projects / project / luci.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
LuCId
[project/luci.git] / applications / luci-splash / root / etc / init.d / luci_splash
1 #!/bin/sh /etc/rc.common
2 START=70
3 EXTRA_COMMANDS=clear_leases
4
5 iface_add() {
6 local cfg="$1"
7
8 config_get zone "$cfg" zone
9 [ -n "$zone" ] || return 0
10
11 config_get net "$cfg" network
12 [ -n "$net" ] || return 0
13
14 config_get ipaddr "$net" ipaddr
15 [ -n "$ipaddr" ] || return 0
16
17 config_get netmask "$net" netmask
18 [ -n "$netmask" ] || return 0
19
20 eval "$(ipcalc.sh $ipaddr $netmask)"
21
22 iptables -t nat -A prerouting_${zone} -j luci_splash_prerouting
23 iptables -t nat -A luci_splash_prerouting -s "$NETWORK/$PREFIX" -p ! tcp -j luci_splash_portal
24 iptables -t nat -A luci_splash_prerouting -s "$NETWORK/$PREFIX" -d ! "$ipaddr" -j luci_splash_portal
25 iptables -t nat -A luci_splash_prerouting -s "$NETWORK/$PREFIX" -d "$ipaddr" -p tcp -m multiport ! --dport 22,80,443 -j luci_splash_portal
26 }
27
28 iface_del() {
29 config_get zone "$1" zone
30 [ -n "$zone" ] || return 0
31 while iptables -t nat -D prerouting_${zone} -j luci_splash_prerouting 2>&-; do :; done
32 }
33
34 blacklist_add() {
35 local cfg="$1"
36
37 config_get mac "$cfg" mac
38 [ -n "$mac" ] && iptables -t nat -I luci_splash_leases -m mac --mac-source "$mac" -j DROP
39 }
40
41 whitelist_add() {
42 local cfg="$1"
43
44 config_get mac "$cfg" mac
45 [ -n "$mac" ] && iptables -t nat -I luci_splash_leases -m mac --mac-source "$mac" -j RETURN
46 }
47
48 boot() {
49 ### We are started by the firewall include
50
51 uci get lucid.splashr || {
52 uci batch <<EOF
53 set lucid.splashr=daemon
54 set lucid.splashr.slave=httpd
55 add_list lucid.splashr.address=8082
56 add_list lucid.splashr.publisher=splashredir
57 set lucid.splashr.enabled=1
58
59 set lucid.splashredir=Redirector
60 set lucid.splashredir.name=Splashd
61 set lucid.splashredir.virtual='/'
62 set lucid.splashredir.physical=':80/luci/splash'
63
64 commit lucid
65 EOF
66 }
67 exit 0
68 }
69
70 start() {
71 ### Read chains from config
72 include /lib/network
73 scan_interfaces
74 config_load luci_splash
75
76 ### Create subchains
77 iptables -t nat -N luci_splash_portal
78 iptables -t nat -N luci_splash_leases
79 iptables -t nat -N luci_splash_prerouting
80
81 ### Build the main and portal rule
82 config_foreach blacklist_add blacklist
83 config_foreach whitelist_add whitelist
84 config_foreach whitelist_add lease
85 config_foreach iface_add iface
86
87 ### Build the portal rule
88 iptables -t nat -A luci_splash_portal -p udp --dport 33434:33523 -j RETURN
89 iptables -t nat -A luci_splash_portal -p icmp -j RETURN
90 iptables -t nat -A luci_splash_portal -p udp --dport 53 -j RETURN
91 iptables -t nat -A luci_splash_portal -j luci_splash_leases
92
93 ### Build the leases rule
94 iptables -t nat -A luci_splash_leases -p tcp --dport 80 -j REDIRECT --to-ports 8082
95 iptables -t nat -A luci_splash_leases -j DROP
96
97 ### Add crontab entry
98 test -f /etc/crontabs/root || touch /etc/crontabs/root
99 grep -q luci-splash /etc/crontabs/root || {
100 echo '*/5 * * * * /usr/sbin/luci-splash sync' >> /etc/crontabs/root
101 }
102 }
103
104 stop() {
105 ### Clear interface rules
106 config_load luci_splash
107 config_foreach iface_del iface
108
109 ### Clear subchains
110 iptables -t nat -F luci_splash_leases
111 iptables -t nat -F luci_splash_portal
112 iptables -t nat -F luci_splash_prerouting
113
114 ### Delete subchains
115 iptables -t nat -X luci_splash_leases
116 iptables -t nat -X luci_splash_portal
117 iptables -t nat -X luci_splash_prerouting
118
119 sed -ie '/\/usr\/sbin\/luci-splash sync/d' /var/spool/cron/crontabs/root
120 }
121
122
123 clear_leases() {
124 stop
125 while uci -P /var/state del luci_splash.@lease[0] 2>&-;do :; done
126 start
127 }
128
Lua Configuration Interface (mirror)