[Shorewall-users] Captive Portal with Shorewall

Tue, 08 Apr 2008 20:22:05 -0700 

.

"Saluton",

Sorry by my poor english, I speak Portuguese.

I does a captive portal using:

- shorewall
- dhcpd
- thttpd (in port 8080)
- maradns

With Shorewall I use dinamic zones.

The initial zone in shorewall is
configured to redirects access to
internal thttpd port 8080, that
shows a login.cgi page.

With thttpd I rewrite original url.

The apache rewrite is very cool, but
thttpd configuration is very simple,
and small.

The perl script login.cgi need to do:

`shorewall delete eth2:192.168.2.11 zone1`;
`shorewall add    eth2:192.168.2.11 zone2`;

The zone1 have access only to dhcpd, dns,
thttpd. And http access is redirected to
a rewrite url in login page in thttpd port.

The zone2 have authorized access to WAN.

But the problem is:

User www-data, "whoami" in thttpd cgi script,
does not to run, execute, "shorewall command".

I tried to put www-data and /sbin/shorewall
in file "/etc/sudoers" but the system
answer thet the file "/etc/shorewall/shorewall.conf"
does not exist.

I thinked in some problem with function
"find_file", but I dont know.

Then, in thttpd.conf, I changed the userid
www-data to root.

In this case, the login.cgi answer that
do not find shorewall script.

I changed the login.cgi to:

`/sbin/shorewall delete eth2:192.168.2.11 zone1`;
`/sbin/shorewall add    eth2:192.168.2.11 zone2`;

And in this case, with thttpd with userid "root",
and not "www-data", the command shorewall worked.

I am making now a Perl script to admin this
dinamics zones, adding and deleting IPs
from this dinamics zones.

But to do it, I need run shorewall commands
from a perl script running in a httpd server.

I would like some help about how to runs 
shorewall commands, from a perl script
runned in a httpd server (thttpd for example).

And if you can show me my english errors,
I can learn it too. :)

Thank you very much.

Sávio Sampaio
[EMAIL PROTECTED]

.


      Abra sua conta no Yahoo! Mail, o único sem limite de espaço para 
armazenamento!
http://br.mail.yahoo.com/

-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
Don't miss this year's exciting event. There's still time to save $100. 
Use priority code J8TL2D2. 
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to