projects / project / luci.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
applications/luci-ffwizard-leipzig: fix dhcp splash network configuration
[project/luci.git] / applications / luci-splash / root / etc / init.d / luci_splash
1 #!/bin/sh /etc/rc.common
2 START=70
3 EXTRA_COMMANDS=clear_leases
4
5 iface_add() {
6 local cfg="$1"
7
8 config_get zone "$cfg" zone
9 [ -n "$zone" ] || return 0
10
11 config_get net "$cfg" network
12 [ -n "$net" ] || return 0
13
14 config_get ipaddr "$net" ipaddr
15 [ -n "$ipaddr" ] || return 0
16
17 config_get netmask "$net" netmask
18 [ -n "$netmask" ] || return 0
19
20 eval "$(ipcalc.sh $ipaddr $netmask)"
21
22 iptables -t nat -A prerouting_${zone} -j luci_splash_prerouting
23 iptables -t nat -A luci_splash_prerouting -s "$NETWORK/$PREFIX" -p ! tcp -j luci_splash_portal
24 iptables -t nat -A luci_splash_prerouting -s "$NETWORK/$PREFIX" -d ! "$ipaddr" -j luci_splash_portal
25 iptables -t nat -A luci_splash_prerouting -s "$NETWORK/$PREFIX" -d "$ipaddr" -p tcp -m multiport ! --dport 22,80,443 -j luci_splash_portal
26 }
27
28 blacklist_add() {
29 local cfg="$1"
30
31 config_get mac "$cfg" mac
32 [ -n "$mac" ] && iptables -t nat -I luci_splash_leases -m mac --mac-source "$mac" -j DROP
33 }
34
35 whitelist_add() {
36 local cfg="$1"
37
38 config_get mac "$cfg" mac
39 [ -n "$mac" ] && iptables -t nat -I luci_splash_leases -m mac --mac-source "$mac" -j RETURN
40 }
41
42 start() {
43 ### Read chains from config
44 include /lib/network
45 scan_interfaces
46 config_load luci_splash
47
48 ### Create subchains
49 iptables -t nat -N luci_splash_portal
50 iptables -t nat -N luci_splash_leases
51 iptables -t nat -N luci_splash_prerouting
52
53 ### Build the main and portal rule
54 config_foreach blacklist_add blacklist
55 config_foreach whitelist_add whitelist
56 config_foreach whitelist_add lease
57 config_foreach iface_add iface
58
59 ### Build the portal rule
60 iptables -t nat -A luci_splash_portal -p udp --dport 33434:33523 -j RETURN
61 iptables -t nat -A luci_splash_portal -p icmp -j RETURN
62 iptables -t nat -A luci_splash_portal -p udp --dport 53 -j RETURN
63 iptables -t nat -A luci_splash_portal -j luci_splash_leases
64
65 ### Build the leases rule
66 iptables -t nat -A luci_splash_leases -p tcp --dport 80 -j REDIRECT --to-ports 8082
67 iptables -t nat -A luci_splash_leases -j DROP
68
69 ### Add crontab entry
70 grep luci-splash /var/spool/cron/crontabs/root >/dev/null 2>&1 || {
71 echo '*/5 * * * * /usr/sbin/luci-splash sync' >> /var/spool/cron/crontabs/root
72 }
73
74 ### Start the splash httpd
75 start-stop-daemon -S -m -p /var/run/luci-splashd.pid -b -q -x /usr/bin/luci-splashd
76 }
77
78 iface_del() {
79 config_get zone "$1" zone
80 [ -n "$zone" ] || return 0
81 while iptables -t nat -D prerouting_${zone} -j luci_splash_prerouting 2>&-; do :; done
82 }
83
84 stop() {
85 ### Clear interface rules
86 config_load luci_splash
87 config_foreach iface_del iface
88
89 ### Clear subchains
90 iptables -t nat -F luci_splash_leases
91 iptables -t nat -F luci_splash_portal
92 iptables -t nat -F luci_splash_prerouting
93
94 ### Delete subchains
95 iptables -t nat -X luci_splash_leases
96 iptables -t nat -X luci_splash_portal
97 iptables -t nat -X luci_splash_prerouting
98
99 ### Stop the splash httpd
100 start-stop-daemon -K -p /var/run/luci-splashd.pid -s KILL -q
101
102 sed -ie '/\/usr\/sbin\/luci-splash sync/d' /var/spool/cron/crontabs/root
103 }
104
105
106 clear_leases() {
107 stop
108 while uci -P /var/state del luci_splash.@lease[0] 2>&-;do :; done
109 start
110 }
111
Lua Configuration Interface (mirror)