From 22b1721823d705c7318d1eebafdfcdaead3025da Mon Sep 17 00:00:00 2001 From: Steven Barth Date: Sat, 26 Apr 2008 17:14:22 +0000 Subject: * Added experimental version of DHCP-Splash for Kamikaze * Added MAC-Address matching to luci_fw * Added interface alias hack for Kamikaze * ffluci.sys: Added several networking helper functions * ffluci.http: Added function remote_addr * Updated Haserl to 0.9.24 --- contrib/package/luci-splash/src/luci_splash.init | 86 ++++++++++++++++++++++ contrib/package/luci-splash/src/luci_splash.uci | 8 ++ .../src/luci_splash/htdocs/cgi-bin/index.cgi | 49 ++++++++++++ .../luci-splash/src/luci_splash/htdocs/index.html | 10 +++ .../package/luci-splash/src/luci_splash/splash.lua | 74 +++++++++++++++++++ .../package/luci-splash/src/luci_splash/sync.lua | 3 + .../package/luci-splash/src/luci_splash_httpd.conf | 1 + 7 files changed, 231 insertions(+) create mode 100644 contrib/package/luci-splash/src/luci_splash.init create mode 100644 contrib/package/luci-splash/src/luci_splash.uci create mode 100644 contrib/package/luci-splash/src/luci_splash/htdocs/cgi-bin/index.cgi create mode 100644 contrib/package/luci-splash/src/luci_splash/htdocs/index.html create mode 100644 contrib/package/luci-splash/src/luci_splash/splash.lua create mode 100644 contrib/package/luci-splash/src/luci_splash/sync.lua create mode 100644 contrib/package/luci-splash/src/luci_splash_httpd.conf (limited to 'contrib/package/luci-splash/src') diff --git a/contrib/package/luci-splash/src/luci_splash.init b/contrib/package/luci-splash/src/luci_splash.init new file mode 100644 index 0000000000..049d121ea5 --- /dev/null +++ b/contrib/package/luci-splash/src/luci_splash.init @@ -0,0 +1,86 @@ +#!/bin/sh /etc/rc.common +START=70 + +iface_add() { + local cfg="$1" + + config_get net "$cfg" network + [ -n "$net" ] || return 0 + + config_get iface "$net" ifname + [ -n "$iface" ] || return 0 + iface="${iface%%:*}" + + config_get ipaddr "$net" ipaddr + [ -n "$ipaddr" ] || return 0 + + config_get netmask "$net" netmask + [ -n "$netmask" ] || return 0 + + eval "$(ipcalc.sh $ipaddr $netmask)" + + iptables -t nat -A luci_splash -i "$iface" -s "$IP/$PREFIX" -j luci_splash_portal +} + +blacklist_add() { + local cfg="$1" + + config_get mac "$cfg" mac + [ -n "$mac" ] && iptables -t nat -A luci_splash_portal -m mac --mac-source "$mac" -j REJECT +} + +whitelist_add() { + local cfg="$1" + + config_get mac "$cfg" mac + [ -n "$mac" ] && iptables -t nat -A luci_splash_portal -m mac --mac-source "$mac" -j RETURN +} + +start() { + ### Read chains from config + include /lib/network + scan_interfaces + config_load luci_splash + + ### Create subchains + iptables -t nat -N luci_splash + iptables -t nat -N luci_splash_portal + iptables -t nat -N luci_splash_leases + + ### Build the main rule + config_foreach iface_add iface + + ### Build the portal rule + config_foreach blacklist_add blacklist + config_foreach whitelist_add whitelist + iptables -t nat -A luci_splash_portal -j luci_splash_leases + + ### Build the leases rule + iptables -t nat -A luci_splash_leases -p tcp --dport 80 -j REDIRECT --to-ports 8082 + iptables -t nat -A luci_splash_leases -j REJECT + + ### Start the splash httpd + httpd -c /etc/luci_splash_httpd.conf -p 8082 -h /usr/lib/luci_splash/htdocs + + ### Sync leases + /usr/lib/luci_splash/sync.lua + + ### Hook in the chain + iptables -t nat -A prerouting_rule -j luci_splash +} + +stop() { + ### Hook out the chain + iptables -t nat -D prerouting_rule -j luci_splash + + ### Clear subchains + iptables -t nat -F luci_splash + iptables -t nat -F luci_splash_portal + iptables -t nat -F luci_splash_leases + + ### Delete subchains + iptables -t nat -X luci_splash + iptables -t nat -X luci_splash_portal + iptables -t nat -X luci_splash_leases +} + diff --git a/contrib/package/luci-splash/src/luci_splash.uci b/contrib/package/luci-splash/src/luci_splash.uci new file mode 100644 index 0000000000..cf1232b3b7 --- /dev/null +++ b/contrib/package/luci-splash/src/luci_splash.uci @@ -0,0 +1,8 @@ +config iface + option network wldhcp + +config whitelist + option mac 02:CA:FF:EE:BA:BE + +config blacklist + option mac 03:CA:FF:EE:BA:BE \ No newline at end of file diff --git a/contrib/package/luci-splash/src/luci_splash/htdocs/cgi-bin/index.cgi b/contrib/package/luci-splash/src/luci_splash/htdocs/cgi-bin/index.cgi new file mode 100644 index 0000000000..0117198cfb --- /dev/null +++ b/contrib/package/luci-splash/src/luci_splash/htdocs/cgi-bin/index.cgi @@ -0,0 +1,49 @@ +#!/usr/bin/haserl --shell=luac +dofile("/usr/lib/luci_splash") + +require("ffluci.template") + +function dispatch() + local mac = get_usermac() + if not mac then + return action_nodata() + end + + if isblacklisted(mac) then + return action_blocked() + end + + if iswhitelisted(mac) or haslease(mac) then + return action_allowed() + end + + return action_splash(mac) +end + +function action_splash(mac) + if ffluci.http.formvalue("activate") then + add_lease(mac) + ffluci.http.textheader() + print("Got splashed!") + else + ffluci.http.textheader() + print("Get splashed!") + end +end + +function action_allowed() + ffluci.http.textheader() + print("Already allowed!") +end + +function action_blocked() + ffluci.http.textheader() + print("Blocked!") +end + +function action_nodata() + ffluci.http.textheader() + print("No data!") +end + +dispatch() \ No newline at end of file diff --git a/contrib/package/luci-splash/src/luci_splash/htdocs/index.html b/contrib/package/luci-splash/src/luci_splash/htdocs/index.html new file mode 100644 index 0000000000..58387a5fec --- /dev/null +++ b/contrib/package/luci-splash/src/luci_splash/htdocs/index.html @@ -0,0 +1,10 @@ + + + + + + + +FFLuCI - Freifunk Lua Configuration Interface + + \ No newline at end of file diff --git a/contrib/package/luci-splash/src/luci_splash/splash.lua b/contrib/package/luci-splash/src/luci_splash/splash.lua new file mode 100644 index 0000000000..b659d20011 --- /dev/null +++ b/contrib/package/luci-splash/src/luci_splash/splash.lua @@ -0,0 +1,74 @@ +package.path = "/usr/lib/lua/?.lua;/usr/lib/lua/?/init.lua;" .. package.path +package.cpath = "/usr/lib/lua/?.so;" .. package.cpath + +require("ffluci.http") +require("ffluci.sys") +require("ffluci.model.uci") + +ucis = ffluci.model.uci.Session("/var/state") + +function add_lease(mac) + local key = ucis:add("luci_splash", "lease") + ucis:set("luci_splash", key, "mac", mac) + add_rule(mac) +end + +function add_rule(mac) + return os.execute("iptables -t nat -I luci_splash_leases -m mac --source-mac '"..mac.."' -j RETURN") +end + +function remove_rule(mac) + return os.execute("iptables -t nat -D luci_splash_leases -m mac --source-mac '"..mac.."' -j RETURN") +end + +function get_usermac() + local ip = ffluci.http.remote_addr() + local mac = nil + + for i, l in ipairs(ffluci.sys.net.arptable()) do + if l["IP address"] == ip then + mac = l["HW address"] + end + end + + return mac +end + +function haslease(mac) + mac = mac:lower() + local list = ucis:show("luci_splash").luci_splash + + for k, v in pairs(list) do + if v[".type"] == "lease" and v.mac and v.mac:lower() == mac then + return true + end + end + + return false +end + +function isblacklisted(mac) + mac = mac:lower() + local list = ucis:show("luci_splash").luci_splash + + for k, v in pairs(list) do + if v[".type"] == "blacklist" and v.mac and v.mac:lower() == mac then + return true + end + end + + return false +end + +function iswhitelisted(mac) + mac = mac:lower() + local list = ucis:show("luci_splash").luci_splash + + for k, v in pairs(list) do + if v[".type"] == "whitelist" and v.mac and v.mac:lower() == mac then + return true + end + end + + return false +end \ No newline at end of file diff --git a/contrib/package/luci-splash/src/luci_splash/sync.lua b/contrib/package/luci-splash/src/luci_splash/sync.lua new file mode 100644 index 0000000000..fd32a1ca16 --- /dev/null +++ b/contrib/package/luci-splash/src/luci_splash/sync.lua @@ -0,0 +1,3 @@ +#!/usr/bin/haserl --shell=luac --accept-none +dofile("splash.lua") + diff --git a/contrib/package/luci-splash/src/luci_splash_httpd.conf b/contrib/package/luci-splash/src/luci_splash_httpd.conf new file mode 100644 index 0000000000..f481c22ce8 --- /dev/null +++ b/contrib/package/luci-splash/src/luci_splash_httpd.conf @@ -0,0 +1 @@ +E404:/index.html \ No newline at end of file -- cgit v1.2.3