f11:technik:raspberrypi:hotspotdm3kb:raspbcoovai

Install Coova-Chilly from the deb file (Coova Chilli Debian pakage) compiled previoisly .

Use dpkg -i to install the package, after choosing default (keep current installed version) the error message is O.K. as coova-chilli is not
properly configured yet.

root@raspberrypi:/usr/src# dpkg -i coova-chilli_1.3.0_armhf.deb 
Selecting previously unselected package coova-chilli.
(Reading database ... 73892 files and directories currently installed.)
Unpacking coova-chilli (from coova-chilli_1.3.0_armhf.deb) ...
Setting up coova-chilli (1.3.0) ...

Configuration file `/etc/init.d/chilli'
 ==> File on system created by you or by a script.
 ==> File also in package provided by package maintainer.
   What would you like to do about it ?  Your options are:
    Y or I  : install the package maintainer's version
    N or O  : keep your currently-installed version
      D     : show the differences between the versions
      Z     : start a shell to examine the situation
 The default action is to keep your current version.
*** chilli (Y/I/N/O/D/Z) [default=N] ? N
Starting chilli: SIOCSIFADDR: No such device
eth1: ERROR while getting interface flags: No such device

Note: The error above is accepeted as the configuration is not valid at this time, you can ignore the message

Configure Coova-Chilli

CoovaChilly needs some configuration in the file: /etc/default/chilli

root@raspberrypi:/usr/src# vi /etc/default/chilli

Change first line from 0 to 1 to force start of chilli:

START_CHILLI=1
CONFFILE="/etc/chilli.conf"
HS_USER="chilli"

Delete automatic generated main configuration file

rm /etc/chilli/main.conf

Edit Coova-Chilli main configuration file

vi /etc/chilli/defaults

Change the settings like below.

NOTE: the settings in the first block need to match the settings done in „/etc/network/interface“ file!!!

HS_WANIF=wlan0            # WAN Interface toward the Internet
HS_LANIF=eth0              # Subscriber Interface for client devices
HS_NETWORK=10.1.0.0        # HotSpot Network (must include HS_UAMLISTEN)
HS_NETMASK=255.255.255.0   # HotSpot Network Netmask
HS_UAMLISTEN=10.1.1.1      # HotSpot IP Address (on subscriber network)
HS_UAMPORT=3990            # HotSpot UAM Port (on subscriber network)
HS_UAMUIPORT=4990          # HotSpot UAM "UI" Port (on subscriber network, for embedded portal)

HS_COAPORT=3779            # CoovaChilli Port for forced disconnect

# OpenDNS Servers
HS_DNS1=192.168.2.1
HS_DNS2=8.8.8.8
#HS_DNS1=208.67.222.222
#HS_DNS2=208.67.220.220

###
#   HotSpot settings for simple Captive Portal
#
HS_NASID=nas01
HS_RADIUS=localhost
HS_RADIUS2=localhost
HS_UAMALLOW=10.1.1.0/24
HS_RADSECRET=Raspi            # Set to be your RADIUS shared secret
HS_UAMSECRET=change-me123     # Set to be your UAM secret, secures the communication between coova-chilli and miniportal
HS_UAMALIASNAME=chilli

HS_LOC_NAME="Your-Hotspot"    # WISPr Location Name and used in portal

Firewall Set-Up

CoovaChilli is preconfigured but needs adaption in file: /etc/chilli/up.sh

root@raspberrypi# vi /etc/chilli/up.sh

Modify the End of the file to match the output below:

<SNIP>
        [ "$HS_LOCAL_DNS" = "on" ] && \
            ipt -I PREROUTING -t nat -i $TUNTAP -p udp --dport 53 -j DNAT --to-destination $ADDR
    fi
fi
    # log new connections from TUN Interface (New, not in original script!!!!)
    ipt -I FORWARD -i $TUNTAP  -o $HS_WANIF -m state --state NEW -j LOG --log-prefix='[ChillyNCon]'

# site specific stuff optional
[ -e /etc/chilli/ipup.sh ] && . /etc/chilli/ipup.shA
# End of Original Script!!!!
######################################
# Masquerade for Coova-Chilli, minimum to add for an operating Coova-Chilly
iptables -I POSTROUTING -t nat -o $HS_WANIF -j MASQUERADE
# Accept HTTPS only from local IP4 Network
iptables -A INPUT -i $HS_WANIF -p tcp -s 192.168.6.0/24 --dport 443 -m state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o $HS_WANIF -p tcp --sport 443 -m state ESTABLISHED -j ACCEPT
# Accept SSH only from local IP4 Network
iptables -A INPUT -i $HS_WANIF -p tcp -s 192.168.6.0/24 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o $HS_WANIF -p tcp --sport 22 -m state ESTABLISHED -j ACCEPT

Note: Ensure that „LOG –log-prefix='[ChillyNCon]'“ is matching the one configured in:
Syslog Config

Haserl Set-Up

Set Haserl path for Coova-Chilly in file: /etc/chilli/wwwsh

root@raspberrypi# vi /etc/chilli/wwwsh

Replace the line:

haserl=$(which haserl 2>/dev/null)

With this one below:

haserl=/usr/local/bin/haserl

Create fake chillyspot config file for EASY-Hotspot

Save and then copy defaults to config in the same folder or create a link with ls

cp /etc/chilli/defaults /etc/chilli/config

Back to HotSpot Overview-Page