[CoovaChilli] Documentation about xt_coova/ipt-coova/nfcoova

Pierre Parent pparent at comminter.com
Tue Jun 7 11:51:22 BST 2016


Hi,

Thanks a lot for your message but the iptable does not change anything.

Actually I've notices that with wget, authentication always works, because it 
does several attempts, while web-browsers do not.

Actually I found that there are two separate problems:
1- Connection to local uamserver often fails (11.1.0.1)
2- When it succeeds it redirects to distant portal (specified in aumserver 
variable), and the webbrowser tries to reuse the tcp connection it has already 
opened with the distant server, which is (somehow) no more functional. Then it 
waits for a long time until there is a timeout, and finally reopen a tcp 
connections which works.

The identification sequence is as follow:
1-User requested site
2-Homepage (specified in uamhomepage)
3-Distant uamserver (specified in uamserver)
4-local uamserver (11.1.0.1)
5-distant uamserver (specified in uamserver)
6-final page

Enclosed the log of a wget when trying to authenticate.

Pierre.

Le mardi 7 juin 2016 21:55:16, vous avez écrit :
> Not sure why connections fail to 3990 but you can fix logouts with a rule
> like:
> 
> iptables -I INPUT -i eth0.1 -d 11.1.0.1 -p tcp --dport 3990 -m coova --name
> chilli -j ACCEPT
> 
> -
> brian
>  
-------------- next part --------------
--2016-06-07 12:31:48--  http://1.1.1.1/
Connecting to 1.1.1.1:80... connected.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: http://distantserver/?loginurl=http%3a%2f%2fdistantserver%2fhotspotlogin%3fres%3dnotyet%26uamip%3d11.1.0.1%26uamport%3d3990%26challenge%3dxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx%26called%3dC4-6E-1F-C3-25-5D%26mac%3d44-8A-5B-6D-AA-DA%26ip%3d10.1.0.222%26nasid%3dxxxxxxxxxxxxxxx%26sessionid%3d5756a1dd00000001%26userurl%3dhttp%253a%252f%252f1.1.1.1%252f%26md%3dxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
--2016-06-07 12:31:49--  http://distantserver/?loginurl=http%3a%2f%2fdistantserver%2fhotspotlogin%3fres%3dnotyet%26uamip%3d11.1.0.1%26uamport%3d3990%26challenge%3dxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx%26called%3dC4-6E-1F-C3-25-5D%26mac%3d44-8A-5B-6D-AA-DA%26ip%3d10.1.0.222%26nasid%3dxxxxxxxxxxxxxxx%26sessionid%3d5756a1dd00000001%26userurl%3dhttp%253a%252f%252f1.1.1.1%252f%26md%3dxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Resolving distantserver (distantserver)... xx.xx.xx.xx
Connecting to distantserver (distantserver)|xx.xx.xx.xx|:80... connected.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: http://distantserver/hotspotlogin?res=notyet&uamip=11.1.0.1&uamport=3990&challenge=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx&called=C4-6E-1F-C3-25-5D&mac=44-8A-5B-6D-AA-DA&ip=10.1.0.222&nasid=xxxxxxxxxxxxxxx&sessionid=5756a1dd00000001&userurl=http://1.1.1.1/&md=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx [following]
--2016-06-07 12:31:50--  http://distantserver/hotspotlogin?res=notyet&uamip=11.1.0.1&uamport=3990&challenge=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx&called=C4-6E-1F-C3-25-5D&mac=44-8A-5B-6D-AA-DA&ip=10.1.0.222&nasid=xxxxxxxxxxxxxxx&sessionid=5756a1dd00000001&userurl=http://1.1.1.1/&md=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Reusing existing connection to distantserver:80.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: http://11.1.0.1:3990/logon?username=44-8A-5B-6D-AA-DA&password=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx [following]
--2016-06-07 12:31:50--  http://11.1.0.1:3990/logon?username=44-8A-5B-6D-AA-DA&password=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Connecting to 11.1.0.1:3990... connected.
HTTP request sent, awaiting response... Read error (Connection reset by peer)  in headers. !!!!!!!!!!!!!!!!! GENERALY FAILS HERE WITH WEBBROWSERS !!!!!!
Retrying.

--2016-06-07 12:31:51--  (try: 2)  http://11.1.0.1:3990/logon?username=44-8A-5B-6D-AA-DA&password=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Connecting to 11.1.0.1:3990... connected.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: http://distantserver/hotspotlogin?res=already&uamip=11.1.0.1&uamport=3990&called=C4-6E-1F-C3-25-5D&mac=44-8A-5B-6D-AA-DA&ip=10.1.0.222&nasid=xxxxxxxxxxxxxxx&sessionid=5756a1dd00000001&userurl=http%3a%2f%2f1.1.1.1%2f&md=77B57A46BA256D717721FA9CA6AA6BCE [following]
--2016-06-07 12:31:51--  http://distantserver/hotspotlogin?res=already&uamip=11.1.0.1&uamport=3990&called=C4-6E-1F-C3-25-5D&mac=44-8A-5B-6D-AA-DA&ip=10.1.0.222&nasid=xxxxxxxxxxxxxxx&sessionid=5756a1dd00000001&userurl=http%3a%2f%2f1.1.1.1%2f&md=77B57A46BA256D717721FA9CA6AA6BCE
Reusing existing connection to distantserver:80.
HTTP request sent, awaiting response... No data received. <-!!!!!!!!!!WAITING A VERY LONG TIME!!!!!!!!!!!!
Retrying.

--2016-06-07 12:32:56--  (try: 2)  http://distantserver/hotspotlogin?res=already&uamip=11.1.0.1&uamport=3990&called=C4-6E-1F-C3-25-5D&mac=44-8A-5B-6D-AA-DA&ip=10.1.0.222&nasid=xxxxxxxxxxxxxxx&sessionid=5756a1dd00000001&userurl=http%3a%2f%2f1.1.1.1%2f&md=77B57A46BA256D717721FA9CA6AA6BCE
Connecting to distantserver (distantserver)|xx.xx.xx.xx|:80... connected.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: http://finalpage/noid?s=dde2f284122867263fdc47dcd26b53e3e92dd917&n=xxxxxxxxxxxxxxx [following]
--2016-06-07 12:32:56--  http://finalpage/noid?s=dde2f284122867263fdc47dcd26b53e3e92dd917&n=xxxxxxxxxxxxxxx
Resolving finalpage (finalpage)... xx.xx.xx.xx
Connecting to finalpage (finalpage)|xx.xx.xx.xx|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 6479 (6,3K) [text/html]
Saving to: ?index.html.19?

index.html.19                                                       100%[====================================================================================================================================================================>]   6,33K  --.-KB/s   in 0s     

2016-06-07 12:32:56 (12,8 MB/s) - ?index.html.19? saved [6479/6479]


More information about the CoovaChilli mailing list