mirror of https://github.com/Telecominfraproject/wlan-ap.git synced 2025-10-29 17:42:41 +00:00

Files

John Crispin dcfc17a150 uspot: fix idle timeout handling

Fixes: WIFI-14263
Signed-off-by: John Crispin <john@phrozen.org>

2024-11-13 12:40:03 +01:00

files

uspot: fix idle timeout handling

2024-11-13 12:40:03 +01:00

src

uspot: fix uam CHAP password and challenge

2023-12-11 07:37:13 +01:00

Makefile

uspot: fix missing DEPENDS

2023-05-30 07:56:08 +02:00

README.md

uspot: don't use CONNMARK

2023-06-05 13:19:19 +02:00

README.md

uspot

A captive portal

TBC

Basic firewall setup

In /etc/config/firewall:

config zone
	option name 'captive'
	list network 'captive'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'

config redirect
	option name 'Redirect-unauth-captive-CPD'
	option src 'captive'
	option src_dport '80'
	option proto 'tcp'
	option target 'DNAT'
	option reflection '0'
	option mark '!1/127'

config rule
	option name 'Allow-captive-CPD-UAM'
	option src 'captive'
	option dest_port '80 3990'
	option proto 'tcp'
	option target 'ACCEPT'

config rule
	option name 'Forward-auth-captive'
	option src 'captive'
	option dest 'wan'
	option proto 'any'
	option target 'ACCEPT'
	option mark '1/127'

config rule
	option name 'Allow-DHCP-captive'
	option src 'captive'
	option proto 'udp'
	option dest_port '67'
	option target 'ACCEPT'

config rule
	option name 'Allow-DNS-captive'
	option src 'captive'
	list proto 'udp'
	list proto 'tcp'
	option dest_port '53'
	option target 'ACCEPT'