diff options
author | Dmitry Marakasov <amdmi3@FreeBSD.org> | 2009-01-20 11:57:59 +0000 |
---|---|---|
committer | Dmitry Marakasov <amdmi3@FreeBSD.org> | 2009-01-20 11:57:59 +0000 |
commit | eec0520a038947266db8a2a279f9d02a2d7a74e0 (patch) | |
tree | bdfc797d5acf8a8765ecbd1f0e91a8cd93d8871e /net-mgmt/coovachilli/files/patch-conf_up.sh.in | |
parent | Update from 0.7.30 to 0.7.31. (diff) |
CoovaChilli is an access controller
It provides a captive portal / walled garden environment.
Coova builds on the popular features of the now defunct Chillispot.
WWW: http://www.coova.org/
PR: 130357
Submitted by: Sevan Janiyan <venture37 at geeklan dot co dot uk>
Notes
Notes:
svn path=/head/; revision=226517
Diffstat (limited to 'net-mgmt/coovachilli/files/patch-conf_up.sh.in')
-rw-r--r-- | net-mgmt/coovachilli/files/patch-conf_up.sh.in | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/net-mgmt/coovachilli/files/patch-conf_up.sh.in b/net-mgmt/coovachilli/files/patch-conf_up.sh.in new file mode 100644 index 000000000000..81a5e98918dc --- /dev/null +++ b/net-mgmt/coovachilli/files/patch-conf_up.sh.in @@ -0,0 +1,55 @@ +--- conf/up.sh.in.orig 2009-01-10 17:54:55.000000000 +0000 ++++ conf/up.sh.in 2009-01-10 18:03:23.000000000 +0000 +@@ -5,52 +5,5 @@ + + . @ETCCHILLI@/functions + +-[ -e "@VARRUN@/chilli.iptables" ] && sh @VARRUN@/chilli.iptables 2>/dev/null +-rm -f @VARRUN@/chilli.iptables 2>/dev/null +- +-IF=$(basename $DEV) +- +-ipt() { +- opt=$1; shift +- echo "iptables -D $*" >> @VARRUN@/chilli.iptables +- iptables $opt $* +-} +- +-ipt_in() { +- ipt -A INPUT -i $IF $* +-} +- +-[ -n "$DHCPIF" ] && { +- +- [ -n "$UAMPORT" -a "$UAMPORT" != "0" ] && \ +- ipt_in -p tcp -m tcp --dport $UAMPORT --dst $ADDR -j ACCEPT +- +- [ -n "$UAMUIPORT" -a "$UAMUIPORT" != "0" ] && \ +- ipt_in -p tcp -m tcp --dport $UAMUIPORT --dst $ADDR -j ACCEPT +- +- [ -n "HS_TCP_PORTS" ] && { +- for port in $HS_TCP_PORTS; do +- ipt_in -p tcp -m tcp --dport $port --dst $ADDR -j ACCEPT +- done +- } +- +- ipt_in -p udp -d 255.255.255.255 --destination-port 67:68 -j ACCEPT +- ipt_in -p udp --dst $ADDR --dport 53 -j ACCEPT +- +- ipt -A INPUT -i $IF --dst $ADDR -j DROP +- ipt -A INPUT -i $IF -j DROP +- +- ipt -I FORWARD -i $DHCPIF -j DROP +- ipt -I FORWARD -o $DHCPIF -j DROP +- ipt -I FORWARD -i $IF -j ACCEPT +- ipt -I FORWARD -o $IF -j ACCEPT +- +- [ "$HS_LAN_ACCESS" != "on" -a "$HS_LAN_ACCESS" != "allow" ] && \ +- ipt -I FORWARD -i $IF -o \! $HS_WANIF -j DROP +- +- [ "$HS_LOCAL_DNS" = "on" ] && \ +- ipt -I PREROUTING -t nat -i $IF -p udp --dport 53 -j DNAT --to-destination $ADDR +-} +- + # site specific stuff optional + [ -e @ETCCHILLI@/ipup.sh ] && . @ETCCHILLI@/ipup.sh |