Antoine's Research: Difference between revisions

From WirelessAfrica
No edit summary
No edit summary
 
(8 intermediate revisions by one other user not shown)
Line 1: Line 1:
[[Category: Development Team Research Pages]]
[[Category: Development Team Research Pages]][[Category: WISP in a box]]
 
 
<blockquote><i>
“ The greatest challenge to any thinker is stating the problem in a way that will allow a solution.<br/>
</i>
&nbsp;&nbsp;- Bertrand Russell
</blockquote>
 
<blockquote><i>
“ Go to the people<br/>
Live among the people<br/>
Learn from the people<br/>
Plan with the people<br/>
Work with the people<br/>
Start with what the people know<br/>
Build on what the people have<br/>
Teach by showing; learn by doing<br/>
Not a showcase but a pattern<br/>
Not odds and ends but a system<br/>
Not a piecemeal but an integrated approach<br/>
Not to conform but to transform<br/>
Not relief but release<br/>
</i>
&nbsp;&nbsp;- James Yen
</blockquote>
 
= ARCHITECTURE =
[[image:antoine-architecture.png|Architecture]]
 
= TESTBED =
 
[[image:antoine-testbed.png|Test Bed]]
  2x Inveneo          (CSIR's)
  2x Linksys WRT54GL  (Antoine's)
  8x Meraki routers  (CSIR's)
  2x Accton routers  (Antoine's)
 
 
 


= PREPARE DEVELOPMENT ENVIRONMENT =
= PREPARE DEVELOPMENT ENVIRONMENT =
Line 5: Line 44:
== 1. Check out sources ==
== 1. Check out sources ==
* Check out meraka trunk
* Check out meraka trunk
* Check out: OpenWRT Kamikaze  
  TODO - we need a name for this code so that we can create a public source repo for it!
* One of:
** Check out: OpenWRT Kamikaze  
   $ cd ~
   $ cd ~
   $ svn checkout https://svn.openwrt.org/openwrt/trunk/ kamikaze/
   $ svn checkout https://svn.openwrt.org/openwrt/trunk/ kamikaze/
Line 13: Line 54:
   $ make menuconfig                          # Select your target, packages and other options. Only select the packages you need.
   $ make menuconfig                          # Select your target, packages and other options. Only select the packages you need.
   $ make world
   $ make world
  -->> OR -->>
** Symink to existing OpenWRT
* Link to existing OpenWRT
  TODO
* Check out SVN version of coova-chilli


== 2. Configure OpenWRT ==
== 2. Configure OpenWRT ==
* Read:
* Read:
  http://wiki.openwrt.org/OpenWrtDocs/BuildingKamikazeHowTo
   http://wiki.openwrt.org/OpenWrtDocs/Packages
   http://wiki.openwrt.org/OpenWrtDocs/Packages
* Get some stuff from source:
* Do: Check out SVN version of coova-chilli
   cd package ; svn co http://dev.coova.org/svn/coova-ap/packages/kamikaze/coova-chilli ; cd ..
   cd package ; svn co http://dev.coova.org/svn/coova-ap/packages/kamikaze/coova-chilli ; cd ..
* Run:
* Run:
   ./scripts/feeds install libnetsnmp
   ./scripts/feeds install libnetsnmp
  ./scripts/feeds install batmand
  ./scripts/feeds install batmand-adv
  ./scripts/feeds install libjson
  ./scripts/feeds install curl
* Compile packages:
  make package/feeds/packages/net-snmp-compile
  make package/feeds/packages/libjson-c-compile
* Select packages:
* Select packages:
   Base->pthread
   Base->libpthread
   Administration->meraka-widgets
   Administration->meraka-widgets
   libnetsnmp
   Libraries->libjson
   coova-chilli
  Libraries->libcurl
   ./scripts/feeds install batmand
  Libraries->libnetsnmp
   ./scripts/feeds install batmand-adv
   Libraries->libopenssl
* Edit: package/opkg/files/opkg.conf
  Network->Captive Portals->coova-chilli
   Network->batmand
   Network->curl
 
 
* Edit: package/opkg/files/opkg.conf : 2
   src packages http://l-cube.artifactual.org.za/~antoine/firmware/packages/mipsel
   src packages http://l-cube.artifactual.org.za/~antoine/firmware/packages/mipsel


== 3. Build Everything ==
== 3. Build Everything ==
* Run:
* Run:
   make
   make
  TODO




Line 58: Line 112:
* Run:
* Run:
   uci delete network.lan.type
   uci delete network.lan.type
   uci set wireless.cfg03c014.network=wifi
   uci set wireless.@wifi-iface[0].network=wifi     # TODO - that's whats with the numbers
* Append: /etc/config/network
* DEPRECATE Append: /etc/config/network
   config 'interface' 'wifi'
   config 'interface' 'wifi'
           option 'ifname' 'wl0'
           option 'ifname' 'wl0'
Line 76: Line 130:
   echo "echo 1 > /proc/sys/net/ipv4/ip_forward" >> ???
   echo "echo 1 > /proc/sys/net/ipv4/ip_forward" >> ???
   echo "iptables -I POSTROUTING -t nat -o eth0.0 -j MASQUERADE" >> ???
   echo "iptables -I POSTROUTING -t nat -o eth0.0 -j MASQUERADE" >> ???


== 2.b. Configure router for B.A.T.M.A.N. (using lan port for dev) ==
== 2.b. Configure router for B.A.T.M.A.N. (using lan port for dev) ==
Line 100: Line 153:
   uci set network.wan.gateway=192.168.20.1
   uci set network.wan.gateway=192.168.20.1
   uci commit
   uci commit
* Edit: /etc/config/wireless
  append 'cfg' to wifi-iface
* Run:                        (bring up WIFI interface)
* Run:                        (bring up WIFI interface)
   uci set network.wifi=interface
   uci set network.wifi=interface
Line 105: Line 160:
   uci set wireless.wl0.disabled=0
   uci set wireless.wl0.disabled=0
   uci set wireless.wl0.channel=5
   uci set wireless.wl0.channel=5
   uci set wireless.cfg03c014.network=wifi
   uci set wireless.cfg.network=wifi
   uci set wireless.cfg03c014.mode=adhoc              # TODO - wtf is it with the numbers ?
   uci set wireless.cfg.mode=adhoc              # TODO - wtf is it with the numbers ?
   uci set wireless.cfg03c014.ssid=batman
   uci set wireless.cfg.ssid=batman
  uci set wireless.cfg.bssid="BB:BB:BB:BB:BB:BB"
   uci commit  
   uci commit  
   reboot
   reboot
* Append: /etc/opkg.conf        (for some reason libpthread has gone missing from master)
* Append: /etc/opkg.conf        (for some reason libpthread has gone missing from master)
   src packages http://l-cube.artifactual.org.za/~antoine/firmware/packages/mipsel
   src packages http://l-cube.artifactual.org.za/~antoine/firmware/packages/mipsel
* Run:                          (install BATMAN)
* One of:
** Run:                          (install BATMAN)
   opkg update
   opkg update
   opkg install kmod-batgat                          # gateway only
   opkg install kmod-batgat                          # gateway only
   opkg install batmand batmand-adv                  # TODO - how do we get the stable branch to install ?
   opkg install batmand batmand-adv                  # TODO - how do we get the stable branch to install ?
  -->> OR -->>
** Run:
   http://downloads.open-mesh.net/batman/stable/mipsel-kamikaze/batmand_0.3-current_mipsel-kk-elf-32-lsb-static.tgz
   http://downloads.open-mesh.net/batman/stable/mipsel-kamikaze/batmand_0.3-current_mipsel-kk-elf-32-lsb-static.tgz
* Test: (on gateway mesh-node)
  # ifconfig wl0 10.0.10.1 netmask 255.255.0.0
  # insmod batgat
  # /etc/init.d/firewall stop
  # iptables --flush
  # iptables -t nat --flush
  # iptables -I FORWARD -j ACCEPT
  # iptables -t nat -A POSTROUTING -o eth0.1 -j MASQUERADE
  # batmand -g 100mbit -d 3 wl0
  iptables -t nat -A POSTROUTING -o eth0.1 -j MASQUERADE
  batmand -g 100mbit wl0
* Test: (on normal mesh-node)
  # ifconfig wl0 10.0.11.1 netmask 255.255.0.0
  # /etc/init.d/firewall stop        (rm /etc/rc.d/S45firewall)
  # iptables --flush
  # iptables -t nat --flush
  # iptables -I FORWARD -j ACCEPT
  # iptables -t nat -A POSTROUTING --source 192.168.0.0/24 -o gate0 -j MASQUERADE
  # batmand -r 3 -d 3 wl0
  iptables -t nat -A POSTROUTING --source 192.168.0.0/24 -o gate0 -j MASQUERADE
  batmand -r 3 wl0
  ifconfig eth0.0 0.0.0.0    # for portal
  /etc/init.d/chilli start  # for portal
* Configure: (gateway mesh-node)
* Configure: (gateway mesh-node)
   rm /etc/rc.d/S45firewall
   rm /etc/rc.d/S45firewall
   uci set network.wifi.proto=static
   uci set network.wifi.proto=static
   uci set network.wifi.ipaddr=10.0.10.1
   uci set network.wifi.ipaddr=10.0.0.1
   uci set network.wifi.netmask=255.255.0.0
   uci set network.wifi.netmask=255.0.0.0
* Configure: (normal mesh-node)
* Configure: (normal mesh-node)
   rm /etc/rc.d/S45firewall
   rm /etc/rc.d/S45firewall
   uci set network.wifi.proto=static
   uci set network.wifi.proto=static
   uci set network.wifi.ipaddr=10.0.11.1
   uci set network.wifi.ipaddr=10.0.0.2
   uci set network.wifi.netmask=255.255.0.0
   uci set network.wifi.netmask=255.0.0.0
   uci set network.lan.dns=192.168.20.5            # TODO - LOSE
   uci set network.lan.dns=192.168.20.5            # TODO - LOSE
    
* Test: (on gateway mesh-node)
   iptables -t nat -A POSTROUTING -o eth0.1 -j MASQUERADE  # NAT mesh nodes
  batmand -g 100mbit wl0                                  # Start BATMAN
  batmand -s 192.168.20.226 -g 100mbit wl0                # If you want viz
  batmand -c -d 1                                          # Monitor
  uci set batmand.general.interface=wl0
  uci set batmand.general.gateway_class=100mbit
  uci set batmand.general.visualisation_srv=192.168.20.226
  uci commit
* Test: (on normal mesh-node)
  batmand -r 3 wl0
  batmand -s 192.168.20.226 -r 3 wl0
  uci set batmand.general.interface=wl0
  uci set batmand.general.routing_class=3
  uci set batmand.general.visualisation_srv=192.168.20.226
  uci commit
  # iptables -t nat -A POSTROUTING --source 192.168.0.0/24 -o gate0 -j MASQUERADE
  iptables -t nat -A POSTROUTING --source 192.168.1.0/24 -o gate0 -j MASQUERADE
  ifconfig eth0.0 0.0.0.0    # for portal
  /etc/init.d/chilli start  # for portal
* Test: (on meraki normal mesh-node)
  batmand -r 3 ath0  # Start BATMAN
  batmand -s 192.168.20.226 -r 3 ath0                # If you want viz
  iptables -t nat -A POSTROUTING --source 192.168.1.0/24 -o gate0 -j MASQUERADE  # NAT any clients of this node
  uci set batmand.general.interface=ath0
  uci set batmand.general.routing_class=3
  uci set batmand.general.visualisation_srv=192.168.20.226
  uci commit
* Run:
  cd /etc/rc.d
  ln -s ../init.d/batmand S80batmand
* Clean up before restarting BATMAN: - TODO
 
 
== configure vis server ==
 
* Read:
  https://list.open-mesh.net/pipermail/b.a.t.m.a.n/2008-November/001041.html
* Do on dashboard:
  svn co http://downloads.open-mesh.net/svn/batman/trunk/ batman-svn
  cd batman-svn/vis
  make
  ./vis eth0
 


== 3. configure portal (coova-chilli) ==
== 3. configure portal (coova-chilli) ==
Line 169: Line 245:
   HS_WANIF=eth0.0    (gate0  for batman)
   HS_WANIF=eth0.0    (gate0  for batman)
   HS_LANIF=wl0      (eth0.0 for batman)
   HS_LANIF=wl0      (eth0.0 for batman)
   (HS_NETWORK=192.168.0.1/24 for batman)
   (HS_NETWORK=192.168.1.0/24 for batman)
   (HS_UAMLISTEN=192.168.0.1  for batman)
   (HS_UAMLISTEN=192.168.1.1  for batman)
   HS_DNS1=10.1.0.1  (192.168.20.5)
   HS_DNS1=10.1.0.1  (192.168.20.5)
   HS_RADIUS=192.168.20.225                           
   HS_RADIUS=192.168.20.225                           
Line 178: Line 254:
   HS_RADSECRET=theradiussecret  
   HS_RADSECRET=theradiussecret  
   HS_UAMSECRET=theuamsecret     
   HS_UAMSECRET=theuamsecret     
   HS_UAMALLOW=10.1.0.0/24,192.168.20.0/24  (192.168.0.0/24, 192.168.20.0/24)
   HS_UAMALLOW=10.1.0.0/24,192.168.20.0/24  (192.168.1.0/24, 192.168.20.0/24)
   HS_UAMSERVER=10.1.0.1                    (192.168.0.1)
   HS_UAMSERVER=10.1.0.1                    (192.168.1.1)
   HS_UAMHOMEPAGE=http://\$HS_UAMLISTEN:\$HS_UAMPORT/www/coova.html  # redirects to HS_UAMFORMAT
   HS_UAMHOMEPAGE=http://\$HS_UAMLISTEN:\$HS_UAMPORT/www/coova.html  # redirects to HS_UAMFORMAT
   HS_UAMFORMAT=http://\$HS_UAMSERVER:\$HS_UAMPORT/www/index.html    # does JSON login
   HS_UAMFORMAT=http://\$HS_UAMSERVER:\$HS_UAMPORT/www/index.html    # does JSON login
Line 197: Line 273:
   ifconfig eth0.0 0.0.0.0 # (BATMAN)
   ifconfig eth0.0 0.0.0.0 # (BATMAN)
   /etc/init.d/chilli start
   /etc/init.d/chilli start
   http://192.168.0.1:3990/json/status?lang=en
   http://192.168.1.1:3990/json/status?lang=en
* Run:
* Run:
   /etc/rc.d ; ln -s ../init.d/chilli S70chilli
   /etc/rc.d ; ln -s ../init.d/chilli S70chilli


== 3b. Integrate coova-chilli + B.A.T.M.A.N.
* Do: (on mesh-node)
  uci set network.lan.ipaddr=0.0.0.0
  uci set network.wifi.proto=static
  uci set network.wifi.ipaddr=10.0.0.2
  uci set network.wifi.netmask=255.0.0.0
  uci commit


== 3b. Integrate coova-chilli + B.A.T.M.A.N.
== 4. install afromesh-* ==
* Run:
  make package/afromesh-widgets-compile V=99
  make package/index
  # scp ./build_dir/mipsel/meraka-widgets-0.1/village-bus-* root@192.168.20.200:/www/cgi-bin/
  opkg remove meraka-widgets 
  opkg install http://l-cube.artifactual.org.za/~antoine/firmware/packages/mipsel/meraka-widgets_0.1-1_mipsel.ipk 
  clear;opkg remove meraka-widgets;opkg update;opkg install http://192.168.20.100/~antoine/firmware/packages/mipsel/meraka-widgets_0.1-1_mipsel.ipk
  clear;opkg remove meraka-widgets;opkg install http://192.168.20.100/~antoine/firmware/packages/mipsel/meraka-widgets_0.1-1_mipsel.ipk
 
  clear;opkg remove afromesh-widgets;opkg install http://192.168.20.100/~antoine/firmware/packages/mipsel/afromesh-widgets_0.1-1_mipsel.ipk
 
 
= INSTALLATION AND CONFIGURATION FOR OPENMESH =
== 1. FLASHING OPENMESH ==
* Read:
  http://www.open-mesh.com/activekb/questions/8/Flashing+the+Accton+Mini-Router+with+ROBIN
  http://wiki.openwrt.org/OpenWrtDocs/Hardware/Fon/Fonera
 
= INSTALLATION AND CONFIGURATION FOR MERAKI =
 
== 1. FLASHING MERAKI ==
* Useful:
  screwdriver
  soldering iron
  A max232 and a handful of capacitors
  hammer (sledge)
* Read:
  http://sodoityourself.com/max232-serial-level-converter
  http://www.nslu2-linux.org/wiki/HowTo/TelnetIntoRedBoot
  http://wiki.openwrt.org/OpenWrtDocs/Hardware/Meraki/Mini
* Edit: (Baud rate)
  /Users/antoine/Projects/meraka/ext/kamikaze/target/linux/atheros/config-2.6.26
  /Users/antoine/Projects/meraka/ext/kamikaze/target/linux/atheros/config-2.6.27
* Do:
* Do:
   uci set network.lan.ipaddr=0.0.0.0
  Set computer/laptop ethernet to 192.168.84.9 and plug in Meraki
  -> Serial @ 115200
  ^C to break into redboot
* Test kernel:
  baudrate -b 9600
  -> Serial @ 9600
  load -r -d -b 0x80041000 -m http -p 80 -h 192.168.84.9 /~antoine/firmware/openwrt-atheros-vmlinux.gz   
  exec
  # ??? load -h 192.168.84.9 -p 80 -m http /~antoine/firmware/openwrt-atheros-vmlinux.elf
* Create partitions:
  fis delete linux
  fis delete rootfs
  # fis create -b 0x80041000 -l 0x340000 -f 0xa8150000 -e 0x80041000 -r 0x80041000 -n linux
  # fis create -b 0x80041000 -l 0x340000 -f 0xa8490000 -e 0x80041000 -r 0x80041000 -n rootfs
  fis list
* Flash the kernel and root filesystem -> OPTION 1: Boot directly from RedBoot
  load -r -b 0x80041000 -m http -p 80 -h 192.168.84.9 /~antoine/firmware/openwrt-atheros-vmlinux.gz
  fis create -r 0x80041000 -e 0x80041000 linux
  load -r -b 0x80041000 -m http -p 80 -h 192.168.84.9 /~antoine/firmware/openwrt-atheros-root.jffs2-64k
  fis create -r 0x80041000 -e 0x80041000 rootfs
** Test:
  fis load -d linux
  exec
** Activate:
  fconfig  (-l to show script)
  >> fis load -d linux
  >> exec
** For Reference the orig is:
  check_mac
  load art_ap51.elf
  go
  fis load stage2
  exec
* Flash the kernel and root filesystem -> OPTION 2: Booting using the Meraki stage2 loader
  TODO
 
== 2. CONFIGURING MERAKI ==
* Configure:
  uci delete network.lan.type
  uci set wireless.wifi0.disabled=0
  uci set network.wifi=interface
   uci set network.wifi.ifname=ath0
  uci set wireless.wifi0.channel=5
  uci set wireless.@wifi-iface[0].ssid=batman
  uci set wireless.@wifi-iface[0].mode=adhoc                # TODO - edit /etc/config/wireless -> config 'wifi-iface' 'cfg'
  uci set wireless.@wifi-iface[0].bssid="BB:BB:BB:BB:BB:BB"
  uci set wireless.@wifi-iface[0].network=wifi            # ??? was lan
  # uci set wireless.@wifi-iface[0].device=ath0            # ??? seems to be happy with being called wifi0
  uci commit
** Test:
  ifconfig ath0 10.0.0.3
* Bring eth0 up on local net:
  ifconfig eth0 192.168.20.201
  route add default gw 192.168.20.1
  vi /etc/resolv.conf 
* Edit: /etc/opkg.conf
  src packages http://l-cube.artifactual.org.za/~antoine/firmware/packages/mips 
* B.A.T.M.A.N:
  opkg install batmand
** Configure:
  rm /etc/rc.d/S45firewall
   uci set network.wifi.proto=static
   uci set network.wifi.proto=static
   uci set network.wifi.ipaddr=10.0.11.1
   uci set network.wifi.ipaddr=10.0.0.10
   uci set network.wifi.netmask=255.255.0.0
   uci set network.wifi.netmask=255.0.0.0
** Test:
  batmand -r 3 ath0  # Start BATMAN
  iptables -t nat -A POSTROUTING --source 192.168.1.0/24 -o gate0 -j MASQUERADE  # NAT any clients of this node
  batmand -c -d 2    # Monitor
 
 
 
 
 
= INSTALLATION AND CONFIGURATION FOR GATEWAY SERVER (Inveneo) =
 
== 0. Get OS install image onto a USB Stick ==
* xubuntu:
  . unetbootin
  . root (hd1,0)
  . kernel /casper/vmlinuz file=preseed/xubuntu.seed boot=casper
  . initrd /casper/initrd.gz
  . boot
* Puppy:
  . kernel /vmlinuz
  . initrd /initrd.gz
  . boot
 
== 1. Depends ==
* Starting with ubuntu-8.10 JEOS
  apt-get --no-install-recommends install ssh
  apt-get --no-install-recommends install mysql-server mysql-client mysql-common  (mysql admin password: 1nvene0)
  apt-get install freeradius freeradius-mysql
  apt-get install apache2
  ??? apt-get --no-install-recommends install dnsmasq
  (optional) apt-get install make gcc autoconf libtool libmysqlclient15-dev gdb
  (optional for vmware-tools) sudo apt-get install linux-headers-`uname -r` (From: http://www.marc-seeger.de/2008/08/06/vmware-tools-on-ubuntu-jeos/)
  (optional for vmware-tools) ln -s /usr/src/linux-headers-2.6.27-7-server /usr/src/linux
 
* Starting with xubuntu-8.10-rc desktop edition
  apt-get install ssh                                      (for openssh-server)
  apt-get install rrdtool snmp                            (needed for: phpMyPrepaid)
  apt-get install mysql-server mysql-client mysql-common  (needed for: phpMyPrepaid)
  apt-get install apache2                                  (needed for: phpMyPrepaid)
  apt-get install php5 php5-snmp php5-gd php5-mysql        (needed for: phpMyPrepaid)
  apt-get install freeradius freeradius-mysql
  apt-get install dnsmasq                                  (for dns/dhcp and tftp)
  wget http://ap.coova.org/chilli/coova-chilli_1.0.12-1_i386.deb
  dpkg -i ./coova-chilli_1.0.12-1_i386.deb
* Without php-myprepaid
  apt-get install freeradius
 
 
== 2. Configure Billing ==
* Read: man rlm_counter
        http://projects.asn.pl/freemods/wiki/rlm_backcounter
        http://www.warungdigital.com/freeradius-disconnected-user-when-time-limit-exceed.htm
* Edit: /etc/freeradius/modules/counter
  # check-name sets the maximum value of the counter & read from user db
  # count-attribute sets the counter increment
  counter prepaid {
          filename = ${db_dir}/db.prepaid
          counter-name = Prepaid-Session-Time
          check-name = Max-Prepaid-Session
          count-attribute = Acct-Session-Time
          key = User-Name
          reset = never
          reply-name = Session-Timeout
          cache-size = 1000
  }
* Edit: /etc/freeradius/radiusd.conf
  line 709 uncomment: daily
  line 710 add:      prepaid
* Edit: /etc/freeradius/sites-enabled/default
  line 166: uncomment daily
  line 167: add prepaid
  line 320: uncomment daily
  line 321: add prepaid
* Edit: /etc/freeradius/users.chilli -> Add to prepaid users:
  Max-Prepaid-Session=360
* Check:
  chown -R freerad:freerad /etc/freeradius
* Add: /etc/group
  www-data to freerad
 
== 3. Customer Management - dashboard server ==
* Read:
  !!! http://wiki.freeradius.org/Status
  http://wiki.freeradius.org/SNMP_HOWTO
  http://www.w3.org/TR/css3-layout/
* Do:
  ln -s /etc/freeradius/sites-available/status /etc/freeradius/sites-enabled/status
* Status:
  echo "Message-Authenticator = 0x00, FreeRADIUS-Statistics-Type = 31" | radclient localhost:18120 status adminsecret
  /var/log/freeradius/radutmp,  /var/log/freeradius/radwtmp
  radwho, radlast




Line 276: Line 543:




== 5. install meraka-* ==
== 5. install asterisk & a2billing ==
  make package/meraka-widgets-compile V=99
* Read:
  make package/index
  http://www.asterisk2billing.org/cgi-bin/trac.cgi/wiki/Installation%20Guide
  # scp ./build_dir/mipsel/meraka-widgets-0.1/village-bus-* root@192.168.20.200:/www/cgi-bin/
* Do:
  opkg remove meraka-widgets 
   wget http://www.asterisk2billing.org/downloads/A2Billing_1.3.4.tar.gz
   opkg install http://l-cube.artifactual.org.za/~antoine/firmware/packages/mipsel/meraka-widgets_0.1-1_mipsel.ipk    
   RTFM -> VOIP Lab C From IT46
 


  clear;opkg remove meraka-widgets;opkg install http://l-cube.artifactual.org.za/~antoine/firmware/packages/mipsel/meraka-widgets_0.1-1_mipsel.ipk


= INSTALLATION AND CONFIGURATION FOR GATEWAY SERVER (Inveneo) =
== 6. install, configure and create maps ==


== 0. Get Ubuntu JEOS onto a USB Stick ==
* Install
** Get a big hard drive
** Download the database
** Install software
** Import data


* xubuntu:
* Configure
  . unetbootin
** Configure dashboard with your location
  . root (hd1,0)
  . kernel /casper/vmlinuz file=preseed/xubuntu.seed boot=casper
  . initrd /casper/initrd.gz
  . boot
* Puppy:
  . kernel /vmlinuz
  . initrd /initrd.gz
  . boot


== . Configure Billing ==
* Creation   
* Read: man rlm_counter
** Mapnik updates weekly on Wednesdays, be sure to get changes in early!
        http://projects.asn.pl/freemods/wiki/rlm_backcounter
** Osma takes around 12 hours
        http://www.warungdigital.com/freeradius-disconnected-user-when-time-limit-exceed.htm
** Examples
* Edit: /etc/freeradius/modules/counter
  http://openstreetmap.org/edit?lat=-34.138061&lon=18.339733&zoom=15
  # check-name sets the maximum value of the counter & read from user db
  Trigger re-render:  http://www.informationfreeway.org/?lat=-34.138061&lon=18.339733&zoom=15&layers=B0000F000F
  # count-attribute sets the counter increment
   http://openstreetmap.org/?lat=-34.13962&lon=18.33913&zoom=17
  counter prepaid {
   Trigger re-render: Tile url + '/dirty' at the end
          filename = ${db_dir}/db.prepaid
          counter-name = Prepaid-Session-Time
          check-name = Max-Prepaid-Session
          count-attribute = Acct-Session-Time
          key = User-Name
          reset = never
          reply-name = Session-Timeout
          cache-size = 1000
   }
* Edit: /etc/freeradius/radiusd.conf
  line 709 uncomment: daily
   line 710 add:      prepaid
* Edit: /etc/freeradius/sites-enabled/default
  line 166: uncomment daily
  line 167: add prepaid
  line 320: uncomment daily
  line 321: add prepaid
* Edit: /etc/freeradius/users.chilli -> Add to prepaid users:
  Max-Prepaid-Session=360




== . Customer Management - dashboard server ==
= SIP BEHIND MESH ROUTER =
* Read:
* Read:
   !!! http://wiki.freeradius.org/Status
   http://siproxd.sourceforge.net/siproxd_guide/siproxd_guide_c7s4.html
   http://wiki.freeradius.org/SNMP_HOWTO
   http://forum.openwrt.org/viewtopic.php?id=9538
   http://www.w3.org/TR/css3-layout/
   http://forum.pfsense.org/index.php?topic=8928.msg53442
* Do:
* Install:
   ln -s /etc/freeradius/sites-available/status /etc/freeradius/sites-enabled/status
  opkg install siproxd libosip2
* Status:
  opkg install libltdl  # Argh - TODO - file a ticket against siproxd deps
   echo "Message-Authenticator = 0x00, FreeRADIUS-Statistics-Type = 31" | radclient localhost:18120 status adminsecret
  opkg install iptables-mod-nat-extra  # kmod-ipt-nat-extra
   /var/log/freeradius/radutmp,   /var/log/freeradius/radwtmp
* Edit: siproxd.conf
   radwho, radlast
  sip_listen_port = 5060
  daemonize = 1
  silence_log = 1
  user = nobody
   registration_file = /var/log/siproxd_registrations
  pid_file = /var/run/siproxd.pid
  rtp_proxy_enable = 1
  rtp_port_low = 7070
  rtp_port_high = 7089
  rtp_timeout = 300
  default_expires = 600
  debug_level = 0x00000000
  debug_port = 0
  if_inbound = eth0
  if_outbound = gate0
* Run:
   iptables -t nat -A PREROUTING -m udp -p udp -i eth0 --destination-port 5060 -j REDIRECT
  iptables -A INPUT -m udp -p udp -i gate0 --dport 5060      -j ACCEPT
  iptables -A INPUT -m udp -p udp -i gate0 --dport 7070:7089 -j ACCEPT
* Test:
   /usr/sbin/siproxd -d -1 --config /etc/siproxd.conf
* Run:
   uci set siproxd.general.config_file="/etc/siproxd.conf"
  uci commit
  ln -s ../init.d/siproxd S85siproxd
* Try:
   http://siproxd.sourceforge.net/siproxd_guide/siproxd_guide_c7s5.html

Latest revision as of 11:02, 7 July 2009


“ The greatest challenge to any thinker is stating the problem in a way that will allow a solution.
  - Bertrand Russell

“ Go to the people
Live among the people
Learn from the people
Plan with the people
Work with the people
Start with what the people know
Build on what the people have
Teach by showing; learn by doing
Not a showcase but a pattern
Not odds and ends but a system
Not a piecemeal but an integrated approach
Not to conform but to transform
Not relief but release
  - James Yen

ARCHITECTURE

Architecture

TESTBED

Test Bed

 2x Inveneo          (CSIR's)
 2x Linksys WRT54GL  (Antoine's)
 8x Meraki routers   (CSIR's)
 2x Accton routers   (Antoine's)



PREPARE DEVELOPMENT ENVIRONMENT

1. Check out sources

  • Check out meraka trunk
 TODO - we need a name for this code so that we can create a public source repo for it!
  • One of:
    • Check out: OpenWRT Kamikaze
 $ cd ~
 $ svn checkout https://svn.openwrt.org/openwrt/trunk/ kamikaze/
 $ cd kamikaze/
 $ ./scripts/feeds update -a                 # Checkout the extra packages
 $ ./scripts/feeds install <name_1> <name_2> # Creates the symlinks for the packages you like to install
 $ make menuconfig                           # Select your target, packages and other options. Only select the packages you need.
 $ make world
    • Symink to existing OpenWRT
 TODO

2. Configure OpenWRT

  • Read:
 http://wiki.openwrt.org/OpenWrtDocs/BuildingKamikazeHowTo
 http://wiki.openwrt.org/OpenWrtDocs/Packages
  • Do: Check out SVN version of coova-chilli
 cd package ; svn co http://dev.coova.org/svn/coova-ap/packages/kamikaze/coova-chilli ; cd ..
  • Run:
 ./scripts/feeds install libnetsnmp
 ./scripts/feeds install batmand
 ./scripts/feeds install batmand-adv
 ./scripts/feeds install libjson
 ./scripts/feeds install curl
  • Compile packages:
 make package/feeds/packages/net-snmp-compile
 make package/feeds/packages/libjson-c-compile
  • Select packages:
 Base->libpthread
 Administration->meraka-widgets
 Libraries->libjson
 Libraries->libcurl
 Libraries->libnetsnmp
 Libraries->libopenssl
 Network->Captive Portals->coova-chilli
 Network->batmand
 Network->curl


  • Edit: package/opkg/files/opkg.conf : 2
 src packages http://l-cube.artifactual.org.za/~antoine/firmware/packages/mipsel

3. Build Everything

  • Run:
 make
 TODO


INSTALLATION AND CONFIGURATION FOR LINKSYS WRT54G(L)

0. prepare router

  • Handy:
 nvram set boot_wait=on
 nvram commit
 wget http://l-cube.artifactual.org.za/~antoine/firmware/openwrt-brcm-2.4-squashfs.trx -O - | mtd -e linux -r write - linux
 opkg update
 opkg install snmpd ; ln -s ../init.d/snmpd S70snmpd

1. flash router

  • Run:
 wget http://l-cube.artifactual.org.za/~antoine/firmware/openwrt-brcm-2.4-squashfs.trx -O - | mtd -e linux -r write - linux

2.a. configure portal interface (when using wireless port for dev - DEPRECATE)

 uci delete network.lan.type
 uci set wireless.@wifi-iface[0].network=wifi      # TODO - that's whats with the numbers
  • DEPRECATE Append: /etc/config/network
 config 'interface' 'wifi'
         option 'ifname' 'wl0'
  • Run:
 uci set dhcp.lan.ignore=1
 uci set wireless.wl0.disabled=0 
 uci set network.wifi.ifname=wl0
 uci set network.wifi.proto=static
 uci set network.wifi.ipaddr=0.0.0.0
 uci commit
 reboot
  • Test:
 echo 1 > /proc/sys/net/ipv4/ip_forward
 iptables -I POSTROUTING -t nat -o eth0.0 -j MASQUERADE
  • Append: TODO
 echo "echo 1 > /proc/sys/net/ipv4/ip_forward" >> ???
 echo "iptables -I POSTROUTING -t nat -o eth0.0 -j MASQUERADE" >> ???

2.b. Configure router for B.A.T.M.A.N. (using lan port for dev)

  • Read:
 https://dev.open-mesh.net/svn/batman/trunk/batman-adv-kernelland/batman-core/README
 http://open-mesh.net/batman/doc/RoutingVodoo
 http://www.blogin.it/check-batman.html
 http://trac2.assembla.com/nightwing/browser/trunk/etc/config/batman
 http://trac2.assembla.com/nightwing/browser/trunk/etc/config/batman_mode
  • Run: (configure LAN interface)
 uci delete network.lan.type
 uci delete network.lan.gateway
 uci delete network.lan.dns
 uci set network.lan.ipaddr=192.168.1.1
 uci commit
  • Run: (temmporarily disable firewall so we can get in to the WAN interface from my own lan side)
 iptables --flush
  • Run: (OPTIONAL: configure WAN interface for a gateway mesh-node)
 uci set network.wan.proto=static
 uci set network.wan.ipaddr=192.168.20.200
 uci set network.wan.netmask=255.255.255.0
 uci set network.wan.dns=192.168.20.5
 uci set network.wan.gateway=192.168.20.1
 uci commit
  • Edit: /etc/config/wireless
 append 'cfg' to wifi-iface
  • Run: (bring up WIFI interface)
 uci set network.wifi=interface
 uci set network.wifi.ifname=wl0
 uci set wireless.wl0.disabled=0
 uci set wireless.wl0.channel=5
 uci set wireless.cfg.network=wifi
 uci set wireless.cfg.mode=adhoc              # TODO - wtf is it with the numbers ?
 uci set wireless.cfg.ssid=batman
 uci set wireless.cfg.bssid="BB:BB:BB:BB:BB:BB"
 uci commit 
 reboot
  • Append: /etc/opkg.conf (for some reason libpthread has gone missing from master)
 src packages http://l-cube.artifactual.org.za/~antoine/firmware/packages/mipsel
  • One of:
    • Run: (install BATMAN)
 opkg update
 opkg install kmod-batgat                           # gateway only
 opkg install batmand batmand-adv                   # TODO - how do we get the stable branch to install ?
    • Run:
 http://downloads.open-mesh.net/batman/stable/mipsel-kamikaze/batmand_0.3-current_mipsel-kk-elf-32-lsb-static.tgz
  • Configure: (gateway mesh-node)
 rm /etc/rc.d/S45firewall
 uci set network.wifi.proto=static
 uci set network.wifi.ipaddr=10.0.0.1
 uci set network.wifi.netmask=255.0.0.0
  • Configure: (normal mesh-node)
 rm /etc/rc.d/S45firewall
 uci set network.wifi.proto=static
 uci set network.wifi.ipaddr=10.0.0.2
 uci set network.wifi.netmask=255.0.0.0
 uci set network.lan.dns=192.168.20.5             # TODO - LOSE
  • Test: (on gateway mesh-node)
 iptables -t nat -A POSTROUTING -o eth0.1 -j MASQUERADE   # NAT mesh nodes
 batmand -g 100mbit wl0                                   # Start BATMAN
 batmand -s 192.168.20.226 -g 100mbit wl0                 # If you want viz
 batmand -c -d 1                                          # Monitor
 uci set batmand.general.interface=wl0
 uci set batmand.general.gateway_class=100mbit
 uci set batmand.general.visualisation_srv=192.168.20.226
 uci commit
  • Test: (on normal mesh-node)
 batmand -r 3 wl0
 batmand -s 192.168.20.226 -r 3 wl0
 uci set batmand.general.interface=wl0
 uci set batmand.general.routing_class=3
 uci set batmand.general.visualisation_srv=192.168.20.226
 uci commit
 # iptables -t nat -A POSTROUTING --source 192.168.0.0/24 -o gate0 -j MASQUERADE
 iptables -t nat -A POSTROUTING --source 192.168.1.0/24 -o gate0 -j MASQUERADE
 ifconfig eth0.0 0.0.0.0    # for portal
 /etc/init.d/chilli start   # for portal
  • Test: (on meraki normal mesh-node)
 batmand -r 3 ath0   # Start BATMAN
 batmand -s 192.168.20.226 -r 3 ath0                 # If you want viz
 iptables -t nat -A POSTROUTING --source 192.168.1.0/24 -o gate0 -j MASQUERADE   # NAT any clients of this node
 uci set batmand.general.interface=ath0
 uci set batmand.general.routing_class=3
 uci set batmand.general.visualisation_srv=192.168.20.226
 uci commit
  • Run:
 cd /etc/rc.d
 ln -s ../init.d/batmand S80batmand
  • Clean up before restarting BATMAN: - TODO


configure vis server

  • Read:
 https://list.open-mesh.net/pipermail/b.a.t.m.a.n/2008-November/001041.html
  • Do on dashboard:
 svn co http://downloads.open-mesh.net/svn/batman/trunk/ batman-svn
 cd batman-svn/vis
 make
 ./vis eth0


3. configure portal (coova-chilli)

  • Read:
 !!! http://hotcakes.wiki.sourceforge.net/Coova+Chilli+JSON+Interface
 !!! https://help.ubuntu.com/community/WifiDocs/CoovaChilli
 http://daloradius.wiki.sourceforge.net/Chillispot+Integration
 http://coova.org/wiki/index.php/CoovaChilli/JSON
 http://coova.org/wordpress/index.php/2007/08/15/any-page-a-login-page/
  • Run:
 opkg update
 opkg install kmod-tun
 opkg install http://l-cube.artifactual.org.za/~antoine/firmware/packages/mipsel/coova-chilli_1.0.12-1_mipsel.ipk
  • AUTO * Edit: /etc/chilli/defaults
 HS_WANIF=eth0.0    (gate0  for batman)
 HS_LANIF=wl0       (eth0.0 for batman)
 (HS_NETWORK=192.168.1.0/24 for batman)
 (HS_UAMLISTEN=192.168.1.1  for batman)
 HS_DNS1=10.1.0.1   (192.168.20.5)
 HS_RADIUS=192.168.20.225                           
 HS_RADIUS2=192.168.20.225    
 HS_ADMUSR=chillispot
 HS_ADMPWD=thechillispotsecret                      
 HS_RADSECRET=theradiussecret 
 HS_UAMSECRET=theuamsecret    
 HS_UAMALLOW=10.1.0.0/24,192.168.20.0/24   (192.168.1.0/24, 192.168.20.0/24)
 HS_UAMSERVER=10.1.0.1                     (192.168.1.1)
 HS_UAMHOMEPAGE=http://\$HS_UAMLISTEN:\$HS_UAMPORT/www/coova.html  # redirects to HS_UAMFORMAT
 HS_UAMFORMAT=http://\$HS_UAMSERVER:\$HS_UAMPORT/www/index.html    # does JSON login
 HS_UAMSERVICE=http://192.168.20.225/cgi-bin/uam.pl                # Generates pap-password - Needs perl
  • AUTO * Edit: meraka-portal/files/www/cgi-bin/uam.pl
 $uamsecret = "theaumsecret";
  • AUTO * Edit: /etc/chilli/www/ChilliLibrary.js:296
 var logonUrl = chilliController.urlRoot() + 'logon?username=' + escape(username) + '&response='  + resp.response;
  • Do on node:
 scp -r antoine@l-cube.artifactual.org.za:~/Projects/meraka/trunk/package/meraka-portal/files/* /
  • Do on dashboard-server:
 scp -r antoine@l-cube.artifactual.org.za:~/Projects/meraka/trunk/package/meraka-portal/files/www/cgi-bin/* /usr/lib/cgi-bin
  • Test:
 reboot
 #echo 1 > /proc/sys/net/ipv4/ip_forward
 #iptables -I POSTROUTING -t nat -o eth0.0 -j MASQUERADE
 ifconfig eth0.0 0.0.0.0 # (BATMAN)
 /etc/init.d/chilli start
 http://192.168.1.1:3990/json/status?lang=en
  • Run:
  /etc/rc.d ; ln -s ../init.d/chilli S70chilli

== 3b. Integrate coova-chilli + B.A.T.M.A.N.

  • Do: (on mesh-node)
 uci set network.lan.ipaddr=0.0.0.0
 uci set network.wifi.proto=static
 uci set network.wifi.ipaddr=10.0.0.2
 uci set network.wifi.netmask=255.0.0.0
 uci commit

4. install afromesh-*

  • Run:
  make package/afromesh-widgets-compile V=99
  make package/index
  # scp ./build_dir/mipsel/meraka-widgets-0.1/village-bus-* root@192.168.20.200:/www/cgi-bin/
 opkg remove meraka-widgets  
 opkg install http://l-cube.artifactual.org.za/~antoine/firmware/packages/mipsel/meraka-widgets_0.1-1_mipsel.ipk   
 clear;opkg remove meraka-widgets;opkg update;opkg install http://192.168.20.100/~antoine/firmware/packages/mipsel/meraka-widgets_0.1-1_mipsel.ipk
 clear;opkg remove meraka-widgets;opkg install http://192.168.20.100/~antoine/firmware/packages/mipsel/meraka-widgets_0.1-1_mipsel.ipk
 clear;opkg remove afromesh-widgets;opkg install http://192.168.20.100/~antoine/firmware/packages/mipsel/afromesh-widgets_0.1-1_mipsel.ipk


INSTALLATION AND CONFIGURATION FOR OPENMESH

1. FLASHING OPENMESH

  • Read:
 http://www.open-mesh.com/activekb/questions/8/Flashing+the+Accton+Mini-Router+with+ROBIN
 http://wiki.openwrt.org/OpenWrtDocs/Hardware/Fon/Fonera

INSTALLATION AND CONFIGURATION FOR MERAKI

1. FLASHING MERAKI

  • Useful:
 screwdriver
 soldering iron
 A max232 and a handful of capacitors
 hammer (sledge)
  • Read:
 http://sodoityourself.com/max232-serial-level-converter
 http://www.nslu2-linux.org/wiki/HowTo/TelnetIntoRedBoot
 http://wiki.openwrt.org/OpenWrtDocs/Hardware/Meraki/Mini
  • Edit: (Baud rate)
 /Users/antoine/Projects/meraka/ext/kamikaze/target/linux/atheros/config-2.6.26
 /Users/antoine/Projects/meraka/ext/kamikaze/target/linux/atheros/config-2.6.27
  • Do:
 Set computer/laptop ethernet to 192.168.84.9 and plug in Meraki
 -> Serial @ 115200
 ^C to break into redboot
  • Test kernel:
 baudrate -b 9600
 -> Serial @ 9600
 load -r -d -b 0x80041000 -m http -p 80 -h 192.168.84.9 /~antoine/firmware/openwrt-atheros-vmlinux.gz    
 exec
 # ??? load -h 192.168.84.9 -p 80 -m http /~antoine/firmware/openwrt-atheros-vmlinux.elf
  • Create partitions:
 fis delete linux
 fis delete rootfs
 # fis create -b 0x80041000 -l 0x340000 -f 0xa8150000 -e 0x80041000 -r 0x80041000 -n linux 
 # fis create -b 0x80041000 -l 0x340000 -f 0xa8490000 -e 0x80041000 -r 0x80041000 -n rootfs
 fis list
  • Flash the kernel and root filesystem -> OPTION 1: Boot directly from RedBoot
 load -r -b 0x80041000 -m http -p 80 -h 192.168.84.9 /~antoine/firmware/openwrt-atheros-vmlinux.gz
 fis create -r 0x80041000 -e 0x80041000 linux
 load -r -b 0x80041000 -m http -p 80 -h 192.168.84.9 /~antoine/firmware/openwrt-atheros-root.jffs2-64k
 fis create -r 0x80041000 -e 0x80041000 rootfs
    • Test:
 fis load -d linux
 exec
    • Activate:
 fconfig  (-l to show script)
 >> fis load -d linux
 >> exec
    • For Reference the orig is:
 check_mac
 load art_ap51.elf
 go
 fis load stage2
 exec
  • Flash the kernel and root filesystem -> OPTION 2: Booting using the Meraki stage2 loader
 TODO

2. CONFIGURING MERAKI

  • Configure:
 uci delete network.lan.type
 uci set wireless.wifi0.disabled=0
 uci set network.wifi=interface
 uci set network.wifi.ifname=ath0 
 uci set wireless.wifi0.channel=5
 uci set wireless.@wifi-iface[0].ssid=batman
 uci set wireless.@wifi-iface[0].mode=adhoc                # TODO - edit /etc/config/wireless -> config 'wifi-iface' 'cfg'
 uci set wireless.@wifi-iface[0].bssid="BB:BB:BB:BB:BB:BB"
 uci set wireless.@wifi-iface[0].network=wifi            # ??? was lan
 # uci set wireless.@wifi-iface[0].device=ath0             # ??? seems to be happy with being called wifi0
 uci commit
    • Test:
 ifconfig ath0 10.0.0.3
  • Bring eth0 up on local net:
 ifconfig eth0 192.168.20.201
 route add default gw 192.168.20.1
 vi /etc/resolv.conf  
  • Edit: /etc/opkg.conf
 src packages http://l-cube.artifactual.org.za/~antoine/firmware/packages/mips  
  • B.A.T.M.A.N:
 opkg install batmand
    • Configure:
 rm /etc/rc.d/S45firewall
 uci set network.wifi.proto=static
 uci set network.wifi.ipaddr=10.0.0.10
 uci set network.wifi.netmask=255.0.0.0
    • Test:
 batmand -r 3 ath0   # Start BATMAN
 iptables -t nat -A POSTROUTING --source 192.168.1.0/24 -o gate0 -j MASQUERADE   # NAT any clients of this node
 batmand -c -d 2     # Monitor



INSTALLATION AND CONFIGURATION FOR GATEWAY SERVER (Inveneo)

0. Get OS install image onto a USB Stick

  • xubuntu:
 . unetbootin
 . root (hd1,0)
 . kernel /casper/vmlinuz file=preseed/xubuntu.seed boot=casper
 . initrd /casper/initrd.gz
 . boot
  • Puppy:
 . kernel /vmlinuz
 . initrd /initrd.gz
 . boot

1. Depends

  • Starting with ubuntu-8.10 JEOS
 apt-get --no-install-recommends install ssh
 apt-get --no-install-recommends install mysql-server mysql-client mysql-common  (mysql admin password: 1nvene0)
 apt-get install freeradius freeradius-mysql
 apt-get install apache2
 ??? apt-get --no-install-recommends install dnsmasq
 (optional) apt-get install make gcc autoconf libtool libmysqlclient15-dev gdb 
 (optional for vmware-tools) sudo apt-get install linux-headers-`uname -r` (From: http://www.marc-seeger.de/2008/08/06/vmware-tools-on-ubuntu-jeos/)
 (optional for vmware-tools) ln -s /usr/src/linux-headers-2.6.27-7-server /usr/src/linux
  • Starting with xubuntu-8.10-rc desktop edition
 apt-get install ssh                                      (for openssh-server)
 apt-get install rrdtool snmp                             (needed for: phpMyPrepaid)
 apt-get install mysql-server mysql-client mysql-common   (needed for: phpMyPrepaid)
 apt-get install apache2                                  (needed for: phpMyPrepaid)
 apt-get install php5 php5-snmp php5-gd php5-mysql        (needed for: phpMyPrepaid)
 apt-get install freeradius freeradius-mysql
 apt-get install dnsmasq                                  (for dns/dhcp and tftp)
 wget http://ap.coova.org/chilli/coova-chilli_1.0.12-1_i386.deb
 dpkg -i ./coova-chilli_1.0.12-1_i386.deb 
  • Without php-myprepaid
 apt-get install freeradius


2. Configure Billing

  • Read: man rlm_counter
       http://projects.asn.pl/freemods/wiki/rlm_backcounter
       http://www.warungdigital.com/freeradius-disconnected-user-when-time-limit-exceed.htm
  • Edit: /etc/freeradius/modules/counter
 # check-name sets the maximum value of the counter & read from user db
 # count-attribute sets the counter increment
 counter prepaid {
         filename = ${db_dir}/db.prepaid
         counter-name = Prepaid-Session-Time
         check-name = Max-Prepaid-Session
         count-attribute = Acct-Session-Time
         key = User-Name
         reset = never
         reply-name = Session-Timeout
         cache-size = 1000
 }
  • Edit: /etc/freeradius/radiusd.conf
 line 709 uncomment: daily
 line 710 add:       prepaid
  • Edit: /etc/freeradius/sites-enabled/default
 line 166: uncomment daily
 line 167: add prepaid
 line 320: uncomment daily
 line 321: add prepaid
  • Edit: /etc/freeradius/users.chilli -> Add to prepaid users:
 Max-Prepaid-Session=360
  • Check:
 chown -R freerad:freerad /etc/freeradius
  • Add: /etc/group
 www-data to freerad

3. Customer Management - dashboard server

  • Read:
 !!! http://wiki.freeradius.org/Status
 http://wiki.freeradius.org/SNMP_HOWTO
 http://www.w3.org/TR/css3-layout/
  • Do:
 ln -s /etc/freeradius/sites-available/status /etc/freeradius/sites-enabled/status
  • Status:
 echo "Message-Authenticator = 0x00, FreeRADIUS-Statistics-Type = 31" | radclient localhost:18120 status adminsecret
 /var/log/freeradius/radutmp,   /var/log/freeradius/radwtmp
 radwho, radlast


4a. configure flatfile authentication (freeradius - running on dashboard server -> ubuntu JEOS)

  • Read:
 !!! http://coova.org/wiki/index.php/CoovaChilli/RADIUS
 http://wiki.freeradius.org/index.php/FreeRADIUS_Wiki:FAQ#How_do_I_get_radius_to_pick_up_changes_in_the_raddb.2Fusers_file.3F
  • Run:
 apt-get install freeradius
  • Edit: /etc/freeradius/radiusd.conf:113
 pidfile = /var/run/freeradius/freeradius.pid
  • Edit: /etc/freeradius/clients.conf
 client 192.168.20.0/24 {
   secret     = theradiussecret
   shortname  = meshportal
   #nastype    = other
 }
  • Edit: /etc/freeradius/users
 $INCLUDE users.chilli
 DEFAULT Auth-Type := Reject
         Reply-Message = "Login attempt failed.",
         Fall-Through = No
  • Create: /etc/freeradius/users.chilli
 chillispot     ClearText-Password := "thechillispotsecret"
 joe            ClearText-Password := "smith"
 guest          ClearText-Password := "guest"
                Session-Timeout = 300,
                Idle-Timeout = 60,
                WISPr-Bandwidth-Max-Up = 64000,
                WISPr-Bandwidth-Max-Down = 32000
 prepaid        ClearText-Password := "prepaid", Max-Prepaid-Session := 3600
                Reply-Message := "%{Session-Timeout} left %{User-Name}."
  • Test:
 radiusd -X
 radtest chillispot chillispot 192.168.20.225 10 theradiussecret
 /etc/init.d/freeradius start
 kill -1 `cat /var/run/freeradius/freeradius.pid`
  • Edit: /etc/group (Permissions)
 freerad:x:124:www-data
  • Run: (Permissions)
 chmod -R g+w /etc/freeradius
  • Run:
 copy over our custom radius users files&dir


4b. configure mysql authentication (freeradius - running on dashboard server -> ubuntu JEOS)

  • Install:
 apt-get install libmysqlclient-dev
  • Edit: /etc/freeradius/users (disable flat file user entries)
 . comment out users.chilli include and DEFAULT rule
  • Edit: /etc/freeradius/sql.conf
 database = "mysql"
 server = "localhost"
 login = "radius"
 password = "radpass"
 radius_db = "radius"
  • Edit: /etc/freeradius/sites-enabled/default
 authorize:152 -> sql
 accounting:344 -> sql
 session:369 -> sql
 post-auth:396 -> sql
  • Edit: village-bus-radius/Makefile
 .set correct mysql username and password
  • Run: (create radius tables for mysql)
 make mysql
  • Run: (populate radius tables for mysql with defaults & test data)
 make mysql-populate


5. install asterisk & a2billing

  • Read:
 http://www.asterisk2billing.org/cgi-bin/trac.cgi/wiki/Installation%20Guide
  • Do:
 wget http://www.asterisk2billing.org/downloads/A2Billing_1.3.4.tar.gz
 RTFM -> VOIP Lab C From IT46


6. install, configure and create maps

  • Install
    • Get a big hard drive
    • Download the database
    • Install software
    • Import data
  • Configure
    • Configure dashboard with your location
  • Creation
    • Mapnik updates weekly on Wednesdays, be sure to get changes in early!
    • Osma takes around 12 hours
    • Examples
 http://openstreetmap.org/edit?lat=-34.138061&lon=18.339733&zoom=15
 Trigger re-render:  http://www.informationfreeway.org/?lat=-34.138061&lon=18.339733&zoom=15&layers=B0000F000F
 http://openstreetmap.org/?lat=-34.13962&lon=18.33913&zoom=17
 Trigger re-render: Tile url + '/dirty' at the end


SIP BEHIND MESH ROUTER

  • Read:
 http://siproxd.sourceforge.net/siproxd_guide/siproxd_guide_c7s4.html
 http://forum.openwrt.org/viewtopic.php?id=9538
 http://forum.pfsense.org/index.php?topic=8928.msg53442
  • Install:
 opkg install siproxd libosip2
 opkg install libltdl   # Argh - TODO - file a ticket against siproxd deps
 opkg install iptables-mod-nat-extra  # kmod-ipt-nat-extra
  • Edit: siproxd.conf
 sip_listen_port = 5060
 daemonize = 1
 silence_log = 1
 user = nobody
 registration_file = /var/log/siproxd_registrations
 pid_file = /var/run/siproxd.pid
 rtp_proxy_enable = 1
 rtp_port_low = 7070
 rtp_port_high = 7089
 rtp_timeout = 300
 default_expires = 600
 debug_level = 0x00000000
 debug_port = 0
 if_inbound = eth0
 if_outbound = gate0
  • Run:
 iptables -t nat -A PREROUTING -m udp -p udp -i eth0 --destination-port 5060 -j REDIRECT
 iptables -A INPUT -m udp -p udp -i gate0 --dport 5060      -j ACCEPT
 iptables -A INPUT -m udp -p udp -i gate0 --dport 7070:7089 -j ACCEPT
  • Test:
 /usr/sbin/siproxd -d -1 --config /etc/siproxd.conf
  • Run:
 uci set siproxd.general.config_file="/etc/siproxd.conf"
 uci commit
 ln -s ../init.d/siproxd S85siproxd
  • Try:
 http://siproxd.sourceforge.net/siproxd_guide/siproxd_guide_c7s5.html