[Lugro-mesh] authorization on eth0 in client mode

Jue Feb 4 13:25:05 ART 2010

2010/2/3 Marian Labaj :
> Hello,
>
> Thank You for the answer.
>
> 2010/2/1 Julio Cesar Puigpinos :
>> 2010/2/1 Marian Labaj:
>>> Hello,
>>
>> Hi
>>
> Hello
>>> Lugro-mesh is an interesting project for us.
>>
>> Thank you
>>
>>>While we are testing
>>> nightwing on our network on a 7 ubnt nodes. Now it is important to us
>>> remote access to every node. We do this through ssh, which requires
>>> editing of the script /etc/init.d/nigthwing.
>>
>> The main use for Nightwing is in Wireless Networks where each members
>> takes care of the nodes that it has, noone owns nor maintains all the
>> nodes. We don't use a central server for configuring the nodes.
>>
>> You could either manually configure this option on each node or you
>> could create a customized Nightwing image with your preferred
>> configuration and/or additions. Take a look to the README.FIRST[1]
>> file for compiling the image.
>>
>
>
> In our community we have opened the project "mesh". Our infrastructure
> works nicely on the DD-WRT. But us, it seems that DD-WRT is not
> optimal for the mesh and "cloud" networking. ROBIN we also tested, but
> we decided to Nightwing, just for this. The deployment is OK, but when
> testing the remote access is useful.

Yes, but the images are compiled with settings that are more suited
for Wireless Mesh Networks where noone owns nor controlls all the
nodes, i.e. our network :). That is why the SSH service is only
allowed through the Private AP and the LAN.

I think that you should compile your own images with the settings that
you prefer.
To allow SSH in the Mesh interface you have to add a line: $IPTABLES
-I INPUT -i $MESH_IFACE -p tcp --dport 80 -j ACCEPT in both gateway an
client modes.

Add this line at the bottom of the iptable rule that follows the
comment "## Close ssh and www ports except local LAN and PRIVATE
iface" in lines 264 and 349.

>>> The second important
>>> thing is set for deployment authorization via wifidog to interface
>>> eth0 (LAN) when the node is in client mode, it is important for abuse
>>> controls. If possible you can help us set this.
>>
>> I didn't catch this one. In a Client Node, WiFiDog is used too in all
>> the interfaces. So no matter where you connect to (LAN, Public AP,
>> Private AP), it will use WiFiDog.
>>
>
> My apologies, I was vague, but I can not set access authentication for
> LAN and Public AP mode at the same time in client mode. I am a newbie
> in nightwing, openwrt and wifidog. I am afraid to connect inerfaces
> eth0, ath0 (LAN and  Public AP) to bridge for this purpose.

Just to be clear, when you try to access a web page through the Public
AP and/or the LAN, in Client Mode, you don't get the authentication
page of WiFiDog?

>>> Thank you for your help.
>>>
>>> Salute,
>>>
>>> Marian

                 Saludos, Julio

> P.S. In English, Google helps me ;-)

Don't worry, we use it too :)

-- 
www.lugro-mesh.org.ar/        Wireless Mesh Networks Group
www.lugro.org.ar                   GNU/Linux User Group Rosario, Argentina
Slackware rulez :P             www.slackware.org
NO A LA MATRICULA!!!: http://noalamatricula.wordpress.com/