4 * Copyright (C) 2009 zd <tomato@winddns.cn>
5 * Copyright (C) 2011 Modifications for K2.6 Victek, Roadkill
15 #define NOCAT_CONF "/tmp/etc/nocat.conf"
18 int build_nocat_conf( void )
24 if( !( fp
= fopen( NOCAT_CONF
, "w" ) ) )
33 * settings that need to be set based on router configurations
34 * Autodetected on the device: lan_ifname & NC_Iface variable
36 fprintf( fp
, "ExternalDevice\t%s\n", nvram_safe_get("wan_iface"));
37 fprintf( fp
, "RouteOnly\t%s\n", "1" );
40 if (nvram_match( "NC_BridgeLAN", "br0") )
42 fprintf( fp
, "InternalDevice\t%s\n", nvram_safe_get( "lan_ifname" ));
43 fprintf( fp
, "GatewayAddr\t%s\n", nvram_safe_get( "lan_ipaddr" ) );
45 if (nvram_match( "NC_BridgeLAN", "br1") )
47 fprintf( fp
, "InternalDevice\t%s\n", nvram_safe_get( "lan1_ifname" ));
48 fprintf( fp
, "GatewayAddr\t%s\n", nvram_safe_get( "lan1_ipaddr" ) );
50 if (nvram_match( "NC_BridgeLAN", "br2") )
52 fprintf( fp
, "InternalDevice\t%s\n", nvram_safe_get( "lan2_ifname" ));
53 fprintf( fp
, "GatewayAddr\t%s\n", nvram_safe_get( "lan2_ipaddr" ) );
55 if (nvram_match( "NC_BridgeLAN", "br3") )
57 fprintf( fp
, "InternalDevice\t%s\n", nvram_safe_get( "lan3_ifname" ));
58 fprintf( fp
, "GatewayAddr\t%s\n", nvram_safe_get( "lan3_ipaddr" ) );
61 fprintf( fp
, "InternalDevice\t%s\n", nvram_safe_get( "lan_ifname" ));
62 fprintf( fp
, "GatewayAddr\t%s\n", nvram_safe_get( "lan_ipaddr" ) );
65 fprintf( fp
, "GatewayMAC\t%s\n", nvram_safe_get( "et0macaddr" ) );
68 *These are user defined, eventually via the web page
70 if ((p
= nvram_get("NC_Verbosity")) == NULL
) p
= "2";
71 fprintf( fp
, "Verbosity\t%s\n", p
);
73 if ((p
= nvram_get("NC_GatewayName")) == NULL
) p
= "Tomato RAF Portal";
74 fprintf( fp
, "GatewayName\t%s\n", p
);
76 if ((p
= nvram_get("NC_GatewayPort")) == NULL
) p
= "5280";
77 fprintf( fp
, "GatewayPort\t%s\n", p
);
79 if ((p
= nvram_get("NC_Password")) == NULL
) p
= "";
80 fprintf( fp
, "GatewayPassword\t%s\n", p
);
82 if ((p
= nvram_get("NC_GatewayMode")) == NULL
) p
= "Open";
83 fprintf( fp
, "GatewayMode\t%s\n", p
);
85 if ((p
= nvram_get("NC_DocumentRoot")) == NULL
) p
= "/tmp/splashd";
86 fprintf( fp
, "DocumentRoot\t%s\n", p
);
87 if( nvram_invmatch( "NC_SplashURL", "" ) )
89 fprintf( fp
, "SplashURL\t%s\n", nvram_safe_get( "NC_SplashURL" ) );
90 fprintf( fp
, "SplashURLTimeout\t%s\n",
91 nvram_safe_get( "NC_SplashURLTimeout" ) );
94 * do we really need this?
95 * Internal register of host IP's logged.. that's all (Victek)
97 fprintf( fp
, "LeaseFile\t%s\n", "/tmp/nocat.leases");
100 * Open-mode and common options
102 fprintf( fp
, "FirewallPath\t%s\n", "/usr/libexec/nocat/" );
103 fprintf( fp
, "ExcludePorts\t%s\n", nvram_safe_get( "NC_ExcludePorts" ) );
104 fprintf( fp
, "IncludePorts\t%s\n", nvram_safe_get( "NC_IncludePorts" ) );
105 fprintf( fp
, "AllowedWebHosts\t%s %s\n", nvram_safe_get( "lan_ipaddr" ),
106 nvram_safe_get( "NC_AllowedWebHosts" ) );
108 * TJaqua: Added MACWhiteList to ignore given machines or routers on the
109 * local net (e.g. routers with an alternate Auth).
111 fprintf( fp
, "MACWhiteList\t%s\n", nvram_safe_get( "NC_MACWhiteList" ) );
113 * TJaqua: Added AnyDNS to pass through any client-defined servers.
115 fprintf( fp
, "AnyDNS\t%s\n", "1" );
117 fprintf( fp
, "HomePage\t%s\n", nvram_safe_get( "NC_HomePage" ) );
119 fprintf( fp
, "PeerCheckTimeout\t%s\n", nvram_safe_get( "NC_PeerChecktimeout" ) );
121 if ((p
= nvram_get("NC_ForcedRedirect")) == NULL
) p
= "0";
122 fprintf( fp
, "ForcedRedirect\t%s\n", p
);
124 if ((p
= nvram_get("NC_IdleTimeout")) == NULL
) p
= "0";
125 fprintf( fp
, "IdleTimeout\t%s\n", p
);
127 if ((p
= nvram_get("NC_MaxMissedARP")) == NULL
) p
= "5";
128 fprintf( fp
, "MaxMissedARP\t%s\n", p
);
130 if ((p
= nvram_get("NC_LoginTimeout")) == NULL
) p
= "6400";
131 fprintf( fp
, "LoginTimeout\t%s\n", p
);
133 if ((p
= nvram_get("NC_RenewTimeout")) == NULL
) p
= "0";
134 fprintf( fp
, "RenewTimeout\t%s\n", p
);
140 fprintf( stderr
, "Wrote: %s\n", NOCAT_CONF
);
145 void start_nocat(void)
148 char splashfile
[255];
156 if( !nvram_match( "NC_enable", "1" ) )
158 /* not needed .. but this is what it's testing depending on kernel.. should be modified in /nocat/src/nocat.conf
160 syslog(LOG_INFO,"Device using K2.6\n");
161 syslog(LOG_INFO,"tested & bypassed modprobe xt_mark\n");
162 syslog(LOG_INFO,"tested & bypassed modprobe xt_mac\n");
164 syslog(LOG_INFO,"Device using K2.4\n");
165 syslog(LOG_INFO,"Tested & bypassed modprobe ipt_mark\n");
166 syslog(LOG_INFO,"Tested & bypassed modprobe ipt_mac\n");
171 if ((p
= nvram_get("NC_DocumentRoot")) == NULL
) p
= "/tmp/splashd";
172 sprintf( splashfile
, "%s/splash.html", p
);
173 sprintf( logofile
, "%s/style.css", p
);
174 sprintf( iconfile
, "%s/favicon.ico", p
);
175 if (!f_exists(splashfile
)) {
176 nvram_get_file("NC_SplashFile", splashfile
, 8192);
177 if (!f_exists(splashfile
)) {
178 sprintf(cpcmd
, "cp /www/splash.html %s", splashfile
);
180 sprintf(cpcmd
, "cp /www/style.css %s", logofile
);
182 sprintf(cpcmd
, "cp /www/favicon.ico %s", iconfile
);
187 if( !( fp
= fopen( "/tmp/start_splashd.sh", "w" ) ) )
189 perror( "/tmp/start_splashd.sh" );
193 // if ( !pidof("splashd") > 0 && (fp = fopen("/tmp/var/lock/splashd.lock", "r" ) ) )
195 // unlink( "/tmp/var/lock/splashd.lock");
198 fprintf( fp
, "#!/bin/sh\n" );
199 fprintf( fp
, "LOGGER=logger\n");
200 fprintf( fp
, "LOCK_FILE=/tmp/var/lock/splashd.lock\n");
201 fprintf( fp
, "if [ -f $LOCK_FILE ]; then\n");
202 fprintf( fp
, " $LOGGER \"Captive Portal halted (0), other process starting.\" \n");
203 fprintf( fp
, " exit\n");
204 fprintf( fp
, "fi\n");
205 fprintf( fp
, "echo \"TOMATO_RAF\" > $LOCK_FILE\n");
206 fprintf( fp
, "sleep 20\n" );
207 fprintf( fp
, "$LOGGER \"splashd : Captive Portal Splash Daemon successfully started\" \n");
208 fprintf( fp
, "echo 1 > /proc/sys/net/ipv4/tcp_tw_reuse\n");
209 fprintf( fp
, "/usr/sbin/splashd >> /tmp/nocat.log 2>&1 &\n" );
210 fprintf( fp
, "sleep 2\n" );
211 fprintf( fp
, "echo 0 > /proc/sys/net/ipv4/tcp_tw_reuse\n");
212 fprintf( fp
, "rm $LOCK_FILE\n");
214 chmod( "/tmp/start_splashd.sh", 0700 );
215 xstart( "/tmp/start_splashd.sh" );
219 void stop_nocat( void )
221 if( pidof( "splashd" ) > 0 )
224 "splashd : Captive Portal Splash daemon successfully stopped\n" );
225 killall_tk( "splashd");
226 eval( "/usr/libexec/nocat/uninitialize.fw" );
227 system( "rm /tmp/nocat.leases\n");
228 system( "rm /tmp/start_splashd.sh\n");
229 system( "rm /tmp/nocat.log\n");
235 void reset_nocat( void )
237 if( pidof( "splashd" ) > 0 )
240 "splashd : Reseting splashd firewall rules\n" );
241 killall( "splashd", SIGUSR1
);