using_iptables_and_php_to_create_a_captive_portal
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
using_iptables_and_php_to_create_a_captive_portal [2018/12/06 19:59] – abeverley | using_iptables_and_php_to_create_a_captive_portal [2018/12/06 21:51] – abeverley | ||
---|---|---|---|
Line 37: | Line 37: | ||
In this example a flat file is used to store all the details of users already registered (/ | In this example a flat file is used to store all the details of users already registered (/ | ||
- | Name < | + | Name Email Client IP Client MAC Date |
===== Firewall rules required ===== | ===== Firewall rules required ===== | ||
- | < | + | By andy@andybev.com (Apr 2011) - I have just updated these rules again, this time to move the MARKing into the mangle table and keep the DNAT in the nat table. I have not tested them yet though; please let me know if there are any problems. |
The following iptables rules are needed in your firewall. Add them to your system' | The following iptables rules are needed in your firewall. Add them to your system' | ||
- | < | + | < |
IPTABLES=/ | IPTABLES=/ | ||
Line 89: | Line 88: | ||
$IPTABLES -t nat -A POSTROUTING -o ppp0 -j MASQUERADE | $IPTABLES -t nat -A POSTROUTING -o ppp0 -j MASQUERADE | ||
- | < | + | </ |
===== Setting up rmtrack ===== | ===== Setting up rmtrack ===== | ||
Line 97: | Line 96: | ||
Create the file / | Create the file / | ||
- | < | + | |
- | + | ||
- | / | + | |
|grep $1 \ | |grep $1 \ | ||
|grep ESTAB \ | |grep ESTAB \ | ||
Line 107: | Line 104: | ||
substr(\$6, | substr(\$6, | ||
--orig-port-dst 80\"); }" | --orig-port-dst 80\"); }" | ||
- | < | ||
Note: the single command has been split over several lines | Note: the single command has been split over several lines | ||
Line 115: | Line 111: | ||
Sudo needs to be configured to allow the apache web server to issue certain iptables commands in order to allow clients to access the internet after they have signed up. Use visudo to add the following commands to the sudoers file: | Sudo needs to be configured to allow the apache web server to issue certain iptables commands in order to allow clients to access the internet after they have signed up. Use visudo to add the following commands to the sudoers file: | ||
- | < | + | www-data ALL = NOPASSWD: |
+ | www-data ALL = NOPASSWD: / | ||
+ | www-data ALL = NOPASSWD: / | ||
- | www-data ALL = NOPASSWD: / | ||
- | www-data ALL = NOPASSWD: / | ||
- | www-data ALL = NOPASSWD: / | ||
- | < | ||
- | < | + | Note: Sudo does not use regular expressions, |
===== PHP script ===== | ===== PHP script ===== | ||
Line 130: | Line 124: | ||
|For an example of how to retain a user's URL, have a look at the discussion page| | |For an example of how to retain a user's URL, have a look at the discussion page| | ||
- | < | + | < |
<?php | <?php | ||
Line 221: | Line 214: | ||
?> | ?> | ||
- | < | + | </ |
===== In use ===== | ===== In use ===== |
using_iptables_and_php_to_create_a_captive_portal.txt · Last modified: 2020/05/29 09:49 by abeverley