$savemsg = "";
$warnmess = "";
dnsmasq_config();
rc_update_rcconf("dnsmasq", "enable");
rc_restart_service("dnsmasq");
} else {
$savemsg = "";
$warnmess = "";
rc_stop_service("dnsmasq");
}
}
}
if (isset($_POST['apply']) && $_POST['apply'] === "Apply changes") {
$savemsg = "";
$warnmess = "";
dnsmasq_config();
if (isset($config['dnsmasq']['enable'])) {
rc_update_rcconf("dnsmasq", "enable");
rc_restart_service("dnsmasq");
} else {
rc_stop_service("dnsmasq");
rc_update_rcconf("dnsmasq", "disable");
}
unlink("/var/run/dnsmasq.reload");
}
}
$pconfig['enable'] = isset($config['dnsmasq']['enable']) ? true : false;
$pconfig['extconfig'] = isset($config['dnsmasq']['extconfig']) ? true : false;
$pconfig['logging'] = $config['dnsmasq']['logging'];
$pconfig['noresolv'] = isset($config['dnsmasq']['noresolv']) ? true : false;
$pconfig['startadr'] = $config['dnsmasq']['startadr'];
function build()
{
$unix = new unix();
$sock = new sockets();
$php5 = $unix->LOCATE_PHP5_BIN();
$sysctl = $unix->find_program("sysctl");
$EnableChilli = $sock->GET_INFO("EnableChilli");
if (!is_numeric($EnableChilli)) {
$EnableChilli = 0;
}
$KernelSendRedirects = $sock->GET_INFO("KernelSendRedirects");
if (!is_numeric($KernelSendRedirects)) {
$KernelSendRedirects = 1;
}
$save = false;
$ChilliConf = unserialize(base64_decode($sock->GET_INFO("ChilliConf")));
$ChilliConf = GetInterfaceArray($ChilliConf);
$php = $unix->LOCATE_PHP5_BIN();
if (!isset($ChilliConf["HS_UAMFREEWEB"])) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} FreeWeb Login page is not set...\n";
}
}
if (!is_file("/var/www/c2/index.php")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Installing CakePHP\n";
}
shell_exec("/usr/share/artica-postfix/bin/artica-make APP_CAKEPHP >/dev/null 2>&1");
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} CakePHP done\n";
}
}
if (!is_file("/var/www/c2/yfi_cake/setup/coova_json/login.php")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} `/var/www/c2/yfi_cake/setup/coova_json/login.php no such file Installing YFI CakePHP\n";
}
shell_exec("/usr/share/artica-postfix/bin/artica-make APP_CAKEPHP >/dev/null 2>&1");
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} YFI CakePHP done\n";
}
}
if (!is_dir("/usr/share/coova_json")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} `/usr/share/coova_json` no such directory Installing Coova JSon\n";
}
shell_exec("/usr/share/artica-postfix/bin/artica-make APP_CAKEPHP >/dev/null 2>&1");
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Coova JSon done\n";
}
}
$unix->SystemCreateUser("chilli", "chilli");
$f[] = "include /etc/chilli/main.conf";
$f[] = "include /etc/chilli/hs.conf";
$f[] = "include /etc/chilli/local.conf";
$f[] = "ipup=/etc/chilli/up.sh";
$f[] = "ipdown=/etc/chilli/down.sh";
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Chilli: `/etc/chilli.conf` done\n";
}
file_put_contents("/etc/chilli.conf", @implode("\n", $f));
if (!is_numeric($ChilliConf["EnableSSLRedirection"])) {
$ChilliConf["EnableSSLRedirection"] = 0;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Building main configuration: {$ChilliConf["HS_LANIF"]} -> {$ChilliConf["HS_WANIF"]}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Listen.....: {$ChilliConf["HS_UAMLISTEN"]}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} DHCP.......: {$ChilliConf["HS_DYNIP"]}/{$ChilliConf["HS_DYNIP_MASK"]} ({$ChilliConf["HS_NETWORK"]})\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Proxy Port.: {$ChilliConf["SQUID_HTTP_PORT"]}\n";
}
$ldap = new clladp();
if (!is_numeric($ChilliConf["ENABLE_DHCP_RELAY"])) {
$ChilliConf["ENABLE_DHCP_RELAY"] = 0;
}
$t[] = "# -*- mode: shell-script; -*-";
$t[] = "#";
$t[] = "# Coova-Chilli Default Configurations. ";
$t[] = "# To customize, copy this file to /etc/chilli/config";
$t[] = "# and edit to your liking. This is included in shell scripts";
$t[] = "# that configure chilli and related programs before file 'config'. ";
$t[] = "";
$t[] = "";
$t[] = "###";
$t[] = "# Local Network Configurations";
$t[] = "# ";
$t[] = "";
if ($ChilliConf["HS_WANIF"] != null) {
$t[] = "HS_WANIF={$ChilliConf["HS_WANIF"]} # WAN Interface toward the Internet";
}
$t[] = "HS_LANIF={$ChilliConf["HS_LANIF"]}\t\t # Subscriber Interface for client devices";
$t[] = "HS_NETWORK={$ChilliConf["HS_NETWORK"]}\t # HotSpot Network (must include HS_UAMLISTEN)";
$t[] = "HS_NETMASK={$ChilliConf["HS_NETMASK"]} # HotSpot Network Netmask";
$t[] = "HS_UAMLISTEN={$ChilliConf["HS_UAMLISTEN"]} # HotSpot IP Address (on subscriber network)";
$t[] = "HS_UAMPORT=3990 # HotSpot UAM Port (on subscriber network)";
$t[] = "HS_UAMUIPORT=4990 # HotSpot UAM 'UI' Port (on subscriber network, for embedded portal)";
$t[] = "HS_NATANYIP=off";
//$t[]="HS_STATIP=off";
//$t[]="HS_STATIP_MASK=";
$t[] = "";
if ($ChilliConf["HS_DYNIP"] != null) {
$t[] = "HS_DYNIP={$ChilliConf["HS_DYNIP"]}";
}
if ($ChilliConf["HS_DYNIP_MASK"] != null) {
$t[] = "HS_DYNIP_MASK={$ChilliConf["HS_DYNIP_MASK"]}";
}
if ($ChilliConf["HS_DNS_DOMAIN"] != null) {
$t[] = "HS_DNS_DOMAIN={$ChilliConf["HS_DNS_DOMAIN"]}";
}
//$t[]="HS_STATIP={$ChilliConf["HS_STATIP"]}";
//$t[]="HS_STATIP_MASK={$ChilliConf["HS_STATIP_MASK"]}";
$t[] = "# DNS Servers";
$t[] = "HS_DNS1={$ChilliConf["HS_UAMLISTEN"]}";
$t[] = "HS_DNS2={$ChilliConf["HS_UAMLISTEN"]}";
DefaultSplash($ChilliConf);
if (!isset($ChilliConf["SQUID_HTTP_PORT"])) {
$ChilliConf["SQUID_HTTP_PORT"] = rand(45000, 65400);
$save = true;
}
if (!is_numeric($ChilliConf["SQUID_HTTP_PORT"])) {
$ChilliConf["SQUID_HTTP_PORT"] = rand(45000, 65400);
$save = true;
}
if (!isset($ChilliConf["SQUID_HTTPS_PORT"])) {
$ChilliConf["SQUID_HTTPS_PORT"] = rand(45000, 65400);
$save = true;
}
if (!is_numeric($ChilliConf["SQUID_HTTPS_PORT"])) {
$ChilliConf["SQUID_HTTPS_PORT"] = rand(45000, 65400);
$save = true;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Building DNSMasq settings\n";
}
dnsmasq_config();
if ($ChilliConf["EnableSSLRedirection"] == 1) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} SSL redirection is Active\n";
}
$t[] = "HS_UAMUISSL=on";
$t[] = "HS_REDIRSSL=on";
include_once dirname(__FILE__) . "/ressources/class.squid.inc";
$squid = new squidbee();
$t[] = $squid->SaveCertificate($ChilliConf["certificate_center"], false, false, true);
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} SSL redirection is inactive\n";
}
}
$ChilliConf["uamallowed"][$ChilliConf["HS_UAMFREEWEB"]] = true;
$ChilliConf["uamallowed"]["127.0.0.1"] = true;
$ChilliConf["uamallowed"][$ChilliConf["HS_WANIF_IP"]] = true;
$ip = new IP();
if ($ip->isIPAddress($ChilliConf["HS_DNS1"])) {
$ChilliConf["uamallowed"][$ChilliConf["HS_DNS1"]] = true;
}
if ($ip->isIPAddress($ChilliConf["HS_DNS2"])) {
$ChilliConf["uamallowed"][$ChilliConf["HS_DNS2"]] = true;
}
if ($ChilliConf["AD_SERVER"] != null) {
$ChilliConf["uamallowed"][$ChilliConf["AD_SERVER"]] = true;
}
while (list($num, $ligne) = each($ChilliConf["uamallowed"])) {
if (trim($num) == null) {
continue;
}
if (is_numeric($num)) {
continue;
}
$HS_UAMALLOW[] = $num;
}
if ($save) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Saving new configuration file...\n";
}
$NewArray = base64_encode(serialize($ChilliConf));
$sock->SaveConfigFile($NewArray, "ChilliConf");
}
$RADIUS_IP = "127.0.0.1";
if ($ChilliConf["RADIUS_IP"] != null) {
$RADIUS_IP = $ChilliConf["RADIUS_IP"];
}
if (!is_numeric($ChilliConf["HS_LAN_ACCESS"])) {
$ChilliConf["HS_LAN_ACCESS"] = 1;
}
$t[] = "HS_NASID=nas01";
$t[] = "HS_RADIUS={$RADIUS_IP}";
//$t[]="HS_RADIUS2=$RADIUS_IP";
$t[] = "HS_UAMALLOW=" . @implode(",", $HS_UAMALLOW);
//$t[]="HS_ACCTUPDATE";
$t[] = "HS_RADSECRET={$ldap->ldap_password}";
$t[] = "HS_UAMSECRET={$ldap->ldap_password}";
$t[] = "HS_UAMALIASNAME=chilli";
$t[] = "HS_NASIP={$RADIUS_IP}";
if ($ChilliConf["HS_LAN_ACCESS"] == 1) {
$t[] = "HS_LAN_ACCESS=on";
} else {
$t[] = "HS_LAN_ACCESS=off";
}
if ($ChilliConf["ENABLE_DHCP_RELAY"] == 1) {
if ($ChilliConf["HS_DHCPRELAYAGENT"] != null) {
if ($ChilliConf["HS_DHCPGATEWAY"] != null) {
$t[] = "HS_DHCPRELAYAGENT={$ChilliConf["HS_DHCPRELAYAGENT"]}";
$t[] = "HS_DHCPGATEWAY={$ChilliConf["HS_DHCPGATEWAY"]}";
}
}
}
if (is_numeric($ChilliConf["HS_UAMFREEWEB"])) {
$ChilliConf["HS_UAMFREEWEB"] = null;
}
$t[] = "";
//$t[]="HS_LAYER3=on";
$t[] = "";
$t[] = "# Put entire domains in the walled-garden with DNS inspection";
$t[] = "# HS_UAMDOMAINS=\".paypal.com,.paypalobjects.com\"";
$t[] = "HS_UAMSERVER={$ChilliConf["HS_UAMFREEWEB"]}";
$t[] = "# HS_UAMSERVICE=";
$t[] = "HS_UAMFORMAT=\"http://\$HS_UAMSERVER/hs_land.php\"";
$t[] = "HS_UAMHOMEPAGE=\"http://{$ChilliConf["HS_UAMFREEWEB"]}/splash.php\"";
$t[] = "HS_CONUP=\"" . __FILE__ . "\"";
$t[] = "HS_CONDOWN=\"" . dirname(__FILE__) . "/exec.chilli.condown.php\"";
$t[] = "";
$t[] = "";
$t[] = "###";
$t[] = "# Features not activated per-default (default to off)";
$t[] = "# HS_RADCONF=off\t # Get some configurations from RADIUS or a URL ('on' and 'url' respectively)";
$t[] = "HS_ANYIP=on\t\t # Allow any IP address on subscriber LAN";
$t[] = "HS_MACAUTH=on\t\t # To turn on MAC Authentication";
$t[] = "# HS_MACAUTHDENY=on\t # Put client in 'drop' state on MAC Auth Access-Reject";
$t[] = "# HS_MACAUTHMODE=local\t # To allow MAC Authentication based on macallowed, not RADIUS";
$t[] = "# HS_MACALLOW=\"...\" # List of MAC addresses to authenticate (comma seperated)";
$t[] = "# HS_USELOCALUSERS=on # To use the /etc/chilli/localusers file";
$t[] = "# HS_OPENIDAUTH=on\t # To inform the RADIUS server to allow OpenID Auth";
$t[] = "# HS_WPAGUESTS=on\t # To inform the RADIUS server to allow WPA Guests";
$t[] = "# HS_DNSPARANOIA=on\t # To drop DNS packets containing something other";
$t[] = "# HS_OPENIDAUTH=on\t # To inform the RADIUS server to allow OpenID Auth";
$t[] = "# HS_USE_MAP=on\t\t # Short hand for allowing the required google";
$t[] = "###";
$t[] = "# Other feature settings and their defaults";
$t[] = "# HS_DEFSESSIONTIMEOUT=0 # Default session-timeout if not defined by RADIUS (0 for unlimited)";
$t[] = "# HS_DEFIDLETIMEOUT=0\t # Default idle-timeout if not defined by RADIUS (0 for unlimited)";
$t[] = "# HS_DEFBANDWIDTHMAXDOWN=0 # Default WISPr-Bandwidth-Max-Down if not defined by RADIUS (0 for unlimited)";
$t[] = "# HS_DEFBANDWIDTHMAXUP=0\t # Default WISPr-Bandwidth-Max-Up if not defined by RADIUS (0 for unlimited)";
$t[] = "";
$t[] = "# HS_RADCONF=on\t\t # gather the ChilliSpot-Config attributes in";
$t[] = "#\t\t\t # Administrative-User login";
$t[] = "# HS_RADCONF_SERVER=rad01.coova.org\t\t # RADIUS Server";
$t[] = "# HS_RADCONF_SECRET=coova-anonymous\t\t # RADIUS Shared Secret ";
$t[] = "# HS_RADCONF_AUTHPORT=1812\t\t\t # Auth port";
$t[] = "# HS_RADCONF_USER=chillispot\t\t\t # Username";
$t[] = "# HS_RADCONF_PWD=chillispot\t\t\t # Password";
$ALLOWPORTS["80"] = true;
$ALLOWPORTS["443"] = true;
$ALLOWPORTS["22"] = true;
$ALLOWPORTS["2812"] = true;
$ALLOWPORTS["53"] = true;
$ALLOWPORTS["3990"] = true;
$ALLOWPORTS["22"] = true;
$ALLOWPORTS["9000"] = true;
$ALLOWPORTS["389"] = true;
$ALLOWPORTS["53"] = true;
$ALLOWPORTS["1553"] = true;
$ALLOWPORTS["137"] = true;
$ALLOWPORTS["138"] = true;
$ALLOWPORTS["139"] = true;
$ALLOWPORTS["445"] = true;
$ALLOWPORTS["80"] = true;
$ALLOWPORTS["443"] = true;
$ALLOWPORTS["1812"] = true;
$ALLOWPORTS["3306"] = true;
$ALLOWPORTS["47980"] = true;
while (list($index, $line) = each($ALLOWPORTS)) {
$PPORT[] = $index;
}
$t[] = "HS_TCP_PORTS=\"" . @implode(" ", $PPORT) . "\"";
$t[] = "";
$t[] = "###";
$t[] = "# Standard configurations";
$t[] = "#";
$t[] = "HS_MODE=hotspot";
$t[] = "HS_TYPE=chillispot";
$t[] = "# HS_RADAUTH=1812";
$t[] = "# HS_RADACCT=1813";
$t[] = "# HS_ADMUSR=chillispot";
$t[] = "# HS_ADMPWD=chillispot";
$t[] = "";
$t[] = "";
if ($ChilliConf["HS_PROVIDER"] == null) {
$ChilliConf["HS_PROVIDER"] = "Artica";
}
if ($ChilliConf["HS_PROVIDER_LINK"] == null) {
$ChilliConf["HS_PROVIDER_LINK"] = "http://www.articatech.net";
}
if ($ChilliConf["HS_LOC_NAME"] == null) {
$ChilliConf["HS_LOC_NAME"] = "Artica HotSpot";
}
if ($ChilliConf["HS_LOC_NETWORK"] == null) {
$ChilliConf["HS_LOC_NETWORK"] = "HotSpot Network";
}
$t[] = "HS_PROVIDER={$ChilliConf["HS_PROVIDER"]}";
$t[] = "HS_PROVIDER_LINK={$ChilliConf["HS_PROVIDER_LINK"]}/";
//$t[]="HS_LOC_NAME=\"{$ChilliConf["HS_LOC_NAME"]}\" # WISPr Location Name and used in portal";
//$t[]="HS_LOC_NETWORK=\"{$ChilliConf["HS_LOC_NETWORK"]}\" # Network name";
$t[] = "# HS_LOC_AC=408\t\t\t # Phone area code";
$t[] = "# HS_LOC_CC=1\t\t\t # Phone country code";
$t[] = "# HS_LOC_ISOCC=US\t\t # ISO Country code";
$t[] = "";
$t[] = "# Embedded miniportal";
$t[] = "# HS_REG_MODE=\"tos\" # or self, other";
$t[] = "# HS_RAD_PROTO=\"pap\" # or mschapv2, chap";
$t[] = "# HS_USE_MAP=on\n";
echo "Starting......: " . date("H:i:s") . " [INIT]: Chilli: `/etc/chilli/config` done\n";
echo "Starting......: " . date("H:i:s") . " [INIT]: Chilli: flush /etc/init.d..\n";
chilli_init_d();
file_put_contents("/etc/chilli/config", @implode("\n", $t));
coova_web();
shell_exec("{$php5} " . dirname(__FILE__) . "/exec.freeradius.php --build");
if ($GLOBALS["RELOAD"]) {
$kill = $unix->find_program("kill");
shell_exec("/etc/init.d/chilli reconfigure");
$pid = PID_NUM();
if ($unix->process_exists($pid)) {
shell_exec("{$kill} -HUP {$pid} 2>&1");
} else {
start();
}
}
}