blob: 3a2b0f128570f4a49747287da8808f3cfd3cde09 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
#!/bin/sh
. $IPKG_INSTROOT/etc/functions.sh
x=0
config_load splash_users
test=1
myip=`uci get network.mesh.ipaddr`
splash_check() {
timeout=6000
current_time=`date +%s`
config_get mac "$1" mac
config_get time "$1" time
local config="$1"
let time_check=$time+$timeout
if [ $time_check -gt $current_time ]; then
# User ist noch gesplashed
iptables -t nat -D ffj_splash -m mac --mac-source $mac -j ACCEPT
iptables -t nat -I ffj_splash 1 -m mac --mac-source $mac -j ACCEPT
else
# User is not longer splashed / the user must click again
iptables -t nat -D ffj_splash -m mac --mac-source $mac -j ACCEPT
uci delete splash_users.@user[$x].mac
uci delete splash_users.@user[$x].time
uci delete splash_users.@user[$x]
fi
let x=$x+1
}
#chain refresh
iptables -t nat -D zone_mesh_prerouting -p tcp -j ffj_splash
iptables -t nat -F ffj_splash
iptables -t nat -X ffj_splash
#recreation
iptables -t nat -N ffj_splash
iptables -t nat -I zone_mesh_prerouting 1 -p tcp -j ffj_splash
config_foreach splash_check user
#DNS Whitelisting
iptables -t nat -p udp -A ffj_splash --dport 53 -j ACCEPT
#Jabber Whitelisting
iptables -t nat -p tcp -A ffj_splash --dport 5222 -j ACCEPT
iptables -t nat -p tcp -A ffj_splash --dport 5223 -j ACCEPT
#Free Wavez in Freifunk
iptables -t nat -A ffj_splash -s 10.0.0.0/8 -d 10.0.0.0/8 -j ACCEPT
#Freifunk-Jena Whitelisting
iptables -t nat -A ffj_splash -d freifunk-jena.de -j ACCEPT
iptables -t nat -A ffj_splash -d www.freifunk-jena.de -j ACCEPT
#Jappix Whitelisting
iptables -t nat -A ffj_splash -d static.jappix.com -j ACCEPT
iptables -t nat -A ffj_splash -p tcp -j DNAT --to $myip:80
|
