Antoine's Research: Difference between revisions
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
[[Category: Development Team Research Pages]] | [[Category: Development Team Research Pages]] | ||
<blockquote><i> | |||
“ The greatest challenge to any thinker is stating the problem in a way that will allow a solution.<br/> | |||
- Bertrand Russell | |||
</i></blockquote> | |||
<blockquote><i> | |||
“ Go to the people<br/> | |||
Live among the people<br/> | |||
Learn from the people<br/> | |||
Plan with the people<br/> | |||
Work with the people<br/> | |||
Start with what the people know<br/> | |||
Build on what the people have<br/> | |||
Teach by showing; learn by doing<br/> | |||
Not a showcase but a pattern<br/> | |||
Not odds and ends but a system<br/> | |||
Not a piecemeal but an integrated approach<br/> | |||
Not to conform but to transform<br/> | |||
Not relief but release<br/> | |||
- James Yen | |||
</i></blockquote> | |||
Revision as of 12:11, 13 November 2008
“ The greatest challenge to any thinker is stating the problem in a way that will allow a solution.
- Bertrand Russell
“ Go to the people
Live among the people
Learn from the people
Plan with the people
Work with the people
Start with what the people know
Build on what the people have
Teach by showing; learn by doing
Not a showcase but a pattern
Not odds and ends but a system
Not a piecemeal but an integrated approach
Not to conform but to transform
Not relief but release
- James Yen
TESTBED
2x Inveneo (CSIR's) 2x Linksys WRT54GL (Antoine's) 8x Meraki routers (CSIR's) 2x Accton routers (Antoine's)
PREPARE DEVELOPMENT ENVIRONMENT
1. Check out sources
- Check out meraka trunk
TODO - we need a name for this code so that we can create a public source repo for it!
- One of:
- Check out: OpenWRT Kamikaze
$ cd ~ $ svn checkout https://svn.openwrt.org/openwrt/trunk/ kamikaze/ $ cd kamikaze/ $ ./scripts/feeds update -a # Checkout the extra packages $ ./scripts/feeds install <name_1> <name_2> # Creates the symlinks for the packages you like to install $ make menuconfig # Select your target, packages and other options. Only select the packages you need. $ make world
- Symink to existing OpenWRT
TODO
- Do: Check out SVN version of coova-chilli
cd package ; svn co http://dev.coova.org/svn/coova-ap/packages/kamikaze/coova-chilli ; cd ..
2. Configure OpenWRT
- Read:
http://wiki.openwrt.org/OpenWrtDocs/Packages
- Run:
./scripts/feeds install libnetsnmp
- Select packages:
Base->pthread Administration->meraka-widgets libnetsnmp coova-chilli ./scripts/feeds install batmand ./scripts/feeds install batmand-adv
- Edit: package/opkg/files/opkg.conf
src packages http://l-cube.artifactual.org.za/~antoine/firmware/packages/mipsel
3. Build Everything
- Run:
make TODO
INSTALLATION AND CONFIGURATION FOR LINKSYS WRT54G(L)
0. prepare router
- Handy:
nvram set boot_wait=on nvram commit wget http://l-cube.artifactual.org.za/~antoine/firmware/openwrt-brcm-2.4-squashfs.trx -O - | mtd -e linux -r write - linux opkg update opkg install snmpd ; ln -s ../init.d/snmpd S70snmpd
1. flash router
- Run:
wget http://l-cube.artifactual.org.za/~antoine/firmware/openwrt-brcm-2.4-squashfs.trx -O - | mtd -e linux -r write - linux
2.a. configure portal interface (when using wireless port for dev - DEPRECATE)
uci delete network.lan.type uci set wireless.cfg03c014.network=wifi
- Append: /etc/config/network
config 'interface' 'wifi'
option 'ifname' 'wl0'
- Run:
uci set dhcp.lan.ignore=1 uci set wireless.wl0.disabled=0 uci set network.wifi.ifname=wl0 uci set network.wifi.proto=static uci set network.wifi.ipaddr=0.0.0.0 uci commit reboot
- Test:
echo 1 > /proc/sys/net/ipv4/ip_forward iptables -I POSTROUTING -t nat -o eth0.0 -j MASQUERADE
- Append: TODO
echo "echo 1 > /proc/sys/net/ipv4/ip_forward" >> ??? echo "iptables -I POSTROUTING -t nat -o eth0.0 -j MASQUERADE" >> ???
2.b. Configure router for B.A.T.M.A.N. (using lan port for dev)
- Read:
https://dev.open-mesh.net/svn/batman/trunk/batman-adv-kernelland/batman-core/README http://open-mesh.net/batman/doc/RoutingVodoo http://www.blogin.it/check-batman.html http://trac2.assembla.com/nightwing/browser/trunk/etc/config/batman http://trac2.assembla.com/nightwing/browser/trunk/etc/config/batman_mode
- Run: (configure LAN interface)
uci delete network.lan.type uci delete network.lan.gateway uci delete network.lan.dns uci set network.lan.ipaddr=192.168.1.1 uci commit
- Run: (temmporarily disable firewall so we can get in to the WAN interface from my own lan side)
iptables --flush
- Run: (OPTIONAL: configure WAN interface for a gateway mesh-node)
uci set network.wan.proto=static uci set network.wan.ipaddr=192.168.20.200 uci set network.wan.netmask=255.255.255.0 uci set network.wan.dns=192.168.20.5 uci set network.wan.gateway=192.168.20.1 uci commit
- Run: (bring up WIFI interface)
uci set network.wifi=interface uci set network.wifi.ifname=wl0 uci set wireless.wl0.disabled=0 uci set wireless.wl0.channel=5 uci set wireless.cfg03c014.network=wifi uci set wireless.cfg03c014.mode=adhoc # TODO - wtf is it with the numbers ? uci set wireless.cfg03c014.ssid=batman uci commit reboot
- Append: /etc/opkg.conf (for some reason libpthread has gone missing from master)
src packages http://l-cube.artifactual.org.za/~antoine/firmware/packages/mipsel
- One of:
- Run: (install BATMAN)
opkg update opkg install kmod-batgat # gateway only opkg install batmand batmand-adv # TODO - how do we get the stable branch to install ?
- Run:
http://downloads.open-mesh.net/batman/stable/mipsel-kamikaze/batmand_0.3-current_mipsel-kk-elf-32-lsb-static.tgz
- Test: (on gateway mesh-node)
# ifconfig wl0 10.0.10.1 netmask 255.255.0.0 # insmod batgat # /etc/init.d/firewall stop # iptables --flush # iptables -t nat --flush # iptables -I FORWARD -j ACCEPT # iptables -t nat -A POSTROUTING -o eth0.1 -j MASQUERADE # batmand -g 100mbit -d 3 wl0 iptables -t nat -A POSTROUTING -o eth0.1 -j MASQUERADE batmand -g 100mbit wl0
- Test: (on normal mesh-node)
# ifconfig wl0 10.0.11.1 netmask 255.255.0.0 # /etc/init.d/firewall stop (rm /etc/rc.d/S45firewall) # iptables --flush # iptables -t nat --flush # iptables -I FORWARD -j ACCEPT # iptables -t nat -A POSTROUTING --source 192.168.0.0/24 -o gate0 -j MASQUERADE # batmand -r 3 -d 3 wl0 iptables -t nat -A POSTROUTING --source 192.168.0.0/24 -o gate0 -j MASQUERADE batmand -r 3 wl0 ifconfig eth0.0 0.0.0.0 # for portal /etc/init.d/chilli start # for portal
- Configure: (gateway mesh-node)
rm /etc/rc.d/S45firewall uci set network.wifi.proto=static uci set network.wifi.ipaddr=10.0.10.1 uci set network.wifi.netmask=255.255.0.0
- Configure: (normal mesh-node)
rm /etc/rc.d/S45firewall uci set network.wifi.proto=static uci set network.wifi.ipaddr=10.0.11.1 uci set network.wifi.netmask=255.255.0.0 uci set network.lan.dns=192.168.20.5 # TODO - LOSE
3. configure portal (coova-chilli)
- Read:
!!! http://hotcakes.wiki.sourceforge.net/Coova+Chilli+JSON+Interface !!! https://help.ubuntu.com/community/WifiDocs/CoovaChilli http://daloradius.wiki.sourceforge.net/Chillispot+Integration http://coova.org/wiki/index.php/CoovaChilli/JSON http://coova.org/wordpress/index.php/2007/08/15/any-page-a-login-page/
- Run:
opkg update opkg install kmod-tun opkg install http://l-cube.artifactual.org.za/~antoine/firmware/packages/mipsel/coova-chilli_1.0.12-1_mipsel.ipk
- AUTO * Edit: /etc/chilli/defaults
HS_WANIF=eth0.0 (gate0 for batman) HS_LANIF=wl0 (eth0.0 for batman) (HS_NETWORK=192.168.0.1/24 for batman) (HS_UAMLISTEN=192.168.0.1 for batman) HS_DNS1=10.1.0.1 (192.168.20.5) HS_RADIUS=192.168.20.225 HS_RADIUS2=192.168.20.225 HS_ADMUSR=chillispot HS_ADMPWD=thechillispotsecret HS_RADSECRET=theradiussecret HS_UAMSECRET=theuamsecret HS_UAMALLOW=10.1.0.0/24,192.168.20.0/24 (192.168.0.0/24, 192.168.20.0/24) HS_UAMSERVER=10.1.0.1 (192.168.0.1) HS_UAMHOMEPAGE=http://\$HS_UAMLISTEN:\$HS_UAMPORT/www/coova.html # redirects to HS_UAMFORMAT HS_UAMFORMAT=http://\$HS_UAMSERVER:\$HS_UAMPORT/www/index.html # does JSON login HS_UAMSERVICE=http://192.168.20.225/cgi-bin/uam.pl # Generates pap-password - Needs perl
- AUTO * Edit: meraka-portal/files/www/cgi-bin/uam.pl
$uamsecret = "theaumsecret";
- AUTO * Edit: /etc/chilli/www/ChilliLibrary.js:296
var logonUrl = chilliController.urlRoot() + 'logon?username=' + escape(username) + '&response=' + resp.response;
- Do on node:
scp -r antoine@l-cube.artifactual.org.za:~/Projects/meraka/trunk/package/meraka-portal/files/* /
- Do on dashboard-server:
scp -r antoine@l-cube.artifactual.org.za:~/Projects/meraka/trunk/package/meraka-portal/files/www/cgi-bin/* /usr/lib/cgi-bin
- Test:
reboot #echo 1 > /proc/sys/net/ipv4/ip_forward #iptables -I POSTROUTING -t nat -o eth0.0 -j MASQUERADE ifconfig eth0.0 0.0.0.0 # (BATMAN) /etc/init.d/chilli start http://192.168.0.1:3990/json/status?lang=en
- Run:
/etc/rc.d ; ln -s ../init.d/chilli S70chilli
== 3b. Integrate coova-chilli + B.A.T.M.A.N.
- Do:
uci set network.lan.ipaddr=0.0.0.0 uci set network.wifi.proto=static uci set network.wifi.ipaddr=10.0.11.1 uci set network.wifi.netmask=255.255.0.0 uci commit
4. install meraka-*
- Run:
make package/meraka-widgets-compile V=99 make package/index # scp ./build_dir/mipsel/meraka-widgets-0.1/village-bus-* root@192.168.20.200:/www/cgi-bin/ opkg remove meraka-widgets opkg install http://l-cube.artifactual.org.za/~antoine/firmware/packages/mipsel/meraka-widgets_0.1-1_mipsel.ipk clear;opkg remove meraka-widgets;opkg install http://l-cube.artifactual.org.za/~antoine/firmware/packages/mipsel/meraka-widgets_0.1-1_mipsel.ipk
INSTALLATION AND CONFIGURATION FOR MERAKI
0. FLASHING MERAKI
- Useful:
screwdriver soldering iron A max232 and a handful of capacitors hammer (sledge)
- Read:
http://sodoityourself.com/max232-serial-level-converter http://www.nslu2-linux.org/wiki/HowTo/TelnetIntoRedBoot http://wiki.openwrt.org/OpenWrtDocs/Hardware/Meraki/Mini
INSTALLATION AND CONFIGURATION FOR GATEWAY SERVER (Inveneo)
0. Get OS install image onto a USB Stick
- xubuntu:
. unetbootin . root (hd1,0) . kernel /casper/vmlinuz file=preseed/xubuntu.seed boot=casper . initrd /casper/initrd.gz . boot
- Puppy:
. kernel /vmlinuz . initrd /initrd.gz . boot
1. Depends
- Starting with xubuntu-8.10-rc desktop edition
apt-get install ssh (for openssh-server) apt-get install rrdtool snmp (needed for: phpMyPrepaid) apt-get install mysql-server mysql-client mysql-common (needed for: phpMyPrepaid) apt-get install apache2 (needed for: phpMyPrepaid) apt-get install php5 php5-snmp php5-gd php5-mysql (needed for: phpMyPrepaid) apt-get install freeradius freeradius-mysql apt-get install dnsmasq (for dns/dhcp and tftp) wget http://ap.coova.org/chilli/coova-chilli_1.0.12-1_i386.deb dpkg -i ./coova-chilli_1.0.12-1_i386.deb
- Without php-myprepaid
apt-get install freeradius
2. Configure Billing
- Read: man rlm_counter
http://projects.asn.pl/freemods/wiki/rlm_backcounter http://www.warungdigital.com/freeradius-disconnected-user-when-time-limit-exceed.htm
- Edit: /etc/freeradius/modules/counter
# check-name sets the maximum value of the counter & read from user db
# count-attribute sets the counter increment
counter prepaid {
filename = ${db_dir}/db.prepaid
counter-name = Prepaid-Session-Time
check-name = Max-Prepaid-Session
count-attribute = Acct-Session-Time
key = User-Name
reset = never
reply-name = Session-Timeout
cache-size = 1000
}
- Edit: /etc/freeradius/radiusd.conf
line 709 uncomment: daily line 710 add: prepaid
- Edit: /etc/freeradius/sites-enabled/default
line 166: uncomment daily line 167: add prepaid line 320: uncomment daily line 321: add prepaid
- Edit: /etc/freeradius/users.chilli -> Add to prepaid users:
Max-Prepaid-Session=360
3. Customer Management - dashboard server
- Read:
!!! http://wiki.freeradius.org/Status http://wiki.freeradius.org/SNMP_HOWTO http://www.w3.org/TR/css3-layout/
- Do:
ln -s /etc/freeradius/sites-available/status /etc/freeradius/sites-enabled/status
- Status:
echo "Message-Authenticator = 0x00, FreeRADIUS-Statistics-Type = 31" | radclient localhost:18120 status adminsecret /var/log/freeradius/radutmp, /var/log/freeradius/radwtmp radwho, radlast
4a. configure flatfile authentication (freeradius - running on dashboard server -> ubuntu JEOS)
- Read:
!!! http://coova.org/wiki/index.php/CoovaChilli/RADIUS http://wiki.freeradius.org/index.php/FreeRADIUS_Wiki:FAQ#How_do_I_get_radius_to_pick_up_changes_in_the_raddb.2Fusers_file.3F
- Run:
apt-get install freeradius
- Edit: /etc/freeradius/radiusd.conf:113
pidfile = /var/run/freeradius/freeradius.pid
- Edit: /etc/freeradius/clients.conf
client 192.168.20.0/24 {
secret = theradiussecret
shortname = meshportal
#nastype = other
}
- Edit: /etc/freeradius/users
$INCLUDE users.chilli
DEFAULT Auth-Type := Reject
Reply-Message = "Login attempt failed.",
Fall-Through = No
- Create: /etc/freeradius/users.chilli
chillispot ClearText-Password := "thechillispotsecret"
joe ClearText-Password := "smith"
guest ClearText-Password := "guest"
Session-Timeout = 300,
Idle-Timeout = 60,
WISPr-Bandwidth-Max-Up = 64000,
WISPr-Bandwidth-Max-Down = 32000
prepaid ClearText-Password := "prepaid", Max-Prepaid-Session := 3600
Reply-Message := "%{Session-Timeout} left %{User-Name}."
- Test:
radiusd -X radtest chillispot chillispot 192.168.20.225 10 theradiussecret /etc/init.d/freeradius start kill -1 `cat /var/run/freeradius/freeradius.pid`
- Edit: /etc/group (Permissions)
freerad:x:124:www-data
- Run: (Permissions)
chmod -R g+w /etc/freeradius
- Run:
copy over our custom radius users files&dir
4b. configure mysql authentication (freeradius - running on dashboard server -> ubuntu JEOS)
- Install:
apt-get install libmysqlclient-dev
- Edit: /etc/freeradius/users (disable flat file user entries)
. comment out users.chilli include and DEFAULT rule
- Edit: /etc/freeradius/sql.conf
database = "mysql" server = "localhost" login = "radius" password = "radpass" radius_db = "radius"
- Edit: /etc/freeradius/sites-enabled/default
authorize:152 -> sql accounting:344 -> sql session:369 -> sql post-auth:396 -> sql
- Edit: village-bus-radius/Makefile
.set correct mysql username and password
- Run: (create radius tables for mysql)
make mysql
- Run: (populate radius tables for mysql with defaults & test data)
make mysql-populate