File:
[ELWIX - Embedded LightWeight unIX -] /
elwix /
config /
etc /
default /
chilli /
Attic /
functions
Revision
1.1.1.1 (vendor branch):
download - view:
text,
annotated -
select for diffs -
revision graph
Tue Jul 5 23:43:00 2011 UTC (13 years, 2 months ago) by
misho
Branches:
misho
CVS tags:
start,
elwix1_9_mips,
elwix1_9,
elwix1_8,
elwix1_7,
elwix1_6,
elwix1_5,
elwix1_4,
Patch1,
ELWIX1_8,
ELWIX1_7,
ELWIX1_6,
ELWIX1_5
ELWIX project
1: #!/bin/sh
2: #
3: # Copyright (c) 2006 David Bird <david@coova.com>
4: # Licensed under GPL. See http://coova.org/
5: #
6:
7: IFCONFIG=/sbin/ifconfig
8:
9: CHILLI=/usr/local/etc/chilli
10: RUN_D=/var/run
11: SBIN=/usr/local/sbin
12: ARPCHECK=$RUN_D/chilli.arp
13: LKFILE=$RUN_D/chilli.run
14: MAIN_CONF=$CHILLI/main.conf
15: LOCAL_CONF=$CHILLI/local.conf
16: HS_CONF=$CHILLI/hs.conf
17: HS_TEMP=/tmp/hs.conf
18: CMDSOCK=$RUN_D/chilli.sock
19: PIDFILE=$RUN_D/chilli.pid
20:
21: [ -f $CHILLI/defaults ] && . $CHILLI/defaults
22: [ -f $CHILLI/config ] && . $CHILLI/config
23:
24: HS_UAMPORT=${HS_UAMPORT:-3990}
25: HS_RADIUS=${HS_RADIUS:-$HS_UAMSERVER}
26: HS_RADSECRET=${HS_RADSECRET:-$HS_UAMSECRET}
27: HS_RADAUTH=${HS_RADAUTH:-1812}
28: HS_RADACCT=${HS_RADACCT=1813}
29: HS_ADMUSR=${HS_ADMUSR:-chillispot}
30: HS_ADMPWD=${HS_ADMPWD:-chillispot}
31: HS_ADMINTERVAL=${HS_ADMINTERVAL:-60}
32: HS_RADCONF=${HS_RADCONF:-off}
33: HS_RADCONF_SERVER=${HS_RADCONF_SERVER:-rad01.coova.org}
34: HS_RADCONF_SERVERS=${HS_RADCONF_SERVERS:+$(echo "$HS_RADCONF_SERVERS"|sed 's/[;, ]/ /g')}
35: HS_RADCONF_SECRET=${HS_RADCONF_SECRET:-coova-anonymous}
36: HS_RADCONF_AUTHPORT=${HS_RADCONF_AUTHPORT:-1812}
37: HS_RADCONF_ACCTPORT=${HS_RADCONF_ACCTPORT:-1813}
38: HS_RADCONF_USER=${HS_RADCONF_USER:-coovachilli}
39: HS_RADCONF_PWD=${HS_RADCONF_PWD:-coovachilli}
40: HS_DNS_DOMAIN=${HS_DNS_DOMAIN:-lan}
41: HS_MACAUTHMODE=${HS_MACAUTHMODE:-off}
42: HS_USELOCALUSERS=${HS_USELOCALUSERS:-off}
43: HS_OPENIDAUTH=${HS_OPENIDAUTH:-off}
44: HS_ACCTUPDATE=${HS_ACCTUPDATE:-off}
45: HS_WISPRLOGIN=${HS_WISPRLOGIN:-$HS_UAMSERVICE}
46: HS_PAP_OK=${HS_PAP_OK:-on}
47: HS_DNS1=${HS_DNS1:-$HS_DNS}
48: HS_DNS1=${HS_DNS1:-$(grep '^nameserver' /etc/resolv.conf | head -n1 | awk '{print $2}')}
49: HS_WANIF=${HS_WANIF:-$(netstat -rn|grep '^default'|head -n1|awk '{print $6}')}
50:
51: bailout() { echo $1; exit; }
52:
53: check_required() {
54: [ -z "$HS_MODE" ] && bailout "HS_MODE is required"
55: }
56:
57: configs1=
58: addconfig1() { [ -n "$*" ] && configs1="$configs1
59: $*"; }
60: configs2=
61: addconfig2() { [ -n "$*" ] && configs2="$configs2
62: $*"; }
63:
64: writeconfig() {
65: [ "$HS_ANYIP" = "on" ] && {
66: addconfig1 "uamanyip"
67: }
68:
69: addconfig1 ${HS_DYNIP:+"dynip $HS_DYNIP/${HS_DYNIP_MASK:-255.255.255.0}"}
70: addconfig1 ${HS_STATIP:+"statip $HS_STATIP/${HS_STATIP_MASK:-255.255.255.0}"}
71: addconfig1 ${HS_SSID:+"ssid $HS_SSID"}
72: addconfig1 ${HS_NASIP:+"nasip $HS_NASIP"}
73: addconfig1 ${HS_NASMAC:+"nasmac $HS_NASMAC"}
74: addconfig1 ${HS_DNS_DOMAIN:+"domain $HS_DNS_DOMAIN"}
75: addconfig1 ${HS_DNS1:+"dns1 $HS_DNS1"}
76: addconfig1 ${HS_DNS2:+"dns2 $HS_DNS2"}
77:
78: addconfig1 ${HS_UAMHOMEPAGE:+"uamhomepage $(eval echo $HS_UAMHOMEPAGE)"}
79: addconfig1 ${HS_WISPRLOGIN:+"wisprlogin $HS_WISPRLOGIN"}
80: addconfig1 ${HS_WWWDIR:+"wwwdir $HS_WWWDIR"}
81: addconfig1 ${HS_WWWBIN:+"wwwbin $HS_WWWBIN"}
82: addconfig1 ${HS_UAMUIPORT:+"uamuiport $HS_UAMUIPORT"}
83:
84: [ -n "$HS_UAMDOMAINS" ] && {
85: HS_UAMDOMAINS=$(echo $HS_UAMDOMAINS|sed 's/,/ /g')
86: for s in $HS_UAMDOMAINS; do
87: addconfig1 "uamdomain $s"
88: done
89: }
90:
91: HS_MACALLOW=$(echo $HS_MACALLOW|sed 's/ /,/g')
92: HS_MACALLOW=$(echo $HS_MACALLOW|sed 's/[:-]//g')
93: addconfig1 ${HS_MACALLOW:+"macallowed $HS_MACALLOW"}
94:
95: HS_UAMALLOW=$(echo $HS_UAMALLOW|sed 's/ /,/g')
96: uamallow=${HS_UAMALLOW:+",$HS_UAMALLOW"}
97:
98: [ "$HS_WEB_ADMIN" = "http" ] || [ "$HS_WEB_ADMIN" = "both" ] && webadmin="$webadmin,$HS_UAMLISTEN:80"
99: [ "$HS_WEB_ADMIN" = "https" ] || [ "$HS_WEB_ADMIN" = "both" ] && webadmin="$webadmin,$HS_UAMLISTEN:443"
100: [ "$HS_LOCAL" = "on" ] && webadmin="$webadmin,$HS_UAMLISTEN:$HS_LOCAL_PORT"
101: [ "$HS_MACAUTHMODE" = "local" ] && addconfig1 "macallowlocal"
102: [ "$HS_USELOCALUSERS" = "on" ] && {
103: touch $CHILLI/localusers
104: addconfig1 "localusers $CHILLI/localusers"
105: }
106:
107: [ -n "$HS_LOC_NAME" ] && {
108: loc_name=$(echo "$HS_LOC_NAME" | sed 's/"//g')
109: addconfig1 "locationname \"$loc_name\""
110: isocc=$(echo "$HS_LOC_ISOCC" | sed 's/[^a-zA-Z]//g')
111: cc=$(echo "$HS_LOC_CC" | sed 's/[^0-9]//g')
112: ac=$(echo "$HS_LOC_AC" | sed 's/[^0-9]//g')
113: network=$(echo "$HS_LOC_NETWORK"| sed 's/[^a-zA-Z0-9]/_/g')
114: provider=$(echo "$HS_PROVIDER" | sed 's/[^a-zA-Z0-9]/_/g')
115: [ -n "$provider" ] && provider="$provider,"
116: [ -n "$HS_SSID" ] && {
117: [ -n "$network" ] && network="${network}_"
118: network="$network$HS_SSID"
119: }
120: loc_name=$(echo "$HS_LOC_NAME" | sed 's/[^a-zA-Z0-9]/_/g')
121: loc_id="isocc=$isocc,cc=$cc,ac=$ac,network=$provider$network"
122: addconfig1 "radiuslocationname $loc_name"
123: addconfig1 "radiuslocationid $loc_id"
124: }
125:
126: # Application walled garden entries:
127: [ "$HS_USE_MAP" = "on" ] && addconfig1 "uamdomain .google.com"
128:
129: (cat <<EOF
130: # THIS FILE IS AUTOMATICALLY GENERATED
131: cmdsocket $CMDSOCK
132: pidfile $PIDFILE
133: net $HS_NETWORK/$HS_NETMASK
134: uamlisten $HS_UAMLISTEN
135: uamport $HS_UAMPORT
136: dhcpif $HS_LANIF
137: adminuser $HS_ADMUSR
138: adminpasswd $HS_ADMPWD
139: uamallowed coova.org,$HS_UAMSERVER,$HS_RADIUS$webadmin$uamallow
140: uamanydns
141: $configs1
142: EOF
143: ) > $MAIN_CONF
144: if [ "x$HS_RADCONF" != "xon" -a "x$HS_RADCONF" != "xurl" ]; then
145: rm -f $HS_CONF 2>/dev/null
146:
147: [ "$HS_PAP_OK" = "on" ] && addconfig2 "papalwaysok"
148: [ "$HS_MACAUTH" = "on" ] && addconfig2 "macauth"
149: [ "$HS_MACAUTHDENY" = "on" ] && addconfig2 "macauthdeny"
150: [ "$HS_WPAGUESTS" = "on" ] && addconfig2 "wpaguests"
151: [ "$HS_OPENIDAUTH" = "on" ] && addconfig2 "openidauth"
152: [ "$HS_ACCTUPDATE" = "on" ] && addconfig2 "acctupdate"
153: [ "$HS_DNSPARANOIA" = "on" ] && addconfig2 "dnsparanoia"
154: [ -n "$HS_UAMSECRET" ] && addconfig2 "uamsecret $HS_UAMSECRET"
155: test ${HS_DEFSESSIONTIMEOUT:-0} -gt 0 && addconfig2 "defsessiontimeout $HS_DEFSESSIONTIMEOUT"
156: test ${HS_DEFIDLETIMEOUT:-0} -gt 0 && addconfig2 "defidletimeout $HS_DEFIDLETIMEOUT"
157: test ${HS_DEFBANDWIDTHMAXDOWN:-0} -gt 0 && addconfig2 "defbandwidthmaxdown $HS_DEFBANDWIDTHMAXDOWN"
158: test ${HS_DEFBANDWIDTHMAXUP:-0} -gt 0 && addconfig2 "ddefbandwidthmaxup $HS_DEFBANDWIDTHMAXUP"
159: test ${HS_DEFINTERIMINTERVAL:-0} -gt 0 && addconfig2 "definteriminterval $HS_DEFINTERIMINTERVAL"
160: test ${HS_COAPORT:-0} -gt 0 && addconfig2 "coaport $HS_COAPORT"
161: [ -n "$HS_POSTAUTH_PROXY" -a -n "$HS_POSTAUTH_PROXYPORT" ] && {
162: addconfig2 "postauthproxy $HS_POSTAUTH_PROXY"
163: addconfig2 "postauthproxyport $HS_POSTAUTH_PROXYPORT"
164: }
165:
166: # these are settings you would typically get from a centralized source
167: # but, if not, they are also just configurable normally. a better way is needed
168: # to manage settings and ensure they are not repeated
169:
170: (cat <<EOF
171: radiusserver1 $HS_RADIUS
172: radiusserver2 ${HS_RADIUS2:-$HS_UAMSERVER}
173: radiussecret $HS_RADSECRET
174: radiusauthport ${HS_RADAUTH:-1812}
175: radiusacctport ${HS_RADACCT:-1813}
176: uamserver $(eval echo $HS_UAMFORMAT)
177: radiusnasid ${HS_NASID:-nas01}
178: $configs2
179: EOF
180: ) >> $MAIN_CONF
181: fi
182: }
183:
184: checkfornew() {
185: if [ -x /usr/bin/cmp ]; then
186: cmp -s $HS_TEMP $HS_CONF || (
187: mv $HS_TEMP $HS_CONF
188: killall -HUP chilli 2>/dev/null >/dev/null
189: )
190: else
191: # no diff, so lets copy and let chilli
192: # refresh on its own (interval option)
193: mv $HS_TEMP $HS_CONF
194: fi
195: }
196:
197: radiusconfig() {
198: touch $LOCAL_CONF $HS_CONF
199: if [ "x$HS_RADCONF" = "xurl" ]; then
200: for s in $HS_RADCONF_URL $HS_RADCONF_URLS; do
201: sep='?'
202: opt=
203: qs="config=chilli&mac=$HS_NASMAC&nasid=$HS_NASID&nasip=$HS_NASIP&ssid=$HS_SSID"
204: [ "$s" = "$(echo $s|awk -F'?' '{ print $1 }')" ] || sep='&'
205: [ "$HS_RADCONF_USER" = "" ] || opt="-u '$HS_RADCONF_USER:$HS_RADCONF_PWD'"
206: curl -k -A CoovaAP $opt "$s$sep$qs" 2>/dev/null > $HS_TEMP && { checkfornew; break; }
207: done
208: elif [ "x$HS_RADCONF" = "xon" ]; then
209: for s in $HS_RADCONF_SERVER $HS_RADCONF_SERVERS; do
210: $SBIN/chilli_radconfig \
211: --radiusserver1="$s" \
212: --radiussecret="$HS_RADCONF_SECRET" \
213: --radiusauthport="$HS_RADCONF_AUTHPORT" \
214: --radiusacctport="$HS_RADCONF_ACCTPORT" \
215: --nasip="$HS_NASIP" \
216: --nasmac="$HS_NASMAC" \
217: --adminuser="$HS_RADCONF_USER" \
218: --adminpasswd="$HS_RADCONF_PWD" \
219: > $HS_TEMP && { checkfornew; break; }
220: done
221: # elif [ "x$HS_LOCAL" != "xon" ]; then
222: # $SBIN/chilli_radconfig > $HS_TEMP && { checkfornew; break; }
223: fi
224: }
225:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>