summaryrefslogtreecommitdiff
path: root/files/common/sbin/splash_sync
diff options
context:
space:
mode:
Diffstat (limited to 'files/common/sbin/splash_sync')
-rwxr-xr-xfiles/common/sbin/splash_sync72
1 files changed, 34 insertions, 38 deletions
diff --git a/files/common/sbin/splash_sync b/files/common/sbin/splash_sync
index 3a2b0f1..978583f 100755
--- a/files/common/sbin/splash_sync
+++ b/files/common/sbin/splash_sync
@@ -1,51 +1,47 @@
-#!/bin/sh
+#!/bin/sh -e
. $IPKG_INSTROOT/etc/functions.sh
+. /etc/splash.sh
+
x=0
-config_load splash_users
-test=1
-myip=`uci get network.mesh.ipaddr`
+current_time=$(date +%s)
splash_check() {
- timeout=6000
- current_time=`date +%s`
config_get mac "$1" mac
config_get time "$1" time
- local config="$1"
let time_check=$time+$timeout
if [ $time_check -gt $current_time ]; then
- # User ist noch gesplashed
- iptables -t nat -D ffj_splash -m mac --mac-source $mac -j ACCEPT
- iptables -t nat -I ffj_splash 1 -m mac --mac-source $mac -j ACCEPT
+ # user is splashed
+ iptables -t nat -I $chain -m mac --mac-source $mac -j ACCEPT
else
- # User is not longer splashed / the user must click again
- iptables -t nat -D ffj_splash -m mac --mac-source $mac -j ACCEPT
- uci delete splash_users.@user[$x].mac
- uci delete splash_users.@user[$x].time
- uci delete splash_users.@user[$x]
-
+ # user is no longer splashed / must click again
+ uci delete splash_users.@user[$x]
fi
let x=$x+1
}
-#chain refresh
-iptables -t nat -D zone_mesh_prerouting -p tcp -j ffj_splash
-iptables -t nat -F ffj_splash
-iptables -t nat -X ffj_splash
-#recreation
-iptables -t nat -N ffj_splash
-iptables -t nat -I zone_mesh_prerouting 1 -p tcp -j ffj_splash
-config_foreach splash_check user
-#DNS Whitelisting
-iptables -t nat -p udp -A ffj_splash --dport 53 -j ACCEPT
-#Jabber Whitelisting
-iptables -t nat -p tcp -A ffj_splash --dport 5222 -j ACCEPT
-iptables -t nat -p tcp -A ffj_splash --dport 5223 -j ACCEPT
-#Free Wavez in Freifunk
-iptables -t nat -A ffj_splash -s 10.0.0.0/8 -d 10.0.0.0/8 -j ACCEPT
-#Freifunk-Jena Whitelisting
-iptables -t nat -A ffj_splash -d freifunk-jena.de -j ACCEPT
-iptables -t nat -A ffj_splash -d www.freifunk-jena.de -j ACCEPT
-#Jappix Whitelisting
-iptables -t nat -A ffj_splash -d static.jappix.com -j ACCEPT
-iptables -t nat -A ffj_splash -p tcp -j DNAT --to $myip:80
-
+# check for current inetable state, allowing a command line override
+lockSplash
+state=${1:-$(fsm get inetable)}
+if [ "$state" == "queen" ]; then
+ # functional gateway: copy splash db to a new iptables chain and
+ # replace the old chain with the new one; this ensures that a user
+ # stays splashed during the runtime of this script
+ chain_id=$(($chain_id + 1))
+ chain=$chain_prefix$chain_id
+ echo $chain_id > $chain_id_file
+ iptables -t nat -N $chain
+
+ config_load splash_users
+ config_foreach splash_check user
+ iptables -t nat -I prerouting_inet_splashed -j $chain
+ while iptables -t nat -D prerouting_inet_splashed 2 &>/dev/null; do :; done
+else
+ # no working gw -> remove reference to iptable copy of splash db
+ iptables -t nat -F prerouting_inet_splashed
+fi
+# remove old splash_db chains
+for i in $(iptables -t nat -L | grep ^Chain | grep '0 references' \
+ | cut -f2 -d' ' | grep ^splash_db); do
+ iptables -t nat -F $i
+ iptables -t nat -X $i
+done
contact: Jan Huwald // Impressum