summaryrefslogtreecommitdiff
path: root/package/wifidog/files/wifidog.conf
diff options
context:
space:
mode:
Diffstat (limited to 'package/wifidog/files/wifidog.conf')
-rw-r--r--package/wifidog/files/wifidog.conf177
1 files changed, 177 insertions, 0 deletions
diff --git a/package/wifidog/files/wifidog.conf b/package/wifidog/files/wifidog.conf
new file mode 100644
index 0000000000..10b173a9a2
--- /dev/null
+++ b/package/wifidog/files/wifidog.conf
@@ -0,0 +1,177 @@
+# $Header$
+# WiFiDog Configuration file
+
+# Parameter: GatewayID
+# Default: default
+# Optional but essential for monitoring purposes
+#
+# Set this to the template ID on the auth server
+# this is used to give a customized login page to the clients
+# If none is supplied, the default login page will be used.
+
+GatewayID default
+
+# Parameter: ExternalInterface
+# Default: NONE
+# Optional
+#
+# Set this to the external interface. Typically vlan1 for OpenWrt, and eth0 or ppp0 otherwise
+
+# ExternalInterface eth0
+
+# Parameter: GatewayInterface
+# Default: NONE
+# Mandatory
+#
+# Set this to the internal interface. Typically br0 for OpenWrt, and eth1 otherwise
+
+GatewayInterface br0
+
+# Parameter: GatewayAddress
+# Default: Find it from GatewayInterface
+# Optional
+#
+# Set this to the internal IP address of the gateway
+
+# GatewayAddress 192.168.1.1
+
+# Parameter: AuthServMaxTries
+# Default: 1
+# Optional
+#
+# Sets the number of auth servers the gateway will attempt to contact when a request fails.
+# this number should be equal to the number of AuthServer lines in this
+# configuration but it should probably not exceed 3.
+
+# AuthServMaxTries 3
+
+# Parameter: AuthServer
+# Default: NONE
+# Mandatory
+#
+# Set this to the hostname or IP of your auth server, the path where
+# WiFiDog-auth resides and optionally as a second argument, the port it
+# listens on.
+#AuthServer {
+# Hostname (Mandatory; Default: NONE)
+# SSLAvailable (Optional; Default: no; Possible values: yes, no)
+# SSLPort 443 (Optional; Default: 443)
+# HTTPPort 80 (Optional; Default: 80)
+# Path wifidog/ (Optional; Default: /wifidog/ Note: The path must be both prefixed and suffixed by /. Use a single / for server root.)
+#}
+
+#AuthServer {
+# Hostname auth.ilesansfil.org
+# SSLAvailable yes
+# Path /
+#}
+
+#AuthServer {
+# Hostname auth2.ilesansfil.org
+# SSLAvailable yes
+# Path /
+#}
+
+#AuthServer {
+# Hostname auth3.ilesansfil.org
+# SSLAvailable yes
+# Path /
+#}
+
+# Parameter: Daemon
+# Default: 1
+# Optional
+#
+# Set this to true if you want to run as a daemon
+# Daemon 1
+
+# Parameter: GatewayPort
+# Default: 2060
+# Optional
+#
+# Listen on this port
+# GatewayPort 2060
+
+# Parameter: HTTPDName
+# Default: WiFiDog
+# Optional
+#
+# Define what name the HTTPD server will respond
+# HTTPDName WiFiDog
+
+# Parameter: HTTPDMaxConn
+# Default: 10
+# Optional
+#
+# How many sockets to listen to
+# HTTPDMaxConn 10
+
+# Parameter: CheckInterval
+# Default: 60
+# Optional
+#
+# How many seconds should we wait between timeout checks
+CheckInterval 60
+
+# Parameter: ClientTimeout
+# Default: 5
+# Optional
+#
+# Set this to the desired of number of CheckInterval of inactivity before a client is logged out
+# The timeout will be INTERVAL * TIMEOUT
+ClientTimeout 5
+
+# Parameter: FirewallRuleSet
+# Default: none
+# Mandatory
+#
+# Groups a number of FirewallRule statements together.
+
+# Parameter: FirewallRule
+# Default: none
+#
+# Define one firewall rule in a rule set.
+
+# Rule Set: global
+#
+# Used for rules to be applied to all other rulesets except locked.
+# This is the default config for the Teliphone service.
+FirewallRuleSet global {
+ FirewallRule allow udp to 69.90.89.192/27
+ FirewallRule allow udp to 69.90.85.0/27
+ FirewallRule allow tcp port 80 to 69.90.89.205
+}
+
+# Rule Set: validating-users
+#
+# Used for new users validating their account
+FirewallRuleSet validating-users {
+ FirewallRule block tcp port 25
+ FirewallRule allow to 0.0.0.0/0
+}
+
+# Rule Set: known-users
+#
+# Used for normal validated users.
+FirewallRuleSet known-users {
+ FirewallRule allow to 0.0.0.0/0
+}
+
+# Rule Set: unknown-users
+#
+# Used for unvalidated users, this is the ruleset that gets redirected.
+#
+# XXX The redirect code adds the Default DROP clause.
+FirewallRuleSet unknown-users {
+ FirewallRule allow udp port 53
+ FirewallRule allow tcp port 53
+ FirewallRule allow udp port 67
+ FirewallRule allow tcp port 67
+}
+
+# Rule Set: locked-users
+#
+# Used for users that have been locked out.
+FirewallRuleSet locked-users {
+ FirewallRule block to 0.0.0.0/0
+}