diff --git a/debian/README.md b/debian/README.md index 67ebb48..7720a98 100644 --- a/debian/README.md +++ b/debian/README.md @@ -1,5 +1,5 @@ -To create a Debian package of NoDogSplash (a \*.deb file), +To create a Debian package of openNDS (a \*.deb file), you first need to have installed the following programs and libraries: ``` diff --git a/debian/control b/debian/control index c5fd85b..05f4dda 100644 --- a/debian/control +++ b/debian/control @@ -1,19 +1,18 @@ -Source: nodogsplash +Source: opennds Section: net Priority: optional Maintainer: Shiao-An Yuan Uploaders: Moritz Warning , Steffen Moeller Build-Depends: debhelper (>= 9), dpkg-dev (>= 1.16.1~), dh-systemd (>= 1.5), libmicrohttpd-dev (>= 0.9.51) Standards-Version: 3.9.6 -Homepage: http://kokoro.ucsd.edu/nodogsplash/ -Vcs-Git: git://github.com/nodogsplash/nodogsplash.git -Vcs-Browser: http://github.com/nodogsplash/nodogsplash +Vcs-Git: git://github.com/opennds/opennds.git +Vcs-Browser: http://github.com/opennds/opennds -Package: nodogsplash +Package: opennds Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, libmicrohttpd12 (>= 0.9.51) Description: manage access to public internet access - Nodogsplash controls access to a public Internet connection and offers + openNDS controls access to a public Internet connection and offers a simple way to open a Hotspot for wireless networks. It provides a captive portal to inform users about the services and optionally have them acknowledge the terms and conditions of its use. diff --git a/debian/copyright b/debian/copyright index 8615d4d..cf4ea60 100644 --- a/debian/copyright +++ b/debian/copyright @@ -1,6 +1,6 @@ Format: http://dep.debian.net/deps/dep5 -Upstream-Name: nodogsplash -Source: http://github.com/nodogsplash +Upstream-Name: opennds +Source: http://github.com/opennds Files: * Copyright: (C) 2013-20 BlueWave Projects and Services diff --git a/debian/doc/nodogsplash.1 b/debian/doc/opennds.1 similarity index 87% rename from debian/doc/nodogsplash.1 rename to debian/doc/opennds.1 index d0a3a3e..8d59c73 100644 --- a/debian/doc/nodogsplash.1 +++ b/debian/doc/opennds.1 @@ -1,8 +1,8 @@ .\" Man page generated from reStructuredText. . -.TH "NODOGSPLASH" "1" "Mar 03, 2020" "4.5.0" "NoDogSplash" +.TH "OPENNDS" "1" "Apr 05, 2020" "5.0.0beta" "openNDS" .SH NAME -nodogsplash \- nodogsplash Documentation +opennds \- opennds Documentation . .nr rst2man-indent-level 0 . @@ -31,16 +31,14 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. .sp -Nodogspash is a high performance, small footprint Captive Portal, +openNDS is a high performance, small footprint Captive Portal, offering by default a simple splash page restricted Internet connection, yet incorporates an API that allows the creation of sophisticated authentication applications. .sp It was derived originally from the codebase of the Wifi Guard Dog project. .sp -Nodogsplash is released under the GNU General Public License. +openNDS is released under the GNU General Public License. .INDENT 0.0 .IP \(bu 2 -Mailing List: \fI\%http://ml.ninux.org/mailman/listinfo/nodogsplash\fP -.IP \(bu 2 Original Homepage \fIdown\fP: \fI\%http://kokoro.ucsd.edu/nodogsplash\fP .IP \(bu 2 Wifidog: \fI\%http://dev.wifidog.org/\fP @@ -48,13 +46,13 @@ Wifidog: \fI\%http://dev.wifidog.org/\fP GNU GPL: \fI\%http://www.gnu.org/copyleft/gpl.html\fP .UNINDENT .sp -The following describes what Nodogsplash does, how to get it and run it, and +The following describes what openNDS does, how to get it and run it, and how to customize its behavior for your application. .sp Contents: .SH OVERVIEW .sp -\fBNoDogSplash\fP (NDS) is a high performance, small footprint Captive Portal, offering by default a simple splash page restricted Internet connection, yet incorporates an API that allows the creation of sophisticated authentication applications. +\fBopenNDS\fP (NDS) is a high performance, small footprint Captive Portal, offering by default a simple splash page restricted Internet connection, yet incorporates an API that allows the creation of sophisticated authentication applications. .SS Captive Portal Detection (CPD) .INDENT 0.0 .INDENT 3.5 @@ -92,19 +90,19 @@ NDS can be used as the "Engine" behind the most sophisticated Captive Portal sys .UNINDENT .UNINDENT .UNINDENT -.SH INSTALLING NODOGSPLASH +.SH INSTALLING OPENNDS .SS OpenWrt .INDENT 0.0 .IP \(bu 2 -Have a router working with OpenWrt. At the time of writing, Nodogsplash has been tested with OpenWrt 18.06.x, 19.7.x and Snapshot. +Have a router working with OpenWrt. At the time of writing, openNDS has been tested with OpenWrt 18.06.x, 19.7.x and Snapshot. .IP \(bu 2 It may or may not work on older versions of OpenWrt or on other kinds of Linux\-based router firmware. .IP \(bu 2 -Make sure your router is basically working before you try to install Nodogsplash. In particular, make sure your DHCP daemon is serving addresses on the interface that nodogsplash will manage. +Make sure your router is basically working before you try to install openNDS. In particular, make sure your DHCP daemon is serving addresses on the interface that openNDS will manage. .sp -The default is br\-lan but can be changed to any interface by editing the /etc/config/nodogsplash file. +The default is br\-lan but can be changed to any interface by editing the /etc/config/opennds file. .IP \(bu 2 -To install Nodogsplash, you may use the OpenWrt Luci web interface or alternatively, ssh to your router and run the command: +To install openNDS, you may use the OpenWrt Luci web interface or alternatively, ssh to your router and run the command: .INDENT 2.0 .INDENT 3.5 \fBopkg update\fP @@ -114,50 +112,50 @@ To install Nodogsplash, you may use the OpenWrt Luci web interface or alternativ followed by .INDENT 2.0 .INDENT 3.5 -\fBopkg install nodogsplash\fP +\fBopkg install opennds\fP .UNINDENT .UNINDENT .IP \(bu 2 -Nodogsplash is enabled by default and will start automatically on reboot or can be started and stopped manually. +openNDS is enabled by default and will start automatically on reboot or can be started and stopped manually. .IP \(bu 2 -If the interface that you want Nodogsplash to manage is not br\-lan, -edit /etc/config/nodogsplash and set GatewayInterface. +If the interface that you want openNDS to manage is not br\-lan, +edit /etc/config/opennds and set GatewayInterface. .IP \(bu 2 -To start Nodogsplash, run the following, or just reboot the router: +To start openNDS, run the following, or just reboot the router: .INDENT 2.0 .INDENT 3.5 -\fBservice nodogsplash start\fP +\fBservice opennds start\fP .UNINDENT .UNINDENT .IP \(bu 2 -To test the installation, connect a client device to the interface on your router that is managed by Nodogsplash (for example, connect to the router\(aqs wireless lan). +To test the installation, connect a client device to the interface on your router that is managed by openNDS (for example, connect to the router\(aqs wireless lan). .UNINDENT .INDENT 0.0 .INDENT 3.5 Most client device operating systems and browsers support Captive Portal Detection (CPD) and the operating system or browser on that device will attempt to contact a pre defined port 80 web page. .sp -CPD will trigger Nodogsplash to serve the default splash page where you can click or tap Continue to access the Internet. +CPD will trigger openNDS to serve the default splash page where you can click or tap Continue to access the Internet. .sp See the Authentication section for details of setting up a proper authentication process. .sp If your client device does not display the splash page it most likely does not support CPD. .sp -You should then manually trigger Nodogsplash by trying to access a port 80 web site (for example, google.com:80 is a good choice). +You should then manually trigger openNDS by trying to access a port 80 web site (for example, google.com:80 is a good choice). .UNINDENT .UNINDENT .INDENT 0.0 .IP \(bu 2 -To stop Nodogsplash: +To stop openNDS: .INDENT 2.0 .INDENT 3.5 -\fBservice nodogsplash stop\fP +\fBservice opennds stop\fP .UNINDENT .UNINDENT .IP \(bu 2 -To uninstall Nodogsplash: +To uninstall openNDS: .INDENT 2.0 .INDENT 3.5 -\fBopkg remove nodogsplash\fP +\fBopkg remove opennds\fP .UNINDENT .UNINDENT .UNINDENT @@ -173,10 +171,10 @@ libmicrohttpd\-dev (>= 0.9.51) [avaiable in \fBstretch\fP] .sp But you can also compile libmicrohttpd your self if you\(aqre still running jessie or older. .sp -To compile NoDogSplash and create the Debian package, see the chapter "How to Compile Nodogsplash". -.SH HOW NODOGSPLASH (NDS) WORKS +To compile openNDS and create the Debian package, see the chapter "How to Compile openNDS". +.SH HOW OPENNDS (NDS) WORKS .sp -NoDogSplash is a Captive Portal Engine. Any Captive Portal, including NDS, will have two main components: +openNDS is a Captive Portal Engine. Any Captive Portal, including NDS, will have two main components: .INDENT 0.0 .INDENT 3.5 .INDENT 0.0 @@ -188,7 +186,7 @@ Something to provide a Portal for client users to log in. .UNINDENT .UNINDENT .sp -NoDogSplash MUST run on a device configured as an IPv4 router. +openNDS MUST run on a device configured as an IPv4 router. .sp A wireless router will typically be running OpenWrt or some other Linux distribution. .sp @@ -332,25 +330,25 @@ However, SSID "Customers" is configured on virtual interface wlan0\-1, and consi NDS detects which zone is being used by a client and a relevant login page can be served. .SS Packet filtering .sp -Nodogsplash considers four kinds of packets coming into the router over the managed interface. Each packet is one of these kinds: +openNDS considers four kinds of packets coming into the router over the managed interface. Each packet is one of these kinds: .INDENT 0.0 .INDENT 3.5 .INDENT 0.0 .IP 1. 3 \fBBlocked\fP, if the MAC mechanism is block, and the source MAC address of the packet matches one listed in the BlockedMACList; or if the MAC mechanism is allow, and source MAC address of the packet does not match one listed in the AllowedMACList or the TrustedMACList. These packets are dropped. .IP 2. 3 -\fBTrusted\fP, if the source MAC address of the packet matches one listed in the TrustedMACList. By default, these packets are accepted and routed to all destination addresses and ports. If desired, this behavior can be customized by FirewallRuleSet trusted\-users and FirewallRuleSet trusted\-users\-to\-router lists in the nodogsplash.conf configuration file, or by the EmptyRuleSetPolicy trusted\-users EmptyRuleSetPolicy trusted\-users\-to\-router directives. +\fBTrusted\fP, if the source MAC address of the packet matches one listed in the TrustedMACList. By default, these packets are accepted and routed to all destination addresses and ports. If desired, this behavior can be customized by FirewallRuleSet trusted\-users and FirewallRuleSet trusted\-users\-to\-router lists in the opennds.conf configuration file, or by the EmptyRuleSetPolicy trusted\-users EmptyRuleSetPolicy trusted\-users\-to\-router directives. .IP 3. 3 -\fBAuthenticated\fP, if the packet\(aqs IP and MAC source addresses have gone through the nodogsplash authentication process and has not yet expired. These packets are accepted and routed to a limited set of addresses and ports (see FirewallRuleSet authenticated\-users and FirewallRuleSet users\-to\-router in the nodogsplash.conf configuration file). +\fBAuthenticated\fP, if the packet\(aqs IP and MAC source addresses have gone through the openNDS authentication process and has not yet expired. These packets are accepted and routed to a limited set of addresses and ports (see FirewallRuleSet authenticated\-users and FirewallRuleSet users\-to\-router in the opennds.conf configuration file). .IP 4. 3 -\fBPreauthenticated\fP\&. Any other packet. These packets are accepted and routed to a limited set of addresses and ports (see FirewallRuleSet preauthenticated\-users and FirewallRuleSet users\-to\-router in the nodogsplash.conf configuration file). Any other packet is dropped, except that a packet for destination port 80 at any address is redirected to port 2050 on the router, where nodogsplash\(aqs built in libhttpd\-based web server is listening. This begins the \(aqauthentication\(aq process. The server will serve a splash page back to the source IP address of the packet. The user clicking the appropriate link on the splash page will complete the process, causing future packets from this IP/MAC address to be marked as Authenticated until the inactive or forced timeout is reached, and its packets revert to being Preauthenticated. +\fBPreauthenticated\fP\&. Any other packet. These packets are accepted and routed to a limited set of addresses and ports (see FirewallRuleSet preauthenticated\-users and FirewallRuleSet users\-to\-router in the opennds.conf configuration file). Any other packet is dropped, except that a packet for destination port 80 at any address is redirected to port 2050 on the router, where openNDS\(aqs built in libhttpd\-based web server is listening. This begins the \(aqauthentication\(aq process. The server will serve a splash page back to the source IP address of the packet. The user clicking the appropriate link on the splash page will complete the process, causing future packets from this IP/MAC address to be marked as Authenticated until the inactive or forced timeout is reached, and its packets revert to being Preauthenticated. .UNINDENT .UNINDENT .UNINDENT .sp -NoDogSplash implements these actions by inserting rules in the router\(aqs iptables mangle PREROUTING chain to mark packets, and by inserting rules in the nat PREROUTING, filter INPUT and filter FORWARD chains which match on those marks. +openNDS implements these actions by inserting rules in the router\(aqs iptables mangle PREROUTING chain to mark packets, and by inserting rules in the nat PREROUTING, filter INPUT and filter FORWARD chains which match on those marks. .sp -Because it inserts its rules at the beginning of existing chains, NoDogSplash should be insensitive to most typical existing firewall configurations. +Because it inserts its rules at the beginning of existing chains, openNDS should be insensitive to most typical existing firewall configurations. .SS Traffic control .sp Data rate control on an IP connection basis can be achieved using Smart Queue Management (SQM) configured separately, with NDS being fully compatible. @@ -358,7 +356,7 @@ Data rate control on an IP connection basis can be achieved using Smart Queue Ma It should be noted that while setup options and BinAuth do accept traffic/quota settings, these values currently have no effect and are reserved for future development. .SH THE SPLASH PAGE .sp -As you will see mentioned in the "How Nodogsplash (NDS) Works" section, an initial port 80 request is generated on a client device, either by the user manually browsing to an http web page, or, more usually, automatically by the client device\(aqs built in Captive Portal Detection (CPD). +As you will see mentioned in the "How openNDS (NDS) Works" section, an initial port 80 request is generated on a client device, either by the user manually browsing to an http web page, or, more usually, automatically by the client device\(aqs built in Captive Portal Detection (CPD). .sp This request is intercepted by NDS and an html Splash Page is served to the user of the client device to enable them to authenticate and obtain Internet access. .SS Types of Splash Page @@ -428,7 +426,7 @@ section of the PreAuth chapter. .SH FORWARDING AUTHENTICATION SERVICE (FAS) .SS Overview .sp -Nodogsplash (NDS) has the ability to forward requests to a third party authentication service (FAS). This is enabled via simple configuration options. +openNDS (NDS) has the ability to forward requests to a third party authentication service (FAS). This is enabled via simple configuration options. .INDENT 0.0 .TP .B These options are: @@ -491,12 +489,12 @@ The cipher used is "AES\-256\-CBC". .sp The "php\-cli" package and the "php\-openssl" module must both be installed for fas_secure level 2. .sp -Nodogsplash does not depend on this package and module, but will exit gracefully if this package and module are not installed when this level is set. +openNDS does not depend on this package and module, but will exit gracefully if this package and module are not installed when this level is set. .sp -The FAS must use the query string passed initialisation vector and the pre shared fas_key to decrypt the query string. An example FAS level 2 php script (fas\-aes.php) is preinstalled in the /etc/nodogsplash directory and also supplied in the source code. +The FAS must use the query string passed initialisation vector and the pre shared fas_key to decrypt the query string. An example FAS level 2 php script (fas\-aes.php) is preinstalled in the /etc/opennds directory and also supplied in the source code. .sp \fBIf set to "3"\fP The FAS is enforced by NDS to use \fBhttps\fP protocol. -Level 3 is the same as level 2 except the use of https protocol is enforced for FAS. In addition, the "authmon" daemon is loaded. This allows the external FAS, after client verification, to effectively traverse inbound firewalls and address translation to achieve NDS authentication without generating browser security warnings or errors. An example FAS level 3 php script (fas\-aes\-https.php) is preinstalled in the /etc/nodogsplash directory and also supplied in the source code. +Level 3 is the same as level 2 except the use of https protocol is enforced for FAS. In addition, the "authmon" daemon is loaded. This allows the external FAS, after client verification, to effectively traverse inbound firewalls and address translation to achieve NDS authentication without generating browser security warnings or errors. An example FAS level 3 php script (fas\-aes\-https.php) is preinstalled in the /etc/opennds directory and also supplied in the source code. .UNINDENT .UNINDENT .sp @@ -518,7 +516,7 @@ Option faskey must be pre\-shared with FAS. .INDENT 3.5 \fBLevel 0\fP (fas_secure_enabled = 0), NDS sends the token and other information to FAS as clear text. .sp -\fIhttp://fasremoteip:fasport/faspath?authaction=http://gatewayaddress:gatewayport/nodogsplash_auth/?clientip=[clientip]&gatewayname=[gatewayname]&tok=[token]&redir=[requested_url]\fP +\fIhttp://fasremoteip:fasport/faspath?authaction=http://gatewayaddress:gatewayport/opennds_auth/?clientip=[clientip]&gatewayname=[gatewayname]&tok=[token]&redir=[requested_url]\fP .INDENT 0.0 .INDENT 3.5 Although the simplest to set up, a knowledgeable user could bypass FAS, so running fas_secure_enabled at level 1 or 2 is recommended. @@ -547,7 +545,7 @@ The return url will be constructed by FAS from predetermined knowledge of the co .sp The client\(aqs unique access token will be obtained from NDS by the FAS making a call to the get_client_token library utility: .sp -\fB/usr/lib/nodogsplash/./get_client_token $clientip\fP +\fB/usr/lib/opennds/./get_client_token $clientip\fP .sp A json parser could be used to extract all the client variables supplied by ndsctl, an example can be found in the default PreAuth Login script in /usr/lib/nogogsplash/login.sh. .UNINDENT @@ -669,7 +667,7 @@ This will be of the form: .UNINDENT .sp FAS should then serve a suitable error page informing the client user that they are already logged in. -.SS Running FAS on your Nodogsplash router +.SS Running FAS on your openNDS router .sp FAS has been tested using uhttpd, lighttpd, ngnix, apache and libmicrohttpd. .sp @@ -734,7 +732,7 @@ You can run the FAS example script, fas\-aes\-https.php, remotely on an Internet Assuming you have installed your web server of choice, configured it for port 2080 and added PHP support using the package php7\-cgi, you can do the following. .INDENT 0.0 .INDENT 3.5 -(Under other operating systems you may need to edit the nodogsplash.conf file in /etc/nodogsplash instead, but the process is very similar.) +(Under other operating systems you may need to edit the opennds.conf file in /etc/opennds instead, but the process is very similar.) .INDENT 0.0 .IP \(bu 2 Install the packages php7\-cli and php7\-mod\-openssl @@ -743,9 +741,9 @@ Create a folder for the FAs script eg: /[server\-web\-root]/nds/ on the Internet .IP \(bu 2 Place the file fas\-aes.php in /[server\-web\-root]/nds/ .sp -(You can find it in the /etc/nodogsplash directory.) +(You can find it in the /etc/opennds directory.) .IP \(bu 2 -Edit the file /etc/config/nodogsplash +Edit the file /etc/config/opennds .UNINDENT .INDENT 0.0 .INDENT 3.5 @@ -765,7 +763,7 @@ adding the lines: .UNINDENT .INDENT 0.0 .IP \(bu 2 -Restart NDS using the command \fBservice nodogsplash restart\fP +Restart NDS using the command \fBservice opennds restart\fP .UNINDENT .UNINDENT .UNINDENT @@ -774,7 +772,7 @@ Restart NDS using the command \fBservice nodogsplash restart\fP Assuming you have access to an Internet based https web server you can do the following. .INDENT 0.0 .INDENT 3.5 -(Under other operating systems you may need to edit the nodogsplash.conf file in /etc/nodogsplash instead, but the process is very similar.) +(Under other operating systems you may need to edit the opennds.conf file in /etc/opennds instead, but the process is very similar.) .INDENT 0.0 .IP \(bu 2 Install the packages php7\-cli and php7\-mod\-openssl on your NDS router @@ -783,9 +781,9 @@ Create a folder for the FAs script eg: /[server\-web\-root]/nds/ on the Internet .IP \(bu 2 Place the file fas\-aes.php in /[server\-web\-root]/nds/ .sp -(You can find it in the /etc/nodogsplash directory.) +(You can find it in the /etc/opennds directory.) .IP \(bu 2 -Edit the file /etc/config/nodogsplash +Edit the file /etc/config/opennds .UNINDENT .INDENT 0.0 .INDENT 3.5 @@ -809,7 +807,7 @@ adding the lines: .UNINDENT .INDENT 0.0 .IP \(bu 2 -Restart NDS using the command \fBservice nodogsplash restart\fP +Restart NDS using the command \fBservice opennds restart\fP .UNINDENT .UNINDENT .UNINDENT @@ -839,7 +837,7 @@ A PreAuth program could be, for example, a compiled program written in C or any The PreAuth script or program will parse the url encoded command line (query string) passed to it and output html depending on the contents of the query string it receives from NDS. In turn, NDS will serve this html to the client device that is attempting to access the Internet. .SS Selecting Pre\-Installed Username / Email Login Script (v4.3.0 onwards) .sp -The default preauth login script is installed as part of the NoDogSplash package providing username/emailaddress login as an alternative to the basic splash page. +The default preauth login script is installed as part of the openNDS package providing username/emailaddress login as an alternative to the basic splash page. .sp It is enabled by setting in config: .sp @@ -859,9 +857,9 @@ No additional FAS or PreAuth config settings are required. This option overrides any other FAS configuration and takes the form of the path to the PreAuth script. The path to the preinstalled login script is included in option preauth in the default config files, for example in OpenWrt: .sp -\fI#option preauth \(aq/usr/lib/nodogsplash/login.sh\(aq\fP +\fI#option preauth \(aq/usr/lib/opennds/login.sh\(aq\fP .sp -The "#" symbol means the line is commented. To activate, remove the "#". save and restart Nodogsplash. +The "#" symbol means the line is commented. To activate, remove the "#". save and restart opennds. .SS Using PreAuth version 3.3.1 to version 4.0.1 .sp From version 3.3.1 to version 4.0.1, PreAuth is set up using the standard NDS configuration for FAS @@ -875,7 +873,7 @@ In addition a single PreAuth configuration option is required to inform NDS of t .IP 1. 3 \fBfasport\fP\&. This enables FAS and \fImust\fP be set to the same value as the gateway port. .IP 2. 3 -\fBfaspath\fP\&. This \fImust\fP be set to the PreAuth virtual url, "/nodogsplash_preauth/" by default. +\fBfaspath\fP\&. This \fImust\fP be set to the PreAuth virtual url, "/opennds_preauth/" by default. .IP 3. 3 \fBpreauth\fP\&. This the path to the PreAuth script. .UNINDENT @@ -901,14 +899,14 @@ From version 3.3.1 onwards, the example PreAuth script is preinstalled. .UNINDENT .SS Enabling the Preinstalled Login Script (v3.3.1 to 4.0.1) .sp -On Openwrt, edit (to uncomment) following lines in the /etc/config/nodogsplash file: +On Openwrt, edit (to uncomment) following lines in the /etc/config/opennds file: .INDENT 0.0 .INDENT 3.5 \fI#option fasport \(aq2050\(aq\fP .sp -\fI#option faspath \(aq/nodogsplash_preauth/\(aq\fP +\fI#option faspath \(aq/opennds_preauth/\(aq\fP .sp -\fI#option preauth \(aq/usr/lib/nodogsplash/login.sh\(aq\fP +\fI#option preauth \(aq/usr/lib/opennds/login.sh\(aq\fP .UNINDENT .UNINDENT .sp @@ -917,28 +915,28 @@ To read: .INDENT 3.5 \fIoption fasport \(aq2050\(aq\fP .sp -\fIoption faspath \(aq/nodogsplash_preauth/\(aq\fP +\fIoption faspath \(aq/opennds_preauth/\(aq\fP .sp -\fIoption preauth \(aq/usr/lib/nodogsplash/login.sh\(aq\fP +\fIoption preauth \(aq/usr/lib/opennds/login.sh\(aq\fP .UNINDENT .UNINDENT .SS Enabling the Preinstalled Login Script (v4.0.2 onwards) .sp -On Openwrt, edit (to uncomment) following line in the /etc/config/nodogsplash file: +On Openwrt, edit (to uncomment) following line in the /etc/config/opennds file: .INDENT 0.0 .INDENT 3.5 -\fI#option preauth \(aq/usr/lib/nodogsplash/login.sh\(aq\fP +\fI#option preauth \(aq/usr/lib/opennds/login.sh\(aq\fP .UNINDENT .UNINDENT .sp To read: .INDENT 0.0 .INDENT 3.5 -\fIoption preauth \(aq/usr/lib/nodogsplash/login.sh\(aq\fP +\fIoption preauth \(aq/usr/lib/opennds/login.sh\(aq\fP .UNINDENT .UNINDENT .sp -For other operating systems edit the equivalent lines in the /etc/nodogsplash/nodogsplash.conf file +For other operating systems edit the equivalent lines in the /etc/opennds/opennds.conf file .sp After making the change, save the file and restart the router. .SS What Does the Example Login Script Do? @@ -958,7 +956,7 @@ This is a simple example of a script to demonstrate how to use PreAuth as a buil An additional example PreAuth script, demo\-preauth\-remote\-image.sh, is available in the source code: .INDENT 0.0 .INDENT 3.5 -\fIhttps://github.com/nodogsplash/nodogsplash/archive/master.zip\fP +\fIhttps://github.com/opennds/opennds/archive/master.zip\fP .UNINDENT .UNINDENT .sp @@ -971,17 +969,17 @@ and extracting from the folder: .sp This is an enhancement of the preinstalled login.sh, giving an example of how to display images pulled in from remote web servers, both http and https. .sp -The example displays the NodogSplash avatar image dynamically retreived from Github. +The example displays the opennds avatar image dynamically retreived from Github. .SS Writing A Preauth Script .sp A Preauth script can be written as a shell script or any other language that the system has an interpreter for. It could also be a complied program. .sp NDS calls the preauth script with a command line equivalent to an html query string but with ", " (comma space) in place of "&" (ampersand). .sp -Full details are included in the example script demo\-preauth.sh available by downloading the Nodogsplash zip file from +Full details are included in the example script demo\-preauth.sh available by downloading the opennds zip file from .INDENT 0.0 .INDENT 3.5 -\fIhttps://github.com/nodogsplash/nodogsplash/\fP +\fIhttps://github.com/opennds/opennds/\fP .UNINDENT .UNINDENT .sp @@ -1017,7 +1015,7 @@ To return to the script and show additional pages, the form action must be set t .sp .nf .ft C -
+ .ft P .fi .UNINDENT @@ -1059,7 +1057,7 @@ When the logic of this script decides we should allow the client to access the I .sp .nf .ft C -"" +"" .ft P .fi .UNINDENT @@ -1113,7 +1111,7 @@ A modified version of the Username/Email\-address login script is available that This additional example PreAuth script, demo\-preauth\-remote\-image.sh, is available in the source code: .INDENT 0.0 .INDENT 3.5 -\fIhttps://github.com/nodogsplash/nodogsplash/archive/master.zip\fP +\fIhttps://github.com/opennds/opennds/archive/master.zip\fP .UNINDENT .UNINDENT .sp @@ -1126,7 +1124,7 @@ and extracting from the folder: .sp This is an enhancement of the preinstalled login.sh, giving an example of how to display images pulled in from remote web servers, both http and https. .sp -The example displays the NodogSplash avatar image dynamically retrieved from Github. +The example displays the openNDS avatar image dynamically retrieved from Github. .SH BINAUTH OPTION .SS Overview .sp @@ -1165,11 +1163,11 @@ After NDS has received a shutdown command .SS Example BinAuth Scripts .sp Two example BinAuth scripts are included in the source files available for download at: -\fI\%https://github.com/nodogsplash/nodogsplash/releases\fP +\fI\%https://github.com/opennds/opennds/releases\fP .sp The files can be extracted from the downloaded release archive file and reside in the folder: .sp -\fI/nodogsplash\-[*version*]/forward_authentication_service/binauth\fP +\fI/opennds\-[*version*]/forward_authentication_service/binauth\fP .SS Example 1 \- Sitewide Username/Password .sp This example is a script designed to be used with or without FAS and provides site wide Username/Password login for two groups of users, in this case "Staff" and "Guest" with two corresponding sets of credentials. If used without FAS, a special html splash page must be installed, otherwise FAS must forward the required username and password variables. @@ -1191,34 +1189,34 @@ splash_sitewide.html .UNINDENT .UNINDENT .sp -The file binauth_sitewide.sh should be copied to a suitable location on the NDS router, eg \fI/etc/nodogsplash/\fP +The file binauth_sitewide.sh should be copied to a suitable location on the NDS router, eg \fI/etc/opennds/\fP .sp -The file splash_sitewide.html should be copied to \fI/etc/nodogsplash/htdocs/\fP +The file splash_sitewide.html should be copied to \fI/etc/opennds/htdocs/\fP .sp -Assuming FAS is not being used, NDS is then configured by setting the BinAuth and SplashPage options in the config file (/etc/config/nodogsplash on Openwrt, or /etc/nodogsplash/nodogsplash.conf on other operating systems. +Assuming FAS is not being used, NDS is then configured by setting the BinAuth and SplashPage options in the config file (/etc/config/opennds on Openwrt, or /etc/opennds/opennds.conf on other operating systems. .sp On OpenWrt this is most easily accomplished by issuing the following commands: .INDENT 0.0 .INDENT 3.5 -\fIuci set nodogsplash.@nodogsplash[0].splashpage=\(aqsplash_sitewide.html\(aq\fP +\fIuci set opennds.@opennds[0].splashpage=\(aqsplash_sitewide.html\(aq\fP .sp -\fIuci set nodogsplash.@nodogsplash[0].binauth=\(aq/etc/nodogsplash/binauth_sitewide.sh\(aq\fP +\fIuci set opennds.@opennds[0].binauth=\(aq/etc/opennds/binauth_sitewide.sh\(aq\fP .sp -\fIuci commit nodogsplash\fP +\fIuci commit opennds\fP .UNINDENT .UNINDENT .sp The script file must be executable and is flagged as such in the source archive. If necessary set using the command: .INDENT 0.0 .INDENT 3.5 -\fIchmod u+x /etc/nodogsplash/binauth_sitewide.sh\fP +\fIchmod u+x /etc/opennds/binauth_sitewide.sh\fP .UNINDENT .UNINDENT .sp This script is then activated with the command: .INDENT 0.0 .INDENT 3.5 -\fIservice nodogsplash restart\fP +\fIservice opennds restart\fP .UNINDENT .UNINDENT .sp @@ -1278,7 +1276,7 @@ case "$METHOD" in # timeout_deauth: Client was deauthenticated because the session timed out. # ndsctl_auth: Client was authenticated by the ndsctl tool. # ndsctl_deauth: Client was deauthenticated by the ndsctl tool. - # shutdown_deauth: Client was deauthenticated by Nodogsplash terminating. + # shutdown_deauth: Client was deauthenticated by opennds terminating. ;; esac .ft P @@ -1310,7 +1308,7 @@ The \fISESSION_START\fP and \fISESSION_END\fP values are the number of seconds s
-Copyright © The Nodogsplash Contributors 2004\-2019.
This software is released under the GNU GPL license. +Copyright © The opennds Contributors 2004\-2019.
This software is released under the GNU GPL license. @@ -1409,30 +1407,30 @@ binauth_log.sh .UNINDENT .UNINDENT .sp -The file binauth_log.sh should be copied to a suitable location on the NDS router, eg \fI/etc/nodogsplash/\fP +The file binauth_log.sh should be copied to a suitable location on the NDS router, eg \fI/etc/opennds/\fP .sp -Assuming FAS is not being used, NDS is then configured by setting the BinAuth option in the config file (/etc/config/nodogsplash on Openwrt, or /etc/nodogsplash/nodogsplash.conf on other operating systems. +Assuming FAS is not being used, NDS is then configured by setting the BinAuth option in the config file (/etc/config/opennds on Openwrt, or /etc/opennds/opennds.conf on other operating systems. .sp On OpenWrt this is most easily accomplished by issuing the following commands: .INDENT 0.0 .INDENT 3.5 -\fIuci set nodogsplash.@nodogsplash[0].binauth=\(aq/etc/nodogsplash/binauth_log.sh\(aq\fP +\fIuci set opennds.@opennds[0].binauth=\(aq/etc/opennds/binauth_log.sh\(aq\fP .sp -\fIuci commit nodogsplash\fP +\fIuci commit opennds\fP .UNINDENT .UNINDENT .sp The script file must be executable and is flagged as such in the source archive. If necessary set using the command: .INDENT 0.0 .INDENT 3.5 -\fIchmod u+x /etc/nodogsplash/binauth_log.sh\fP +\fIchmod u+x /etc/opennds/binauth_log.sh\fP .UNINDENT .UNINDENT .sp This script is then activated with the command: .INDENT 0.0 .INDENT 3.5 -\fIservice nodogsplash restart\fP +\fIservice opennds restart\fP .UNINDENT .UNINDENT .sp @@ -1534,7 +1532,7 @@ A number of library utilities are included. These may be used by NDS itself, FAS .sp By default, library utilities will be installed in the folder .sp -\fB/usr/lib/nodogsplash/\fP +\fB/usr/lib/opennds/\fP .SS List of Library Utilities .SS get_client_token.sh .sp @@ -1612,7 +1610,7 @@ Where: .SH TRAFFIC CONTROL .SS Overview .sp -Nodogsplash (NDS) supports Traffic Control (Bandwidth Limiting) using the SQM \- Smart Queue Management (sqm\-scripts) package, available for OpenWrt and generic Linux. +openNDS (NDS) supports Traffic Control (Bandwidth Limiting) using the SQM \- Smart Queue Management (sqm\-scripts) package, available for OpenWrt and generic Linux. .sp \fI\%https://github.com/tohojo/sqm\-scripts\fP .sp @@ -1789,10 +1787,10 @@ Further details about SQM can be found at the following links: \fI\%https://openwrt.org/docs/guide\-user/network/traffic\-shaping/sqm\-details\fP .SH USING NDSCTL .sp -A nodogsplash install includes ndsctl, a separate application which provides some control over a running nodogsplash process by communicating with it over a unix socket. Some command line options: +A openNDS install includes ndsctl, a separate application which provides some control over a running openNDS process by communicating with it over a unix socket. Some command line options: .INDENT 0.0 .IP \(bu 2 -To print to stdout some information about your nodogsplash process: +To print to stdout some information about your openNDS process: .INDENT 2.0 .INDENT 3.5 \fB/usr/bin/ndsctl status\fP @@ -1876,10 +1874,10 @@ debuglevel 3 : debuglevel 2 + LOG_DEBUG All other levels are undefined and will result in debug level 3 being set. .UNINDENT .sp -For more options, run ndsctl \-h. (Note that if you want the effect of ndsctl commands to to persist across nodogsplash restarts, you have to edit the configuration file.) -.SH CUSTOMISING NODOGSPLASH +For more options, run ndsctl \-h. (Note that if you want the effect of ndsctl commands to to persist across openNDS restarts, you have to edit the configuration file.) +.SH CUSTOMISING OPENNDS .sp -After initial installation, NoDogSplash (NDS) should be working in its most basic mode and client Captive Portal Detection (CPD) should pop up the default splash page. +After initial installation, openNDS (NDS) should be working in its most basic mode and client Captive Portal Detection (CPD) should pop up the default splash page. .sp Before attempting to customise NDS you should ensure it is working in this basic mode before you start. .sp @@ -1910,14 +1908,14 @@ Prohibit the execution of javascript. In OpenWrt, or operating systems supporting UCI (such as LEDE) the configuration is kept in the file: .INDENT 0.0 .INDENT 3.5 -\fB/etc/config/nodogsplash\fP +\fB/etc/config/opennds\fP .UNINDENT .UNINDENT .sp In other operating systems the configuration is kept in the file: .INDENT 0.0 .INDENT 3.5 -\fB/etc/nodogsplash/nodogsplash.conf\fP +\fB/etc/opennds/opennds.conf\fP .UNINDENT .UNINDENT .sp @@ -1931,7 +1929,7 @@ For example, to list the full configuration, at the command line type: .sp .nf .ft C -uci show nodogsplash +uci show opennds .ft P .fi .UNINDENT @@ -1943,7 +1941,7 @@ To display the Gateway Name, type: .sp .nf .ft C -uci get nodogsplash.@nodogsplash[0].gatewayname +uci get opennds.@opennds[0].gatewayname .ft P .fi .UNINDENT @@ -1955,7 +1953,7 @@ To set the Gateway Name to a new value, type: .sp .nf .ft C -uci set nodogsplash.@nodogsplash[0].gatewayname=\(aqmy new gateway\(aq +uci set opennds.@opennds[0].gatewayname=\(aqmy new gateway\(aq .ft P .fi .UNINDENT @@ -1967,7 +1965,7 @@ To add a new firewall rule allowing access to another service running on port 88 .sp .nf .ft C -uci add_list nodogsplash.@nodogsplash[0].users_to_router=\(aqallow +uci add_list opennds.@opennds[0].users_to_router=\(aqallow tcp port 8888\(aq .ft P .fi @@ -1980,7 +1978,7 @@ Finally you must tell UCI to commit your changes to the configuration file: .sp .nf .ft C -uci commit nodogsplash +uci commit opennds .ft P .fi .UNINDENT @@ -1991,7 +1989,7 @@ Enabled by setting option login_option_enabled = "0" (default) The default default splash page can be found at: .INDENT 0.0 .INDENT 3.5 -\fB/etc/nodogsplash/htdocs/splash.html\fP +\fB/etc/opennds/htdocs/splash.html\fP .UNINDENT .UNINDENT .sp @@ -1999,9 +1997,9 @@ When the splash page is served, the following variables in the page are replaced by their values: .INDENT 0.0 .IP \(bu 2 -\fI$gatewayname\fP The value of GatewayName as set in nodogsplash.conf. +\fI$gatewayname\fP The value of GatewayName as set in opennds.conf. .IP \(bu 2 -\fI$authtarget\fP A URL which encodes a unique token and the URL of the user\(aqs original web request. If nodogsplash receives a request at this URL, it completes the authentication process for the client and replies to the request with a "302 Found" to the encoded originally requested URL. +\fI$authtarget\fP A URL which encodes a unique token and the URL of the user\(aqs original web request. If opennds receives a request at this URL, it completes the authentication process for the client and replies to the request with a "302 Found" to the encoded originally requested URL. .sp It should be noted however that, depending on vendor, the client\(aqs built in CPD may not respond to simple html links. .UNINDENT @@ -2014,22 +2012,22 @@ An href link example that my prove to be problematical: .UNINDENT .UNINDENT .sp -(You should instead use a GET\-method HTML form to send this information to the nodogsplash server; see below.) +(You should instead use a GET\-method HTML form to send this information to the opennds server; see below.) .UNINDENT .UNINDENT .INDENT 0.0 .IP \(bu 2 -\fI$tok\fP, \fI$redir\fP, \fI$authaction\fP, and \fI$denyaction\fP are available and should be used to write the splash page to use a GET\-method HTML form instead of using $authtarget as the value of an href attribute to communicate with the nodogsplash server. +\fI$tok\fP, \fI$redir\fP, \fI$authaction\fP, and \fI$denyaction\fP are available and should be used to write the splash page to use a GET\-method HTML form instead of using $authtarget as the value of an href attribute to communicate with the opennds server. .UNINDENT .INDENT 0.0 .INDENT 3.5 \fI$authaction\fP and \fI$denyaction\fP are virtual urls used to inform NDS that a client should be authenticated or deauthenticated and are of the form: .sp -\fIhttp://gatewayaddress:gatewayport/nodogsplash_auth/\fP +\fIhttp://gatewayaddress:gatewayport/opennds_auth/\fP .sp and .sp -\fIhttp://gatewayaddress:gatewayport/nodogsplash_deny/\fP +\fIhttp://gatewayaddress:gatewayport/opennds_deny/\fP .sp A simple example of a GET\-method form: .UNINDENT @@ -2057,7 +2055,7 @@ needs to be forwarded to some other place by the splash page itself. \fI$nclients\fP and \fI$maxclients\fP User stats. Useful when you need to display something like "n of m users online" on the splash site. .IP \(bu 2 -\fI$uptime\fP The time Nodogsplash has been running. +\fI$uptime\fP The time opennds has been running. .UNINDENT .INDENT 0.0 .INDENT 3.5 @@ -2065,7 +2063,7 @@ A list of all available variables are included in the splash.html file. .sp If the user accesses the virtual url \fI$authaction\fP when already authenticated, a status page is shown: .sp -\fB/etc/nodogsplash/htdocs/status.html\fP +\fB/etc/opennds/htdocs/status.html\fP .sp In the status.html file, the same variables as in the splash.html site can be used. .UNINDENT @@ -2087,7 +2085,7 @@ Prohibit the execution of javascript. .UNINDENT .UNINDENT .sp -Also, note that any images you reference should reside in the subdirectory /etc/nodogsplash/htdocs/images/. +Also, note that any images you reference should reside in the subdirectory /etc/opennds/htdocs/images/. .SS Dynamic Splash Pages .SS Pre\-Installed User Login Dynamic Splash Page .sp @@ -2119,7 +2117,7 @@ for v0.9. .UNINDENT .INDENT 0.0 .INDENT 3.5 -A forwarding authentication service. FAS supports development of "Credential Verification" running on any dynamic web serving platform, on the same device as NoDogSplash, on another device on the local network, or on an Internet hosted web server. +A forwarding authentication service. FAS supports development of "Credential Verification" running on any dynamic web serving platform, on the same device as openNDS, on another device on the local network, or on an Internet hosted web server. .UNINDENT .UNINDENT .INDENT 0.0 @@ -2128,7 +2126,7 @@ A forwarding authentication service. FAS supports development of "Credential Ver .UNINDENT .INDENT 0.0 .INDENT 3.5 -An implementation of FAS running on the same device as Nodogsplash and using NoDogSplash\(aqs own web server to generate dynamic web pages. Any scripting language or even a compiled application program can be used. This has the advantage of not requiring the resources of a separate web server. +An implementation of FAS running on the same device as openNDS and using openNDS\(aqs own web server to generate dynamic web pages. Any scripting language or even a compiled application program can be used. This has the advantage of not requiring the resources of a separate web server. .UNINDENT .UNINDENT .INDENT 0.0 @@ -2232,7 +2230,7 @@ The original pre version 1 feature has been broken since OpenWrt 12.09 (Attitude .INDENT 3.5 \fBPull Requests are welcome!\fP .sp -However the OpenWrt package, SQM Scripts (Smart Queue Management), is fully compatible with Nodogsplash and if configured to operate on the Nodogsplash interface (br\-lan by default) will provide efficient IP connection based traffic control to ensure fair usage of available bandwidth. +However the OpenWrt package, SQM Scripts (Smart Queue Management), is fully compatible with openNDS and if configured to operate on the openNDS interface (br\-lan by default) will provide efficient IP connection based traffic control to ensure fair usage of available bandwidth. .UNINDENT .UNINDENT .SS Is https capture supported? @@ -2267,17 +2265,17 @@ Prohibit the execution of javascript. .UNINDENT .UNINDENT .UNINDENT -.SH HOW TO COMPILE NODOGSPLASH +.SH HOW TO COMPILE OPENNDS .SS Linux/Unix .sp -The Libmicrohttpd library is a dependency of NoDogSplash so you must first iInstall libmicrohttpd including the header files (often called \-dev package). Then proceed to download the NoDogSplash source files: +The Libmicrohttpd library is a dependency of opennds so you must first iInstall libmicrohttpd including the header files (often called \-dev package). Then proceed to download the opennds source files: .INDENT 0.0 .INDENT 3.5 .sp .nf .ft C -git clone https://github.com/nodogsplash/nodogsplash.git -cd nodogsplash +git clone https://github.com/opennds/opennds.git +cd opennds make .ft P .fi @@ -2297,11 +2295,11 @@ make CFLAGS="\-I/tmp/libmicrohttpd_install/include" LDFLAGS="\-L/tmp/libmicrohtt .UNINDENT .UNINDENT .sp -After compiling you can call \fBmake install\fP to install NoDogSplash to /usr/ +After compiling you can call \fBmake install\fP to install opennds to /usr/ .SS Making a Package for Installation .SS OpenWrt Package .sp -To compile NoDogSplash and create its installable package, please use the package definition from the feeds package. +To compile opennds and create its installable package, please use the package definition from the feeds package. .INDENT 0.0 .INDENT 3.5 .sp @@ -2311,7 +2309,7 @@ git clone git://git.openwrt.org/trunk/openwrt.git cd openwrt \&./scripts/feeds update \&./scripts/feeds install -\&./scripts/feeds install nodogsplash +\&./scripts/feeds install opennds .ft P .fi .UNINDENT @@ -2332,7 +2330,7 @@ make .UNINDENT .SS Debian Package .sp -First you must compile NoDogSplash as described above for Linux/Unix. +First you must compile opennds as described above for Linux/Unix. Then run the command: .INDENT 0.0 .INDENT 3.5 @@ -2344,10 +2342,10 @@ make deb .fi .UNINDENT .UNINDENT -.SH DEBUGGING NODOGSPLASH +.SH DEBUGGING OPENNDS .SS Syslog Logging .sp -NoDogSplash supports four levels of debugging to syslog. +openNDS supports four levels of debugging to syslog. .INDENT 0.0 .INDENT 3.5 .INDENT 0.0 @@ -2367,7 +2365,7 @@ All other levels are undefined and will result in debug level 3 being set. .UNINDENT .UNINDENT .sp -To see maximally verbose debugging output from NoDogSplash, set log level to 3. This can be done in the UCI configuration file on OpenWrt adding the line: +To see maximally verbose debugging output from openNDS, set log level to 3. This can be done in the UCI configuration file on OpenWrt adding the line: .INDENT 0.0 .INDENT 3.5 \fBoption debuglevel \(aq3\(aq\fP @@ -2384,17 +2382,17 @@ Logging level can also be set using ndsctl. .SS Firewall Cleanup .INDENT 0.0 .INDENT 3.5 -When stopped, NoDogSplash deletes its iptables rules, attempting to leave the router\(aqs firewall in its original state. If not (for example, if NoDogSplash crashes instead of exiting cleanly) subsequently starting and stopping NoDogSplash should remove its rules. +When stopped, openNDS deletes its iptables rules, attempting to leave the router\(aqs firewall in its original state. If not (for example, if openNDS crashes instead of exiting cleanly) subsequently starting and stopping openNDS should remove its rules. .sp -On OpenWrt, restarting the firewall will overwrite NoDogSplash\(aqs iptables rules, so when the firewall is restarted it will automatically restart NoDogSplash if it is running. +On OpenWrt, restarting the firewall will overwrite openNDS\(aqs iptables rules, so when the firewall is restarted it will automatically restart openNDS if it is running. .UNINDENT .UNINDENT .SS Packet Marking .INDENT 0.0 .INDENT 3.5 -NoDogSplash operates by marking packets. Many packages, such as mwan3 and SQM scripts, also mark packets. +openNDS operates by marking packets. Many packages, such as mwan3 and SQM scripts, also mark packets. .sp -By default, NoDogSplash marks its packets in such a way that conflicts are unlikely to occur but the masks used by NoDogSplash can be changed if necessary in the configuration file. +By default, openNDS marks its packets in such a way that conflicts are unlikely to occur but the masks used by openNDS can be changed if necessary in the configuration file. .UNINDENT .UNINDENT .SS IPtables Conflicts @@ -2444,8 +2442,8 @@ genindex search .UNINDENT .SH AUTHOR -The Nodogsplash Contributors +The openNDS Contributors .SH COPYRIGHT -2016 - 2020, The Nodogsplash Contributors +2016 - 2020, The NoDogSplash and openNDS Contributors .\" Generated by docutils manpage writer. . diff --git a/debian/nodogsplash.links b/debian/nodogsplash.links deleted file mode 100644 index 77e1368..0000000 --- a/debian/nodogsplash.links +++ /dev/null @@ -1 +0,0 @@ -usr/share/man/man1/nodogsplash.1.gz usr/share/man/man1/ndsctl.1.gz diff --git a/debian/nodogsplash.manpages b/debian/nodogsplash.manpages deleted file mode 100644 index f82ff82..0000000 --- a/debian/nodogsplash.manpages +++ /dev/null @@ -1 +0,0 @@ -debian/doc/nodogsplash.1 diff --git a/debian/opennds.links b/debian/opennds.links new file mode 100644 index 0000000..9ce4098 --- /dev/null +++ b/debian/opennds.links @@ -0,0 +1 @@ +usr/share/man/man1/opennds.1.gz usr/share/man/man1/ndsctl.1.gz diff --git a/debian/opennds.manpages b/debian/opennds.manpages new file mode 100644 index 0000000..4a213ec --- /dev/null +++ b/debian/opennds.manpages @@ -0,0 +1 @@ +debian/doc/opennds.1 diff --git a/debian/nodogsplash.service b/debian/opennds.service similarity index 53% rename from debian/nodogsplash.service rename to debian/opennds.service index 6f3ee51..d585e07 100644 --- a/debian/nodogsplash.service +++ b/debian/opennds.service @@ -1,10 +1,11 @@ [Unit] -Description=NoDogSplash Captive Portal +Description=openNDS Captive Portal After=network.target [Service] Type=forking -ExecStart=/usr/bin/nodogsplash $OPTIONS +ExecStartPre=sleep 10 +ExecStart=/usr/bin/opennds $OPTIONS Restart=on-failure [Install] diff --git a/docs/Makefile b/docs/Makefile index 53c5acb..3953797 100644 --- a/docs/Makefile +++ b/docs/Makefile @@ -1,6 +1,6 @@ # Makefile for Sphinx documentation # run command "make man" in this folder -# then copy nodogsplash.1 to the Debian docs folder +# then copy opennds.1 to the Debian docs folder # # You can set these variables from the command line. @@ -93,9 +93,9 @@ qthelp: @echo @echo "Build finished; now you can run "qcollectiongenerator" with the" \ ".qhcp project file in $(BUILDDIR)/qthelp, like this:" - @echo "# qcollectiongenerator $(BUILDDIR)/qthelp/nodogsplash.qhcp" + @echo "# qcollectiongenerator $(BUILDDIR)/qthelp/opennds.qhcp" @echo "To view the help file:" - @echo "# assistant -collectionFile $(BUILDDIR)/qthelp/nodogsplash.qhc" + @echo "# assistant -collectionFile $(BUILDDIR)/qthelp/opennds.qhc" .PHONY: applehelp applehelp: @@ -112,8 +112,8 @@ devhelp: @echo @echo "Build finished." @echo "To view the help file:" - @echo "# mkdir -p $$HOME/.local/share/devhelp/nodogsplash" - @echo "# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/nodogsplash" + @echo "# mkdir -p $$HOME/.local/share/devhelp/opennds" + @echo "# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/opennds" @echo "# devhelp" .PHONY: epub diff --git a/docs/source/binauth.rst b/docs/source/binauth.rst index efde3b6..80bd668 100644 --- a/docs/source/binauth.rst +++ b/docs/source/binauth.rst @@ -27,11 +27,11 @@ BinAuth is not available when FAS is used at fas_secure_enabled = 3. Example BinAuth Scripts *********************** Two example BinAuth scripts are included in the source files available for download at: -https://github.com/nodogsplash/nodogsplash/releases +https://github.com/opennds/opennds/releases The files can be extracted from the downloaded release archive file and reside in the folder: -`/nodogsplash-[*version*]/forward_authentication_service/binauth` +`/opennds-[*version*]/forward_authentication_service/binauth` Example 1 - Sitewide Username/Password ************************************** @@ -48,27 +48,27 @@ This script has two components, the actual script and an associated html file. * binauth_sitewide.sh * splash_sitewide.html -The file binauth_sitewide.sh should be copied to a suitable location on the NDS router, eg `/etc/nodogsplash/` +The file binauth_sitewide.sh should be copied to a suitable location on the NDS router, eg `/etc/opennds/` -The file splash_sitewide.html should be copied to `/etc/nodogsplash/htdocs/` +The file splash_sitewide.html should be copied to `/etc/opennds/htdocs/` -Assuming FAS is not being used, NDS is then configured by setting the BinAuth and SplashPage options in the config file (/etc/config/nodogsplash on Openwrt, or /etc/nodogsplash/nodogsplash.conf on other operating systems. +Assuming FAS is not being used, NDS is then configured by setting the BinAuth and SplashPage options in the config file (/etc/config/opennds on Openwrt, or /etc/opennds/opennds.conf on other operating systems. On OpenWrt this is most easily accomplished by issuing the following commands: - `uci set nodogsplash.@nodogsplash[0].splashpage='splash_sitewide.html'` + `uci set opennds.@opennds[0].splashpage='splash_sitewide.html'` - `uci set nodogsplash.@nodogsplash[0].binauth='/etc/nodogsplash/binauth_sitewide.sh'` + `uci set opennds.@opennds[0].binauth='/etc/opennds/binauth_sitewide.sh'` - `uci commit nodogsplash` + `uci commit opennds` The script file must be executable and is flagged as such in the source archive. If necessary set using the command: - `chmod u+x /etc/nodogsplash/binauth_sitewide.sh` + `chmod u+x /etc/opennds/binauth_sitewide.sh` This script is then activated with the command: - `service nodogsplash restart` + `service opennds restart` **The Example 1 script contains the following code:** @@ -124,7 +124,7 @@ This script is then activated with the command: # timeout_deauth: Client was deauthenticated because the session timed out. # ndsctl_auth: Client was authenticated by the ndsctl tool. # ndsctl_deauth: Client was deauthenticated by the ndsctl tool. - # shutdown_deauth: Client was deauthenticated by Nodogsplash terminating. + # shutdown_deauth: Client was deauthenticated by opennds terminating. ;; esac @@ -151,7 +151,7 @@ The `SESSION_START` and `SESSION_END` values are the number of seconds since 197 Captive Portals". +Now select the openNDS package in "Network ---> Captive Portals". Now compile/build everything: @@ -35,7 +35,7 @@ make ``` The images and all ipk packages are now inside the bin/ folder. -You can install the NoDogSplash .ipk using `opkg install ` on the router or just use the whole image. +You can install the openNDS .ipk using `opkg install ` on the router or just use the whole image. For details please check the OpenWRT documentation. @@ -47,16 +47,16 @@ You might want to use your own source location and not the remote respository. To do this you need to checkout the repository yourself and commit your changes locally: ``` -git clone git://github.com/nodogsplash/nodogsplash.git -cd nodogsplash +git clone git://github.com/opennds/opennds.git +cd opennds ... apply your changes git commit -am "my change" ``` -Now create a symbolic link in the NoDogSplash package folder using the abolute path: +Now create a symbolic link in the openNDS package folder using the abolute path: ``` -ln -s /my/own/project/folder/nodogsplash/.git openwrt/package/nodogsplash/git-src +ln -s /my/own/project/folder/opennds/.git openwrt/package/opennds/git-src ``` Also make sure to enable diff --git a/openwrt/nodogsplash/Makefile b/openwrt/nodogsplash/Makefile deleted file mode 100644 index eea3ec1..0000000 --- a/openwrt/nodogsplash/Makefile +++ /dev/null @@ -1,82 +0,0 @@ -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=nodogsplash -PKG_FIXUP:=autoreconf -PKG_VERSION:=4.5.1beta -PKG_RELEASE:=1 - -PKG_SOURCE_URL:=https://codeload.github.com/nodogsplash/nodogsplash/tar.gz/v$(PKG_VERSION)? -PKG_SOURCE:=nodogsplash-$(PKG_VERSION).tar.gz -PKG_HASH:= #shasum -a 256 of tar.gz of source files goes here -PKG_BUILD_DIR:=$(BUILD_DIR)/nodogsplash-$(PKG_VERSION) - -PKG_MAINTAINER:=Moritz Warning -PKG_BUILD_PARALLEL:=1 -PKG_LICENSE:=GPL-2.0+ - -include $(INCLUDE_DIR)/package.mk - - -define Package/nodogsplash - SUBMENU:=Captive Portals - SECTION:=net - CATEGORY:=Network - DEPENDS:=+libpthread +iptables-mod-ipopt +libmicrohttpd-no-ssl - TITLE:=Open public network gateway daemon - URL:=https://github.com/nodogsplash/nodogsplash - CONFLICTS:=nodogsplash2 -endef - -define Package/nodogsplash/description - Nodogsplash is a Captive Portal that offers a simple way to - provide restricted access to the Internet by showing a splash - page to the user before Internet access is granted. - It also incorporates an API that allows the creation of - sophisticated authentication applications. -endef - -define Package/nodogsplash/install - - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/nodogsplash $(1)/usr/bin/ - $(INSTALL_BIN) $(PKG_BUILD_DIR)/ndsctl $(1)/usr/bin/ - - $(INSTALL_DIR) $(1)/etc/nodogsplash/htdocs/images - $(INSTALL_DIR) $(1)/etc/config - $(INSTALL_DIR) $(1)/etc/init.d - $(INSTALL_DIR) $(1)/etc/uci-defaults - $(INSTALL_DIR) $(1)/usr/lib/nodogsplash - $(CP) $(PKG_BUILD_DIR)/resources/splash.html $(1)/etc/nodogsplash/htdocs/ - $(CP) $(PKG_BUILD_DIR)/resources/splash.css $(1)/etc/nodogsplash/htdocs/ - $(CP) $(PKG_BUILD_DIR)/resources/status.html $(1)/etc/nodogsplash/htdocs/ - $(CP) $(PKG_BUILD_DIR)/resources/splash.jpg $(1)/etc/nodogsplash/htdocs/images/ - $(CP) $(PKG_BUILD_DIR)/openwrt/nodogsplash/files/etc/config/nodogsplash $(1)/etc/config/ - $(CP) $(PKG_BUILD_DIR)/openwrt/nodogsplash/files/etc/init.d/nodogsplash $(1)/etc/init.d/ - $(CP) $(PKG_BUILD_DIR)/openwrt/nodogsplash/files/etc/uci-defaults/40_nodogsplash $(1)/etc/uci-defaults/ - $(CP) $(PKG_BUILD_DIR)/openwrt/nodogsplash/files/usr/lib/nodogsplash/restart.sh $(1)/usr/lib/nodogsplash/ - $(CP) $(PKG_BUILD_DIR)/forward_authentication_service/PreAuth/demo-preauth.sh $(1)/usr/lib/nodogsplash/login.sh - $(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/get_client_interface.sh $(1)/usr/lib/nodogsplash/ - $(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/get_client_token.sh $(1)/usr/lib/nodogsplash/ - $(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/unescape.sh $(1)/usr/lib/nodogsplash/ - $(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/authmon.sh $(1)/usr/lib/nodogsplash/ - $(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/post-request.php $(1)/usr/lib/nodogsplash/ - $(CP) $(PKG_BUILD_DIR)/forward_authentication_service/fas-aes/fas-aes.php $(1)/etc/nodogsplash/ - $(CP) $(PKG_BUILD_DIR)/forward_authentication_service/fas-aes/fas-aes-https.php $(1)/etc/nodogsplash/ -endef - -define Package/nodogsplash/postrm -#!/bin/sh -uci delete firewall.nodogsplash -uci commit firewall -endef - -define Package/nodogsplash/conffiles -/etc/config/nodogsplash -endef - -$(eval $(call BuildPackage,nodogsplash)) diff --git a/openwrt/nodogsplash/files/etc/uci-defaults/40_nodogsplash b/openwrt/nodogsplash/files/etc/uci-defaults/40_nodogsplash deleted file mode 100644 index c4f461a..0000000 --- a/openwrt/nodogsplash/files/etc/uci-defaults/40_nodogsplash +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh - -uci -q batch <<-EOF - delete firewall.nodogsplash - set firewall.nodogsplash=include - set firewall.nodogsplash.type=script - set firewall.nodogsplash.path=/usr/lib/nodogsplash/restart.sh - commit firewall -EOF diff --git a/openwrt/nodogsplash/files/usr/lib/nodogsplash/restart.sh b/openwrt/nodogsplash/files/usr/lib/nodogsplash/restart.sh deleted file mode 100755 index e7e1946..0000000 --- a/openwrt/nodogsplash/files/usr/lib/nodogsplash/restart.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/sh - -# Check if nodogsplash is running -ndspid=$(ps | grep nodogsplash_cfg | awk -F ' ' 'NR==2 {print $1}') -if [ ! -z $ndspid ]; then - if [ "$(uci -q get nodogsplash.@nodogsplash[0].fwhook_enabled)" = "1" ]; then - echo "fwhook restart request received - restarting " | logger -p "daemon.warn" -s -t "nodogsplash[$ndspid]: " - /etc/init.d/nodogsplash restart - fi -fi diff --git a/openwrt/opennds/Makefile b/openwrt/opennds/Makefile new file mode 100644 index 0000000..4775721 --- /dev/null +++ b/openwrt/opennds/Makefile @@ -0,0 +1,81 @@ +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=opennds +PKG_FIXUP:=autoreconf +PKG_VERSION:=5.0.0beta +PKG_RELEASE:=1 + +PKG_SOURCE_URL:=https://codeload.github.com/opennds/opennds/tar.gz/v$(PKG_VERSION)? +PKG_SOURCE:=opennds-$(PKG_VERSION).tar.gz +PKG_HASH:= #shasum -a 256 of tar.gz of source files goes here +PKG_BUILD_DIR:=$(BUILD_DIR)/opennds-$(PKG_VERSION) + +PKG_MAINTAINER:=Rob White +PKG_BUILD_PARALLEL:=1 +PKG_LICENSE:=GPL-2.0+ + +include $(INCLUDE_DIR)/package.mk + + +define Package/opennds + SUBMENU:=Captive Portals + SECTION:=net + CATEGORY:=Network + DEPENDS:=+libpthread +iptables-mod-ipopt +libmicrohttpd-no-ssl + TITLE:=Open public network gateway daemon + URL:=https://github.com/opennds/opennds +endef + +define Package/opennds/description + openNDS is a Captive Portal that offers a simple way to + provide restricted access to the Internet by showing a splash + page to the user before Internet access is granted. + It also incorporates an API that allows the creation of + sophisticated authentication applications. +endef + +define Package/opennds/install + + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/opennds $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_BUILD_DIR)/ndsctl $(1)/usr/bin/ + + $(INSTALL_DIR) $(1)/etc/opennds/htdocs/images + $(INSTALL_DIR) $(1)/etc/config + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_DIR) $(1)/etc/uci-defaults + $(INSTALL_DIR) $(1)/usr/lib/opennds + $(CP) $(PKG_BUILD_DIR)/resources/splash.html $(1)/etc/opennds/htdocs/ + $(CP) $(PKG_BUILD_DIR)/resources/splash.css $(1)/etc/opennds/htdocs/ + $(CP) $(PKG_BUILD_DIR)/resources/status.html $(1)/etc/opennds/htdocs/ + $(CP) $(PKG_BUILD_DIR)/resources/splash.jpg $(1)/etc/opennds/htdocs/images/ + $(CP) $(PKG_BUILD_DIR)/openwrt/opennds/files/etc/config/opennds $(1)/etc/config/ + $(CP) $(PKG_BUILD_DIR)/openwrt/opennds/files/etc/init.d/opennds $(1)/etc/init.d/ + $(CP) $(PKG_BUILD_DIR)/openwrt/opennds/files/etc/uci-defaults/40_opennds $(1)/etc/uci-defaults/ + $(CP) $(PKG_BUILD_DIR)/openwrt/opennds/files/usr/lib/opennds/restart.sh $(1)/usr/lib/opennds/ + $(CP) $(PKG_BUILD_DIR)/forward_authentication_service/PreAuth/demo-preauth.sh $(1)/usr/lib/opennds/login.sh + $(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/get_client_interface.sh $(1)/usr/lib/opennds/ + $(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/get_client_token.sh $(1)/usr/lib/opennds/ + $(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/unescape.sh $(1)/usr/lib/opennds/ + $(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/authmon.sh $(1)/usr/lib/opennds/ + $(CP) $(PKG_BUILD_DIR)/forward_authentication_service/libs/post-request.php $(1)/usr/lib/opennds/ + $(CP) $(PKG_BUILD_DIR)/forward_authentication_service/fas-aes/fas-aes.php $(1)/etc/opennds/ + $(CP) $(PKG_BUILD_DIR)/forward_authentication_service/fas-aes/fas-aes-https.php $(1)/etc/opennds/ +endef + +define Package/opennds/postrm +#!/bin/sh +uci delete firewall.opennds +uci commit firewall +endef + +define Package/opennds/conffiles +/etc/config/opennds +endef + +$(eval $(call BuildPackage,opennds)) diff --git a/openwrt/nodogsplash/files/etc/config/nodogsplash b/openwrt/opennds/files/etc/config/opennds similarity index 88% rename from openwrt/nodogsplash/files/etc/config/nodogsplash rename to openwrt/opennds/files/etc/config/opennds index dbb459a..28964b3 100644 --- a/openwrt/nodogsplash/files/etc/config/nodogsplash +++ b/openwrt/opennds/files/etc/config/opennds @@ -1,19 +1,19 @@ -# The options available here are an adaptation of the settings used in nodogsplash.conf. -# See https://github.com/nodogsplash/nodogsplash/blob/master/resources/nodogsplash.conf +# The options available here are an adaptation of the settings used in opennds.conf. +# See https://github.com/opennds/opennds/blob/master/resources/opennds.conf -config nodogsplash - # Set to 0 to disable nodogsplash +config opennds + # Set to 0 to disable opennds option enabled 1 - # Set to 0 to disable hook that makes nodogsplash restart when the firewall restarts. - # This hook is needed as a restart of Firewall overwrites nodogsplash iptables entries. + # Set to 0 to disable hook that makes opennds restart when the firewall restarts. + # This hook is needed as a restart of Firewall overwrites opennds iptables entries. option fwhook_enabled '1' # Login Option # Default: 0 # - # NoDogSplash comes preconfigured for two basic modes of operation + # opennds comes preconfigured for two basic modes of operation # A default preauth login script, requiring username and email address to be entered. # and # A default static splash page (splash.html) with template variables and click to continue @@ -21,7 +21,7 @@ config nodogsplash # 0: Use static splash page or FAS config options # 1: Use default preauth login script # - # The default preauth login script is installed as part of the NoDogSplash package providing + # The default preauth login script is installed as part of the openNDS package providing # username/emailaddress login as an alternative to the basic splash page. # # It generates a login page asking for username and email address. @@ -29,7 +29,7 @@ config nodogsplash # Details of how the script works are contained in comments in the script itself. # # Both modes may be customised or a full custom system can be developed using FAS and BinAuth - # See documentation at: https://nodogsplashdocs.readthedocs.io/ + # See documentation at: https://openndsdocs.readthedocs.io/ # option login_option_enabled '0' @@ -45,7 +45,7 @@ config nodogsplash # MHD Unescape callback # MHD has a built in unescape function that urldecodes incoming queries from browsers # This option allows an external unescape script to be enabled - # The script must be named unescape.sh, be present in /usr/lib/nodogsplash/ and be executable. + # The script must be named unescape.sh, be present in /usr/lib/opennds/ and be executable. # A standard unescape.sh script is installed by default # Set to 1 to enable this option, 0 to disable # default is disabled @@ -53,36 +53,36 @@ config nodogsplash # WebRoot - # Default: /etc/nodogsplash/htdocs + # Default: /etc/opennds/htdocs # # The local path where the splash page content resides. # ie. Serve the file splash.html from this directory - #option webroot '/etc/nodogsplash/htdocs' + #option webroot '/etc/opennds/htdocs' # Use plain configuration file - #option config '/etc/nodogsplash/nodogsplash.conf' + #option config '/etc/opennds/opennds.conf' - # Use this option to set the device nodogsplash will bind to. + # Use this option to set the device opennds will bind to. # The value may be an interface section in /etc/config/network or a device name such as br-lan. option gatewayinterface 'br-lan' # GatewayPort # Default: 2050 # - # Nodogsplash's own http server uses gateway address as its IP address. + # openNDS's own http server uses gateway address as its IP address. # The port it listens to at that IP can be set here; default is 2050. # #option gatewayport '2050' # GatewayName - # Default: NoDogSplash + # Default: openNDS # - # gatewayname is used as an identifier for the instance of NoDogSplash + # gatewayname is used as an identifier for the instance of openNDS # # It is displayed on the default static splash page and the default preauth login script. # # It is particularly useful in the case of a single remote FAS server that serves multiple - # NoDogSplash sites, allowing the FAS to customise its response for each site. + # openNDS sites, allowing the FAS to customise its response for each site. # # Note: The single quote (or apostrophe) character ('), cannot be used in the gatewayname. # If it is required, use the htmlentity ' instead. @@ -92,7 +92,7 @@ config nodogsplash # Instead use: # option gatewayname 'Bill's WiFi' # - option gatewayname 'OpenWrt Nodogsplash' + option gatewayname 'OpenWrt openNDS' # MaxClients # Default 20 @@ -115,7 +115,7 @@ config nodogsplash # Session Timeout is the interval after which clients are forced out (a value of 0 means never) option sessiontimeout '1200' - # The interval in seconds at which nodogsplash checks client timeout status + # The interval in seconds at which opennds checks client timeout status option checkinterval '600' # Enable BinAuth Support. @@ -139,7 +139,7 @@ config nodogsplash # "timeout_deauth": Client was deauthenticated because the session timed out. # "ndsctl_auth": Client was authenticated manually by the ndsctl tool. # "ndsctl_deauth": Client was deauthenticated by the ndsctl tool. - # "shutdown_deauth": Client was deauthenticated by Nodogsplash terminating. + # "shutdown_deauth": Client was deauthenticated by openNDS terminating. # # Values session_start and session_start are in seconds since 1970 or 0 for unknown/unlimited. # @@ -216,7 +216,7 @@ config nodogsplash # are encrypted using faskey and passed to FAS in the query string. # The query string will also contain a randomly generated initialization vector to be used by the FAS for decryption. # The "php-cli" package and the "php-openssl" module must both be installed for fas_secure level 2. - # Nodogsplash does not depend on this package and module, but will exit gracefully + # openNDS does not depend on this package and module, but will exit gracefully # if this package and module are not installed when this level is set, logging the error in syslog. # The FAS must use the query string passed initialisation vector and the pre shared fas_key to decrypt the query string. # An example FAS php script is supplied in the source code. @@ -230,13 +230,13 @@ config nodogsplash # Initially FAS appends its query string to faspath. # The Preauth program will output html code that will be served to the client by NDS # Using html GET the Preauth program may call: - # /nodogsplash_preauth/ to ask the client for more information + # /opennds_preauth/ to ask the client for more information # or - # /nodogsplash_auth/ to authenticate the client + # /opennds_auth/ to authenticate the client # # The Preauth program should append at least the client ip to the query string - # (using html input type hidden) for all calls to /nodogsplash_preauth/ - # It must also obtain the client token (using ndsctl), for NDS authentication when calling /nodogsplash_auth/ + # (using html input type hidden) for all calls to /opennds_preauth/ + # It must also obtain the client token (using ndsctl), for NDS authentication when calling /opennds_auth/ # #option preauth '/path/to/myscript/myscript.sh' @@ -294,7 +294,7 @@ config nodogsplash # MAC addresses that do not need to authenticate #list trustedmac '00:00:C0:01:D0:1D' - # Nodogsplash uses specific HEXADECIMAL values to mark packets used by iptables as a bitwise mask. + # openNDS uses specific HEXADECIMAL values to mark packets used by iptables as a bitwise mask. # This mask can conflict with the requirements of other packages. # # However the defaults are fully compatible with the defaults used in mwan3 and sqm diff --git a/openwrt/nodogsplash/files/etc/init.d/nodogsplash b/openwrt/opennds/files/etc/init.d/opennds similarity index 87% rename from openwrt/nodogsplash/files/etc/init.d/nodogsplash rename to openwrt/opennds/files/etc/init.d/opennds index 0128309..eabf1a0 100755 --- a/openwrt/nodogsplash/files/etc/init.d/nodogsplash +++ b/openwrt/opennds/files/etc/init.d/opennds @@ -1,7 +1,7 @@ #!/bin/sh /etc/rc.common # -# Startup/shutdown script for nodogsplash captive portal +# Startup/shutdown script for opennds captive portal # START=95 @@ -114,7 +114,7 @@ generate_uci_config() { local upload # Init config file content - CONFIG="# auto-generated config file from /etc/config/nodogsplash" + CONFIG="# auto-generated config file from /etc/config/opennds" config_get val "$cfg" config if [ -n "$val" ]; then @@ -166,7 +166,7 @@ generate_uci_config() { setup_mac_lists "$cfg" || return 1 setup_firewall "$cfg" - echo "$CONFIG" > "/tmp/etc/nodogsplash_$cfg.conf" + echo "$CONFIG" > "/tmp/etc/opennds_$cfg.conf" return 0 } @@ -184,9 +184,9 @@ create_instance() { fi procd_open_instance $cfg - procd_set_param command /usr/bin/nodogsplash -c "/tmp/etc/nodogsplash_$cfg.conf" $OPTIONS + procd_set_param command /usr/bin/opennds -c "/tmp/etc/opennds_$cfg.conf" $OPTIONS procd_set_param respawn - procd_set_param file "/tmp/etc/nodogsplash_$cfg.conf" + procd_set_param file "/tmp/etc/opennds_$cfg.conf" procd_close_instance } @@ -194,16 +194,16 @@ start_service() { # For network_get_device() include /lib/functions - # For nodogsplash.conf file + # For opennds.conf file mkdir -p /tmp/etc/ - config_load nodogsplash - config_foreach create_instance nodogsplash + config_load opennds + config_foreach create_instance opennds } stop_service() { - # When procd terminates nodogsplash, it does not exit fast enough. - # Otherwise procd will restart nodogsplash twice. First time starting - # nodogsplash fails, second time it succeeds. + # When procd terminates opennds, it does not exit fast enough. + # Otherwise procd will restart opennds twice. First time starting + # opennds fails, second time it succeeds. sleep 1 } diff --git a/openwrt/opennds/files/etc/uci-defaults/40_nodogsplash b/openwrt/opennds/files/etc/uci-defaults/40_nodogsplash new file mode 100644 index 0000000..d28ec4e --- /dev/null +++ b/openwrt/opennds/files/etc/uci-defaults/40_nodogsplash @@ -0,0 +1,9 @@ +#!/bin/sh + +uci -q batch <<-EOF + delete firewall.opennds + set firewall.opennds=include + set firewall.opennds.type=script + set firewall.opennds.path=/usr/lib/opennds/restart.sh + commit firewall +EOF diff --git a/openwrt/opennds/files/usr/lib/opennds/restart.sh b/openwrt/opennds/files/usr/lib/opennds/restart.sh new file mode 100755 index 0000000..f1863cb --- /dev/null +++ b/openwrt/opennds/files/usr/lib/opennds/restart.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +# Check if opennds is running +ndspid=$(ps | grep opennds_cfg | awk -F ' ' 'NR==2 {print $1}') +if [ ! -z $ndspid ]; then + if [ "$(uci -q get opennds.@opennds[0].fwhook_enabled)" = "1" ]; then + echo "fwhook restart request received - restarting " | logger -p "daemon.warn" -s -t "opennds[$ndspid]: " + /etc/init.d/opennds restart + fi +fi diff --git a/resources/nodogsplash.conf b/resources/nodogsplash.conf deleted file mode 100644 index f2eb048..0000000 --- a/resources/nodogsplash.conf +++ /dev/null @@ -1,542 +0,0 @@ -# -# Nodogsplash Configuration File -# -# The "#" character at the beginning of a line indicates that the whole line is a comment. -# -# "#" characters within a line are assumed to be part of the configured option -# - -# Option: GatewayInterface -# Default: NONE -# -# GatewayInterface is not autodetected, has no default, and must be set here. -# Set GatewayInterface to the interface on your router -# that is to be managed by Nodogsplash. -# Typically br-lan for the wired and wireless lan. -# -GatewayInterface br-lan - -# Login Option -# Default: 0 -# -# NoDogSplash comes preconfigured for two basic modes of operation -# A default preauth login script, requiring username and email address to be entered. -# and -# A default static splash page (splash.html) with template variables and click to continue -# -# 0: Use static splash page or FAS config options -# 1: Use default preauth login script -# -# The default preauth login script is installed as part of the NoDogSplash package providing -# username/emailaddress login as an alternative to the basic splash page. -# -# It generates a login page asking for username and email address. -# User logins are recorded in the log file /tmp/ndslog.log -# Details of how the script works are contained in comments in the script itself. -# -# Both modes may be customised or a full custom system can be developed using FAS and BinAuth -# See documentation at: https://nodogsplashdocs.readthedocs.io/ -# -login_option_enabled 0 - -# Use outdated libmicrohttpd (MHD) -# Older versions of MHD convert & and + characters to spaces when present in form data -# This can make a PreAuth or BinAuth impossible to use for a client if form data contains either of these characters -# eg. in username or password -# MHD versions earlier than 0.9.69 are detected. -# If this option is set to 0 (default), NDS will terminate if MHD is earlier than 0.9.69 -# If this option is set to 1, NDS will start but log an error. -use_outdated_mhd 0 - -# MHD Unescape callback -# MHD has a built in unescape function that urldecodes incoming queries from browsers -# This option allows an external unescape script to be enabled -# The script must be named unescape.sh, be present in /usr/lib/nodogsplash/ and be executable. -# A standard unescape.sh script is installed by default -# Set to 1 to enable this option, 0 to disable -# default is disabled -# -unescape_callback_enabled 0 - -# Option: WebRoot -# Default: /etc/nodogsplash/htdocs -# -# The local path where the splash page content resides. - -# FirewallRuleSet: authenticated-users -# -# Control access for users after authentication. -# These rules are inserted at the beginning of the -# FORWARD chain of the router's filter table, and -# apply to packets that have come in to the router -# over the GatewayInterface from MAC addresses that -# have authenticated with Nodogsplash, and that are -# destined to be routed through the router. The rules are -# considered in order, and the first rule that matches -# a packet applies to it. -# If there are any rules in this ruleset, an authenticated -# packet that does not match any rule is rejected. -# N.B.: This ruleset is completely independent of -# the preauthenticated-users ruleset. -# -FirewallRuleSet authenticated-users { - -# You may want to open access to a machine on a local -# subnet that is otherwise blocked (for example, to -# serve a redirect page; see RedirectURL). If so, -# allow that explicitly here, e.g: -# FirewallRule allow tcp port 80 to 192.168.254.254 - -# Your router may have several interfaces, and you -# probably want to keep them private from the GatewayInterface. -# If so, you should block the entire subnets on those interfaces, e.g.: -# FirewallRule block to 192.168.0.0/16 -# FirewallRule block to 10.0.0.0/8 - -# Typical ports you will probably want to open up include -# 53 udp and tcp for DNS, -# 80 for http, -# 443 for https, -# 22 for ssh: -# FirewallRule allow tcp port 53 -# FirewallRule allow udp port 53 -# FirewallRule allow tcp port 80 -# FirewallRule allow tcp port 443 -# FirewallRule allow tcp port 22 -# Or for happy customers allow all - FirewallRule allow all -# You might use ipset to easily allow/block range of ips, e.g.: -# FirewallRule allow ipset WHITELISTED_IPS -# FirewallRule allow tcp port 80 ipset WHITELISTED_IPS -} -# end FirewallRuleSet authenticated-users - - -# FirewallRuleSet: preauthenticated-users -# -# Control access for users before authentication. -# These rules are inserted in the PREROUTING chain -# of the router's nat table, and in the -# FORWARD chain of the router's filter table. -# These rules apply to packets that have come in to the -# router over the GatewayInterface from MAC addresses that -# are not on the BlockedMACList or TrustedMACList, -# are *not* authenticated with Nodogsplash. The rules are -# considered in order, and the first rule that matches -# a packet applies to it. A packet that does not match -# any rule here is rejected. -# N.B.: This ruleset is completely independent of -# the authenticated-users and users-to-router rulesets. -# -FirewallRuleSet preauthenticated-users { -# For preauthenticated users to resolve IP addresses in their -# initial request not using the router itself as a DNS server. -# Leave commented to help prevent DNS tunnelling -# FirewallRule allow tcp port 53 -# FirewallRule allow udp port 53 -# -# For splash page content not hosted on the router, you -# will want to allow port 80 tcp to the remote host here. -# Doing so circumvents the usual capture and redirect of -# any port 80 request to this remote host. -# Note that the remote host's numerical IP address must be known -# and used here. -# FirewallRule allow tcp port 80 to 123.321.123.321 -} -# end FirewallRuleSet preauthenticated-users - - -# FirewallRuleSet: users-to-router -# -# Control access to the router itself from the GatewayInterface. -# These rules are inserted at the beginning of the -# INPUT chain of the router's filter table, and -# apply to packets that have come in to the router -# over the GatewayInterface from MAC addresses that -# are not on the TrustedMACList, and are destined for -# the router itself. The rules are -# considered in order, and the first rule that matches -# a packet applies to it. -# If there are any rules in this ruleset, a -# packet that does not match any rule is rejected. -# -FirewallRuleSet users-to-router { - # Nodogsplash automatically allows tcp to GatewayPort, - # at GatewayAddress, to serve the splash page. - # However you may want to open up other ports, e.g. - # 53 for DNS and 67 for DHCP if the router itself is - # providing these services. - FirewallRule allow udp port 53 - FirewallRule allow tcp port 53 - FirewallRule allow udp port 67 - # You may want to allow ssh, http, and https to the router - # for administration from the GatewayInterface. If not, - # comment these out. - FirewallRule allow tcp port 22 - FirewallRule allow tcp port 80 - FirewallRule allow tcp port 443 -} -# end FirewallRuleSet users-to-router - -# EmptyRuleSetPolicy directives -# The FirewallRuleSets that NoDogSplash permits are: -# -# authenticated-users -# preauthenticated-users -# users-to-router -# trusted-users -# trusted-users-to-router -# -# For each of these, an EmptyRuleSetPolicy can be specified. -# An EmptyRuleSet policy applies to a FirewallRuleSet if the -# FirewallRuleSet is missing from this configuration file, -# or if it exists but contains no FirewallRules. -# -# The possible values of an EmptyRuleSetPolicy are: -# allow -- packets are accepted -# block -- packets are rejected -# passthrough -- packets are passed through to pre-existing firewall rules -# -# Default EmptyRuleSetPolicies are set as follows: -# EmptyRuleSetPolicy authenticated-users passthrough -# EmptyRuleSetPolicy preauthenticated-users block -# EmptyRuleSetPolicy users-to-router block -# EmptyRuleSetPolicy trusted-users allow -# EmptyRuleSetPolicy trusted-users-to-router allow - - -# GatewayName -# Default: NoDogSplash -# -# gatewayname is used as an identifier for the instance of NoDogSplash -# -# It is displayed on the default static splash page and the default preauth login script. -# -# It is particularly useful in the case of a single remote FAS server that serves multiple -# NoDogSplash sites, allowing the FAS to customise its response for each site. -# -# Note: The single quote (or apostrophe) character ('), cannot be used in the gatewayname. -# If it is required, use the htmlentity ' instead. -# -# For example: -# GatewayName Bill's WiFi is invalid. -# Instead use: -# GatewayName Bill's WiFi -# -# GatewayName NoDogSplash - -# Option: GatewayAddress -# Default: Discovered from GatewayInterface -# -# This should be autodetected and need not be specified. -# If set here, it must be set to the IP address of the router on -# the GatewayInterface. Setting incorrectly will result in failure of Nodogsplash. -# -# GatewayAddress 192.168.1.1 - -# Option: StatusPage -# Default: status.html -# -# The page the client is show if the client is already authenticated but navigates to the captive portal. -# -# StatusPage status.html - -# Option: SplashPage -# Default: splash.html -# -# The page the client is redirected to if not authenticated or whitelisted. -# -# SplashPage splash.html - -# Option: RedirectURL -# Default: none -# -# After authentication, normally a user is redirected -# to their initially requested page. -# If RedirectURL is set, the user is redirected to this URL instead. - -# NOTE: RedirectURL is deprecated. - -# redirectURL is now redundant as most CPD implementations immediately close the "splash" page -# as soon as NDS authenticates, thus redirectURL will not be shown. -# -# This functionality, ie displaying a particular web page as a final "Landing Page", -# can be achieved reliably using FAS, with NDS calling the previous "redirectURL" as the FAS page. -# - -# Option: GatewayPort -# Default: 2050 -# -# Nodogsplash's own http server uses GatewayAddress as its IP address. -# The port it listens to at that IP can be set here; default is 2050. -# -# GatewayPort 2050 - -# Option: MaxClients -# Default: 20 -# -# Set MaxClients to the maximum number of users allowed to -# connect at any time. (Does not include users on the TrustedMACList, -# who do not authenticate.) -# - MaxClients 250 - -# Option: SessionTimeout -# Default: 0 -# -# Set the default session length in minutes. A value of 0 is for -# sessions without an end. -# - -# Option: PreAuthIdleTimeout -# Default: 10 -# -# Set PreAuthIdleTimeout to the desired number of minutes before -# an pre-authenticated user is automatically removed from the client list. -# - -# Option: AuthIdleTimeout -# Default: 120 -# -# Set AuthIdleTimeout to the desired number of minutes before -# an authenticated user is automatically 'deauthenticated' -# and removed from the client list. -# - -# Option: CheckInterval -# Default: 30 -# -# Interval in seconds (!) the timeouts of all clients are checked. -# - -# Option: MACMechanism -# Default: block -# -# Either block or allow. -# If 'block', MAC addresses on BlockedMACList are blocked from -# authenticating, and all others are allowed. -# If 'allow', MAC addresses on AllowedMACList are allowed to -# authenticate, and all other (non-trusted) MAC's are blocked. -# -# MACMechanism block - -# Option: BlockedMACList -# Default: none -# -# Comma-separated list of MAC addresses who will be completely blocked -# from the GatewayInterface. Ignored if MACMechanism is allow. -# N.B.: weak security, since MAC addresses are easy to spoof. -# -# BlockedMACList 00:00:DE:AD:BE:EF,00:00:C0:1D:F0:0D - -# Option: AllowedMACList -# Default: none -# -# Comma-separated list of MAC addresses who will not be completely -# blocked from the GatewayInterface. Ignored if MACMechanism is block. -# N.B.: weak security, since MAC addresses are easy to spoof. -# -# AllowedMACList 00:00:12:34:56:78 - -# Option: TrustedMACList -# Default: none -# -# Comma-separated list of MAC addresses who are not subject to -# authentication, and are not restricted by any FirewallRuleSet. -# N.B.: weak security, since MAC addresses are easy to spoof. -# -# TrustedMACList 00:00:CA:FE:BA:BE, 00:00:C0:01:D0:0D - -# Option: TrafficControl -# Default: no -# -# Set to yes (or true or 1), to enable traffic control in Nodogsplash. -# -# TrafficControl no - -# Option: DownloadLimit -# Default: 0 -# -# If TrafficControl is enabled, this sets the maximum download -# speed to the GatewayInterface, in kilobits per second. -# For example if you have an ADSL connection with 768 kbit -# download speed, and you want to allow about half of that -# bandwidth for the GatewayInterface, set this to 384. -# A value of 0 means no download limiting is done. -# -# DownloadLimit 384 - -# Option: UploadLimit -# Default: 0 -# -# If TrafficControl is enabled, this sets the maximum upload -# speed from the GatewayInterface, in kilobits per second. -# For example if you have an ADSL connection with 128 kbit -# upload speed, and you want to allow about half of that -# bandwidth for the GatewayInterface, set this to 64. -# A value of 0 means no upload limiting is done. -# -# UploadLimit 64 - -# Option: GatewayIPRange -# Default: 0.0.0.0/0 -# -# By setting this parameter, you can specify a range of IP addresses -# on the GatewayInterface that will be responded to and managed by -# Nodogsplash. Addresses outside this range do not have their packets -# touched by Nodogsplash at all. -# Defaults to 0.0.0.0/0, that is, all addresses. -# -# GatewayIPRange 0.0.0.0/0 - -# Option: DebugLevel -# Default: 1 -# 0 : Silent (only LOG_ERR and LOG_EMERG messages will be seen, otherwise there will be no logging.) -# 1 : LOG_ERR, LOG_EMERG, LOG_WARNING and LOG_NOTICE (this is the default level). -# 2 : debuglevel 1 + LOG_INFO -# 3 : debuglevel 2 + LOG_DEBUG -# DebugLevel 1 - -# Option: fasport -# Default: None -# -# Enable Forwarding Authentication Service (FAS) -# If set redirection is changed from splash.html to a FAS (provided by the system administrator) -# The value is the IP port number of the FAS -# Note: if FAS is running locally (ie fasremoteip is NOT set), port 80 cannot be used -# -# Typical remote Hosted Example: -# fasport 80 -# -# Typical Locally Hosted Example: -# fasport 2080 - -# Option: fasremotefqdn -# Default: Not set -# If set, this is the remote fully qualified domain name (FQDN) of the FAS. -# The protocol must NOT be prepended to the FQDN (ie http:// or https://) -# To prevent CPD or browser security errors NDS prepends http:// before redirection. -# If set, DNS MUST resolve fasremotefqdn to be the same ip address as fasremoteip. -# Typical Remote Shared Hosting Example: -# fasremotefqdn onboard-wifi.net - -# Option: fasremoteip -# Default: GatewayAddress (the IP of NDS) -# -# If set, this is the remote ip address of the FAS. -# -# Typical Locally Hosted example (ie fasremoteip not set): -# fasremoteip 46.32.240.41 - -# Option: faspath -# Default: / -# -# This is the path from the FAS Web Root to the FAS login page -# (not the file system root). -# -# Typical Shared Hosting example: -# faspath '/onboard-wifi.net/nodog/fas.php' -# -# Typical Locally Hosted example (ie fasremoteip not set): -# faspath /nodog/fas.php - - -# Option: faskey -# Default: not set -# A key phrase for NDS to encrypt the query string sent to FAS -# Can be any combination of A-Z, a-z and 0-9, up to 16 characters with no white space -#option faskey 1234567890 - -# -# Option: fas_secure_enabled -# Default: 1 -# -# ****If set to "0"**** -# the client token is sent to the FAS in clear text in the query string of the -# redirect along with authaction and redir. -# -# ****If set to "1" and option faskey is NOT set**** -# authaction and the client token are not revealed and it is the responsibility -# of the FAS to request the token from NDSCTL. -# -# ****If set to "1" and option faskey IS set**** -# The client token will be hashed and sent to the FAS identified as “hid” in the query string. -# The gatewayaddress is also sent on the query string, allowing the FAS to construct the authaction parameter. -# FAS must return the sha256sum of the concatenation of the original hid and faskey, to be used by NDS for client authentication. -# This is returned in the normal way in the query string identified as “tok”. -# NDS will automatically detect whether hid mode is active or the raw token is being returned. -# Should sha256sum not be available to NDS when faskey is set, NDS will exit gracefully, logging the error in syslog. -# -# *****If set to 2**** -# clientip, clientmac, gatewayname, client token, gatewayaddress, authdir, originurl and clientif -# are encrypted using faskey and passed to FAS in the query string. -# The query string will also contain a randomly generated initialization vector to be used by the FAS for decryption. -# The "php-cli" package and the "php-openssl" module must both be installed for fas_secure level 2. -# Nodogsplash does not depend on this package and module, but will exit gracefully -# if this package and module are not installed when this level is set, logging the error in syslog. -# The FAS must use the query string passed initialisation vector and the pre shared fas_key to decrypt the query string. -# An example FAS php script is supplied in the source code. -# -#fas_secure_enabled 0 - -# PreAuth -# PreAuth support allows FAS to call a local program or script with html served by the built in NDS web server -# If the option is set, it points to a program/script that is called by the NDS FAS handler -# All other FAS settings will be overidden. -# Initially FAS appends its query string to faspath. -# The Preauth program will output html code that will be served to the client by NDS -# Using html GET the Preauth program may call: -# /nodogsplash_preauth/ to ask the client for more information -# or -# /nodogsplash_auth/ to authenticate the client -# -# The Preauth program should append at least the client ip to the query string -# (using html input type hidden) for all calls to /nodogsplash_preauth/ -# It must also obtain the client token (using ndsctl), for NDS authentication when calling /nodogsplash_auth/ -# -#preauth /path/to/myscript/myscript.sh - -# Option: BinAuth -# -# Enable BinAuth Support. -# If set, a program is called with several parameters on authentication (request) and deauthentication. -# -# Request for authentication: -# -# $ auth_client '' '' -# -# The username and password values may be empty strings and are URL encoded. -# The program is expected to output the number of seconds the client -# is to be authenticated. Zero or negative seconds will cause the authentification request -# to be rejected. The same goes for an exit code that is not 0. -# The output may contain a user specific download and upload limit in KBit/s: -# -# -# Called on authentication or deauthentication: -# $ <*auth|*deauth> -# -# "client_auth": Client authenticated via this script. -# "client_deauth": Client deauthenticated by the client via splash page. -# "idle_deauth": Client was deauthenticated because of inactivity. -# "timeout_deauth": Client was deauthenticated because the session timed out. -# "ndsctl_auth": Client was authenticated manually by the ndsctl tool. -# "ndsctl_deauth": Client was deauthenticated by the ndsctl tool. -# "shutdown_deauth": Client was deauthenticated by Nodogsplash terminating. -# -# Values session_start and session_start are in seconds since 1970 or 0 for unknown/unlimited. -# -# BinAuth /bin/myauth.sh - -# Nodogsplash uses specific HEXADECIMAL values to mark packets used by iptables as a bitwise mask. -# This mask can conflict with the requirements of other packages such as mwan3, sqm etc -# Any values set here are interpreted as in hex format. -# -# Option: fw_mark_authenticated -# Default: 30000 (0011|0000|0000|0000|0000 binary) -# -# Option: fw_mark_trusted -# Default: 20000 (0010|0000|0000|0000|0000 binary) -# -# Option: fw_mark_blocked -# Default: 10000 (0001|0000|0000|0000|0000 binary) -# diff --git a/resources/splash.css b/resources/splash.css index 4f5b82d..5e80430 100644 --- a/resources/splash.css +++ b/resources/splash.css @@ -1,86 +1,86 @@ - body { - background-color: lightgrey; - color: black; - margin-left: 5%; - margin-right: 5%; - text-align: left; - } +body { + background-color: lightgrey; + color: black; + margin-left: 5%; + margin-right: 5%; + text-align: left; +} - hr { - display:block; - margin-top:0.5em; - margin-bottom:0.5em; - margin-left:auto; - margin-right:auto; - border-style:inset; - border-width:5px; - } +hr { + display:block; + margin-top:0.5em; + margin-bottom:0.5em; + margin-left:auto; + margin-right:auto; + border-style:inset; + border-width:5px; +} - .offset { - background: rgba(300, 300, 300, 0.6); - margin-left:auto; - margin-right:auto; - max-width:600px; - min-width:200px; - padding: 5px; - } +.offset { + background: rgba(300, 300, 300, 0.6); + margin-left:auto; + margin-right:auto; + max-width:600px; + min-width:200px; + padding: 5px; +} - .insert { - background: rgba(350, 350, 350, 0.7); - border: 2px solid #aaa; - border-radius: 4px; - min-width:200px; - max-width:100%; - padding: 5px; - } +.insert { + background: rgba(350, 350, 350, 0.7); + border: 2px solid #aaa; + border-radius: 4px; + min-width:200px; + max-width:100%; + padding: 5px; +} - img { - width: 40%; - max-width: 180px; - margin-left: 0%; - margin-right: 5%; - } +img { + width: 40%; + max-width: 180px; + margin-left: 0%; + margin-right: 5%; +} - input[type=text], input[type=email], input[type=password] { - font-size: 1em; - line-height: 2.0em; - height: 2.0em; - color: black; - background: lightgrey; - } +input[type=text], input[type=email], input[type=password] { + font-size: 1em; + line-height: 2.0em; + height: 2.0em; + color: black; + background: lightgrey; +} - input[type=submit], input[type=button] { - font-size: 1em; - line-height: 2.0em; - height: 2.0em; - color: black; - font-weight: bold; - background: lightblue; - } +input[type=submit], input[type=button] { + font-size: 1em; + line-height: 2.0em; + height: 2.0em; + color: black; + font-weight: bold; + background: lightblue; +} - med-blue { - font-size: 1.2em; - color: blue; - font-weight: bold; - font-style: normal; - } +med-blue { + font-size: 1.2em; + color: blue; + font-weight: bold; + font-style: normal; +} - big-red { - font-size: 1.5em; - color: red; - font-weight: bold; - } +big-red { + font-size: 1.5em; + color: red; + font-weight: bold; +} - italic-black { - font-size: 1.0em; - color: black; - font-weight: bold; - font-style: italic; - } +italic-black { + font-size: 1.0em; + color: black; + font-weight: bold; + font-style: italic; +} - copy-right { - font-size: 0.7em; - color: darkgrey; - font-weight: bold; - font-style:italic; - } +copy-right { + font-size: 0.7em; + color: darkgrey; + font-weight: bold; + font-style:italic; +} diff --git a/resources/splash.html b/resources/splash.html index f46d228..26117ee 100644 --- a/resources/splash.html +++ b/resources/splash.html @@ -14,7 +14,7 @@