summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--etc/inc/captiveportal.inc64
-rwxr-xr-xusr/local/captiveportal/index.php16
-rwxr-xr-xusr/local/www/services_captiveportal_mac.php14
-rwxr-xr-xusr/local/www/services_captiveportal_mac_edit.php2
4 files changed, 43 insertions, 53 deletions
diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc
index 611016d..94ca06e 100644
--- a/etc/inc/captiveportal.inc
+++ b/etc/inc/captiveportal.inc
@@ -127,7 +127,8 @@ function captiveportal_configure() {
$cprules = captiveportal_rules_generate($cpinterface, $cpips);
$cprules .= "\n";
/* generate passthru mac database */
- captiveportal_passthrumac_configure(true);
+ $cprules .= captiveportal_passthrumac_configure(true);
+ $cprules .= "\n";
/* allowed ipfw rules to make allowed ip work */
$cprules .= captiveportal_allowedip_configure();
@@ -719,31 +720,50 @@ function captiveportal_radius_stop_all($lock = false) {
unlock($captiveportallck);
}
+function captiveportal_passthrumac_configure_entry($macent) {
+ $rules = "";
+ $enBwup = isset($macent['bw_up']);
+ $enBwdown = isset($macent['bw_down']);
+ $actionup = "allow";
+ $actiondown = "allow";
+
+ if ($enBwup && $enBwdown)
+ $ruleno = captiveportal_get_next_ipfw_ruleno(2000, 49899, true);
+ else
+ $ruleno = captiveportal_get_next_ipfw_ruleno(2000, 49899, false);
+
+ if ($enBwup) {
+ $bw_up = $ruleno + 20000;
+ $rules .= "pipe {$bw_up} config bw {$macent['bw_up']}Kbit/s queue 100\n";
+ $actionup = "pipe {$bw_up}";
+ }
+ if ($enBwdown) {
+ $bw_down = $ruleno + 20001;
+ $rules .= "pipe {$bw_down} config bw {$macent['bw_down']}Kbit/s queue 100\n";
+ $actiondown = "pipe {$bw_down}";
+ }
+ $rules .= "add {$ruleno} {$actionup} ip from any to any MAC {$macent['mac']} any\n";
+ $ruleno++;
+ $rules .= "add {$ruleno} {$actiondown} ip from any to any MAC any {$macent['mac']}\n";
+
+ return $rules;
+}
+
function captiveportal_passthrumac_configure($lock = false) {
global $config, $g;
- if (!$lock)
- $captiveportallck = lock('captiveportal');
-
- /* clear out passthru macs, if necessary */
- unlink_if_exists("{$g['vardb_path']}/captiveportal_mac.db");
+ $rules = "";
if (is_array($config['captiveportal']['passthrumac'])) {
$macdb = array();
foreach ($config['captiveportal']['passthrumac'] as $macent) {
+ $rules .= captiveportal_passthrumac_configure_entry($macent);
$macdb[$macent['mac']]['active'] = true;
- if (isset($macent['bw_up']))
- $macdb[$macent['mac']]['bw_up'] = $macent['bw_up'];
- if (isset($macent['bw_down']))
- $macdb[$macent['mac']]['bw_down'] = $macent['bw_down'];
}
- /* record passthru MACs so can be recognized and let thru */
- file_put_contents("{$g['vardb_path']}/captiveportal_mac.db", serialize($macdb));
}
- if (!$lock)
- unlock($captiveportallck);
+ return $rules;
}
/*
@@ -1074,7 +1094,7 @@ function captiveportal_free_ipfw_ruleno($ruleno, $usedbw = false) {
}
}
-function captiveportal_get_ipfw_ruleno_byvalue($value, $table = 1) {
+function captiveportal_get_ipfw_passthru_ruleno($value) {
global $config, $g;
if(!isset($config['captiveportal']['enable']))
@@ -1082,7 +1102,7 @@ function captiveportal_get_ipfw_ruleno_byvalue($value, $table = 1) {
if (file_exists("{$g['vardb_path']}/captiveportal.rules")) {
$rules = unserialize(file_get_contents("{$g['vardb_path']}/captiveportal.rules"));
- $ruleno = intval(`/sbin/ipfw table {$table} list | /usr/bin/grep {$value} | /usr/bin/grep -v grep | /usr/bin/cut -d " " -f 1 | /usr/bin/head -n 1`);
+ $ruleno = intval(`/sbin/ipfw show | /usr/bin/grep {$value} | /usr/bin/grep -v grep | /usr/bin/cut -d " " -f 1 | /usr/bin/head -n 1`);
if ($rules[$ruleno])
return $ruleno;
}
@@ -1159,18 +1179,6 @@ function getNasIP()
return $nasIp;
}
-function portal_mac_fixed($clientmac) {
- global $g ;
-
- /* open captive portal mac db */
- if (file_exists("{$g['vardb_path']}/captiveportal_mac.db")) {
- $macdb = unserialize(file_get_contents("{$g['vardb_path']}/captiveportal_mac.db"));
- if (isset($macdb[$clientmac]))
- return $macdb[$clientmac];
- }
- return FALSE ;
-}
-
function portal_ip_from_client_ip($cliip) {
global $config;
diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php
index 7d51fc3..4f68026 100755
--- a/usr/local/captiveportal/index.php
+++ b/usr/local/captiveportal/index.php
@@ -119,12 +119,6 @@ setTimeout('window.close();',5000) ;
EOD;
exit;
-/* The $macfilter can be removed safely since we first check if the $clientmac is present, if not we fail */
-} else if ($clientmac && portal_mac_fixed($clientmac)) {
- /* punch hole in ipfw for pass thru mac addresses */
- portal_allow($clientip, $clientmac, "unauthenticated");
- exit;
-
} else if ($clientmac && $radmac_enable && portal_mac_radius($clientmac,$clientip)) {
/* radius functions handle everything so we exit here since we're done */
exit;
@@ -322,19 +316,11 @@ function portal_allow($clientip,$clientmac,$username,$password = null, $attribut
*/
$peruserbw = isset($config['captiveportal']['peruserbw']);
$passthrumacadd = isset($config['captiveportal']['passthrumacadd']);
- $portalmac = NULL;
- if (!empty($clientmac)) {
- $portalmac = portal_mac_fixed($clientmac);
- if ($portalmac) {
- $attributes['bw_up'] = $portalmac['bw_up'];
- $attributes['bw_down'] = $portalmac['bw_down'];
- }
- }
$bw_up = isset($attributes['bw_up']) ? trim($attributes['bw_up']) : $config['captiveportal']['bwdefaultup'];
$bw_down = isset($attributes['bw_down']) ? trim($attributes['bw_down']) : $config['captiveportal']['bwdefaultdn'];
- if ($passthrumacadd && $portalmac == NULL) {
+ if ($passthrumacadd) {
$mac = array();
$mac['mac'] = $clientmac;
$mac['descr'] = "Auto added pass-through MAC for user {$username}";
diff --git a/usr/local/www/services_captiveportal_mac.php b/usr/local/www/services_captiveportal_mac.php
index dd5fdfe..7c40b85 100755
--- a/usr/local/www/services_captiveportal_mac.php
+++ b/usr/local/www/services_captiveportal_mac.php
@@ -74,13 +74,12 @@ if ($_POST) {
}
}
if ($found == true) {
- $ip = captiveportal_get_ipfw_ruleno_byvalue($_POST['delmac']);
- if ($ip) {
- captiveportal_disconnect_client($ip);
+ $ruleno = captiveportal_get_ipfw_passthru_ruleno($_POST['delmac']);
+ if ($ruleno) {
+ mwexec("/sbin/ipfw delete {$ruleno}; /sbin/ipfw delete " . ++$ruleno);
}
unset($a_passthrumacs[$idx]);
write_config();
- captiveportal_passthrumac_configure(true);
}
}
exit;
@@ -89,14 +88,13 @@ if ($_POST) {
if ($_GET['act'] == "del") {
if ($a_passthrumacs[$_GET['id']]) {
- $ip = captiveportal_get_ipfw_ruleno_byvalue($a_passthrumacs[$_GET['id']]['mac']);
- if ($ip) {
- captiveportal_disconnect_client($ip);
+ $ruleno = captiveportal_get_ipfw_passthru_ruleno($a_passthrumacs[$_GET['id']]['mac']);
+ if ($ruleno) {
+ mwexec("/sbin/ipfw delete {$ruleno}; /sbin/ipfw delete " . ++$ruleno);
}
unset($a_passthrumacs[$_GET['id']]);
write_config();
header("Location: services_captiveportal_mac.php");
- mark_subsystem_dirty('passthrumac');
exit;
}
}
diff --git a/usr/local/www/services_captiveportal_mac_edit.php b/usr/local/www/services_captiveportal_mac_edit.php
index 89e2757..ac7b341 100755
--- a/usr/local/www/services_captiveportal_mac_edit.php
+++ b/usr/local/www/services_captiveportal_mac_edit.php
@@ -120,8 +120,6 @@ if ($_POST) {
write_config();
- mark_subsystem_dirty('passthrumac');
-
header("Location: services_captiveportal_mac.php");
exit;
}
OpenPOWER on IntegriCloud