Thursday, November 22, 2012

OpenWRT+CoovaChilli

Introduction

Today I am going to share my experience in Installing CoovaChilli on a router.

My first attempt with this endeavor ended up with me having a very expensive brick instead of a captive portal. So for those who want to avoid this costly experience I am laying out this simple installation process for you to follow and hopefully succeed. Once you get comfortable with it you can then venture into more riskier approach, like compiling your own OpenWRT.

I am using TP-Link's MR3220 as my router. Though I haven't tried it yet, I hope the same approach will work on other routers based on Altheros AR71xx.
Let's start!


Download required Packages

1. Download openwrt-ar71xx-generic-tl-mr3220-v1-squashfs-factory.bin from http://downloads.openwrt.org/snapshots/trunk/ar71xx/.
2. Download the following from http://downloads.openwrt.org/snapshots/trunk/ar71xx/packages/
  • coova-chilli_1.2.9-1_ar71xx.ipk
  • haserl_0.9.29-1_ar71xx.ipk
  • kmod-tun_3.3.8-1_ar71xx.ipk
  • libpthread_0.9.33.2-1_ar71xx.ipk
  • librt_0.9.33.2-1_ar71xx.ipk

Flash OpenWRT for MR3220

  1. Use a LAN cable to connect your computer to one of the LAN ports of the router
  2. Start a browser and go to http://192.168.1.1 (this is the router's default IP address, change this accordingly if you already changed your router's IP address)
  3. Choose System Tools --> Firmware Upgrade
  4. Click the Browse button
  5. Locate and select openwrt-ar71xx-generic-tl-mr3220-v1-squashfs-factory.bin file
  6. Click the Upgrade button
  7. Wait until it says rebooting
In this stage OpenWRT is already installed in your router and you will not be able to access your router’s web interface

Initialize OpenWRT

For first time login, you have to set root’s password. Follow these steps.
  1. Still connected to your router, open telnet and connect to 192.168.1.1
  2. Once logged in you should be see a display similar to this:
  3.   BusyBox v1.19.4 (2012-11-18 23:21:39 EST) built-in shell (ash)
      Enter 'help' for a list of built-in commands.
      
      _______                     ________        __
      |       |.-----.-----.-----.|  |  |  |.----.|  |_
      |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
      |_______||   __|_____|__|__||________||__|  |____|
      |__| W I R E L E S S   F R E E D O M
      -----------------------------------------------------
      BARRIER BREAKER (Bleeding Edge, r34253)
      -----------------------------------------------------
      * 1/2 oz Galliano         Pour all ingredients into
      * 4 oz cold Coffee        an irish coffee mug filled
      * 1 1/2 oz Dark Rum       with crushed ice. Stir.
      * 2 tsp. Creme de Cacao
      -----------------------------------------------------
      root@OpenWrt:~# 
    
    
  4. To set root’s password type passwd the press return key
  5. Type in root’s new password, press return, then re-type the password for confirmation
After setting the password you should quit telnet and login to the router using ssh

Setup Wireless Configuration

  1. Login to the router using ssh

  2. ssh root@192.168.1.1
  3. Edit /etc/config/wireless
  4. vi /etc/config/wireless
  5. Comment or delete the line “option disabled 1” to enable wireless LAN
  6. Optionally change the SSID by changing the value of “option ssid”, from OpenWRT to your choice
  7. Save and close the file
  8. Execute wifi to force the system to re-read the wireless configuration file and start wireless LAN

Install CoovaChilli

  1. Go to your computer’s terminal and copy the rest of the packages to router’s /tmp directory
  2. scp coova-chilli_1.2.9-1_ar71xx.ipk haserl_0.9.29-1_ar71xx.ipk kmod-tun_3.3.8-1_ar71xx.ipk libpthread_0.9.33.2-1_ar71xx.ipk librt_0.9.33.2-1_ar71xx.ipk root@192.168.1.1:/tmp
  3. Log back in to the router
  4. ssh root@192.168.1.1
  5. Go to /tmp and install the packages in the following order
  6. opkg install librt_0.9.33.2-1_ar71xx.ipk
    opkg install libpthread_0.9.33.2-1_ar71xx.ipk
    opkg install kmod-tun_3.3.8-1_ar71xx.ipk
    opkg install coova-chilli_1.2.9-1_ar71xx.ipk
    opkg install haserl_0.9.29-1_ar71xx.ipk

Setup CoovaChilli

 Configuration File

  1. Open /etc/chilli/defaults and change the following lines
  2.   
      from “# HS_WANIF=eth0                      # WAN Interface toward the Internet”
      to “HS_WANIF=eth1                          # WAN Interface toward the Internet”
      
      from “HS_LANIF=eth1                        # Subscriber Interface for client devices”
      to “HS_LANIF=wlan0                         # Subscriber Interface for client devices”
      
      from “HS_RADIUS=locahost”
      to “HS_RADIUS=<your RADIUS IP address>”
      
      from "HS_RADSECRET=testing123              # Set to be your RADIUS shared secret"
      to "HS_RADSECRET=<your RADIUS password>    # Set to be your RADIUS shared secret
    
  3. Save and close the file

Start-up Script

Now we need to create the startup script for coova-chilli. Coova-chilli package does not provide this so we have to create this by hand
Create a the file /etc/init.d/chilli with the following content

     #!/bin/sh /etc/rc.common
     # - init script for chilli -

     START=60
     STOP=90

     NAME=chilli
     RUN_D=/var/run
     CMDSOCK=$RUN_D/$NAME.sock
     PIDFILE=$RUN_D/$NAME.pid

     option_cb() { [ -n "$2" ] && echo "HS_$(echo $1|tr 'a-z' 'A-Z')=\"$2\"" | sed 's/\$/\\\$/g'; }
     config_load hotspot > /etc/chilli/config

     . /etc/chilli/functions

     start() {
         HS_DNS_DOMAIN=${HS_DNS_DOMAIN:-cap.coova.org}
         HS_DNS1=${HS_DNS1:-$HS_UAMLISTEN}
         HS_DNS2=${HS_DNS2:-$HS_NASIP}
         HS_NASID=${HS_NASID:-$HS_NASMAC}
         HS_MACAUTHMODE=${HS_MACAUTHMODE:-local}
         HS_USELOCALUSERS=${HS_USELOCALUSERS:-off}
         HS_PROXY_TYPE=${HS_PROXY_TYPE:-none}
         HS_RADCONF_URL=${HS_RADCONF_URL:-http://ap.coova.org/config/tos.conf}
         HS_CFRAME_URL=${HS_CFRAME_URL:-http://coova.org/cframe/default/}
         HS_CFRAME_SZ=${HS_CFRAME_SZ:-100}
         HS_DEFSESSIONTIMEOUT=${HS_DEFSESSIONTIMEOUT:-0}
         HS_DEFIDLETIMEOUT=${HS_DEFIDLETIMEOUT:-0}
         HS_DEFINTERIMINTERVAL=${HS_DEFINTERIMINTERVAL:-300}
         HS_LAN_ACCESS=${HS_LAN_ACCESS:-deny}
         HS_CFRAME_POS=${HS_CFRAME_POS:-top}
         HS_PROVIDER=${HS_PROVIDER:-Coova}
         HS_PROVIDER_LINK=${HS_PROVIDER_LINK:-http://coova.org/}
         HS_LOC_NAME=${HS_LOC_NAME:-My HotSpot}
         HS_LOC_NETWORK=${HS_LOC_NETWORK:-Coova}
         HS_OPENIDAUTH=${HS_OPENIDAUTH:-off}
         HS_ANYIP=${HS_ANYIP:-off}

         [ -z "$HS_LANIF" ] && {
             [ -e /tmp/device.hotspot ] && {
                 stop
             }
             HS_LANIF=$(wlanconfig ath create wlandev wifi0 wlanmode ap)
             for i in 0 1 2 3 4; do ifconfig ath$i mtu 1500; done 2>/dev/null
             echo $HS_LANIF > /tmp/device.hotspot
             iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
             iwconfig $HS_LANIF essid ${HS_SSID:-Coova} 2>/dev/null
         }

         writeconfig
         radiusconfig
                                                                                            
         [ -d $RUN_D ] || mkdir -p $RUN_D

         /sbin/insmod tun >&- 2>&-
         /usr/sbin/chilli
     }

     stop() {
         [ -f $PIDFILE ] && kill $(cat $PIDFILE)
         rm -f $PIDFILE $LKFILE $CMDSOCK 2>/dev/null
         iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
         wlanconfig $(cat /tmp/device.hotspot) destroy
         rm /tmp/device.hotspot
     }

Automatically Start CoovaChilli

Create a symbolic link to /etc/init.d/chilli in /etc/rc.d and name it S60chilli

cd /etc/rc.d
ln -s ../init.d/chilli S60chilli

This will automatically start CoovaChilli everytime you start your router.

Login Page

Lastly we need to create the login pages for CoovaChilli. CoovaChilli's package for OpenWRT does not include this and so we have to download CoovaChilli's source code and copy the contents of the miniportal forder
  1. Back in your computer, download CoovaChilli's source code
  2. wget http://ap.coova.org/chilli/coova-chilli-1.2.9.tar.gz
  3. Untar the package
  4. tar -xzvf coova-chilli-1.2.9.tar.gz
  5. Goto the miniportal folder
  6. cd coova-chilli-1.2.9/miniportal
  7. Edit the files functions.sh.in, config-local.sh.in, uam.sh.in and replace @SBINDIR@ and @ETCCHILLI@ with /usr/sbin and /etc/chilli respectively
  8. Rename the files that end in ".in", removing ".in" part
  9. e.g. functions.sh.in will be renamed to functions.sh

  1. Copy the contents of miniportal folder to your router's /etc/chilli/www
  2. scp * root@192.168.1.1:/etc/chilli/www/  

We're done. All you have to do is reboot your router and connect to it once it starts up.

When you open your browser and starts browsing you will be redirected to CoovaChilli's login page.

Enjoy!!!

15 comments:

  1. Hello, Tx for your documentation.
    I am trying to install on a router CoovaChilli Tp-link TL-WR841N.
    First of all, I installed the following firmware: openwrt-ar71xx-generic-tl-WR841N-v8-squashfs-factory.bin
    Then I followed your documentation about unloading and installing packages. I have them downloaded to the / tmp folder of the router and I started to install them starting the first.
    Installing the first package I was immediately a problem that I hope you can help me solve:
    root @ OpenWrt :/ tmp # opkg install librt_0.9.33.2-1_ar71xx.ipk
    Installing librt (0.9.33.2-1) to root ...
    Collected errors:
    * Satisfy_dependencies_for: Can not Satisfy the Following dependencies for librt:
    * Libpthread *
    * Opkg_install_cmd: Can not install package librt.

    Tx in advance

    ReplyDelete
    Replies
    1. Correct Order:
      opkg install libpthread_0.9.33.2-1_ar71xx.ipk
      opkg install librt_0.9.33.2-1_ar71xx.ipk
      opkg install kmod-tun_3.3.8-1_ar71xx.ipk
      opkg install coova-chilli_1.2.9-1_ar71xx.ipk
      opkg install haserl_0.9.29-1_ar71xx.ipk

      Delete
  2. Hello Harley.

    Same router here. Did you manage to solve that problem?

    ReplyDelete
  3. I think he just need to install "libpthread_0.9.33.2-1_ar71xx.ipk" in first. (soory for my english I'm french)

    But I have a probleme when I follow this documentation, AfterI can't to connect in my router in ssh and telnet! But ping it work. There are in script a filter that blocks access??

    ReplyDelete
  4. How can I make coova-chilli run several times for multiple vlans. I tried many tutorials on the Internet. Everytime I run newmulti.sh it cannot file the config file because all the config is in the defaults file. Is it possible in coova-chilli 1.3?

    ReplyDelete
  5. salam and hi to every one .
    I have TL-wa5210G wifi router , and have been installed ubiquity nano station 2 firmware and then finally installed on to it " open WRT" but I want to know how to build a hotspot? which files r to be to download and from where? plz any one help me .

    ReplyDelete
  6. hello when I want to install package coovachill "Only have 164 kB available on filesystem / overlay, PCI coovachill the needs 212"

    ReplyDelete
  7. I have problem, so the link for download choovachilli no fuction. Can you help me?

    ReplyDelete
  8. can we change login page to html

    ReplyDelete
  9. CoovaChilli is large package. To fit in 4mb flash tplinks only solution is bake a custom firmware image with coova builtin.

    ReplyDelete
  10. Mistake 1:
    Configuration File

    Open /etc/chilli/defaults and change the following lines


    from “# HS_WANIF=eth0 # WAN Interface toward the Internet”
    to “HS_WANIF=wlan0 # WAN Interface toward the Internet”

    from “HS_LANIF=eth1 # Subscriber Interface for client devices”
    to “HS_LANIF=eth0 # Subscriber Interface for client devices”


    Start-up Script:
    Enable permissions after create it.
    chmod a+x /etc/init.d/chilli

    ReplyDelete
  11. Thnx for a awesome article, been searching months for something like this.

    ReplyDelete