A hight performance and lightweight captive portal solution for HTTP(s)
Go to file
2023-01-07 11:13:08 +08:00
.github Update linux.yml 2021-12-21 17:48:16 +08:00
cmake/Modules support openssl > 3.0 2022-10-20 10:47:59 +08:00
doc add apfree conf crt file to debug in ubuntu system 2021-12-16 10:47:10 +08:00
package/apfree_wifidog/files add apfree conf crt file to debug in ubuntu system 2021-12-16 10:47:10 +08:00
patches Update 600-shared-libext.patch 2021-12-14 16:00:11 +08:00
src feat: add support to mqtt connect auth 2022-07-13 10:57:29 +08:00
_config.yml Set theme jekyll-theme-architect 2019-05-19 16:39:32 +08:00
.editorconfig Update .editorconfig 2017-03-16 16:31:29 +08:00
.gitignore add tags ignore 2018-08-20 11:04:48 +08:00
.travis.yml Update .travis.yml 2018-08-31 17:50:33 +08:00
apfree_wifidog_mqtt_protocol Create apfree_wifidog_mqtt_protocol 2017-06-09 11:38:59 +08:00
apfreewifidog.jpg add apfreewifidog.jpg 2017-12-04 10:17:29 +08:00
AUTHORS liudf 20161125 Add liudengfeng to AUTHORS file 2016-11-25 14:36:44 +09:00
authserver-offline.html Update authserver-offline.html 2018-10-20 15:17:13 +08:00
AUTHSERVER.md Update AUTHSERVER.md 2021-09-27 14:41:32 +08:00
CMakeLists.txt Update CMakeLists.txt 2022-01-28 09:59:34 +08:00
CONTRIBUTING.md Update CONTRIBUTING.md 2023-01-07 11:13:08 +08:00
contributors.md skip always dns resolve when ip already exist 2017-11-30 15:24:01 +08:00
COPYING Update COPYING 2018-08-22 13:35:25 +08:00
internet-offline.html Update internet-offline.html 2018-10-20 15:15:40 +08:00
login.html dos2unix html file 2018-10-20 15:11:21 +08:00
logo.png add logo to project 2017-05-22 17:36:38 +09:00
NEWS Update NEWS 2016-12-23 14:24:05 +08:00
README.md Update README.md 2022-05-03 11:41:35 +08:00
TODO Update TODO 2016-12-21 18:16:03 +08:00
wifidog-msg.html Update wifidog-msg.html 2019-07-26 14:43:20 +08:00
wifidog-msg.html.in Update wifidog-msg.html.in 2019-07-26 14:42:29 +08:00
wifidog-redir.html liudf 20161117 Add 2 file 2016-11-17 13:04:37 +09:00
wifidog-redir.html.front Update wifidog-redir.html.front 2016-11-25 13:29:53 +08:00
wifidog-redir.html.in liudf 20160411 move domains && mac operation to ping thread 2016-04-11 11:24:30 +09:00
wifidog-redir.html.rear restore file wifidog-redir.html.rear 2020-08-27 16:21:00 +08:00

ApFreeWiFiDog

license PRs Welcome Issue Welcome Release Version OpenWRT Join the QQ Group

ApFree WiFiDog: A high performance captive portal solution for HTTP(s)

ApFree WiFiDog is a high performance captive portal solution for HTTP(s), which mainly used in Openwrt platform.

Sequence diagram

sequenceDiagram
  title: apfree-wifidog结合wwas认证服务器的短信认证流程
	participant user as 路由器下面的用户
	participant router as 安装了apfree-wifidog的路由器
  participant wwas as apfree-wifidog 认证服务器
  participant sms as 短信服务器
  
  user -->> router : 访问www.baidu.com
  activate router
  router ->> user : 拦截该访问跳转指向apfree-wifidog认证服务器wwas
  deactivate router
  user ->> wwas : 用户访问apfree-wifidog认证服务器wwas
  activate wwas
  wwas ->> user : apfree-wifidog认证服务器wwas 返回portal认证页面
  user ->> wwas : 获取短信验证码
  wwas ->> sms  : 调用短信服务器接口使其发送短信验证码
  deactivate wwas
  activate sms
  sms ->> user  : 短信服务器发送短信验证码给用户
  deactivate sms
  user ->> wwas : 用户输入短信验证码验证
  activate wwas
  wwas ->> user : 用户通过认证后,返回运营方配置的跳转页面
  deactivate wwas
  
  loop 保活过程
    router ->> wwas  : apfree-wifidog每隔一分钟ping认证服务器wwas
    activate router
    activate wwas
    wwas ->> router  : 认证服务器wwas返回pong
    deactivate router
    deactivate wwas
  end
  
  loop apfree-wifidog counter v2过程
    router ->> wwas : apfree-wifidog每隔一分钟将所有认证用户信息上报wwas
    activate router
    activate wwas
    Note left of router  : apfree-wifidog 收集所有在线用户流量统计结果及在线时长
    Note right of wwas   : wwas根据用户在线时长决定是否踢用户下线
    wwas ->> router : wwas返回所有用户认证信息
    deactivate router
    deactivate wwas
    Note left of router : 根据wwas返回的认证信息决定是否踢相应用户下线
  end
sequenceDiagram
  title: apfree-wifidog漫游时序图
	participant user as 路由器下面的用户
	participant router as 安装了dnsmasq及apfree-wifidog的路由器
  participant wwas as apfree-wifidog 认证服务器
	
	user ->> router : 用户连接到路由器上通过dnsmasq获取到ip地址
	router ->> wwas	: dnsmasq调用apfree-wifidog的roam接口
	Note left of router : dnsmasq作为dhcp server提供user的mac地址、ip及名称
	Note right of wwas : 认证服务器收到roam接口后根据mac地址查找该用户是否已经通过了认证
	alt 如果该用户已经通过认证
		wwas ->> router : 将用户的token信息ip、mac返回并将该客户放行
	else
		wwas ->> router : 不做处理后续该user走正常认证上网流程
	end
	

Enhancement of apfree-wifidog

In fact, the title should be why we choose apfree-wifidog, the reason was the following:

Stable

apfree-wifidog was widely used in tens of thousands openwrt device, which has run in business scene. In order to improve its stable, we rewrite all iptables rule by api instead of fork call, which will easily cause deadlock in multithread-fork running environment. we also re-write the code and replace libhttpd (which unmaitained for years) with libevent2

Performance

cause libevent2 support epoll, apfree-wifidog has better performance than original wifidog, there are some benchmark data in benchmark directory to prove it

HTTPs redirect

apfree-wifidog support https redirect, in current internet environment, captive portal solution without supporting https redirect will become unsuitable gradually

More features

apfree-wifidog support mac temporary-pass, ip,domain,pan-domain,white-mac,black-mac rule and etc. all these rules can be applied without restarting wifidog

MQTT support

by enable mqtt support, u can remotely deliver such as trusted ip, domian and pan-domain rules to apfree wifidog

Compitable with wifidog protocol

u don't need to modify your wifidog authentication server to adapt apfree-wifidog; if u have pression on server-side, apfree wifidog's improved protocol can greatly relieve it, which disabled by default


How to added apfree-wifidog into Openwrt package

apfree-wifidog has been accepted by OpenWrt packages' master and 19.07 branch, which can be found in net directory.


Attention! when apfree-wifidog redirect https request, u will receive certificate file is illegal warning, no need to panic, it's normal response

apfree-wifidog Auth server open source project

apfree wifidog's official auth server is wwas, which support wfc pay and weixin auth-mode and more auth-way will be support.

demo pic

demo video

http://www.iqiyi.com/w_19s09zie6t.html

More auth server please read AUTHSERVER.md

How To Contribute

Feel free to create issues or pull-requests if you have any problems.

Please read CONTRIBUTING.md before pushing any changes.

contact us

QQ group 331230369