====== auto-oz ======
===== Updates =====
==== May 11 2011 ====
My service expired last night. My renew script still isn't working, but I didn't try very hard. All I did was run:
curl -K curlcfg2 http://google.com -v
curl -K curlcfg2 http://phc.prontonetworks.com/cgi-bin/authlogin -v
curl -K curlcfg2 "https://register.prontonetworks.com/registration/Main.jsp?wispId=5338&nasId=00:1b:24:78:ab:82&tempName=selAuth&orgUrl=&userMacId=00:23:69:b3:ce:65" -v -c /tmp/cookiejar
curl -K curlcfg2 -d 'username=$$$$$$$$&password=$$$$$$$$&changePassword=' "https://register.prontonetworks.com/registration/customization/default/CheckValidUserToLogin.jsp" -v -b /tmp/cookiejar -c /tmp/cookiejar
curl -K curlcfg2 https://register.prontonetworks.com/registration/chooseAuth.do -d 'loginUserId=$$$$$$$$&loginPassword=$$$$$$$$&authType=Pronto' -e "https://register.prontonetworks.com/registration/customization/default/CheckValidUserToLogin.jsp" -v -b /tmp/cookiejar -c /tmp/cookiejar
curl -K curlcfg2 https://register.prontonetworks.com/registration/buyAPlan.do -d 'planId=#############&rPM=Yes&selectPG=Verisign&agree=agree' -v -b /tmp/cookiejar -c /tmp/cookiejar
curl -K curlcfg2 https://register.prontonetworks.com/registration/buyAPlanConfirm.do -d 'planId=#############&planType=PREPAID&requestComingFrom=BuyAPlan&paymentMethodId=CC&customerId=#############&creditCardNumber=################&creditCardId=#############' -v -c /tmp/cookiejar -b /tmp/cookiejar
curl -K curlcfg2 https://register.prontonetworks.com/registration/process.jsp -v -b /tmp/cookiejar -c /tmp/cookiejar
curl -K curlcfg2 https://phc.prontonetworks.com/cgi-bin/authlogin -d 'serviceName=ProntoAuthentication&userId=$$$$$$$$&password=$$$$$$$$' -v -b /tmp/cookiejar -c /tmp/cookiejar
curl -K curlcfg2 "http://www.onezone.ca/wifi/wifi_success.html?wispId=5338&nasId=00:1b:24:78:ab:82&newReg=Y&sessionId=#############&freePlan=N" -v -b /tmp/cookiejar -c /tmp/cookiejar
curl -K curlcfg2 "http://www.onezone.ca/wifi/wifi_checkaccount.html?wispId=5338&sessionId=#############&nasId=00:1b:24:78:ab:82&newReg=Y" -v -b /tmp/cookiejar -c /tmp/cookiejar
curl -K curlcfg2 "https://register.prontonetworks.com/registration/Main.jsp?wispId=5338&nasId=00:1b:24:78:ab:82&sessionId=#############" -v -b /tmp/cookiejar -c /tmp/cookiejar
You need the file /sbin/curlcfg2, which contains:
-A "Mozilla/5.0 (iPhone; U; CPU iPhone OS 2_2_1 like Mac OS X; en-us) AppleWebKit/525.18.1 (KHTML, like Gecko) Version/3.1.1 Mobile/5H11 Safari/525.20"
-k
Note that you'll need to replace "$$$$$$$$" with your username or password as appropriate, and "#############" with whatever the appropriate number is, matching whatever was received in the results of the last command. If you run these commands twice, it'll bill your account twice, but give you two months of service. You can confirm this by checking your oz account info (for which you don't need cookies):
- Go to http://www.onezone.ca/wifi/myaccount.html?wispId=5338&nasId=00:1b:24:78:ab:82 (from anywhere)
- Click My Account
- Log in with username and password
- Click Home
==== April 13 2011 ====
I was expecting the service at SLM to die on Sunday (10th), but it was still running until 2am last night. When I got in today, there were 53 instances of 'onezone-check.pl' running on the auto-oz router, each one also having an instance of udhcpc. I ran:
killall onezone-check.pl
And then:
/sbin/onezone-check.pl
And we were online. So maybe Onezone didn't log us out; maybe the router was just choking. Just to see what would happen, I ran:
cd /sbin
./onezone-logout.sh
./onezone-check.pl
And it came up fine.
So, last time I was here I ran the renew script a second time to see if it would credit me another month. At the time I remember thinking that it hadn't. But looking now, it's not set to expire until May 10th.
Unfortunately, I can't get the renew script to run anymore. When it tries to run the shell onezone-Mainjsp.sh script, it hangs. Launching curl from a shell script from a perl script was working before, but appears not to now. I rebooted the router; same problem. I tried setting a timeout in curl by setting '-m 10' in curlcfg, but that didn't do anything.
==== March 3 2011 ====
what's happening is that on this command:
curl -K curlcfg https://register.prontonetworks.com/registration/customization/default/CheckValidUserToLogin.jsp -d "username=XXX&password=YYYYYY&changePassword=" -e "https://register.prontonetworks.com/registration/Main.jsp?wispId=5338&nasId=00:1b:24:78:ab:82&tempName=selAuth&orgUrl=&userMacId=00:23:69:b3:ce:65" -b /tmp/cookiejar
onezone returns:
Session Timed out. Error in Proceeding Further. Please close and restart your browser.
I tried removing the "-b /tmp/cookiejar" from the command, and it does the same thing.
So, I guess we need to go further back to find the spot it stop complaining about this. Let's try:
curl -K curlcfg "https://register.prontonetworks.com/registration/Main.jsp?wispId=5338&nasId=00:1b:24:78:ab:82&tempName=selAuth&orgUrl=&userMacId=00:23:69:b3:ce:65" -b /tmp/cookiejar
curl -K curlcfg https://register.prontonetworks.com/registration/customization/default/CheckValidUserToLogin.jsp -d "username=XXX&password=YYYYYY&changePassword=" -e "https://register.prontonetworks.com/registration/Main.jsp?wispId=5338&nasId=00:1b:24:78:ab:82&tempName=selAuth&orgUrl=&userMacId=00:23:69:b3:ce:65" -c /tmp/cookiejar
Same problem. Check the cookies. It's setting the same one:
register.prontonetworks.com FALSE /registration TRUE 0 JSESSIONID 0a0a0a4730d54b28d991910e4309a603ca5a1fbe4e94.e3yQbx4TbNeLe34Lb3mKchePbhn0n6jAmljGr5XDqQLvpAe
register.prontonetworks.com FALSE /registration TRUE 0 JSESSIONID 0a0a0a4730d54b28d991910e4309a603ca5a1fbe4e94.e3yQbx4TbNeLe34Lb3mKchePbhn0n6jAmljGr5XDqQLvpAe
Let's try deleting the cookie file.
rm /tmp/cookiejar
curl -K curlcfg "https://register.prontonetworks.com/registration/Main.jsp?wispId=5338&nasId=00:1b:24:78:ab:82&tempName=selAuth&orgUrl=&userMacId=00:23:69:b3:ce:65" -c /tmp/cookiejar
It gave us the same cookie again:
register.prontonetworks.com FALSE /registration TRUE 0 JSESSIONID 0a0a0a4730d5cfc25258927348bb8e5af08d27bdf765.e3yQbx4TbNeLe34Lb3mKchePbhn0n6jAmljGr5XDqQLvpAe
Well, let's keep going:
curl -K curlcfg https://register.prontonetworks.com/registration/customization/default/CheckValidUserToLogin.jsp -d "username=XXX&password=YYYYYY&changePassword=" -e "https://register.prontonetworks.com/registration/Main.jsp?wispId=5338&nasId=00:1b:24:78:ab:82&tempName=selAuth&orgUrl=&userMacId=00:23:69:b3:ce:65" -b /tmp/cookiejar
This time it didn't return the session timeout message. I think maybe it's because I had my "-b" and "-c" confused on the commandline. -b is to read, -c is to write.
Let's run the script again:
./onezone-renew.pl
It did the same thing: die at ./onezone-renew.pl line 67.
[.......]
The renew wasn't working and so I logged in manually through my browser to try to see what was up. All I did was log in and the whole rig started working immediately.
So... that means there's something's wrong with the onezone-login.sh script. It looks like that script isn't reading cookies, which is maybe the problem.
This is awkward, because when the login doesn't work, the onezone-check script going straight to try to renew. Awkward, eh?
So, I modified onezone-login.sh to get a cookie, and then send that cookie along with the login request. To the extent that my tests now are valid, it seems to be working.
There's also the problem of multiple instances running. Fix this too!
===== Installation =====
This is a way to configure an OpenWRT router to connect in client mode to the OneZone network. I've tested it ONLY using whiterussian-rc5, on a Linksys WRT54GL and a Motorola WR850G.
Notes:
* You can use this with either a regular $30/month OneZone account, or a $5/month iPhone account. There are two tricks with the iPhone account: first (predictably) you can only sign up for the account if you hit the captive portal using an iPhone/iPod (iPad?) browser -- either an actual device, or a desktop browser with a spoofed user-agent. Second, when you create the account, it (at least temporarily) **gets locked to the MAC address of the wifi client**. So the best way to do it is to use a laptop browser spoofing an iPhone user-agent, plugged into the router that's going to be the client.
* You're much better off configuring the router someplace where you've got a wired Internet connection. These instructions assume that you've got one. I've managed to pull it off otherwise, but it's a hassle.
* Of course, in order to test this properly, you need to be doing the setup someplace where you've got a reasonably strong OneZone signal.
* Instructions here are specific to Wireless Toronto's setup: we want these routers to check into the open-mesh dashboard so that we can monitor them and get notifications. They also connect to our OpenVPN server. If you're not Wireless Toronto, you'll have to adapt this to suit your needs.
* It **may** be possible to use two iPhone accounts simultaneously in two different locations, by spoofing the MAC address of the wifi interface on the router. The way to do that is 'nvram set il0macaddr=xx:xx:xx:xx:xx:xx'.
Steps:
- if there's any chance that it has some wacko nvram settings, reset the router to factory default (or use mtd erase if you know what you're doing)
- flash the router with whiterussian-rc5
- plug it into an Internet connection
- ssh into it
- run this:
vi /etc/ipkg.conf
- add this line:
src xwrt ftp://ftp.berlios.de/pub/xwrt/packages
- run this:
ipkg update
ipkg install microperl curl
cd /sbin
wget http://wirelesstoronto.ca/dist/om-checkin.pl
wget http://wirelesstoronto.ca/dist/onezone-check.pl
wget http://wirelesstoronto.ca/dist/onezone-login.sh
wget http://wirelesstoronto.ca/dist/onezone-logout.sh
chmod +x om-checkin.pl
chmod +x onezone-check.pl
chmod +x onezone-login.sh
chmod +x onezone-logout.sh
cd /etc
wget http://wirelesstoronto.ca/dist/om-checkin.conf.pl
ifconfig eth0
WARNING: auto-oz is still in development. the versions of these files on the server aren't the newest ones. If you're interested, contact Gabe.
- it will output the mac address. Copy it, and add the node to the OM dashboard. The dashboard will then calculate its IP address.
- run this:
vi /etc/om-checkin.conf.pl
- put the IP & MAC address in the appropriate spots
- run this:
crontab -e
- add this line:
*/2 * * * * /sbin/om-checkin.pl
- run this:
ipkg install ntpclient
cd /etc/init.d
wget http://wirelesstoronto.ca/dist/S55ntpclient
chmod +x /etc/init.d/S55ntpclient
/etc/init.d/S55ntpclient
echo EST5EDT,M3.2.0/02:00,M11.1.0/02:00 > /etc/TZ
cd /etc/init.d
cp S99done S99done.real
rm S99done
mv S99done.real S99done
vi /etc/init.d/S99done
- add these lines to the end:
# start crond
/usr/sbin/crond -c /etc/crontabs
- run this:
mkdir /etc/crontabs
touch /etc/crontabs/root
ln -sf /etc/crontabs/root /etc/crontab
/usr/sbin/crond -c /etc/crontabs
vi /etc/crontab
- add this line:
0 * * * * /usr/sbin/ntpclient -l -h pool.ntp.org -i 5 -s
- run this:
killall crond
/usr/sbin/crond -c /etc/crontabs
ipkg install openvpn
mkdir /etc/openvpn
cd /etc/openvpn
wget http://wirelesstoronto.ca/dist/client.conf
vi /etc/openvpn/client.conf
- replace NODEID with the real router id
- run this:
cd /etc/openvpn
wget http://wirelesstoronto.ca/dist/ca.crt
- copy cert files from the server: scp wireless@openvpn.wirelesstoronto.ca:easy-rsa/keys/client(NODEID).* .
- run this:
chmod 600 client*.key
cd /etc/init.d
wget http://wirelesstoronto.ca/dist/S90openvpn
chmod +x S90openvpn
nvram set wl0_mode=sta
nvram set lan_ifname=br0
nvram set lan_ifnames=vlan0
nvram set wan_ifname=eth1
nvram set lan_ipaddr=192.168.88.1
nvram set lan_proto=static
nvram set wan_proto=dhcp
nvram set wl0_ssid="One Zone_High Speed Internet"
nvram commit
reboot
- now use a desktop browser spoofing an iPhone user-agent to log into onezone and create an account
- run this:
vi /sbin/onezone-login.sh
- replace "" with the username, and "" with the password
- reboot it and watch it get online within a minute or so!
- test your packet loss and throughput. Note that you might want to leave it in place for ~5 minutes, since the signal strength & throughput seems to get better over the first few minutes.