From f12fa06ccf018baeeecaaa01e457f8e286d72ffa Mon Sep 17 00:00:00 2001
From: kleper <kleper@kleper.net>
Date: Mon, 14 Oct 2019 11:08:36 -0500
Subject: [PATCH] archivos iniciales

---
 config/dhcp                          |  37 +++++++
 config/dropbear                      |   6 ++
 config/firewall                      | 130 ++++++++++++++++++++++++
 config/luci                          |  38 +++++++
 config/network                       |  18 ++++
 config/nodogsplash                   | 144 +++++++++++++++++++++++++++
 config/rpcd                          |  10 ++
 config/system                        |  52 ++++++++++
 config/ubootenv                      |   0
 config/ucitrack                      |  56 +++++++++++
 config/uhttpd                        | 135 +++++++++++++++++++++++++
 config/wireless                      |  15 +++
 nodogsplash/htdocs/images/splash.jpg | Bin 0 -> 2129 bytes
 nodogsplash/htdocs/splash.css        |  55 ++++++++++
 nodogsplash/htdocs/splash.html       |  93 +++++++++++++++++
 nodogsplash/htdocs/status.html       |  41 ++++++++
 16 files changed, 830 insertions(+)
 create mode 100644 config/dhcp
 create mode 100644 config/dropbear
 create mode 100644 config/firewall
 create mode 100644 config/luci
 create mode 100644 config/network
 create mode 100644 config/nodogsplash
 create mode 100644 config/rpcd
 create mode 100644 config/system
 create mode 100644 config/ubootenv
 create mode 100644 config/ucitrack
 create mode 100644 config/uhttpd
 create mode 100644 config/wireless
 create mode 100644 nodogsplash/htdocs/images/splash.jpg
 create mode 100644 nodogsplash/htdocs/splash.css
 create mode 100644 nodogsplash/htdocs/splash.html
 create mode 100644 nodogsplash/htdocs/status.html

diff --git a/config/dhcp b/config/dhcp
new file mode 100644
index 0000000..5a43796
--- /dev/null
+++ b/config/dhcp
@@ -0,0 +1,37 @@
+
+config dnsmasq
+	option domainneeded '1'
+	option boguspriv '1'
+	option filterwin2k '0'
+	option localise_queries '1'
+	option rebind_protection '1'
+	option rebind_localhost '1'
+	option local '/lan/'
+	option domain 'lan'
+	option expandhosts '1'
+	option nonegcache '0'
+	option authoritative '1'
+	option readethers '1'
+	option leasefile '/tmp/dhcp.leases'
+	option resolvfile '/tmp/resolv.conf.auto'
+	option nonwildcard '1'
+	option localservice '1'
+
+config dhcp 'lan'
+	option interface 'lan'
+	option start '100'
+	option limit '150'
+	option leasetime '12h'
+	option dhcpv6 'server'
+	option ra 'server'
+
+config dhcp 'wan'
+	option interface 'wan'
+	option ignore '1'
+
+config odhcpd 'odhcpd'
+	option maindhcp '0'
+	option leasefile '/tmp/hosts/odhcpd'
+	option leasetrigger '/usr/sbin/odhcpd-update'
+	option loglevel '4'
+
diff --git a/config/dropbear b/config/dropbear
new file mode 100644
index 0000000..419ec82
--- /dev/null
+++ b/config/dropbear
@@ -0,0 +1,6 @@
+
+config dropbear
+	option PasswordAuth 'on'
+	option Port '22'
+	option Interface 'lan'
+
diff --git a/config/firewall b/config/firewall
new file mode 100644
index 0000000..b12c088
--- /dev/null
+++ b/config/firewall
@@ -0,0 +1,130 @@
+
+config defaults
+	option syn_flood '1'
+	option input 'ACCEPT'
+	option output 'ACCEPT'
+	option forward 'REJECT'
+
+config zone
+	option name 'lan'
+	list network 'lan'
+	option input 'ACCEPT'
+	option output 'ACCEPT'
+	option forward 'ACCEPT'
+
+config zone
+	option name 'wan'
+	list network 'wan'
+	list network 'wan6'
+	option input 'REJECT'
+	option output 'ACCEPT'
+	option forward 'REJECT'
+	option masq '1'
+	option mtu_fix '1'
+
+config forwarding
+	option src 'lan'
+	option dest 'wan'
+
+config rule
+	option name 'Allow-DHCP-Renew'
+	option src 'wan'
+	option proto 'udp'
+	option dest_port '68'
+	option target 'ACCEPT'
+	option family 'ipv4'
+
+config rule
+	option name 'Allow-Ping'
+	option src 'wan'
+	option proto 'icmp'
+	option icmp_type 'echo-request'
+	option family 'ipv4'
+	option target 'ACCEPT'
+
+config rule
+	option name 'Allow-IGMP'
+	option src 'wan'
+	option proto 'igmp'
+	option family 'ipv4'
+	option target 'ACCEPT'
+
+config rule
+	option name 'Allow-DHCPv6'
+	option src 'wan'
+	option proto 'udp'
+	option src_ip 'fc00::/6'
+	option dest_ip 'fc00::/6'
+	option dest_port '546'
+	option family 'ipv6'
+	option target 'ACCEPT'
+
+config rule
+	option name 'Allow-MLD'
+	option src 'wan'
+	option proto 'icmp'
+	option src_ip 'fe80::/10'
+	list icmp_type '130/0'
+	list icmp_type '131/0'
+	list icmp_type '132/0'
+	list icmp_type '143/0'
+	option family 'ipv6'
+	option target 'ACCEPT'
+
+config rule
+	option name 'Allow-ICMPv6-Input'
+	option src 'wan'
+	option proto 'icmp'
+	list icmp_type 'echo-request'
+	list icmp_type 'echo-reply'
+	list icmp_type 'destination-unreachable'
+	list icmp_type 'packet-too-big'
+	list icmp_type 'time-exceeded'
+	list icmp_type 'bad-header'
+	list icmp_type 'unknown-header-type'
+	list icmp_type 'router-solicitation'
+	list icmp_type 'neighbour-solicitation'
+	list icmp_type 'router-advertisement'
+	list icmp_type 'neighbour-advertisement'
+	option limit '1000/sec'
+	option family 'ipv6'
+	option target 'ACCEPT'
+
+config rule
+	option name 'Allow-ICMPv6-Forward'
+	option src 'wan'
+	option dest '*'
+	option proto 'icmp'
+	list icmp_type 'echo-request'
+	list icmp_type 'echo-reply'
+	list icmp_type 'destination-unreachable'
+	list icmp_type 'packet-too-big'
+	list icmp_type 'time-exceeded'
+	list icmp_type 'bad-header'
+	list icmp_type 'unknown-header-type'
+	option limit '1000/sec'
+	option family 'ipv6'
+	option target 'ACCEPT'
+
+config rule
+	option name 'Allow-IPSec-ESP'
+	option src 'wan'
+	option dest 'lan'
+	option proto 'esp'
+	option target 'ACCEPT'
+
+config rule
+	option name 'Allow-ISAKMP'
+	option src 'wan'
+	option dest 'lan'
+	option dest_port '500'
+	option proto 'udp'
+	option target 'ACCEPT'
+
+config include
+	option path '/etc/firewall.user'
+
+config include 'nodogsplash'
+	option type 'script'
+	option path '/usr/lib/nodogsplash/restart.sh'
+
diff --git a/config/luci b/config/luci
new file mode 100644
index 0000000..80e8dc3
--- /dev/null
+++ b/config/luci
@@ -0,0 +1,38 @@
+
+config core 'main'
+	option lang 'auto'
+	option mediaurlbase '/luci-static/bootstrap'
+	option resourcebase '/luci-static/resources'
+
+config extern 'flash_keep'
+	option uci '/etc/config/'
+	option dropbear '/etc/dropbear/'
+	option openvpn '/etc/openvpn/'
+	option passwd '/etc/passwd'
+	option opkg '/etc/opkg.conf'
+	option firewall '/etc/firewall.user'
+	option uploads '/lib/uci/upload/'
+
+config internal 'languages'
+
+config internal 'sauth'
+	option sessionpath '/tmp/luci-sessions'
+	option sessiontime '3600'
+
+config internal 'ccache'
+	option enable '1'
+
+config internal 'themes'
+	option Bootstrap '/luci-static/bootstrap'
+
+config internal 'apply'
+	option rollback '30'
+	option holdoff '4'
+	option timeout '5'
+	option display '1.5'
+
+config internal 'diag'
+	option dns 'openwrt.org'
+	option ping 'openwrt.org'
+	option route 'openwrt.org'
+
diff --git a/config/network b/config/network
new file mode 100644
index 0000000..36026d8
--- /dev/null
+++ b/config/network
@@ -0,0 +1,18 @@
+
+config interface 'loopback'
+	option ifname 'lo'
+	option proto 'static'
+	option ipaddr '127.0.0.1'
+	option netmask '255.0.0.0'
+
+config globals 'globals'
+	option ula_prefix 'fdc0:a85c:e1de::/48'
+
+config interface 'lan'
+	option type 'bridge'
+	option ifname 'eth0'
+	option proto 'static'
+	option ipaddr '192.168.1.1'
+	option netmask '255.255.255.0'
+	option ip6assign '60'
+
diff --git a/config/nodogsplash b/config/nodogsplash
new file mode 100644
index 0000000..714d9bf
--- /dev/null
+++ b/config/nodogsplash
@@ -0,0 +1,144 @@
+
+# The options available here are an adaptation of the settings used in nodogsplash.conf.
+# See https://github.com/nodogsplash/nodogsplash/blob/master/resources/nodogsplash.conf
+
+config nodogsplash
+  # Set to 0 to disable nodogsplash
+  option enabled 1
+
+  # Set to 0 to disable hook that makes nodogsplash restart when the firewall restarts.
+  # This hook is needed as a restart of Firewall overwrites nodogsplash iptables entries.
+  option fwhook_enabled '1'
+
+  # Serve the file splash.html from this directory
+  option webroot '/etc/nodogsplash/htdocs'
+
+  # Use plain configuration file
+  #option config '/etc/nodogsplash/nodogsplash.conf'
+
+  # Use this option to set the device nogogsplash will bind to.
+  # The value may be an interface section in /etc/config/network or a device name such as br-lan.
+  option gatewayinterface 'br-lan'
+
+  option gatewayname 'OpenWrt Nodogsplash'
+  option maxclients '250'
+
+  # Enables debug output (0-7)
+  #option debuglevel '7'
+
+  # Client timeouts in minutes
+  option preauthidletimeout '30'
+  option authidletimeout '120'
+  # Session Timeout is the interval after which clients are forced out (a value of 0 means never)
+  option sessiontimeout '1200'
+
+  # The interval in seconds at which nodogsplash checks client timeout status
+  option checkinterval '600'
+
+  # Enable BinAuth Support.
+  # If set, a program is called with several parameters on authentication (request) and deauthentication.
+  # Request for authentication:
+  # $<BinAuth> auth_client <client_mac> '<username>' '<password>'
+  #
+  # The username and password values may be empty strings and are URL encoded.
+  # The program is expected to output the number of seconds the client
+  # is to be authenticated. Zero or negative seconds will cause the authentification request
+  # to be rejected. The same goes for an exit code that is not 0.
+  # The output may contain a user specific download and upload limit in KBit/s:
+  # <seconds> <upload> <download>
+  #
+  # Called on authentication or deauthentication:
+  # $<BinAuth> <*auth|*deauth> <incoming_bytes> <outgoing_bytes> <session_start> <session_end>
+  #
+  # "client_auth": Client authenticated via this script.
+  # "client_deauth": Client deauthenticated by the client via splash page.
+  # "idle_deauth": Client was deauthenticated because of inactivity.
+  # "timeout_deauth": Client was deauthenticated because the session timed out.
+  # "ndsctl_auth": Client was authenticated manually by the ndsctl tool.
+  # "ndsctl_deauth": Client was deauthenticated by the ndsctl tool.
+  # "shutdown_deauth": Client was deauthenticated by Nodogsplash terminating.
+  #
+  # Values session_start and session_start are in seconds since 1970 or 0 for unknown/unlimited.
+  #
+  #option binauth '/bin/myauth.sh'
+
+  # Enable Forwarding Authentication Service (FAS)
+  # If set redirection is changed from splash.html to a FAS (provided by the system administrator)
+  # The value is the IP port number of the FAS
+  #option fasport '80'
+
+  # Option: fasremoteip
+  # Default: GatewayAddress (the IP of NDS)
+  # If set, this is the remote ip address of the FAS.
+  #option fasremoteip '46.32.240.41'
+
+  # Option: faspath
+  # Default: /
+  # This is the path from the FAS Web Root to the FAS login page
+  # (not the file system root).
+  #option faspath '/onboard-wifi.net/nodog/fas.php'
+
+  # Option: fas_secure_enabled
+  # Default: 1
+  # If set to "1", authaction and the client token are not revealed and it is the responsibility
+  # of the FAS to request the token from NDSCTL.
+  # If set to "0", the client token is sent to the FAS in clear text in the query string of the
+  # redirect along with authaction and redir.
+  #option fas_secure_enabled '0'
+
+  # Your router may have several interfaces, and you
+  # probably want to keep them private from the network/gatewayinterface.
+  # If so, you should block the entire subnets on those interfaces, e.g.:
+  #list authenticated_users 'block to 192.168.0.0/16'
+  #list authenticated_users 'block to 10.0.0.0/8'
+
+  # Typical ports you will probably want to open up.
+  #list authenticated_users 'allow tcp port 22'
+  #list authenticated_users 'allow tcp port 53'
+  #list authenticated_users 'allow udp port 53'
+  #list authenticated_users 'allow tcp port 80'
+  #list authenticated_users 'allow tcp port 443'
+  # Or for happy customers allow all
+  list authenticated_users 'allow all'
+
+  # For preauthenticated users to resolve IP addresses in their
+  # initial request not using the router itself as a DNS server,
+  # Leave commented to help prevent DNS tunnelling
+  #list preauthenticated_users 'allow tcp port 53'
+  #list preauthenticated_users 'allow udp port 53'
+
+  # Allow ports for SSH/Telnet/DNS/DHCP/HTTP/HTTPS
+  list users_to_router 'allow tcp port 22'
+  list users_to_router 'allow tcp port 23'
+  list users_to_router 'allow tcp port 53'
+  list users_to_router 'allow udp port 53'
+  list users_to_router 'allow udp port 67'
+  list users_to_router 'allow tcp port 80'
+
+  # MAC addresses that are / are not allowed to access the splash page
+  # Value is either 'allow' or 'block'. The allowedmac or blockedmac list is used.
+  #option macmechanism 'allow'
+  #list allowedmac '00:00:C0:01:D0:0D'
+  #list allowedmac '00:00:C0:01:D0:1D'
+  #list blockedmac '00:00:C0:01:D0:2D'
+
+  # MAC addresses that do not need to authenticate
+  #list trustedmac '00:00:C0:01:D0:1D'
+
+  # Nodogsplash uses specific HEXADECIMAL values to mark packets used by iptables as a bitwise mask.
+  # This mask can conflict with the requirements of other packages such as mwan3, sqm etc
+  # Any values set here are interpreted as in hex format.
+  #
+  # List: fw_mark_authenticated
+  # Default: 30000 (0011|0000|0000|0000|0000 binary)
+  #
+  # List: fw_mark_trusted
+  # Default: 20000 (0010|0000|0000|0000|0000 binary)
+  #
+  # List: fw_mark_blocked
+  # Default: 10000 (0001|0000|0000|0000|0000 binary)
+  #
+  #list fw_mark_authenticated '30000'
+  #list fw_mark_trusted '20000'
+  #list fw_mark_blocked '10000'
+
diff --git a/config/rpcd b/config/rpcd
new file mode 100644
index 0000000..faaed7f
--- /dev/null
+++ b/config/rpcd
@@ -0,0 +1,10 @@
+config rpcd
+	option socket /var/run/ubus.sock
+	option timeout 30
+
+config login
+	option username 'root'
+	option password '$p$root'
+	list read '*'
+	list write '*'
+
diff --git a/config/system b/config/system
new file mode 100644
index 0000000..87c0d51
--- /dev/null
+++ b/config/system
@@ -0,0 +1,52 @@
+
+config system
+	option hostname 'OpenWrt'
+	option timezone 'UTC'
+	option ttylogin '0'
+	option log_size '64'
+	option urandom_seed '0'
+
+config timeserver 'ntp'
+	option enabled '1'
+	option enable_server '0'
+	list server '0.openwrt.pool.ntp.org'
+	list server '1.openwrt.pool.ntp.org'
+	list server '2.openwrt.pool.ntp.org'
+	list server '3.openwrt.pool.ntp.org'
+
+config led 'led_rssilow'
+	option sysfs 'ubnt:red:link1'
+	option trigger 'rssi'
+	option iface 'rssid_wlan0'
+	option minq '1'
+	option maxq '100'
+	option offset '0'
+	option factor '13'
+
+config led 'led_rssimediumlow'
+	option sysfs 'ubnt:orange:link2'
+	option trigger 'rssi'
+	option iface 'rssid_wlan0'
+	option minq '26'
+	option maxq '100'
+	option offset '-25'
+	option factor '13'
+
+config led 'led_rssimediumhigh'
+	option sysfs 'ubnt:green:link3'
+	option trigger 'rssi'
+	option iface 'rssid_wlan0'
+	option minq '51'
+	option maxq '100'
+	option offset '-50'
+	option factor '13'
+
+config led 'led_rssihigh'
+	option sysfs 'ubnt:green:link4'
+	option trigger 'rssi'
+	option iface 'rssid_wlan0'
+	option minq '76'
+	option maxq '100'
+	option offset '-75'
+	option factor '13'
+
diff --git a/config/ubootenv b/config/ubootenv
new file mode 100644
index 0000000..e69de29
diff --git a/config/ucitrack b/config/ucitrack
new file mode 100644
index 0000000..e639866
--- /dev/null
+++ b/config/ucitrack
@@ -0,0 +1,56 @@
+config network
+	option init network
+	list affects dhcp
+	list affects radvd
+
+config wireless
+	list affects network
+
+config firewall
+	option init firewall
+	list affects luci-splash
+	list affects qos
+	list affects miniupnpd
+
+config olsr
+	option init olsrd
+
+config dhcp
+	option init dnsmasq
+	list affects odhcpd
+
+config odhcpd
+	option init odhcpd
+
+config dropbear
+	option init dropbear
+
+config httpd
+	option init httpd
+
+config fstab
+	option exec '/sbin/block mount'
+
+config qos
+	option init qos
+
+config system
+	option init led
+	option exec '/etc/init.d/log reload'
+	list affects luci_statistics
+	list affects dhcp
+
+config luci_splash
+	option init luci_splash
+
+config upnpd
+	option init miniupnpd
+
+config ntpclient
+	option init ntpclient
+
+config samba
+	option init samba
+
+config tinyproxy
+	option init tinyproxy
diff --git a/config/uhttpd b/config/uhttpd
new file mode 100644
index 0000000..af06f3b
--- /dev/null
+++ b/config/uhttpd
@@ -0,0 +1,135 @@
+# Server configuration
+config uhttpd main
+
+	# HTTP listen addresses, multiple allowed
+	list listen_http	0.0.0.0:80
+	list listen_http	[::]:80
+
+	# HTTPS listen addresses, multiple allowed
+	list listen_https	0.0.0.0:443
+	list listen_https	[::]:443
+
+	# Redirect HTTP requests to HTTPS if possible
+	option redirect_https	1
+
+	# Server document root
+	option home		/www
+
+	# Reject requests from RFC1918 IP addresses
+	# directed to the servers public IP(s).
+	# This is a DNS rebinding countermeasure.
+	option rfc1918_filter 1
+
+	# Maximum number of concurrent requests.
+	# If this number is exceeded, further requests are
+	# queued until the number of running requests drops
+	# below the limit again.
+	option max_requests 3
+
+	# Maximum number of concurrent connections.
+	# If this number is exceeded, further TCP connection
+	# attempts are queued until the number of active
+	# connections drops below the limit again.
+	option max_connections 100
+
+	# Certificate and private key for HTTPS.
+	# If no listen_https addresses are given,
+	# the key options are ignored.
+	option cert		/etc/uhttpd.crt
+	option key		/etc/uhttpd.key
+
+	# CGI url prefix, will be searched in docroot.
+	# Default is /cgi-bin
+	option cgi_prefix	/cgi-bin
+
+	# List of extension->interpreter mappings.
+	# Files with an associated interpreter can
+	# be called outside of the CGI prefix and do
+	# not need to be executable.
+#	list interpreter	".php=/usr/bin/php-cgi"
+#	list interpreter	".cgi=/usr/bin/perl"
+
+	# List of prefix->Lua handler mappings.
+	# Any request to an URL beneath the prefix
+	# will be dispatched to the associated Lua
+	# handler script. Lua support is disabled when
+	# no handler mappings are specified. Lua prefix
+	# matches have precedence over the CGI prefix.
+	list lua_prefix		"/cgi-bin/luci=/usr/lib/lua/luci/sgi/uhttpd.lua"
+
+	# Specify the ubus-rpc prefix and socket path.
+#	option ubus_prefix	/ubus
+#	option ubus_socket	/var/run/ubus.sock
+
+	# CGI/Lua timeout, if the called script does not
+	# write data within the given amount of seconds,
+	# the server will terminate the request with
+	# 504 Gateway Timeout response.
+	option script_timeout	60
+
+	# Network timeout, if the current connection is
+	# blocked for the specified amount of seconds,
+	# the server will terminate the associated
+	# request process.
+	option network_timeout	30
+
+	# HTTP Keep-Alive, specifies the timeout for persistent
+	# HTTP/1.1 connections. Setting this to 0 will disable
+	# persistent HTTP connections.
+	option http_keepalive	20
+
+	# TCP Keep-Alive, send periodic keep-alive probes
+	# over established connections to detect dead peers.
+	# The value is given in seconds to specify the
+	# interval between subsequent probes.
+	# Setting this to 0 will disable TCP keep-alive.
+	option tcp_keepalive	1
+
+	# Basic auth realm, defaults to local hostname
+#	option realm	OpenWrt
+
+	# Configuration file in busybox httpd format
+#	option config	/etc/httpd.conf
+
+	# Do not follow symlinks that point outside of the
+	# home directory.
+#	option no_symlinks	0
+
+	# Do not produce directory listings but send 403
+	# instead if a client requests an url pointing to
+	# a directory without any index file.
+#	option no_dirlists	0
+
+	# Do not authenticate any ubus-rpc requests against
+	# the ubus session/access procedure.
+	# This is dangerous and should be always left off
+	# except for development and debug purposes!
+#	option no_ubusauth	0
+
+	# For this instance of uhttpd use the listed httpauth
+	# sections to require Basic auth to the specified
+	# resources.
+#	list httpauth prefix_user
+
+
+# Defaults for automatic certificate and key generation
+config cert defaults
+
+	# Validity time
+	option days		730
+
+	# RSA key size
+	option bits		2048
+
+	# Location
+	option country		ZZ
+	option state		Somewhere
+	option location		Unknown
+
+	# Common name
+	option commonname	'OpenWrt'
+
+# config httpauth prefix_user
+#	option prefix /protected/url/path
+#	option username user
+#	option password 'plaintext_or_md5_or_$p$user_for_system_user'
diff --git a/config/wireless b/config/wireless
new file mode 100644
index 0000000..820e5b3
--- /dev/null
+++ b/config/wireless
@@ -0,0 +1,15 @@
+
+config wifi-device 'radio0'
+	option type 'mac80211'
+	option channel '11'
+	option hwmode '11g'
+	option path 'pci0000:00/0000:00:00.0'
+	option htmode 'HT20'
+
+config wifi-iface 'default_radio0'
+	option device 'radio0'
+	option network 'lan'
+	option mode 'ap'
+	option ssid 'OpenWrt'
+	option encryption 'none'
+
diff --git a/nodogsplash/htdocs/images/splash.jpg b/nodogsplash/htdocs/images/splash.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..ac9a357a64cc324488eea032ba9f46282233a75e
GIT binary patch
literal 2129
zcmb78dpr{g8{Q0KHVj+Qm^KcEGPz&cTsF68F5#%5+|vjptmRT6muY+`m7KYhxihIy
zXbO?sultfju7#sG$kF-Z`+eV^-}C<UKF|9;&$BnWHwBQiCEJhzKp+4B+#kT+1i%6y
zDhw6@3yX??MIaDSF&I(;28F^7$si<=it-qYqC6U{q^hH#^c!9Ujn*{P#OvxC85v>K
z36=x{3mrov{a+?P2m}Iy!sH|*<n)!%%KHB|_F4dN5r97+4g|yi1mHjr9Jt2=9NO<G
z^sDWEAP4{ofP{s>`=X&FKmZ5=?XMsq(SL6CC4eAYNb0aKUfRqNEQ2{4_D4Lc6;ado
zZ54^tK4yN-Cp@!%{}loJAJbp%zv5)z{~h&D=H55}3Igso0>J?Uz_;-jqD#UM6i0Nv
zSt`UyMCd*ebrQ8SC_~<LEf)!t?6G#fS@E)tZY=hABP`lCSE@+0V~u=Ju~QKGT_vOA
z{kdayx|dthde!3K@Q7-(axeOP*63sfhp*ej<};B_NkIe;;JTwOqrT`zL^-m$skXtF
z)Tyg!-uBhuUh9kak6E(7rZ*iaz@XBOlG!+|Y`nZw^$uq!=`%^BW{~G{uGMn<chepo
zg_OSblr(u!+aBKIUS`$D*QX60aBhu=q4BYNIZncv^~D+dkJ3ek?iF^eY<D<sN24Yn
zgdtAEa6R8DI+uPxreCRes(u(%#RGyCSz8qE6-|ZV+0)Tv1r^^Alh*btG4kbw3t~~a
zu;a#~A<5T$DkG7K!l04O5%yxUN=dNx=2~dN%s0PO^nu;@uiNv_=|$XKsTpcnXIS{N
z(KUcTKw6y1Pyg##jHR}*ss|O9e@hvy`MK2IRMnwJwi@~B(Q}Ag+joKSu1#C=!MmmK
ze*IEHhs?!JU2oZfF6y7iq{~quCnDZFYtRX^sTbX;B?zcjMgK8B;t^GyGb-jsOi8v~
z22~42e5QJH^9V^g3bCbLUv}kFPm5uvyY=-3a<IGI4vdTH5`!_X7OyyV^@;TB;!^MD
z(`TEp<wpJ!E((A8YuU?vx~47iwWCTsu$mDlpysGfj#94UN;5a*Iko>n7NK#?-dm1A
zFvN;;ImSQ15x#ubqG5g6%$}LfxSIAoGPApEl0ElVUTH<XEW|n;l@jfG5c{n{oK<;d
zKIgT_boxjbHZrP*b_qsSDBy<D8*a@cFZ;19;^)(tgQ&`kJer$LzPuTUckwB)A2ty$
z+uD2eTK$LGnkO}6JN2jnH^WdEk-t$WrTWnfg)a&;#;H;WKx^?pOsOl!$<dAdUi%S3
z>rUCJpsqgK58ij7g{l&m<e`}-cLygb--DH)l+o$JIE%TbP9(qqxD`$(oc&y@)m2u|
zRo^Qlw|^FHQ_`yW`q)RyJ1tvVkP&{P(ghbOhI;1_pS+b7dX`KT_F2GT(RO%Q{X(;x
zv6rwh;Sy*U_i$&`UDL^WC3Hn4ksxk}s;xAJ+-Js3eY47TA%+ZDIcOo`TNF`KTO;g=
z4bR)d^Qbb+YT_Z$PXql;TO{eAfUsyq=CG);&rIsWc?!*UzT$w}$(VtnDAv0OBz_N&
zHL*;ENmyJbt)^*rs&@f2Hm4+rIO@^Dp5maTTqv|w?>i;R)7Z_vT0#er$HWE5#Dkha
z?7U`!ucwj@PTz|zz+3Bv#vi73rMV44M@;=T*t8Wt2P`Z1%P9N7>%JbbFzr_4+y(F_
zmHw1QmIn#C#7lct8B)gyx}6Xjf=N`SHu_>&YYLZ8>0TTz-(-`>T^C=J1f!kDZ!|1Y
zkNdTE*@>Injo7X;iw*os|FznR2syU<hhxL$Zdt=N;ZfC6lRK?^Tu;_5ow$?CHt8)p
zLaR5WR%%en{fItkA;(`fu2o)g%=Qc}jF!QBos@yS&<W@Ko1GNqf-Lg&ZvdCmXcwk4
zPBs`1(c#>q>ucq5_437|lM7euLIdyJU$ZfQnA#K!jbG+3o+zYPW}-f+Kj<QO3@djZ
z$m!GpN3K|i^IT&czNESfbe2x)^h~~f2)U;6Y}=KC7$|6PXZhTcJZnA$q=2*LPDEIl
zDc`t}fiPIo77r>)9O`ZBI-Zy!sHgTy`g5Mr*zNKKxASZE;S!Xw->D`MUAMRa8iCB(
z)7?8uZwCAG4QbOsz_+R$EtQB~uCYNYv)cy01xww^zcyqlUG_52Gc~yJa<WaE)`bKH
z48d#qo`GnpHh+@Ta!e?HnmnUsavQv8Nhdw;Kk_{4Wx7n37A&NrCG&$uv`=#wgEOzE
zhg>$TIYrL}y^?S6MP<AQeus6Xs3x#v)8#`#e9T!Vaq6+RPIU;!G06u3j<<~!Hq0pP
z)e+9#YDcU~6bIq16`{lhNe^mwX14egLZw&1E9Ol~UY>;A0<(mv+8w!4;xpz}yBjR3
z)bH?lHZs!mE$Thz{18V2rC?BaX|b3&MQ`V=KFY%02dx*}#AvIU(u=XdjcTlt)j~zu
z)j7khp9toHL;e^&Od9|8s;#|#-Os`#^UP_nCu&fhk%8dNv#q_uxo#T<&zs2u5Sx1I
z06(P&=46KLbv4?fJ0-pkt|^;H&ry%YatE-Q;jb>rT6((gf)~$-ZSx%#LQ^QIdjPrR
z?H`<*mE>8anw67ELju7@#lv-sPkcNuifPJQLYF>n7be-#_4wH`)N)G|OhGX%k?sg@
zLspI1(J1`VdwC4*lR?mQ5jz{l9xBVp#)%1?fVezH%kZ3v&0y>tA)E_bRV^WYJR2uS
Q!WY}d*EsA`=)JMO0p{kTq5uE@

literal 0
HcmV?d00001

diff --git a/nodogsplash/htdocs/splash.css b/nodogsplash/htdocs/splash.css
new file mode 100644
index 0000000..ad1cc41
--- /dev/null
+++ b/nodogsplash/htdocs/splash.css
@@ -0,0 +1,55 @@
+body {
+	background-color: lightgrey;
+	color: black;
+	margin-left: 5%;
+	margin-right: 5%;
+	text-align: left;
+}
+
+img {
+	width: 40%;
+	max-width: 180px;
+	margin-left: 0%;
+	margin-right: 5%;
+}
+
+input[type=submit] {
+	color: white;
+	background: green;
+	margin-left: 0%;
+	margin-right: 5%;
+	text-align: left;
+	font-size: 1.0em;
+	line-height: 2.5em;
+	font-weight: bold;
+	border: 3px;
+	border-style: inset;
+}
+
+med-blue {
+	font-size: 1.3em;
+	color: blue;
+	font-weight: bold;
+	font-style: normal;
+}
+
+big-red {
+	font-size: 1.7em;
+	color: red;
+	font-weight: bold;
+}
+
+italic-black {
+	font-size: 1.3em;
+	color: black;
+	font-weight: bold;
+	font-style: italic;
+}
+
+copy-right {
+	font-size: 0.7em;
+	color: darkgrey;
+	font-weight: bold;
+	font-style:italic;
+}
+
diff --git a/nodogsplash/htdocs/splash.html b/nodogsplash/htdocs/splash.html
new file mode 100644
index 0000000..023f5b4
--- /dev/null
+++ b/nodogsplash/htdocs/splash.html
@@ -0,0 +1,93 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate">
+<meta http-equiv="Pragma" content="no-cache">
+<meta http-equiv="Expires" content="0">
+<meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+
+<link rel="shortcut icon" href="/$imagesdir/splash.jpg" type="image/x-icon">
+<link rel="stylesheet" type="text/css" href="/splash.css">
+
+<title>$gatewayname Hotspot Gateway.</title>
+
+<!--
+Content:
+	Nodogsplash (NDS), by default, serves this splash page (splash.html)
+	when a client device Captive Portal Detection (CPD) process
+	attempts to send a port 80 request to the Internet.
+
+	You may either embed css in this file or use a separate .css file
+	in the same directory as this file, as demonstrated here.
+
+	It should be noted when designing a custom splash page
+	that for security reasons many CPD implementations:
+		Immediately close the browser when the client has authenticated.
+		Prohibit the use of href links.
+		Prohibit downloading of external files
+			(including .css and .js).
+		Prohibit the execution of javascript.
+
+	Also, note that any images you reference should reside in the
+	subdirectory that is defined by $imagesdir (default: "images").
+
+Authentication:
+	A client is authenticated on submitting an HTTP form, method=get,
+	passing $authaction, $tok and $redir.
+
+	It is also possible to authenticate using an href link to
+	$authtarget but be aware that many device Captive Portal Detection
+	processes prohibit href links, so this method may not work with
+	all client devices.
+
+Available variables:
+	error_msg: $error_msg
+	gatewayname: $gatewayname
+	tok: $tok
+	redir: $redir
+	authaction: $authaction
+	denyaction: $denyaction
+	authtarget: $authtarget
+	clientip: $clientip
+	clientmac: $clientmac
+	clientupload: $clientupload
+	clientdownload: $clientdownload
+	gatewaymac: $gatewaymac
+	nclients: $nclients
+	maxclients: $maxclients
+	uptime: $uptime
+	imagesdir: $imagesdir
+	pagesdir: $pagesdir
+
+Additional Variables that can be passed back via the HTTP get,
+or appended to the query string of the authtarget link:
+	username
+	password
+-->
+
+</head>
+
+<body>
+<med-blue>$gatewayname Hotspot Gateway.</med-blue>
+<br><br>
+<img src="$imagesdir/splash.jpg" alt="Splash Page: For access to the Internet, please click Continue.">
+<hr>
+<big-red>Welcome!</big-red>
+<hr>
+<br>
+<italic-black>For access to the Internet, please tap or click Continue.</italic-black>
+<br><br>
+<hr>
+
+<form method="get" action="$authaction">
+<input type="hidden" name="tok" value="$tok">
+<input type="hidden" name="redir" value="$redir">
+<input type="submit" value="Continue">
+</form>
+	
+<hr>
+<copy-right>Copyright &copy; The Nodogsplash Contributors 2004-2018.<br>This software is released under the GNU GPL license.</copy-right>
+
+</body>
+</html>
diff --git a/nodogsplash/htdocs/status.html b/nodogsplash/htdocs/status.html
new file mode 100644
index 0000000..37d74f4
--- /dev/null
+++ b/nodogsplash/htdocs/status.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<html>
+<head>
+
+<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate">
+<meta http-equiv="Pragma" content="no-cache">
+<meta http-equiv="Expires" content="0">
+<meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+
+<link rel="shortcut icon" href="/$imagesdir/splash.jpg" type="image/x-icon">
+<link rel="stylesheet" type="text/css" href="/splash.css">
+
+<title>$gatewayname Hotspot Gateway Status</title>
+
+<!--
+Status:
+	The Status page is served to a client if they are already authenticated.
+	This may occur if the client user selects "Back" on the CPD browser
+	screen after they have successfully authenticated.
+
+	The same template variables are available as for the splash page.
+-->
+
+</head>
+
+<body>
+
+<med-blue>$gatewayname Hotspot Gateway.</med-blue>
+<br><br>
+<img src="$imagesdir/splash.jpg" alt="You are already logged in and have access to the Internet.">
+<hr>
+<p><big-red>You are already logged in and have access to the Internet.</big-red></p>
+<hr>
+<p><italic-black>You can use your Browser, Email and other network Apps as you normally would.</italic-black></p>
+
+<hr>
+<copy-right>Copyright &copy; The Nodogsplash Contributors 2004-2018.<br>This software is released under the GNU GPL license.</copy-right>
+
+</body>
+</html>