external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-03-09 15:40:17 +00:00
Code Issues Releases Wiki Activity

use py_captive_portal_enabled and restore captive_portal_enabled

Browse source
This commit is contained in:
Jerry Vonau 2018-07-05 10:14:47 -05:00
parent 516daefb27
commit 2f47e84696
1 changed files with 8 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

15
roles/network/templates/gateway/iiab-gen-iptables
View file

@ -60,6 +60,7 @@ kalite_server_port={{ kalite_server_port }}
sugarizer_port={{ sugarizer_port }} sugarizer_port={{ sugarizer_port }}
block_DNS={{ block_DNS }} block_DNS={{ block_DNS }}
captive_portal_enabled={{ captive_portal_enabled }} captive_portal_enabled={{ captive_portal_enabled }}
py_captive_portal_enabled={{ py_captive_portal_enabled }}
echo "Lan is $lan and WAN is $wan" echo "Lan is $lan and WAN is $wan"
# #
@ -105,7 +106,7 @@ if [ "$gw_block_https" == "True" ]; then
fi fi
# Allow outgoing connections from the LAN side. # Allow outgoing connections from the LAN side.
if ! [ "$captive_portal_enabled" == "True" ];then if ! [ "$py_captive_portal_enabled" == "True" ];then
$IPTABLES -A FORWARD -i $lan -o $wan -j ACCEPT $IPTABLES -A FORWARD -i $lan -o $wan -j ACCEPT
fi fi
# Don't forward from the outside to the inside. # Don't forward from the outside to the inside.
@ -117,13 +118,13 @@ if [ "$block_DNS" == "True" ];then
$IPTABLES -t nat -A PREROUTING -i $lan -p udp --dport 53 ! -d {{ lan_ip }} -j DNAT --to {{ lan_ip }}:53 $IPTABLES -t nat -A PREROUTING -i $lan -p udp --dport 53 ! -d {{ lan_ip }} -j DNAT --to {{ lan_ip }}:53
fi fi
#if [ "$captive_portal_enabled" == "True" ];then
# $IPTABLES -t mangle -N internet
# $IPTABLES -t mangle -A PREROUTING -i {{ iiab_lan_iface }} -p tcp -m tcp --dport 80 -j internet
# $IPTABLES -t mangle -A internet -j MARK --set-mark 99
# $IPTABLES -t nat -A PREROUTING -i {{ iiab_lan_iface }} -p tcp -m mark --mark 99 -m tcp --dport 80 -j DNAT --to-destination {{ lan_ip }}:
if [ "$captive_portal_enabled" == "True" ];then if [ "$captive_portal_enabled" == "True" ];then
$IPTABLES -t mangle -N internet
$IPTABLES -t mangle -A PREROUTING -i {{ iiab_lan_iface }} -p tcp -m tcp --dport 80 -j internet
$IPTABLES -t mangle -A internet -j MARK --set-mark 99
$IPTABLES -t nat -A PREROUTING -i {{ iiab_lan_iface }} -p tcp -m mark --mark 99 -m tcp --dport 80 -j DNAT --to-destination {{ lan_ip }}
elif [ "py_$captive_portal_enabled" == "True" ];then
$IPTABLES -t nat -A PREROUTING -i $lan -p tcp --dport 80 ! -d {{ lan_ip }} -j DNAT --to {{ lan_ip }}:9090 $IPTABLES -t nat -A PREROUTING -i $lan -p tcp --dport 80 ! -d {{ lan_ip }} -j DNAT --to {{ lan_ip }}:9090
elif [ "$HTTPCACHE_ON" == "True" ]; then elif [ "$HTTPCACHE_ON" == "True" ]; then