Changeset 431 for branches/CaptiveDNS/wifidog/src/fw_iptables.c

Timestamp:

02/06/05 13:14:58 (7 years ago)

Author:

minaguib

Message:

Implemented captive DNS, including new "dnsserver" thread and redirection iptables rules

Files:

• branches/CaptiveDNS/wifidog/src/fw_iptables.c (modified) (2 diffs)

branches/CaptiveDNS/wifidog/src/fw_iptables.c

@@ -205 +205 @@
     iptables_do_command("-t nat -N " TABLE_WIFIDOG_UNKNOWN);
     iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -j " TABLE_WIFIDOG_AUTHSERVERS);
+    iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -p udp --dport 53 -j REDIRECT --to-ports %d", config->dnsserver_port);
+    iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -p tcp --dport 80 -j REDIRECT --to-ports %d", config->gw_port);
     iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -d %s -j ACCEPT", config->gw_address);
 
@@ -212 +214 @@
     iptables_load_ruleset("global", TABLE_WIFIDOG_UNKNOWN);
     iptables_load_ruleset("unknown-users", TABLE_WIFIDOG_UNKNOWN);
-    LOCK_CONFIG();
-
-    /* XXX If there's a rule in global for port 80, it overrides this. */
-    iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -p tcp --dport 80 -j REDIRECT --to-ports %d", config->gw_port);
-    UNLOCK_CONFIG();
+
     iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -j DROP");