (Optional; Default:login/? Note:this isThe script the user would be a sent to forlogin.) Portalscriptpathfragment (Optional; Default:portal/? Note:this isThe script the user would be sent to after a successfull login.) Msgscriptpathfragment (Optional; Default:gw_message.php? Note:this isThe script the user is sent to upon error to read a readable message.) Pingscriptpathfragment (Optional; Default:ping/? Note:this isThe script the user is sent to upon error to read a readable message.) Authscriptpathfragment (Optional; Default:auth/? Note:this isThe script the user would be sent to upon error to read a readable message.)} # Listen on ThisPortgatewayport2060# parameter:checkinterval# Default: -# optional## How many seconds should we wait between timeout checks. this isalso# How often the gateway would ping the Auth server and how often it will# update the traffic counters on the Auth  Server. Setting Thistoo low# wastes bandwidth, setting Thistoo high would cause the gateway to take# aLongTime toSwitchto it's Backup auth server (s).Checkinterval -# parameter:clienttimeout# Default:5# optional## Set ThisTo the desired of number of checkinterval of inactivity before a client isLogged out# The timeout would be INTERVAL*Timeoutclienttimeout5

WiFiDog Process Reference Http://dev.wifidog.org/wiki/doc/developer/FlowDiagram Description, here are the configuration content

Authserver is the configuration of the portal server, Gatewayport is the address of the WiFiDog listener, the default is 2060, the general remains the default, Checkinterval is the heartbeat, the unit is the second, what is the heartbeat, after the successful client authentication, If there is a network access action, Wifidog Getway will access a script for the portal Server every once in a while, for authentication billing, and of course, if the customer uses timeouts or hyper-traffic, it can also force the client to go offline through the heartbeat. Clienttimeout is a user authentication successful after the network access time, more than this time need to re-certification, this length is not determined by clienttimeout alone, depending on interval * TIMEOUT. Detailed configuration information can be accessed by: http://dev.wifidog.org/browser/trunk/wifidog/wifidog.conf.

Focus on the configuration of the portal server, hostname is the IP or domain name of the portal Server, sslavailable and Sslport are SSL encryption configuration, if your portal server has configured HTTPS encryption, you need to configure both Path refers to your script paths (for example, http://a.com/to/, a.com is the domain name,/to/is the path), note that the path must start and end with "/", if it is the root path, fill in a "/", the next 5 configurations indicate your script name, This shows that we need to write five scripts, which I will explain in detail. (the "step" referred to in the following article refers to the steps of the WiFiDog certification process) The
Loginscriptpathfragment configuration item is configured with a login script that accepts incoming parameters via get gw_address, Gw_port, gw_id, Mac, and url,gw_address are the IP addresses of the AP Getway The Gw_port is the WiFiDog listening port, the Gatewayport configuration in the wifidog.conf described above; GW_ID is the ID of the AP Getway, The configuration file wifidog.conf can be configured, the default value is defaults, the role of this value is when more than one AP is, the server or administrator can determine the user's access point based on different IDs; Mac is the physical address of the client computer's network card, note that the MAC is not the AP Gateway Mac, which is used to identify the client computer The URL is the URL of the customer's initial access, and these querystring are automatically generated by the AP Getway to the client for a redirect request. This script also needs to provide landing page, if the login is successful, need to customer; return 302 Redirect, redirect to: Http://gw_address:gw_port/wifidog/auth?token=[token]; that is, the 7th step, where [ Token] is your own automatically generated token string, randomly generated a string can be, but the length of the best longer, more secure, in addition, token needs to be saved according to different users, preferably saved in the database, after the AP Getway asked token validity (9th step) It needs to be used. It is best to use a cookie or session, so that after the landing success page can be judged that the user has been successful, to prevent unsuccessful users to access the certification Success page.

Portalscriptpathfragment configuration item is configured to login successfully after the server shows the script (11th step), it through Get method to accept 1 incoming parameters, gw_id, this script is relatively simple, tell the user to log on successfully, of course, It is best to redirect to the URL that the user wants to position before, that is, the URL entered by the 1th step.

The Msgscriptpathfragment configuration item is configured with an error message presentation script, which accepts an incoming parameter message via get, which is simple enough to display the contents of the message, so that when an error occurs in the authentication process, the AP Getway redirects to this script, and the URL contains the wrong information.

The Pingscriptpathfragment configuration item is configured with a heartbeat script, which accepts 5 incoming parameters by way of a GET, gw_id, Sys.uptime,sys.memfree,sys.load,wifidog.uptime, where Sys.uptime refers to the start time of the AP Getway, sys.memfree refers to the free memory of the AP Getway, Sys.load refers to the CPU load of the AP Getway, wifidog.uptime refers to the WiFiDog start time, the script every time (wifidog.conf configured Checkinterval), WiFiDog will automatically access , but its purpose is not user authentication, but to help administrators manage AP nodes, understand the load situation of AP nodes, add nodes in time, etc., WiFiDog Access this script, need this script to return pong, if you do not have to count the AP node load data requirements, you can discard the data, Direct response to Pong, note that this response contains only the "Pong" string, without having to include additional HTML tags.
Authscriptpathfragment is a user authentication script that implements the 10th step function, which accepts 7 incoming parameters via get: Stage, IP, Mac, token, incoming, outcoming, and gw_id. Where the value of the stage is Login,ip is the client's IP, note that the IP;MAC is not the AP Getwap is the client's network card physical address, token is you in the authentication script generated and returned to the client; incoming and outcoming for traffic control, The default value is 0;gw_id ibid. How to identify the user login success, through the Mac and token bar, Loginscriptpathfragment Landing script after the user login successful need to record the user's Mac and token, and then verify here, if the match, reply auth:1, otherwise, reply auth:0. In addition, this script is also the heartbeat script, every time WiFiDog will automatically access, if the user use time exceeds the limit or traffic exceeds the quota, the server can respond to auth:0 end user's access in a timely manner. It is also important to note that the response also does not need to contain HTML tags, in addition, in the Auth after the colon and 0/1, there is a space, missing this space will also cause an error.
In configuring the WiFiDog configuration file wifidog.conf Yes, the configuration entries for the configuration script must all be "?" End, otherwise the querystring passed in a Get mode will have a script that accesses the error due to a missing question mark on the URL.

This article by http://www.wifidog.pro/2015/04/03/wifidog%E9%85%8D%E7%BD%AE%E5%88%86%E6%9E%90-1.html compilation, reprint please indicate the source

WiFiDog Configuration Analysis