1 #!/bin/sh /etc/rc.common
4 # Startup/shutdown script for nodogsplash captive portal
12 IPT
=/usr
/sbin
/iptables
15 # Run in PROCD (-f) and log to SYSLOG (-s)
23 append CONFIG
"$1" "$N"
35 config_get val
"$cfg" macmechanism
36 if [ -z "$val" ]; then
37 # Check if we have AllowedMACList or BlockedMACList defined they will be ignored
38 config_get val
"$cfg" allowedmac
39 if [ -n "$val" ]; then
40 echo "Ignoring allowedmac - macmechanism not \"allow\"" >&2
43 config_get val
"$cfg" blockedmac
44 if [ -n "$val" ]; then
45 echo "Ignoring blockedmac - macmechanism not \"block\"" >&2
47 elif [ "$val" = "allow" ]; then
48 config_list_foreach
"$cfg" allowedmac append_mac
49 addline
"MACmechanism allow"
50 addline
"AllowedMACList $macs"
51 elif [ "$val" = "block" ]; then
52 config_list_foreach
"$cfg" blockedmac append_mac
53 addline
"MACmechanism block"
54 addline
"BlockedMACList $macs"
56 echo "Invalid macmechanism '$val' - allow or block are valid." >&2
61 config_list_foreach
"$cfg" trustedmac append_mac
62 if [ -n "$macs" ]; then
63 addline
"TrustedMACList $macs"
75 addline
" FirewallRule $1"
78 for rule
in authenticated-users preauthenticated-users users-to-router trusted-users trusted-users-to-router
; do
79 # uci does not allow dashes
81 addline
"FirewallRuleSet $rule {"
82 config_list_foreach
"$cfg" "$uci_name" append_firewall
84 config_get val
"$cfg" "policy_${uci_name}"
85 if [ -n "$val" ]; then
86 addline
"EmptyRuleSetPolicy $rule $val"
91 wait_for_interface
() {
95 for i
in $
(seq $timeout); do
96 if [ $
(ip
-4 addr show dev
$ifname 2> /dev
/null |
grep -c inet
) -ne 0 ]; then
100 if [ $i = $timeout ]; then
101 echo "Interface $ifname not detected." >&2
109 generate_uci_config
() {
116 # Init config file content
117 CONFIG
="# auto-generated config file from /etc/config/nodogsplash"
119 config_get val
"$cfg" config
120 if [ -n "$val" ]; then
121 if [ ! -f "$val" ]; then
122 echo "Configuration file '$file' doesn't exist." >&2
125 addline
"$(cat $val)"
128 config_get ifname
"$cfg" gatewayinterface
130 # Get device name if interface name is a section name in /etc/config/network
131 if network_get_device tmp
"$ifname"; then
135 if [ -z "$ifname" ]; then
136 echo "Option network or gatewayinterface missing." >&2
140 wait_for_interface
"$ifname" ||
return 1
142 addline
"GatewayInterface $ifname"
144 for option
in preauth binauth \
145 daemon debuglevel maxclients gatewayname gatewayinterface gatewayiprange \
146 gatewayaddress gatewayport webroot splashpage statuspage \
147 redirecturl sessiontimeout preauthidletimeout authidletimeout checkinterval \
148 setmss mssvalue trafficcontrol downloadlimit uploadlimit \
149 syslogfacility ndsctlsocket fw_mark_authenticated \
150 fw_mark_blocked fw_mark_trusted
152 config_get val
"$cfg" "$option"
154 if [ -n "$val" ]; then
155 addline
"$option $val"
158 for option
in fasport fasremoteip faspath fas_secure_enabled
; do
159 config_get val
"$cfg" "$option"
160 if [ -n "$val" ]; then
161 echo "Warning: nodogsplash does not support $val"
165 config_get download
"$cfg" downloadlimit
166 config_get upload
"$cfg" uploadlimit
168 if [ -n "$upload" -o -n "$download" ]; then
169 addline
"TrafficControl yes"
172 setup_mac_lists
"$cfg" ||
return 1
173 setup_firewall
"$cfg"
175 echo "$CONFIG" > "/tmp/etc/nodogsplash_$cfg.conf"
179 # setup configuration and start instance
184 config_get_bool val
"$cfg" enabled
0
185 [ $val -gt 0 ] ||
return 0
187 if ! generate_uci_config
"$cfg"; then
188 echo "Can not generate uci config. Will not start instance $cfg." >&2
192 procd_open_instance
$cfg
193 procd_set_param
command /usr
/bin
/nodogsplash
-c "/tmp/etc/nodogsplash_$cfg.conf" $OPTIONS
194 procd_set_param respawn
195 procd_set_param
file "/tmp/etc/nodogsplash_$cfg.conf"
200 # For network_get_device()
201 include
/lib
/functions
203 # For nodogsplash.conf file
206 config_load nodogsplash
207 config_foreach create_instance nodogsplash
211 # When procd terminates nodogsplash, it does not exit fast enough.
212 # Otherwise procd will restart nodogsplash twice. First time starting
213 # nodogsplash fails, second time it succeeds.