diff options
| author | Katze Miau <miaukatzemiau@priveasy.de> | 2011-12-20 16:30:27 (GMT) |
|---|---|---|
| committer | Katze Miau <miaukatzemiau@priveasy.de> | 2011-12-20 16:30:27 (GMT) |
| commit | 8ebdb23cff88abd518c8f631eb5e8cc65036d08e (patch) | |
| tree | e223ba0259f69ff66d239cc498eedc6944d62f91 /files/common/etc | |
| parent | 2c089f72e227ec7229709c7903d322ef42986abd (diff) | |
reintegrate splash
- add cronjob for splash_sync (every minute for debugging; to be
increased)
- add redirection for unsplashed users in queen.enter, remove it in
queen.leave
- add /etc/splash.sh to centralize functionality used in
/sbin/splash_sync and /www/service/*splash*
- make splash_sync to use a transactional update approach: insert
iptable rules for all splashed MACs into a new chain, then replace
old and new chain; this avoids downtime even if splash_sync is slow
- remove allowed services for splashed users; this is intended to not
move old cruft over to new code; if any of the those services shall
be reenabled, it should happen in /etc/firewall.user
- make /sbin/splash_sync aware of the current state of FSM inetable
(read via /sbin/fsm with optional command line override); this
allows to unconditionally call splash_sync via cron
- add locks to all places where the splash state is touched
- remove multiple escaping/quoting/encoding problems in splash cgi
scripts
- reenable link to the page the user initially demanded in
/www/service/cgi-bin/splash_click
Diffstat (limited to 'files/common/etc')
| -rw-r--r-- | files/common/etc/crontabs/root | 1 | ||||
| -rwxr-xr-x | files/common/etc/fsm/inetable/trans/queen.enter | 19 | ||||
| -rwxr-xr-x | files/common/etc/fsm/inetable/trans/queen.leave | 3 |
3 files changed, 18 insertions, 5 deletions
diff --git a/files/common/etc/crontabs/root b/files/common/etc/crontabs/root index 3892b07..178f6e3 100644 --- a/files/common/etc/crontabs/root +++ b/files/common/etc/crontabs/root @@ -2,3 +2,4 @@ * * * * * /sbin/p2ptbl gossip /tmp/p2ptbl/update 500 br-mesh * * * * * /sbin/fsm watch inetable * * * * * /sbin/fsm watch update +* * * * * /sbin/splash_sync diff --git a/files/common/etc/fsm/inetable/trans/queen.enter b/files/common/etc/fsm/inetable/trans/queen.enter index c8ec801..5d266a0 100755 --- a/files/common/etc/fsm/inetable/trans/queen.enter +++ b/files/common/etc/fsm/inetable/trans/queen.enter @@ -4,6 +4,7 @@ gwiptbl=/tmp/p2ptbl/gwip NodeId="$(cat /etc/nodeid)" +## setup gateway IPv4 # determine gw IP from p2ptable getoct () { p2ptbl show $gwiptbl \ @@ -34,9 +35,7 @@ batctl gw server # set up gw IP mesh_add_ipv4 $gwip 255.255.0.0 -# TODO: load splash status - -# setup DHCP +## setup DHCP echo " set dhcp.mesh=dhcp set dhcp.mesh.start=2 @@ -46,9 +45,19 @@ set dhcp.mesh.interface=mesh " | uci batch /etc/init.d/dnsmasq restart +## set splash # start redirection httpd (for splash), add GW IP to the addrs service # httpd listens on echo "http://$gwip/cgi-bin/splash? /sbin/urlencode" > /tmp/redirection_target -enable_httpd redirection $randnet.1:81 -change_service_httpd_listen $gwip:80 +enable_httpd redirection $gwip:81 +change_service_httpd_listen $gwip:80 /etc/init.d/uhttpd restart + +# fill splash table +splash_sync "$1" + +# redirect tcp to local httpd, dns to local ns +iptables -t nat -F prerouting_inet_unsplashed +iptables -t nat -A prerouting_inet_unsplashed -p tcp -j DNAT --to $gwip:81 +iptables -t nat -A prerouting_inet_unsplashed -p udp --dport 53 -j DNAT --to $gwip:53 +# TODO: discard any other UDP traffic diff --git a/files/common/etc/fsm/inetable/trans/queen.leave b/files/common/etc/fsm/inetable/trans/queen.leave index 306c2f8..3f10d3c 100755 --- a/files/common/etc/fsm/inetable/trans/queen.leave +++ b/files/common/etc/fsm/inetable/trans/queen.leave @@ -18,6 +18,9 @@ uci delete dhcp.mesh /etc/init.d/dnsmasq restart # TODO remove splash iptable +for mode in splashed unsplashed; do + iptables -t nat -F prerouting_inet_$mode +done # stop redirection httpd, remove GW IP from the addrs service httpd # listens on |