openwrt-hotspot is a commercial wifi hotspot application running on openwrt flashed linksys routers I wrote with tmeasday back in 2006. It is written in ruby, runs under linux and manipulates the routing tables using iptables.
- A user enters the hotspot area and logs onto the open network.
- The user tries to browse the web, they are blocked by iptables and redirected to a screen indicating that they must pay and presenting them with a dictionary word based token.
- They approach the operator and add some time by paying. The operator adds time to their 'token'.
- As the user tries to browse again, this time iptables allows their request to go through and they happily use the internet.
- When their time runs out and they try to browse to a site, they must restart again from step 1.
We use mac addresses to identify users. A hacker can fairly trivially masquerade as having a paid user's I.P address and hence gain free internet usage. We dismissed this scenario
Note: OpenWRT Whiterussian is quite old now so use this section as a rough guide for more modern distributions.
- Turn on a plug laptop into LAN port.
- Browse to 192.168.1.1 (admin/admin)
- Follow basic steps to configure router (i.e. setup wan, wlan etc.)
(see http://wiki.openwrt.org/OpenWrt/Docs/Hardware/Asus/WL500GD)
- Download latest whiterussian image e.g. openwrt-brcm-2.4-squashfs.trx
- Make sure plugged in by LAN
- Set router to FAILSAFE mode by removing power, press hold reset whilst returing power, when power led starts flashing slowly, release reset.
- Check you can ping router on 192.168.1.1
- enter the following: tftp 192.168.1.1 tftp>binary tftp>trace tftp>put openwrt-b...
- Wait for it to reboot (wait for AIR light to come on)
- telnet 192.168.1.1
- Set the the password (lithium) -- this disables telnet
- logout and ssh in
- If dhcp is not working, log into the machine however you can
- Check /etc/dnsmasq.conf
- Check if it is running in a ps aux
- run dnsmasq
- Run site_deploy.sh
- Ssh to router, change to /tmp/hotspot, run ./site_install.sh