Fumaça Data Springs/Anexo técnico

De wiki da nuvem
< Fumaça Data Springs
Revisão de 18h10min de 20 de janeiro de 2016 por B (Discussão | contribs) (Instalação do portal de controle de acesso)

Ir para: navegação, pesquisa


IPs para Fumaça e Porto Real: ( a

  • 2a00:1508:a57:8900::ad:a3f1 salao
  • 2a00:1508:a57:8900::ad:a1b7 igrejinha
  • 2a00:1508:a57:8900::ad:a47b moiados
  • 2a00:1508:a57:8900::ad:a3c7 morrinho
  • 2a00:1508:a57:8900::ad:a1cc nebulosa
  • 2a00:1508:a57:8900::75:b655 torre
  • 2a00:1508:a57:8900::b8:66ee campinho
  • 2a00:1508:a57:8900::75:b6dc moacir

Para abrir um browser através do SSH (como se estivesse no servidor local)

  • ssh 2a00:1508:a57:8900::ad:a1b7 -D8080
  • chromium-browser --proxy-server=socks://localhost:8080

Instalação do portal de controle de acesso

Vá para o menu system -> software do libremesh Clique em atualizar lista de pacotes

Instalar pacote nodogsplash (no menu do libre-mesh)

Instalar pacote vale (no menu do libre-mesh)

Substitua o arquivo /etc/nodogsplash/nodogsplash.conf pelo listado abaixo (fazendo as devidas modificações nos IP e página de redirecionamento). O IP a ser usado é o do menu network -> interfaces, interface LAN (IPV4) (sem o /16). O range são os dois primeiros números, seguidos de .0.0/16. (ex se o ip é, o range é

GatewayInterface br-lan
GatewayInterfaceExtra bmx+
GatewayInterfaceExtra2 anygw

FirewallRuleSet authenticated-users {
     FirewallRule allow to

FirewallRuleSet users-to-router {                                                                           
 # Nodogsplash automatically allows tcp to GatewayPort,                                                     
 # at GatewayAddress, to serve the splash page.                                                             
 # However you may want to open up other ports, e.g.                                                        
 # 53 for DNS and 67 for DHCP if the router itself is                                                       
 # providing these services.                                                                                
    FirewallRule allow udp port 53                                                                          
    FirewallRule allow tcp port 53                                                                          
    FirewallRule allow udp port 67                                                                          
 # You may want to allow ssh, http, and https to the router                                                 
 # for administration from the GatewayInterface.  If not,                                                   
 # comment these out.                                                                                       
    FirewallRule allow tcp port 22                                                                          
    FirewallRule allow tcp port 80                                                                          
    FirewallRule allow tcp port 443                                                                         
# end FirewallRuleSet users-to-router                                                                       

FirewallRuleSet preauthenticated-users {
 # For preauthenticated users to resolve IP addresses in their initial
 # request not using the router itself as a DNS server,
 # you probably want to allow port 53 udp and tcp for DNS.
    FirewallRule allow tcp port 53	
    FirewallRule allow udp port 53
 # For splash page content not hosted on the router, you
 # will want to allow port 80 tcp to the remote host here.
 # Doing so circumvents the usual capture and redirect of
 # any port 80 request to this remote host.
 # Note that the remote host's numerical IP address must be known
 # and used here.  

     #change the IP for the address of the gateway router
     FirewallRule allow tcp port 80 to

# end FirewallRuleSet preauthenticated-users

EmptyRuleSetPolicy preauthenticated-users passthrough
EmptyRuleSetPolicy users-to-router passthrough

#change the IP for the address of the gateway router

#GatewayPort 80

MaxClients 500

ClientIdleTimeout 720

ClientForceTimeout 14400

#change the range for the ip range of your mesh network

BinVoucher "vale.sh"

ForceVoucher yes

EnablePreAuth yes

#change to the place where you want to redirect the users after login
RedirectURL http://www.quintanalibre.org.ar/portada

Edite o arquivo /etc/nodogsplash/htdocs/splash-vale.html para refletir as necessidades e contexto da sua comunidade e salve como splash.html (substituindo o splash.html que está no mesmo diretório). Manter o iframe, assim como form e os campos dentro dele.

Vá no menu system -> startup e mude o nodogsplash para enabled

Reinicie o roteador