diff options
Diffstat (limited to 'files/common/sbin/splash_sync')
| -rwxr-xr-x | files/common/sbin/splash_sync | 72 |
1 files changed, 34 insertions, 38 deletions
diff --git a/files/common/sbin/splash_sync b/files/common/sbin/splash_sync index 3a2b0f1..978583f 100755 --- a/files/common/sbin/splash_sync +++ b/files/common/sbin/splash_sync @@ -1,51 +1,47 @@ -#!/bin/sh +#!/bin/sh -e . $IPKG_INSTROOT/etc/functions.sh +. /etc/splash.sh + x=0 -config_load splash_users -test=1 -myip=`uci get network.mesh.ipaddr` +current_time=$(date +%s) splash_check() { - timeout=6000 - current_time=`date +%s` config_get mac "$1" mac config_get time "$1" time - local config="$1" let time_check=$time+$timeout if [ $time_check -gt $current_time ]; then - # User ist noch gesplashed - iptables -t nat -D ffj_splash -m mac --mac-source $mac -j ACCEPT - iptables -t nat -I ffj_splash 1 -m mac --mac-source $mac -j ACCEPT + # user is splashed + iptables -t nat -I $chain -m mac --mac-source $mac -j ACCEPT else - # User is not longer splashed / the user must click again - iptables -t nat -D ffj_splash -m mac --mac-source $mac -j ACCEPT - uci delete splash_users.@user[$x].mac - uci delete splash_users.@user[$x].time - uci delete splash_users.@user[$x] - + # user is no longer splashed / must click again + uci delete splash_users.@user[$x] fi let x=$x+1 } -#chain refresh -iptables -t nat -D zone_mesh_prerouting -p tcp -j ffj_splash -iptables -t nat -F ffj_splash -iptables -t nat -X ffj_splash -#recreation -iptables -t nat -N ffj_splash -iptables -t nat -I zone_mesh_prerouting 1 -p tcp -j ffj_splash -config_foreach splash_check user -#DNS Whitelisting -iptables -t nat -p udp -A ffj_splash --dport 53 -j ACCEPT -#Jabber Whitelisting -iptables -t nat -p tcp -A ffj_splash --dport 5222 -j ACCEPT -iptables -t nat -p tcp -A ffj_splash --dport 5223 -j ACCEPT -#Free Wavez in Freifunk -iptables -t nat -A ffj_splash -s 10.0.0.0/8 -d 10.0.0.0/8 -j ACCEPT -#Freifunk-Jena Whitelisting -iptables -t nat -A ffj_splash -d freifunk-jena.de -j ACCEPT -iptables -t nat -A ffj_splash -d www.freifunk-jena.de -j ACCEPT -#Jappix Whitelisting -iptables -t nat -A ffj_splash -d static.jappix.com -j ACCEPT -iptables -t nat -A ffj_splash -p tcp -j DNAT --to $myip:80 - +# check for current inetable state, allowing a command line override +lockSplash +state=${1:-$(fsm get inetable)} +if [ "$state" == "queen" ]; then + # functional gateway: copy splash db to a new iptables chain and + # replace the old chain with the new one; this ensures that a user + # stays splashed during the runtime of this script + chain_id=$(($chain_id + 1)) + chain=$chain_prefix$chain_id + echo $chain_id > $chain_id_file + iptables -t nat -N $chain + + config_load splash_users + config_foreach splash_check user + iptables -t nat -I prerouting_inet_splashed -j $chain + while iptables -t nat -D prerouting_inet_splashed 2 &>/dev/null; do :; done +else + # no working gw -> remove reference to iptable copy of splash db + iptables -t nat -F prerouting_inet_splashed +fi +# remove old splash_db chains +for i in $(iptables -t nat -L | grep ^Chain | grep '0 references' \ + | cut -f2 -d' ' | grep ^splash_db); do + iptables -t nat -F $i + iptables -t nat -X $i +done |