Routing internet only to apname_ssid and not ap_ssid

Hola

I want to know if it is possible to route internet from ethernet port only to apname_ssid wifi signal and not to ap_ssid.

what i intend to do is to provide different functionalities for ap and apname

ap_ssid - will be open network where users can access locally hosted services/apps
apname_ssid - will be password protected to connect to internet and also still provide access to locally hosted services/apps

can we create two wifi networks with different behaviours like i mentioned above?

hi @alemaree, welcome to the foro!

What you need to accomplish, prividing a restricted access to the internet that is only allowed to a certain group, it can be done from factory by a functionality called Pirania implemented by @luandro .

DISLAIMER: Pirania is still considered alpha software, meaining it hasn’t gone through the tests and use that the rest of the stack has, so it is only recommended to be used as a technology preview, and by technicians that could find their way around.

It is a captive portal that allows freeriders to access local services and peer-to-peer exchanges, but limits access to the internet to those that have a voucher, and it has a voucher management mechanism.

You can check its documentation here: https://github.com/libremesh/lime-packages/tree/master/packages/pirania

thanks @nicopace

pirania is a good suggestion. would like to explore it. but could not find much documentation in the github link you shared.
are there tutorials on how to create vouchers and how to enable it in librerouter, etc. ?

DISLAIMER: Pirania is still considered alpha software, meaining it hasn’t gone through the tests and use that the rest of the stack has, so it is only recommended to be used as a technology preview, and by technicians that could find their way around.

Pirania comes bundled in the LibreRouter image.

As it is a very recent feature, I would encourage you to use the last release: https://gitlab.com/librerouter/librerouteros/-/releases/

If you have coding skills you can build it yourself to try the last working version and contribute to its development. You will find the build instructions here: https://gitlab.com/librerouter/librerouteros/-/blob/librerouter-18.06/README.md

Pirania comes disabled, so you will have to enable it on each of the nodes as it is not yet integrated with the rest of the stack.

In order to do this, you will need to access the device via SSH through ssh root@thisnode.info .

To enable it, you can do:

uci set pirania.base_config.enabled=1
uci commit

or edit the /etc/config/pirania file, changing the enabled option from 0 to 1.
then uci commit or reboot.

You can check it out on its config file: https://github.com/libremesh/lime-packages/blob/master/packages/pirania/files/etc/config/pirania#L2

Once you did that and you connect to the router’s access point, you should be redirected to the captive portal homepage, http://thisnode.info/portal/

You can manage it from your lime-app accessible via http://thisnode.info

@luandro did a demo of how the captive portal works on this video some months ago that could be of good use: https://www.youtube.com/watch?v=DJqnO0M9MD0

In my librerouter I do not get a link to the access page in the lime-app as shown in that youtube video.
I did upgrade the firmware to the latest one. followed all the steps mentioned in the page.
is there a command to check which version of firmware is active on the router?

Update:
The problem with Pirania not working is only with my phone: Xiaomi S2.

I have tested with 2 more phones and 1 linux pc and it worked.
When i connect to the network from other smartphone, a popup appears with Pirania portal.

When I connect from linux pc, the web browser alerts me to sign in. I have an issue here:

  1. it loops forever between “Portal” and “Redirect” pages, and never shows the portal.
  2. If i write an http url it takes me to the loop
  3. If i write an https url, the borwser go to a non connection page.
  4. If i write somethin random in url bar, like “asda”, the borwser ask me: “do you want to go to asda?” If i choose “yes”, it takes me to the LimeApp but using my random word as domain: http://asda/app/#/rx

Back in Xiaomi phone, after forgetting networks and rebooting, the first connection shows me the portal, and then never again.

Now i have to work in customize the portal and continue testing that issues.

Looks Great! Thank you!

---------------Original Comment:-----------------
I have the same problem.
I’m using a wdr4310 with LibreRouterOS

I ran
uci set pirania.base_config.enabled=1
uci commit

Enabled option is set to 1 in the config file.

I can access the portal through /portal but i don’t see any link in LiMe app.

The router is not redirecting My browser requests.

Some Installed packages:
pirania 2020-03-08-1583699826

Some Processes:

/usr/sbin/uhttpd -f -h /www/pirania-redirect/ -E / -l / -L /www/pirania-redirect/redirect -n 20 -p 59080

2067	dnsmasq	/usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.cfg01411c -k -x /var/run/dnsmasq/dnsmasq.cfg01411c.pid	

2073 root	 /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.cfg01411c -k -x /var/run/dnsmasq/dnsmasq.cfg01411c.pid	

15419	root	/bin/ash -c ((sleep $(($RANDOM % 30)); /etc/shared-state/publishers/shared-state-publish_vouchers && shared-state sync pirania &> /dev/null)&)

15448	root	 {shared-state} /usr/bin/lua /usr/bin/shared-state bleach dnsmasq-hosts

Hi @rulosanti and @alemaree.
It is important to note that Pirania is not finished, it might have some rough edges and it doesn’t come fully out of the box with the LibreRouterOS yet, so in order to test it out you might have to hack your way around it.

Still, as @luandro is willing to document, if you want to get into it it would be great so it can get more eyes on it and make it better.

The part that is integrated in the LibreRouterOS is the router side part, but not the user interfaces… that is why it is not accesible from the lime-app.

Thanks Nico.
@luandro tell me if i can help testing, writing Docs, etc. If You want we can continue working in Github.