nodogsplash/files/etc/init.d/nodogsplash

   1 #!/bin/sh /etc/rc.common
   2
   3 #
   4 # Startup/shutdown script for nodogsplash captive portal
   5 #
   6
   7 START=95
   8 STOP=95
   9
  10 USE_PROCD=1
  11
  12 IPT=/usr/sbin/iptables
  13 WD_DIR=/usr/bin
  14 # -s -d 5 runs in background, with level 5 (not so verbose) messages to syslog
  15 # -f -d 7 runs in foreground, with level 7 (verbose) debug messages to terminal
  16 OPTIONS="-s -f -d 5"
  17 CONFIG=""
  18
  19
  20 addline() {
  21   append CONFIG "$1" "$N"
  22 }
  23
  24 setup_mac_lists() {
  25   local cfg="$1"
  26   local macs=""
  27   local val
  28
  29   append_mac() {
  30     append macs "$1" ","
  31   }
  32
  33   config_get val "$cfg" macmechanism
  34   if [ -z "$val" ]; then
  35     # Check if we have AllowedMACList or BlockedMACList defined they will be ignored
  36     config_get val "$cfg" allowedmac
  37     if [ -n "$val" ]; then
  38       echo "Ignoring allowedmac - macmechanism not \"allow\"" >&2
  39     fi
  40
  41     config_get val "$cfg" blockedmac
  42     if [ -n "$val" ]; then
  43       echo "Ignoring blockedmac - macmechanism not \"block\"" >&2
  44     fi
  45   elif [ "$val" = "allow" ]; then
  46     config_list_foreach "$cfg" allowedmac append_mac
  47     addline "AllowedMACList $macs"
  48   elif [ "$val" = "block" ]; then
  49     config_list_foreach "$cfg" blockedmac append_mac
  50     addline "BlockedMACList $macs"
  51   else
  52     echo "Invalid macmechanism '$val' - allow or block are valid." >&2
  53     exit 1
  54   fi
  55
  56   macs=""
  57   config_list_foreach "$cfg" trustedmac append_mac
  58   if [ -n "$macs" ]; then
  59     addline "TrustedMACList $macs"
  60   fi
  61 }
  62
  63 setup_firewall() {
  64   local cfg="$1"
  65   local uci_name
  66   local val
  67
  68   append_firewall() {
  69     addline "  FirewallRule $1"
  70   }
  71
  72   for rule in authenticated-users preauthenticated-users users-to-router trusted-users trusted-users-to-router; do
  73     # uci does not allow dashes
  74     uci_name=${rule//-/_}
  75     addline "FirewallRuleSet $rule {"
  76     config_list_foreach "$cfg" "$uci_name" append_firewall
  77     addline "}"
  78     config_get val "$cfg" "policy_${uci_name}"
  79     if [ -n "$val" ]; then
  80       addline "EmptyRuleSetPolicy $rule $val"
  81     fi
  82   done
  83 }
  84
  85 wait_for_interface() {
  86   local ifname="$1"
  87   local timeout=10
  88
  89   for i in $(seq $timeout); do
  90     if [ $(ip -4 addr show dev $ifname 2> /dev/null | grep -c inet) -ne 0 ]; then
  91       break
  92     fi
  93     sleep 1
  94     if [ $i = $timeout ]; then
  95       echo "Interface $ifname not detected." >&2
  96       exit 1
  97     fi
  98   done
  99 }
 100
 101 generate_uci_config() {
 102   local cfg="$1"
 103   local val
 104   local ifname
 105   local download
 106   local upload
 107
 108   # Init config file content
 109   CONFIG="# auto-generated config file from /etc/config/nodogsplash"
 110
 111   config_get val "$cfg" config
 112   if [ -n "$val" ]; then
 113     if [ ! -f "$val" ]; then
 114       echo "Configuration file '$file' doesn't exist." >&2
 115       exit 1
 116     fi
 117     addline "$(cat $val)"
 118   fi
 119
 120   config_get ifname "$cfg" gatewayinterface
 121   if [ -z "$ifname" ]; then
 122     config_get ifname "$cfg" network
 123   fi
 124
 125   # Get device name if interface name is a section name in /etc/config/network
 126   if network_get_device tmp "$ifname"; then
 127       ifname="$tmp"
 128   fi
 129
 130   if [ -z "$ifname" ]; then
 131       echo "Option network or gatewayinterface missing." >&2
 132       exit 1
 133   fi
 134
 135   wait_for_interface "$ifname"
 136
 137   addline "GatewayInterface $ifname"
 138
 139   for option in binauth fasport fasremoteip faspath fas_secure_enabled \
 140     daemon debuglevel maxclients gatewayname gatewayinterface gatewayiprange \
 141     gatewayaddress gatewayport webroot splashpage statuspage imagesdir pagesdir \
 142     redirecturl preauthidletimeout authidletimeout checkinterval setmss mssvalue \
 143     trafficcontrol downloadlimit uploadlimit downloadimq uploadimq syslogfacility \
 144     ndsctlsocket fw_mark_authenticated fw_mark_blocked fw_mark_trusted
 145   do
 146     config_get val "$cfg" "$option"
 147
 148     if [ -n "$val" ]; then
 149       addline "$option $val"
 150     fi
 151   done
 152
 153   config_get download "$cfg" downloadlimit
 154   config_get upload "$cfg" uploadlimit
 155
 156   if [ -n "$upload" -o -n "$download" ]; then
 157     addline "TrafficControl yes"
 158   fi
 159
 160   setup_mac_lists "$cfg"
 161   setup_firewall "$cfg"
 162
 163   echo "$CONFIG" > "/tmp/etc/nodogsplash_$cfg.conf"
 164 }
 165
 166 # setup configuration and start instance
 167 create_instance() {
 168   local cfg="$1"
 169   local val
 170
 171   config_get_bool val "$cfg" enabled 0
 172   [ $val -gt 0 ] || return 0
 173
 174   generate_uci_config "$cfg"
 175
 176   procd_open_instance $cfg
 177   procd_set_param command /usr/bin/nodogsplash -c "/tmp/etc/nodogsplash_$cfg.conf" $OPTIONS
 178   procd_set_param respawn
 179   procd_set_param file "/tmp/etc/nodogsplash_$cfg.conf"
 180   procd_close_instance
 181 }
 182
 183 start_service() {
 184   # For network_get_device()
 185   include /lib/functions
 186
 187   # For nodogsplash.conf file
 188   mkdir -p /tmp/etc/
 189
 190   config_load nodogsplash
 191   config_foreach create_instance nodogsplash
 192 }
 193
 194 stop_service() {
 195   # When procd terminates nodogsplash, it does not exit fast enough.
 196   # Otherwise procd will restart nodogsplash twice. First time starting
 197   # nodogsplash fails, second time it succeeds.
 198   sleep 1
 199 }