Setting Aside A Static Ip Range... How Do I Do It?static ip
Posted 01 February 2012 - 09:10 PM
I want to set aside a few static IP addresses in the low range, if possible, for machines on my office LAN. I'm thinking all I need to do is edit the /etc/chilli/defaults file with the following, but I could be (and have often been) wrong:
HS_DYNIP=192.168.182.25 # Start the dynamic range here
HS_STATIP=192.168.182.2/24 # Set aside 23 static IP addresses from 2 to 24
Will this hammer my hotspot?
Posted 01 February 2012 - 09:39 PM
I have moved the settings needed for this to the local.conf file, as I found these "non-hotspot settings" better contained there than the default file. The firewall modification can be done by the ipup.sh script. Here are the ones I am using:
(PS: this is on OpenWRT+Chilli, not sure if other platforms would respond the same)
# LOCAL static IP range from 96 to 111 statip 192.168.20.96/255.255.255.240 lease 900 # default dhcp lease 900 seconds leaseplus 300 # 5 minutes extra just in case defsessiontimeout 90000 # 24 hour sessions for internal equipment (users are set by radius) defidletimeout 3600 # 1 hour for internal equipment (users are set by radius) # LOCAL MAC addresses macallowlocal macallowed XXXXXXXXXXXX #local device 1 macallowed YYYYYYYYYYY #local device 2
#!/bin/sh # # remove chilli build in added lines to allow native traffic again. iptables -D INPUT -i br-lan -j DROP # this rule should be deleted #iptables -D FORWARD -i br-lan -j DROP # leave this as # otherwise duplicate traffic iptables -D FORWARD -o br-lan -j DROP # this rule should be deleted
Edited by cybermaus, 26 July 2012 - 04:29 PM.
Posted 01 February 2012 - 09:51 PM
However, I notice that you put your static IPs on the LAN subnet. Are you saying that it will not work to place them on the hotspot subnet, i.e., the 182.X ?
[code]# LOCAL static IP range from 96 to 111
Posted 01 February 2012 - 09:56 PM
Chilli will discover them, or at least when I tried that they did show up in the chilli_query listippool command as allocated IP addresses. No need to do any firewall stuff. Equally no need to set the STATIP range.
I though you wanted a separate subnet. I wanted that myself, just to make it a little harder for the casual hotspot user to find my infrastructure devices.
Edited by cybermaus, 02 February 2012 - 07:22 AM.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users