Revision 55c18b30
Added by Scott Ullrich over 14 years ago
| etc/inc/captiveportal.inc | ||
|---|---|---|
| 639 | 639 |
/* generate passthru mac database */ |
| 640 | 640 |
$cprules .= captiveportal_passthrumac_configure(true); |
| 641 | 641 |
$cprules .= "\n"; |
| 642 |
|
|
| 642 | 643 |
/* allowed ipfw rules to make allowed ip work */ |
| 643 | 644 |
$cprules .= captiveportal_allowedip_configure(); |
| 644 | 645 |
|
| 646 |
/* allowed ipfw rules to make allowed hostnames work */ |
|
| 647 |
$cprules .= captiveportal_allowedhostname_configure(); |
|
| 648 |
|
|
| 645 | 649 |
/* load rules */ |
| 646 | 650 |
if ($reinit == true) |
| 647 | 651 |
$cprules = "table all flush\nflush\n{$cprules}";
|
| ... | ... | |
| 1046 | 1050 |
A change results in reloading the ruleset. |
| 1047 | 1051 |
*/ |
| 1048 | 1052 |
function setup_dnsfilter_entries($hostname) {
|
| 1053 |
global $g, $config; |
|
| 1049 | 1054 |
$cp_filterdns_filename = "{$g['varetc_path']}/filterdns-captiveportal.conf";
|
| 1050 | 1055 |
$fd = fopen($cp_filterdns_filename, "w"); |
| 1051 | 1056 |
if (is_array($config['captiveportal']['allowedhostname'])) |
| ... | ... | |
| 1053 | 1058 |
fwrite($fd, $hostnameent . "\n"); |
| 1054 | 1059 |
fclose($fd); |
| 1055 | 1060 |
killbypid("{$g['tmp_path']}/dnswatch-cpah.pid");
|
| 1056 |
mwexec("/usr/local/sbin/dnswatch {$g['tmp_path']}/dnswatch-cpah.pid 300 '/etc/rc.filter_configure_sync' {$g['varetc_path']}/dnswatch-captiveportal.conf");
|
|
| 1057 |
} |
|
| 1058 |
|
|
| 1059 |
function captiveportal_allowedhostname_configure_entry($ipent) {
|
|
| 1060 |
|
|
| 1061 |
mwexec("/usr/local/sbin/dnswatch {$g['tmp_path']}/dnswatch-cpah.pid 300 '/etc/rc.captiveportal_configure' {$g['varetc_path']}/dnswatch-captiveportal.conf");
|
|
| 1061 | 1062 |
} |
| 1062 | 1063 |
|
| 1063 | 1064 |
function captiveportal_allowedhostname_configure() {
|
| ... | ... | |
| 1065 | 1066 |
|
| 1066 | 1067 |
$rules = ""; |
| 1067 | 1068 |
setup_dnsfilter_entries(); |
| 1068 |
if (is_array($config['captiveportal']['allowedhostname'])) |
|
| 1069 |
foreach ($config['captiveportal']['allowedhostname'] as $hostnameent) |
|
| 1070 |
$rules .= captiveportal_allowedip_configure_entry($hostnameent); |
|
| 1071 |
|
|
| 1069 |
if (is_array($config['captiveportal']['allowedhostname'])) {
|
|
| 1070 |
foreach ($config['captiveportal']['allowedhostname'] as $hostnameent) {
|
|
| 1071 |
$ipaddress = gethostbyname($hostnameent); |
|
| 1072 |
if(is_ipaddr($ipaddress)) |
|
| 1073 |
$rules .= captiveportal_allowedip_configure_entry($ipaddress); |
|
| 1074 |
} |
|
| 1075 |
} |
|
| 1072 | 1076 |
return $rules; |
| 1073 | 1077 |
} |
| 1074 | 1078 |
|
| ... | ... | |
| 1077 | 1081 |
|
| 1078 | 1082 |
$rules = ""; |
| 1079 | 1083 |
if (is_array($config['captiveportal']['allowedip'])) {
|
| 1080 |
foreach ($config['captiveportal']['allowedip'] as $ipent) {
|
|
| 1084 |
foreach ($config['captiveportal']['allowedip'] as $ipent) |
|
| 1081 | 1085 |
$rules .= captiveportal_allowedip_configure_entry($ipent); |
| 1082 |
} |
|
| 1083 | 1086 |
} |
| 1084 | 1087 |
|
| 1085 | 1088 |
return $rules; |
Also available in: Unified diff
Adding preliminary version of allowed hostnames. Allowed hostnames function similar to allowed IP addresses and permit the captive portal to pass traffic out. An example usage of this is to allow access to a hotel web page freely and then require authentcation hotlinking from this point.