Tutorial Hotspot
Transcript of Tutorial Hotspot
How To Build an Open Source Wi-FiHotSpot with DD-WRT
{mospagebreak toctitle= Introduction, Alternative Firmware, Projects}
Introduction
Figure 1: Students using a Wi-Fi hotspot.
If you've ever tried to set up a Wi-Fi HotSpot, you may have already discovered that you need more
than a broadband Internet connection and wireless router or access point. Off-the-shelf routers and
APs don't provide the "captive portal" function needed to either authenticate users or just let them
know who to thank for their free connection. Nor do they usually provide other features such as
billing support, bandwidth limiting and user isolation. To obtain hotspot-specific features and
capabilities, you must use a device commonly referred to as a hotspot gateway.
If you have already figured out that you need a hotspot gateway to set up a Wi-Fi hotspot, you
might not know about the great benefits open-source projects offer in this realm. The focus of this
How To is to get you up to speed on open-source resources and walk you through a simple
configuration example.
Alternative Firmware - Pros and Cons
Many wireless routers are based on open source operating systems and tools, which open the door
to enterprising developers to either provide minor tweaks, or entire alternative firmware distros.
These alternative firmwares open up features not usually available in inexpensive SOHO routers,
including hotspot features such as captive portal and bandwidth limiting.
Whether you re setting up wireless Internet access at a public venue (such as a small B&B, store
THURSDAY, 06 SEPTEMBER 2007 11:23 ERIC GEIER
How To Build an Open Source Wi-Fi HotSpot with... http://www.smallnetbuilder.com/wireless/wireless...
1 of 11 06/29/2010 04:03 PM
or restaurant) or in an office building (for visitors, consultants, and salespeople), open source
firmware offers an alternative solution for your hotspot needs. Before you take the plunge, you
should be aware of the negatives, along with the benefits you can reap, shown in Table 1.
Pros Cons
Saves money Voids factory warranty
Enterprise features No guaranteed support
Customization More complex setup
Table 1: Pros and Cons of Alternative router firmware
Saving money is one of the greatest benefits. You can spend just $40 to $60 for a simple router
and load it with free firmware to gain functions similar to those in a "real" hotspot gateway costing
hundreds more.
Additionally, the third-party firmware gives you the ability to use features usually available only in
enterprise devices, such as VLANs, virtual/multiple SSIDs, VPN server, bridging and Quality-
of-Service (QoS) capabilities. Another benefit is being able to customize the functionality of the
router even beyond what s provided by the open-source firmware—if you know your way around
coding and networking.
On the minus side, using third-party firmware will definitely void your warranty. So if you have
problems, you can't tap your product's vendor for help or product replacement in case of failure. And
given that you re essentially messing with the "brains" of electronic equipment, setup is a bit more
complex than using off-the-shelf hotspot gateways, which are specifically designed for hotspot
solutions.
Fortunately, the more popular alternative distributions, like the one we'll use, tend to have active
user communities with wikis, forums and other lifelines that you can grab onto in case of problems.
But if you're the type who needs to be able to call someone when you run into a problem, then
alternative firmware probably isn't for you.
The Projects
There are three popular general open-source firmware projects offering hotspot capabilities:
DD-WRT: Offers many firmware versions to support many different routers. Along with addingnew general features, open-source projects designed specifically for hotspots are intergraded.
Sveasoft: Also offers multiple firmware versions, including a free public release supporting theubiquitous Linksys WRT54G/GS routers and more advanced editions supporting additionalrouters. It includes hotspot specific features, but requires a yearly $20 subscription fee.
OpenWRT: Unlike most other firmware replacements, setting up hotspot features and aweb-based GUI interface requires advanced knowledge and additional installation.
There are also many open-source projects specifically developed for hotspot solutions, including the
following (which I discuss later):
ChilliSpot
Wifidog
How To Build an Open Source Wi-Fi HotSpot with... http://www.smallnetbuilder.com/wireless/wireless...
2 of 11 06/29/2010 04:03 PM
NoCat
Sputnik
CoovaAP
If you're designing large public networks, there are also firmware replacements designed for mesh
networking, such as freifunk and Roofnet.
Setting Up DD-WRT For Hotspot Use
I ve chosen to cover setting up DD-WRT, as it s a well-rounded, feature-rich firmware
replacement offering many hotspot solutions. The following steps will walk through the process of
installing and setting up DD-WRT for a public hotspot solution.
Step 1: Get a Supported Router
The first step is to round up a supported 802.11g wireless router, such as the following:
Linksys WRT54G/GL/GS
Buffalo WHR-G125 and WHR-HP-G54
Asus WL-500G and WL-300G
You can also view the full list of supported devices on the DD-WRT website, along with a great
comparison chart and list of top routers.
Note: You should try to avoid devices with only 2MB of flash memory (such as WRT54G/GS
v5.0/6.0) because you ll only be able to run the micro version of DD-WRT. You should also note
the Asus WL-500G premium is only supported by v23 SP3 and later releases.
Step 2: Get the DD-WRT Firmware
Next you need to download the firmware, based on the particular router you re using and your
desired features, from the collection on the DD-WRT website.
Before you start browsing the collection, however, you should familiarize yourself with the firmware
naming and organization schemes. You ll see the firmware organized into three different sections:
stable, release candidates, and beta. As you can perhaps infer, the stable section is your best
bet, providing thoroughly-tested firmware releases.
Note: The most recent stable release (at the time of this writing) is v23 SP2 and the latest
release candidate is v24 RC1.
Each firmware release offers a common set of versions (see Figure 2 for a comparison) which
provides more control over the features included in the firmware to conserve router resources, and to
support routers with smaller memory sizes. In most cases, the Standard version is the best choice
for hotspots, as it embraces all the features except the special VoIP and VPN components.
How To Build an Open Source Wi-Fi HotSpot with... http://www.smallnetbuilder.com/wireless/wireless...
3 of 11 06/29/2010 04:03 PM
Figure 2: Comparison of DD-WRT firmware file versions.
There are also different firmware types:
ASUS: For the WL-300/500G models.
Generic: For routers that don t require their own version and for special cases.
Linksys specific: Specific firmware versions for the particular models, beginning with wrt.
Motorola specific: For micro and mini file versions only, and identified by moto.
Tip: When flashing from original Linksys firmware, you must first use the mini version; then
you can upgrade/flash to another version. When using the web interface method, you must use the
generic firmware types.
When browsing through the firmware collections, you ll see file names in the following format:
dd-wrt.vXX_set_type.bin. The XX identifies the firmware version, set defines the firmware collection
(such as micro or VOIP and is displayed for only nonstandard sets), and type identifies the hardware
type (such as ASUS or Generic).
Step 3: Flash Router with the DD-WRT Firmware
There are two basic methods to flash a router: Trivial File Transfer Protocol (TFTP), a simple file
transfer method using a command line interface, and using a router's web interface firmware
upgrade feature. Flashing via the web interface is easier and supported by most routers. The
exception is Buffalo devices, where you must use TFTP.
Warning! Warning! Warning! Warning!
How To Build an Open Source Wi-Fi HotSpot with... http://www.smallnetbuilder.com/wireless/wireless...
4 of 11 06/29/2010 04:03 PM
- As with any open-source firmware, it s very important to follow all the
directions and precautions because one mistake could ruin (brick) your router.
- Making these changes will, of course, void your warranty.
- SmallNetBuilder, Pudai LLC and I are not responsible for any damage that
the information in this article may cause.
Since the exact flashing procedure can vary depending on the router manufacturer vendor and
model, you need to reference the flashing directions on the DD-WRT website.
Step 4: Setup a Hotspot Solution
As touched on before, DD-WRT integrates many independent open source projects specifically
designed for hotspots into its firmware, including the following:
Sputnik: Integration with a free/paid hosted service from Sputnik that provides userauthentication and device management for use with free or pay access hotspot solutions.Although you may pay for the service, it s a bit more user-friendly than the other solutions,which are all open-source.
Wifidog: Integrated into the firmware, providing advanced captive portal and contentmanagement features for free access hotspots. You must set up an external server with theirproprietary software which requires some advanced web development skills and knowledge.
Chillispot: Enables hotspot user authentication and management for free or pay accesshotspot solutions, but requiring an external RADIUS server. Hosted servers, however, provide aneasily way to obtain the advanced hotspot features and functionality. Here s a few places thatoffer free/paid hosted services for use with this solution:
Worldspot.net
Skyrove
HotSpotSystem.com
WirelessOrbit
NoCatSplash: Provides only a simple captive portal (splash screen) feature with a few filteringoptions, however is excellent for giving away free access (or even paid access with some work)when user tracking and advanced hotspot management isn t necessary. It s best to havesome web development experience, as you must create your own splash screen. Otherwiseit s fairly straightforward.
Now that you have chosen a solution, here are the basic steps (in v23 SP2) to set it up:
Login to the web interface (figure 3 shows an example) using the router s IP address (by
default 192.168.1.1).
1.
How To Build an Open Source Wi-Fi HotSpot with... http://www.smallnetbuilder.com/wireless/wireless...
5 of 11 06/29/2010 04:03 PM
Figure 3: Example of the DD-WRT web interface.
Click the Services tab.2.
Enter the router s username and password (by default root and admin) into the dialog box.3.
Click the Hotspot tab. Figure 4 shows an example of this page.4.
Figure 4: Example of the hotspot settings page in DD-WRT.
How To Build an Open Source Wi-Fi HotSpot with... http://www.smallnetbuilder.com/wireless/wireless...
6 of 11 06/29/2010 04:03 PM
Enable one of the hotspot solutions, configure the settings, and click Save Settings.5.
Although we won t discuss configuring each solution, most of the bullets given earlier offer links to
configuration instructions or at least the website of the project where you can obtain help.
Setting Up NoCatSplash
So that you end up with at least one working solution from this How To, I'll walk through setting up
NoCatSplash.
Before configuring the settings, you need to create a web page (.html file) for the splash screen.
You can then upload it to the router or host it on a website. After connecting to the hotspot, a user
must click the button (such as I agree) on your splash screen before browsing the web.
Use code similar to the following to create a form on the splash page:
<p><b><font size="5">Welcome to $GatewayName!</font></b></p>
<p><b><font size="2">Read the following terms and conditions,
and hit the I Agree to proceed.</font></b></p>
<p><font size="2">...</font></p>
<form name="login" method="post" action="http://192.168.1.1:5280/">
<input type="hidden" name="accept_terms" value="yes" />
<input type="hidden" name="redirect" value="$redirect">
<input type="hidden" name="mode_login">
<input type="submit" value="I Agree">
</form>
You can use the $redirect variable to send users to a site of your choice (instead of the URL they
originally tried to access) after they "authenticate" by clicking the "I Agree" button.
Another optional variable is $GatewayName, which displays the value of the Gateway Name
(defined later in the settings) on the splash page.
Now you need to configure the settings:
How To Build an Open Source Wi-Fi HotSpot with... http://www.smallnetbuilder.com/wireless/wireless...
7 of 11 06/29/2010 04:03 PM
Figure 5: Example of the NoCatSplash settings in DD-WRT.
Gateway Name: This value can be displayed on the splash page when using the optional variable,
$GatewayName.
Home Page: Enter your website address, if you have one.
Allowed Web Hosts: List of domains (separated by a single-space) that users can access before
hitting the button. If the splash page is on a website, you must enter its domain.
Document Root: The directory on the router where the SplashForm (or splash webpage) is located.
If you re hosting the splash page on a website you can ignore this field.
Splash URL: Enter the webpage address of your splash page, if hosting on a website; otherwise
leave blank if uploading to the router.
Exclude Ports: Specify TCP ports (such as 25 for SMTP) to block from the hotspot users. Separate
each port number by a single-space.
MAC White List: List of MAC addresses (separated by a single-space) that have unrestricted
access. You can for example, enter the MAC addresses of your radio cards so you are not blocked
from any ports you ve excluded.
Login Timeout: Specifies how often (in seconds) the splash screen is displayed. For example, you
could set this to 86400 seconds, so every 24 hours the user will see the splash page and have to
click the button again.
Verbosity: This specifies the amount of actions that s written to the syslogd log. The default value
of 5 logs most actions and should be fine for most situations. However to log everything set this to
How To Build an Open Source Wi-Fi HotSpot with... http://www.smallnetbuilder.com/wireless/wireless...
8 of 11 06/29/2010 04:03 PM
10, or 0 to disable logging.
Route Only: When enabled, your router won t run NAT. Unless you have a strictly routed network,
the default setting (disabled) should be fine.
Figure 6 shows the end result of the splash page created with the code given earlier and the
settings configured in Figure 5.
Figure 6: Example of the DD-WRT splash page.
Step 5: Configure Additional Settings
To better adapt your DD-WRT powered router for hotspot use, you should think about making these
changes:
Enable Info Site Password Protection: By default, a page showing status details of the routeris displayed (Figure 7) without requiring a password, when a user accesses the router's admin IPaddress. Although, the information isn t particularly sensitive, you should prevent publicaccess to it. Go to the Management settings on the Administration tab and refer to the WebAccess section.
How To Build an Open Source Wi-Fi HotSpot with... http://www.smallnetbuilder.com/wireless/wireless...
9 of 11 06/29/2010 04:03 PM
Figure 7: Example of the Info Site page in DD-WRT.
Filter SMTP traffic: To prevent users from sending SPAM using your Internet connection, youcan block SMTP traffic. Refer to the Blocked Services section on the Access Restrictions tab.Depending on the solution you use, this can also generally be set using your hotspotmanagement settings.
Enable AP Isolation: Prevents communication (i.e. file sharing) between the hotspot userswhich helps secure users that forget to disable sharing. Go to the Advanced Settings on theWireless tab.
Configure QoS: To control the bandwidth each person uses on the hotspot you can configureQoS. Go to the QoS Settings section of the QoS subtab of the NAT/QoS tab. Depending onthe solution you use, you may also be able to control this with your hotspot managementsettings.
Conclusion
In this article, we discussed how you can take advantage of the open-source community when it
comes to setting up a Wi-Fi hotspot. You can use third-party firmware on simple off-the-shelf routers,
instead of buying a commercial hotspot gateway. Although requiring some extra time and a bit more
risk, our solution saves hundreds of dollars.
Among the three general firmware solutions discussed, DD-WRT is most likely the best bet for open
source and Linux beginners. In addition, it is intergrated with the most popular open source hotspot
solutions.
Have fun with your new hotspot!
How To Build an Open Source Wi-Fi HotSpot with... http://www.smallnetbuilder.com/wireless/wireless...
10 of 11 06/29/2010 04:03 PM
Related Items:
ZyXEL Adds 802.11n Hotspot Gateway
T-Mobile rolls out home Wi-Fi connection service
iPass launches Wi-Fi Hotspot Index
Belkin adds Boingo support to Wi-Fi Skype phone
How To: Using m0n0wall to create a Wireless Captive Portal
Discuss this in the Forums
Linksys Wireless-G WRT54GL Broadband Router
Shop at Price Stock
Merchant Info$79.99 yes
Merchant Info$66.99 yes
Merchant Info$69.00 yes
Compare Prices for All 9 Sellers ($59.99 - $86.18)
How To Build an Open Source Wi-Fi HotSpot with... http://www.smallnetbuilder.com/wireless/wireless...
11 of 11 06/29/2010 04:03 PM