CoovaChilli General configuration General CoovaChilli settings Command socket UNIX socket used for communication with chilli_query Config refresh interval Re-read configuration file and do DNS lookups every interval seconds. This has the same effect as sending the HUP signal. If interval is 0 (zero) this feature is disabled. Pid file Filename to put the process id State directory Directory of non-volatile data TUN/TAP configuration Network/Tun configuration Network down script Script executed after a session has moved from authorized state to unauthorized Network up script Script executed after the tun network interface has been brought up Primary DNS Server Is used to inform the client about the DNS address to use for host name resolution Secondary DNS Server Is used to inform the client about the DNS address to use for host name resolution Domain name Is used to inform the client about the domain name to use for DNS lookups Dynamic IP address pool Specifies a pool of dynamic IP addresses IP down script Script executed after the tun network interface has been taken down IP up script Script executed after the TUN/TAP network interface has been brought up Uplink subnet Network address of the uplink interface (CIDR notation) Static IP address pool Specifies a pool of static IP addresses TUN/TAP device The specific device to use for the TUN/TAP interface TX queue length The TX queue length to set on the TUN/TAP interface Use TAP device Use the TAP interface instead of TUN DHCP configuration Set DHCP options for connecting clients DHCP end number Where to stop assigning IP addresses (default 254) DHCP interface Ethernet interface to listen to for the downlink interface Listen MAC address MAC address to listen to. If not specified the MAC address of the interface will be used DHCP start number Where to start assigning IP addresses (default 10) Enable IEEE 802.1x Enable IEEE 802.1x authentication and listen for EAP requests Leasetime Use a DHCP lease of seconds (default 600) RADIUS configuration RADIUS configuration Allow session update through RADIUS Allow updating of session parameters with RADIUS attributes sent in Accounting-Response Admin password Password to use for Administrative-User authentication in order to pick up chilli configurations and establish a device "system" session Admin user User-name to use for Administrative-User authentication in order to pick up chilli configurations and establish a device "system" session Do not check disconnection requests Do not check the source IP address of radius disconnect requests RADIUS disconnect port UDP port to listen to for accepting radius disconnect requests NAS IP Value to use in RADIUS NAS-IP-Address attribute NAS MAC MAC address value to use in RADIUS Called-Station-ID attribute Allow OpenID authentication Allows OpenID authentication by sending ChilliSpot-Config=allow-openidauth in RADIUS Access-Requests RADIUS accounting port The UDP port number to use for radius accounting requests (default 1813) RADIUS authentication port The UDP port number to use for radius authentication requests (default 1812) Option radiuscalled RADIUS listen address Local interface IP address to use for the radius interface RADIUS location ID WISPr Location ID RADIUS location name WISPr Location Name NAS ID Network access server identifier Option radiusnasip NAS port type Value of NAS-Port-Type attribute. Defaults to 19 (Wireless-IEEE-802.11) Send RADIUS VSA Send the ChilliSpot-OriginalURL RADIUS VSA in Access-Request RADIUS secret Radius shared secret for both servers RADIUS server 1 The IP address of radius server 1 RADIUS server 2 The IP address of radius server 2 Swap octets Swap the meaning of "input octets" and "output octets" as it related to RADIUS attribtues Allow WPA guests Allows WPA Guest authentication by sending ChilliSpot-Config=allow-wpa-guests in RADIUS Access-Requests RADIUS proxy settings RADIUS proxy settings Proxy client IP address from which radius requests are accepted. If omitted the server will not accept radius requests Proxy listen address Local interface IP address to use for accepting radius requests Proxy port UDP Port to listen to for accepting radius requests Proxy secret Radius shared secret for clients UAM configuration Unified Configuration Method settings Use Chilli XML Return the so-called Chilli XML along with WISPr XML Default idle timeout Default idle timeout unless otherwise set by RADIUS (defaults to 0) Default interim interval Default interim-interval for RADIUS accounting unless otherwise set by RADIUS (defaults to 0) Default session timeout Default session timeout unless otherwise set by RADIUS (defaults to 0) Inspect DNS traffic Inspect DNS packets and drop responses with any non- A, CNAME, SOA, or MX records to prevent dns tunnels (experimental) Local users file A colon seperated file containing usernames and passwords of locally authenticated users Location name Human readable location name used in JSON interface Do not redirect to UAM server Do not return to UAM server on login success, just redirect to original URL Do not do WISPr Do not do any WISPr XML, assume the back-end is doing this instead Post auth proxy Used with postauthproxyport to define a post authentication HTTP proxy server Post auth proxy port Used with postauthproxy to define a post authentication HTTP proxy server Allowed resources List of resources the client can access without first authenticating Allow any DNS server Allow any DNS server for unauthenticated clients Allow any IP address Allow clients to use any IP settings they wish by spoofing ARP (experimental) Allowed domains Defines a list of domain names to automatically add to the walled garden UAM homepage URL of homepage to redirect unauthenticated users to UAM static content port TCP port to bind to for only serving embedded content UAM listening address IP address to listen to for authentication of clients UAM logout IP Use this IP address to instantly logout a client accessing it (defaults to 1.1.1.1) UAM listening port TCP port to bind to for authenticating clients (default 3990) UAM secret Shared secret between uamserver and chilli UAM server URL of web server to use for authenticating clients UAM user interface An init.d style program to handle local content on the uamuiport web server Use status file Write the status of clients in a non-volatile state file (experimental) WISPr login url Specific URL to be given in WISPr XML LoginURL CGI program Executable to run as a CGI type program (like haserl) for URLs with extention .chi Web content directory Directory where embedded local web content is placed MAC configuration Configure MAC authentication Allowed MAC addresses List of MAC addresses for which MAC authentication will be performed Authenticate locally allowed MACs Authenticate allowed MAC addresses without the use of RADIUS Enable MAC authentification Try to authenticate all users based on their mac address alone Password Password used when performing MAC authentication Suffix Suffix to add to the MAC address in order to form the User-Name, which is sent to the radius server