s.addremove = true
s.anonymous = true
-iface = s:option(ListValue, "network", "Schnittstelle")
-luci.model.uci.foreach("network", "interface",
+iface = s:option(ListValue, "zone", "Firewallzone")
+luci.model.uci.foreach("firewall", "zone",
function (section)
- if section[".name"] ~= "loopback" then
- iface:value(section[".name"])
- end
+ iface:value(section.name)
end)
+
+gateway = s:option(Value, "gateway", "Gateway")
s = m:section(TypedSection, "whitelist", "Automatische Freigabe")
s.template = "cbi/tblsection"
iface_add() {
local cfg="$1"
- config_get net "$cfg" network
- [ -n "$net" ] || return 0
+ config_get zone "$cfg" zone
+ [ -n "$zone" ] || return 0
- config_get iface "$net" ifname
- [ -n "$iface" ] || return 0
- iface="${iface%%:*}"
+ config_get gw "$cfg" gateway
+ [ -n "$zone" ] || return 0
- config_get ipaddr "$net" ipaddr
- [ -n "$ipaddr" ] || return 0
-
- config_get netmask "$net" netmask
- [ -n "$netmask" ] || return 0
-
- eval "$(ipcalc.sh $ipaddr $netmask)"
-
- iptables -t nat -A luci_splash -i "$iface" -s "$NETWORK/$PREFIX" -j luci_splash_portal
- iptables -t nat -A luci_splash_portal -i "$iface" -s "$NETWORK/$PREFIX" -d "$ipaddr" -p tcp -m multiport --dports 22,80,443 -j RETURN
+ iptables -t nat -A zone_$zone_prerouting -j luci_splash_portal
+ iptables -t nat -A luci_splash_portal -d "$gw" -p tcp -m multiport --dports 22,80,443 -j RETURN
}
blacklist_add() {
### Start the splash httpd
start-stop-daemon -S -b -q -x /usr/bin/luci-splashd
-
- ### Hook in the chain
- iptables -t nat -A prerouting_rule -j luci_splash
}
-stop() {
- ### Hook out the chain
- iptables -t nat -D prerouting_rule -j luci_splash
-
+stop() {
### Clear subchains
iptables -t nat -F luci_splash_leases
iptables -t nat -F luci_splash_portal
option firewall "/etc/firewall.user"
config event uci_oncommit
- option network "/sbin/luci-reload network firewall dnsmasq"
- option wireless "/sbin/luci-reload network firewall dnsmasq"
+ option network "/sbin/luci-reload network firewall dnsmasq luci_splash"
+ option wireless "/sbin/luci-reload network firewall dnsmasq luci_splash"
option olsr "/sbin/luci-reload olsrd"
option dhcp "/sbin/luci-reload dnsmasq"
option dropbear "/sbin/luci-reload dropbear"
option httpd "/sbin/luci-reload httpd"
option fstab "/sbin/luci-reload fstab"
option qos "/sbin/luci-reload qos"
- option firewall "/sbin/luci-reload firewall"
+ option firewall "/sbin/luci-reload firewall luci_splash"
option luci_ethers "/sbin/luci-reload luci_ethers dnsmasq"
- option luci_splash "/sbin/luci-reload luci_splash"
+ option luci_splash "/sbin/luci-reload firewall luci_splash"
option upnpd "/etc/init.d/miniupnpd enabled && /sbin/luci-reload miniupnpd || /etc/init.d/miniupnpd stop"
option ntpclient "/sbin/luci-reload ntpclient"
projects / oweals / luci.git / commitdiff