1

我正在尝试使用 CoovaChilli 建立一个强制门户。到目前为止,我可以让我的路由器从 10.1.0.0/24 子网分发 IP 地址,但是当我尝试访问 www.youtube.com 时,浏览器只是挂起。我只能通过手动输入 10.1.0.1 来访问强制门户。相关文件如下

cat /etc/chilli/config
HS_LANIF=eth1              # Subscriber Interface for client devices
HS_NETWORK=10.1.0.0        # HotSpot Network (must include HS_UAMLISTEN)
HS_NETMASK=255.255.0.0     # HotSpot Network Netmask
HS_UAMLISTEN=10.1.0.1      # HotSpot IP Address (on subscriber network)
HS_UAMPORT=3990            # HotSpot UAM Port (on subscriber network)
HS_UAMUIPORT=4990          # HotSpot UAM "UI" Port (on subscriber network, for embedded portal)
HS_NASID=localhost
HS_RADIUS=localhost
HS_RADIUS2=localhost
HS_RADSECRET=testing123    # Set to be your RADIUS shared secret
HS_UAMSECRET=greatsecret     # Set to be your UAM secret
HS_UAMALIASNAME=chilli
HS_SSID="GreenEarth"
HS_NASIP=127.0.0.1    # To explicitly set NAS-IP-Address
HS_UAMSERVER=$HS_UAMLISTEN
HS_UAMFORMAT=http://\$HS_UAMLISTEN/cake2/rd_cake/dynamic_details/chilli_browser_detect/
HS_MACAUTH=on              # To turn on MAC Authentication
HS_TCP_PORTS="80 23 8000"
HS_MODE=hotspot
HS_TYPE=chillispot
HS_WWWDIR=/etc/chilli/www
HS_WWWBIN=/etc/chilli/wwwsh
HS_PROVIDER=Coova
HS_PROVIDER_LINK=http://www.coova.org/
HS_LOC_NAME="My HotSpot"           # WISPr Location Name and used in portal
HS_COAPORT=3799

cat /etc/network/interfaces
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

auto eth1
iface eth1 inet static
    address 10.1.0.0
    netmask 255.255.255.0

cat /etc/chilli/ipup.sh
iptables -I POSTROUTING -t nat -o $HS_WANIF -j MASQUERADE

cat /proc/sys/net/ipv4/ip_forward
1

任何帮助将不胜感激。谢谢。

4

1 回答 1

3

您需要在 coovachilli 配置文件中启用 https 重定向:

HS_REDIRSSL=on
HS_SSLKEYFILE=/etc/chilli/key.pem
HS_SSLCERTFILE=/etc/chilli/cert.pem

要生成证书文件,请参阅如何使用 openssl 创建自签名证书?.

此外,您还需要启用启用 SSL 支持的 coovachilli 构建。

使用此配置,您的用户应在输入 https url(如 youtube 之一)时被重定向到登录页面。

但是他们会收到浏览器警告,因为证书不会是浏览器正在等待的证书...

于 2015-11-03T14:05:46.673 回答