From 2755a46c4db548cbceafcfcdfa67d476b9c0a1c5 Mon Sep 17 00:00:00 2001 From: Steven Barth Date: Tue, 5 Aug 2008 12:58:20 +0000 Subject: [PATCH] applications/luci-splash: Updated to work with new UCI firewall --- .../luci-splash/luasrc/model/cbi/splash/splash.lua | 10 ++++---- .../luci-splash/root/etc/init.d/luci_splash | 29 ++++++---------------- libs/web/root/etc/config/luci | 8 +++--- 3 files changed, 16 insertions(+), 31 deletions(-) diff --git a/applications/luci-splash/luasrc/model/cbi/splash/splash.lua b/applications/luci-splash/luasrc/model/cbi/splash/splash.lua index 37ef559af..ed5cdc181 100644 --- a/applications/luci-splash/luasrc/model/cbi/splash/splash.lua +++ b/applications/luci-splash/luasrc/model/cbi/splash/splash.lua @@ -11,13 +11,13 @@ s.template = "cbi/tblsection" s.addremove = true s.anonymous = true -iface = s:option(ListValue, "network", "Schnittstelle") -luci.model.uci.foreach("network", "interface", +iface = s:option(ListValue, "zone", "Firewallzone") +luci.model.uci.foreach("firewall", "zone", function (section) - if section[".name"] ~= "loopback" then - iface:value(section[".name"]) - end + iface:value(section.name) end) + +gateway = s:option(Value, "gateway", "Gateway") s = m:section(TypedSection, "whitelist", "Automatische Freigabe") s.template = "cbi/tblsection" diff --git a/applications/luci-splash/root/etc/init.d/luci_splash b/applications/luci-splash/root/etc/init.d/luci_splash index eb006e9b0..7541f9935 100755 --- a/applications/luci-splash/root/etc/init.d/luci_splash +++ b/applications/luci-splash/root/etc/init.d/luci_splash @@ -4,23 +4,14 @@ START=70 iface_add() { local cfg="$1" - config_get net "$cfg" network - [ -n "$net" ] || return 0 + config_get zone "$cfg" zone + [ -n "$zone" ] || return 0 - config_get iface "$net" ifname - [ -n "$iface" ] || return 0 - iface="${iface%%:*}" + config_get gw "$cfg" gateway + [ -n "$zone" ] || return 0 - config_get ipaddr "$net" ipaddr - [ -n "$ipaddr" ] || return 0 - - config_get netmask "$net" netmask - [ -n "$netmask" ] || return 0 - - eval "$(ipcalc.sh $ipaddr $netmask)" - - iptables -t nat -A luci_splash -i "$iface" -s "$NETWORK/$PREFIX" -j luci_splash_portal - iptables -t nat -A luci_splash_portal -i "$iface" -s "$NETWORK/$PREFIX" -d "$ipaddr" -p tcp -m multiport --dports 22,80,443 -j RETURN + iptables -t nat -A zone_$zone_prerouting -j luci_splash_portal + iptables -t nat -A luci_splash_portal -d "$gw" -p tcp -m multiport --dports 22,80,443 -j RETURN } blacklist_add() { @@ -63,15 +54,9 @@ start() { ### Start the splash httpd start-stop-daemon -S -b -q -x /usr/bin/luci-splashd - - ### Hook in the chain - iptables -t nat -A prerouting_rule -j luci_splash } -stop() { - ### Hook out the chain - iptables -t nat -D prerouting_rule -j luci_splash - +stop() { ### Clear subchains iptables -t nat -F luci_splash_leases iptables -t nat -F luci_splash_portal diff --git a/libs/web/root/etc/config/luci b/libs/web/root/etc/config/luci index 8382b5d28..4aec08049 100644 --- a/libs/web/root/etc/config/luci +++ b/libs/web/root/etc/config/luci @@ -19,17 +19,17 @@ config extern flash_keep option firewall "/etc/firewall.user" config event uci_oncommit - option network "/sbin/luci-reload network firewall dnsmasq" - option wireless "/sbin/luci-reload network firewall dnsmasq" + option network "/sbin/luci-reload network firewall dnsmasq luci_splash" + option wireless "/sbin/luci-reload network firewall dnsmasq luci_splash" option olsr "/sbin/luci-reload olsrd" option dhcp "/sbin/luci-reload dnsmasq" option dropbear "/sbin/luci-reload dropbear" option httpd "/sbin/luci-reload httpd" option fstab "/sbin/luci-reload fstab" option qos "/sbin/luci-reload qos" - option firewall "/sbin/luci-reload firewall" + option firewall "/sbin/luci-reload firewall luci_splash" option luci_ethers "/sbin/luci-reload luci_ethers dnsmasq" - option luci_splash "/sbin/luci-reload luci_splash" + option luci_splash "/sbin/luci-reload firewall luci_splash" option upnpd "/etc/init.d/miniupnpd enabled && /sbin/luci-reload miniupnpd || /etc/init.d/miniupnpd stop" option ntpclient "/sbin/luci-reload ntpclient" -- 2.11.0