From beed75cb2e6aa15872ed5b55a30c131221297cd9 Mon Sep 17 00:00:00 2001
From: Alexander Marx <alexander.marx@ipfire.org>
Date: Thu, 28 Jan 2016 16:08:32 +0100
Subject: [PATCH] Captive-Portal: add captive chains to firewall initscript

When loading the initscript of the firewall the neccessary chains for
the captive portalneed to be created.

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
---
 src/initscripts/init.d/firewall | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index cb52670d6a..18da870ef1 100644
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -217,6 +217,13 @@ iptables_init() {
 		iptables -A ${i} -j LOOPBACK
 	done
 
+	# Captive portal
+	iptables -N CAPTIVE_PORTAL
+	iptables -N CAPTIVE_PORTAL_CLIENTS
+	for i in INPUT FORWARD; do
+		iptables -A ${i} -j CAPTIVE_PORTAL
+	done
+
 	# Accept everything connected
 	for i in INPUT FORWARD OUTPUT; do
 		iptables -A ${i} -j CONNTRACK
@@ -330,6 +337,10 @@ iptables_init() {
 	iptables -N UPNPFW
 	iptables -A FORWARD -m conntrack --ctstate NEW -j UPNPFW
 
+	# Captive Portal
+	iptables -t nat -N CAPTIVE_PORTAL
+	iptables -t nat -A PREROUTING -j CAPTIVE_PORTAL
+
 	# RED chain, used for the red interface
 	iptables -N REDINPUT
 	iptables -A INPUT -j REDINPUT
-- 
2.39.5