Captive-Portal: add captive chains to firewall initscript

When loading the initscript of the firewall the neccessary chains for
the captive portalneed to be created.

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>

diff --git a/src/initscripts/system/firewall b/src/initscripts/system/firewall
index 7bdb292f7ddb8a2160377a45180fe58de40b93dc..c4d2fefe41d3308823b4250d15e26c998db56db3 100644 (file)
--- a/src/initscripts/system/firewall
+++ b/src/initscripts/system/firewall
@@ -224,6 +224,13 @@ iptables_init() {
                iptables -A ${i} -j LOOPBACK
        done
 
+       # Captive portal
+       iptables -N CAPTIVE_PORTAL
+       iptables -N CAPTIVE_PORTAL_CLIENTS
+       for i in INPUT FORWARD; do
+               iptables -A ${i} -j CAPTIVE_PORTAL
+       done
+
        # Accept everything connected
        for i in INPUT FORWARD OUTPUT; do
                iptables -A ${i} -j CONNTRACK
@@ -337,6 +344,10 @@ iptables_init() {
        iptables -N UPNPFW
        iptables -A FORWARD -m conntrack --ctstate NEW -j UPNPFW
 
+       # Captive Portal
+       iptables -t nat -N CAPTIVE_PORTAL
+       iptables -t nat -A PREROUTING -j CAPTIVE_PORTAL
+
        # RED chain, used for the red interface
        iptables -N REDINPUT
        iptables -A INPUT -j REDINPUT