7 files changed, 482 insertions, 0 deletions

diff --git a/applications/luci-chillispot/Makefile b/applications/luci-chillispot/Makefile
new file mode 100644
index 000000000..81a96f6a8
--- /dev/null
+++ b/applications/luci-chillispot/Makefile
@@ -0,0 +1,2 @@
+include ../../build/config.mk
+include ../../build/module.mk
\ No newline at end of file
diff --git a/applications/luci-chillispot/luasrc/controller/chillispot.lua b/applications/luci-chillispot/luasrc/controller/chillispot.lua
new file mode 100644
index 000000000..f3e52fa9d
--- /dev/null
+++ b/applications/luci-chillispot/luasrc/controller/chillispot.lua
@@ -0,0 +1,26 @@
+--[[
+LuCI - Lua Configuration Interface
+
+Copyright 2008 Steven Barth <steven@midlink.org>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+	http://www.apache.org/licenses/LICENSE-2.0
+
+$Id$
+]]--
+module("luci.controller.chillispot", package.seeall)
+
+function index()
+
+	require("luci.i18n")
+	local i18n = luci.i18n.translate
+
+	entry( { "admin", "services", "chillispot" },            cbi("chillispot"),         i18n("chillispot", "ChilliSpot"),                           90)
+	entry( { "admin", "services", "chillispot", "network" }, cbi("chillispot_network"), i18n("chillispot_network", "Network Configuration"),        10)
+	entry( { "admin", "services", "chillispot", "radius"  }, cbi("chillispot_radius"),  i18n("chillispot_radius",  "UAM and Radius Configuration"), 20)
+	entry( { "admin", "services", "chillispot", "macauth" }, cbi("chillispot_macauth"), i18n("chillispot_macauth", "MAC Authentication"),           30)
+
+end
diff --git a/applications/luci-chillispot/luasrc/model/cbi/chillispot.lua b/applications/luci-chillispot/luasrc/model/cbi/chillispot.lua
new file mode 100644
index 000000000..6c79d7456
--- /dev/null
+++ b/applications/luci-chillispot/luasrc/model/cbi/chillispot.lua
@@ -0,0 +1,36 @@
+--[[
+LuCI - Lua Configuration Interface
+
+Copyright 2008 Steven Barth <steven@midlink.org>
+Copyright 2008 Jo-Philipp Wich <xm@leipzig.freifunk.net>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+	http://www.apache.org/licenses/LICENSE-2.0
+
+$Id$
+]]--
+
+
+m = Map("chillispot")
+
+-- general
+s1 = m:section(TypedSection, "general")
+s1.anonymous = true
+
+s1:option( Flag, "debug" )
+s1:option( Value, "interval" )
+s1:option( Value, "pidfile" ).optional = true
+s1:option( Value, "statedir" ).optional = true
+
+-- remote config management
+s2 = m:section(TypedSection, "remoteconfig")
+s2.anonymous = true
+
+s2:option( Value, "confusername" )
+s2:option( Value, "confpassword" )
+
+
+return m
diff --git a/applications/luci-chillispot/luasrc/model/cbi/chillispot_macauth.lua b/applications/luci-chillispot/luasrc/model/cbi/chillispot_macauth.lua
new file mode 100644
index 000000000..710b2165c
--- /dev/null
+++ b/applications/luci-chillispot/luasrc/model/cbi/chillispot_macauth.lua
@@ -0,0 +1,30 @@
+--[[
+LuCI - Lua Configuration Interface
+
+Copyright 2008 Steven Barth <steven@midlink.org>
+Copyright 2008 Jo-Philipp Wich <xm@leipzig.freifunk.net>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+	http://www.apache.org/licenses/LICENSE-2.0
+
+$Id$
+]]--
+
+
+m = Map("chillispot")
+
+
+-- mac authentication
+s = m:section(TypedSection, "macauth")
+s.anonymous = true
+
+s:option( Flag, "macauth" )
+s:option( DynamicList, "macallowed" )
+s:option( Value, "macpasswd" ).optional = true
+s:option( Value, "macsuffix" ).optional = true
+
+
+return m
diff --git a/applications/luci-chillispot/luasrc/model/cbi/chillispot_network.lua b/applications/luci-chillispot/luasrc/model/cbi/chillispot_network.lua
new file mode 100644
index 000000000..b75fc5fb4
--- /dev/null
+++ b/applications/luci-chillispot/luasrc/model/cbi/chillispot_network.lua
@@ -0,0 +1,65 @@
+--[[
+LuCI - Lua Configuration Interface
+
+Copyright 2008 Steven Barth <steven@midlink.org>
+Copyright 2008 Jo-Philipp Wich <xm@leipzig.freifunk.net>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+	http://www.apache.org/licenses/LICENSE-2.0
+
+$Id$
+]]--
+
+require("luci.sys")
+require("luci.ip")
+
+m = Map("chillispot")
+
+-- tun
+s1 = m:section(TypedSection, "tun")
+s1.anonymous = true
+
+net = s1:option( Value, "net" )
+for _, route in ipairs(luci.sys.net.routes()) do
+	if route.Iface ~= "lo" and route.Mask ~= "FFFFFFFF" then
+		local netmask = luci.ip.IPv4(route.Mask)
+		if netmask then
+			local netaddr = luci.ip.IPv4(route.Destination, netmask)
+			if netaddr then
+				net:value( netaddr:string() )
+			end
+		end
+	end
+end
+
+s1:option( Value, "dynip" ).optional = true
+s1:option( Value, "statip" ).optional = true
+
+s1:option( Value, "dns1" ).optional = true
+s1:option( Value, "dns2" ).optional = true
+s1:option( Value, "domain" ).optional = true
+
+s1:option( Value, "ipup" ).optional = true
+s1:option( Value, "ipdown" ).optional = true
+
+s1:option( Value, "conup" ).optional = true
+s1:option( Value, "condown" ).optional = true
+
+
+-- dhcp config
+s2 = m:section(TypedSection, "dhcp")
+s2.anonymous = true
+
+dif = s2:option( Value, "dhcpif" )
+for _, nif in ipairs(luci.sys.net.devices()) do
+	if nif ~= "lo" then dif:value(nif) end
+end
+
+s2:option( Value, "dhcpmac" ).optional = true
+s2:option( Value, "lease" ).optional = true
+
+
+return m
diff --git a/applications/luci-chillispot/luasrc/model/cbi/chillispot_radius.lua b/applications/luci-chillispot/luasrc/model/cbi/chillispot_radius.lua
new file mode 100644
index 000000000..8b7ba59b4
--- /dev/null
+++ b/applications/luci-chillispot/luasrc/model/cbi/chillispot_radius.lua
@@ -0,0 +1,64 @@
+--[[
+LuCI - Lua Configuration Interface
+
+Copyright 2008 Steven Barth <steven@midlink.org>
+Copyright 2008 Jo-Philipp Wich <xm@leipzig.freifunk.net>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+	http://www.apache.org/licenses/LICENSE-2.0
+
+$Id$
+]]--
+
+
+m = Map("chillispot")
+
+
+-- uam config
+s1 = m:section(TypedSection, "uam")
+s1.anonymous = true
+
+s1:option( Value, "uamserver" )
+s1:option( Value, "uamsecret" ).password = true
+s1:option( Flag, "uamanydns" )
+s1:option( Value, "uamhomepage" ).optional = true
+s1:option( Value, "uamlisten" ).optional = true
+s1:option( Value, "uamport" ).optional = true
+s1:option( DynamicList, "uamallowed" ).optional = true
+
+
+-- radius server
+s2 = m:section(TypedSection, "radius")
+s2.anonymous = true
+
+s2:option( Value, "radiusserver1" )
+s2:option( Value, "radiusserver2" )
+s2:option( Value, "radiussecret" ).password = true
+
+s2:option( Value, "radiuslisten" ).optional = true
+s2:option( Value, "radiusauthport" ).optional = true
+s2:option( Value, "radiusacctport" ).optional = true
+
+s2:option( Value, "radiusnasid" ).optional = true
+s2:option( Value, "radiusnasip" ).optional = true
+
+s2:option( Value, "radiuscalled" ).optional = true
+s2:option( Value, "radiuslocationid" ).optional = true
+s2:option( Value, "radiuslocationname" ).optional = true
+
+
+-- radius proxy
+s3 = m:section(TypedSection, "proxy")
+s3.anonymous = true
+
+s3:option( Value, "proxylisten" ).optional = true
+s3:option( Value, "proxyport" ).optional = true
+s3:option( Value, "proxyclient" ).optional = true
+ps = s3:option( Value, "proxysecret" )
+ps.optional = true
+ps.password = true
+
+return m
diff --git a/applications/luci-chillispot/root/etc/config/chillispot b/applications/luci-chillispot/root/etc/config/chillispot
new file mode 100644
index 000000000..fbbe22bc6
--- /dev/null
+++ b/applications/luci-chillispot/root/etc/config/chillispot
@@ -0,0 +1,259 @@
+##############################################################################
+#
+# Sample ChilliSpot configuration file
+#
+##############################################################################
+
+# General settings
+config general
+
+	# Enable this flag to include debug information.
+	option debug	0
+
+	# Re-read configuration file at this interval. Will also cause new domain
+	# name lookups to be performed. Value is given in seconds.
+	option interval	3600
+
+	# File to store information about the process id of the program.
+	# The program must have write access to this file/directory.
+	option pidfile	/var/run/chilli.pid
+
+	# Directory to use for nonvolatile storage.
+	# The program must have write access to this directory.
+	# This tag is currently ignored
+	#option	statedir	./
+
+
+# Remote configuration management
+config remoteconfig
+
+	# If confusername is specified together with confpassword chillispot
+	# will at regular intervals specified by the interval option query the
+	# radius server for configuration information.
+	# Normally you do not need to uncomment this tag.
+	option confusername	""
+
+	# If confusername is specified together with confpassword chillispot
+	# will at regular intervals specified by the interval option query the
+	# radius server for configuration information.
+	# Normally you do not need to uncomment this tag.
+	option confpassword	""
+
+
+# TUN parameters
+config tun
+
+	# IP network address of external packet data network
+	# Used to allocate dynamic IP addresses and set up routing.
+	# Normally you do not need to uncomment this tag.
+	option net	192.168.182.0/24
+
+	# Dynamic IP address pool
+	# Used to allocate dynamic IP addresses to clients.
+	# If not set it defaults to the net tag.
+	# Do not uncomment this tag unless you are an experienced user!
+	#option	dynip	192.168.182.0/24
+
+	# Static IP address pool
+	# Used to allocate static IP addresses to clients.
+	# Do not uncomment this tag unless you are an experienced user!
+	#option	statip	192.168.182.0/24
+
+	# Primary DNS server.
+	# Will be suggested to the client.
+	# If omitted the system default will be used.
+	# Normally you do not need to uncomment this tag.
+	#option	dns1	172.16.0.5
+
+	# Secondary DNS server.
+	# Will be suggested to the client.
+	# If omitted the system default will be used.
+	# Normally you do not need to uncomment this tag.
+	#option	dns2	172.16.0.6
+
+	# Domain name
+	# Will be suggested to the client.
+	# Normally you do not need to uncomment this tag.
+	option domain	key.chillispot.org
+
+	# Script executed after network interface has been brought up.
+	# Executed with the following parameters: <devicename> <ip address> <mask>
+	# Normally you do not need to uncomment this tag.
+	#option	ipup	/etc/chilli.ipup
+
+	# Script executed after network interface has been taken down.
+	# Executed with the following parameters: <devicename> <ip address> <mask>
+	# Normally you do not need to uncomment this tag.
+	#option	ipdown	/etc/chilli.ipdown
+
+	# Script executed after a user has been authenticated.
+	# Executed with the following parameters: <devicename> <ip address>
+	# <mask> <user ip address> <user mac address> <filter ID>
+	# Normally you do not need to uncomment this tag.
+	#option	conup	/etc/chilli.conup
+
+	# Script executed after a user has disconnected.
+	# Executed with the following parameters: <devicename> <ip address>
+	# <mask> <user ip address> <user mac address> <filter ID>
+	# Normally you do not need to uncomment this tag.
+	#option	condown	/etc/chilli.condown
+
+
+# DHCP Parameters
+config dhcp
+
+	# Ethernet interface to listen to.
+	# This is the network interface which is connected to the access points.
+	# In a typical configuration this tag should be set to eth1.
+	option dhcpif	eth1
+
+	# Use specified MAC address.
+	# An address in the range  00:00:5E:00:02:00 - 00:00:5E:FF:FF:FF falls
+	# within the IANA range of addresses and is not allocated for other
+	# purposes.
+	# Normally you do not need to uncomment this tag.
+	#option dhcpmac	00:00:5E:00:02:00
+
+	# Time before DHCP lease expires
+	# Normally you do not need to uncomment this tag.
+	#option lease	600
+
+
+# Radius parameters
+config radius
+
+	# IP address to listen to
+	# Normally you do not need to uncomment this tag.
+	#option radiuslisten	127.0.0.1
+
+	# IP address of radius server 1
+	# For most installations you need to modify this tag.
+	option radiusserver1	rad01.chillispot.org
+
+	# IP address of radius server 2
+	# If you have only one radius server you should set radiusserver2 to the
+	# same value as radiusserver1.
+	# For most installations you need to modify this tag.
+	option radiusserver2	rad02.chillispot.org
+
+	# Radius authentication port
+	# The UDP port number to use for radius authentication requests.
+	# The same port number is used for both radiusserver1 and radiusserver2.
+	# Normally you do not need to uncomment this tag.
+	#option radiusauthport	1812
+
+	# Radius accounting port
+	# The UDP port number to use for radius accounting requests.
+	# The same port number is used for both radiusserver1 and radiusserver2.
+	# Normally you do not need to uncomment this tag.
+	#option radiusacctport	1813
+
+	# Radius shared secret for both servers
+	# For all installations you should modify this tag.
+	#option radiussecret	testing123
+
+	# Radius NAS-Identifier
+	# Normally you do not need to uncomment this tag.
+	#option radiusnasid	nas01
+
+	# Radius NAS-IP-Address
+	# Normally you do not need to uncomment this tag.
+	#option radiusnasip	127.0.0.1
+
+	# Radius Called-Station-ID
+	# Normally you do not need to uncomment this tag.
+	#option radiuscalled	00133300
+
+	# WISPr Location ID. Should be in the format: isocc=<ISO_Country_Code>,
+	# cc=<E.164_Country_Code>,ac=<E.164_Area_Code>,network=<ssid/ZONE>
+	# Normally you do not need to uncomment this tag.
+	#option radiuslocationid	isocc=us,cc=1,ac=408,network=ACMEWISP_NewarkAirport
+
+	# WISPr Location Name. Should be in the format:
+	# <HOTSPOT_OPERATOR_NAME>,<LOCATION>
+	# Normally you do not need to uncomment this tag.
+	#option radiuslocationname	ACMEWISP,Gate_14_Terminal_C_of_Newark_Airport
+
+
+# Radius proxy parameters
+config proxy
+
+	# IP address to listen to
+	# Normally you do not need to uncomment this tag.
+	#option proxylisten	10.0.0.1
+
+	# UDP port to listen to.
+	# If not specified a port will be selected by the system
+	# Normally you do not need to uncomment this tag.
+	#option proxyport	1645
+
+	# Client(s) from which we accept radius requests
+	# Normally you do not need to uncomment this tag.
+	#option proxyclient	10.0.0.1/24
+
+	# Radius proxy shared secret for all clients
+	# If not specified defaults to radiussecret
+	# Normally you do not need to uncomment this tag.
+	#option proxysecret	testing123
+
+
+# Universal access method (UAM) parameters
+config uam
+
+	# URL of web server handling authentication.
+	option uamserver	https://radius.chillispot.org/hotspotlogin
+
+	# URL of welcome homepage.
+	# Unauthenticated users will be redirected to this URL. If not specified
+	# users will be redirected to the uamserver instead.
+	# Normally you do not need to uncomment this tag.
+	#option uamhomepage	http://192.168.182.1/welcome.html
+
+	# Shared between chilli and authentication web server
+	#option uamsecret	ht2eb8ej6s4et3rg1ulp
+
+	# IP address to listen to for authentication requests
+	# Do not uncomment this tag unless you are an experienced user!
+	#option uamlisten	192.168.182.1
+
+	# TCP port to listen to for authentication requests
+	# Do not uncomment this tag unless you are an experienced user!
+	#option uamport	3990
+
+	# Comma separated list of domain names, IP addresses or network segments
+	# the client can access without first authenticating.
+	# It is possible to specify this tag multiple times.
+	# Normally you do not need to uncomment this tag.
+	#list uamallowed	www.chillispot.org
+	#list uamallowed	10.11.12.0/24
+
+	# If this flag is given unauthenticated users are allowed to use
+	# any DNS server.
+	# Normally you do not need to uncomment this tag.
+	#uamanydns
+
+
+# MAC authentication
+config macauth
+
+	# If this flag is given users will be authenticated only on their MAC
+	# address.
+	# Normally you do not need to enable this flag.
+	option macauth	0
+
+	# List of MAC addresses.
+	# The MAC addresses specified in this list will be authenticated only on
+	# their MAC address.
+	# This tag is ignored if the macauth tag is given.
+	# It is possible to specify this tag multiple times.
+	# Normally you do not need to uncomment this tag.
+	#list macallowed	00-0A-5E-AC-BE-51
+	#list macallowed	00-30-1B-3C-32-E9
+
+	# Password to use for MAC authentication.
+	# Normally you do not need to uncomment this tag.
+	#option macpasswd	password
+
+	# Suffix to add to MAC address in order to form the username.
+	# Normally you do not need to uncomment this tag.
+	#option macsuffix	suffix