- This topic is empty.
October 14, 2009 at 5:56 pm #41976securenetMember
This question is not strictly a ZS inquiry…..
I am trying to design a WiFi Network where the clients visit and local web page, enter the requires information and after pressing the submit button a Script is executed and Provisions the clients access to the network.
The script will create a User Account.
The script will assign a Static IP Address.
The script will add an entry in the Firewall, in the Out Chain for WAN Access.
The script will add an entry to track network usage.
add the clients information to a database.
The script will do what ever I needed to be done.
I am assuming that this is a lot of work and I am will to learn, I simply need to be pointed into the right direction.
Thanks for any help that is offered.October 14, 2009 at 9:47 pm #48925yumMember
Maybe it’s better to use existing billing system and only write some custom rules to communicate with zeroshell router? Backend scripts are located at folder /root/kerbynet.cgi/scripts/.October 15, 2009 at 1:51 pm #48926securenetMember
Thanks You for the Info:
Maybe it’s better to use existing billing system and only write some custom rules to communicate with zeroshell router? Backend scripts are located at folder /root/kerbynet.cgi/scripts/.
To confess, I do not know anything about Programming or Scripting so I will be actively logging to information or someone that can assist. But what program can I run in a website that will communicate with the /root/kerbynet.cgi/scripts/.
Example: Java, C++, Bash, Perl, PHP….
If I know what is best then I would know who to look for, for help.October 15, 2009 at 3:24 pm #48927yumMember
There are hundreds of bash scripts in that folder. They automate many operations, such as adding new firewall rules, QoS rules, managing network interfaces e.t.c.
For example run
/root/kerbynet.cgi/scripts/dhcp_addstatic 00 192.168.10.10 AA:BB:CC:DD:EE:FF
to add new static DHCP entry.
Remote execution of those commands can be done via ssh:
ssh root@ZEROSHELL.IP.ADDRESS "/root/kerbynet.cgi/scripts/command_to_run ARG1 ARG2 ARG3"
To enable remote login via ssh without typing root password you can do next steps (manual copied from page that cannot be found on the web anymore):
SSH to you ZeroShell firewall and login as “admin” then drop to a shell “S”.
In the “/Database” directory, create a directory called “startup”.
Copy “/etc/ssh/sshd_config” to “/Database/startup/sshd_config”.
Edit “/Database/startup/sshd_config” and comment out “AllowUsers admin”, then uncomment “#AuthorizedKeysFile .ssh/authorized_keys” and save the file eg.
# AllowUsers admin
On your other machine:
Run “ssh-keygen -t rsa” to generate a public / private key pair, in “/root/.ssh/id_rsa”
DO NOT ENTER A PASSPHRASE
Copy the contents of “/root/.ssh/id_rsa.pub” using your fav editor to the ZeroShell “/Database/startup/.ssh/authorized_keys” file.
Create a startup script, “/Database/startup/rc.local” and paste in the following (modify YOUR_ROOT_PASSWORD below)
/bin/cp /Database/startup/sshd_config /etc/ssh/sshd_config
/bin/cp -Rp /Database/startup/.ssh /root/.ssh
echo “root:YOUR_ROOT_PASSWORD” | /usr/sbin/chpasswd /sbin/service sshd restart
Login to your ZeroShell web admin and navigate to “Setup”, then “Startup”
Enable the startup configuration and add “/Database/startup/rc.local” to the Pre-boot startup script and save it.
Reboot your ZeroShell firewall.
You should now be able to SSH in as “root” with the password set above and drop to a shell prompt.
Check that an SSH connection from your LAN box to your ZeroShell firewall returns a “root@ZS root>” without prompting for a password eg.
ssh -i /root/.ssh/id_dsa root@ZEROSHELL_IP
This is not very secure but works for me.January 16, 2010 at 8:11 pm #48928TobiasKMember
For the User Accounting you can try my scripts (Look in the Shell Code)
Here you can find some automatic Tools to create Users with passwords…March 23, 2010 at 6:20 pm #48929Chrissy12Member
Tobias has the right idea. This is much simpler than doing it manually…
- You must be logged in to reply to this topic.