Initial import

2 files changed, 203 insertions, 0 deletions

diff --git a/package/wifidog/files/wifidog.conf b/package/wifidog/files/wifidog.conf
new file mode 100644
index 000000000..6d955a645
--- /dev/null
+++ b/package/wifidog/files/wifidog.conf
@@ -0,0 +1,177 @@
+# $Header$
+# WiFiDog Configuration file
+
+# Parameter: GatewayID
+# Default: default
+# Optional but essential for monitoring purposes
+#
+# Set this to the template ID on the auth server
+# this is used to give a customized login page to the clients
+# If none is supplied, the default login page will be used.
+
+GatewayID default
+
+# Parameter: ExternalInterface
+# Default: NONE
+# Optional
+#
+# Set this to the external interface.  Typically vlan1 for OpenADK, and eth0 or ppp0 otherwise
+
+# ExternalInterface eth0
+
+# Parameter: GatewayInterface
+# Default: NONE
+# Mandatory
+#
+# Set this to the internal interface.    Typically br0 for OpenADK, and eth1 otherwise
+
+GatewayInterface br0
+
+# Parameter: GatewayAddress
+# Default: Find it from GatewayInterface
+# Optional
+#
+# Set this to the internal IP address of the gateway
+
+# GatewayAddress 192.168.1.1
+
+# Parameter: AuthServMaxTries
+# Default: 1
+# Optional
+#
+# Sets the number of auth servers the gateway will attempt to contact when a request fails.
+# this number should be equal to the number of AuthServer lines in this
+# configuration but it should probably not exceed 3.
+
+# AuthServMaxTries 3
+
+# Parameter: AuthServer
+# Default: NONE
+# Mandatory
+#
+# Set this to the hostname or IP of your auth server, the path where
+# WiFiDog-auth resides  and optionally as a second argument, the port it
+# listens on.
+#AuthServer {
+#	Hostname      (Mandatory; Default: NONE)
+#	SSLAvailable  (Optional; Default: no; Possible values: yes, no)
+#	SSLPort 443   (Optional; Default: 443)
+#	HTTPPort 80   (Optional; Default: 80)
+#	Path wifidog/ (Optional; Default: /wifidog/ Note:  The path must be both prefixed and suffixed by /.  Use a single / for server root.)
+#}
+
+#AuthServer {
+#    Hostname auth.ilesansfil.org
+#    SSLAvailable yes
+#    Path /
+#}
+
+#AuthServer {
+#    Hostname auth2.ilesansfil.org
+#    SSLAvailable yes
+#    Path /
+#}
+
+#AuthServer {
+#    Hostname auth3.ilesansfil.org
+#    SSLAvailable yes
+#    Path /
+#}
+
+# Parameter: Daemon
+# Default: 1
+# Optional
+#
+# Set this to true if you want to run as a daemon
+# Daemon 1
+
+# Parameter: GatewayPort
+# Default: 2060
+# Optional
+#
+# Listen on this port
+# GatewayPort 2060
+
+# Parameter: HTTPDName
+# Default: WiFiDog
+# Optional
+#
+# Define what name the HTTPD server will respond
+# HTTPDName WiFiDog
+
+# Parameter: HTTPDMaxConn
+# Default: 10
+# Optional
+#
+# How many sockets to listen to
+# HTTPDMaxConn 10
+
+# Parameter: CheckInterval
+# Default: 60
+# Optional
+#
+# How many seconds should we wait between timeout checks
+CheckInterval 60
+
+# Parameter: ClientTimeout
+# Default: 5
+# Optional
+#
+# Set this to the desired of number of CheckInterval of inactivity before a client is logged out
+# The timeout will be INTERVAL * TIMEOUT
+ClientTimeout 5
+
+# Parameter: FirewallRuleSet
+# Default: none
+# Mandatory
+#
+# Groups a number of FirewallRule statements together.
+
+# Parameter: FirewallRule
+# Default: none
+# 
+# Define one firewall rule in a rule set.
+
+# Rule Set: global
+# 
+# Used for rules to be applied to all other rulesets except locked.
+# This is the default config for the Teliphone service.
+FirewallRuleSet global {
+    FirewallRule allow udp to 69.90.89.192/27
+    FirewallRule allow udp to 69.90.85.0/27
+    FirewallRule allow tcp port 80 to 69.90.89.205
+}
+
+# Rule Set: validating-users
+#
+# Used for new users validating their account
+FirewallRuleSet validating-users {
+    FirewallRule block tcp port 25
+    FirewallRule allow to 0.0.0.0/0
+}
+
+# Rule Set: known-users
+#
+# Used for normal validated users.
+FirewallRuleSet known-users {
+    FirewallRule allow to 0.0.0.0/0
+}
+
+# Rule Set: unknown-users
+#
+# Used for unvalidated users, this is the ruleset that gets redirected.
+#
+# XXX The redirect code adds the Default DROP clause.
+FirewallRuleSet unknown-users {
+    FirewallRule allow udp port 53
+    FirewallRule allow tcp port 53
+    FirewallRule allow udp port 67
+    FirewallRule allow tcp port 67
+}
+
+# Rule Set: locked-users
+#
+# Used for users that have been locked out.
+FirewallRuleSet locked-users {
+    FirewallRule block to 0.0.0.0/0
+}
diff --git a/package/wifidog/files/wifidog.init b/package/wifidog/files/wifidog.init
new file mode 100644
index 000000000..4a23a8e34
--- /dev/null
+++ b/package/wifidog/files/wifidog.init
@@ -0,0 +1,26 @@
+#!/bin/sh
+#FWINIT 65
+. /etc/rc.conf
+
+case $1 in
+autostop) ;;
+autostart)
+	test x"${wifidog:-NO}" = x"NO" && exit 0
+	exec sh $0 start
+	;;
+start)
+	wifidog-init start
+	;;
+stop)
+	wifidog-init stop
+	;;
+restart)
+	sh $0 stop
+	sh $0 start
+	;;
+*)
+	echo "Usage: $0 {start | stop | restart}"
+	exit 1
+	;;
+esac
+exit $?