[git.ipfire.org] IPFire 2.x development tree branch, next, updated. cb40ff6027c8eb06d4f2446c4a606084a39addc0

[git@ipfire.org]

[-- Attachment #1: Type: text/plain, Size: 3548 bytes --]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, next has been updated
       via  cb40ff6027c8eb06d4f2446c4a606084a39addc0 (commit)
       via  9c8395456753ac6b7fd0141a6b0be83415841bf0 (commit)
       via  b1773d1a37700ce2b07290750052d91983a65620 (commit)
      from  027614d2dc3107a4e071e8dac49ce8a74c36e4ea (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit cb40ff6027c8eb06d4f2446c4a606084a39addc0
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Thu Oct 5 12:09:58 2017 +0200

    captive portal: Reload firewall rules after cleanup
    
    This is not necessary to stop any clients from accessing the
    Internet, but if we know that we don't need a line for certain
    any more, we can as well remove the firewall rule straight away.
    
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

commit 9c8395456753ac6b7fd0141a6b0be83415841bf0
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Thu Oct 5 12:06:45 2017 +0200

    captivectrl: Remove unused code
    
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

commit b1773d1a37700ce2b07290750052d91983a65620
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Thu Oct 5 12:04:29 2017 +0200

    captive portal: Don't remove unlimited access after one hour
    
    Reported-by: Daniel Weismüller <daniel.weismueller(a)ipfire.org>
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

-----------------------------------------------------------------------

Summary of changes:
 src/misc-progs/captivectrl.c | 8 --------
 src/scripts/captive-cleanup  | 6 ++++++
 2 files changed, 6 insertions(+), 8 deletions(-)

Difference in files:
diff --git a/src/misc-progs/captivectrl.c b/src/misc-progs/captivectrl.c
index 6b68f97..56dd78d 100644
--- a/src/misc-progs/captivectrl.c
+++ b/src/misc-progs/captivectrl.c
@@ -237,14 +237,6 @@ static int add_interface_rule(const char* intf, int allow_webif_access) {
 	if (r)
 		return r;
 
-#if 0
-	snprintf(command, sizeof(command), IPTABLES " -A CAPTIVE_PORTAL -o %s"
-		" -j CAPTIVE_PORTAL_CLIENTS", intf);
-	r = safe_system(command);
-	if (r)
-		return r;
-#endif
-
 	if (allow_webif_access) {
 		snprintf(command, sizeof(command), IPTABLES " -A CAPTIVE_PORTAL_CLIENTS"
 			" -i %s -p tcp --dport 444 -j RETURN", intf);
diff --git a/src/scripts/captive-cleanup b/src/scripts/captive-cleanup
index c39e488..b576df4 100755
--- a/src/scripts/captive-cleanup
+++ b/src/scripts/captive-cleanup
@@ -35,6 +35,9 @@ if (-f $settingsfile && -f $clients && ! -z $clients){
 	&General::readhasharray("$clients", \%clientshash);
 	$time = time();
 	foreach my $key (keys %clientshash) {
+		# Skip unlimited access lines
+		next if ($clientshash{$key}[3] == 0);
+
 		$expiretime=($clientshash{$key}[2])+$clientshash{$key}[3];
 		if ($expiretime < $time){
 			delete $clientshash{$key};
@@ -43,4 +46,7 @@ if (-f $settingsfile && -f $clients && ! -z $clients){
 		}
 	}
 	&General::writehasharray("$clients", \%clientshash);
+
+	# Reload firewall rules
+	system("/usr/local/bin/captivectrl");
 }


hooks/post-receive
--
IPFire 2.x development tree