1
0
mirror of git://projects.qi-hardware.com/openwrt-xburst.git synced 2024-11-27 16:37:31 +02:00
openwrt-xburst/openwrt/package/wifidog/files/wifidog.conf
wbx 0fd67ae9c8 wifidog package from Philippe April, thx
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@1966 3c298f89-4303-0410-b956-a3cf2f4a3e73
2005-09-21 05:18:56 +00:00

178 lines
3.9 KiB
Plaintext

# $Header$
# WiFiDog Configuration file
# Parameter: GatewayID
# Default: default
# Optional but essential for monitoring purposes
#
# Set this to the template ID on the auth server
# this is used to give a customized login page to the clients
# If none is supplied, the default login page will be used.
GatewayID default
# Parameter: ExternalInterface
# Default: NONE
# Optional
#
# Set this to the external interface. Typically vlan1 for OpenWrt, and eth0 or ppp0 otherwise
# ExternalInterface eth0
# Parameter: GatewayInterface
# Default: NONE
# Mandatory
#
# Set this to the internal interface. Typically br0 for OpenWrt, and eth1 otherwise
GatewayInterface br0
# Parameter: GatewayAddress
# Default: Find it from GatewayInterface
# Optional
#
# Set this to the internal IP address of the gateway
# GatewayAddress 192.168.1.1
# Parameter: AuthServMaxTries
# Default: 1
# Optional
#
# Sets the number of auth servers the gateway will attempt to contact when a request fails.
# this number should be equal to the number of AuthServer lines in this
# configuration but it should probably not exceed 3.
# AuthServMaxTries 3
# Parameter: AuthServer
# Default: NONE
# Mandatory
#
# Set this to the hostname or IP of your auth server, the path where
# WiFiDog-auth resides and optionally as a second argument, the port it
# listens on.
#AuthServer {
# Hostname (Mandatory; Default: NONE)
# SSLAvailable (Optional; Default: no; Possible values: yes, no)
# SSLPort 443 (Optional; Default: 443)
# HTTPPort 80 (Optional; Default: 80)
# Path wifidog/ (Optional; Default: /wifidog/ Note: The path must be both prefixed and suffixed by /. Use a single / for server root.)
#}
#AuthServer {
# Hostname auth.ilesansfil.org
# SSLAvailable yes
# Path /
#}
#AuthServer {
# Hostname auth2.ilesansfil.org
# SSLAvailable yes
# Path /
#}
#AuthServer {
# Hostname auth3.ilesansfil.org
# SSLAvailable yes
# Path /
#}
# Parameter: Daemon
# Default: 1
# Optional
#
# Set this to true if you want to run as a daemon
# Daemon 1
# Parameter: GatewayPort
# Default: 2060
# Optional
#
# Listen on this port
# GatewayPort 2060
# Parameter: HTTPDName
# Default: WiFiDog
# Optional
#
# Define what name the HTTPD server will respond
# HTTPDName WiFiDog
# Parameter: HTTPDMaxConn
# Default: 10
# Optional
#
# How many sockets to listen to
# HTTPDMaxConn 10
# Parameter: CheckInterval
# Default: 60
# Optional
#
# How many seconds should we wait between timeout checks
CheckInterval 60
# Parameter: ClientTimeout
# Default: 5
# Optional
#
# Set this to the desired of number of CheckInterval of inactivity before a client is logged out
# The timeout will be INTERVAL * TIMEOUT
ClientTimeout 5
# Parameter: FirewallRuleSet
# Default: none
# Mandatory
#
# Groups a number of FirewallRule statements together.
# Parameter: FirewallRule
# Default: none
#
# Define one firewall rule in a rule set.
# Rule Set: global
#
# Used for rules to be applied to all other rulesets except locked.
# This is the default config for the Teliphone service.
FirewallRuleSet global {
FirewallRule allow udp to 69.90.89.192/27
FirewallRule allow udp to 69.90.85.0/27
FirewallRule allow tcp port 80 to 69.90.89.205
}
# Rule Set: validating-users
#
# Used for new users validating their account
FirewallRuleSet validating-users {
FirewallRule block tcp port 25
FirewallRule allow to 0.0.0.0/0
}
# Rule Set: known-users
#
# Used for normal validated users.
FirewallRuleSet known-users {
FirewallRule allow to 0.0.0.0/0
}
# Rule Set: unknown-users
#
# Used for unvalidated users, this is the ruleset that gets redirected.
#
# XXX The redirect code adds the Default DROP clause.
FirewallRuleSet unknown-users {
FirewallRule allow udp port 53
FirewallRule allow tcp port 53
FirewallRule allow udp port 67
FirewallRule allow tcp port 67
}
# Rule Set: locked-users
#
# Used for users that have been locked out.
FirewallRuleSet locked-users {
FirewallRule block to 0.0.0.0/0
}