blob: d6c2c2928d91c19884ab7570155d59943d5ff82c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
|
package coovachilli
config section
option name 'general'
option title 'Section general'
option description 'General CoovaChilli settings'
option package 'coovachilli'
option unique true
option required true
config variable
option name 'interval'
option title 'Config refresh interval'
option description 'Re-read configuration file and do DNS lookups every interval seconds. This has the same effect as sending the HUP signal. If interval is 0 (zero) this feature is disabled. '
option section 'coovachilli.general'
option datatype 'uint'
config variable
option name 'pidfile'
option title 'Pid file'
option description 'Filename to put the process id'
option section 'coovachilli.general'
option datatype 'string'
config variable
option name 'statedir'
option title 'State directory'
option description 'Directory of non-volatile data'
option section 'coovachilli.general'
option datatype 'directory'
config variable
option name 'cmdsock'
option title 'Command socket'
option description 'UNIX socket used for communication with chilli_query'
option section 'coovachilli.general'
option datatype 'string'
config section
option name 'tun'
option title 'Section tun'
option description 'Network/Tun configuration'
option package 'coovachilli'
option unique true
option required true
config variable
option name 'txqlen'
option title 'TX queue length'
option description 'The TX queue length to set on the TUN/TAP interface'
option section 'coovachilli.tun'
option datatype 'uint'
config variable
option name 'usetap'
option title 'Use TAP device'
option description 'Use the TAP interface instead of TUN'
option section 'coovachilli.tun'
option datatype 'boolean'
config variable
option name 'tundev'
option title 'TUN/TAP device'
option description 'The specific device to use for the TUN/TAP interface'
option section 'coovachilli.tun'
option datatype 'file'
config variable
option name 'net'
option title 'Uplink subnet'
option description 'Network address of the uplink interface (CIDR notation)'
option section 'coovachilli.tun'
option datatype 'ip4addr'
config variable
option name 'statip'
option title 'Static IP address pool'
option description 'Specifies a pool of static IP addresses'
option section 'coovachilli.tun'
option datatype 'ip4addr'
config variable
option name 'dynip'
option title 'Dynamic IP address pool'
option description 'Specifies a pool of dynamic IP addresses'
option section 'coovachilli.tun'
option datatype 'ip4addr'
config variable
option name 'dns1'
option title 'Primary DNS Server'
option description 'Is used to inform the client about the DNS address to use for host name resolution'
option section 'coovachilli.tun'
option datatype 'host'
config variable
option name 'dns2'
option title 'Secondary DNS Server'
option description 'Is used to inform the client about the DNS address to use for host name resolution'
option section 'coovachilli.tun'
option datatype 'host'
config variable
option name 'domain'
option title 'Domain name'
option description 'Is used to inform the client about the domain name to use for DNS lookups'
option section 'coovachilli.tun'
option datatype 'string'
config variable
option name 'ipdown'
option title 'IP down script'
option description 'Script executed after the tun network interface has been taken down'
option section 'coovachilli.tun'
option datatype 'file'
config variable
option name 'ipup'
option title 'IP up script'
option description 'Script executed after the TUN/TAP network interface has been brought up'
option section 'coovachilli.tun'
option datatype 'file'
config variable
option name 'condown'
option title 'Network down script'
option description 'Script executed after a session has moved from authorized state to unauthorized'
option section 'coovachilli.tun'
option datatype 'file'
config variable
option name 'conup'
option title 'Network up script'
option description 'Script executed after the tun network interface has been brought up'
option section 'coovachilli.tun'
option datatype 'file'
config section
option name 'dhcp'
option title 'DHCP configuration'
option description 'Set DHCP options for connecting clients'
option package 'coovachilli'
option unique true
option required true
config variable
option name 'dhcpif'
option title 'DHCP interface'
option description 'Ethernet interface to listen to for the downlink interface'
option section 'coovachilli.dhcp'
option datatype 'string'
option required true
config variable
option name 'dhcpmac'
option title 'Listen MAC address'
option description 'MAC address to listen to. If not specified the MAC address of the interface will be used'
option section 'coovachilli.dhcp'
option datatype 'macaddr'
config variable
option name 'lease'
option title 'Leasetime'
option description 'Use a DHCP lease of seconds (default 600)'
option section 'coovachilli.dhcp'
option datatype 'uint'
config variable
option name 'dhcpstart'
option title 'DHCP start number'
option description 'Where to start assigning IP addresses (default 10)'
option section 'coovachilli.dhcp'
option datatype 'uint'
config variable
option name 'dhcpend'
option title 'DHCP end number'
option description 'Where to stop assigning IP addresses (default 254)'
option section 'coovachilli.dhcp'
option datatype 'uint'
config variable
option name 'eapolenable'
option title 'Enable IEEE 802.1x'
option description 'Enable IEEE 802.1x authentication and listen for EAP requests'
option section 'coovachilli.dhcp'
option datatype 'boolean'
config section
option name 'macauth'
option title 'Section macauth'
option description 'Configure MAC authentication'
option package 'coovachilli'
option unique true
option required true
config variable
option name 'macauth'
option title 'Enable MAC authentification'
option description 'Try to authenticate all users based on their mac address alone'
option section 'coovachilli.macauth'
option datatype 'boolean'
config variable
option name 'macallowlocal'
option title 'Authenticate locally allowed MACs'
option description 'Authenticate allowed MAC addresses without the use of RADIUS'
option section 'coovachilli.macauth'
option datatype 'boolean'
config variable
option name 'macallowed'
option title 'Allowed MAC addresses'
option description 'List of MAC addresses for which MAC authentication will be performed'
option section 'coovachilli.macauth'
option datatype 'string'
option type 'lazylist'
config variable
option name 'macpasswd'
option title 'Password'
option description 'Password used when performing MAC authentication'
option section 'coovachilli.macauth'
option datatype 'string'
config variable
option name 'macsuffix'
option title 'Suffix'
option description 'Suffix to add to the MAC address in order to form the User-Name, which is sent to the radius server'
option section 'coovachilli.macauth'
option datatype 'string'
config section
option name 'radius'
option title 'Section radius'
option description ''
option package 'coovachilli'
option unique true
option required true
config variable
option name 'acctupdate'
option title 'Allow session update through RADIUS'
option description 'Allow updating of session parameters with RADIUS attributes sent in Accounting-Response'
option section 'coovachilli.radius'
option datatype 'boolean'
config variable
option name 'radiusacctport'
option title 'Option radiusacctport'
option description ''
option section 'coovachilli.radius'
option datatype 'port'
config variable
option name 'radiusauthport'
option title 'Option radiusauthport'
option description ''
option section 'coovachilli.radius'
option datatype 'port'
config variable
option name 'radiuscalled'
option title 'Option radiuscalled'
option description ''
option section 'coovachilli.radius'
option datatype 'string'
config variable
option name 'radiuslisten'
option title 'Option radiuslisten'
option description ''
option section 'coovachilli.radius'
option datatype 'ip4addr'
config variable
option name 'radiuslocationid'
option title 'Option radiuslocationid'
option description ''
option section 'coovachilli.radius'
option datatype 'string'
config variable
option name 'radiuslocationname'
option title 'Option radiuslocationname'
option description ''
option section 'coovachilli.radius'
option datatype 'string'
config variable
option name 'radiusnasid'
option title 'Option radiusnasid'
option description ''
option section 'coovachilli.radius'
option datatype 'string'
config variable
option name 'radiusnasip'
option title 'Option radiusnasip'
option description ''
option section 'coovachilli.radius'
option datatype 'ip4addr'
config variable
option name 'radiussecret'
option title 'Option radiussecret'
option description ''
option section 'coovachilli.radius'
option datatype 'string'
config variable
option name 'radiusserver1'
option title 'Option radiusserver1'
option description ''
option section 'coovachilli.radius'
option datatype 'host'
config variable
option name 'radiusserver2'
option title 'Option radiusserver2'
option description ''
option section 'coovachilli.radius'
option datatype 'host'
config section
option name 'proxy'
option title 'Section proxy'
option description ''
option package 'coovachilli'
option unique true
option required true
config variable
option name 'proxyclient'
option title 'Option proxyclient'
option description ''
option section 'coovachilli.proxy'
option datatype 'ip4addr'
config variable
option name 'proxylisten'
option title 'Option proxylisten'
option description ''
option section 'coovachilli.proxy'
option datatype 'ip4addr'
config variable
option name 'proxyport'
option title 'Option proxyport'
option description ''
option section 'coovachilli.proxy'
option datatype 'port'
config variable
option name 'proxysecret'
option title 'Option proxysecret'
option description ''
option section 'coovachilli.proxy'
option datatype 'string'
config section
option name 'remoteconfig'
option title 'Section remoteconfig'
option description ''
option package 'coovachilli'
option unique true
option required true
config variable
option name 'confpassword'
option title 'Option confpassword'
option description ''
option section 'coovachilli.remoteconfig'
option datatype 'string'
config variable
option name 'confusername'
option title 'Option confusername'
option description ''
option section 'coovachilli.remoteconfig'
option datatype 'string'
config section
option name 'uam'
option title 'UAM settings'
option description 'Unified Configuration Method settings'
option package 'coovachilli'
option unique true
option required true
config variable
option name 'uamanydns'
option title 'Allow any DNS server'
option description 'Allow any DNS server for unauthenticated clients'
option section 'coovachilli.uam'
option datatype 'boolean'
config variable
option name 'uamanyip'
option title 'Allow any IP address'
option description 'Allow clients to use any IP settings they wish by spoofing ARP (experimental)'
option section 'coovachilli.uam'
option datatype 'boolean'
config variable
option name 'dnsparanoia'
option title 'Inspect DNS traffic'
option description 'Inspect DNS packets and drop responses with any non- A, CNAME, SOA, or MX records to prevent dns tunnels (experimental)'
option section 'coovachilli.uam'
option datatype 'boolean'
config variable
option name 'nouamsuccess'
option title 'Do not redirect to UAM server'
option description 'Do not return to UAM server on login success, just redirect to original URL'
option section 'coovachilli.uam'
option datatype 'boolean'
config variable
option name 'nouamwispr'
option title 'Do not do WISPr'
option description 'Do not do any WISPr XML, assume the back-end is doing this instead'
option section 'coovachilli.uam'
option datatype 'boolean'
config variable
option name 'usestatusfile'
option title 'Use status file'
option description 'Write the status of clients in a non-volatile state file (experimental)'
option section 'coovachilli.uam'
option datatype 'boolean'
config variable
option name 'chillixml'
option title 'Use Chilli XML'
option description 'Return the so-called Chilli XML along with WISPr XML'
option section 'coovachilli.uam'
option datatype 'boolean'
config variable
option name 'uamui'
option title 'UAM user interface'
option description 'An init.d style program to handle local content on the uamuiport web server'
option section 'coovachilli.uam'
option datatype 'file'
config variable
option name 'uamallowed'
option title 'Allowed resources'
option description 'List of resources the client can access without first authenticating'
option section 'coovachilli.uam'
option datatype 'string'
option type 'list'
config variable
option name 'uamdomain'
option title 'Allowed domains'
option description 'Defines a list of domain names to automatically add to the walled garden'
option section 'coovachilli.uam'
option datatype 'string'
option type 'list'
config variable
option name 'uamhomepage'
option title 'UAM homepage'
option description 'URL of homepage to redirect unauthenticated users to'
option section 'coovachilli.uam'
option datatype 'string'
config variable
option name 'uamlisten'
option title 'UAM listening address'
option description 'IP address to listen to for authentication of clients'
option section 'coovachilli.uam'
option datatype 'host'
config variable
option name 'uamport'
option title 'UAM listening port'
option description 'TCP port to bind to for authenticating clients (default 3990)'
option section 'coovachilli.uam'
option datatype 'port'
config variable
option name 'uamiport'
option title 'UAM static content port'
option description 'TCP port to bind to for only serving embedded content'
option section 'coovachilli.uam'
option datatype 'port'
config variable
option name 'uamsecret'
option title 'UAM secret'
option description 'Shared secret between uamserver and chilli'
option section 'coovachilli.uam'
option datatype 'string'
option required true
config variable
option name 'uamserver'
option title 'UAM server'
option description 'URL of web server to use for authenticating clients'
option section 'coovachilli.uam'
option datatype 'string'
config variable
option name 'uamlogoutip'
option title 'UAM logout IP'
option description 'Use this IP address to instantly logout a client accessing it (defaults to 1.1.1.1)'
option section 'coovachilli.uam'
option datatype 'ip4addr'
config variable
option name 'wisprlogin'
option title 'WISPr login url'
option description 'Specific URL to be given in WISPr XML LoginURL'
option section 'coovachilli.uam'
option datatype 'string'
config variable
option name 'defsessiontimeout'
option title 'Default session timeout'
option description 'Default session timeout unless otherwise set by RADIUS (defaults to 0)'
option section 'coovachilli.uam'
option datatype 'uint'
config variable
option name 'defidletimeout'
option title 'Default idle timeout'
option description 'Default idle timeout unless otherwise set by RADIUS (defaults to 0)'
option section 'coovachilli.uam'
option datatype 'uint'
config variable
option name 'definteriminterval'
option title 'Default interim interval'
option description 'Default interim-interval for RADIUS accounting unless otherwise set by RADIUS (defaults to 0)'
option section 'coovachilli.uam'
option datatype 'uint'
config variable
option name 'wwwdir'
option title 'Web content directory'
option description 'Directory where embedded local web content is placed'
option section 'coovachilli.uam'
option datatype 'directory'
config variable
option name 'wwwbin'
option title 'CGI program'
option description 'Executable to run as a CGI type program (like haserl) for URLs with extention .chi'
option section 'coovachilli.uam'
option datatype 'file'
config variable
option name 'localusers'
option title 'Local users file'
option description 'A colon seperated file containing usernames and passwords of locally authenticated users'
option section 'coovachilli.uam'
option datatype 'file'
config variable
option name 'postauthproxy'
option title 'Post auth proxy'
option description 'Used with postauthproxyport to define a post authentication HTTP proxy server'
option section 'coovachilli.uam'
option datatype 'file'
config variable
option name 'postauthproxyport'
option title 'Post auth proxy port'
option description 'Used with postauthproxy to define a post authentication HTTP proxy server'
option section 'coovachilli.uam'
option datatype 'file'
config variable
option name 'locationname'
option title 'Location name'
option description 'Human readable location name used in JSON interface'
option section 'coovachilli.uam'
option datatype 'file'
|
