Difuse/routing
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #407 from bluewavenet/openwrt-18.06

Browse source 
nodogsplash: Backport v3.2.0 to Openwrt 18.06
This commit is contained in:
Moritz Warning 2018-09-05 14:23:59 +02:00 committed by GitHub
commit 59e815882d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 382 additions and 1000 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
nodogsplash/Makefile
View file

@ -7,14 +7,15 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=nodogsplash PKG_NAME:=nodogsplash
PKG_FIXUP:=autoreconf PKG_FIXUP:=autoreconf
PKG_VERSION:=1.0.2 PKG_VERSION:=3.2.0
PKG_RELEASE:=1 PKG_RELEASE:=0
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)/ PKG_SOURCE_URL:=https://codeload.github.com/nodogsplash/nodogsplash/tar.gz/v$(PKG_VERSION)?
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=nodogsplash-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=git://github.com/nodogsplash/nodogsplash.git PKG_HASH:=c9712c21c2cc88724a8104fa63edd4f69d31af24db0fad84db6105fae2d65809
PKG_SOURCE_VERSION:=9ef7d5fc16351585baf65877776d19cf85bf3031 PKG_BUILD_DIR:=$(BUILD_DIR)/nodogsplash-$(PKG_VERSION)
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_MAINTAINER:=Moritz Warning <moritzwarning@web.de>
PKG_BUILD_PARALLEL:=1 PKG_BUILD_PARALLEL:=1
PKG_LICENSE:=GPL-2.0+ PKG_LICENSE:=GPL-2.0+
@ -25,34 +26,41 @@ define Package/nodogsplash
SUBMENU:=Captive Portals SUBMENU:=Captive Portals
SECTION:=net SECTION:=net
CATEGORY:=Network CATEGORY:=Network
DEPENDS:=+libpthread +iptables-mod-ipopt DEPENDS:=+libpthread +iptables-mod-ipopt +libmicrohttpd-no-ssl
TITLE:=Open public network gateway daemon TITLE:=Open public network gateway daemon
URL:=https://github.com/nodogsplash/nodogsplash URL:=https://github.com/nodogsplash/nodogsplash
CONFLICTS:=nodogsplash2
endef endef
define Package/nodogsplash/description define Package/nodogsplash/description
Nodogsplash offers a simple way to open a free hotspot providing Nodogsplash is a Captive Portal that offers a simple way to
restricted access to an internet connection. provide restricted access to the Internet by showing a splash
page to the user before Internet access is granted.
It also incorporates an API that allows the creation of
sophisticated authentication applications.
endef endef
define Package/nodogsplash/install define Package/nodogsplash/install
$(CP) ./files/* $(1)/
$(INSTALL_DIR) $(1)/usr/bin $(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/nodogsplash $(1)/usr/bin/ $(INSTALL_BIN) $(PKG_BUILD_DIR)/nodogsplash $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/ndsctl $(1)/usr/bin/ $(INSTALL_BIN) $(PKG_BUILD_DIR)/ndsctl $(1)/usr/bin/
$(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_DIR) $(1)/etc/nodogsplash/htdocs/images
$(INSTALL_BIN) files/nodogsplash.init $(1)/etc/init.d/nodogsplash $(CP) $(PKG_BUILD_DIR)/resources/splash.html $(1)/etc/nodogsplash/htdocs/
$(INSTALL_DIR) $(1)/etc/config $(CP) $(PKG_BUILD_DIR)/resources/status.html $(1)/etc/nodogsplash/htdocs/
$(INSTALL_CONF) files/nodogsplash.config $(1)/etc/config/nodogsplash $(CP) $(PKG_BUILD_DIR)/resources/splash.jpg $(1)/etc/nodogsplash/htdocs/images/
endef
$(INSTALL_DIR) $(1)/etc/$(PKG_NAME)/htdocs/images define Package/nodogsplash/postrm
$(CP) $(PKG_BUILD_DIR)/resources/splash.html $(1)/etc/$(PKG_NAME)/htdocs/ #!/bin/sh
$(CP) $(PKG_BUILD_DIR)/resources/infoskel.html $(1)/etc/$(PKG_NAME)/htdocs/ uci delete firewall.nodogsplash
$(CP) $(PKG_BUILD_DIR)/resources/splash.jpg $(1)/etc/$(PKG_NAME)/htdocs/images/ uci commit firewall
endef endef
define Package/nodogsplash/conffiles define Package/nodogsplash/conffiles
/etc/nodogsplash/nodogsplash.conf /etc/config/nodogsplash
endef endef
$(eval $(call BuildPackage,nodogsplash)) $(eval $(call BuildPackage,nodogsplash))

139
nodogsplash/files/etc/config/nodogsplash Normal file
View file

@ -0,0 +1,139 @@
# The options available here are an adaptation of the settings used in nodogsplash.conf.
# See https://github.com/nodogsplash/nodogsplash/blob/master/resources/nodogsplash.conf
config nodogsplash
# Set to 0 to disable nodogsplash
option enabled 1
# Set to 0 to disable hook that makes nodogsplash restart when the firewall restarts.
# This hook is needed as a restart of Firewall overwrites nodogsplash iptables entries.
option fwhook_enabled '1'
# Serve the file splash.html from this directory
option webroot '/etc/nodogsplash/htdocs'
# Use plain configuration file
#option config '/etc/nodogsplash/nodogsplash.conf'
# Use this option to set the device nogogsplash will bind to.
# The value may be an interface section in /etc/config/network or a device name such as br-lan.
option gatewayinterface 'br-lan'
option gatewayname 'OpenWrt Nodogsplash'
option maxclients '250'
# Enables debug output (0-7)
#option debuglevel '7'
# Client timeouts in minutes
option preauthidletimeout '10'
option authidletimeout '120'
# Enable BinAuth Support.
# If set, a program is called with several parameters on authentication (request) and deauthentication.
# Request for authentication:
# $<BinAuth> auth_client <client_mac> '<username>' '<password>'
#
# The username and password values may be empty strings and are URL encoded.
# The program is expected to output the number of seconds the client
# is to be authenticated. Zero or negative seconds will cause the authentification request
# to be rejected. The same goes for an exit code that is not 0.
# The output may contain a user specific download and upload limit in KBit/s:
# <seconds> <upload> <download>
#
# Called on authentication or deauthentication:
# $<BinAuth> <*auth|*deauth> <incoming_bytes> <outgoing_bytes> <session_start> <session_end>
#
# "client_auth": Client authenticated via this script.
# "client_deauth": Client deauthenticated by the client via splash page.
# "idle_deauth": Client was deauthenticated because of inactivity.
# "timeout_deauth": Client was deauthenticated because the session timed out.
# "ndsctl_auth": Client was authenticated manually by the ndsctl tool.
# "ndsctl_deauth": Client was deauthenticated by the ndsctl tool.
# "shutdown_deauth": Client was deauthenticated by Nodogsplash terminating.
#
# Values session_start and session_start are in seconds since 1970 or 0 for unknown/unlimited.
#
#option binauth '/bin/myauth.sh'
# Enable Forwarding Authentication Service (FAS)
# If set redirection is changed from splash.html to a FAS (provided by the system administrator)
# The value is the IP port number of the FAS
#option fasport '80'
# Option: fasremoteip
# Default: GatewayAddress (the IP of NDS)
# If set, this is the remote ip address of the FAS.
#option fasremoteip '46.32.240.41'
# Option: faspath
# Default: /
# This is the path from the FAS Web Root to the FAS login page
# (not the file system root).
#option faspath '/onboard-wifi.net/nodog/fas.php'
# Option: fas_secure_enabled
# Default: 1
# If set to "1", authaction and the client token are not revealed and it is the responsibility
# of the FAS to request the token from NDSCTL.
# If set to "0", the client token is sent to the FAS in clear text in the query string of the
# redirect along with authaction and redir.
#option fas_secure_enabled '0'
# Your router may have several interfaces, and you
# probably want to keep them private from the network/gatewayinterface.
# If so, you should block the entire subnets on those interfaces, e.g.:
#list authenticated_users 'block to 192.168.0.0/16'
#list authenticated_users 'block to 10.0.0.0/8'
# Typical ports you will probably want to open up.
#list authenticated_users 'allow tcp port 22'
#list authenticated_users 'allow tcp port 53'
#list authenticated_users 'allow udp port 53'
#list authenticated_users 'allow tcp port 80'
#list authenticated_users 'allow tcp port 443'
# Or for happy customers allow all
list authenticated_users 'allow all'
# For preauthenticated users to resolve IP addresses in their
# initial request not using the router itself as a DNS server,
# Leave commented to help prevent DNS tunnelling
#list preauthenticated_users 'allow tcp port 53'
#list preauthenticated_users 'allow udp port 53'
# Allow ports for SSH/Telnet/DNS/DHCP/HTTP/HTTPS
list users_to_router 'allow tcp port 22'
list users_to_router 'allow tcp port 23'
list users_to_router 'allow tcp port 53'
list users_to_router 'allow udp port 53'
list users_to_router 'allow udp port 67'
list users_to_router 'allow tcp port 80'
# MAC addresses that are / are not allowed to access the splash page
# Value is either 'allow' or 'block'. The allowedmac or blockedmac list is used.
#option macmechanism 'allow'
#list allowedmac '00:00:C0:01:D0:0D'
#list allowedmac '00:00:C0:01:D0:1D'
#list blockedmac '00:00:C0:01:D0:2D'
# MAC addresses that do not need to authenticate
#list trustedmac '00:00:C0:01:D0:1D'
# Nodogsplash uses specific HEXADECIMAL values to mark packets used by iptables as a bitwise mask.
# This mask can conflict with the requirements of other packages such as mwan3, sqm etc
# Any values set here are interpreted as in hex format.
#
# List: fw_mark_authenticated
# Default: 30000 (0011|0000|0000|0000|0000 binary)
#
# List: fw_mark_trusted
# Default: 20000 (0010|0000|0000|0000|0000 binary)
#
# List: fw_mark_blocked
# Default: 10000 (0001|0000|0000|0000|0000 binary)
#
#list fw_mark_authenticated '30000'
#list fw_mark_trusted '20000'
#list fw_mark_blocked '10000'

199
nodogsplash/files/etc/init.d/nodogsplash Executable file
View file

@ -0,0 +1,199 @@
#!/bin/sh /etc/rc.common
#
# Startup/shutdown script for nodogsplash captive portal
#
START=95
STOP=95
USE_PROCD=1
IPT=/usr/sbin/iptables
WD_DIR=/usr/bin
# -s -d 5 runs in background, with level 5 (not so verbose) messages to syslog
# -f -d 7 runs in foreground, with level 7 (verbose) debug messages to terminal
OPTIONS="-s -f -d 5"
CONFIG=""
addline() {
append CONFIG "$1" "$N"
}
setup_mac_lists() {
local cfg="$1"
local macs=""
local val
append_mac() {
append macs "$1" ","
}
config_get val "$cfg" macmechanism
if [ -z "$val" ]; then
# Check if we have AllowedMACList or BlockedMACList defined they will be ignored
config_get val "$cfg" allowedmac
if [ -n "$val" ]; then
echo "Ignoring allowedmac - macmechanism not \"allow\"" >&2
fi
config_get val "$cfg" blockedmac
if [ -n "$val" ]; then
echo "Ignoring blockedmac - macmechanism not \"block\"" >&2
fi
elif [ "$val" = "allow" ]; then
config_list_foreach "$cfg" allowedmac append_mac
addline "AllowedMACList $macs"
elif [ "$val" = "block" ]; then
config_list_foreach "$cfg" blockedmac append_mac
addline "BlockedMACList $macs"
else
echo "Invalid macmechanism '$val' - allow or block are valid." >&2
exit 1
fi
macs=""
config_list_foreach "$cfg" trustedmac append_mac
if [ -n "$macs" ]; then
addline "TrustedMACList $macs"
fi
}
setup_firewall() {
local cfg="$1"
local uci_name
local val
append_firewall() {
addline " FirewallRule $1"
}
for rule in authenticated-users preauthenticated-users users-to-router trusted-users trusted-users-to-router; do
# uci does not allow dashes
uci_name=${rule//-/_}
addline "FirewallRuleSet $rule {"
config_list_foreach "$cfg" "$uci_name" append_firewall
addline "}"
config_get val "$cfg" "policy_${uci_name}"
if [ -n "$val" ]; then
addline "EmptyRuleSetPolicy $rule $val"
fi
done
}
wait_for_interface() {
local ifname="$1"
local timeout=10
for i in $(seq $timeout); do
if [ $(ip -4 addr show dev $ifname 2> /dev/null | grep -c inet) -ne 0 ]; then
break
fi
sleep 1
if [ $i = $timeout ]; then
echo "Interface $ifname not detected." >&2
exit 1
fi
done
}
generate_uci_config() {
local cfg="$1"
local val
local ifname
local download
local upload
# Init config file content
CONFIG="# auto-generated config file from /etc/config/nodogsplash"
config_get val "$cfg" config
if [ -n "$val" ]; then
if [ ! -f "$val" ]; then
echo "Configuration file '$file' doesn't exist." >&2
exit 1
fi
addline "$(cat $val)"
fi
config_get ifname "$cfg" gatewayinterface
if [ -z "$ifname" ]; then
config_get ifname "$cfg" network
fi
# Get device name if interface name is a section name in /etc/config/network
if network_get_device tmp "$ifname"; then
ifname="$tmp"
fi
if [ -z "$ifname" ]; then
echo "Option network or gatewayinterface missing." >&2
exit 1
fi
wait_for_interface "$ifname"
addline "GatewayInterface $ifname"
for option in binauth fasport fasremoteip faspath fas_secure_enabled \
daemon debuglevel maxclients gatewayname gatewayinterface gatewayiprange \
gatewayaddress gatewayport webroot splashpage statuspage imagesdir pagesdir \
redirecturl preauthidletimeout authidletimeout checkinterval setmss mssvalue \
trafficcontrol downloadlimit uploadlimit downloadimq uploadimq syslogfacility \
ndsctlsocket fw_mark_authenticated fw_mark_blocked fw_mark_trusted
do
config_get val "$cfg" "$option"
if [ -n "$val" ]; then
addline "$option $val"
fi
done
config_get download "$cfg" downloadlimit
config_get upload "$cfg" uploadlimit
if [ -n "$upload" -o -n "$download" ]; then
addline "TrafficControl yes"
fi
setup_mac_lists "$cfg"
setup_firewall "$cfg"
echo "$CONFIG" > "/tmp/etc/nodogsplash_$cfg.conf"
}
# setup configuration and start instance
create_instance() {
local cfg="$1"
local val
config_get_bool val "$cfg" enabled 0
[ $val -gt 0 ] || return 0
generate_uci_config "$cfg"
procd_open_instance $cfg
procd_set_param command /usr/bin/nodogsplash -c "/tmp/etc/nodogsplash_$cfg.conf" $OPTIONS
procd_set_param respawn
procd_set_param file "/tmp/etc/nodogsplash_$cfg.conf"
procd_close_instance
}
start_service() {
# For network_get_device()
include /lib/functions
# For nodogsplash.conf file
mkdir -p /tmp/etc/
config_load nodogsplash
config_foreach create_instance nodogsplash
}
stop_service() {
# When procd terminates nodogsplash, it does not exit fast enough.
# Otherwise procd will restart nodogsplash twice. First time starting
# nodogsplash fails, second time it succeeds.
sleep 1
}

9
nodogsplash/files/etc/uci-defaults/40_nodogsplash Normal file
View file

@ -0,0 +1,9 @@
#!/bin/sh
uci -q batch <<-EOF
delete firewall.nodogsplash
set firewall.nodogsplash=include
set firewall.nodogsplash.type=script
set firewall.nodogsplash.path=/usr/lib/nodogsplash/restart.sh
commit firewall
EOF

53
nodogsplash/files/nodogsplash.config
View file

@ -1,53 +0,0 @@
# The options available here are an adaptation of the settings used in nodogsplash.conf.
# See https://github.com/nodogsplash/nodogsplash/blob/master/resources/nodogsplash.conf
config nodogsplash
# Set to 1 to enable nodogsplash
option enabled 0
# Use plain configuration file
#option config '/etc/nodogsplash/nodogsplash.conf'
# The network the users are connected to
option network 'lan'
option gatewayname 'OpenWrt Nodogsplash'
option maxclients '250'
option clientidletimeout '1200'
# Your router may have several interfaces, and you
# probably want to keep them private from the network/gatewayinterface.
# If so, you should block the entire subnets on those interfaces, e.g.:
list authenticated_users 'block to 192.168.0.0/16'
list authenticated_users 'block to 10.0.0.0/8'
# Typical ports you will probably want to open up.
list authenticated_users 'allow tcp port 22'
list authenticated_users 'allow tcp port 53'
list authenticated_users 'allow udp port 53'
list authenticated_users 'allow tcp port 80'
list authenticated_users 'allow tcp port 443'
# For preauthenticated users to resolve IP addresses in their
# initial request not using the router itself as a DNS server,
list preauthenticated_users 'allow tcp port 53'
list preauthenticated_users 'allow udp port 53'
# Allow ports for SSH/Telnet/DNS/DHCP/HTTP/HTTPS
list users_to_router 'allow tcp port 22'
list users_to_router 'allow tcp port 23'
list users_to_router 'allow tcp port 53'
list users_to_router 'allow udp port 53'
list users_to_router 'allow udp port 67'
list users_to_router 'allow tcp port 80'
list users_to_router 'allow tcp port 443'
# MAC addresses that are / are not allowed to access the splash page
# Value is either 'allow' or 'block'. The allowedmac or blockedmac list is used.
#option macmechanism 'allow'
#list allowedmac '00:00:C0:01:D0:0D'
#list allowedmac '00:00:C0:01:D0:1D'
#list blockedmac '00:00:C0:01:D0:2D'
#MAC addresses that do not need to authenticate
#list trustedmac '00:00:C0:01:D0:1D'

393
nodogsplash/files/nodogsplash.init
View file

@ -1,393 +0,0 @@
#!/bin/sh /etc/rc.common
#
# description: Startup/shutdown script for nodogsplash captive portal
#
# Alexander Couzens <lynxis@fe80.eu> 2014
# P. Kube 2007
#
# (Based on wifidog startup script
# Date : 2004-08-25
# Version : 1.0
# Comment by that author: Could be better, but it's working as expected)
#
START=95
STOP=95
USE_PROCD=1
IPT=/usr/sbin/iptables
WD_DIR=/usr/bin
# -s -d 5 runs in background, with level 5 (not so verbose) messages to syslog
# -f -d 7 runs in foreground, with level 7 (verbose) debug messages to terminal
OPTIONS="-s -f -d 5"
CONFIGFILE="/tmp/invalid_nodogsplash.conf"
# nolog(loglevel message ...)
nolog() {
local level=$1
shift
logger -s -t nodogsplash -p daemon.$level $@
}
# append_config_option_map <cfgfile> <uci_cfg_obj> <option_name> <config_counterpart> [<optional default>]
# append "$config_counterpart $value" to cfgfile if option_name exists
# e.g. append_config_option "$CONFIGFILE" "$cfg" bind_address BindAddress 0.0.0.0
# will append "BindAddress 192.168.1.1" if uci bind_address is '192.168.1.1'
append_config_option_map() {
local val=""
local config_file="$1"
local cfg="$2"
local option_name="$3"
local config_counterpart="$4"
local default="$5"
config_get val "$cfg" "$option_name" "$default"
[ -n "$val" ] && echo "$config_counterpart $val" >> $config_file
}
# append_config_option <cfgfile> <uci_cfg_obj> <option_name> [<optional default>]
# append "$option_name $value" to cfgfile if option_name exists
# e.g. append_config_option "$CONFIGFILE" "$cfg" bind_address 0.0.0.0
# will append "bind_address 192.168.1.1" if uci bind_address is '192.168.1.1'
# if uci bind_address is unset append "bind_address 0.0.0.0"
append_config_option() {
local val=""
local config_file="$1"
local cfg="$2"
local option_name="$3"
local default="$4"
config_get val "$cfg" "$option_name" "$default"
[ -n "$val" ] && echo "$option_name $val" >> $config_file
}
setup_mac_lists() {
local cfg="$1"
local MAC=""
local val
append_mac() {
append MAC "$1" ","
}
config_get val "$cfg" macmechanism
if [ -z "$val" ] ; then
# check if we have AllowedMACList or BlockedMACList defined they will be ignored
config_get val "$cfg" allowedmac
if [ -n "$val" ] ; then
echo "Ignoring allowedmac - macmechanism not \"allow\"" >&2
fi
config_get val "$cfg" blockedmac
if [ -n "$val" ] ; then
echo "Ignoring blockedmac - macmechanism not \"block\"" >&2
fi
elif [ "$val" == "allow" ] ; then
MAC=""
config_list_foreach "$cfg" allowedmac append_mac
echo "AllowedMACList $MAC" >> $CONFIGFILE
elif [ "$val" == "block" ] ; then
MAC=""
config_list_foreach "$cfg" blockedmac append_mac
echo "BlockedMACList $MAC" >> $CONFIGFILE
else
nolog error "$cfg Invalid macmechanism '$val' - allow or block are valid."
return 1
fi
MAC=""
config_list_foreach "$cfg" trustedmac append_mac
[ -n "$MAC" ] && echo "TrustedMACList $MAC" >> $CONFIGFILE
}
setup_firewall() {
local cfg="$1"
local uciname
local val
append_firewall() {
echo " FirewallRule $1" >> $CONFIGFILE
}
for rule in $(echo authenticated-users preauthenticated-users users-to-router trusted-users trusted-users-to-router)
do
uci_name=${rule//-/_}
# uci does not allow - dashes
echo "FirewallRuleSet $rule {" >> $CONFIGFILE
config_list_foreach "$cfg" ${uci_name} append_firewall
echo "}" >> $CONFIGFILE
config_get val "$cfg" policy_${uci_name}
[ -n "$val" ] && echo "EmptyRuleSetPolicy $rule $val" >> $CONFIGFILE
done
}
wait_for_interface()
{
local ifname="$1"
local timeout=10
for i in $(seq $timeout); do
if [ $(ip -4 addr show dev $ifname 2> /dev/null | grep -c inet) -ne 0 ]; then
break
fi
sleep 1
if [ $i == $timeout ] ; then
nolog error "$ifname not detected, NoDogSplash not starting."
exit 1
fi
done
}
generate_uci_config() {
local cfg="$1"
local val
local ifname
local download
local upload
CONFIGFILE="/tmp/etc/nodogsplash_$cfg.conf"
echo "# auto-generated config file from /etc/config/nodogsplash" > $CONFIGFILE
config_get val "$cfg" config
if [ -n "$val" ] ; then
if [ ! -f "$val" ] ; then
nolog error "Configuration file '$file' doesn't exist"
return 0
fi
cat "$val" >> $CONFIGFILE
fi
config_get val "$cfg" network
if [ -n "$val" ] ; then
if ! network_get_device ifname "$val" ; then
nolog error "$cfg can not find ifname for network '$val'"
return 1
fi
fi
config_get val "$cfg" gatewayinterface
if [ -n "$val" ] ; then
if [ -n "$ifname" ] ; then
nolog error "$cfg cannot use both option network and gatewayinterface"
return 1
fi
ifname="$val"
fi
if [ -z "$ifname" ] ; then
nolog error "$cfg option network or gatewayinterface missing"
return 1
fi
wait_for_interface "$ifname"
echo "GatewayInterface $ifname" >> $CONFIGFILE
append_config_option "$CONFIGFILE" "$cfg" gatewayname
append_config_option "$CONFIGFILE" "$cfg" gatewayaddress
append_config_option "$CONFIGFILE" "$cfg" gatewayport
append_config_option "$CONFIGFILE" "$cfg" maxclients
append_config_option "$CONFIGFILE" "$cfg" webroot
append_config_option "$CONFIGFILE" "$cfg" debuglevel
append_config_option "$CONFIGFILE" "$cfg" splashpage
append_config_option "$CONFIGFILE" "$cfg" pagesdir
append_config_option "$CONFIGFILE" "$cfg" checkinterval
append_config_option "$CONFIGFILE" "$cfg" syslogfacility
append_config_option "$CONFIGFILE" "$cfg" gatewayiprange
append_config_option "$CONFIGFILE" "$cfg" imagedir
append_config_option "$CONFIGFILE" "$cfg" redirecturl
append_config_option "$CONFIGFILE" "$cfg" clientidletimeout
append_config_option "$CONFIGFILE" "$cfg" clientforcetimeout
append_config_option "$CONFIGFILE" "$cfg" gatewayiprange
append_config_option "$CONFIGFILE" "$cfg" passwordattempts
append_config_option "$CONFIGFILE" "$cfg" macmechanism
append_config_option "$CONFIGFILE" "$cfg" uploadlimit
append_config_option "$CONFIGFILE" "$cfg" downloadlimit
append_config_option "$CONFIGFILE" "$cfg" remoteauthenticatoraction
append_config_option "$CONFIGFILE" "$cfg" enablepreauth
append_config_option "$CONFIGFILE" "$cfg" binvoucher
append_config_option "$CONFIGFILE" "$cfg" forcevoucher
append_config_option "$CONFIGFILE" "$cfg" passwordauthentication
append_config_option "$CONFIGFILE" "$cfg" usernameauthentication
append_config_option "$CONFIGFILE" "$cfg" passwordattempts
append_config_option "$CONFIGFILE" "$cfg" username
append_config_option "$CONFIGFILE" "$cfg" password
append_config_option "$CONFIGFILE" "$cfg" authenticateimmediately
append_config_option "$CONFIGFILE" "$cfg" decongesthttpdthreads
append_config_option "$CONFIGFILE" "$cfg" httpdthreadthreshold
append_config_option "$CONFIGFILE" "$cfg" httpdthreaddelayms
append_config_option "$CONFIGFILE" "$cfg" fw_mark_authenticated
append_config_option "$CONFIGFILE" "$cfg" fw_mark_trusted
append_config_option "$CONFIGFILE" "$cfg" fw_mark_blocked
config_get download "$cfg" downloadlimit
config_get upload "$cfg" uploadlimit
[ -n "$upload" -o -n "$download" ] && echo "TrafficControl yes" >> $CONFIGFILE
setup_mac_lists "$cfg"
setup_firewall "$cfg"
}
# setup configuration and start instance
create_instance() {
local cfg="$1"
local manual_config
local val
config_get_bool val "$cfg" enabled 0
[ $val -gt 0 ] || return 0
generate_uci_config "$cfg"
if ! test_module ; then
logger -s -t nodogsplash -p daemon.error "nodogsplash is missing some kernel modules"
fi
procd_open_instance $cfg
procd_set_param command /usr/bin/nodogsplash -c $CONFIGFILE $OPTIONS
procd_set_param respawn
procd_set_param file $CONFIGFILE
procd_close_instance
}
start_service() {
include /lib/functions
mkdir -p /tmp/etc/
config_load nodogsplash
config_foreach create_instance nodogsplash
}
stop_service() {
# nodogsplash doesn't exit fast enought, when procd terminates it.
# otherwise procd will restart nodogsplash twice. first time starting nodogsplash fails, second time it succeeds
sleep 1
}
status() {
$WD_DIR/ndsctl status
}
# Test if we got all modules loaded
test_module() {
### Test ipt_mark with iptables
test_ipt_mark () {
($IPT -A FORWARD -m mark --mark 2 -j ACCEPT 2>&1) > /dev/null
IPTABLES_OK=$?
if [ "$IPTABLES_OK" -eq 0 ]; then
($IPT -D FORWARD -m mark --mark 2 -j ACCEPT 2>&1) > /dev/null
return 0
else
return 1
fi
}
### Test ipt_mac with iptables
test_ipt_mac () {
($IPT -A INPUT -m mac --mac-source 00:00:00:00:00:00 -j ACCEPT 2>&1) > /dev/null
IPTABLES_OK=$?
if [ "$IPTABLES_OK" -eq 0 ]; then
($IPT -D INPUT -m mac --mac-source 00:00:00:00:00:00 -j ACCEPT 2>&1) > /dev/null
return 0
else
return 1
fi
}
### Test ipt_IMQ with iptables
test_ipt_IMQ () {
($IPT -t mangle -A PREROUTING -j IMQ --todev 0 2>&1) > /dev/null
IPTABLES_OK=$?
if [ "$IPTABLES_OK" -eq 0 ]; then
($IPT -t mangle -D PREROUTING -j IMQ --todev 0 2>&1) > /dev/null
return 0
else
return 1
fi
}
### Test imq with ip
test_imq () {
(ip link set imq0 up 2>&1) > /dev/null
IMQ0_OK=$?
(ip link set imq1 up 2>&1) > /dev/null
IMQ1_OK=$?
if [ "$IMQ0_OK" -eq 0 -a "$IMQ1_OK" -eq 0 ]; then
(ip link set imq0 down 2>&1) > /dev/null
(ip link set imq1 down 2>&1) > /dev/null
return 0
else
return 1
fi
}
### Test sch_htb with tc; requires imq0
test_sch_htb () {
(tc qdisc del dev imq0 root 2>&1) > /dev/null
(tc qdisc add dev imq0 root htb 2>&1) > /dev/null
TC_OK=$?
if [ "$TC_OK" -eq 0 ]; then
(tc qdisc del dev imq0 root 2>&1) > /dev/null
return 0
else
return 1
fi
}
### Find a module on disk
module_exists () {
EXIST=$(find /lib/modules/`uname -r` -name $1.*o 2> /dev/null)
if [ -n "$EXIST" ]; then
return 0
else
return 1
fi
}
### Test if a module is in memory
module_in_memory () {
MODULE=$(lsmod | grep $1 | awk '{print $1}')
if [ "$MODULE" = "$1" ]; then
return 0
else
return 1
fi
}
### Test functionality of a module; load if necessary
do_module_tests () {
echo " Testing module $1 $2"
"test_$1"
if [ $? -ne 0 ]; then
echo " Module $1 $2 needed"
echo " Scanning disk for $1 module"
module_exists $1
if [ $? -ne 0 ]; then
echo " $1 module missing: please install it"
exit 1
else
echo " $1 exists, trying to load"
insmod $1 $2 > /dev/null
if [ $? -ne 0 ]; then
echo " Error: insmod $1 $2 failed"
exit 1
else
echo " $1 $2 loaded successfully"
fi
fi
else
echo " $1 is working"
fi
}
echo " Testing required modules"
do_module_tests "ipt_mac"
do_module_tests "ipt_mark"
# test for imq modules, only if TrafficControl is enabled in conf
if ( grep -q -E '^[[:space:]]*TrafficControl[[:space:]]+(yes|true|1)' "$CONFIGFILE" ) ; then
do_module_tests "imq" "numdevs=2"
do_module_tests "ipt_IMQ"
do_module_tests "sch_htb"
fi
}

8
nodogsplash/files/usr/lib/nodogsplash/restart.sh Executable file
View file

@ -0,0 +1,8 @@
#!/bin/sh
# Check if nodogsplash is running
if ndsctl status &> /dev/null; then
if [ "$(uci -q get nodogsplash.@nodogsplash[0].fwhook_enabled)" = "1" ]; then
/etc/init.d/nodogsplash restart
fi
fi

66
nodogsplash2/Makefile
View file

@ -1,66 +0,0 @@
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=nodogsplash2
PKG_FIXUP:=autoreconf
PKG_VERSION:=2.1.1
PKG_RELEASE:=1
PKG_SOURCE_URL:=https://codeload.github.com/nodogsplash/nodogsplash/tar.gz/v$(PKG_VERSION)?
PKG_SOURCE:=nodogsplash-$(PKG_VERSION).tar.gz
PKG_HASH:=86463a93259f34745a7427d643e0810e7776d37470b32f4f823a1e6019ba9246
PKG_BUILD_DIR:=$(BUILD_DIR)/nodogsplash-$(PKG_VERSION)
PKG_MAINTAINER:=Moritz Warning <moritzwarning@web.de>
PKG_BUILD_PARALLEL:=1
PKG_LICENSE:=GPL-2.0+
include $(INCLUDE_DIR)/package.mk
define Package/nodogsplash2
SUBMENU:=Captive Portals
SECTION:=net
CATEGORY:=Network
DEPENDS:=+libpthread +iptables-mod-ipopt +libmicrohttpd-no-ssl
TITLE:=Open public network gateway daemon
URL:=https://github.com/nodogsplash/nodogsplash
CONFLICTS:=nodogsplash
endef
define Package/nodogsplash2/description
Nodogsplash offers a simple way to open a free hotspot providing
restricted access to an internet connection.
endef
define Package/nodogsplash2/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/nodogsplash $(1)/usr/bin/
$(INSTALL_BIN) $(PKG_BUILD_DIR)/ndsctl $(1)/usr/bin/
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) files/nodogsplash.init $(1)/etc/init.d/nodogsplash
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) files/nodogsplash.config $(1)/etc/config/nodogsplash
$(INSTALL_DIR) $(1)/etc/nodogsplash/htdocs/images
$(CP) $(PKG_BUILD_DIR)/resources/splash.html $(1)/etc/nodogsplash/htdocs/
$(CP) $(PKG_BUILD_DIR)/resources/infoskel.html $(1)/etc/nodogsplash/htdocs/
$(CP) $(PKG_BUILD_DIR)/resources/splash.jpg $(1)/etc/nodogsplash/htdocs/images/
endef
define Package/nodogsplash2/postrm
#!/bin/sh
uci delete firewall.nodogsplash2
uci commit firewall
endef
define Package/nodogsplash2/conffiles
/etc/config/nodogsplash
endef
$(eval $(call BuildPackage,nodogsplash2))

82
nodogsplash2/files/nodogsplash.config
View file

@ -1,82 +0,0 @@
# The options available here are an adaptation of the settings used in nodogsplash.conf.
# See https://github.com/nodogsplash/nodogsplash/blob/master/resources/nodogsplash.conf
config nodogsplash
# Set to 0 to disable nodogsplash
option enabled 1
# Set to 0 to disable hook that makes Firewall restart nodogsplash when Firewall restarts
# This hook is needed as a restart of Firewall overwrites nodogsplash iptables entries
option fwhook_enabled '1'
# Serve the file splash.html from this directory
option webroot '/etc/nodogsplash/htdocs'
# Use plain configuration file
#option config '/etc/nodogsplash/nodogsplash.conf'
# Use this option to set the network interface the users are connected to
# Must not be used with option gatewayinterface
# This option automatically identifies the active lan device for nodogsplash to bind to
# This option may fail if the device configured for this interface is not up when nodogsplash starts at boot time
# You may change this to any valid virtual lan interface that has been defined, eg lan, lan2, public_lan wlan2 etc
# option network 'lan'
# Use this option to set the device nogogsplash will bind to
# Must not be used with option network
# The nodogsplash init script will wait for this device to be up before loading the nodogsplash service
# You may change this to any valid lan device eg br-lan, wlan0, eth0.1 etc
option gatewayinterface 'br-lan'
option gatewayname 'OpenWrt Nodogsplash'
option maxclients '250'
# Client timeouts in minutes
option clientidletimeout '120'
option clientforcetimeout '1440'
# Your router may have several interfaces, and you
# probably want to keep them private from the network/gatewayinterface.
# If so, you should block the entire subnets on those interfaces, e.g.:
# list authenticated_users 'block to 192.168.0.0/16'
# list authenticated_users 'block to 10.0.0.0/8'
# Typical ports you will probably want to open up.
#list authenticated_users 'allow tcp port 22'
#list authenticated_users 'allow tcp port 53'
#list authenticated_users 'allow udp port 53'
#list authenticated_users 'allow tcp port 80'
#list authenticated_users 'allow tcp port 443'
# Or for happy customers allow all
list authenticated_users 'allow all'
# For preauthenticated users to resolve IP addresses in their
# initial request not using the router itself as a DNS server,
# Leave commented to help prevent DNS tunnelling
#list preauthenticated_users 'allow tcp port 53'
#list preauthenticated_users 'allow udp port 53'
# Allow ports for SSH/Telnet/DNS/DHCP/HTTP/HTTPS
list users_to_router 'allow tcp port 22'
list users_to_router 'allow tcp port 23'
list users_to_router 'allow tcp port 53'
list users_to_router 'allow udp port 53'
list users_to_router 'allow udp port 67'
list users_to_router 'allow tcp port 80'
# MAC addresses that are / are not allowed to access the splash page
# Value is either 'allow' or 'block'. The allowedmac or blockedmac list is used.
#option macmechanism 'allow'
#list allowedmac '00:00:C0:01:D0:0D'
#list allowedmac '00:00:C0:01:D0:1D'
#list blockedmac '00:00:C0:01:D0:2D'
# MAC addresses that do not need to authenticate
#list trustedmac '00:00:C0:01:D0:1D'
# Set FW_MARK for compatibilty with other OpenWrt Packages eg mwan3, sqm etc.
list fw_mark_authenticated '30000'
list fw_mark_trusted '20000'
list fw_mark_blocked '10000'

387
nodogsplash2/files/nodogsplash.init
View file

@ -1,387 +0,0 @@
#!/bin/sh /etc/rc.common
#
# description: Startup/shutdown script for nodogsplash captive portal
#
# Alexander Couzens <lynxis@fe80.eu> 2014
# P. Kube 2007
#
# (Based on wifidog startup script
# Date : 2004-08-25
# Version : 1.0
# Comment by that author: Could be better, but it's working as expected)
#
START=95
STOP=95
USE_PROCD=1
IPT=/usr/sbin/iptables
WD_DIR=/usr/bin
# -s -d 5 runs in background, with level 5 (not so verbose) messages to syslog
# -f -d 7 runs in foreground, with level 7 (verbose) debug messages to terminal
OPTIONS="-s -f -d 5"
CONFIGFILE="/tmp/invalid_nodogsplash.conf"
# nolog(loglevel message ...)
nolog() {
local level=$1
shift
logger -s -t nodogsplash -p daemon.$level $@
}
# append_config_option_map <cfgfile> <uci_cfg_obj> <option_name> <config_counterpart> [<optional default>]
# append "$config_counterpart $value" to cfgfile if option_name exists
# e.g. append_config_option "$CONFIGFILE" "$cfg" bind_address BindAddress 0.0.0.0
# will append "BindAddress 192.168.1.1" if uci bind_address is '192.168.1.1'
append_config_option_map() {
local val=""
local config_file="$1"
local cfg="$2"
local option_name="$3"
local config_counterpart="$4"
local default="$5"
config_get val "$cfg" "$option_name" "$default"
[ -n "$val" ] && echo "$config_counterpart $val" >> $config_file
}
# append_config_option <cfgfile> <uci_cfg_obj> <option_name> [<optional default>]
# append "$option_name $value" to cfgfile if option_name exists
# e.g. append_config_option "$CONFIGFILE" "$cfg" bind_address 0.0.0.0
# will append "bind_address 192.168.1.1" if uci bind_address is '192.168.1.1'
# if uci bind_address is unset append "bind_address 0.0.0.0"
append_config_option() {
local val=""
local config_file="$1"
local cfg="$2"
local option_name="$3"
local default="$4"
config_get val "$cfg" "$option_name" "$default"
[ -n "$val" ] && echo "$option_name $val" >> $config_file
}
setup_mac_lists() {
local cfg="$1"
local MAC=""
local val
append_mac() {
append MAC "$1" ","
}
config_get val "$cfg" macmechanism
if [ -z "$val" ] ; then
# check if we have AllowedMACList or BlockedMACList defined they will be ignored
config_get val "$cfg" allowedmac
if [ -n "$val" ] ; then
echo "Ignoring allowedmac - macmechanism not \"allow\"" >&2
fi
config_get val "$cfg" blockedmac
if [ -n "$val" ] ; then
echo "Ignoring blockedmac - macmechanism not \"block\"" >&2
fi
elif [ "$val" == "allow" ] ; then
MAC=""
config_list_foreach "$cfg" allowedmac append_mac
echo "AllowedMACList $MAC" >> $CONFIGFILE
elif [ "$val" == "block" ] ; then
MAC=""
config_list_foreach "$cfg" blockedmac append_mac
echo "BlockedMACList $MAC" >> $CONFIGFILE
else
nolog error "$cfg Invalid macmechanism '$val' - allow or block are valid."
return 1
fi
MAC=""
config_list_foreach "$cfg" trustedmac append_mac
[ -n "$MAC" ] && echo "TrustedMACList $MAC" >> $CONFIGFILE
}
setup_firewall() {
local cfg="$1"
local uciname
local val
append_firewall() {
echo " FirewallRule $1" >> $CONFIGFILE
}
for rule in $(echo authenticated-users preauthenticated-users users-to-router trusted-users trusted-users-to-router)
do
uci_name=${rule//-/_}
# uci does not allow - dashes
echo "FirewallRuleSet $rule {" >> $CONFIGFILE
config_list_foreach "$cfg" ${uci_name} append_firewall
echo "}" >> $CONFIGFILE
config_get val "$cfg" policy_${uci_name}
[ -n "$val" ] && echo "EmptyRuleSetPolicy $rule $val" >> $CONFIGFILE
done
}
wait_for_interface()
{
local ifname="$1"
local timeout=10
for i in $(seq $timeout); do
if [ $(ip -4 addr show dev $ifname 2> /dev/null | grep -c inet) -ne 0 ]; then
break
fi
sleep 1
if [ $i == $timeout ] ; then
nolog error "$ifname not detected, NoDogSplash not starting."
exit 1
fi
done
}
generate_uci_config() {
local cfg="$1"
local val
local ifname
local download
local upload
CONFIGFILE="/tmp/etc/nodogsplash_$cfg.conf"
echo "# auto-generated config file from /etc/config/nodogsplash" > $CONFIGFILE
config_get val "$cfg" config
if [ -n "$val" ] ; then
if [ ! -f "$val" ] ; then
nolog error "Configuration file '$file' doesn't exist"
return 0
fi
cat "$val" >> $CONFIGFILE
fi
config_get val "$cfg" network
if [ -n "$val" ] ; then
if ! network_get_device ifname "$val" ; then
nolog error "$cfg can not find ifname for network '$val'"
return 1
fi
fi
config_get val "$cfg" gatewayinterface
if [ -n "$val" ] ; then
if [ -n "$ifname" ] ; then
nolog error "$cfg cannot use both option network and gatewayinterface"
return 1
fi
ifname="$val"
fi
if [ -z "$ifname" ] ; then
nolog error "$cfg option network or gatewayinterface missing"
return 1
fi
wait_for_interface "$ifname"
echo "GatewayInterface $ifname" >> $CONFIGFILE
append_config_option "$CONFIGFILE" "$cfg" gatewayname
append_config_option "$CONFIGFILE" "$cfg" gatewayaddress
append_config_option "$CONFIGFILE" "$cfg" gatewayport
append_config_option "$CONFIGFILE" "$cfg" maxclients
append_config_option "$CONFIGFILE" "$cfg" webroot
append_config_option "$CONFIGFILE" "$cfg" debuglevel
append_config_option "$CONFIGFILE" "$cfg" splashpage
append_config_option "$CONFIGFILE" "$cfg" pagesdir
append_config_option "$CONFIGFILE" "$cfg" checkinterval
append_config_option "$CONFIGFILE" "$cfg" syslogfacility
append_config_option "$CONFIGFILE" "$cfg" gatewayiprange
append_config_option "$CONFIGFILE" "$cfg" imagedir
append_config_option "$CONFIGFILE" "$cfg" redirecturl
append_config_option "$CONFIGFILE" "$cfg" clientidletimeout
append_config_option "$CONFIGFILE" "$cfg" clientforcetimeout
append_config_option "$CONFIGFILE" "$cfg" gatewayiprange
append_config_option "$CONFIGFILE" "$cfg" passwordattempts
append_config_option "$CONFIGFILE" "$cfg" macmechanism
append_config_option "$CONFIGFILE" "$cfg" uploadlimit
append_config_option "$CONFIGFILE" "$cfg" downloadlimit
append_config_option "$CONFIGFILE" "$cfg" remoteauthenticatoraction
append_config_option "$CONFIGFILE" "$cfg" enablepreauth
append_config_option "$CONFIGFILE" "$cfg" binvoucher
append_config_option "$CONFIGFILE" "$cfg" forcevoucher
append_config_option "$CONFIGFILE" "$cfg" passwordauthentication
append_config_option "$CONFIGFILE" "$cfg" usernameauthentication
append_config_option "$CONFIGFILE" "$cfg" passwordattempts
append_config_option "$CONFIGFILE" "$cfg" username
append_config_option "$CONFIGFILE" "$cfg" password
append_config_option "$CONFIGFILE" "$cfg" authenticateimmediately
append_config_option "$CONFIGFILE" "$cfg" decongesthttpdthreads
append_config_option "$CONFIGFILE" "$cfg" httpdthreadthreshold
append_config_option "$CONFIGFILE" "$cfg" httpdthreaddelayms
append_config_option "$CONFIGFILE" "$cfg" fw_mark_authenticated
append_config_option "$CONFIGFILE" "$cfg" fw_mark_trusted
append_config_option "$CONFIGFILE" "$cfg" fw_mark_blocked
config_get download "$cfg" downloadlimit
config_get upload "$cfg" uploadlimit
[ -n "$upload" -o -n "$download" ] && echo "TrafficControl yes" >> $CONFIGFILE
setup_mac_lists "$cfg"
setup_firewall "$cfg"
}
# setup configuration and start instance
create_instance() {
local cfg="$1"
local manual_config
local val
config_get_bool val "$cfg" enabled 0
[ $val -gt 0 ] || return 0
generate_uci_config "$cfg"
if ! test_module ; then
logger -s -t nodogsplash -p daemon.error "nodogsplash is missing some kernel modules"
fi
procd_open_instance $cfg
procd_set_param command /usr/bin/nodogsplash -c $CONFIGFILE $OPTIONS
procd_set_param respawn
procd_set_param file $CONFIGFILE
procd_close_instance
}
depends() {
if [ "$1" = "iptables" ] ; then
if [ $(uci get nodogsplash.@nodogsplash[0].fwhook_enabled) = "1" ] ; then
if $WD_DIR/ndsctl status > /dev/null; then
echo " * Restarting NodogSplash"
/etc/init.d/nodogsplash restart
fi
else
echo " * NodogSplash fwhook is disabled"
fi
fi
}
start_service() {
include /lib/functions
mkdir -p /tmp/etc/
if [ $(uci get nodogsplash.@nodogsplash[0].fwhook_enabled) = "1" ] ; then
if ! uci get firewall.nodogsplash2.path &> /dev/null ; then
if [ -f '/tmp/etc/ndshook.include' ] ; then
rm /tmp/etc/ndshook.include
fi
uci delete firewall.nodogsplash2 2> /dev/null
uci set firewall.nodogsplash2=include
uci set firewall.nodogsplash2.type=script
uci set firewall.nodogsplash2.path='/tmp/etc/ndshook.include'
uci commit firewall
/etc/init.d/firewall restart 2>&1 | logger
fi
if [ ! -f '/tmp/etc/ndshook.include' ] ; then
printf "if [ -f '/etc/init.d/nodogsplash' ] ; then /etc/init.d/nodogsplash depends iptables ; fi\n" > /tmp/etc/ndshook.include
chmod +x /tmp/etc/ndshook.include
fi
fi
config_load nodogsplash
config_foreach create_instance nodogsplash
}
stop_service() {
# nodogsplash doesn't exit fast enought, when procd terminates it.
# otherwise procd will restart nodogsplash twice. first time starting nodogsplash fails, second time it succeeds
sleep 1
}
status() {
$WD_DIR/ndsctl status
}
# Test if we got all modules loaded
test_module() {
### Test ipt_mark with iptables
test_ipt_mark () {
($IPT -A FORWARD -m mark --mark 2 -j ACCEPT 2>&1) > /dev/null
IPTABLES_OK=$?
if [ "$IPTABLES_OK" -eq 0 ]; then
($IPT -D FORWARD -m mark --mark 2 -j ACCEPT 2>&1) > /dev/null
return 0
else
return 1
fi
}
### Test ipt_mac with iptables
test_ipt_mac () {
($IPT -A INPUT -m mac --mac-source 00:00:00:00:00:00 -j ACCEPT 2>&1) > /dev/null
IPTABLES_OK=$?
if [ "$IPTABLES_OK" -eq 0 ]; then
($IPT -D INPUT -m mac --mac-source 00:00:00:00:00:00 -j ACCEPT 2>&1) > /dev/null
return 0
else
return 1
fi
}
### Test ipt_IMQ with iptables
test_ipt_IMQ () {
($IPT -t mangle -A PREROUTING -j IMQ --todev 0 2>&1) > /dev/null
IPTABLES_OK=$?
if [ "$IPTABLES_OK" -eq 0 ]; then
($IPT -t mangle -D PREROUTING -j IMQ --todev 0 2>&1) > /dev/null
return 0
else
return 1
fi
}
### Test imq with ip
test_imq () {
(ip link set imq0 up 2>&1) > /dev/null
IMQ0_OK=$?
(ip link set imq1 up 2>&1) > /dev/null
IMQ1_OK=$?
if [ "$IMQ0_OK" -eq 0 -a "$IMQ1_OK" -eq 0 ]; then
(ip link set imq0 down 2>&1) > /dev/null
(ip link set imq1 down 2>&1) > /dev/null
return 0
else
return 1
fi
}
### Test sch_htb with tc; requires imq0
test_sch_htb () {
(tc qdisc del dev imq0 root 2>&1) > /dev/null
(tc qdisc add dev imq0 root htb 2>&1) > /dev/null
TC_OK=$?
if [ "$TC_OK" -eq 0 ]; then
(tc qdisc del dev imq0 root 2>&1) > /dev/null
return 0
else
return 1
fi
}
### Find a module on disk
module_exists () {
EXIST=$(find /lib/modules/`uname -r` -name $1.*o 2> /dev/null)
if [ -n "$EXIST" ]; then
return 0
else
return 1
fi
}
### Test if a module is in memory
module_in_memory () {
MODULE=$(lsmod | grep $1 | awk '{print $1}')
if [ "$MODULE" = "$1" ]; then
return 0
else
return 1
fi
}
}