This is long overdue, but here it is anyway. The source codes I used to set up Squid as a captive portal. The bundle also includes the squid config file, the redirector script, and the authentication pages.
Requirements:
- Squid
- Apache, PHP 5.2 or higher, and MySQL (which are easily found on almost every Linux-based machine)
- Memcached
- The Memcached PHP Extension from PECL
- The Kohana PHP Framework
In my code, memcached is configured to be running on localhost on port 28888.
Getting started:
Once you have these things set up, these steps should get you up and running:
- Extract all files to a folder, somewhere, on your computer
- Create a new database and import SquidCaptive.sql into it
- Set up a database user which can access the database
- Add a user to the users table in the database. Use sha1-hashing for the password.
- Extract the approot and www-folders to a folder on your webserver
- Configure a vhost in Apache with the document root set to the www-folder. Use a non-standard port number if possible (like, 8080 or 81)
- In index.php in the www-folder, change the $kohana_system variable to the path where Kohana’s files are stored. I did not include the full distribution of Kohana, but only the files I needed.
- In the approot-folder, go to config/database.php and edit it to reflect the correct database user, password and database itself
- Place scripts/redirect.php in a folder which the Squid-user can access.
- In redirect.php, change the host to match the host (or IP) and port of the vhost hosting the authentication page. For example, proxy.lan:8081.
- Update your squid.conf so it uses the redirector… see my squid.conf for details. My squid.conf might have incorrect settings, I am not a Squid-expert but they worked for me.
I think this is about it… do note that it was only a quick implementation which is not feature complete at all. Session don’t expire until memcached is restarted, there is no user registration or billing yet, all it does is authentication. However, it’s a start. Also, beware that not everything is ‘best practice’… I have a few things hardcoded and not configured, such as the vhost and the host and port memcached is running on.
If you need more tips, help or advice, feel free to send me an e-mail. I’ll do my best to help you.
Download: Squid Captive Portal
Squid Captive Portal by Alex van Herwijnen is licensed under a Creative Commons Attribution 3.0 License.
Attached Files:
- Squid Captive Portal
Sample implementation on how to configure Squid to act as a captive portal, with authentication page as well. Licenses under Creative Commons Attribution 3.0 License.
Hello there – just a little note to say thank you for this article. Very good.
Hi,
first, thanks for the great solution.
I would like to ask you if you have an idea why always get a 404? (http://myproxy.net/start/aHR0cDovL3d3dy5nb29nbGUuZGUv)
Regards,
/.benny
Hi Benny,
You need to enable mod_rewrite as well. I forgot to mention this in my article.
Also, you’ll need to change the View so the base-tag in the head matches the host you’re running on. Else it just redirects to mine.
Seems like just the solution am searching for sometime. Thank you very much for this article.Gonna try right now itself.
Hi, I’ve followed your instructions, but there was an error cache.log ie, ipCreate: /etc/squid/scripts/redirect.php: (13) Permission denied and WARNING: url_rewriter # 4 (FD 9) exited
How can so there are no errors in cache.log
Thank you in advance