Temat: firewall pod captive portal
witam
zainstalowalem nospalshdog , skonfigurowalem etc wszytko dziala ale jak zaladuje reguly firewall to dostaje bloka na wszystko a bez firewalla stronka wyskakuje do logowania ale mozna ja wyl i wejsc na przegladarke i net smiga , moze mi ktos pomoc z tymi regulami dziekuje
br-lan interface
uci set network.lan=interface
uci set network.lan.proto=static
uci set network.lan.ipaddr=10.0.0.1
uci set network.lan.netmask=255.0.0.0
uci set network.lan.type=bridge
uci commit network
radio0
uci add wireless wifi-iface
uci set wireless.@wifi-iface[-1].device=radio0
uci set wireless.@wifi-iface[-1].encryption=none
uci set wireless.@wifi-iface[-1].network=lan
uci set wireless.@wifi-iface[-1].mode=ap
uci set wireless.@wifi-iface[-1].ssid=bar
uci commit wireless
firewall
blokuje wejscie i przekierowywuje na lan kiedy klient przierwszy raz sie loguje
uci add firewall zone
uci set firewall.@zone[-1].name=lan
uci set firewall.@zone[-1].network=lan
uci set firewall.@zone[-1].input=REJECT
uci set firewall.@zone[-1].output=ACCEPT
uci set firewall.@zone[-1].forward=REJECT
# przekierwouje klienta do wan (to jez blokowane dopuki klient nie zostaie zautroyzwoany przez NOSplASHdog)
uci add firewall forwarding
uci set firewall.@forwarding[-1].src=lan
uci set firewall.@forwarding[-1].dest=wan
# pozwala na uzyskanie adresu z dhcp przez klienta
uci add firewall rule
uci set firewall.@rule[-1].src=lan
uci set firewall.@rule[-1].proto=udp
uci set firewall.@rule[-1].src_port=67-68
uci set firewall.@rule[-1].dest_port=67-68
uci set firewall.@rule[-1].target=ACCEPT
uci set firewall.@rule[-1].family=ipv4
pozwala na dostep do dns
uci add firewall rule
uci set firewall.@rule[-1].src=lan
uci set firewall.@rule[-1].dest_port=53
uci set firewall.@rule[-1].target=ACCEPT
uci set firewall.@rule[-1].family=ipv4
uci set firewall.@rule[-1].proto=tcpudp
uci commit