Lightning Router Config Notes

# [[Lightning Router Config]] Notes ## See also - ### [[OpenNDS Default splash.html]] - ### [[ndsctl]] - ### [[OpenNDS Splash Page Variables]] - ### [[Debug Log - Click to Continue]] - ### [[fas-aes.php]] - ### [[Level 0 Setup with Webserver]] ## Notes ### Config file - Stored in `/etc/config/opennds` - Default config, with comments: https://github.com/Higher-Bros/openNDS/blob/master/linux_openwrt/opennds/files/etc/config/opennds - Docs: https://opennds.readthedocs.io/en/stable/customize.html#the-configuration-file ### Visit splash page while authenticated: http://127.0.0.1:2080/auth?tok=aoi978oei&authaction=test ### See [[OpenWrt]] version ```bash cat /etc/banner ``` ### See logs ```bash logread | grep opennds ``` ### Set rate limits (not just deauths) https://opennds.readthedocs.io/en/stable/config.html#set-rate-quotas ```bash option uploadrate '200' option downloadrate '800' ``` ### CPD urls https://opennds.readthedocs.io/en/stable/howitworks.html#captive-portal-detection-cpd Typical CPD URLs used are, for example: - http://captive.apple.com/hotspot-detect.html - Works well for me - http://connectivitycheck.gstatic.com/generate_204 - http://connectivitycheck.platform.hicloud.com/generate_204 - http://www.samsung.com/ - http://detectportal.firefox.com/success.txt Plus many more ### Manually auth with [[cURL]] ```bash curl 'http://192.168.2.1:2050/opennds_auth/?tok=c8b6e841&redir=http%3A%2F%2F192.168.2.1%3A2050%2Findex.html' ``` ### Visit /auth url with dummy query parameters http://127.0.0.1:2080/auth?tok=aoi978oei&authaction=test ## Useful commands: **IMPORTANT: Make sure you have an ssh connection first!!** - It stays alive even if your computer is deauthenticated. - Otherwise, you will not be able to access the internet if the click to continue is broken. ```bash # Show config uci show opennds # Vim into config over ssh vim scp://[email protected]//etc/config/opennds # Set to default webroot, custom webroot uci set opennds.@opennds[0].webroot='/etc/opennds/htdocs' uci set opennds.@opennds[0].webroot='/root/frontend/build' # Add to list uci add_list opennds.@opennds[0].users_to_router='allow tcp port 8888' # Restart opennds to load new config # (stop and start also works) # (commit doesn't seem to work) uci commit opennds service opennds restart # See status ndsctl status # Auth or death my mac: ndsctl auth '38:f9:d3:84:f7:a5' ndsctl deauth '38:f9:d3:84:f7:a5' # Auth or deauth my phone: ndsctl auth '22:3f:6b:de:8f:38' ndsctl deauth '22:3f:6b:de:8f:38' # Test portal despite Mullvad's kill switch: visit 192.168.2.1 # Refresh frontend (from outside router) ssh [email protected] 'rm -rf /root/frontend' scp -r ~/projects/Lightning-Router/frontend [email protected]:/root # Commit changes, maybe that was the problem uci commit opennds # It should work now service opennds restart ``` Dev devices - My phone: `IP: 192.168.2.183 MAC: 22:3f:6b:de:8f:38` - Philip's mac: `IP: 192.168.2.242 MAC: 40:4e:36:89:02:c1` - My mac: `IP: 192.168.2.150 MAC: 38:f9:d3:84:f7:a5`