5 option title 'General configuration'
6 option description 'General CoovaChilli settings'
7 option package 'coovachilli'
12 option name 'interval'
13 option title 'Config refresh interval'
14 option description 'Re-read configuration file and do DNS lookups every interval seconds. This has the same effect as sending the HUP signal. If interval is 0 (zero) this feature is disabled. '
15 option section 'coovachilli.general'
16 option datatype 'uint'
20 option title 'Pid file'
21 option description 'Filename to put the process id'
22 option section 'coovachilli.general'
23 option datatype 'string'
26 option name 'statedir'
27 option title 'State directory'
28 option description 'Directory of non-volatile data'
29 option section 'coovachilli.general'
30 option datatype 'directory'
34 option title 'Command socket'
35 option description 'UNIX socket used for communication with chilli_query'
36 option section 'coovachilli.general'
37 option datatype 'string'
42 option title 'TUN/TAP configuration'
43 option description 'Network/Tun configuration'
44 option package 'coovachilli'
50 option title 'TX queue length'
51 option description 'The TX queue length to set on the TUN/TAP interface'
52 option section 'coovachilli.tun'
53 option datatype 'uint'
57 option title 'Use TAP device'
58 option description 'Use the TAP interface instead of TUN'
59 option section 'coovachilli.tun'
60 option datatype 'boolean'
64 option title 'TUN/TAP device'
65 option description 'The specific device to use for the TUN/TAP interface'
66 option section 'coovachilli.tun'
67 option datatype 'file'
71 option title 'Uplink subnet'
72 option description 'Network address of the uplink interface (CIDR notation)'
73 option section 'coovachilli.tun'
74 option datatype 'ip4addr'
78 option title 'Static IP address pool'
79 option description 'Specifies a pool of static IP addresses'
80 option section 'coovachilli.tun'
81 option datatype 'ip4addr'
85 option title 'Dynamic IP address pool'
86 option description 'Specifies a pool of dynamic IP addresses'
87 option section 'coovachilli.tun'
88 option datatype 'ip4addr'
92 option title 'Primary DNS Server'
93 option description 'Is used to inform the client about the DNS address to use for host name resolution'
94 option section 'coovachilli.tun'
95 option datatype 'host'
99 option title 'Secondary DNS Server'
100 option description 'Is used to inform the client about the DNS address to use for host name resolution'
101 option section 'coovachilli.tun'
102 option datatype 'host'
106 option title 'Domain name'
107 option description 'Is used to inform the client about the domain name to use for DNS lookups'
108 option section 'coovachilli.tun'
109 option datatype 'string'
113 option title 'IP down script'
114 option description 'Script executed after the tun network interface has been taken down'
115 option section 'coovachilli.tun'
116 option datatype 'file'
120 option title 'IP up script'
121 option description 'Script executed after the TUN/TAP network interface has been brought up'
122 option section 'coovachilli.tun'
123 option datatype 'file'
126 option name 'condown'
127 option title 'Network down script'
128 option description 'Script executed after a session has moved from authorized state to unauthorized'
129 option section 'coovachilli.tun'
130 option datatype 'file'
134 option title 'Network up script'
135 option description 'Script executed after the tun network interface has been brought up'
136 option section 'coovachilli.tun'
137 option datatype 'file'
142 option title 'DHCP configuration'
143 option description 'Set DHCP options for connecting clients'
144 option package 'coovachilli'
150 option title 'DHCP interface'
151 option description 'Ethernet interface to listen to for the downlink interface'
152 option section 'coovachilli.dhcp'
153 option datatype 'string'
157 option name 'dhcpmac'
158 option title 'Listen MAC address'
159 option description 'MAC address to listen to. If not specified the MAC address of the interface will be used'
160 option section 'coovachilli.dhcp'
161 option datatype 'macaddr'
165 option title 'Leasetime'
166 option description 'Use a DHCP lease of seconds (default 600)'
167 option section 'coovachilli.dhcp'
168 option datatype 'uint'
171 option name 'dhcpstart'
172 option title 'DHCP start number'
173 option description 'Where to start assigning IP addresses (default 10)'
174 option section 'coovachilli.dhcp'
175 option datatype 'uint'
178 option name 'dhcpend'
179 option title 'DHCP end number'
180 option description 'Where to stop assigning IP addresses (default 254)'
181 option section 'coovachilli.dhcp'
182 option datatype 'uint'
185 option name 'eapolenable'
186 option title 'Enable IEEE 802.1x'
187 option description 'Enable IEEE 802.1x authentication and listen for EAP requests'
188 option section 'coovachilli.dhcp'
189 option datatype 'boolean'
193 option name 'macauth'
194 option title 'MAC configuration'
195 option description 'Configure MAC authentication'
196 option package 'coovachilli'
201 option name 'macauth'
202 option title 'Enable MAC authentification'
203 option description 'Try to authenticate all users based on their mac address alone'
204 option section 'coovachilli.macauth'
205 option datatype 'boolean'
208 option name 'macallowlocal'
209 option title 'Authenticate locally allowed MACs'
210 option description 'Authenticate allowed MAC addresses without the use of RADIUS'
211 option section 'coovachilli.macauth'
212 option datatype 'boolean'
215 option name 'macallowed'
216 option title 'Allowed MAC addresses'
217 option description 'List of MAC addresses for which MAC authentication will be performed'
218 option section 'coovachilli.macauth'
219 option datatype 'string'
220 option type 'lazylist'
223 option name 'macpasswd'
224 option title 'Password'
225 option description 'Password used when performing MAC authentication'
226 option section 'coovachilli.macauth'
227 option datatype 'string'
230 option name 'macsuffix'
231 option title 'Suffix'
232 option description 'Suffix to add to the MAC address in order to form the User-Name, which is sent to the radius server'
233 option section 'coovachilli.macauth'
234 option datatype 'string'
239 option title 'RADIUS configuration'
240 option description 'RADIUS configuration'
241 option package 'coovachilli'
246 option name 'acctupdate'
247 option title 'Allow session update through RADIUS'
248 option description 'Allow updating of session parameters with RADIUS attributes sent in Accounting-Response'
249 option section 'coovachilli.radius'
250 option datatype 'boolean'
253 option name 'radiusoriginalurl'
254 option title 'Send RADIUS VSA'
255 option description 'Send the ChilliSpot-OriginalURL RADIUS VSA in Access-Request'
256 option section 'coovachilli.radius'
257 option datatype 'boolean'
260 option name 'swapoctets'
261 option title 'Swap octets'
262 option description 'Swap the meaning of "input octets" and "output octets" as it related to RADIUS attribtues'
263 option section 'coovachilli.radius'
264 option datatype 'boolean'
267 option name 'openidauth'
268 option title 'Allow OpenID authentication'
269 option description 'Allows OpenID authentication by sending ChilliSpot-Config=allow-openidauth in RADIUS Access-Requests'
270 option section 'coovachilli.radius'
271 option datatype 'boolean'
274 option name 'wpaguests'
275 option title 'Allow WPA guests'
276 option description 'Allows WPA Guest authentication by sending ChilliSpot-Config=allow-wpa-guests in RADIUS Access-Requests'
277 option section 'coovachilli.radius'
278 option datatype 'boolean'
281 option name 'radiusacctport'
282 option title 'RADIUS accounting port'
283 option description 'The UDP port number to use for radius accounting requests (default 1813)'
284 option section 'coovachilli.radius'
285 option datatype 'port'
288 option name 'radiusauthport'
289 option title 'RADIUS authentication port'
290 option description 'The UDP port number to use for radius authentication requests (default 1812)'
291 option section 'coovachilli.radius'
292 option datatype 'port'
295 option name 'radiuscalled'
296 option title 'Option radiuscalled'
297 option description ''
298 option section 'coovachilli.radius'
299 option datatype 'string'
302 option name 'radiuslisten'
303 option title 'RADIUS listen address'
304 option description 'Local interface IP address to use for the radius interface'
305 option section 'coovachilli.radius'
306 option datatype 'ip4addr'
309 option name 'radiuslocationid'
310 option title 'RADIUS location ID'
311 option description 'WISPr Location ID'
312 option section 'coovachilli.radius'
313 option datatype 'string'
316 option name 'radiuslocationname'
317 option title 'RADIUS location name'
318 option description 'WISPr Location Name'
319 option section 'coovachilli.radius'
320 option datatype 'string'
323 option name 'radiusnasid'
324 option title 'NAS ID'
325 option description 'Network access server identifier'
326 option section 'coovachilli.radius'
327 option datatype 'string'
330 option name 'radiusnasip'
331 option title 'Option radiusnasip'
332 option description ''
333 option section 'coovachilli.radius'
334 option datatype 'ip4addr'
337 option name 'radiusnasporttype'
338 option title 'NAS port type'
339 option description 'Value of NAS-Port-Type attribute. Defaults to 19 (Wireless-IEEE-802.11)'
340 option section 'coovachilli.radius'
341 option datatype 'port'
344 option name 'radiussecret'
345 option title 'RADIUS secret'
346 option description 'Radius shared secret for both servers'
347 option section 'coovachilli.radius'
348 option datatype 'string'
351 option name 'radiusserver1'
352 option title 'RADIUS server 1'
353 option description 'The IP address of radius server 1'
354 option section 'coovachilli.radius'
355 option datatype 'host'
358 option name 'radiusserver2'
359 option title 'RADIUS server 2'
360 option description 'The IP address of radius server 2'
361 option section 'coovachilli.radius'
362 option datatype 'host'
366 option title 'NAS IP'
367 option description 'Value to use in RADIUS NAS-IP-Address attribute'
368 option section 'coovachilli.radius'
369 option datatype 'ip4addr'
373 option title 'NAS MAC'
374 option description 'MAC address value to use in RADIUS Called-Station-ID attribute'
375 option section 'coovachilli.radius'
376 option datatype 'macaddr'
379 option name 'adminuser'
380 option title 'Admin user'
381 option description 'User-name to use for Administrative-User authentication in order to pick up chilli configurations and establish a device "system" session'
382 option section 'coovachilli.radius'
383 option datatype 'string'
386 option name 'adminpasswd'
387 option title 'Admin password'
388 option description 'Password to use for Administrative-User authentication in order to pick up chilli configurations and establish a device "system" session'
389 option section 'coovachilli.radius'
390 option datatype 'string'
393 option name 'coaport'
394 option title 'RADIUS disconnect port'
395 option description 'UDP port to listen to for accepting radius disconnect requests'
396 option section 'coovachilli.radius'
397 option datatype 'port'
400 option name 'coanoipcheck'
401 option title 'Do not check disconnection requests'
402 option description 'Do not check the source IP address of radius disconnect requests'
403 option section 'coovachilli.radius'
404 option datatype 'boolean'
409 option title 'RADIUS proxy settings'
410 option description 'RADIUS proxy settings'
411 option package 'coovachilli'
416 option name 'proxyclient'
417 option title 'Proxy client'
418 option description 'IP address from which radius requests are accepted. If omitted the server will not accept radius requests'
419 option section 'coovachilli.proxy'
420 option datatype 'host'
423 option name 'proxylisten'
424 option title 'Proxy listen address'
425 option description 'Local interface IP address to use for accepting radius requests'
426 option section 'coovachilli.proxy'
427 option datatype 'host'
430 option name 'proxyport'
431 option title 'Proxy port'
432 option description 'UDP Port to listen to for accepting radius requests'
433 option section 'coovachilli.proxy'
434 option datatype 'port'
437 option name 'proxysecret'
438 option title 'Proxy secret'
439 option description 'Radius shared secret for clients'
440 option section 'coovachilli.proxy'
441 option datatype 'string'
446 option title 'UAM settings'
447 option description 'Unified Configuration Method settings'
448 option package 'coovachilli'
453 option name 'uamanydns'
454 option title 'Allow any DNS server'
455 option description 'Allow any DNS server for unauthenticated clients'
456 option section 'coovachilli.uam'
457 option datatype 'boolean'
460 option name 'uamanyip'
461 option title 'Allow any IP address'
462 option description 'Allow clients to use any IP settings they wish by spoofing ARP (experimental)'
463 option section 'coovachilli.uam'
464 option datatype 'boolean'
467 option name 'dnsparanoia'
468 option title 'Inspect DNS traffic'
469 option description 'Inspect DNS packets and drop responses with any non- A, CNAME, SOA, or MX records to prevent dns tunnels (experimental)'
470 option section 'coovachilli.uam'
471 option datatype 'boolean'
474 option name 'nouamsuccess'
475 option title 'Do not redirect to UAM server'
476 option description 'Do not return to UAM server on login success, just redirect to original URL'
477 option section 'coovachilli.uam'
478 option datatype 'boolean'
481 option name 'nouamwispr'
482 option title 'Do not do WISPr'
483 option description 'Do not do any WISPr XML, assume the back-end is doing this instead'
484 option section 'coovachilli.uam'
485 option datatype 'boolean'
488 option name 'usestatusfile'
489 option title 'Use status file'
490 option description 'Write the status of clients in a non-volatile state file (experimental)'
491 option section 'coovachilli.uam'
492 option datatype 'boolean'
495 option name 'chillixml'
496 option title 'Use Chilli XML'
497 option description 'Return the so-called Chilli XML along with WISPr XML'
498 option section 'coovachilli.uam'
499 option datatype 'boolean'
503 option title 'UAM user interface'
504 option description 'An init.d style program to handle local content on the uamuiport web server'
505 option section 'coovachilli.uam'
506 option datatype 'file'
509 option name 'uamallowed'
510 option title 'Allowed resources'
511 option description 'List of resources the client can access without first authenticating'
512 option section 'coovachilli.uam'
513 option datatype 'string'
517 option name 'uamdomain'
518 option title 'Allowed domains'
519 option description 'Defines a list of domain names to automatically add to the walled garden'
520 option section 'coovachilli.uam'
521 option datatype 'string'
525 option name 'uamhomepage'
526 option title 'UAM homepage'
527 option description 'URL of homepage to redirect unauthenticated users to'
528 option section 'coovachilli.uam'
529 option datatype 'string'
532 option name 'uamlisten'
533 option title 'UAM listening address'
534 option description 'IP address to listen to for authentication of clients'
535 option section 'coovachilli.uam'
536 option datatype 'host'
539 option name 'uamport'
540 option title 'UAM listening port'
541 option description 'TCP port to bind to for authenticating clients (default 3990)'
542 option section 'coovachilli.uam'
543 option datatype 'port'
546 option name 'uamiport'
547 option title 'UAM static content port'
548 option description 'TCP port to bind to for only serving embedded content'
549 option section 'coovachilli.uam'
550 option datatype 'port'
553 option name 'uamsecret'
554 option title 'UAM secret'
555 option description 'Shared secret between uamserver and chilli'
556 option section 'coovachilli.uam'
557 option datatype 'string'
561 option name 'uamserver'
562 option title 'UAM server'
563 option description 'URL of web server to use for authenticating clients'
564 option section 'coovachilli.uam'
565 option datatype 'string'
568 option name 'uamlogoutip'
569 option title 'UAM logout IP'
570 option description 'Use this IP address to instantly logout a client accessing it (defaults to 1.1.1.1)'
571 option section 'coovachilli.uam'
572 option datatype 'ip4addr'
575 option name 'wisprlogin'
576 option title 'WISPr login url'
577 option description 'Specific URL to be given in WISPr XML LoginURL'
578 option section 'coovachilli.uam'
579 option datatype 'string'
582 option name 'defsessiontimeout'
583 option title 'Default session timeout'
584 option description 'Default session timeout unless otherwise set by RADIUS (defaults to 0)'
585 option section 'coovachilli.uam'
586 option datatype 'uint'
589 option name 'defidletimeout'
590 option title 'Default idle timeout'
591 option description 'Default idle timeout unless otherwise set by RADIUS (defaults to 0)'
592 option section 'coovachilli.uam'
593 option datatype 'uint'
596 option name 'definteriminterval'
597 option title 'Default interim interval'
598 option description 'Default interim-interval for RADIUS accounting unless otherwise set by RADIUS (defaults to 0)'
599 option section 'coovachilli.uam'
600 option datatype 'uint'
604 option title 'Web content directory'
605 option description 'Directory where embedded local web content is placed'
606 option section 'coovachilli.uam'
607 option datatype 'directory'
611 option title 'CGI program'
612 option description 'Executable to run as a CGI type program (like haserl) for URLs with extention .chi'
613 option section 'coovachilli.uam'
614 option datatype 'file'
617 option name 'localusers'
618 option title 'Local users file'
619 option description 'A colon seperated file containing usernames and passwords of locally authenticated users'
620 option section 'coovachilli.uam'
621 option datatype 'file'
624 option name 'postauthproxy'
625 option title 'Post auth proxy'
626 option description 'Used with postauthproxyport to define a post authentication HTTP proxy server'
627 option section 'coovachilli.uam'
628 option datatype 'file'
631 option name 'postauthproxyport'
632 option title 'Post auth proxy port'
633 option description 'Used with postauthproxy to define a post authentication HTTP proxy server'
634 option section 'coovachilli.uam'
635 option datatype 'file'
638 option name 'locationname'
639 option title 'Location name'
640 option description 'Human readable location name used in JSON interface'
641 option section 'coovachilli.uam'
642 option datatype 'file'