archivos iniciales
This commit is contained in:
parent
009c9bdd10
commit
f12fa06ccf
37
config/dhcp
Normal file
37
config/dhcp
Normal file
@ -0,0 +1,37 @@
|
||||
|
||||
config dnsmasq
|
||||
option domainneeded '1'
|
||||
option boguspriv '1'
|
||||
option filterwin2k '0'
|
||||
option localise_queries '1'
|
||||
option rebind_protection '1'
|
||||
option rebind_localhost '1'
|
||||
option local '/lan/'
|
||||
option domain 'lan'
|
||||
option expandhosts '1'
|
||||
option nonegcache '0'
|
||||
option authoritative '1'
|
||||
option readethers '1'
|
||||
option leasefile '/tmp/dhcp.leases'
|
||||
option resolvfile '/tmp/resolv.conf.auto'
|
||||
option nonwildcard '1'
|
||||
option localservice '1'
|
||||
|
||||
config dhcp 'lan'
|
||||
option interface 'lan'
|
||||
option start '100'
|
||||
option limit '150'
|
||||
option leasetime '12h'
|
||||
option dhcpv6 'server'
|
||||
option ra 'server'
|
||||
|
||||
config dhcp 'wan'
|
||||
option interface 'wan'
|
||||
option ignore '1'
|
||||
|
||||
config odhcpd 'odhcpd'
|
||||
option maindhcp '0'
|
||||
option leasefile '/tmp/hosts/odhcpd'
|
||||
option leasetrigger '/usr/sbin/odhcpd-update'
|
||||
option loglevel '4'
|
||||
|
6
config/dropbear
Normal file
6
config/dropbear
Normal file
@ -0,0 +1,6 @@
|
||||
|
||||
config dropbear
|
||||
option PasswordAuth 'on'
|
||||
option Port '22'
|
||||
option Interface 'lan'
|
||||
|
130
config/firewall
Normal file
130
config/firewall
Normal file
@ -0,0 +1,130 @@
|
||||
|
||||
config defaults
|
||||
option syn_flood '1'
|
||||
option input 'ACCEPT'
|
||||
option output 'ACCEPT'
|
||||
option forward 'REJECT'
|
||||
|
||||
config zone
|
||||
option name 'lan'
|
||||
list network 'lan'
|
||||
option input 'ACCEPT'
|
||||
option output 'ACCEPT'
|
||||
option forward 'ACCEPT'
|
||||
|
||||
config zone
|
||||
option name 'wan'
|
||||
list network 'wan'
|
||||
list network 'wan6'
|
||||
option input 'REJECT'
|
||||
option output 'ACCEPT'
|
||||
option forward 'REJECT'
|
||||
option masq '1'
|
||||
option mtu_fix '1'
|
||||
|
||||
config forwarding
|
||||
option src 'lan'
|
||||
option dest 'wan'
|
||||
|
||||
config rule
|
||||
option name 'Allow-DHCP-Renew'
|
||||
option src 'wan'
|
||||
option proto 'udp'
|
||||
option dest_port '68'
|
||||
option target 'ACCEPT'
|
||||
option family 'ipv4'
|
||||
|
||||
config rule
|
||||
option name 'Allow-Ping'
|
||||
option src 'wan'
|
||||
option proto 'icmp'
|
||||
option icmp_type 'echo-request'
|
||||
option family 'ipv4'
|
||||
option target 'ACCEPT'
|
||||
|
||||
config rule
|
||||
option name 'Allow-IGMP'
|
||||
option src 'wan'
|
||||
option proto 'igmp'
|
||||
option family 'ipv4'
|
||||
option target 'ACCEPT'
|
||||
|
||||
config rule
|
||||
option name 'Allow-DHCPv6'
|
||||
option src 'wan'
|
||||
option proto 'udp'
|
||||
option src_ip 'fc00::/6'
|
||||
option dest_ip 'fc00::/6'
|
||||
option dest_port '546'
|
||||
option family 'ipv6'
|
||||
option target 'ACCEPT'
|
||||
|
||||
config rule
|
||||
option name 'Allow-MLD'
|
||||
option src 'wan'
|
||||
option proto 'icmp'
|
||||
option src_ip 'fe80::/10'
|
||||
list icmp_type '130/0'
|
||||
list icmp_type '131/0'
|
||||
list icmp_type '132/0'
|
||||
list icmp_type '143/0'
|
||||
option family 'ipv6'
|
||||
option target 'ACCEPT'
|
||||
|
||||
config rule
|
||||
option name 'Allow-ICMPv6-Input'
|
||||
option src 'wan'
|
||||
option proto 'icmp'
|
||||
list icmp_type 'echo-request'
|
||||
list icmp_type 'echo-reply'
|
||||
list icmp_type 'destination-unreachable'
|
||||
list icmp_type 'packet-too-big'
|
||||
list icmp_type 'time-exceeded'
|
||||
list icmp_type 'bad-header'
|
||||
list icmp_type 'unknown-header-type'
|
||||
list icmp_type 'router-solicitation'
|
||||
list icmp_type 'neighbour-solicitation'
|
||||
list icmp_type 'router-advertisement'
|
||||
list icmp_type 'neighbour-advertisement'
|
||||
option limit '1000/sec'
|
||||
option family 'ipv6'
|
||||
option target 'ACCEPT'
|
||||
|
||||
config rule
|
||||
option name 'Allow-ICMPv6-Forward'
|
||||
option src 'wan'
|
||||
option dest '*'
|
||||
option proto 'icmp'
|
||||
list icmp_type 'echo-request'
|
||||
list icmp_type 'echo-reply'
|
||||
list icmp_type 'destination-unreachable'
|
||||
list icmp_type 'packet-too-big'
|
||||
list icmp_type 'time-exceeded'
|
||||
list icmp_type 'bad-header'
|
||||
list icmp_type 'unknown-header-type'
|
||||
option limit '1000/sec'
|
||||
option family 'ipv6'
|
||||
option target 'ACCEPT'
|
||||
|
||||
config rule
|
||||
option name 'Allow-IPSec-ESP'
|
||||
option src 'wan'
|
||||
option dest 'lan'
|
||||
option proto 'esp'
|
||||
option target 'ACCEPT'
|
||||
|
||||
config rule
|
||||
option name 'Allow-ISAKMP'
|
||||
option src 'wan'
|
||||
option dest 'lan'
|
||||
option dest_port '500'
|
||||
option proto 'udp'
|
||||
option target 'ACCEPT'
|
||||
|
||||
config include
|
||||
option path '/etc/firewall.user'
|
||||
|
||||
config include 'nodogsplash'
|
||||
option type 'script'
|
||||
option path '/usr/lib/nodogsplash/restart.sh'
|
||||
|
38
config/luci
Normal file
38
config/luci
Normal file
@ -0,0 +1,38 @@
|
||||
|
||||
config core 'main'
|
||||
option lang 'auto'
|
||||
option mediaurlbase '/luci-static/bootstrap'
|
||||
option resourcebase '/luci-static/resources'
|
||||
|
||||
config extern 'flash_keep'
|
||||
option uci '/etc/config/'
|
||||
option dropbear '/etc/dropbear/'
|
||||
option openvpn '/etc/openvpn/'
|
||||
option passwd '/etc/passwd'
|
||||
option opkg '/etc/opkg.conf'
|
||||
option firewall '/etc/firewall.user'
|
||||
option uploads '/lib/uci/upload/'
|
||||
|
||||
config internal 'languages'
|
||||
|
||||
config internal 'sauth'
|
||||
option sessionpath '/tmp/luci-sessions'
|
||||
option sessiontime '3600'
|
||||
|
||||
config internal 'ccache'
|
||||
option enable '1'
|
||||
|
||||
config internal 'themes'
|
||||
option Bootstrap '/luci-static/bootstrap'
|
||||
|
||||
config internal 'apply'
|
||||
option rollback '30'
|
||||
option holdoff '4'
|
||||
option timeout '5'
|
||||
option display '1.5'
|
||||
|
||||
config internal 'diag'
|
||||
option dns 'openwrt.org'
|
||||
option ping 'openwrt.org'
|
||||
option route 'openwrt.org'
|
||||
|
18
config/network
Normal file
18
config/network
Normal file
@ -0,0 +1,18 @@
|
||||
|
||||
config interface 'loopback'
|
||||
option ifname 'lo'
|
||||
option proto 'static'
|
||||
option ipaddr '127.0.0.1'
|
||||
option netmask '255.0.0.0'
|
||||
|
||||
config globals 'globals'
|
||||
option ula_prefix 'fdc0:a85c:e1de::/48'
|
||||
|
||||
config interface 'lan'
|
||||
option type 'bridge'
|
||||
option ifname 'eth0'
|
||||
option proto 'static'
|
||||
option ipaddr '192.168.1.1'
|
||||
option netmask '255.255.255.0'
|
||||
option ip6assign '60'
|
||||
|
144
config/nodogsplash
Normal file
144
config/nodogsplash
Normal file
@ -0,0 +1,144 @@
|
||||
|
||||
# The options available here are an adaptation of the settings used in nodogsplash.conf.
|
||||
# See https://github.com/nodogsplash/nodogsplash/blob/master/resources/nodogsplash.conf
|
||||
|
||||
config nodogsplash
|
||||
# Set to 0 to disable nodogsplash
|
||||
option enabled 1
|
||||
|
||||
# Set to 0 to disable hook that makes nodogsplash restart when the firewall restarts.
|
||||
# This hook is needed as a restart of Firewall overwrites nodogsplash iptables entries.
|
||||
option fwhook_enabled '1'
|
||||
|
||||
# Serve the file splash.html from this directory
|
||||
option webroot '/etc/nodogsplash/htdocs'
|
||||
|
||||
# Use plain configuration file
|
||||
#option config '/etc/nodogsplash/nodogsplash.conf'
|
||||
|
||||
# Use this option to set the device nogogsplash will bind to.
|
||||
# The value may be an interface section in /etc/config/network or a device name such as br-lan.
|
||||
option gatewayinterface 'br-lan'
|
||||
|
||||
option gatewayname 'OpenWrt Nodogsplash'
|
||||
option maxclients '250'
|
||||
|
||||
# Enables debug output (0-7)
|
||||
#option debuglevel '7'
|
||||
|
||||
# Client timeouts in minutes
|
||||
option preauthidletimeout '30'
|
||||
option authidletimeout '120'
|
||||
# Session Timeout is the interval after which clients are forced out (a value of 0 means never)
|
||||
option sessiontimeout '1200'
|
||||
|
||||
# The interval in seconds at which nodogsplash checks client timeout status
|
||||
option checkinterval '600'
|
||||
|
||||
# Enable BinAuth Support.
|
||||
# If set, a program is called with several parameters on authentication (request) and deauthentication.
|
||||
# Request for authentication:
|
||||
# $<BinAuth> auth_client <client_mac> '<username>' '<password>'
|
||||
#
|
||||
# The username and password values may be empty strings and are URL encoded.
|
||||
# The program is expected to output the number of seconds the client
|
||||
# is to be authenticated. Zero or negative seconds will cause the authentification request
|
||||
# to be rejected. The same goes for an exit code that is not 0.
|
||||
# The output may contain a user specific download and upload limit in KBit/s:
|
||||
# <seconds> <upload> <download>
|
||||
#
|
||||
# Called on authentication or deauthentication:
|
||||
# $<BinAuth> <*auth|*deauth> <incoming_bytes> <outgoing_bytes> <session_start> <session_end>
|
||||
#
|
||||
# "client_auth": Client authenticated via this script.
|
||||
# "client_deauth": Client deauthenticated by the client via splash page.
|
||||
# "idle_deauth": Client was deauthenticated because of inactivity.
|
||||
# "timeout_deauth": Client was deauthenticated because the session timed out.
|
||||
# "ndsctl_auth": Client was authenticated manually by the ndsctl tool.
|
||||
# "ndsctl_deauth": Client was deauthenticated by the ndsctl tool.
|
||||
# "shutdown_deauth": Client was deauthenticated by Nodogsplash terminating.
|
||||
#
|
||||
# Values session_start and session_start are in seconds since 1970 or 0 for unknown/unlimited.
|
||||
#
|
||||
#option binauth '/bin/myauth.sh'
|
||||
|
||||
# Enable Forwarding Authentication Service (FAS)
|
||||
# If set redirection is changed from splash.html to a FAS (provided by the system administrator)
|
||||
# The value is the IP port number of the FAS
|
||||
#option fasport '80'
|
||||
|
||||
# Option: fasremoteip
|
||||
# Default: GatewayAddress (the IP of NDS)
|
||||
# If set, this is the remote ip address of the FAS.
|
||||
#option fasremoteip '46.32.240.41'
|
||||
|
||||
# Option: faspath
|
||||
# Default: /
|
||||
# This is the path from the FAS Web Root to the FAS login page
|
||||
# (not the file system root).
|
||||
#option faspath '/onboard-wifi.net/nodog/fas.php'
|
||||
|
||||
# Option: fas_secure_enabled
|
||||
# Default: 1
|
||||
# If set to "1", authaction and the client token are not revealed and it is the responsibility
|
||||
# of the FAS to request the token from NDSCTL.
|
||||
# If set to "0", the client token is sent to the FAS in clear text in the query string of the
|
||||
# redirect along with authaction and redir.
|
||||
#option fas_secure_enabled '0'
|
||||
|
||||
# Your router may have several interfaces, and you
|
||||
# probably want to keep them private from the network/gatewayinterface.
|
||||
# If so, you should block the entire subnets on those interfaces, e.g.:
|
||||
#list authenticated_users 'block to 192.168.0.0/16'
|
||||
#list authenticated_users 'block to 10.0.0.0/8'
|
||||
|
||||
# Typical ports you will probably want to open up.
|
||||
#list authenticated_users 'allow tcp port 22'
|
||||
#list authenticated_users 'allow tcp port 53'
|
||||
#list authenticated_users 'allow udp port 53'
|
||||
#list authenticated_users 'allow tcp port 80'
|
||||
#list authenticated_users 'allow tcp port 443'
|
||||
# Or for happy customers allow all
|
||||
list authenticated_users 'allow all'
|
||||
|
||||
# For preauthenticated users to resolve IP addresses in their
|
||||
# initial request not using the router itself as a DNS server,
|
||||
# Leave commented to help prevent DNS tunnelling
|
||||
#list preauthenticated_users 'allow tcp port 53'
|
||||
#list preauthenticated_users 'allow udp port 53'
|
||||
|
||||
# Allow ports for SSH/Telnet/DNS/DHCP/HTTP/HTTPS
|
||||
list users_to_router 'allow tcp port 22'
|
||||
list users_to_router 'allow tcp port 23'
|
||||
list users_to_router 'allow tcp port 53'
|
||||
list users_to_router 'allow udp port 53'
|
||||
list users_to_router 'allow udp port 67'
|
||||
list users_to_router 'allow tcp port 80'
|
||||
|
||||
# MAC addresses that are / are not allowed to access the splash page
|
||||
# Value is either 'allow' or 'block'. The allowedmac or blockedmac list is used.
|
||||
#option macmechanism 'allow'
|
||||
#list allowedmac '00:00:C0:01:D0:0D'
|
||||
#list allowedmac '00:00:C0:01:D0:1D'
|
||||
#list blockedmac '00:00:C0:01:D0:2D'
|
||||
|
||||
# MAC addresses that do not need to authenticate
|
||||
#list trustedmac '00:00:C0:01:D0:1D'
|
||||
|
||||
# Nodogsplash uses specific HEXADECIMAL values to mark packets used by iptables as a bitwise mask.
|
||||
# This mask can conflict with the requirements of other packages such as mwan3, sqm etc
|
||||
# Any values set here are interpreted as in hex format.
|
||||
#
|
||||
# List: fw_mark_authenticated
|
||||
# Default: 30000 (0011|0000|0000|0000|0000 binary)
|
||||
#
|
||||
# List: fw_mark_trusted
|
||||
# Default: 20000 (0010|0000|0000|0000|0000 binary)
|
||||
#
|
||||
# List: fw_mark_blocked
|
||||
# Default: 10000 (0001|0000|0000|0000|0000 binary)
|
||||
#
|
||||
#list fw_mark_authenticated '30000'
|
||||
#list fw_mark_trusted '20000'
|
||||
#list fw_mark_blocked '10000'
|
||||
|
10
config/rpcd
Normal file
10
config/rpcd
Normal file
@ -0,0 +1,10 @@
|
||||
config rpcd
|
||||
option socket /var/run/ubus.sock
|
||||
option timeout 30
|
||||
|
||||
config login
|
||||
option username 'root'
|
||||
option password '$p$root'
|
||||
list read '*'
|
||||
list write '*'
|
||||
|
52
config/system
Normal file
52
config/system
Normal file
@ -0,0 +1,52 @@
|
||||
|
||||
config system
|
||||
option hostname 'OpenWrt'
|
||||
option timezone 'UTC'
|
||||
option ttylogin '0'
|
||||
option log_size '64'
|
||||
option urandom_seed '0'
|
||||
|
||||
config timeserver 'ntp'
|
||||
option enabled '1'
|
||||
option enable_server '0'
|
||||
list server '0.openwrt.pool.ntp.org'
|
||||
list server '1.openwrt.pool.ntp.org'
|
||||
list server '2.openwrt.pool.ntp.org'
|
||||
list server '3.openwrt.pool.ntp.org'
|
||||
|
||||
config led 'led_rssilow'
|
||||
option sysfs 'ubnt:red:link1'
|
||||
option trigger 'rssi'
|
||||
option iface 'rssid_wlan0'
|
||||
option minq '1'
|
||||
option maxq '100'
|
||||
option offset '0'
|
||||
option factor '13'
|
||||
|
||||
config led 'led_rssimediumlow'
|
||||
option sysfs 'ubnt:orange:link2'
|
||||
option trigger 'rssi'
|
||||
option iface 'rssid_wlan0'
|
||||
option minq '26'
|
||||
option maxq '100'
|
||||
option offset '-25'
|
||||
option factor '13'
|
||||
|
||||
config led 'led_rssimediumhigh'
|
||||
option sysfs 'ubnt:green:link3'
|
||||
option trigger 'rssi'
|
||||
option iface 'rssid_wlan0'
|
||||
option minq '51'
|
||||
option maxq '100'
|
||||
option offset '-50'
|
||||
option factor '13'
|
||||
|
||||
config led 'led_rssihigh'
|
||||
option sysfs 'ubnt:green:link4'
|
||||
option trigger 'rssi'
|
||||
option iface 'rssid_wlan0'
|
||||
option minq '76'
|
||||
option maxq '100'
|
||||
option offset '-75'
|
||||
option factor '13'
|
||||
|
0
config/ubootenv
Normal file
0
config/ubootenv
Normal file
56
config/ucitrack
Normal file
56
config/ucitrack
Normal file
@ -0,0 +1,56 @@
|
||||
config network
|
||||
option init network
|
||||
list affects dhcp
|
||||
list affects radvd
|
||||
|
||||
config wireless
|
||||
list affects network
|
||||
|
||||
config firewall
|
||||
option init firewall
|
||||
list affects luci-splash
|
||||
list affects qos
|
||||
list affects miniupnpd
|
||||
|
||||
config olsr
|
||||
option init olsrd
|
||||
|
||||
config dhcp
|
||||
option init dnsmasq
|
||||
list affects odhcpd
|
||||
|
||||
config odhcpd
|
||||
option init odhcpd
|
||||
|
||||
config dropbear
|
||||
option init dropbear
|
||||
|
||||
config httpd
|
||||
option init httpd
|
||||
|
||||
config fstab
|
||||
option exec '/sbin/block mount'
|
||||
|
||||
config qos
|
||||
option init qos
|
||||
|
||||
config system
|
||||
option init led
|
||||
option exec '/etc/init.d/log reload'
|
||||
list affects luci_statistics
|
||||
list affects dhcp
|
||||
|
||||
config luci_splash
|
||||
option init luci_splash
|
||||
|
||||
config upnpd
|
||||
option init miniupnpd
|
||||
|
||||
config ntpclient
|
||||
option init ntpclient
|
||||
|
||||
config samba
|
||||
option init samba
|
||||
|
||||
config tinyproxy
|
||||
option init tinyproxy
|
135
config/uhttpd
Normal file
135
config/uhttpd
Normal file
@ -0,0 +1,135 @@
|
||||
# Server configuration
|
||||
config uhttpd main
|
||||
|
||||
# HTTP listen addresses, multiple allowed
|
||||
list listen_http 0.0.0.0:80
|
||||
list listen_http [::]:80
|
||||
|
||||
# HTTPS listen addresses, multiple allowed
|
||||
list listen_https 0.0.0.0:443
|
||||
list listen_https [::]:443
|
||||
|
||||
# Redirect HTTP requests to HTTPS if possible
|
||||
option redirect_https 1
|
||||
|
||||
# Server document root
|
||||
option home /www
|
||||
|
||||
# Reject requests from RFC1918 IP addresses
|
||||
# directed to the servers public IP(s).
|
||||
# This is a DNS rebinding countermeasure.
|
||||
option rfc1918_filter 1
|
||||
|
||||
# Maximum number of concurrent requests.
|
||||
# If this number is exceeded, further requests are
|
||||
# queued until the number of running requests drops
|
||||
# below the limit again.
|
||||
option max_requests 3
|
||||
|
||||
# Maximum number of concurrent connections.
|
||||
# If this number is exceeded, further TCP connection
|
||||
# attempts are queued until the number of active
|
||||
# connections drops below the limit again.
|
||||
option max_connections 100
|
||||
|
||||
# Certificate and private key for HTTPS.
|
||||
# If no listen_https addresses are given,
|
||||
# the key options are ignored.
|
||||
option cert /etc/uhttpd.crt
|
||||
option key /etc/uhttpd.key
|
||||
|
||||
# CGI url prefix, will be searched in docroot.
|
||||
# Default is /cgi-bin
|
||||
option cgi_prefix /cgi-bin
|
||||
|
||||
# List of extension->interpreter mappings.
|
||||
# Files with an associated interpreter can
|
||||
# be called outside of the CGI prefix and do
|
||||
# not need to be executable.
|
||||
# list interpreter ".php=/usr/bin/php-cgi"
|
||||
# list interpreter ".cgi=/usr/bin/perl"
|
||||
|
||||
# List of prefix->Lua handler mappings.
|
||||
# Any request to an URL beneath the prefix
|
||||
# will be dispatched to the associated Lua
|
||||
# handler script. Lua support is disabled when
|
||||
# no handler mappings are specified. Lua prefix
|
||||
# matches have precedence over the CGI prefix.
|
||||
list lua_prefix "/cgi-bin/luci=/usr/lib/lua/luci/sgi/uhttpd.lua"
|
||||
|
||||
# Specify the ubus-rpc prefix and socket path.
|
||||
# option ubus_prefix /ubus
|
||||
# option ubus_socket /var/run/ubus.sock
|
||||
|
||||
# CGI/Lua timeout, if the called script does not
|
||||
# write data within the given amount of seconds,
|
||||
# the server will terminate the request with
|
||||
# 504 Gateway Timeout response.
|
||||
option script_timeout 60
|
||||
|
||||
# Network timeout, if the current connection is
|
||||
# blocked for the specified amount of seconds,
|
||||
# the server will terminate the associated
|
||||
# request process.
|
||||
option network_timeout 30
|
||||
|
||||
# HTTP Keep-Alive, specifies the timeout for persistent
|
||||
# HTTP/1.1 connections. Setting this to 0 will disable
|
||||
# persistent HTTP connections.
|
||||
option http_keepalive 20
|
||||
|
||||
# TCP Keep-Alive, send periodic keep-alive probes
|
||||
# over established connections to detect dead peers.
|
||||
# The value is given in seconds to specify the
|
||||
# interval between subsequent probes.
|
||||
# Setting this to 0 will disable TCP keep-alive.
|
||||
option tcp_keepalive 1
|
||||
|
||||
# Basic auth realm, defaults to local hostname
|
||||
# option realm OpenWrt
|
||||
|
||||
# Configuration file in busybox httpd format
|
||||
# option config /etc/httpd.conf
|
||||
|
||||
# Do not follow symlinks that point outside of the
|
||||
# home directory.
|
||||
# option no_symlinks 0
|
||||
|
||||
# Do not produce directory listings but send 403
|
||||
# instead if a client requests an url pointing to
|
||||
# a directory without any index file.
|
||||
# option no_dirlists 0
|
||||
|
||||
# Do not authenticate any ubus-rpc requests against
|
||||
# the ubus session/access procedure.
|
||||
# This is dangerous and should be always left off
|
||||
# except for development and debug purposes!
|
||||
# option no_ubusauth 0
|
||||
|
||||
# For this instance of uhttpd use the listed httpauth
|
||||
# sections to require Basic auth to the specified
|
||||
# resources.
|
||||
# list httpauth prefix_user
|
||||
|
||||
|
||||
# Defaults for automatic certificate and key generation
|
||||
config cert defaults
|
||||
|
||||
# Validity time
|
||||
option days 730
|
||||
|
||||
# RSA key size
|
||||
option bits 2048
|
||||
|
||||
# Location
|
||||
option country ZZ
|
||||
option state Somewhere
|
||||
option location Unknown
|
||||
|
||||
# Common name
|
||||
option commonname 'OpenWrt'
|
||||
|
||||
# config httpauth prefix_user
|
||||
# option prefix /protected/url/path
|
||||
# option username user
|
||||
# option password 'plaintext_or_md5_or_$p$user_for_system_user'
|
15
config/wireless
Normal file
15
config/wireless
Normal file
@ -0,0 +1,15 @@
|
||||
|
||||
config wifi-device 'radio0'
|
||||
option type 'mac80211'
|
||||
option channel '11'
|
||||
option hwmode '11g'
|
||||
option path 'pci0000:00/0000:00:00.0'
|
||||
option htmode 'HT20'
|
||||
|
||||
config wifi-iface 'default_radio0'
|
||||
option device 'radio0'
|
||||
option network 'lan'
|
||||
option mode 'ap'
|
||||
option ssid 'OpenWrt'
|
||||
option encryption 'none'
|
||||
|
BIN
nodogsplash/htdocs/images/splash.jpg
Normal file
BIN
nodogsplash/htdocs/images/splash.jpg
Normal file
Binary file not shown.
After Width: | Height: | Size: 2.1 KiB |
55
nodogsplash/htdocs/splash.css
Normal file
55
nodogsplash/htdocs/splash.css
Normal file
@ -0,0 +1,55 @@
|
||||
body {
|
||||
background-color: lightgrey;
|
||||
color: black;
|
||||
margin-left: 5%;
|
||||
margin-right: 5%;
|
||||
text-align: left;
|
||||
}
|
||||
|
||||
img {
|
||||
width: 40%;
|
||||
max-width: 180px;
|
||||
margin-left: 0%;
|
||||
margin-right: 5%;
|
||||
}
|
||||
|
||||
input[type=submit] {
|
||||
color: white;
|
||||
background: green;
|
||||
margin-left: 0%;
|
||||
margin-right: 5%;
|
||||
text-align: left;
|
||||
font-size: 1.0em;
|
||||
line-height: 2.5em;
|
||||
font-weight: bold;
|
||||
border: 3px;
|
||||
border-style: inset;
|
||||
}
|
||||
|
||||
med-blue {
|
||||
font-size: 1.3em;
|
||||
color: blue;
|
||||
font-weight: bold;
|
||||
font-style: normal;
|
||||
}
|
||||
|
||||
big-red {
|
||||
font-size: 1.7em;
|
||||
color: red;
|
||||
font-weight: bold;
|
||||
}
|
||||
|
||||
italic-black {
|
||||
font-size: 1.3em;
|
||||
color: black;
|
||||
font-weight: bold;
|
||||
font-style: italic;
|
||||
}
|
||||
|
||||
copy-right {
|
||||
font-size: 0.7em;
|
||||
color: darkgrey;
|
||||
font-weight: bold;
|
||||
font-style:italic;
|
||||
}
|
||||
|
93
nodogsplash/htdocs/splash.html
Normal file
93
nodogsplash/htdocs/splash.html
Normal file
@ -0,0 +1,93 @@
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate">
|
||||
<meta http-equiv="Pragma" content="no-cache">
|
||||
<meta http-equiv="Expires" content="0">
|
||||
<meta charset="utf-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
|
||||
<link rel="shortcut icon" href="/$imagesdir/splash.jpg" type="image/x-icon">
|
||||
<link rel="stylesheet" type="text/css" href="/splash.css">
|
||||
|
||||
<title>$gatewayname Hotspot Gateway.</title>
|
||||
|
||||
<!--
|
||||
Content:
|
||||
Nodogsplash (NDS), by default, serves this splash page (splash.html)
|
||||
when a client device Captive Portal Detection (CPD) process
|
||||
attempts to send a port 80 request to the Internet.
|
||||
|
||||
You may either embed css in this file or use a separate .css file
|
||||
in the same directory as this file, as demonstrated here.
|
||||
|
||||
It should be noted when designing a custom splash page
|
||||
that for security reasons many CPD implementations:
|
||||
Immediately close the browser when the client has authenticated.
|
||||
Prohibit the use of href links.
|
||||
Prohibit downloading of external files
|
||||
(including .css and .js).
|
||||
Prohibit the execution of javascript.
|
||||
|
||||
Also, note that any images you reference should reside in the
|
||||
subdirectory that is defined by $imagesdir (default: "images").
|
||||
|
||||
Authentication:
|
||||
A client is authenticated on submitting an HTTP form, method=get,
|
||||
passing $authaction, $tok and $redir.
|
||||
|
||||
It is also possible to authenticate using an href link to
|
||||
$authtarget but be aware that many device Captive Portal Detection
|
||||
processes prohibit href links, so this method may not work with
|
||||
all client devices.
|
||||
|
||||
Available variables:
|
||||
error_msg: $error_msg
|
||||
gatewayname: $gatewayname
|
||||
tok: $tok
|
||||
redir: $redir
|
||||
authaction: $authaction
|
||||
denyaction: $denyaction
|
||||
authtarget: $authtarget
|
||||
clientip: $clientip
|
||||
clientmac: $clientmac
|
||||
clientupload: $clientupload
|
||||
clientdownload: $clientdownload
|
||||
gatewaymac: $gatewaymac
|
||||
nclients: $nclients
|
||||
maxclients: $maxclients
|
||||
uptime: $uptime
|
||||
imagesdir: $imagesdir
|
||||
pagesdir: $pagesdir
|
||||
|
||||
Additional Variables that can be passed back via the HTTP get,
|
||||
or appended to the query string of the authtarget link:
|
||||
username
|
||||
password
|
||||
-->
|
||||
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<med-blue>$gatewayname Hotspot Gateway.</med-blue>
|
||||
<br><br>
|
||||
<img src="$imagesdir/splash.jpg" alt="Splash Page: For access to the Internet, please click Continue.">
|
||||
<hr>
|
||||
<big-red>Welcome!</big-red>
|
||||
<hr>
|
||||
<br>
|
||||
<italic-black>For access to the Internet, please tap or click Continue.</italic-black>
|
||||
<br><br>
|
||||
<hr>
|
||||
|
||||
<form method="get" action="$authaction">
|
||||
<input type="hidden" name="tok" value="$tok">
|
||||
<input type="hidden" name="redir" value="$redir">
|
||||
<input type="submit" value="Continue">
|
||||
</form>
|
||||
|
||||
<hr>
|
||||
<copy-right>Copyright © The Nodogsplash Contributors 2004-2018.<br>This software is released under the GNU GPL license.</copy-right>
|
||||
|
||||
</body>
|
||||
</html>
|
41
nodogsplash/htdocs/status.html
Normal file
41
nodogsplash/htdocs/status.html
Normal file
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
|
||||
<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate">
|
||||
<meta http-equiv="Pragma" content="no-cache">
|
||||
<meta http-equiv="Expires" content="0">
|
||||
<meta charset="utf-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
|
||||
<link rel="shortcut icon" href="/$imagesdir/splash.jpg" type="image/x-icon">
|
||||
<link rel="stylesheet" type="text/css" href="/splash.css">
|
||||
|
||||
<title>$gatewayname Hotspot Gateway Status</title>
|
||||
|
||||
<!--
|
||||
Status:
|
||||
The Status page is served to a client if they are already authenticated.
|
||||
This may occur if the client user selects "Back" on the CPD browser
|
||||
screen after they have successfully authenticated.
|
||||
|
||||
The same template variables are available as for the splash page.
|
||||
-->
|
||||
|
||||
</head>
|
||||
|
||||
<body>
|
||||
|
||||
<med-blue>$gatewayname Hotspot Gateway.</med-blue>
|
||||
<br><br>
|
||||
<img src="$imagesdir/splash.jpg" alt="You are already logged in and have access to the Internet.">
|
||||
<hr>
|
||||
<p><big-red>You are already logged in and have access to the Internet.</big-red></p>
|
||||
<hr>
|
||||
<p><italic-black>You can use your Browser, Email and other network Apps as you normally would.</italic-black></p>
|
||||
|
||||
<hr>
|
||||
<copy-right>Copyright © The Nodogsplash Contributors 2004-2018.<br>This software is released under the GNU GPL license.</copy-right>
|
||||
|
||||
</body>
|
||||
</html>
|
Loading…
Reference in New Issue
Block a user