4 * Copyright (C) 2009 zd <tomato@winddns.cn>
5 * Copyright (C) 2011 Modifications for K2.6 Victek, Roadkill
15 #define NOCAT_CONF "/tmp/etc/nocat.conf"
18 int build_nocat_conf( void )
24 if( !( fp
= fopen( NOCAT_CONF
, "w" ) ) )
33 * settings that need to be set based on router configurations
34 * Autodetected on the device: lan_ifname & NC_Iface variable
36 fprintf( fp
, "ExternalDevice\t%s\n", nvram_safe_get("wan_iface"));
37 fprintf( fp
, "RouteOnly\t%s\n", "1" );
39 if (nvram_match( "NC_BridgeLAN", "br0") )
41 fprintf( fp
, "InternalDevice\t%s\n", nvram_safe_get( "lan_ifname" ));
42 fprintf( fp
, "GatewayAddr\t%s\n", nvram_safe_get( "lan_ipaddr" ) );
44 if (nvram_match( "NC_BridgeLAN", "br1") )
46 fprintf( fp
, "InternalDevice\t%s\n", nvram_safe_get( "lan1_ifname" ));
47 fprintf( fp
, "GatewayAddr\t%s\n", nvram_safe_get( "lan1_ipaddr" ) );
49 if (nvram_match( "NC_BridgeLAN", "br2") )
51 fprintf( fp
, "InternalDevice\t%s\n", nvram_safe_get( "lan2_ifname" ));
52 fprintf( fp
, "GatewayAddr\t%s\n", nvram_safe_get( "lan2_ipaddr" ) );
54 if (nvram_match( "NC_BridgeLAN", "br3") )
56 fprintf( fp
, "InternalDevice\t%s\n", nvram_safe_get( "lan3_ifname" ));
57 fprintf( fp
, "GatewayAddr\t%s\n", nvram_safe_get( "lan3_ipaddr" ) );
60 fprintf( fp
, "GatewayMAC\t%s\n", nvram_safe_get( "et0macaddr" ) );
63 *These are user defined, eventually via the web page
65 if ((p
= nvram_get("NC_Verbosity")) == NULL
) p
= "2";
66 fprintf( fp
, "Verbosity\t%s\n", p
);
68 if ((p
= nvram_get("NC_GatewayName")) == NULL
) p
= "Tomato RAF Portal";
69 fprintf( fp
, "GatewayName\t%s\n", p
);
71 if ((p
= nvram_get("NC_GatewayPort")) == NULL
) p
= "5280";
72 fprintf( fp
, "GatewayPort\t%s\n", p
);
74 if ((p
= nvram_get("NC_Password")) == NULL
) p
= "";
75 fprintf( fp
, "GatewayPassword\t%s\n", p
);
77 if ((p
= nvram_get("NC_GatewayMode")) == NULL
) p
= "Open";
78 fprintf( fp
, "GatewayMode\t%s\n", p
);
80 if ((p
= nvram_get("NC_DocumentRoot")) == NULL
) p
= "/tmp/splashd";
81 fprintf( fp
, "DocumentRoot\t%s\n", p
);
82 if( nvram_invmatch( "NC_SplashURL", "" ) )
84 fprintf( fp
, "SplashURL\t%s\n", nvram_safe_get( "NC_SplashURL" ) );
85 fprintf( fp
, "SplashURLTimeout\t%s\n",
86 nvram_safe_get( "NC_SplashURLTimeout" ) );
89 * do we really need this?
90 * Internal register of host IP's logged.. that's all (Victek)
92 fprintf( fp
, "LeaseFile\t%s\n", "/tmp/nocat.leases");
95 * Open-mode and common options
97 fprintf( fp
, "FirewallPath\t%s\n", "/usr/libexec/nocat/" );
98 fprintf( fp
, "ExcludePorts\t%s\n", nvram_safe_get( "NC_ExcludePorts" ) );
99 fprintf( fp
, "IncludePorts\t%s\n", nvram_safe_get( "NC_IncludePorts" ) );
100 fprintf( fp
, "AllowedWebHosts\t%s %s\n", nvram_safe_get( "lan_ipaddr" ),
101 nvram_safe_get( "NC_AllowedWebHosts" ) );
103 * TJaqua: Added MACWhiteList to ignore given machines or routers on the
104 * local net (e.g. routers with an alternate Auth).
106 fprintf( fp
, "MACWhiteList\t%s\n", nvram_safe_get( "NC_MACWhiteList" ) );
108 * TJaqua: Added AnyDNS to pass through any client-defined servers.
110 fprintf( fp
, "AnyDNS\t%s\n", "1" );
112 fprintf( fp
, "HomePage\t%s\n", nvram_safe_get( "NC_HomePage" ) );
114 fprintf( fp
, "PeerCheckTimeout\t%s\n", nvram_safe_get( "NC_PeerChecktimeout" ) );
116 if ((p
= nvram_get("NC_ForcedRedirect")) == NULL
) p
= "0";
117 fprintf( fp
, "ForcedRedirect\t%s\n", p
);
119 if ((p
= nvram_get("NC_IdleTimeout")) == NULL
) p
= "0";
120 fprintf( fp
, "IdleTimeout\t%s\n", p
);
122 if ((p
= nvram_get("NC_MaxMissedARP")) == NULL
) p
= "5";
123 fprintf( fp
, "MaxMissedARP\t%s\n", p
);
125 if ((p
= nvram_get("NC_LoginTimeout")) == NULL
) p
= "6400";
126 fprintf( fp
, "LoginTimeout\t%s\n", p
);
128 if ((p
= nvram_get("NC_RenewTimeout")) == NULL
) p
= "0";
129 fprintf( fp
, "RenewTimeout\t%s\n", p
);
135 fprintf( stderr
, "Wrote: %s\n", NOCAT_CONF
);
140 void start_nocat(void)
143 char splashfile
[255];
151 if( !nvram_match( "NC_enable", "1" ) )
153 /* not needed .. but this is what it's testing depending on kernel.. should be modified in /nocat/src/nocat.conf
155 syslog(LOG_INFO,"Device using K2.6\n");
156 syslog(LOG_INFO,"tested & bypassed modprobe xt_mark\n");
157 syslog(LOG_INFO,"tested & bypassed modprobe xt_mac\n");
159 syslog(LOG_INFO,"Device using K2.4\n");
160 syslog(LOG_INFO,"Tested & bypassed modprobe ipt_mark\n");
161 syslog(LOG_INFO,"Tested & bypassed modprobe ipt_mac\n");
166 if ((p
= nvram_get("NC_DocumentRoot")) == NULL
) p
= "/tmp/splashd";
167 sprintf( splashfile
, "%s/splash.html", p
);
168 sprintf( logofile
, "%s/style.css", p
);
169 sprintf( iconfile
, "%s/favicon.ico", p
);
170 if (!f_exists(splashfile
)) {
171 nvram_get_file("NC_SplashFile", splashfile
, 8192);
172 if (!f_exists(splashfile
)) {
173 sprintf(cpcmd
, "cp /www/splash.html %s", splashfile
);
175 sprintf(cpcmd
, "cp /www/style.css %s", logofile
);
177 sprintf(cpcmd
, "cp /www/favicon.ico %s", iconfile
);
182 if( !( fp
= fopen( "/tmp/start_splashd.sh", "w" ) ) )
184 perror( "/tmp/start_splashd.sh" );
188 // if ( !pidof("splashd") > 0 && (fp = fopen("/tmp/var/lock/splashd.lock", "r" ) ) )
190 // unlink( "/tmp/var/lock/splashd.lock");
193 fprintf( fp
, "#!/bin/sh\n" );
194 fprintf( fp
, "LOGGER=logger\n");
195 fprintf( fp
, "LOCK_FILE=/tmp/var/lock/splashd.lock\n");
196 fprintf( fp
, "if [ -f $LOCK_FILE ]; then\n");
197 fprintf( fp
, " $LOGGER \"Captive Portal halted (0), other process starting.\" \n");
198 fprintf( fp
, " exit\n");
199 fprintf( fp
, "fi\n");
200 fprintf( fp
, "echo \"TOMATO_RAF\" > $LOCK_FILE\n");
201 fprintf( fp
, "sleep 20\n" );
202 fprintf( fp
, "$LOGGER \"splashd : Captive Portal Splash Daemon successfully started\" \n");
203 fprintf( fp
, "echo 1 > /proc/sys/net/ipv4/tcp_tw_reuse\n");
204 fprintf( fp
, "/usr/sbin/splashd >> /tmp/nocat.log 2>&1 &\n" );
205 fprintf( fp
, "sleep 2\n" );
206 fprintf( fp
, "echo 0 > /proc/sys/net/ipv4/tcp_tw_reuse\n");
207 fprintf( fp
, "rm $LOCK_FILE\n");
209 chmod( "/tmp/start_splashd.sh", 0700 );
210 xstart( "/tmp/start_splashd.sh" );
214 void stop_nocat( void )
216 if( pidof( "splashd" ) > 0 )
219 "splashd : Captive Portal Splash daemon successfully stopped\n" );
220 killall_tk( "splashd");
221 eval( "/usr/libexec/nocat/uninitialize.fw" );
222 system( "rm /tmp/nocat.leases\n");
223 system( "rm /tmp/start_splashd.sh\n");
224 system( "rm /tmp/nocat.log\n");
230 void reset_nocat( void )
232 if( pidof( "splashd" ) > 0 )
235 "splashd : Reseting splashd firewall rules\n" );
236 killall( "splashd", SIGUSR1
);