##############################################################################
#
# Sample CoovaChilli configuration file
#
##############################################################################

# General settings
config general

	# Enable this flag to include debug information.
	option debug	0

	# Re-read configuration file at this interval. Will also cause new domain
	# name lookups to be performed. Value is given in seconds.
	option interval	3600

	# File to store information about the process id of the program.
	# The program must have write access to this file/directory.
	option pidfile	/var/run/chilli.pid

	# Directory to use for nonvolatile storage.
	# The program must have write access to this directory.
	# This tag is currently ignored
	#option	statedir	./


# TUN parameters
config tun

	# IP network address of external packet data network
	# Used to allocate dynamic IP addresses and set up routing.
	# Normally you do not need to uncomment this tag.
	option net	192.168.182.0/24

	# Dynamic IP address pool
	# Used to allocate dynamic IP addresses to clients.
	# If not set it defaults to the net tag.
	# Do not uncomment this tag unless you are an experienced user!
	#option	dynip	192.168.182.0/24

	# Static IP address pool
	# Used to allocate static IP addresses to clients.
	# Do not uncomment this tag unless you are an experienced user!
	#option	statip	192.168.182.0/24

	# Primary DNS server.
	# Will be suggested to the client.
	# If omitted the system default will be used.
	# Normally you do not need to uncomment this tag.
	#option	dns1	172.16.0.5

	# Secondary DNS server.
	# Will be suggested to the client.
	# If omitted the system default will be used.
	# Normally you do not need to uncomment this tag.
	#option	dns2	172.16.0.6

	# Domain name
	# Will be suggested to the client.
	# Normally you do not need to uncomment this tag.
	option domain	key.chillispot.org

	# Script executed after network interface has been brought up.
	# Executed with the following parameters: <devicename> <ip address> <mask>
	# Normally you do not need to uncomment this tag.
	#option	ipup	/etc/chilli.ipup

	# Script executed after network interface has been taken down.
	# Executed with the following parameters: <devicename> <ip address> <mask>
	# Normally you do not need to uncomment this tag.
	#option	ipdown	/etc/chilli.ipdown

	# Script executed after a user has been authenticated.
	# Executed with the following parameters: <devicename> <ip address>
	# <mask> <user ip address> <user mac address> <filter ID>
	# Normally you do not need to uncomment this tag.
	#option	conup	/etc/chilli.conup

	# Script executed after a user has disconnected.
	# Executed with the following parameters: <devicename> <ip address>
	# <mask> <user ip address> <user mac address> <filter ID>
	# Normally you do not need to uncomment this tag.
	#option	condown	/etc/chilli.condown


# DHCP Parameters
config dhcp

	# Ethernet interface to listen to.
	# This is the network interface which is connected to the access points.
	# In a typical configuration this tag should be set to eth1.
	option dhcpif	eth1

	# Use specified MAC address.
	# An address in the range  00:00:5E:00:02:00 - 00:00:5E:FF:FF:FF falls
	# within the IANA range of addresses and is not allocated for other
	# purposes.
	# Normally you do not need to uncomment this tag.
	#option dhcpmac	00:00:5E:00:02:00

	# Time before DHCP lease expires
	# Normally you do not need to uncomment this tag.
	#option lease	600


# Radius parameters
config radius

	# IP address to listen to
	# Normally you do not need to uncomment this tag.
	#option radiuslisten	127.0.0.1

	# IP address of radius server 1
	# For most installations you need to modify this tag.
	option radiusserver1	rad01.chillispot.org

	# IP address of radius server 2
	# If you have only one radius server you should set radiusserver2 to the
	# same value as radiusserver1.
	# For most installations you need to modify this tag.
	option radiusserver2	rad02.chillispot.org

	# Radius authentication port
	# The UDP port number to use for radius authentication requests.
	# The same port number is used for both radiusserver1 and radiusserver2.
	# Normally you do not need to uncomment this tag.
	#option radiusauthport	1812

	# Radius accounting port
	# The UDP port number to use for radius accounting requests.
	# The same port number is used for both radiusserver1 and radiusserver2.
	# Normally you do not need to uncomment this tag.
	#option radiusacctport	1813

	# Radius shared secret for both servers
	# For all installations you should modify this tag.
	#option radiussecret	testing123

	# Radius NAS-Identifier
	# Normally you do not need to uncomment this tag.
	#option radiusnasid	nas01

	# Radius NAS-IP-Address
	# Normally you do not need to uncomment this tag.
	#option radiusnasip	127.0.0.1

	# Radius Called-Station-ID
	# Normally you do not need to uncomment this tag.
	#option radiuscalled	00133300

	# WISPr Location ID. Should be in the format: isocc=<ISO_Country_Code>,
	# cc=<E.164_Country_Code>,ac=<E.164_Area_Code>,network=<ssid/ZONE>
	# Normally you do not need to uncomment this tag.
	#option radiuslocationid	isocc=us,cc=1,ac=408,network=ACMEWISP_NewarkAirport

	# WISPr Location Name. Should be in the format:
	# <HOTSPOT_OPERATOR_NAME>,<LOCATION>
	# Normally you do not need to uncomment this tag.
	#option radiuslocationname	ACMEWISP,Gate_14_Terminal_C_of_Newark_Airport


# Radius proxy parameters
config proxy

	# IP address to listen to
	# Normally you do not need to uncomment this tag.
	#option proxylisten	10.0.0.1

	# UDP port to listen to.
	# If not specified a port will be selected by the system
	# Normally you do not need to uncomment this tag.
	#option proxyport	1645

	# Client(s) from which we accept radius requests
	# Normally you do not need to uncomment this tag.
	#option proxyclient	10.0.0.1/24

	# Radius proxy shared secret for all clients
	# If not specified defaults to radiussecret
	# Normally you do not need to uncomment this tag.
	#option proxysecret	testing123


# Universal access method (UAM) parameters
config uam

	# URL of web server handling authentication.
	option uamserver	https://radius.chillispot.org/hotspotlogin

	# URL of welcome homepage.
	# Unauthenticated users will be redirected to this URL. If not specified
	# users will be redirected to the uamserver instead.
	# Normally you do not need to uncomment this tag.
	#option uamhomepage	http://192.168.182.1/welcome.html

	# Shared between chilli and authentication web server
	#option uamsecret	ht2eb8ej6s4et3rg1ulp

	# IP address to listen to for authentication requests
	# Do not uncomment this tag unless you are an experienced user!
	#option uamlisten	192.168.182.1

	# TCP port to listen to for authentication requests
	# Do not uncomment this tag unless you are an experienced user!
	#option uamport	3990

	# Comma separated list of domain names, IP addresses or network segments
	# the client can access without first authenticating.
	# It is possible to specify this tag multiple times.
	# Normally you do not need to uncomment this tag.
	#list uamallowed	www.chillispot.org
	#list uamallowed	10.11.12.0/24

	# If this flag is given unauthenticated users are allowed to use
	# any DNS server.
	# Normally you do not need to uncomment this tag.
	#uamanydns


# MAC authentication
config macauth

	# If this flag is given users will be authenticated only on their MAC
	# address.
	# Normally you do not need to enable this flag.
	option macauth	0

	# List of MAC addresses.
	# The MAC addresses specified in this list will be authenticated only on
	# their MAC address.
	# This tag is ignored if the macauth tag is given.
	# It is possible to specify this tag multiple times.
	# Normally you do not need to uncomment this tag.
	#list macallowed	00-0A-5E-AC-BE-51
	#list macallowed	00-30-1B-3C-32-E9

	# Password to use for MAC authentication.
	# Normally you do not need to uncomment this tag.
	#option macpasswd	password

	# Suffix to add to MAC address in order to form the username.
	# Normally you do not need to uncomment this tag.
	#option macsuffix	suffix