Ticket #781 (new Feature Request)

Opened 7 years ago

Successful login, but still blocked...

Reported by: monkeyhunter0@… Owned by:
Priority: normal Milestone: Not yet assigned to a Milestone
Component: Gateway and Auth server Version: Gateway 20090925
Keywords: Cc:

Description

My internet If is eth0 (192.168.1.0 network). my wifi ap IF is wlan1 (192.168.242.0 network).

The following is my iptalbes-save rules set by wifidog only(in my linux box, there's no other application interference): # iptables-save # Generated by iptables-save v1.4.4 on Mon Nov 15 21:33:49 2010 *nat :PREROUTING ACCEPT [5501:442295] :POSTROUTING ACCEPT [1266:84147] :OUTPUT ACCEPT [1266:84147] :WiFiDog_wlan0_AuthServers - [0:0] :WiFiDog_wlan0_Global - [0:0] :WiFiDog_wlan0_Outgoing - [0:0] :WiFiDog_wlan0_Unknown - [0:0] :WiFiDog_wlan0_WIFI2Internet - [0:0] :WiFiDog_wlan0_WIFI2Router - [0:0] :WiFiDog_wlan1_AuthServers - [0:0] :WiFiDog_wlan1_Global - [0:0] :WiFiDog_wlan1_Outgoing - [0:0] :WiFiDog_wlan1_Unknown - [0:0] :WiFiDog_wlan1_WIFI2Internet - [0:0] :WiFiDog_wlan1_WIFI2Router - [0:0] -A PREROUTING -i wlan0 -j WiFiDog_wlan0_Outgoing -A PREROUTING -i wlan1 -j WiFiDog_wlan1_Outgoing -A WiFiDog_wlan0_AuthServers -d 127.0.0.1/32 -j ACCEPT -A WiFiDog_wlan0_Outgoing -d 192.168.1.49/32 -j WiFiDog_wlan0_WIFI2Router -A WiFiDog_wlan0_Outgoing -j WiFiDog_wlan0_WIFI2Internet -A WiFiDog_wlan0_Unknown -j WiFiDog_wlan0_AuthServers -A WiFiDog_wlan0_Unknown -j WiFiDog_wlan0_Global -A WiFiDog_wlan0_Unknown -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 2060 -A WiFiDog_wlan0_WIFI2Internet -m mark --mark 0x2 -j ACCEPT -A WiFiDog_wlan0_WIFI2Internet -m mark --mark 0x1 -j ACCEPT -A WiFiDog_wlan0_WIFI2Internet -j WiFiDog_wlan0_Unknown -A WiFiDog_wlan0_WIFI2Router -j ACCEPT -A WiFiDog_wlan1_AuthServers -d 127.0.0.1/32 -j ACCEPT -A WiFiDog_wlan1_Global -p icmp -j ACCEPT -A WiFiDog_wlan1_Outgoing -d 192.168.242.1/32 -j WiFiDog_wlan1_WIFI2Router -A WiFiDog_wlan1_Outgoing -j WiFiDog_wlan1_WIFI2Internet -A WiFiDog_wlan1_Unknown -j WiFiDog_wlan1_AuthServers -A WiFiDog_wlan1_Unknown -j WiFiDog_wlan1_Global -A WiFiDog_wlan1_Unknown -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 2060 -A WiFiDog_wlan1_WIFI2Internet -m mark --mark 0x2 -j ACCEPT -A WiFiDog_wlan1_WIFI2Internet -m mark --mark 0x1 -j ACCEPT -A WiFiDog_wlan1_WIFI2Internet -j WiFiDog_wlan1_Unknown -A WiFiDog_wlan1_WIFI2Router -j ACCEPT COMMIT # Completed on Mon Nov 15 21:33:49 2010 # Generated by iptables-save v1.4.4 on Mon Nov 15 21:33:49 2010 *mangle :PREROUTING ACCEPT [224240:87552377] :INPUT ACCEPT [215165:86881063] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [199481:17862812] :POSTROUTING ACCEPT [126188:13497475] :WiFiDog_wlan0_Incoming - [0:0] :WiFiDog_wlan0_Outgoing - [0:0] :WiFiDog_wlan0_Trusted - [0:0] :WiFiDog_wlan1_Incoming - [0:0] :WiFiDog_wlan1_Outgoing - [0:0] :WiFiDog_wlan1_Trusted - [0:0] -A PREROUTING -i wlan1 -j WiFiDog_wlan1_Trusted -A PREROUTING -i wlan1 -j WiFiDog_wlan1_Outgoing -A POSTROUTING -o wlan1 -j WiFiDog_wlan1_Incoming -A POSTROUTING -o wlan0 -j WiFiDog_wlan0_Incoming COMMIT # Completed on Mon Nov 15 21:33:49 2010 # Generated by iptables-save v1.4.4 on Mon Nov 15 21:33:49 2010 *filter :INPUT ACCEPT [215476:87089823] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [199713:17876135] :WiFiDog_wlan0_AuthServers - [0:0] :WiFiDog_wlan0_Global - [0:0] :WiFiDog_wlan0_Known - [0:0] :WiFiDog_wlan0_Locked - [0:0] :WiFiDog_wlan0_Unknown - [0:0] :WiFiDog_wlan0_Validate - [0:0] :WiFiDog_wlan0_WIFI2Internet - [0:0] :WiFiDog_wlan1_AuthServers - [0:0] :WiFiDog_wlan1_Global - [0:0] :WiFiDog_wlan1_Known - [0:0] :WiFiDog_wlan1_Locked - [0:0] :WiFiDog_wlan1_Unknown - [0:0] :WiFiDog_wlan1_Validate - [0:0] :WiFiDog_wlan1_WIFI2Internet - [0:0] -A FORWARD -i wlan1 -j WiFiDog_wlan1_WIFI2Internet -A FORWARD -i wlan0 -j WiFiDog_wlan0_WIFI2Internet -A WiFiDog_wlan0_AuthServers -d 127.0.0.1/32 -j ACCEPT -A WiFiDog_wlan0_Known -j ACCEPT -A WiFiDog_wlan0_Locked -j REJECT --reject-with icmp-port-unreachable -A WiFiDog_wlan0_Unknown -p udp -m udp --dport 53 -j ACCEPT -A WiFiDog_wlan0_Unknown -p tcp -m tcp --dport 53 -j ACCEPT -A WiFiDog_wlan0_Unknown -p udp -m udp --dport 67 -j ACCEPT -A WiFiDog_wlan0_Unknown -p tcp -m tcp --dport 67 -j ACCEPT -A WiFiDog_wlan0_Unknown -j REJECT --reject-with icmp-port-unreachable -A WiFiDog_wlan0_Validate -j ACCEPT -A WiFiDog_wlan0_WIFI2Internet -m state --state INVALID -j DROP -A WiFiDog_wlan0_WIFI2Internet -o wlan0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu -A WiFiDog_wlan0_WIFI2Internet -j WiFiDog_wlan0_AuthServers -A WiFiDog_wlan0_WIFI2Internet -m mark --mark 0x254 -j WiFiDog_wlan0_Locked -A WiFiDog_wlan0_WIFI2Internet -j WiFiDog_wlan0_Global -A WiFiDog_wlan0_WIFI2Internet -m mark --mark 0x1 -j WiFiDog_wlan0_Validate -A WiFiDog_wlan0_WIFI2Internet -m mark --mark 0x2 -j WiFiDog_wlan0_Known -A WiFiDog_wlan0_WIFI2Internet -j WiFiDog_wlan0_Unknown -A WiFiDog_wlan1_AuthServers -d 127.0.0.1/32 -j ACCEPT -A WiFiDog_wlan1_Global -p icmp -j ACCEPT -A WiFiDog_wlan1_Known -j ACCEPT -A WiFiDog_wlan1_Locked -j REJECT --reject-with icmp-port-unreachable -A WiFiDog_wlan1_Unknown -p udp -m udp --dport 53 -j ACCEPT -A WiFiDog_wlan1_Unknown -p tcp -m tcp --dport 53 -j ACCEPT -A WiFiDog_wlan1_Unknown -p udp -m udp --dport 67 -j ACCEPT -A WiFiDog_wlan1_Unknown -p tcp -m tcp --dport 67 -j ACCEPT -A WiFiDog_wlan1_Unknown -j REJECT --reject-with icmp-port-unreachable -A WiFiDog_wlan1_Validate -j ACCEPT -A WiFiDog_wlan1_WIFI2Internet -m state --state INVALID -j DROP -A WiFiDog_wlan1_WIFI2Internet -o eth0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu -A WiFiDog_wlan1_WIFI2Internet -j WiFiDog_wlan1_AuthServers -A WiFiDog_wlan1_WIFI2Internet -m mark --mark 0x254 -j WiFiDog_wlan1_Locked -A WiFiDog_wlan1_WIFI2Internet -j WiFiDog_wlan1_Global -A WiFiDog_wlan1_WIFI2Internet -m mark --mark 0x1 -j WiFiDog_wlan1_Validate -A WiFiDog_wlan1_WIFI2Internet -m mark --mark 0x2 -j WiFiDog_wlan1_Known -A WiFiDog_wlan1_WIFI2Internet -j WiFiDog_wlan1_Unknown COMMIT # Completed on Mon Nov 15 21:33:49 2010


And after sucessful login, the wifidog -f -d 7 console echos:

[6][Mon Nov 15 21:35:23 2010][19725](centralserver.c:168) Auth server returned authentication code 1 [7][Mon Nov 15 21:35:23 2010][19725](auth.c:126) Locking client list [7][Mon Nov 15 21:35:23 2010][19725](auth.c:126) Client list locked [6][Mon Nov 15 21:35:23 2010][19725](auth.c:184) Got ALLOWED from central server authenticating token c795da5a86a7cb2d04b45b289c115c3a from 192.168.242.123 at 00:e0:4c:01:81:ad - adding to firewall and redirecting them to portal [7][Mon Nov 15 21:35:23 2010][19725](firewall.c:94) Allowing 192.168.242.123 00:e0:4c:01:81:ad with fw_connection_state 2 [7][Mon Nov 15 21:35:23 2010][19725](fw_iptables.c:111) Executing command: iptables -t mangle -A WiFiDog_wlan1_Outgoing -s 192.168.242.123 -m mac --mac-source 00:e0:4c:01:81:ad -j MARK --set-mark 2 [7][Mon Nov 15 21:35:23 2010][19725](util.c:122) Waiting for PID 19959 to exit [7][Mon Nov 15 21:35:23 2010][19725](gateway.c:259) Handler for SIGCHLD called. Trying to reap a child [7][Mon Nov 15 21:35:23 2010][19725](gateway.c:263) Handler for SIGCHLD reaped child PID -1 [7][Mon Nov 15 21:35:23 2010][19725](util.c:124) Process PID 19959 exited [7][Mon Nov 15 21:35:23 2010][19725](fw_iptables.c:111) Executing command: iptables -t mangle -A WiFiDog_wlan1_Incoming -d 192.168.242.123 -j ACCEPT [7][Mon Nov 15 21:35:23 2010][19725](gateway.c:259) Handler for SIGCHLD called. Trying to reap a child [7][Mon Nov 15 21:35:23 2010][19725](gateway.c:263) Handler for SIGCHLD reaped child PID 19964 [7][Mon Nov 15 21:35:23 2010][19725](util.c:122) Waiting for PID 19964 to exit [7][Mon Nov 15 21:35:23 2010][19725](util.c:124) Process PID -1 exited [3][Mon Nov 15 21:35:23 2010][19725](fw_iptables.c:118) iptables command failed(8): iptables -t mangle -A WiFiDog_wlan1_Incoming -d 192.168.242.123 -j ACCEPT [7][Mon Nov 15 21:35:23 2010][19725](http.c:208) Redirecting client browser to  http://wireless.lazycoffe.com.tw:80/wifidog/portal/?gw_id=hostapd [7][Mon Nov 15 21:35:23 2010][19725](auth.c:215) Unlocking client list [7][Mon Nov 15 21:35:23 2010][19725](auth.c:215) Client list unlocked [7][Mon Nov 15 21:35:23 2010][19725](httpd_thread.c:68) Returned from httpdProcessRequest() for 192.168.242.123 [7][Mon Nov 15 21:35:23 2010][19725](httpd_thread.c:73) Closing connection with 192.168.242.123


Anything I went wrong? Thanks in advance!

Attachments

wifidog-problem Download (8.0 KB) - added by monkeyhunter0@… 7 years ago.
config/console txt file attached

Change History

Changed 7 years ago by monkeyhunter0@…

config/console txt file attached

Note: See TracTickets for help on using tickets.