mirror of
git://projects.qi-hardware.com/openwrt-xburst.git
synced 2024-11-05 16:34:04 +02:00
178 lines
3.9 KiB
Plaintext
178 lines
3.9 KiB
Plaintext
|
# $Header$
|
||
|
# WiFiDog Configuration file
|
||
|
|
||
|
# Parameter: GatewayID
|
||
|
# Default: default
|
||
|
# Optional but essential for monitoring purposes
|
||
|
#
|
||
|
# Set this to the template ID on the auth server
|
||
|
# this is used to give a customized login page to the clients
|
||
|
# If none is supplied, the default login page will be used.
|
||
|
|
||
|
GatewayID default
|
||
|
|
||
|
# Parameter: ExternalInterface
|
||
|
# Default: NONE
|
||
|
# Optional
|
||
|
#
|
||
|
# Set this to the external interface. Typically vlan1 for OpenWrt, and eth0 or ppp0 otherwise
|
||
|
|
||
|
# ExternalInterface eth0
|
||
|
|
||
|
# Parameter: GatewayInterface
|
||
|
# Default: NONE
|
||
|
# Mandatory
|
||
|
#
|
||
|
# Set this to the internal interface. Typically br0 for OpenWrt, and eth1 otherwise
|
||
|
|
||
|
GatewayInterface br0
|
||
|
|
||
|
# Parameter: GatewayAddress
|
||
|
# Default: Find it from GatewayInterface
|
||
|
# Optional
|
||
|
#
|
||
|
# Set this to the internal IP address of the gateway
|
||
|
|
||
|
# GatewayAddress 192.168.1.1
|
||
|
|
||
|
# Parameter: AuthServMaxTries
|
||
|
# Default: 1
|
||
|
# Optional
|
||
|
#
|
||
|
# Sets the number of auth servers the gateway will attempt to contact when a request fails.
|
||
|
# this number should be equal to the number of AuthServer lines in this
|
||
|
# configuration but it should probably not exceed 3.
|
||
|
|
||
|
# AuthServMaxTries 3
|
||
|
|
||
|
# Parameter: AuthServer
|
||
|
# Default: NONE
|
||
|
# Mandatory
|
||
|
#
|
||
|
# Set this to the hostname or IP of your auth server, the path where
|
||
|
# WiFiDog-auth resides and optionally as a second argument, the port it
|
||
|
# listens on.
|
||
|
#AuthServer {
|
||
|
# Hostname (Mandatory; Default: NONE)
|
||
|
# SSLAvailable (Optional; Default: no; Possible values: yes, no)
|
||
|
# SSLPort 443 (Optional; Default: 443)
|
||
|
# HTTPPort 80 (Optional; Default: 80)
|
||
|
# Path wifidog/ (Optional; Default: /wifidog/ Note: The path must be both prefixed and suffixed by /. Use a single / for server root.)
|
||
|
#}
|
||
|
|
||
|
#AuthServer {
|
||
|
# Hostname auth.ilesansfil.org
|
||
|
# SSLAvailable yes
|
||
|
# Path /
|
||
|
#}
|
||
|
|
||
|
#AuthServer {
|
||
|
# Hostname auth2.ilesansfil.org
|
||
|
# SSLAvailable yes
|
||
|
# Path /
|
||
|
#}
|
||
|
|
||
|
#AuthServer {
|
||
|
# Hostname auth3.ilesansfil.org
|
||
|
# SSLAvailable yes
|
||
|
# Path /
|
||
|
#}
|
||
|
|
||
|
# Parameter: Daemon
|
||
|
# Default: 1
|
||
|
# Optional
|
||
|
#
|
||
|
# Set this to true if you want to run as a daemon
|
||
|
# Daemon 1
|
||
|
|
||
|
# Parameter: GatewayPort
|
||
|
# Default: 2060
|
||
|
# Optional
|
||
|
#
|
||
|
# Listen on this port
|
||
|
# GatewayPort 2060
|
||
|
|
||
|
# Parameter: HTTPDName
|
||
|
# Default: WiFiDog
|
||
|
# Optional
|
||
|
#
|
||
|
# Define what name the HTTPD server will respond
|
||
|
# HTTPDName WiFiDog
|
||
|
|
||
|
# Parameter: HTTPDMaxConn
|
||
|
# Default: 10
|
||
|
# Optional
|
||
|
#
|
||
|
# How many sockets to listen to
|
||
|
# HTTPDMaxConn 10
|
||
|
|
||
|
# Parameter: CheckInterval
|
||
|
# Default: 60
|
||
|
# Optional
|
||
|
#
|
||
|
# How many seconds should we wait between timeout checks
|
||
|
CheckInterval 60
|
||
|
|
||
|
# Parameter: ClientTimeout
|
||
|
# Default: 5
|
||
|
# Optional
|
||
|
#
|
||
|
# Set this to the desired of number of CheckInterval of inactivity before a client is logged out
|
||
|
# The timeout will be INTERVAL * TIMEOUT
|
||
|
ClientTimeout 5
|
||
|
|
||
|
# Parameter: FirewallRuleSet
|
||
|
# Default: none
|
||
|
# Mandatory
|
||
|
#
|
||
|
# Groups a number of FirewallRule statements together.
|
||
|
|
||
|
# Parameter: FirewallRule
|
||
|
# Default: none
|
||
|
#
|
||
|
# Define one firewall rule in a rule set.
|
||
|
|
||
|
# Rule Set: global
|
||
|
#
|
||
|
# Used for rules to be applied to all other rulesets except locked.
|
||
|
# This is the default config for the Teliphone service.
|
||
|
FirewallRuleSet global {
|
||
|
FirewallRule allow udp to 69.90.89.192/27
|
||
|
FirewallRule allow udp to 69.90.85.0/27
|
||
|
FirewallRule allow tcp port 80 to 69.90.89.205
|
||
|
}
|
||
|
|
||
|
# Rule Set: validating-users
|
||
|
#
|
||
|
# Used for new users validating their account
|
||
|
FirewallRuleSet validating-users {
|
||
|
FirewallRule block tcp port 25
|
||
|
FirewallRule allow to 0.0.0.0/0
|
||
|
}
|
||
|
|
||
|
# Rule Set: known-users
|
||
|
#
|
||
|
# Used for normal validated users.
|
||
|
FirewallRuleSet known-users {
|
||
|
FirewallRule allow to 0.0.0.0/0
|
||
|
}
|
||
|
|
||
|
# Rule Set: unknown-users
|
||
|
#
|
||
|
# Used for unvalidated users, this is the ruleset that gets redirected.
|
||
|
#
|
||
|
# XXX The redirect code adds the Default DROP clause.
|
||
|
FirewallRuleSet unknown-users {
|
||
|
FirewallRule allow udp port 53
|
||
|
FirewallRule allow tcp port 53
|
||
|
FirewallRule allow udp port 67
|
||
|
FirewallRule allow tcp port 67
|
||
|
}
|
||
|
|
||
|
# Rule Set: locked-users
|
||
|
#
|
||
|
# Used for users that have been locked out.
|
||
|
FirewallRuleSet locked-users {
|
||
|
FirewallRule block to 0.0.0.0/0
|
||
|
}
|