# Retry sending spooled mails regularly
%hourly * /usr/sbin/dma -q
+# Cleanup captive clients
+%hourly * /usr/bin/captive-cleanup
+
+# Reload captive firewall rules
+%nightly * 23-1 /usr/local/bin/captivectrl >/dev/null
+
# Cleanup the mail spool directory
%weekly * * /usr/sbin/dma-cleanup-spool
# Move script to correct place.
mv -vf /usr/local/bin/ovpn-ccd-convert /usr/sbin/
mv -vf /usr/local/bin/ovpn-collectd-convert /usr/sbin/
+ mv -vf /usr/local/bin/captive-cleanup /usr/bin/
# Install firewall scripts.
mkdir -pv /usr/lib/firewall
--- /dev/null
+#!/usr/bin/perl
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2016 IPFire Team <alexander.marx@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+use strict;
+
+require '/var/ipfire/general-functions.pl';
+
+my %settings=();
+my %clientshash=();
+my $settingsfile="${General::swroot}/captive/settings";
+my $clients="${General::swroot}/captive/clients";
+my $time;
+my $expiretime;
+
+if (-f $settingsfile && -f $clients && ! -z $clients){
+ &General::readhash("$settingsfile", \%settings) if(-f $settingsfile);
+ &General::readhasharray("$clients", \%clientshash);
+ $time = time();
+ foreach my $key (keys %clientshash) {
+ $expiretime=($clientshash{$key}[5]*3600)+$clientshash{$key}[6];
+ if ($expiretime < $time){
+ delete $clientshash{key};
+ }
+ }
+}