diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/chilli/condown.sh mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/chilli/condown.sh
--- smeserver-coova-chilli-0.1/root/etc/chilli/condown.sh	1970-01-01 01:00:00.000000000 +0100
+++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/chilli/condown.sh	2008-04-15 11:11:43.000000000 +0200
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+SQUID_PORT=$(/sbin/e-smith/db configuration getprop squid TransparentPort)
+/sbin/iptables -D IN_FROM_CHILLI -s $FRAMED_IP_ADDRESS -p tcp --dport $SQUID_PORT --syn -j ACCEPT
+
diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/chilli/conup.sh mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/chilli/conup.sh
--- smeserver-coova-chilli-0.1/root/etc/chilli/conup.sh	1970-01-01 01:00:00.000000000 +0100
+++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/chilli/conup.sh	2008-04-15 11:11:18.000000000 +0200
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+SQUID=$(/sbin/e-smith/db configuration getprop squid status)
+
+if [ $SQUID=='enabled' ]; then
+        SQUID_PORT=$(/sbin/e-smith/db configuration getprop squid TransparentPort)
+        /sbin/iptables -I IN_FROM_CHILLI 7 -s $FRAMED_IP_ADDRESS \
+                -p tcp --dport $SQUID_PORT --syn -j ACCEPT
+fi
+
diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/migrate/60Chilli mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/migrate/60Chilli
--- smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/migrate/60Chilli	2008-04-04 18:27:32.000000000 +0200
+++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/db/configuration/migrate/60Chilli	2008-04-15 11:14:58.000000000 +0200
@@ -4,12 +4,12 @@
     my $uamsecret = $chilliconf->prop('uamsecret') || '';
     
     if ($radiussecret eq ''){
-	$pass=`/usr/bin/openssl rand -base64 20 | tr -c -d '[:alnum:]'`;
+	$pass=`/usr/bin/openssl rand -base64 20 | tr -c -d '[:graph:]'`;
 	$chilliconf->set_prop('radiussecret',$pass);
     }
 
     if ($uamsecret eq ''){
-	$pass=`/usr/bin/openssl rand -base64 20 | tr -c -d '[:alnum:]'`;
+	$pass=`/usr/bin/openssl rand -base64 60 | tr -c -d '[:graph:]'`;
         $chilliconf->set_prop('uamsecret',$pass);
     }
 
diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli.conf/65conscripts mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli.conf/65conscripts
--- smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli.conf/65conscripts	1970-01-01 01:00:00.000000000 +0100
+++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/chilli.conf/65conscripts	2008-04-15 11:12:30.000000000 +0200
@@ -0,0 +1,3 @@
+conup /etc/chilli/conup.sh
+condown /etc/chilli/condown.sh
+
diff -Nur -x '*.orig' -x '*.rej' smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/60ChilliRules mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/60ChilliRules
--- smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/60ChilliRules	2008-04-07 18:44:16.000000000 +0200
+++ mezzanine_patched_smeserver-coova-chilli-0.1/root/etc/e-smith/templates/etc/rc.d/init.d/masq/60ChilliRules	2008-04-15 11:10:40.000000000 +0200
@@ -29,12 +29,6 @@
     /sbin/iptables -A IN_FROM_CHILLI -p tcp --dport ${'httpd-e-smith'}{'TCPPort'} --syn -j ACCEPT
     /sbin/iptables -A IN_FROM_CHILLI -p tcp --dport $modSSL{'TCPPort'} --syn -j ACCEPT
     /sbin/iptables -A IN_FROM_CHILLI -p tcp --dport $chilliport --syn -j ACCEPT
-END
-if ($squid{'status'} eq 'enabled'){
-    $OUT .= "    /sbin/iptables -A IN_FROM_CHILLI -p tcp --dport $squid{'TransparentPort'} --syn -j ACCEPT\n"
-}
-
-$OUT .=<<END;
     /sbin/iptables -A IN_FROM_CHILLI -j denylog
 
     # OUT_TO_CHILLI