diff options
| author | Darren Embry <dse@webonastick.com> | 2012-05-03 12:34:12 -0400 |
|---|---|---|
| committer | Darren Embry <dse@webonastick.com> | 2012-05-03 12:34:12 -0400 |
| commit | 470d24a39d8a4cdaf7a85aeb71d7a7d802d76879 (patch) | |
| tree | ae9f13c5b357e28b7de1cb89e6fcb8edc38d2c7b | |
| parent | 6b2d4b5a05c347f2c56a815c4ae7f4053b082597 (diff) | |
| download | pfsense-470d24a39d8a4cdaf7a85aeb71d7a7d802d76879.zip pfsense-470d24a39d8a4cdaf7a85aeb71d7a7d802d76879.tar.gz | |
implement #2407: create config option for captive portal listening port
| -rw-r--r-- | etc/inc/captiveportal.inc | 26 | ||||
| -rw-r--r-- | etc/inc/filter.inc | 6 | ||||
| -rwxr-xr-x | usr/local/captiveportal/index.php | 9 | ||||
| -rwxr-xr-x | usr/local/www/services_captiveportal.php | 9 |
4 files changed, 35 insertions, 15 deletions
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index 7c60e10..7eff939 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -457,14 +457,16 @@ function captiveportal_init_webguis($cpcfg) { $cacert = ""; $key = base64_decode($cpcfg['private-key']); /* generate lighttpd configuration */ + $listenporthttps = $cpcfg['listenporthttps'] ? $cpcfg['listenporthttps'] : ($cpcfg['zoneid'] + 1); system_generate_lighty_config("{$g['varetc_path']}/lighty-{$cpzone}-CaptivePortal-SSL.conf", - $cert, $key, $cacert, "lighty-{$cpzone}-CaptivePortal-SSL.pid", $cpcfg['zoneid'] + 1, "/usr/local/captiveportal", + $cert, $key, $cacert, "lighty-{$cpzone}-CaptivePortal-SSL.pid", $listenporthttps, "/usr/local/captiveportal", "cert-portal.pem", "ca-portal.pem", "1", $maxproc, $use_fastcgi, $cpzone); } /* generate lighttpd configuration */ + $listenporthttp = $cpcfg['listenporthttp'] ? $cpcfg['listenporthttp'] : $cpcfg['zoneid']; system_generate_lighty_config("{$g['varetc_path']}/lighty-{$cpzone}-CaptivePortal.conf", - "", "", "", "lighty-{$cpzone}-CaptivePortal.pid", $cpcfg['zoneid'], "/usr/local/captiveportal", + "", "", "", "lighty-{$cpzone}-CaptivePortal.pid", $listenporthttp, "/usr/local/captiveportal", "cert-portal.pem", "ca-portal.pem", "1", $maxproc, $use_fastcgi, $cpzone); /* attempt to start lighttpd */ @@ -604,11 +606,17 @@ EOD; $cprules .= "add {$rulenum} set 1 allow ip from any to table(2) out\n"; $rulenum++; } + + + $listenporthttp = + $config['captiveportal'][$cpzone]['listenporthttp'] ? + $config['captiveportal'][$cpzone]['listenporthttp'] : + $config['captiveportal'][$cpzone]['zoneid']; $cprules .= <<<EOD # redirect non-authenticated clients to captive portal -add 65531 set 1 fwd 127.0.0.1,{$config['captiveportal'][$cpzone]['zoneid']} tcp from any to any in +add 65531 set 1 fwd 127.0.0.1,{$listenporthttp} tcp from any to any in # let the responses from the captive portal web server back out add 65532 set 1 pass tcp from any to any out # block everything else @@ -1613,15 +1621,16 @@ function portal_reply_page($redirurl, $type = null, $message = null, $clientmac /* substitute other variables */ if (isset($config['captiveportal'][$cpzone]['httpslogin'])) { - $httpsport = $cpcfg['zoneid'] + 1; + $httpsport = $cpcfg['listenporthttps'] ? $cpcfg['listenporthttps'] : ($cpcfg['zoneid'] + 1); $htmltext = str_replace("\$PORTAL_ACTION\$", "https://{$config['captiveportal'][$cpzone]['httpsname']}:{$httpsport}/", $htmltext); $htmltext = str_replace("#PORTAL_ACTION#", "https://{$config['captiveportal'][$cpzone]['httpsname']}:{$httpsport}/", $htmltext); } else { + $httpport = $cpcfg['listenporthttp'] ? $cpcfg['listenporthttp'] : $cpcfg['zoneid']; $ifip = portal_ip_from_client_ip($clientip); if (!$ifip) - $ourhostname = $config['system']['hostname'] . ":{$cpcfg['zoneid']}"; + $ourhostname = $config['system']['hostname'] . ":{$httpport}"; else - $ourhostname = "{$ifip}:{$cpcfg['zoneid']}"; + $ourhostname = "{$ifip}:{$httpport}"; $htmltext = str_replace("\$PORTAL_ACTION\$", "http://{$ourhostname}/", $htmltext); $htmltext = str_replace("#PORTAL_ACTION#", "http://{$ourhostname}/", $htmltext); } @@ -1883,7 +1892,10 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut $logouturl = "https://{$config['captiveportal']['httpsname']}:{$httpsport}/"; } else { $ifip = portal_ip_from_client_ip($clientip); - $httpport = $config['captiveportal'][$cpzone]['zoneid']; + $httpport = + $config['captiveportal'][$cpzone]['listenporthttp'] ? + $config['captiveportal'][$cpzone]['listenporthttp'] : + $config['captiveportal'][$cpzone]['zoneid']; if (!$ifip) $ourhostname = $config['system']['hostname'] . ":{$httpport}"; else diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 4adc527..3cbfe61 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -2478,8 +2478,10 @@ EOD; if (count($cpiplist) > 0 && count($cpiflist) > 0) { $cpinterface = implode(" ", $cpiflist); $cpaddresses = implode(" ", $cpiplist); - $portalias = $cpcfg['zoneid'] + 1; - $portalias .= " {$cpcfg['zoneid']}"; + $listenporthttps = $cpcfg['listenporthttps'] ? $cpcfg['listenporthttps'] : ($cpcfg['zoneid'] + 1); + $listenporthttp = $cpcfg['listenporthttp'] ? $cpcfg['listenporthttp'] : $cpcfg['zoneid']; + $portalias = $listenporthttps; + $portalias .= " {$listenporthttp}"; $ipfrules .= "pass in {$log} quick on { {$cpinterface} } proto tcp from any to { {$cpaddresses} } port { {$portalias} } keep state(sloppy)\n"; $ipfrules .= "pass out {$log} quick on { {$cpinterface} } proto tcp from any to any flags any keep state(sloppy)\n"; } diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php index 3048b67..82514d8 100755 --- a/usr/local/captiveportal/index.php +++ b/usr/local/captiveportal/index.php @@ -59,14 +59,17 @@ if (!$clientip) { exit; } +$listenporthttps = $cpcfg['listenporthttps'] ? $cpcfg['listenporthttps'] : ($cpcfg['zoneid'] + 1); +$listenporthttp = $cpcfg['listenporthttp'] ? $cpcfg['listenporthttp'] : $cpcfg['zoneid']; + if (isset($config['captiveportal'][$cpzone]['httpslogin'])) - $ourhostname = $config['captiveportal'][$cpzone]['httpsname'] . ":" . ($cpcfg['zoneid'] + 1); + $ourhostname = $config['captiveportal'][$cpzone]['httpsname'] . ":" . $listenporthttps; else { $ifip = portal_ip_from_client_ip($clientip); if (!$ifip) - $ourhostname = $config['system']['hostname'] . $config['system']['domain'] . ":{$cpcfg['zoneid']}"; + $ourhostname = $config['system']['hostname'] . $config['system']['domain'] . ":{$listenporthttp}"; else - $ourhostname = "{$ifip}:{$cpcfg['zoneid']}"; + $ourhostname = "{$ifip}:{$listenporthttp}"; } if ($orig_host != $ourhostname) { diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index 6ee3da4..9a128a7 100755 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -896,10 +896,13 @@ function enable_change(enable_change) { <?=$mandfldhtml;?><input type="file" name="htmlfile" class="formfld file" id="htmlfile"><br> <?php list($host) = explode(":", $_SERVER['HTTP_HOST']); - if($pconfig['zoneid']) { - $href = "https://{$host}:{$pconfig['zoneid']}"; + $zoneid = $pconfig['zoneid'] ? $pconfig['zoneid'] : 8000; + if (isset($pconfig['httpslogin'])) { + $port = $pconfig['listenporthttps'] ? $pconfig['listenporthttps'] : ($zoneid + 1); + $href = "https://{$host}:{$port}"; } else { - $href = "http://{$host}:8000"; + $port = $pconfig['listenporthttp'] ? $pconfig['listenporthttp'] : $zoneid; + $href = "http://{$host}:{$port}"; } ?> <?php if ($pconfig['page']['htmltext']): ?> |
