applications/luci-splash: Updated to work with new UCI firewall
authorSteven Barth <steven@midlink.org>
Tue, 5 Aug 2008 12:58:20 +0000 (12:58 +0000)
committerSteven Barth <steven@midlink.org>
Tue, 5 Aug 2008 12:58:20 +0000 (12:58 +0000)
applications/luci-splash/luasrc/model/cbi/splash/splash.lua
applications/luci-splash/root/etc/init.d/luci_splash
libs/web/root/etc/config/luci

index 37ef559af29c41814d20e7c28f99d6501c2dc94f..ed5cdc181a8aae61c94c0f759f54cb0e2d67776b 100644 (file)
@@ -11,13 +11,13 @@ s.template = "cbi/tblsection"
 s.addremove = true
 s.anonymous = true
 
-iface = s:option(ListValue, "network", "Schnittstelle")
-luci.model.uci.foreach("network", "interface",
+iface = s:option(ListValue, "zone", "Firewallzone")
+luci.model.uci.foreach("firewall", "zone",
        function (section)
-               if section[".name"] ~= "loopback" then
-                       iface:value(section[".name"])
-               end
+               iface:value(section.name)
        end)
+       
+gateway = s:option(Value, "gateway", "Gateway")
 
 s = m:section(TypedSection, "whitelist", "Automatische Freigabe")
 s.template = "cbi/tblsection"
index eb006e9b0d05eb54a7943fbaf5bba7ccfbfa33f8..7541f9935b5efdc4f466f1f4fa1548ade441e34b 100755 (executable)
@@ -4,23 +4,14 @@ START=70
 iface_add() {
        local cfg="$1"
        
-       config_get net "$cfg" network
-       [ -n "$net" ] || return 0
+       config_get zone "$cfg" zone
+       [ -n "$zone" ] || return 0
        
-       config_get iface "$net" ifname
-       [ -n "$iface" ] || return 0
-       iface="${iface%%:*}"
+       config_get gw "$cfg" gateway
+       [ -n "$zone" ] || return 0
        
-       config_get ipaddr "$net" ipaddr
-       [ -n "$ipaddr" ] || return 0
-       
-       config_get netmask "$net" netmask
-       [ -n "$netmask" ] || return 0
-       
-       eval "$(ipcalc.sh $ipaddr $netmask)"
-       
-       iptables -t nat -A luci_splash -i "$iface" -s "$NETWORK/$PREFIX" -j luci_splash_portal
-       iptables -t nat -A luci_splash_portal -i "$iface" -s "$NETWORK/$PREFIX" -d "$ipaddr" -p tcp -m multiport --dports 22,80,443 -j RETURN
+       iptables -t nat -A zone_$zone_prerouting -j luci_splash_portal
+       iptables -t nat -A luci_splash_portal -d "$gw" -p tcp -m multiport --dports 22,80,443 -j RETURN
 }
 
 blacklist_add() {
@@ -63,15 +54,9 @@ start() {
        
        ### Start the splash httpd
        start-stop-daemon -S -b -q -x /usr/bin/luci-splashd
-
-       ### Hook in the chain
-       iptables -t nat -A prerouting_rule -j luci_splash
 }
 
-stop() {
-       ### Hook out the chain
-       iptables -t nat -D prerouting_rule -j luci_splash
-       
+stop() {       
        ### Clear subchains
        iptables -t nat -F luci_splash_leases
        iptables -t nat -F luci_splash_portal
index 8382b5d2806e7baa8602847a478abc894a17860c..4aec08049d0778041fe3a685fc7f75a7c832d646 100644 (file)
@@ -19,17 +19,17 @@ config extern flash_keep
        option firewall "/etc/firewall.user"
 
 config event uci_oncommit
-       option network          "/sbin/luci-reload network firewall dnsmasq"
-       option wireless         "/sbin/luci-reload network firewall dnsmasq"
+       option network          "/sbin/luci-reload network firewall dnsmasq luci_splash"
+       option wireless         "/sbin/luci-reload network firewall dnsmasq luci_splash"
        option olsr                     "/sbin/luci-reload olsrd"
        option dhcp                     "/sbin/luci-reload dnsmasq"
        option dropbear         "/sbin/luci-reload dropbear"
        option httpd            "/sbin/luci-reload httpd"
        option fstab            "/sbin/luci-reload fstab"
        option qos                      "/sbin/luci-reload qos"
-       option firewall         "/sbin/luci-reload firewall"
+       option firewall         "/sbin/luci-reload firewall luci_splash"
        option luci_ethers      "/sbin/luci-reload luci_ethers dnsmasq"
-       option luci_splash      "/sbin/luci-reload luci_splash"
+       option luci_splash      "/sbin/luci-reload firewall luci_splash"
        option upnpd            "/etc/init.d/miniupnpd enabled && /sbin/luci-reload miniupnpd || /etc/init.d/miniupnpd stop"
        option ntpclient        "/sbin/luci-reload ntpclient"