nodogsplash2/files/nodogsplash.config

   1
   2 # The options available here are an adaptation of the settings used in nodogsplash.conf.
   3 # See https://github.com/nodogsplash/nodogsplash/blob/master/resources/nodogsplash.conf
   4
   5 config nodogsplash
   6   # Set to 0 to disable nodogsplash
   7   option enabled 1
   8
   9   # Serve the file splash.html from this directory
  10   option webroot '/etc/nodogsplash/htdocs'
  11
  12   # Use plain configuration file
  13   #option config '/etc/nodogsplash/nodogsplash.conf'
  14
  15   # The network the users are connected to
  16   option network 'lan'
  17   option gatewayname 'OpenWrt Nodogsplash'
  18   option maxclients '250'
  19   #Client timeouts in minutes
  20   option clientidletimeout '120'
  21   option clientforcetimeout '1440'
  22
  23
  24   # Your router may have several interfaces, and you
  25   # probably want to keep them private from the network/gatewayinterface.
  26   # If so, you should block the entire subnets on those interfaces, e.g.:
  27   # list authenticated_users 'block to 192.168.0.0/16'
  28   # list authenticated_users 'block to 10.0.0.0/8'
  29
  30   # Typical ports you will probably want to open up.
  31   #list authenticated_users 'allow tcp port 22'
  32   #list authenticated_users 'allow tcp port 53'
  33   #list authenticated_users 'allow udp port 53'
  34   #list authenticated_users 'allow tcp port 80'
  35   #list authenticated_users 'allow tcp port 443'
  36   #Or for happy customers allow all
  37   list authenticated_users 'allow all'
  38
  39
  40   # For preauthenticated users to resolve IP addresses in their
  41   # initial request not using the router itself as a DNS server,
  42   # Leave commented to help prevent DNS tunnelling
  43   #list preauthenticated_users 'allow tcp port 53'
  44   #list preauthenticated_users 'allow udp port 53'
  45
  46   # Allow ports for SSH/Telnet/DNS/DHCP/HTTP/HTTPS
  47   list users_to_router 'allow tcp port 22'
  48   list users_to_router 'allow tcp port 23'
  49   list users_to_router 'allow tcp port 53'
  50   list users_to_router 'allow udp port 53'
  51   list users_to_router 'allow udp port 67'
  52   list users_to_router 'allow tcp port 80'
  53
  54   # MAC addresses that are / are not allowed to access the splash page
  55   # Value is either 'allow' or 'block'. The allowedmac or blockedmac list is used.
  56   #option macmechanism 'allow'
  57   #list allowedmac '00:00:C0:01:D0:0D'
  58   #list allowedmac '00:00:C0:01:D0:1D'
  59   #list blockedmac '00:00:C0:01:D0:2D'
  60
  61   #MAC addresses that do not need to authenticate
  62   #list trustedmac '00:00:C0:01:D0:1D'
  63
  64   # Set FW_MARK for compatibilty with other OpenWrt Packages eg mwan3, sqm etc.
  65   list fw_mark_authenticated '520'
  66   list fw_mark_trusted '510'
  67   list fw_mark_blocked '500'