X-Git-Url: http://git.openwrt.org/?a=blobdiff_plain;f=applications%2Fluci-splash%2Froot%2Fetc%2Finit.d%2Fluci_splash;h=ffcd6f8837be240818b919c5c3dbb21160f6942e;hb=970dabd1dbbd9f693020a3b434cea1d23d6ec3d4;hp=31ffb783ade7e55d357c3b5b11c066039a5d3f07;hpb=e684a57a09c8710b026b9b45293b055ad5f5bcce;p=project%2Fluci.git

diff --git a/applications/luci-splash/root/etc/init.d/luci_splash b/applications/luci-splash/root/etc/init.d/luci_splash
index 31ffb783ad..ffcd6f8837 100755
--- a/applications/luci-splash/root/etc/init.d/luci_splash
+++ b/applications/luci-splash/root/etc/init.d/luci_splash
@@ -35,14 +35,24 @@ blacklist_add() {
 	local cfg="$1"
 	
 	config_get mac "$cfg" mac
-	[ -n "$mac" ] && iptables -t nat -I luci_splash_leases -m mac --mac-source "$mac" -j DROP
+	[ -n "$mac" ] && {
+		iptables -I luci_splash_counter -m mac --mac-source "$mac" -j RETURN
+		iptables -t nat -I luci_splash_leases -m mac --mac-source "$mac" -j DROP
+	}
 }
 
 whitelist_add() {
 	local cfg="$1"
 	
 	config_get mac "$cfg" mac
-	[ -n "$mac" ] && iptables -t nat -I luci_splash_leases -m mac --mac-source "$mac" -j RETURN
+	config_get ban "$cfg" kicked
+
+	ban=${ban:+DROP}
+
+	[ -n "$mac" ] && {
+		iptables -I luci_splash_counter -m mac --mac-source "$mac" -j RETURN
+		iptables -t nat -I luci_splash_leases -m mac --mac-source "$mac" -j "${ban:-RETURN}"
+	}
 }
 
 boot() {
@@ -72,28 +82,31 @@ start() {
 	include /lib/network
 	scan_interfaces
 	config_load luci_splash
-	
+
 	### Create subchains
+	iptables -N luci_splash_counter
 	iptables -t nat -N luci_splash_portal
 	iptables -t nat -N luci_splash_leases
 	iptables -t nat -N luci_splash_prerouting
-	
+
 	### Build the main and portal rule
 	config_foreach blacklist_add blacklist
 	config_foreach whitelist_add whitelist
 	config_foreach whitelist_add lease
 	config_foreach iface_add iface
-	
+
 	### Build the portal rule
+	iptables -I INPUT -j luci_splash_counter
+	iptables -I FORWARD -j luci_splash_counter
 	iptables -t nat -A luci_splash_portal -p udp --dport 33434:33523 -j RETURN
 	iptables -t nat -A luci_splash_portal -p icmp -j RETURN
 	iptables -t nat -A luci_splash_portal -p udp --dport 53 -j RETURN
 	iptables -t nat -A luci_splash_portal -j luci_splash_leases
-	
+
 	### Build the leases rule
 	iptables -t nat -A luci_splash_leases -p tcp --dport 80 -j REDIRECT --to-ports 8082
 	iptables -t nat -A luci_splash_leases -j DROP
-	
+
 	### Add crontab entry
 	test -f /etc/crontabs/root || touch /etc/crontabs/root
 	grep -q luci-splash /etc/crontabs/root || {
@@ -105,16 +118,20 @@ stop() {
 	### Clear interface rules
 	config_load luci_splash
 	config_foreach iface_del iface
-        
+	iptables -D INPUT -j luci_splash_counter
+	iptables -D FORWARD -j luci_splash_counter
+
 	### Clear subchains
 	iptables -t nat -F luci_splash_leases
 	iptables -t nat -F luci_splash_portal
 	iptables -t nat -F luci_splash_prerouting
-	
+	iptables -F luci_splash_counter
+
 	### Delete subchains
 	iptables -t nat -X luci_splash_leases
 	iptables -t nat -X luci_splash_portal
 	iptables -t nat -X luci_splash_prerouting
+	iptables -X luci_splash_counter
 	
 	sed -ie '/\/usr\/sbin\/luci-splash sync/d' /var/spool/cron/crontabs/root
 }