Project

General

Profile

« Previous | Next » 

Revision 55c18b30

Added by Scott Ullrich over 14 years ago

Adding preliminary version of allowed hostnames. Allowed hostnames function similar to allowed IP addresses and permit the captive portal to pass traffic out. An example usage of this is to allow access to a hotel web page freely and then require authentcation hotlinking from this point.

View differences:

etc/inc/captiveportal.inc
639 639
	/* generate passthru mac database */
640 640
	$cprules .= captiveportal_passthrumac_configure(true);
641 641
	$cprules .= "\n";
642

  
642 643
	/* allowed ipfw rules to make allowed ip work */
643 644
	$cprules .= captiveportal_allowedip_configure();
644 645

  
646
	/* allowed ipfw rules to make allowed hostnames work */
647
	$cprules .= captiveportal_allowedhostname_configure();
648
	
645 649
	/* load rules */
646 650
	if ($reinit == true)
647 651
		$cprules = "table all flush\nflush\n{$cprules}";
......
1046 1050
	A change results in reloading the ruleset.
1047 1051
*/
1048 1052
function setup_dnsfilter_entries($hostname) {
1053
	global $g, $config;
1049 1054
	$cp_filterdns_filename = "{$g['varetc_path']}/filterdns-captiveportal.conf";
1050 1055
	$fd = fopen($cp_filterdns_filename, "w");
1051 1056
	if (is_array($config['captiveportal']['allowedhostname'])) 
......
1053 1058
			fwrite($fd, $hostnameent . "\n");
1054 1059
	fclose($fd);
1055 1060
	killbypid("{$g['tmp_path']}/dnswatch-cpah.pid");
1056
	mwexec("/usr/local/sbin/dnswatch {$g['tmp_path']}/dnswatch-cpah.pid 300 '/etc/rc.filter_configure_sync' {$g['varetc_path']}/dnswatch-captiveportal.conf");
1057
}
1058

  
1059
function captiveportal_allowedhostname_configure_entry($ipent) {
1060

  
1061
	mwexec("/usr/local/sbin/dnswatch {$g['tmp_path']}/dnswatch-cpah.pid 300 '/etc/rc.captiveportal_configure' {$g['varetc_path']}/dnswatch-captiveportal.conf");
1061 1062
}
1062 1063

  
1063 1064
function captiveportal_allowedhostname_configure() {
......
1065 1066

  
1066 1067
	$rules = "";
1067 1068
	setup_dnsfilter_entries();
1068
	if (is_array($config['captiveportal']['allowedhostname'])) 
1069
		foreach ($config['captiveportal']['allowedhostname'] as $hostnameent) 
1070
			$rules .= captiveportal_allowedip_configure_entry($hostnameent);
1071

  
1069
	if (is_array($config['captiveportal']['allowedhostname'])) {
1070
		foreach ($config['captiveportal']['allowedhostname'] as $hostnameent) {
1071
			$ipaddress = gethostbyname($hostnameent);
1072
			if(is_ipaddr($ipaddress)) 
1073
				$rules .= captiveportal_allowedip_configure_entry($ipaddress);
1074
		}
1075
	}
1072 1076
	return $rules;
1073 1077
}
1074 1078

  
......
1077 1081

  
1078 1082
	$rules = "";
1079 1083
	if (is_array($config['captiveportal']['allowedip'])) {
1080
		foreach ($config['captiveportal']['allowedip'] as $ipent) {
1084
		foreach ($config['captiveportal']['allowedip'] as $ipent) 
1081 1085
			$rules .= captiveportal_allowedip_configure_entry($ipent);
1082
		}
1083 1086
	}
1084 1087

  
1085 1088
	return $rules;

Also available in: Unified diff