From: Alexander Marx <alexander.marx@ipfire.org>
Date: Thu, 28 Jan 2016 15:08:32 +0000 (+0100)
Subject: Captive-Portal: add captive chains to firewall initscript
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=beed75cb2e6aa15872ed5b55a30c131221297cd9;p=people%2Fms%2Fipfire-2.x.git

Captive-Portal: add captive chains to firewall initscript

When loading the initscript of the firewall the neccessary chains for
the captive portalneed to be created.

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
---

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index cb52670d6a..18da870ef1 100644
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -217,6 +217,13 @@ iptables_init() {
 		iptables -A ${i} -j LOOPBACK
 	done
 
+	# Captive portal
+	iptables -N CAPTIVE_PORTAL
+	iptables -N CAPTIVE_PORTAL_CLIENTS
+	for i in INPUT FORWARD; do
+		iptables -A ${i} -j CAPTIVE_PORTAL
+	done
+
 	# Accept everything connected
 	for i in INPUT FORWARD OUTPUT; do
 		iptables -A ${i} -j CONNTRACK
@@ -330,6 +337,10 @@ iptables_init() {
 	iptables -N UPNPFW
 	iptables -A FORWARD -m conntrack --ctstate NEW -j UPNPFW
 
+	# Captive Portal
+	iptables -t nat -N CAPTIVE_PORTAL
+	iptables -t nat -A PREROUTING -j CAPTIVE_PORTAL
+
 	# RED chain, used for the red interface
 	iptables -N REDINPUT
 	iptables -A INPUT -j REDINPUT