Show
Ignore:
Timestamp:
04/01/05 18:25:32 (8 years ago)
Author:
aprilp
Message:

* Duplicated auth server list in NAT table to fix the issue

of using an auth server on port 80, since port 80 was being systematically
redirected to 2060 otherwise.

* Released 1.1.1

Files:
1 modified

Legend:

Unmodified
Added
Removed

  • trunk/wifidog/src/fw_iptables.c

    r495 r531  
    158158{ 
    159159    iptables_do_command("-t filter -F " TABLE_WIFIDOG_AUTHSERVERS); 
     160    iptables_do_command("-t nat -F " TABLE_WIFIDOG_AUTHSERVERS); 
    160161} 
    161162 
     
    171172            if (auth_server->last_ip && strcmp(auth_server->last_ip, "0.0.0.0") != 0) { 
    172173                iptables_do_command("-t filter -A " TABLE_WIFIDOG_AUTHSERVERS " -d %s -j ACCEPT", auth_server->last_ip); 
     174                iptables_do_command("-t nat -A " TABLE_WIFIDOG_AUTHSERVERS " -d %s -j ACCEPT", auth_server->last_ip); 
    173175            } 
    174176    } 
     
    221223                        iptables_do_command("-t nat -N " TABLE_WIFIDOG_WIFI_TO_INTERNET); 
    222224                        iptables_do_command("-t nat -N " TABLE_WIFIDOG_UNKNOWN); 
     225                        iptables_do_command("-t nat -N " TABLE_WIFIDOG_AUTHSERVERS); 
    223226 
    224227                        /* Assign links and rules to these new chains */ 
     
    233236                        iptables_do_command("-t nat -A " TABLE_WIFIDOG_WIFI_TO_INTERNET " -j " TABLE_WIFIDOG_UNKNOWN); 
    234237 
     238                        iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -j " TABLE_WIFIDOG_AUTHSERVERS); 
    235239                        iptables_do_command("-t nat -A " TABLE_WIFIDOG_UNKNOWN " -p tcp --dport 80 -j REDIRECT --to-ports %d", gw_port); 
    236240 
     
    302306    iptables_do_command("-t mangle -X " TABLE_WIFIDOG_INCOMING); 
    303307 
    304          /* 
    305           * 
    306           * Everything in the NAT table 
    307           * 
    308           */ 
    309          debug(LOG_DEBUG, "Destroying chains in the NAT table"); 
    310          iptables_fw_destroy_mention("nat", "PREROUTING", TABLE_WIFIDOG_OUTGOING); 
     308        /* 
     309         * 
     310         * Everything in the NAT table 
     311         * 
     312         */ 
     313        debug(LOG_DEBUG, "Destroying chains in the NAT table"); 
     314        iptables_fw_destroy_mention("nat", "PREROUTING", TABLE_WIFIDOG_OUTGOING); 
     315        iptables_do_command("-t nat -F " TABLE_WIFIDOG_AUTHSERVERS); 
    311316    iptables_do_command("-t nat -F " TABLE_WIFIDOG_OUTGOING); 
    312317    iptables_do_command("-t nat -F " TABLE_WIFIDOG_WIFI_TO_ROUTER); 
    313318    iptables_do_command("-t nat -F " TABLE_WIFIDOG_WIFI_TO_INTERNET); 
    314319    iptables_do_command("-t nat -F " TABLE_WIFIDOG_UNKNOWN); 
     320        iptables_do_command("-t nat -X " TABLE_WIFIDOG_AUTHSERVERS); 
    315321    iptables_do_command("-t nat -X " TABLE_WIFIDOG_OUTGOING); 
    316322    iptables_do_command("-t nat -X " TABLE_WIFIDOG_WIFI_TO_ROUTER);