blob: 992ec3fb3e31aeaf7917bcbb42c9b00a61ac7f87 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
#!/bin/sh -e
. $IPKG_INSTROOT/etc/functions.sh
. /etc/splash.sh
x=0
current_time=$(date +%s)
splash_check() {
config_get mac "$1" mac
config_get time "$1" time
let time_check=$time+$timeout
if [ $time_check -gt $current_time ]; then
# user is splashed
iptables -t nat -I $chain -m mac --mac-source $mac -j ACCEPT
else
# user is no longer splashed / must click again
uci delete splash_users.@user[$x]
fi
let x=$x+1
}
# check for current inetable state, allowing a command line override
lockSplash
state=${1:-$(fsm get inetable)}
if [ "$state" == "queen" ]; then
# functional gateway: copy splash db to a new iptables chain and
# replace the old chain with the new one; this ensures that a user
# stays splashed during the runtime of this script
chain_id=$(($chain_id + 1))
chain=$chain_prefix$chain_id
echo $chain_id > $chain_id_file
iptables -t nat -N $chain
config_load splash_users
config_foreach splash_check user
iptables -t nat -I prerouting_inet_splashed -j $chain
while iptables -t nat -D prerouting_inet_splashed 2 &>/dev/null; do :; done
else
# no working gw -> remove reference to iptable copy of splash db
iptables -t nat -F prerouting_inet_splashed
fi
# remove old splash_db chains
for i in $(iptables -t nat -L | grep ^Chain | grep '0 references' \
| cut -f2 -d' ' | grep ^splash_db); do
iptables -t nat -F $i
iptables -t nat -X $i
done
|
