[isf-wifidog] Wifidog gateway init script for a PC
Ismail Uman
ismail.uman at alice.it
Mar 8 Juil 14:57:56 EDT 2008
Hi,
I'm running the wifidog auth and gateway on the same box (a PC with a
SuSE distribution) and I would like to start the gateway from boot
instead of typing manually every time 'wifidog -f -d 7'.
I modified the openwrt gateway init script to adapt to the yast
runlevels from SuSE (system V) (see below) but it does not work well:
the gateway wifidog starts with /etc/init.d/start but does not return
the prompt ( I need to press control-c to return).
Do you have a well working script?
Shall I modify the '-f -d 7' verbose option? Is there an option to
write the verbose output to a log file instead of writing to the
terminal?
Ismail
#!/bin/sh
#
# Does not work (it hangs)! Do not reboot with it!
#
#
#
# chkconfig: 345 65 35
#
# description: Startup/shutdown script for Wifidog captive portal
# processname: wifidog
### BEGIN INIT INFO
# Provides: wifidog
# Required-Start: $syslog $remote_fs
# Should-Start: $time ypbind smtp
# Required-Stop: $syslog $remote_fs
# Should-Stop: $time ypbind smtp
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Short-Description: wifidog daemon
# Description: Start wifidog to allow XY and provide YZ
# continued on second line by '#<TAB>'
# should contain enough info for the runlevel editor
# to give admin some idea what this service does and
# what it's needed for ...
# (The Short-Description should already be a good hint.)
### END INIT INFO
# Check for missing binaries (stale symlinks should not happen)
# Note: Special treatment of stop for LSB conformance
WIFIDOG_BIN=/usr/local/bin/wifidog
test -x $WIFIDOG_BIN || { echo "$WIFIDOG_BIN not installed";
if [ "$1" = "stop" ]; then exit 0;
else exit 5; fi; }
# Check for existence of needed config file and read it
# WIFIDOG_CONFIG=/etc/sysconfig/wifidog.conf
# test -r $WIFIDOG_CONFIG || { echo "$WIFIDOG_CONFIG not existing";
# if [ "$1" = "stop" ]; then exit 0;
# else exit 6; fi; }
# Read config
#. $WIFIDOG_CONFIG
# Shell functions sourced from /etc/rc.status:
# rc_check check and set local and overall rc status
# rc_status check and set local and overall rc status
# rc_status -v be verbose in local rc status and clear it
afterwards
# rc_status -v -r ditto and clear both the local and overall rc
status
# rc_status -s display "skipped" and exit with status 3
# rc_status -u display "unused" and exit with status 3
# rc_failed set local and overall rc status to failed
# rc_failed <num> set local and overall rc status to <num>
# rc_reset clear both the local and overall rc status
# rc_exit exit appropriate to overall rc status
# rc_active checks whether a service is activated by
symlinks
. /etc/rc.status
# Reset status of this service
rc_reset
# Date : 2004-08-25
# Version : 1.0
IPT=/usr/sbin/iptables
WD_DIR=/usr/local/bin
OPTIONS="-f -d 7"
case "$1" in
start)
echo "Starting Wifidog ... "
if $WD_DIR/wdctl status 2> /dev/null
then
echo "FAILED: Wifidog already running"
else
$0 test-module
if $WD_DIR/wifidog $OPTIONS
then
echo "OK"
else
echo "FAILED: Wifidog exited with non 0 status"
fi
fi
# Remember status and be verbose
rc_status -v
;;
restart)
$0 stop
sleep 2
$0 start
# Remember status and be quiet
rc_status
;;
reload)
$0 stop
sleep 2
$0 start
rc_status -v
;;
stop)
echo "Stopping Wifidog ... "
if $WD_DIR/wdctl status 2> /dev/null
then
if $WD_DIR/wdctl stop
then
echo "OK"
else
echo "FAILED: wdctl stop exited with non 0 status"
fi
else
echo "FAILED: Wifidog was not running"
fi
# Remember status and be verbose
rc_status -v
;;
status)
$WD_DIR/wdctl status
rc_status -v
;;
debug|test-module)
### Test ipt_mark with iptables
test_ipt_mark () {
IPTABLES_OK=$($IPT -A FORWARD -m mark --mark 2 -j ACCEPT 2>&1 |
grep "No chain.target.match")
if [ -z "$IPTABLES_OK" ]; then
$IPT -D FORWARD -m mark --mark 2 -j ACCEPT 2>&1
echo 1
else
echo 0
fi
}
### Test ipt_mac with iptables
test_ipt_mac () {
IPTABLES_OK=$($IPT -A INPUT -m mac --mac-source 00:00:00:00:00:00
-j ACCEPT 2>&1 | grep "No chain.target.match")
if [ -z "$IPTABLES_OK" ]; then
$IPT -D INPUT -m mac --mac-source 00:00:00:00:00:00 -j ACCEPT
2>&1
echo 1
else
echo 0
fi
}
### Test ipt_REDIRECT with iptables
test_ipt_REDIRECT () {
IPTABLES_OK=$($IPT -t nat -A PREROUTING -p tcp --dport 80 -j
REDIRECT --to-ports 2060 2>&1 | grep "No chain.target.match")
if [ -z "$IPTABLES_OK" ]; then
$IPT -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT
--to-ports 2060 2>&1
echo 1
else
echo 0
fi
}
### Find a module on disk
module_exists () {
echo " Looking for a module on disk"
EXIST=$(find /lib/modules/`uname -r` -name $1.*o 2>/dev/null)
if [ -n "$EXIST" ]; then
echo 1
else
echo 0
fi
}
### Test if a module is in memory
module_in_memory () {
MODULE=$(lsmod | grep $1 | awk '{print $1}')
if [ "$MODULE" = "$1" ]; then
echo 1
else
echo 0
fi
}
echo "Testing for iptables modules"
echo " Testing ipt_mac"
TEST_IPT_MAC=$(test_ipt_mac)
if [ "$TEST_IPT_MAC" = "0" ]; then
echo " iptables is not working with ipt_mac"
echo " Scanning disk for ipt_mac module"
TEST_IPT_MAC_MODULE_EXISTS=$(module_exists "ipt_mac")
if [ "$TEST_IPT_MAC_MODULE_EXISTS" = "0" ]; then
echo " ipt_mac module is missing, please install it (kernel or
module)"
exit
else
echo " ipt_mac module exists, trying to load"
insmod ipt_mac > /dev/null
TEST_IPT_MAC_MODULE_MEMORY=$(module_in_memory "ipt_mac")
if [ "$TEST_IPT_MAC_MODULE_MEMORY" = "0" ]; then
echo " Error: ipt_mac not loaded"
exit
else
echo " ipt_mac loaded sucessfully"
fi
fi
else
echo " ipt_mac module is working"
fi
echo " Testing ipt_mark"
TEST_IPT_MARK=$(test_ipt_mark)
if [ "$TEST_IPT_MARK" = "0" ]; then
echo " iptables is not working with ipt_mark"
echo " Scanning disk for ipt_mark module"
TEST_IPT_MARK_MODULE_EXISTS=$(module_exists "ipt_mark")
if [ "$TEST_IPT_MARK_MODULE_EXISTS" = "0" ]; then
echo " iptables ipt_mark module missing, please install it
(kernel or module)"
exit
else
echo " ipt_mark module exists, trying to load"
insmod ipt_mark
TEST_IPT_MARK_MODULE_MEMORY=$(module_in_memory "ipt_mark")
if [ "$TEST_IPT_MARK_MODULE_MEMORY" = "0" ]; then
echo " Error: ipt_mark not loaded"
exit
else
echo " ipt_mark loaded sucessfully"
fi
fi
else
echo " ipt_mark module is working"
fi
##TODO: This will not test if required iptables userspace
(iptables-mod-nat on Kamikaze) is installed
echo " Testing ipt_REDIRECT"
TEST_IPT_MAC=$(test_ipt_REDIRECT)
if [ "$TEST_IPT_MAC" = "0" ]; then
echo " iptables is not working with ipt_REDIRECT"
echo " Scanning disk for ipt_REDIRECT module"
TEST_IPT_MAC_MODULE_EXISTS=$(module_exists "ipt_REDIRECT")
if [ "$TEST_IPT_MAC_MODULE_EXISTS" = "0" ]; then
echo " ipt_REDIRECT module is missing, please install it
(kernel or module)"
exit
else
echo " ipt_REDIRECT module exists, trying to load"
insmod ipt_REDIRECT > /dev/null
TEST_IPT_MAC_MODULE_MEMORY=$(module_in_memory "ipt_REDIRECT")
if [ "$TEST_IPT_MAC_MODULE_MEMORY" = "0" ]; then
echo " Error: ipt_REDIRECT not loaded"
exit
else
echo " ipt_REDIRECT loaded sucessfully"
fi
fi
else
echo " ipt_REDIRECT module is working"
fi
;;
*)
echo "Usage: $0 {start|stop|restart|reload|status|test-module}"
exit 1
;;
esac
rc_exit
Plus d'informations sur la liste de diffusion WiFiDog