external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-03-09 15:40:17 +00:00
Code Issues Releases Wiki Activity

use py_ for new captive_portal variables

Browse source
This commit is contained in:
Jerry Vonau 2018-07-05 12:24:20 -05:00
parent 2f47e84696
commit ca7c291ba5
3 changed files with 7 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

6
roles/network/defaults/main.yml
View file

@ -75,6 +75,6 @@ captive_portal_enabled: False
# for simple python captive portal # for simple python captive portal
py_captive_portal_install: True py_captive_portal_install: True
py_captive_portal_enabled: True py_captive_portal_enabled: True
captive_portal_port: "9090" py_captive_portal_port: "9090"
captive_portal_username: "Admin" py_captive_portal_username: "Admin"
captive_portal_password: "g0adm1n" py_captive_portal_password: "changeme"

4
roles/network/templates/captive_portal/captive_portal.py.j2
View file

@ -7,7 +7,7 @@ import BaseHTTPServer
import cgi import cgi
# These variables are used as settings # These variables are used as settings
PORT = int("{{ captive_portal_port }}") # the port in which the captive portal web server listens PORT = int("{{ py_captive_portal_port }}") # the port in which the captive portal web server listens
IFACE = "{{ iiab_lan_iface }}" # the interface that captive portal protects IFACE = "{{ iiab_lan_iface }}" # the interface that captive portal protects
IP_ADDRESS = "{{ lan_ip }}" # the ip address of the captive portal (it can be the IP of IFACE) IP_ADDRESS = "{{ lan_ip }}" # the ip address of the captive portal (it can be the IP of IFACE)
@ -70,7 +70,7 @@ class CaptivePortal(BaseHTTPServer.BaseHTTPRequestHandler):
username = form.getvalue("username") username = form.getvalue("username")
password = form.getvalue("password") password = form.getvalue("password")
#dummy security check #dummy security check
if username == '{{ captive_portal_username }}' and password == '{{ captive_portal_password }}': if username == '{{ py_captive_portal_username }}' and password == '{{ py_captive_portal_password }}':
#authorized user #authorized user
remote_IP = self.client_address[0] remote_IP = self.client_address[0]
print 'New authorization from '+ remote_IP print 'New authorization from '+ remote_IP

4
roles/network/templates/gateway/iiab-gen-iptables
View file

@ -102,7 +102,7 @@ $IPTABLES -A FORWARD -i $wan -o $lan -m state --state ESTABLISHED,RELATED -j ACC
#Block https traffic except if directed at server #Block https traffic except if directed at server
if [ "$gw_block_https" == "True" ]; then if [ "$gw_block_https" == "True" ]; then
$IPTABLES -A FORWARD -p tcp ! -d 172.18.96.1 --dport 443 -j DROP $IPTABLES -A FORWARD -p tcp ! -d {{ lan_ip }} --dport 443 -j DROP
fi fi
# Allow outgoing connections from the LAN side. # Allow outgoing connections from the LAN side.
@ -125,7 +125,7 @@ if [ "$captive_portal_enabled" == "True" ];then
$IPTABLES -t nat -A PREROUTING -i {{ iiab_lan_iface }} -p tcp -m mark --mark 99 -m tcp --dport 80 -j DNAT --to-destination {{ lan_ip }} $IPTABLES -t nat -A PREROUTING -i {{ iiab_lan_iface }} -p tcp -m mark --mark 99 -m tcp --dport 80 -j DNAT --to-destination {{ lan_ip }}
elif [ "py_$captive_portal_enabled" == "True" ];then elif [ "py_$captive_portal_enabled" == "True" ];then
$IPTABLES -t nat -A PREROUTING -i $lan -p tcp --dport 80 ! -d {{ lan_ip }} -j DNAT --to {{ lan_ip }}:9090 $IPTABLES -t nat -A PREROUTING -i $lan -p tcp --dport 80 ! -d {{ lan_ip }} -j DNAT --to {{ lan_ip }}:{{ py_captive_portal_port }}
elif [ "$HTTPCACHE_ON" == "True" ]; then elif [ "$HTTPCACHE_ON" == "True" ]; then
$IPTABLES -t nat -A PREROUTING -i $lan -p tcp --dport 80 ! -d {{ lan_ip }} -j DNAT --to {{ lan_ip }}:3128 $IPTABLES -t nat -A PREROUTING -i $lan -p tcp --dport 80 ! -d {{ lan_ip }} -j DNAT --to {{ lan_ip }}:3128