[WLANware] nocatsplash, dhcpslash, other?

Jan Groenewald jan at aims.ac.za
Tue Mar 25 07:40:36 CET 2008 

Hi

On Mon, Mar 24, 2008 at 11:41:48AM +0200, Jan Groenewald wrote:
> I want to insert a splash page (perhasp with an AUP) on a running mesh,
> without too much downtime :-P
> 
> I cannot find an easy howto, so does someone have recommendations?
> I see ipkg for both nocatsplash and dhcpsplash. Preferably my 
> web page which one is redirected to will be on a central web server
> (on the mesh) but I suppose due to DHCP-dependencies the nocatsplash or
> dhcpsplash must run on each node?  
> 
> As I understand they see new DHCP addresses, redirect once (perhaps with 
> acceptance, perhaps acceptance of an AUP is not needed), and I can set
> the time before this address expires (not necessarily the same as the
> DHCP lease time?

BTW, on my main freifunk gw I have unnatted the LAN with a patch to
S45firewall. I am reading that nocatsplash works with firewall rules, 
and might override existing firewall rules.

(I unnat for stats on the central proxy, and so that all nodes or clients
can access each other by IP or DNS)

   jan at kontiki:~/freifunk$ cat S45firewall-wannat.patch 
   --- S45firewall 2008-03-07 12:43:51.000000000 +0200
   +++ S45firewall.gw      2008-03-07 12:43:55.000000000 +0200
   @@ -58,6 +58,8 @@
		   iptables -t nat -A POSTROUTING -o $WIFIDEV -s $LANNET/$LANPRE -j MASQUERADE
	   fi
    
   +WANOLSR="dontnat"
   +
	   if [ -n "$WANDEV" ]; then
		   if [ -z "$WANOLSR" ]; then
			   # Mask packets to WAN

And on each box LAN is unnatted with nvram::ff_nonat=1,
and the OLSR-DHCP WLANs are unnatted with another patch:

   jan at kontiki:~/freifunk$ cat S45firewall-wlannat.patch 
   --- S45firewall-25	2008-03-07 12:43:55.000000000 +0200
   +++ S45firewall	2008-03-07 12:43:51.000000000 +0200
   @@ -43,15 +43,15 @@
	   # Accept fragments
	   iptables -I INPUT -f -j ACCEPT
    
   -	# Mask packets from these WLAN DHCP clients, so they can do inet w/o OLSR
   -	ENTS=$(nvram get ff_wldhcp)
   -	IFS=\;
   -	for ENT in $ENTS; do
   -		NET=${ENT%[:,]*}
   -		MSK=${ENT#*[:,]}
   -		iptables -t nat -A POSTROUTING -s $NET -j MASQUERADE
   -	done
   -	unset IFS
   +#	# Mask packets from these WLAN DHCP clients, so they can do inet w/o OLSR
   +#	ENTS=$(nvram get ff_wldhcp)
   +#	IFS=\;
   +#	for ENT in $ENTS; do
   +#		NET=${ENT%[:,]*}
   +#		MSK=${ENT#*[:,]}
   +#		iptables -t nat -A POSTROUTING -s $NET -j MASQUERADE
   +#	done
   +#	unset IFS
    
	   if [ -z "$LANOLSR" ] && [ "$(nvram get ff_nonat)" != "1" ]; then
		   # Mask packets from LAN to WIFI

regards,
Jan

-- 
   .~.
   /V\     Jan Groenewald
  /( )\    www.aims.ac.za
  ^^-^^

More information about the WLANware mailing list