Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to use ipwhitelist option? #550

Open
lyt0112 opened this issue Jun 10, 2022 · 8 comments
Open

How to use ipwhitelist option? #550

lyt0112 opened this issue Jun 10, 2022 · 8 comments

Comments

@lyt0112
Copy link

lyt0112 commented Jun 10, 2022

Hi All
I can't find any documents from internet.
I want to add some IPs into whitelist and make the IPs bypass the Captive Portal.
I want the IPs can access internet directly without authenticating username/password.
Or any other option can reach my requirement?
@cheseremtitus24
Copy link

Edit the /etc/chilli/config
Add the ips like so
HS_UAMALLOW=*wikipedia.org,10.1.0.1,64.4.250.39,scholar.google.com

Notice no spaces in between

For walled garden domains such as paypal add them as shown below

HS_UAMDOMAINS=.paypal.com,.paypalobjects.com

@lyt0112
Copy link
Author

lyt0112 commented Jun 14, 2022

@cheseremtitus24
Thanks for the reply..

I've tried HS_UAMALLOW but it can not work

About my requirement, for example , I want my PC 192.168.1.100 not pop up captive portal and can access internet to access any web without any limits, but other 192.168.1.x in 192.168.1.0/24 all pop up captive portal and then authenticate with username/password.

@cheseremtitus24
Copy link

The coova chilli implementation of walled domains does not offer excemptions for nodes that are in the same subnet. The only device that is not affected by the captive portal is the UAMLISTEN IP that hosts the UAMUI portal.
For your sake you can research more on the json interface and implement a javascript code that automatically authenticates the said matched IP-addess and performs an autologin using PAP.

I'm still yet to grasp how to implement a logon using json. But that's what I am researching on. If I manage to figure it out I'll post back.

@lyt0112
Copy link
Author

lyt0112 commented Jun 14, 2022

@cheseremtitus24
Thanks for the suggestion,I will research about how to authenticates automatically.

@cheseremtitus24
Copy link

checkout this: https://sourceforge.net/p/hotcakes/wiki/Coova%20Chilli%20JSON%20Interface/

@lyt0112
Copy link
Author

lyt0112 commented Jun 15, 2022

checkout this: https://sourceforge.net/p/hotcakes/wiki/Coova%20Chilli%20JSON%20Interface/

I am trying to make my requirement work by radiusd.
If not work,I will try the link...thanks

@NeatBoar
Copy link

NeatBoar commented Jul 14, 2022
edited
Loading

For such case I use spesial file:
# grep whitelist /usr/local/etc/chilli.conf
include /usr/local/etc/chilli/whitelist.conf

which contains:
# cat /usr/local/etc/chilli/whitelist.conf
uamallowed 192.168.0.1/32

I dont remember why I started to use the file, maybe because HS_UAMALLOW didn't work for me either.

@rexy74
Copy link

rexy74 commented Jul 24, 2022

In the ALCASAR project (https://alcasar.net), we also use such special files.
/etc/chilli.conf :
include /usr/local/etc/alcasar-uamallowed
include /usr/local/etc/alcasar-uamdomain

/usr/local/etc/alcasar-uamallowed :
uamallowed="192.168.10.21"
uamallowed="172.16.1.0/24"
...
/usr/local/etc/alcasar-uamdomain :
uamdomain=".clamav.net"
uamdomain=".mozilla.org"
uamdomain=".cnd.mozilla.net"
...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@NeatBoar @rexy74 @lyt0112 @cheseremtitus24