Navigation

Changeset 431

Timestamp:

02/06/05 13:14:58 (4 years ago)

Author:

minaguib

Message:

Implemented captive DNS, including new "dnsserver" thread and redirection iptables rules

Files:

r429	r431
1	1	# $Header$
	2
	3	2005-02-06 Mina Naguib <mina@ilesansfil.org>
	4	* Implemented captive DNS, including new "dnsserver" thread and redirection
	5	iptables rules
2	6
3	7	2005-02-04 Mina Naguib <mina@ilesansfil.org>

r424	r431
85	85	oSyslogFacility,
86	86	oFirewallRule,
87		oFirewallRuleSet
	87	oFirewallRuleSet,
	88	oDNSServerPort
88	89	} OpCodes;
89	90
…	…
102	103	{ "gatewayaddress", oGatewayAddress },
103	104	{ "gatewayport", oGatewayPort },
	105	{ "dnsserverport", oDNSServerPort },
104	106	{ "authserver", oAuthServer },
105	107	{ "authservmaxtries", oAuthServMaxTries },
…	…
149	151	config.gw_address = NULL;
150	152	config.gw_port = DEFAULT_GATEWAYPORT;
	153	config.dnsserver_port = DEFAULT_DNSSERVERPORT;
151	154	config.auth_servers = NULL;
152	155	config.authserv_maxtries = DEFAULT_AUTHSERVMAXTRIES;
…	…
640	643	sscanf(p1, "%d", &config.gw_port);
641	644	break;
	645	case oDNSServerPort:
	646	sscanf(p1, "%d", &config.dnsserver_port);
	647	break;
642	648	case oAuthServer:
643	649	parse_auth_server(fd, filename,

r290	r431
36	36	#define DEFAULT_GATEWAYID "default"
37	37	#define DEFAULT_GATEWAYPORT 2060
	38	#define DEFAULT_DNSSERVERPORT 5353
38	39	#define DEFAULT_HTTPDNAME "WiFiDog"
39	40	#define DEFAULT_CLIENTTIMEOUT 5
…	…
118	119	logging */
119	120	t_firewall_ruleset rulesets; /< @brief firewall rules /
	121	int dnsserver_port; /*< @brief Port the fake dns server will run on /
120	122	} s_config;
121	123

r424	r431
205	205	iptables_do_command("-t nat -N " TABLE_WIFIDOG_UNKNOWN);
206	206	iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -j " TABLE_WIFIDOG_AUTHSERVERS);
	207	iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -p udp --dport 53 -j REDIRECT --to-ports %d", config->dnsserver_port);
	208	iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -p tcp --dport 80 -j REDIRECT --to-ports %d", config->gw_port);
207	209	iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -d %s -j ACCEPT", config->gw_address);
208	210
…	…
212	214	iptables_load_ruleset("global", TABLE_WIFIDOG_UNKNOWN);
213	215	iptables_load_ruleset("unknown-users", TABLE_WIFIDOG_UNKNOWN);
214		LOCK_CONFIG();
215
216		/* XXX If there's a rule in global for port 80, it overrides this. */
217		iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -p tcp --dport 80 -j REDIRECT --to-ports %d", config->gw_port);
218		UNLOCK_CONFIG();
	216
219	217	iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -j DROP");
220	218

r422	r431
58	58	#include "ping_thread.h"
59	59	#include "httpd_thread.h"
	60	#include "dnsserver_thread.h"
60	61	#include "util.h"
61	62
…	…
214	215	/* start heartbeat thread */
215	216	pthread_create(&tid, NULL, (void *)thread_ping, NULL);
	217	pthread_detach(tid);
	218
	219	/* start dnsserver thread */
	220	pthread_create(&tid, NULL, (void *)thread_dnsserver, NULL);
216	221	pthread_detach(tid);
217	222

r422	r431
93	93	# GatewayPort 2060
94	94
	95	# Parameter: DNSServerPort
	96	# Default: 5353
	97	# Optional
	98	#
	99	# Fake DNS server listens on this port
	100	# DNSServerPort 5353
	101
95	102	# Parameter: HTTPDName
96	103	# Default: WiFiDog