(2 replies, posted in Buglist)

Old topic, but I have a solution.

Basically, the tun0 interface is brought up on another interface (say, wlan0). without proper firewall rules, packets can travel back along both interfaces to the client.

Solution, do not allow traffic on the offending interface (in this case wlan0). No more DUPs.


(0 replies, posted in Chillispot Configuration)


If I'm correct, chillispot by default prevents an arp spoofing attack on the gateway. A client's arp entries can be messed with, but the overall effect is the loss of routing to the gateway, so no traffic can be sniffed.

I'm just learning about this because I was told chillispot is vulnerable to arp spoofing, but after testing it myself I have concluded that it is not.

Furthermore I have discovered that many APs support AP isolation, which I am now enabling on any portal.



(5 replies, posted in Chillispot Configuration)

Silly me.

Indeed, passing a value to userurl works from the welcome page.

I think I'm sorted out.


(5 replies, posted in Chillispot Configuration)

Well, I'm guessing that it's actually up to me to define userurl, maybe with a HTTP REFERER

...should this be under the UAM configuration forum?


(2 replies, posted in UAM Configuration)

I ran into this and needed to modify hotspotlogin.cgi to include code posted here:



(5 replies, posted in Chillispot Configuration)


I've set up chillispot 1.1.0 on gentoo linux and it's working great. except for one thing.

userurl is blank.

if I define userurl in hotspotlogin myself, redirection to $userurl after a successful login works... but the end user is supposed to be defining userurl, not me.

what could be going wrong?


(1 replies, posted in Radius Configuration)

hello all,

I'm very pleased with chillspot, apache-ssl and freeradius.

I have setup a scheme using debian 2.6 whereby authenticated users and passwords are stored in a simple list which is updated as time goes on. I'm doing things this way because mysql takes up too much space. My plan is to use old till-printers to produce tickets on demand. I even have a plan brewing to use the "cisco" button on the front of many linksys routers for such a purpose.

I havn't migrated everything over to an OpenWRT system yet, simply because I don't have a nice enough unit yet (curses to linksys for scaling back the memory on the v5+ routers!)

But everything works great!! Just wanted to extend a big thankyou to those involved in getting things slapped together.

To summarize: chillispot is wonderful, freeradius doesn't require mysql although simple user lists are becoming depreciated, as I have read.

Thanks again for the wonderful, usable code.