]> git.ipfire.org Git - ipfire-2.x.git/blobdiff - src/initscripts/system/firewall
projects / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Captive-Portal: add captive chains to firewall initscript
[ipfire-2.x.git] / src / initscripts / system / firewall
diff --git a/src/initscripts/system/firewall b/src/initscripts/system/firewall
index 7bdb292f7ddb8a2160377a45180fe58de40b93dc..c4d2fefe41d3308823b4250d15e26c998db56db3 100644 (file)
--- a/src/initscripts/system/firewall
+++ b/src/initscripts/system/firewall
@@ -224,6 +224,13 @@ iptables_init() {
                iptables -A ${i} -j LOOPBACK
        done
 
+       # Captive portal
+       iptables -N CAPTIVE_PORTAL
+       iptables -N CAPTIVE_PORTAL_CLIENTS
+       for i in INPUT FORWARD; do
+               iptables -A ${i} -j CAPTIVE_PORTAL
+       done
+
        # Accept everything connected
        for i in INPUT FORWARD OUTPUT; do
                iptables -A ${i} -j CONNTRACK
@@ -337,6 +344,10 @@ iptables_init() {
        iptables -N UPNPFW
        iptables -A FORWARD -m conntrack --ctstate NEW -j UPNPFW
 
+       # Captive Portal
+       iptables -t nat -N CAPTIVE_PORTAL
+       iptables -t nat -A PREROUTING -j CAPTIVE_PORTAL
+
        # RED chain, used for the red interface
        iptables -N REDINPUT
        iptables -A INPUT -j REDINPUT
IPFire 2.x development tree