This is great to hear! Good hacking! On Tue, Jun 23, 2009 at 1:50 PM, Russell Senior<[email protected]> wrote: > > > Today I have successfully tested out a new captive portal solution. > > As many of you know, a while back we started experimenting with a new > captive portal called Wifidog. It looked sexier than the tried and > true NoCatAuth that we ran on our NuCabs (recycled PC routers), but we > found that users didn't like Wifidog, it was confusing, it misbehaved, > and we found that isn't being actively or responsively maintained. > Furthermore, it suffers from a single point of failure, in that (in my > experience) if the authorization server (an off-site machine) becomes > unreachable, all client authentication across the whole wifidog > infrastructure grinds to a halt. In short, I have grown to loathe > Wifidog. Wifidog was an experiment, and that experiment succeeded in > demonstrating that it sucks. > > In view of that suckage, we have been examining alternatives. One of > those is the AlixCab project, the effort to replace all of our aging > NuCab infrastructure with newer, faster, smaller, better Alix boards. > We raised money and have purchased the first 10 of those and plan to > go ahead with the remaining purchase of 20 more in the next few weeks. > > However, we will not have enough Alixes to put in everywhere we have > nodes. This led to me wondering whether or not NoCatAuth would fit > onto one of our Netgear WGT634U devices. They have 8 meg of flash and > 32 meg of RAM. It turns out not only does it, but there is enough > headroom left over for OpenVPN and OLSRd, two additional pieces of > software that provide network tunneling between nodes. > > My first try at deploying this at a node failed about a week ago, when > I found a bug in the Perl that the cross-compiling toolchain generated > for the mipsel CPU. The bug caused the captive portal to fail after a > few authorizations. After some investigative hacking, I found the > problem and the solution and now have a working Perl and so far (knock > on wood), the new image is working out at our test site. > > This image is slightly under 5 megabytes and includes the basic > Openwrt kernel and userspace, plus: nocatauth, perl, openvpn, olsrd, snmpd > iproute2, ntpclient, rsync, tcpdump. On a WGT, this leaves a little > over 2 megabytes left in the jffs2 filesystem for changes. > > My plan is to begin replacing the rest of the Wifidog nodes with > WgtCabs (WGT634Us with this image, tailored to the node). Some of > these nodes have WGTs already. Those that don't will be loaned > WgtCabs on an indefinite basis (so long as they remain PTP nodes, the > usual basis). > > Not withstanding this success, the WgtCab image is stretching the > hardware pretty close to its capacity and there are reasons to prefer > the AlixCab, and so the AlixCab project is going ahead as well. We'll > be field testing an x86 image consisting of much of the same software > in the near future. > > Another avenue for improvement would be to replace the NoCatAuth > (perl-based) captive portal with NoCatSplash (C-based). Troy Jaqua > and Jason McArthur have both successfully used NoCatSplash on small > devices, however there are compiling and integration issues on OpenWrt > that haven't been worked out completely yet. NoCatSplash has the > potential to significantly reduce the memory footprint. > > I guess I am just a little amazed and giddy that this NoCatAuth thing > is working on a WGT at all. > > Questions/comments? > > > -- > Russell Senior, Secretary > [email protected] > > > >
-- Chris Chen <[email protected]> "The fact that yours is better than anyone else's is not a guarantee that it's any good." -- Seen on a wall --~--~---------~--~----~------------~-------~--~----~ The Personal Telco Project - http://www.personaltelco.net/ Donate to PTP: http://www.personaltelco.net/donate Archives: http://news.gmane.org/gmane.network.wireless.portland.general/ Etiquette: http://www.personaltelco.net/index.cgi/MailingListEtiquette List information: http://lists.personaltelco.net To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] -~----------~----~----~----~------~----~------~--~---
