This is part four of the series on setting up ChilliSpot with FreeRadius, using MySQL, on Tomato.
The final part is to get ChilliSpot running on the Tomato router, which includes modifying its firewall to block packets.
The first step tonight is to modify the firewall script. Tomato is a bit different in how the firewall is setup.
Open the file in the network share, etc/firewall.openwrt with your favourite editor.
We only need to make a few changes to this file for tomato to work.
The file starts with defining the WANIF. This is generally needing to be changed to:
WANIF=`nvram get wan_ifname`
The next two lines:
WLANIF=”eth1″
LANIF=”br0″
.. are fine.
The definition of IPTABLES is correct, as “/usr/sbin/iptables”
Delete the next 4 lines, which are:
for T in filter nat mangle ; do
$IPTABLES -t $T -F
$IPTABLES -t $T -X
done
The next lines change the behaviour of the firewall, let’s not confuse anyone, and leave them alone.
The next lines are all OK, to the point where we get to the end, which is Enable Nat on the output device.
It’s generally already enabled, so delete that line from the file, save the file.
Now, with that done, we are all set to set to start the application on the router.
We start with:
/cifs1/usr/sbin/chilli –conf=/cifs1/etc/chilli.conf
And, unfortunately, with debug on, we get:
ChilliSpot version 1.0RC3 started.
chillispot[5490]: tun.c: 673: 2 (No such file or directory) open() failed
chillispot[5490]: chilli.c: 3437: Failed to create tun
What is the issue here is, we need to get the tun.o module loaded for this kernel. I’ve tried loading one from a different kernel, in the hour I’ve taken since starting this post, to now, to find out, and unfortunately, we’ve hit a deadend.
We can alternatively, recompile the firmware with mknod support, and that should set us on the right track to running ChilliSpot on Tomato.
Either way, that’s a very time consuming operation. If anyone has a tun.o module for the 2.4.20 kernel, I’m keen to get my hands on it and give that a go.
I’ve also asked Tomato’s developer if he was able to provide some input.
The task of recompiling the firmware involves downloading the Tomato Source, done.
Downloading a 180MB Linksys Source file, not done.
And having a feel around to find out what we need to fix to make ChilliSpot run on Tomato’s OS.
Hopefully we get some more information on this soon, and I can finish this off.
Believe it or not, the total time this blog post took was 2 hours, and around 90 minutes of that was spent researching and finding a tun.o module.
You can always look at Open WRT, but you lose the decent QoS that Tomato offers.
Maybe a merge of the both would be ideal? Not sure what we are up for, will certainly look when I get time to open this up again!
Enjoy!
3 Responses to Setting up ChilliSpot with FreeRadius on Tomato Part IV