Changeset 1422 for trunk/wifidog/contrib/build-openwrt-whiterussianipk/wifidog/files/wifidog.conf

Timestamp:

09/25/09 18:38:13 (3 years ago)

Author:

gbastien

Message:

* Release 20090925
* Update contrib Makefiles

Files:

• trunk/wifidog/contrib/build-openwrt-whiterussianipk/wifidog/files/wifidog.conf (modified) (10 diffs)

trunk/wifidog/contrib/build-openwrt-whiterussianipk/wifidog/files/wifidog.conf

@@ -1 @@
-# $Id: wifidog.conf 1162 2007-01-06 23:51:02Z benoitg $
+# $Id: wifidog.conf 1375 2008-09-30 10:20:06Z wichert $
 # WiFiDog Configuration file
 
@@ -7 +7 @@
 #
 # Set this to the node ID on the auth server
-# this is used to give a customized login page to the clients and for
-# monitoring/statistics purpose
+# This is used to give a customized login page to the clients and for
+# monitoring/statistics purpose. If you run multiple gateways on the same
+# machine each gateway needs to have a different gateway id.
 # If none is supplied, the mac address of the GatewayInterface interface will be used,
 # without the : separators
@@ -18 +19 @@
 # Optional
 #
-# Set this to the external interface.  Typically vlan1 for OpenWrt, and eth0 or ppp0 otherwise,
+# Set this to the external interface (the one going out to the Inernet or your larger LAN).  
+# Typically vlan1 for OpenWrt, and eth0 or ppp0 otherwise,
 # Normally autodetected
 
@@ -27 +29 @@
 # Mandatory
 #
-# Set this to the internal interface.    Typically br0 for OpenWrt, and eth1 otherwise
+# Set this to the internal interface (typically your wifi interface).    
+# Typically br0 for whiterussian, br-lan for kamikaze (by default the wifi interface is bridged with wired lan in openwrt)
+# and eth1, wlan0, ath0, etc. otherwise
+# You can get this interface with the ifconfig command and finding your wifi interface
 
 GatewayInterface br0
@@ -35 +40 @@
 # Optional
 #
-# Set this to the internal IP address of the gateway
+# Set this to the internal IP address of the gateway.  Not normally required.
 
 # GatewayAddress 192.168.1.1
+
+# Parameter: HtmlMessageFile
+# Default: wifidog-msg.html
+# Optional
+#
+# This allows you to specify a custome HTML file which will be used for
+# system errors by the gateway. Any $title, $message and $node variables
+# used inside the file will be replaced.
+#
+# HtmlMessageFile /opt/wifidog/etc/wifidog-.html
 
 # Parameter: AuthServer
@@ -47 +62 @@
 # WiFiDog-auth resides in and the port it listens on.
 #AuthServer {
-#       Hostname      (Mandatory; Default: NONE)
-#       SSLAvailable  (Optional; Default: no; Possible values: yes, no)
-#       SSLPort 443   (Optional; Default: 443)
-#       HTTPPort 80   (Optional; Default: 80)
-#       Path wifidog/ (Optional; Default: /wifidog/ Note:  The path must be both prefixed and suffixed by /.  Use a single / for server root.)
+#       Hostname                 (Mandatory; Default: NONE)
+#       SSLAvailable             (Optional; Default: no; Possible values: yes, no)
+#       SSLPort                  (Optional; Default: 443)
+#       HTTPPort                 (Optional; Default: 80)
+#       Path                     (Optional; Default: /wifidog/ Note:  The path must be both prefixed and suffixed by /.  Use a single / for server root.)
+#   LoginScriptPathFragment  (Optional; Default: login/? Note:  This is the script the user will be sent to for login.)
+#   PortalScriptPathFragment (Optional; Default: portal/? Note:  This is the script the user will be sent to after a successfull login.)
+#   MsgScriptPathFragment    (Optional; Default: gw_message.php? Note:  This is the script the user will be sent to upon error to read a readable message.)
+#   PingScriptPathFragment    (Optional; Default: ping/? Note:  This is the script the user will be sent to upon error to read a readable message.)
+#   AuthScriptPathFragment    (Optional; Default: auth/? Note:  This is the script the user will be sent to upon error to read a readable message.)
 #}
 
@@ -66 +86 @@
 #}
 
-# Parameter: Portal
-# Default: none
-# Optional
-#
-# Set this to a URL for your portal, if you run without an auth server
-# Portal http://www.ilesansfil.org/
-
 # Parameter: Daemon
 # Default: 1
@@ -100 +113 @@
 # How many sockets to listen to
 # HTTPDMaxConn 10
+
+# Parameter: HTTPDRealm
+# Default: WiFiDog
+# Optional
+#
+# The name of the HTTP authentication realm. This only used when a user
+# tries to access a protected WiFiDog internal page. See HTTPUserName.
+# HTTPDRealm WiFiDog
+
+# Parameter: HTTPDUserName / HTTPDPassword
+# Default: unset
+# Optional
+#
+# The gateway exposes some information such as the status page through its web
+# interface. This information can be protected with a username and password,
+# which can be set through the HTTPDUserName and HTTPDPassword parameters.
+# HTTPDUserName admin
+# HTTPDPassword secret
 
 # Parameter: CheckInterval
@@ -144 +175 @@
 # Used for rules to be applied to all other rulesets except locked.
 FirewallRuleSet global {
-    # This is the default config for the Teliphone service.
+    ## To block SMTP out, as it's a tech support nightmare, and a legal liability
+    #FirewallRule block tcp port 25
+    
+    ## Use the following if you don't want clients to be able to access machines on 
+    ## the private LAN that gives internet access to wifidog.  Note that this is not
+    ## client isolation;  The laptops will still be able to talk to one another, as
+    ## well as to any machine bridged to the wifi of the router.
+    # FirewallRule block to 192.168.0.0/16
+    # FirewallRule block to 172.16.0.0/12
+    # FirewallRule block to 10.0.0.0/8
+    
+    ## This is an example ruleset for the Teliphone service.
     #FirewallRule allow udp to 69.90.89.192/27
     #FirewallRule allow udp to 69.90.85.0/27
     #FirewallRule allow tcp port 80 to 69.90.89.205
-    # To block SMTP out, as it's a tech support nightmare, and a legal liability
-    #FirewallRule block tcp port 25
 }
 
@@ -180 +220 @@
 # Rule Set: locked-users
 #
-# Used for users that have been locked out.
+# Not currently used
 FirewallRuleSet locked-users {
     FirewallRule block to 0.0.0.0/0