From aa9ccf77c6648515ba58c37b9345cdbd561028db Mon Sep 17 00:00:00 2001 From: Steven Barth Date: Thu, 8 May 2008 15:37:41 +0000 Subject: * Mördercommit ;-) * Major Repository Reorganisation * API 0.4 Softfreeze to come MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../luci-splash/root/etc/init.d/luci_splash | 85 ++++++++++++++++++++++ 1 file changed, 85 insertions(+) create mode 100644 applications/luci-splash/root/etc/init.d/luci_splash (limited to 'applications/luci-splash/root/etc/init.d') diff --git a/applications/luci-splash/root/etc/init.d/luci_splash b/applications/luci-splash/root/etc/init.d/luci_splash new file mode 100644 index 0000000000..20f7865fd4 --- /dev/null +++ b/applications/luci-splash/root/etc/init.d/luci_splash @@ -0,0 +1,85 @@ +#!/bin/sh /etc/rc.common +START=70 + +iface_add() { + local cfg="$1" + + config_get net "$cfg" network + [ -n "$net" ] || return 0 + + config_get iface "$net" ifname + [ -n "$iface" ] || return 0 + iface="${iface%%:*}" + + config_get ipaddr "$net" ipaddr + [ -n "$ipaddr" ] || return 0 + + config_get netmask "$net" netmask + [ -n "$netmask" ] || return 0 + + eval "$(ipcalc.sh $ipaddr $netmask)" + + iptables -t nat -A luci_splash -i "$iface" -s "$NETWORK/$PREFIX" -j luci_splash_portal + iptables -t nat -A luci_splash_portal -i "$iface" -s "$NETWORK/$PREFIX" -d "$ipaddr" -p tcp -m multiport --dports 22,80,443 -j RETURN +} + +blacklist_add() { + local cfg="$1" + + config_get mac "$cfg" mac + [ -n "$mac" ] && iptables -t nat -A luci_splash_portal -m mac --mac-source "$mac" -j DROP +} + +whitelist_add() { + local cfg="$1" + + config_get mac "$cfg" mac + [ -n "$mac" ] && iptables -t nat -A luci_splash_portal -m mac --mac-source "$mac" -j RETURN +} + +start() { + ### Read chains from config + include /lib/network + scan_interfaces + config_load luci_splash + + ### Create subchains + iptables -t nat -N luci_splash + iptables -t nat -N luci_splash_portal + iptables -t nat -N luci_splash_leases + + ### Build the main and portal rule + config_foreach blacklist_add blacklist + config_foreach whitelist_add whitelist + config_foreach iface_add iface + + ### Build the portal rule + iptables -t nat -A luci_splash_portal -p udp --dport 53 -j RETURN + iptables -t nat -A luci_splash_portal -j luci_splash_leases + + ### Build the leases rule + iptables -t nat -A luci_splash_leases -p tcp --dport 80 -j REDIRECT --to-ports 8082 + iptables -t nat -A luci_splash_leases -j DROP + + ### Start the splash httpd + httpd -c /etc/luci_splash_httpd.conf -p 8082 -h /usr/lib/luci-splash/htdocs + + ### Hook in the chain + iptables -t nat -A prerouting_rule -j luci_splash +} + +stop() { + ### Hook out the chain + iptables -t nat -D prerouting_rule -j luci_splash + + ### Clear subchains + iptables -t nat -F luci_splash_leases + iptables -t nat -F luci_splash_portal + iptables -t nat -F luci_splash + + ### Delete subchains + iptables -t nat -X luci_splash_leases + iptables -t nat -X luci_splash_portal + iptables -t nat -X luci_splash +} + -- cgit v1.2.3