search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'Toastman-RT' into Toastman-RT-N
[tomato.git] / release / src / router / rc / nocat.c
blob85a7495cf03705cdfe0ee2c0d7d957ddd48d700a
1 /*
2 * nocat.c
3 *
4 * Copyright (C) 2009 zd <tomato@winddns.cn>
5 * Copyright (C) 2011 Modifications for K2.6 Victek, Roadkill
6 *
7 * $Id:
8 */
9 #include <stdlib.h>
10 #include <rc.h>
11 #include <shutils.h>
12 #include <utils.h>
13 #include <syslog.h>
14 #include <sys/stat.h>
15 #define NOCAT_CONF "/tmp/etc/nocat.conf"
16
17
18 int build_nocat_conf( void )
19 {
20 char *p;
21 FILE *fp;
22
23
24 if( !( fp = fopen( NOCAT_CONF, "w" ) ) )
25 {
26 perror( NOCAT_CONF );
27 return errno;
28 }
29
30 fprintf( fp, "#\n" );
31
32 /*
33 * settings that need to be set based on router configurations
34 * Autodetected on the device: lan_ifname & NC_Iface variable
35 */
36 fprintf( fp, "ExternalDevice\t%s\n", nvram_safe_get("wan_iface"));
37 fprintf( fp, "RouteOnly\t%s\n", "1" );
38
39 #ifdef TCONFIG_VLAN
40 if (nvram_match( "NC_BridgeLAN", "br0") )
41 {
42 fprintf( fp, "InternalDevice\t%s\n", nvram_safe_get( "lan_ifname" ));
43 fprintf( fp, "GatewayAddr\t%s\n", nvram_safe_get( "lan_ipaddr" ) );
44 }
45 if (nvram_match( "NC_BridgeLAN", "br1") )
46 {
47 fprintf( fp, "InternalDevice\t%s\n", nvram_safe_get( "lan1_ifname" ));
48 fprintf( fp, "GatewayAddr\t%s\n", nvram_safe_get( "lan1_ipaddr" ) );
49 }
50 if (nvram_match( "NC_BridgeLAN", "br2") )
51 {
52 fprintf( fp, "InternalDevice\t%s\n", nvram_safe_get( "lan2_ifname" ));
53 fprintf( fp, "GatewayAddr\t%s\n", nvram_safe_get( "lan2_ipaddr" ) );
54 }
55 if (nvram_match( "NC_BridgeLAN", "br3") )
56 {
57 fprintf( fp, "InternalDevice\t%s\n", nvram_safe_get( "lan3_ifname" ));
58 fprintf( fp, "GatewayAddr\t%s\n", nvram_safe_get( "lan3_ipaddr" ) );
59 }
60 #else
61 fprintf( fp, "InternalDevice\t%s\n", nvram_safe_get( "lan_ifname" ));
62 fprintf( fp, "GatewayAddr\t%s\n", nvram_safe_get( "lan_ipaddr" ) );
63 #endif
64
65 fprintf( fp, "GatewayMAC\t%s\n", nvram_safe_get( "et0macaddr" ) );
66
67 /*
68 *These are user defined, eventually via the web page
69 */
70 if ((p = nvram_get("NC_Verbosity")) == NULL) p = "2";
71 fprintf( fp, "Verbosity\t%s\n", p );
72
73 if ((p = nvram_get("NC_GatewayName")) == NULL) p = "Tomato RAF Portal";
74 fprintf( fp, "GatewayName\t%s\n", p );
75
76 if ((p = nvram_get("NC_GatewayPort")) == NULL) p = "5280";
77 fprintf( fp, "GatewayPort\t%s\n", p );
78
79 if ((p = nvram_get("NC_Password")) == NULL) p = "";
80 fprintf( fp, "GatewayPassword\t%s\n", p );
81
82 if ((p = nvram_get("NC_GatewayMode")) == NULL) p = "Open";
83 fprintf( fp, "GatewayMode\t%s\n", p );
84
85 if ((p = nvram_get("NC_DocumentRoot")) == NULL) p = "/tmp/splashd";
86 fprintf( fp, "DocumentRoot\t%s\n", p );
87 if( nvram_invmatch( "NC_SplashURL", "" ) )
88 {
89 fprintf( fp, "SplashURL\t%s\n", nvram_safe_get( "NC_SplashURL" ) );
90 fprintf( fp, "SplashURLTimeout\t%s\n",
91 nvram_safe_get( "NC_SplashURLTimeout" ) );
92 }
93 /*
94 * do we really need this?
95 * Internal register of host IP's logged.. that's all (Victek)
96 */
97 fprintf( fp, "LeaseFile\t%s\n", "/tmp/nocat.leases");
98
99 /*
100 * Open-mode and common options
101 */
102 fprintf( fp, "FirewallPath\t%s\n", "/usr/libexec/nocat/" );
103 fprintf( fp, "ExcludePorts\t%s\n", nvram_safe_get( "NC_ExcludePorts" ) );
104 fprintf( fp, "IncludePorts\t%s\n", nvram_safe_get( "NC_IncludePorts" ) );
105 fprintf( fp, "AllowedWebHosts\t%s %s\n", nvram_safe_get( "lan_ipaddr" ),
106 nvram_safe_get( "NC_AllowedWebHosts" ) );
107 /*
108 * TJaqua: Added MACWhiteList to ignore given machines or routers on the
109 * local net (e.g. routers with an alternate Auth).
110 */
111 fprintf( fp, "MACWhiteList\t%s\n", nvram_safe_get( "NC_MACWhiteList" ) );
112 /*
113 * TJaqua: Added AnyDNS to pass through any client-defined servers.
114 */
115 fprintf( fp, "AnyDNS\t%s\n", "1" );
116
117 fprintf( fp, "HomePage\t%s\n", nvram_safe_get( "NC_HomePage" ) );
118
119 fprintf( fp, "PeerCheckTimeout\t%s\n", nvram_safe_get( "NC_PeerChecktimeout" ) );
120
121 if ((p = nvram_get("NC_ForcedRedirect")) == NULL) p = "0";
122 fprintf( fp, "ForcedRedirect\t%s\n", p );
123
124 if ((p = nvram_get("NC_IdleTimeout")) == NULL) p = "0";
125 fprintf( fp, "IdleTimeout\t%s\n", p );
126
127 if ((p = nvram_get("NC_MaxMissedARP")) == NULL) p = "5";
128 fprintf( fp, "MaxMissedARP\t%s\n", p );
129
130 if ((p = nvram_get("NC_LoginTimeout")) == NULL) p = "6400";
131 fprintf( fp, "LoginTimeout\t%s\n", p );
132
133 if ((p = nvram_get("NC_RenewTimeout")) == NULL) p = "0";
134 fprintf( fp, "RenewTimeout\t%s\n", p );
135
136 fclose( fp );
137 /*
138 * end BPsmythe
139 */
140 fprintf( stderr, "Wrote: %s\n", NOCAT_CONF );
141
142 return 0;
143 }
144
145 void start_nocat(void)
146 {
147 FILE *fp;
148 char splashfile[255];
149 char logofile[255];
150 char iconfile[255];
151 char cpcmd[255];
152 char *p;
153
154 stop_nocat();
155
156 if( !nvram_match( "NC_enable", "1" ) )
157 return;
158 /* not needed .. but this is what it's testing depending on kernel.. should be modified in /nocat/src/nocat.conf
159 #ifdef LINUX26
160 syslog(LOG_INFO,"Device using K2.6\n");
161 syslog(LOG_INFO,"tested & bypassed modprobe xt_mark\n");
162 syslog(LOG_INFO,"tested & bypassed modprobe xt_mac\n");
163 #else
164 syslog(LOG_INFO,"Device using K2.4\n");
165 syslog(LOG_INFO,"Tested & bypassed modprobe ipt_mark\n");
166 syslog(LOG_INFO,"Tested & bypassed modprobe ipt_mac\n");
167 #endif
168 */
169 build_nocat_conf();
170
171 if ((p = nvram_get("NC_DocumentRoot")) == NULL) p = "/tmp/splashd";
172 sprintf( splashfile, "%s/splash.html", p );
173 sprintf( logofile, "%s/style.css", p );
174 sprintf( iconfile, "%s/favicon.ico", p );
175 if (!f_exists(splashfile)) {
176 nvram_get_file("NC_SplashFile", splashfile, 8192);
177 if (!f_exists(splashfile)) {
178 sprintf(cpcmd, "cp /www/splash.html %s", splashfile);
179 system(cpcmd);
180 sprintf(cpcmd, "cp /www/style.css %s", logofile);
181 system(cpcmd);
182 sprintf(cpcmd, "cp /www/favicon.ico %s", iconfile);
183 system(cpcmd);
184 }
185 }
186
187 if( !( fp = fopen( "/tmp/start_splashd.sh", "w" ) ) )
188 {
189 perror( "/tmp/start_splashd.sh" );
190 return;
191 }
192
193 // if ( !pidof("splashd") > 0 && (fp = fopen("/tmp/var/lock/splashd.lock", "r" ) ) )
194 // {
195 // unlink( "/tmp/var/lock/splashd.lock");
196 // }
197
198 fprintf( fp, "#!/bin/sh\n" );
199 fprintf( fp, "LOGGER=logger\n");
200 fprintf( fp, "LOCK_FILE=/tmp/var/lock/splashd.lock\n");
201 fprintf( fp, "if [ -f $LOCK_FILE ]; then\n");
202 fprintf( fp, " $LOGGER \"Captive Portal halted (0), other process starting.\" \n");
203 fprintf( fp, " exit\n");
204 fprintf( fp, "fi\n");
205 fprintf( fp, "echo \"TOMATO_RAF\" > $LOCK_FILE\n");
206 fprintf( fp, "sleep 20\n" );
207 fprintf( fp, "$LOGGER \"splashd : Captive Portal Splash Daemon successfully started\" \n");
208 fprintf( fp, "echo 1 > /proc/sys/net/ipv4/tcp_tw_reuse\n");
209 fprintf( fp, "/usr/sbin/splashd >> /tmp/nocat.log 2>&1 &\n" );
210 fprintf( fp, "sleep 2\n" );
211 fprintf( fp, "echo 0 > /proc/sys/net/ipv4/tcp_tw_reuse\n");
212 fprintf( fp, "rm $LOCK_FILE\n");
213 fclose( fp );
214 chmod( "/tmp/start_splashd.sh", 0700 );
215 xstart( "/tmp/start_splashd.sh" );
216 return;
217 }
218
219 void stop_nocat( void )
220 {
221 if( pidof( "splashd" ) > 0 )
222 {
223 syslog( LOG_INFO,
224 "splashd : Captive Portal Splash daemon successfully stopped\n" );
225 killall_tk( "splashd");
226 eval( "/usr/libexec/nocat/uninitialize.fw" );
227 system( "rm /tmp/nocat.leases\n");
228 system( "rm /tmp/start_splashd.sh\n");
229 system( "rm /tmp/nocat.log\n");
230
231 }
232 return;
233 }
234
235 void reset_nocat( void )
236 {
237 if( pidof( "splashd" ) > 0 )
238 {
239 syslog( LOG_INFO,
240 "splashd : Reseting splashd firewall rules\n" );
241 killall( "splashd", SIGUSR1);
242 }
243 return;
244 }
Tomato firmware and modifications.