mini HOWTO set up Hotcakes

Dirk van der Walt

dirkvanderwalt at gmail dot com 2007-05-14 Revision History
Revision 0.1 2007-05-14 Revised by: DK rst draft Revision 0.2 2007-05-23 Revised by: DK rst release Revision 0.3 2007-05-25 Revised by: DK Fix typo, add Feisty appendix Revision 0.4 2007-05-30 Revised by: DK Add warning about sql_conter position (TX Troy :)!) Revision 0.5 2007-06-04 Revised by: DK Add links to sample freeRADIUS les add Appendix for PHP Login script Revision 0.6 2007-08-20 Revised by: DK Add documentation on the rlm Perl script and graphs. Updated info on versions and locations of software. Revision 0.7 2007-11-05 Revised by: DK Major rework to feature Feisty Fawn, new appendix and quick FreeRADIUS setup.

Quick setup of a Hotcakes 802.11 hotspot.

1. Introduction
This document should be used when you want to get a Hotcakes/ChilliSpot 802.11 hotspot up and running as soon as possible. It is kept terse and to the point. Please refer to the other documents on Hotcakes in order to gain better knowledge of the setup once you have it up and running. The document will be divided into parts. Once you completed a part, and are sure it works as intended, you can continue to the next one.

mini HOWTO set up Hotcakes

1.1. Feedback
Feedback is most certainly welcome for this document. Send your additions, comments and criticisms to the following email address : <dirkvanderwalt at gmail dot com>.

1.2. What you will need.

Table 1. Items required to setup the 802.11 hotspot Item A modern GNU Linux Machine Two Ethernet network cards A WiFi Access Point Comment This document will use Ubuntu Feisty Fawn (7.04) One network card connects to the Internet. The other to an Access Point This can be any type. NOT running a DHCP server.

Please refer to the following diagram to see how everything should t together.

Figure 1. Hardware Setup. We show a scematic how the hardware ts together.

Once you collected the above ingredients, you can jump right in.

2. Watch Out!
When I tested this document against Ubuntu I run into various problems. I would also like to thank all those who gave feedback on previous versions of this document, since this helped to conrm some issues. The problems are listed at the beginning of the document in order for you to avoid it right from the start.

2.1. Ubuntu Gutsy Gibbon (7.10)

This release of Ubuntu has various bugs. The Free Radius that ships with it (1.1.6) is broken. Avoid this release for now.

mini HOWTO set up Hotcakes

2.2. Free Radius version 1.1.7

The latest stable release of Free Radius as of this writing. Sometimes it does not want to compile on Ubuntu Feisty Fawn (7.04). Installing libltdl3-dev cleared this problem but introduced a bigger one which causes Free Radius not to startup. You are advised to use Free Radius version 1.1.6.

2.3. Perl Linker problems

On Ubuntu Gutsy Gibbon (7.10) and those Free Radius (version 1.1.6 and 1.1.7) which I compiled on Ubuntu Feisty Fawn (7.04) I got the following error when starting Free Radius.

perl: func_stop_accounting = "(null)" Cant load /usr/lib/perl/5.8/auto/POSIX/POSIX.so for module POSIX: /usr/lib/perl/5.8/auto/

The perl module of Free Radius was not able to nd other Perl modules. After I removed libltdl3-dev, the problem was cleared.

Warning
Before you continue, issue to following command just to be sure.
apt-get remove libltdl3-dev

3. Congure Hotcakes as a LAMP Application

Hotcakes is a standard LAMP (Linux Apache Mysql PHP) web application which makes use of the CakePHP framework. This section assumes a plain Ubuntu Feisty Fawn (7.04) install (server or desktop). You will be taken through the steps to get Hotcakes running on it.

mini HOWTO set up Hotcakes

3.1. Installing the required packages

You need to have a working LAMP stack. Install the following packages for this:

sudo apt-get install apache2-mpm-prefork php5 php5-mysql mysql-server-5.0 mysql-client-5.0

If you dont know how to install these packages on Ubuntu, please visit the InstallingSoftware (https://help.ubuntu.com/community/InstallingSoftware) page for more information.

Warning
The package php5-mysql did not install correct on several of my machines.

To x this, run
sudo dpkg-reconfigure php5-mysql

from the command line.

This alters the /etc/php5/apache2/php.ini le to include the php-mysql module.

Reload Apache with the sudo /etc/init.d/apache2 reload command.

3.2. Installing CakePHP

Hotcakes makes use of the CakePHP framework of PHP classes. You should download the latest stable version Here (http://www.cakephp.org/downloads) (Version 1.1.18.5850 as of this writing) Untar it in the directory from which the Apache web server is serving. (/var/www in Ubuntu)
sudo cp /home/jo_blob/cake_1.1.18.5850.tar.gz /var/www/ cd /var/www sudo tar -xzvf cake_1.1.18.5850.tar.gz sudo ln -s cake_1.1.18.5850 cake

There are a few tweaks Apache and php need before CakePHP will work correct. Make sure you add the following to the /etc/apache2/apache2.conf le:
<Directory /var/www/cake> AllowOverride All </Directory>

mini HOWTO set up Hotcakes Edit the following line in the /etc/php5/apache2/php.ini le: Change
output_buffering = Off

To
output_buffering = 4096

Enable the rewrite Apache module and reload Apaches conguration

sudo a2enmod rewrite sudo /etc/init.d/apache2 reload

3.3. Installing Hotcakes

CakePHP can have various applications which make use of its framework. Hotcakes is such an application. These applications each gets installed under the /var/www/cake directory. Untar the Hotcakes tarball under the /var/www/cake directory. Change the owner of the /var/www/cake/hotcakes/tmp directory and its contents to that of the user running Apache.
sudo chown -R www-data. /var/www/cake/hotcakes/tmp

Change /var/www/cake/hotcakes/webroot/generated to be writable in order for the graphs to be created.

sudo chmod 777 /var/www/cake/hotcakes/webroot/generated

You should now be able to get to the hotcakes page, but still need to setup the database.

mini HOWTO set up Hotcakes

3.4. Congure the database

You need to create a database called radius and allow access to it for a username / password combination. It is good practice to change the default username / password combination. This can be changed inside the /var/www/cake/hotcakes/cong/database.php le. These sample commands assume the defaults.
mysql -u root create database radius; GRANT ALL PRIVILEGES ON radius.* to radius@127.0.0.1 IDENTIFIED BY radius; GRANT ALL PRIVILEGES ON radius.* to radius@localhost IDENTIFIED BY radius; exit; mysql -u root radius < /var/www/cake/hotcakes/db/radius.sql

3.5. Log Into Hotcakes

Everything on the LAMP side should now be up and running. Hotcakes has three levels of users. Go to the http://127.0.0.1/cake/hotcakes (http://127.0.0.1/cake/hotcakes/) page. You have a choice of the role under which you want to log on. The following users are created by default for each of the roles. Table 2. Roles and default users for each Role Admin Cashier Cashier Client Client Client Username root chuck gene alee alee@bigburger alee@kofehuis Password admin berry vincent alee alee alee

mini HOWTO set up Hotcakes

Warning
Be sure to change the admin password! To change it, log in as role Admin and go to Settings -> Admin Password.

4. Congure Free Radius to use Hotcakes

Now that you have the Hotcakes LAMP side of your 802.11 hotspot working we can continue by setting up Free Radius. Hotcakes does not just use any version of Free Radius.

Warning
Hotcakes needs version 1.1.4 or above of Free Radius. Version 1.1.6 is recommended. Version 1.1.7 can cause problems.

I know you might be tempted by just installing the version that comes standard with Ubuntu, but then you are in for a half baked solution. This half baked solution will not be able to do proper book keeping of quotas for time or data (bytes).
Note: As a technical note, I experienced problems with data quotas even with the latest Free Radius. Thus, this guide will show you how to use a custom Perl script to do proper book-keeping in conjunction with the latest compiled version of Free Radius.

4.1. Compiling Free Radius

Before you compile version 1.1.6 of Free Radius, ensure the following packages are installed. They ensure that Free Radius can use the Perl and MySQL modules.

sudo apt-get install build-essential libmysqlclient15-dev libperl-dev

mini HOWTO set up Hotcakes If you dont know how to install these packages on Ubuntu, please visit the InstallingSoftware (https://help.ubuntu.com/community/InstallingSoftware) page for more information. You can download the latest version of Free Radius Here (http://www.freeradius.org/getting.html) (version 1.1.7 as of this writing)
tar -xzvf freeradius-1.1.6.tar.gz cd freeradius-1.1.6 ./configure make sudo make install

This will install Free Radius in the /usr/local directory. You can test to see if Free Radius works by issuing the following command:
sudo /usr/local/sbin/radiusd -X

This will start Free Radius in debug mode ( To stop it -> Ctrl+c).

4.2. Congure Free Radius the quick way

Rather than going through the setup of Free Radius step by step, we take the shorter route. Copy the sample les
sudo sudo sudo sudo sudo sudo sudo sudo cp cp cp cp cp cp cp cp /var/www/cake/hotcakes/db/radius/dictionary /usr/local/etc/raddb /var/www/cake/hotcakes/db/radius/proxy.conf /usr/local/etc/raddb /var/www/cake/hotcakes/db/radius/radiusd.conf /usr/local/etc/raddb /var/www/cake/hotcakes/db/radius/rlm_perl.pm /usr/local/etc/raddb /var/www/cake/hotcakes/db/radius/sql.conf /usr/local/etc/raddb /var/www/cake/hotcakes/db/radius/sqlcounter.conf /usr/local/etc/raddb /var/www/cake/hotcakes/db/radius/users /usr/local/etc/raddb /var/www/cake/hotcakes/db/radius/dictionary.chillispot /usr/local/share/freeradius

Change the permissions and ownership.

sudo chown www-data. /usr/local/etc/raddb/proxy.conf sudo chmod 644 /usr/local/etc/raddb/dictionary

4.3. Specifying the paths used by Hotcakes

Hotcakes needs to know the location of les or directories. You need to verify that they are correct.

mini HOWTO set up Hotcakes You can change these settings by going to the following page as the Admin Settings -> Paths & Misc. Table 3. Please verify the following Item path_to_dictionary_les main_dictionary_le location_of_radscenario radius_proxy_le Value /usr/local/share/freeradius/ /usr/local/etc/raddb/dictionary /var/www/cake/hotcakes/webroot/les/radscenario_wip /usr/local/etc/raddb/proxy.conf

Tip: When you deviate from this standard install, you may have to tweak the radscenario_wip le a bit. It is a Perl script.

4.4. Testing the waters

Now you just need to restart Free Radius again, and then you can select any of the existing users in Hotcakes, click on its view action (The magnifying glass), and select the Testing tab. Here you can select to test plain authentication, or authentication and accounting. Depending on the users prole, you will see how each time the accounting gets added, the users cap gets depleted in the feedback.

4.5. Making things permanent

We need to ensure Free Radius will start-up each time when the machine is rebooted.
sudo cp /usr/local/sbin/rc.radiusd /etc/init.d/radiusd sudo ln -s /etc/init.d/radiusd /etc/rc2.d/S80radiusd

This brings us to the last section, which will set up ChilliSpot. After that is completed, we will have a working hotspot.

mini HOWTO set up Hotcakes

5. Congure ChilliSpot to use Free Radius

This section takes a lot from a document which can be found Here (http://global.freifunk.net/item/chillispot_howto). Many thanks to the author for making things clear to me.

5.1. Description of ChilliSpot

Before you install ChilliSpot you may need to know what it will be up to. This is a brief introduction to ChilliSpot. The goal is to setup a gateway that will force users to login (via a captive portal web-page). The machine containing ChilliSpot should have 2 network interfaces (we will use eth0 and eth1 in our example). Eth0 is connected to the Internet. Eth1 is an internal interface THROUGH which our other machines will connect to the Internet. We can connect a switch to Eth1. To this switch we can attach a number of other machines or wireless Access Points (layer 2 transparent bridges). ChilliSpot runs a program called chilli which takes control of the internal interface (eth1) using a vtun kernel module to bring up a virtual interface (tun0). In fact the vtun kernel module is used to move IP packets from the kernel to user mode, in such a way that ChilliSpot can function without any non-standard kernel modules. ChilliSpot then sets up a DHCP server (this can be disabled from the ChilliSpot conf le) on the tun0 interface. A client connecting to this interface has all packets rejected until it is authorized though the ChilliSpot login page (acting as a supplicant for authentication). When a non-authenticated client tries to connect to a web-page (on port 80 or 443) the request is intercepted by chilli and redirected to a perl-script called hotspotlogin.cgi (served by Apache over https). hotspotlogin.cgi serves a page to the end-user with a username and password eld. These authentication data are then forwarded to the Free Radius server, which matches them with information in its backend (using either PAP or CHAP). The backend in this case is MySQL, but could be any number of services such as LDAP, Kerberos, unix passwd les or even Active Directory (probably). A user is then either rejected or authenticated by Free Radius, prompting hotspotlogin.cgi to present either a rejection message or a page with a success message and a logout link to the user.

10

mini HOWTO set up Hotcakes

5.2. Compiling ChilliSpot

5.2.1. The state of ChilliSpot
ChilliSpot is back! As of this writing you can grab ChilliSpot here (http://www.chillispot.info).
Note: A VERY BIG Thank You for those involved in the recreation of our favourite Captive Portals website.

Alternatively CoovaChilli (http://coova.org/wiki/index.php/CoovaChilli) is available which includes a few enhancements. The plan was to document the use of CoovaChilli instead of ChilliSpot here, but Ive decided against it. I would rather create a recipe in the Cookbook dedicated to CoovaChilli, since it has lots of enhancements. It has been reported that the original ChilliSpots cong le does work perfect with CoovaChilli. Grab the latest release of ChilliSpot and do the following:
tar -xzvf chillispot-1.1.0.tar.gz cd chillispot-1.1.0 ./configure make sudo make install

This will install ChilliSpot in the /usr/local directory.

5.3. Setup SSL on Apache

For security reasons we want to present the login page only via an encrypted (https) connection, so we need to congure Apache to serve SSL encrypted pages. You need to install the openssl package, if it is not already installed.
sudo apt-get install openssl

Im not going to repeat documentation. This HOWTO Here (https://help.ubuntu.com/community/forum/server/apache2/SSL) will supply all required information to congure your SSL enabled website.

11

mini HOWTO set up Hotcakes

Note: 1. The rst step of the Apache SSL HOWTO here (https://help.ubuntu.com/community/forum/server/apache2/SSL) mentions the apache2-ssl-certicate command. This will be replaced by the following steps. The rest stay as is. 2.
sudo su HOST="my.apache.hostname.example.org" openssl genrsa -out $HOST.key openssl req -new -key $HOST.key -out $HOST.csr openssl x509 -req -days 368 -in $HOST.csr -signkey $HOST.key -out $HOST.cert mv $HOST.key /etc/ssl/private/ chmod 0400 /etc/ssl/private/$HOST.key mv $HOST.cert /etc/ssl/certs/

3. The ssl virtual host le now have to specify these les we have just created.

Replace
SSLEngine On SSLCertificateFile /etc/apache2/ssl/apache.pem

With
SSLEngine On SSLProtocol +all SSLCiphersuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificatefile /etc/ssl/certs/my.apache.hostname.example.org.cert SSLCertificatekeyfile /etc/ssl/private/my.apache.hostname.example.org.key

5.4. Congure the Login Page

Tip: If you fancy a more fancy login script, see Appendix A to use a PHP Login script.

There are some important les which you will nd inside the doc directory situated below the chillispot-1.1.0 directory created when you extract the chillispot-1.1.0.tar.gz le. Copy the hotspotlogin.cgi le to the directory dened for CGI scripts in Apache.
sudu mkdir /usr/lib/cgi-bin sudo cp /(where_you_extracted_chillispot_to)/doc/hotspotlogin.cgi /usr/lib/cgi-bin/ sudo chmod +x /usr/lib/cgi-bin/hotspotlogin.cgi

12

mini HOWTO set up Hotcakes Be sure the following two lines in /usr/lib/cgi-bin/hotspotlogin.cgi are congured. Please change the secret value to something difcult.
# Shared secret used to encrypt challenge with. Prevents dictionary attacks. # You should change this to your own shared secret. $uamsecret = "ht2eb8ej6s4et3rg1ulp"; # Uncomment the following line if you want to use ordinary user-password # for radius authentication. Must be used together with $uamsecret. $userpassword=1;

5.5. Routing and the Firewall

Eth0 should be active while Eth1 should not be congured. You can use a xed IP or DHCP address on Eth0. To verify that Eth1 in not congured, go to System->Administration->Networking. To disable an interface, select it, select Properties and de-select Enable this connection. ChilliSpot will use Eth1 to create a virtual tunnel on top of it, so it must not be congured. You need to enable the routing of IP packets between the two network interfaces (eth0 and eth1). To enable this you need to make sure the /etc/sysctl.conf le contains the following:
# Uncomment the next line to enable packet forwarding for IPv4 net.ipv4.conf.default.forwarding=1

This will enable routing between the network interfaces.

Tip: Sometimes this does not activate the routing, and youll have to then brute force it with:
net.ipv4.ip_forward = 1

You also need to secure your 802.11 hotspot from the outside world. There is a sample rewall script rewall.iptables which you can use. Please look inside it to ensure it is according to your setup. (your network interfaces may differ from it) You may also want to add extra rules to open certain incoming ports.
sudo cp /(where_you_extracted_chillispot_to)/doc/firewall.iptables /etc/init.d/ sudo ln -s /etc/init.d/firewall.iptables /etc/rcS.d/S40firewall.iptables

This will ensure that the rewall is up and running during startup.

13

mini HOWTO set up Hotcakes

5.6. Setup chillis conguration

ChilliSpot by default will look for the le called chilli.conf inside the /etc directory upon startup. Again there is a sample one inside the doc directory which you should use.
sudo cp /(where_you_extracted_chillispot_to)/doc/chilli.conf /etc/chilli.conf

Be sure you check and specify the following list of items inside this le

Table 4. Important parameters to specify or verify Parameter uamserver uamhomepage uamsecret uamallowed radiusserver1 radiusserver2 radiussecret dhcpif Comment https://192.168.182.1/cgi-bin/hotspotlogin.cgi http://192.168.182.1/cake/hotcakes/welcome/login_page.html (same as value specied in hotspotlogin.cgi) Specify the DNS servers dened on your machine 127.0.0.1 127.0.0.1 testing123 eth1 (the network interface NOT on the Internet)

It is important to verify what the DNS servers are that your machine uses. Go to System->Administration->Networking to specify or verify them. ChilliSpot will specify them (if not exclusively specied in /etc/chilli.conf) to clients requesting DHCP IP addresses. You need to allow trafc through to these DNS servers even BEFORE a client machine is authenticated in order to resolve domain names to IP address numbers. This is why they need to be specied in the uamallowed list. The uamhomepage is typically where you will inform clients about your mega, ultra, supa cool hotspot. Please edit this le to suit your needs. This is the rst page they will be greeted with - rst impressions :).

5.7. Startup script for ChilliSpot

The startup script included with ChilliSpot is not suitable for Ubuntu. You can use the following one. Create a le called chillispot inside the etc/init.d directory.
#!/bin/sh #

14

mini HOWTO set up Hotcakes

# chillispot Start the chilli daemon. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 # # Copyright (C) 2007 Hotcakes prefix=/usr/local exec_prefix=${prefix} sbindir=${exec_prefix}/sbin localstatedir=${prefix}/var rundir=/var/run/ sysconfdir=${prefix}/etc export LD_LIBRARY_PATH LD_RUN_PATH LD_PRELOAD CHILLID=$sbindir/chilli DESC="Chillispot" #ARGS="" #To allow hotcakes to disconnect a user ARGS="--coaport 3799" test -f $CHILLID || exit 0 test -f /etc/chilli.conf || exit 0 case "$1" in start) echo -n "Starting $DESC:" $CHILLID $ARGS echo "chillispot" ;; stop) [ -z "$2" ] && echo -n "Stopping $DESC: " [ -f $rundir/chilli.pid ] && kill -TERM cat $rundir/chilli.pid [ -z "$2" ] && echo "chillispot." ;; restart) sh $0 stop quiet sleep 3 sh $0 start ;;

USA

15

mini HOWTO set up Hotcakes

*) echo "Usage: /etc/init.d/chillispot {start|stop|restart}" exit 1 esac exit 0

Then you need to enable it during start up

sudo chmod +x /etc/init.d/chillispot sudo ln -s /etc/init.d/chillispot /etc/rcS.d/S90chillispot

6. See Everything in action.

Tip: Now is a good time to give your machine a reboot. You can then verify that all services which was suppose to start did start.

You may want to start Free Radius and ChilliSpot in the foreground rst to make sure it works as intended. This is also handy when you troubleshoot. When things does not seem to work as they should, it is better to see which component may not work as expected. The way to do this is to start ChilliSpot and Free Radius in the foreground and in debug mode.
Tip: Remember to make sure ChilliSpot and Free Radius are NOT already running before you start them in debug mode. (sudo /etc/init.d/freeradius stop AND sudo /etc/init.d/chillispot stop)

Open two terminals and issue the following commands in them. To start Free Radius
sudo /usr/sbin/radiusd -X

To start ChilliSpot
sudo /usr/local/sbin/chilli --debug --fg

You can now try and connect through the Access Point (with its own DHCP server turned off). You should see how ChilliSpot hands out an IP Address to the client machine, (a 192.168.182.x address)

16

mini HOWTO set up Hotcakes Try and go onto the Internet trough a browser (remember NO proxy - direct connection to the Internet). You should be redirected to the welcome page (http://192.168.182.1/cake/hotcakes/welcome/login_page.html). There is a link to the login page http://192.168.182.1:3990/prelogin. Log in with a username / password combination dened in Hotcakes You should now see how Free Radius does its magick and gives ChilliSpot the feedback that you are allowed to go in. ChilliSpot will open the network gate for you, and you should be able to go into the Internet. Check how the web pages served by Hotcakes reect this in almost real time. (You may want to log off and on again from the client machine)

A. PHP login script Appendix

This section mentions the things you have to do in order to use the modied GoLogin script as the login script.

A.1. GoLogin (modied)

The GoLogin PHP script is an alternative to the standard hotspotlogin.cgi script which comes standard with ChilliSpot. It is more smooth on the eye, and includes style sheets etc. Many thanks to everyone involved in its development. Ive made a few tweaks in order for it to work with Hotcakes. This appendix will show how to get it implemented instead of the standard hotspotlogin.cgi script. 1. Specify the location of the GoLogin script in /etc/chilli.conf.
uamserver https://192.168.182.1/cake/hotcakes/welcome/go/

2. Please verify the following conguration items inside the /var/www/cake/hotcakes/webroot/welcome/lib/cong.php le.
// Set this to the base url of your login website. // for example: "https://wireless_login.mysite.com/" define(BASE_URL, https://192.168.182.1/cake/hotcakes/welcome/go/); // Shared secret used to encrypt challenge with. Prevents dictionary // attacks. You should change this to your own shared secret. // NOTE: This should match chilli.confs uamsecret. define(UAMSECRET, ht2eb8ej6s4et3rg1ulp);

If you used values other than default, you may have to tweak it in this le.

17

mini HOWTO set up Hotcakes Please change the secret value to something difcult. This has to be the same as the value specied in etc/chilli.conf. 3. You may want to change the logo displayed on the login page. This is the wireless_logo.png le under /var/www/cake/hotcakes/webroot/welcome/go/. 4. This login page is now available in four languages. You can alter the language with the following setting.
// With which language shall I talk to you? // available: en, de, pt_BR, af $lg = en;

You are encouraged to ask you customers to click on the Bookmark link on the login page. This will make it easy for them to get back to the login page if they closed the pop-up window by accident. The tweaks which Ive added use Ajax to periodically fetch the latest stats about the users connection and display them in the pop-up page.

B. Easy URLs using a local DNS

This section helps you set up a local DNS server which can be used by ChilliSpot.

B.1. Why a local DNS

Wouldnt it be nice to tell your 802.11 hotspot users if they want to do a certain action, they can just type this cation in the address bar of their browser and they will be redirected to this actions page. Example, to login, type login, to exit type exit, to check your account type info. A local DNS server used by ChilliSpot will empower you to do just that. Lets start. 1. Install BIND on the server running Hotcakes.
Tip: You are not limited to have it on this server, in fact it can be on any server, you can even modify an existing DNS server.

sudo apt-get install bind9 dnsutils

18

mini HOWTO set up Hotcakes 2. Add the following to /etc/bind/named.conf.local.

# This is the zone definition. replace hotcakes.com with your domain name zone hotcakes.com { type master; file /etc/bind/zones/hotcakes.com.db; };

3. Edit the /etc/bind/named.conf.options le to contain the DNS servers of your ISP under the forwarders section.
forwarders { # Replace the address below with the address of your providers DNS server 123.123.123.123; };

4. Add the zone denition les.

sudo mkdir /etc/bind/zones touch /etc/bind/zones/hotcakes.com.db

Add content to hotcakes.com.db. You can localize it so the users do not have to enter the English words for the actions. Replace hotcakes.com with your domain name. Do not forget the . after the domain name! Also, replace ns1 with the name of your DNS server
hotcakes.com. IN SOA ns1.hotcakes.com. admin.hotcakes.com. ( 2007031001 28800 3600 604800 38400 ) hotcakes.com. IN NS ns1.hotcakes.com. ns1 IN A 192.168.182.1 login IN A 192.168.182.1 info IN A 192.168.182.1 exit IN A 192.168.182.1

5. Restart the BIND server.

sudo /etc/init.d/bind9 restart

6. Just point your ChilliSpot machines to this DNS server. If the machine you run ChilliSpot on are using THIS DNS server as THEIR DNS server, you may not need to change the chilli.conf le. If not you can either change it so the machine self uses this DNS server as its DNS server, or you can specify it in chilli.conf as the value for dns1 and dns2.
Tip: Remember the uamallowed value also may have to change.

19

mini HOWTO set up Hotcakes 7. You also need to modify the value of domain in chilli.conf to be the same as the domain you created the DNS zone for.
# TAG: domain # Domain name # Will be suggested to the client. # Normally you do not need to uncomment this tag. domain hotcakes.com

8. Finally you need to create an intelligent landing page. This page will see how it was called and redirect the client according to how it was called. If the page was called by info, the client will be redirected to login to their info page. If the page was called by exit they will be logged off the 802.11 hotspot A sample landing page is in /var/www/cake/hotcakes/db/index.php. Copy this to the /var/www directory of the server specied in your DNS zone le. You may have to ne tune it to suit your conguration.

B.1.1. How it works

When a client gets an IP address from ChilliSpot it also gets a default domain specied by the domain entry in chilli.conf. Lets assume we specied it as hotcakes.com When a client asks to browse to exit, in the background, the operating system asks the DNS server to resolve exit.hotcakes.com. We created a zone for hotcakes.com in the local DNS server, and can thus resolve the request. (EG 192.168.182.1)

Our client gets redirected to the index page of the web server. The web servers index page check what was requested and redirects accordingly.

Note: If you have system which makes use of a transparent proxy you must also ensure it can also resolve a name like exit to an IP address. I had to manually add this to the /etc/hosts le on a OpenWRT Access Point. I also had to ne tune the /etc/tinyprox/tinyproxy.conf le. YMMV!

20

mini HOWTO set up Hotcakes

C. Translating Hotcakes to your native tongue

How to go about to create an extra language for Hotcakes.

C.1. Multi Language support

Hotcakes Beta-5 has is a new feature which enables you to translate Hotcakes in your native language. The default is English. Your language may already be included, but if not, heres the steps you could follow to implement it. We will take the Afrikaans language as a sample. 1. Ensure the locale package of the language installed. This will typically be a package like language-pack-af for Afrikaans. 2. To conrm, you can check the name of the locale under the /usr/lib/locale directory. The Afrikaans one is shown as af_ZA.utf8. 3. This will be used in the links which cause the language to change. You change the link by giving the locale string as an parameter to the /cake/hotcakes/landing_pages/set_language page. To set the language to Afrikaans, a link will look like this: href="/cake/hotcakes/landing_pages/set_language?language=en_ZA.utf8" 4. The le containing all the translatable phrases (messages.po) is situated under /var/www/cake/hotcakes/plugins/locale. The different languages are in their respective folders under the locale folder (without the .utf8). See the existing ones as reference, and remember msgfmt to generate the messages.mo le.

21

mini HOWTO set up Hotcakes 5. If your install is not under /var/www/cake please edit the hotcakes/app_controller.php le to reect the current location. (value of $locale_location) 6. You may want to add menu entries for this language.
/var/www/cake/hotcakes/webroot/files/menu_cashier.php /var/www/cake/hotcakes/views/layouts/default.thtml /var/www/cake/hotcakes/views/layouts/client.thtml /var/www/cake/hotcakes/webroot/files/menu.php

7. Flags are under /var/www/cake/hotcakes/webroot/img/ags.

Tip: You are also encouraged to donate the translation back to the Hotcakes project for integration.

22