nodogsplash2/files/nodogsplash.config

   1
   2 # The options available here are an adaptation of the settings used in nodogsplash.conf.
   3 # See https://github.com/nodogsplash/nodogsplash/blob/master/resources/nodogsplash.conf
   4
   5 config nodogsplash
   6   # Set to 1 to enable nodogsplash
   7   option enabled 0
   8
   9   # Serve the file splash.html from this directory
  10   option webroot '/etc/nodogsplash/htdocs'
  11
  12   # Use plain configuration file
  13   #option config '/etc/nodogsplash/nodogsplash.conf'
  14
  15   # The network the users are connected to
  16   option network 'lan'
  17   option gatewayname 'LEDE Nodogsplash'
  18   option maxclients '250'
  19   option clientidletimeout '1200'
  20
  21   # Your router may have several interfaces, and you
  22   # probably want to keep them private from the network/gatewayinterface.
  23   # If so, you should block the entire subnets on those interfaces, e.g.:
  24   list authenticated_users 'block to 192.168.0.0/16'
  25   list authenticated_users 'block to 10.0.0.0/8'
  26
  27   # Typical ports you will probably want to open up.
  28   list authenticated_users 'allow tcp port 22'
  29   list authenticated_users 'allow tcp port 53'
  30   list authenticated_users 'allow udp port 53'
  31   list authenticated_users 'allow tcp port 80'
  32   list authenticated_users 'allow tcp port 443'
  33
  34   # For preauthenticated users to resolve IP addresses in their
  35   # initial request not using the router itself as a DNS server,
  36   list preauthenticated_users 'allow tcp port 53'
  37   list preauthenticated_users 'allow udp port 53'
  38
  39   # Allow ports for SSH/Telnet/DNS/DHCP/HTTP/HTTPS
  40   list users_to_router 'allow tcp port 22'
  41   list users_to_router 'allow tcp port 23'
  42   list users_to_router 'allow tcp port 53'
  43   list users_to_router 'allow udp port 53'
  44   list users_to_router 'allow udp port 67'
  45   list users_to_router 'allow tcp port 80'
  46   list users_to_router 'allow tcp port 443'
  47
  48   # MAC addresses that are / are not allowed to access the splash page
  49   # Value is either 'allow' or 'block'. The allowedmac or blockedmac list is used.
  50   #option macmechanism 'allow'
  51   #list allowedmac '00:00:C0:01:D0:0D'
  52   #list allowedmac '00:00:C0:01:D0:1D'
  53   #list blockedmac '00:00:C0:01:D0:2D'
  54
  55   #MAC addresses that do not need to authenticate
  56   #list trustedmac '00:00:C0:01:D0:1D'