Annotation of embedaddon/coova-chilli/doc/chilli.8.in, revision 1.1
1.1 ! misho 1: .\" * chilli - ChilliSpot.org. A Wireless LAN Access Point Controller
! 2: .\" * Copyright (C) 2002, 2003, 2004, 2005 Mondru AB.
! 3: .\" * Copyright (C) 2007 David Bird <david@coova.com>
! 4: .\" *
! 5: .\" * All rights reserved.
! 6: .\" *
! 7: .\" Manual page for chilli
! 8: .\" SH section heading
! 9: .\" SS subsection heading
! 10: .\" LP paragraph
! 11: .\" IP indented paragraph
! 12: .\" TP hanging label
! 13:
! 14: .TH chilli 8 "August 2007"
! 15: .SH NAME
! 16: chilli \- A Software Access Controller for Captive Portal and WPA
! 17:
! 18: .SH SYNOPSIS
! 19: .B chilli
! 20: \-\-help
! 21:
! 22: .B chilli
! 23: \-\-version
! 24:
! 25: .B chilli
! 26: [
! 27: .I configuration options
! 28: ]
! 29:
! 30:
! 31: .B chilli
! 32: \-fd
! 33: [
! 34: .I configuration options
! 35: ]
! 36: # for debugging in foreground
! 37:
! 38: .SH DESCRIPTION
! 39: .B chilli
! 40: is a software access controller typically used in Wireless LAN HotSpot. It
! 41: supports of two different access methods for a Wireless LAN HotSpot:
! 42: Universal Access Method (UAM) as well as Wireless Protected Access
! 43: (WPA). This version of
! 44: .B chilli
! 45: is called CoovaChilli, a fork of the original ChilliSpot. See
! 46: .I http://coova.org/
! 47: for more information.
! 48:
! 49: .B chilli
! 50: has three major interfaces: A downlink interface for accepting
! 51: connections from clients, a radius interface for authenticating
! 52: clients and an uplink network interface for forwarding traffic to
! 53: other networks.
! 54:
! 55: Authentication of clients is performed by an external radius
! 56: server. For UAM the CHAP-Challenge and CHAP-Password as specified by
! 57: RFC 2865 is used. For WPA the radius EAP-Message attribute as defined
! 58: in RFC 2869 is used. The message attributes described in RFC 2548 are
! 59: used for transferring encryption keys from the radius server to
! 60: chilli. Furthermore the radius interface supports accounting.
! 61:
! 62: The downlink interface accepts DHCP and ARP requests from clients. The
! 63: client can be in two states: Unauthenticated and authenticated. In
! 64: unauthenticated state, web requests from the client are redirected to
! 65: an authentication web server - the captive portal.
! 66:
! 67: In a typical application unauthenticated clients will be forwarded to
! 68: a web server and prompted for username and password. The web
! 69: server forwards the user credentials to
! 70: .B chilli
! 71: by means of web browser redirects. On the
! 72: .B chilli
! 73: side, authentication requests are forwarded to a radius server. If
! 74: authentication is successful the state of the client is changed to
! 75: authenticated. This authentication method is known as Universal Access
! 76: Method (UAM).
! 77:
! 78: As an alternative to UAM, the access points can be configured to
! 79: authenticate the clients by using Wireless Protected Access (WPA). In
! 80: this case, authentication credentials are forwarded from the WPA access
! 81: point to
! 82: .B chilli
! 83: by using the radius protocol. The received radius request is proxied by
! 84: .B chilli
! 85: and forwarded to the radius server.
! 86:
! 87: The uplink interface is implemented by using the
! 88: .B TUN/TAP driver.
! 89: When
! 90: .B chilli
! 91: is started, a tun interface is established and an optional external
! 92: configuration script is called.
! 93:
! 94: Runtime errors are reported using the
! 95: .B syslogd (8)
! 96: facility.
! 97:
! 98: .SH OPTIONS
! 99:
! 100: Configuration parameters set on the command line always take precedent over
! 101: anything configured in a file. See
! 102: .BR chilli.conf(5)
! 103: for a complete list of possible configurations. Here are just a few common command
! 104: line options:
! 105:
! 106: .TP
! 107: .BI --help
! 108: Print help and exit.
! 109:
! 110: .TP
! 111: .BI --version
! 112: Print version and exit.
! 113:
! 114: .TP
! 115: .BI --fg
! 116: Run in foreground (default = off)
! 117:
! 118: .TP
! 119: .BI --debug
! 120: Run in debug mode (default = off)
! 121:
! 122: .TP
! 123: .BI --conf " file"
! 124: Configuration file to use instead of the default below. See
! 125: .BR chilli.conf(5)
! 126: for more inforamtion.
! 127:
! 128: .TP
! 129: .BI --pidfile " file"
! 130: File to put the process ID instead of the default below.
! 131:
! 132: .TP
! 133: .BI --cmdsock " file"
! 134: UNIX socket file for inter-process communication instead of default below.
! 135:
! 136: .TP
! 137: .BI --statedir " path"
! 138: Directory of nonvolatile data instead of default below.
! 139:
! 140:
! 141: .SH FILES
! 142: .I @SYSCONFDIR@/chilli.conf
! 143: .RS
! 144: The main
! 145: .B chilli
! 146: configuration file.
! 147:
! 148: .RE
! 149: .I @ETCCHILLI@/defaults
! 150: .RS
! 151: Default configurations used by the
! 152: .B chilli
! 153: init.d and
! 154: .B functions
! 155: scripts.
! 156: .RE
! 157:
! 158: .RE
! 159: .I @ETCCHILLI@/config
! 160: .RS
! 161: Location specific configurations used by
! 162: .B chilli
! 163: init.d and
! 164: .B functions
! 165: scripts. Copy the
! 166: .B defaults
! 167: file mentioned above and edit.
! 168: .RE
! 169:
! 170: .RE
! 171: .I @ETCCHILLI@/functions
! 172: .RS
! 173: Helps configure
! 174: .B chilli
! 175: by loading the above configurations, sets some defaults, and
! 176: provides functions for writing
! 177: .B main.conf, hs.conf,
! 178: and
! 179: .B local.conf
! 180: based on local and possibily centralized. See
! 181: .BR chilli.conf(5)
! 182: .RE
! 183:
! 184: .RE
! 185: .I @INITDIR@/chilli
! 186: .RS
! 187: The init.d file for
! 188: .B chilli
! 189: which defaults to using the above configurations to build a set of
! 190: configurations files in the @ETCCHILLI@ directory - taking local
! 191: configurations and optionally centralized configurations from RADIUS or a
! 192: URL. See
! 193: .BR chilli.conf(5)
! 194:
! 195: .RE
! 196: .I @VARRUN@/chilli.sock
! 197: .RS
! 198: UNIX socket used to daemon communication. See
! 199: .BR chilli_query(1)
! 200: .RE
! 201:
! 202: .RE
! 203: .I @VARRUN@/chilli.pid
! 204: .RS
! 205: Process ID file.
! 206: .RE
! 207:
! 208: .RE
! 209: .I @ETCCHILLI@/www/
! 210: .RS
! 211: The typical directory for embedded web content served up by
! 212: .B chilli
! 213: using a minimal web server. A convenient place for the splash page, embedded
! 214: captive portal, and JSON javascript resources.
! 215: .RE
! 216:
! 217: .SH SIGNALS
! 218: Sending HUP to chilli will cause the configuration file to be reread
! 219: and DNS lookups to be performed.
! 220: The configuration options are not affected by sending HUP:
! 221: .B fg
! 222: ,
! 223: .B conf
! 224: ,
! 225: .B pidfile
! 226: ,
! 227: .B statedir
! 228: ,
! 229: .B net
! 230: ,
! 231: .B dynip
! 232: ,
! 233: .B statip
! 234: ,
! 235: .B uamlisten
! 236: ,
! 237: .B uamport
! 238: ,
! 239: .B radiuslisten
! 240: ,
! 241: .B coaport
! 242: ,
! 243: .B coanoipcheck
! 244: ,
! 245: .B proxylisten
! 246: ,
! 247: .B proxyport
! 248: ,
! 249: .B proxyclient
! 250: ,
! 251: .B proxysecret
! 252: ,
! 253: .B dhcpif
! 254: ,
! 255: .B dhcpmac
! 256: ,
! 257: .B lease
! 258: , or
! 259: .B eapolenable
! 260:
! 261:
! 262: The above configuration options can only be changed by restarting the daemon.
! 263:
! 264: .SH "SEE ALSO"
! 265: .BR chilli.conf(5)
! 266: .BR chilli-radius(5)
! 267: .BR chilli_query(1)
! 268: .BR chilli_radconfig(1)
! 269: .BR chilli_response(1)
! 270: .BR syslogd (8)
! 271:
! 272:
! 273: .SH NOTES
! 274: .LP
! 275:
! 276: See
! 277: .I http://coova.org/
! 278: for further documentation and community support.
! 279: The original ChilliSpot project homepage is/was at www.chillispot.org.
! 280:
! 281: Besides the long options documented in this man page
! 282: .B chilli
! 283: also accepts a number of short options with the same functionality. Use
! 284: .B chilli --help
! 285: for a full list of all the available options.
! 286:
! 287: The
! 288: .B TUN/TAP driver is required
! 289: for proper operation of the
! 290: .B chilli
! 291: server. Linux kernels later than 2.4.7 already include the driver,
! 292: but typically needs to be loaded manually with
! 293: .B modprobe tun
! 294: or automaticly by adding
! 295: .B alias char-major-10-200 tun
! 296: to the
! 297: .B /etc/modules.conf
! 298: configuration file. For other platforms see
! 299: .I http://vtun.sourceforge.net/tun/
! 300: for information on how to install and configure the TUN/TAP driver.
! 301:
! 302:
! 303: .SH AUTHORS
! 304:
! 305: CoovaChilli and ChilliSpot are licensed under the Gnu Public License.
! 306: Copyright (C) 2002-2005 by Mondru AB.,
! 307: 2006-2007 David Bird <david@coova.com>,
! 308: All rights reserved.
! 309:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>