import of nodogsplash-0.7_beta7.tar.gz

AUTHORS

@@ -0,0 +1,7 @@
+Paul Kube <nodogsplash@kokoro.ucsd.edu>
+
+On the WifiDog project:
+Philippe April <papril777@yahoo.com>
+Mina Naguib <webmaster@topfx.com>
+Benoit Grégoire <bock@step.polymtl.ca>
+Alexandre Carmel-Veilleux <acv@miniguru.ca>

COPYING

@@ -0,0 +1,280 @@
+		    GNU GENERAL PUBLIC LICENSE
+		       Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.
+                          675 Mass Ave, Cambridge, MA 02139, USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+			    Preamble
+
+  The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users.  This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it.  (Some other Free Software Foundation software is covered by
+the GNU Library General Public License instead.)  You can apply it to
+your programs, too.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+  To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have.  You must make sure that they, too, receive or can get the
+source code.  And you must show them these terms so they know their
+rights.
+
+  We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+  Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software.  If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+  Finally, any free program is threatened constantly by software
+patents.  We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary.  To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+		    GNU GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License.  The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language.  (Hereinafter, translation is included without limitation in
+the term "modification".)  Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+  1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+  2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+    a) You must cause the modified files to carry prominent notices
+    stating that you changed the files and the date of any change.
+
+    b) You must cause any work that you distribute or publish, that in
+    whole or in part contains or is derived from the Program or any
+    part thereof, to be licensed as a whole at no charge to all third
+    parties under the terms of this License.
+
+    c) If the modified program normally reads commands interactively
+    when run, you must cause it, when started running for such
+    interactive use in the most ordinary way, to print or display an
+    announcement including an appropriate copyright notice and a
+    notice that there is no warranty (or else, saying that you provide
+    a warranty) and that users may redistribute the program under
+    these conditions, and telling the user how to view a copy of this
+    License.  (Exception: if the Program itself is interactive but
+    does not normally print such an announcement, your work based on
+    the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+  3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+    a) Accompany it with the complete corresponding machine-readable
+    source code, which must be distributed under the terms of Sections
+    1 and 2 above on a medium customarily used for software interchange; or,
+
+    b) Accompany it with a written offer, valid for at least three
+    years, to give any third party, for a charge no more than your
+    cost of physically performing source distribution, a complete
+    machine-readable copy of the corresponding source code, to be
+    distributed under the terms of Sections 1 and 2 above on a medium
+    customarily used for software interchange; or,
+
+    c) Accompany it with the information you received as to the offer
+    to distribute corresponding source code.  (This alternative is
+    allowed only for noncommercial distribution and only if you
+    received the program in object code or executable form with such
+    an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it.  For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable.  However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+  4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License.  Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+  5. You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Program or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+  6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+  7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+  8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded.  In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+  9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation.  If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+  10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission.  For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this.  Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+			    NO WARRANTY
+
+  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+		     END OF TERMS AND CONDITIONS

ChangeLog

@@ -0,0 +1,3 @@
+2007-05-01
+	* Development of nodogsplash starts,  based on WifiDog 1.1.3_beta6
+	

Config.in

@@ -0,0 +1,13 @@
+config BR2_PACKAGE_NODOGSPLASH
+	tristate "nodogsplash - Wireless LAN portal controller"
+	default m if CONFIG_DEVEL
+	select BR2_PACKAGE_IPTABLES
+	select BR2_PACKAGE_IPTABLES_MOD_IPOPT
+	select BR2_PACKAGE_LIBPTHREAD
+	help
+	  Nodogsplash is a simple open source captive portal or wireless LAN
+	  access point controller. It is based on the Wifidog gateway client,
+	  but (like nocatsplash) does not require an authentication server.
+
+	  http://kokoro.ucsd.edu/nodogsplash
+	  

INSTALL

@@ -0,0 +1,248 @@
+Installation Instructions
+*************************
+
+Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005 Free
+Software Foundation, Inc.
+
+This file is free documentation; the Free Software Foundation gives
+unlimited permission to copy, distribute and modify it.
+
+Basic Installation
+==================
+
+These are basic instructions for building a nodogsplash OpenWRT package
+from source.
+
+First, obtain and set up an OpenWRT buildroot of a version that you
+want to compile against.  Suppose the buildroot is at /path/to/OpenWRT/buildroot.
+
+Then, untar the nodogsplash archive under the buildroot's package directory.
+
+Then in the root of the nodogsplash tree, do:
+
+% aclocal; autoconf; automake
+% ./configure
+% make BUILDROOT=/path/to/OpenWRT/buildroot ipkg
+
+   The `configure' shell script attempts to guess correct values for
+various system-dependent variables used during compilation.  It uses
+those values to create a `Makefile' in each directory of the package.
+It may also create one or more `.h' files containing system-dependent
+definitions.  Finally, it creates a shell script `config.status' that
+you can run in the future to recreate the current configuration, and a
+file `config.log' containing compiler output (useful mainly for
+debugging `configure').
+
+   It can also use an optional file (typically called `config.cache'
+and enabled with `--cache-file=config.cache' or simply `-C') that saves
+the results of its tests to speed up reconfiguring.  (Caching is
+disabled by default to prevent problems with accidental use of stale
+cache files.)
+
+   If you need to do unusual things to compile the package, please try
+to figure out how `configure' could check whether to do them, and mail
+diffs or instructions to the address given in the `README' so they can
+be considered for the next release.  If you are using the cache, and at
+some point `config.cache' contains results you don't want to keep, you
+may remove or edit it.
+
+   The file `configure.ac' (or `configure.in') is used to create
+`configure' by a program called `autoconf'.  You only need
+`configure.ac' if you want to change it or regenerate `configure' using
+a newer version of `autoconf'.
+
+The simplest way to compile this package is:
+
+  1. `cd' to the directory containing the package's source code and type
+     `./configure' to configure the package for your system.  If you're
+     using `csh' on an old version of System V, you might need to type
+     `sh ./configure' instead to prevent `csh' from trying to execute
+     `configure' itself.
+
+     Running `configure' takes awhile.  While running, it prints some
+     messages telling which features it is checking for.
+
+  2. Type `make' to compile the package.
+
+  3. Optionally, type `make check' to run any self-tests that come with
+     the package.
+
+  4. Type `make install' to install the programs and any data files and
+     documentation.
+
+  5. You can remove the program binaries and object files from the
+     source code directory by typing `make clean'.  To also remove the
+     files that `configure' created (so you can compile the package for
+     a different kind of computer), type `make distclean'.  There is
+     also a `make maintainer-clean' target, but that is intended mainly
+     for the package's developers.  If you use it, you may have to get
+     all sorts of other programs in order to regenerate files that came
+     with the distribution.
+
+Compilers and Options
+=====================
+
+Some systems require unusual options for compilation or linking that the
+`configure' script does not know about.  Run `./configure --help' for
+details on some of the pertinent environment variables.
+
+   You can give `configure' initial values for configuration parameters
+by setting variables in the command line or in the environment.  Here
+is an example:
+
+     ./configure CC=c89 CFLAGS=-O2 LIBS=-lposix
+
+   *Note Defining Variables::, for more details.
+
+Compiling For Multiple Architectures
+====================================
+
+You can compile the package for more than one kind of computer at the
+same time, by placing the object files for each architecture in their
+own directory.  To do this, you must use a version of `make' that
+supports the `VPATH' variable, such as GNU `make'.  `cd' to the
+directory where you want the object files and executables to go and run
+the `configure' script.  `configure' automatically checks for the
+source code in the directory that `configure' is in and in `..'.
+
+   If you have to use a `make' that does not support the `VPATH'
+variable, you have to compile the package for one architecture at a
+time in the source code directory.  After you have installed the
+package for one architecture, use `make distclean' before reconfiguring
+for another architecture.
+
+Installation Names
+==================
+
+By default, `make install' installs the package's commands under
+`/usr/local/bin', include files under `/usr/local/include', etc.  You
+can specify an installation prefix other than `/usr/local' by giving
+`configure' the option `--prefix=PREFIX'.
+
+   You can specify separate installation prefixes for
+architecture-specific files and architecture-independent files.  If you
+pass the option `--exec-prefix=PREFIX' to `configure', the package uses
+PREFIX as the prefix for installing programs and libraries.
+Documentation and other data files still use the regular prefix.
+
+   In addition, if you use an unusual directory layout you can give
+options like `--bindir=DIR' to specify different values for particular
+kinds of files.  Run `configure --help' for a list of the directories
+you can set and what kinds of files go in them.
+
+   If the package supports it, you can cause programs to be installed
+with an extra prefix or suffix on their names by giving `configure' the
+option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
+
+Optional Features
+=================
+
+Some packages pay attention to `--enable-FEATURE' options to
+`configure', where FEATURE indicates an optional part of the package.
+They may also pay attention to `--with-PACKAGE' options, where PACKAGE
+is something like `gnu-as' or `x' (for the X Window System).  The
+`README' should mention any `--enable-' and `--with-' options that the
+package recognizes.
+
+   For packages that use the X Window System, `configure' can usually
+find the X include and library files automatically, but if it doesn't,
+you can use the `configure' options `--x-includes=DIR' and
+`--x-libraries=DIR' to specify their locations.
+
+Specifying the System Type
+==========================
+
+There may be some features `configure' cannot figure out automatically,
+but needs to determine by the type of machine the package will run on.
+Usually, assuming the package is built to be run on the _same_
+architectures, `configure' can figure that out, but if it prints a
+message saying it cannot guess the machine type, give it the
+`--build=TYPE' option.  TYPE can either be a short name for the system
+type, such as `sun4', or a canonical name which has the form:
+
+     CPU-COMPANY-SYSTEM
+
+where SYSTEM can have one of these forms:
+
+     OS KERNEL-OS
+
+   See the file `config.sub' for the possible values of each field.  If
+`config.sub' isn't included in this package, then this package doesn't
+need to know the machine type.
+
+   If you are _building_ compiler tools for cross-compiling, you should
+use the option `--target=TYPE' to select the type of system they will
+produce code for.
+
+   If you want to _use_ a cross compiler, that generates code for a
+platform different from the build platform, you should specify the
+"host" platform (i.e., that on which the generated programs will
+eventually be run) with `--host=TYPE'.
+
+Sharing Defaults
+================
+
+If you want to set default values for `configure' scripts to share, you
+can create a site shell script called `config.site' that gives default
+values for variables like `CC', `cache_file', and `prefix'.
+`configure' looks for `PREFIX/share/config.site' if it exists, then
+`PREFIX/etc/config.site' if it exists.  Or, you can set the
+`CONFIG_SITE' environment variable to the location of the site script.
+A warning: not all `configure' scripts look for a site script.
+
+Defining Variables
+==================
+
+Variables not defined in a site shell script can be set in the
+environment passed to `configure'.  However, some packages may run
+configure again during the build, and the customized values of these
+variables may be lost.  In order to avoid this problem, you should set
+them in the `configure' command line, using `VAR=value'.  For example:
+
+     ./configure CC=/usr/local2/bin/gcc
+
+causes the specified `gcc' to be used as the C compiler (unless it is
+overridden in the site shell script).  Here is a another example:
+
+     /bin/bash ./configure CONFIG_SHELL=/bin/bash
+
+Here the `CONFIG_SHELL=/bin/bash' operand causes subsequent
+configuration-related scripts to be executed by `/bin/bash'.
+
+`configure' Invocation
+======================
+
+`configure' recognizes the following options to control how it operates.
+
+`--help'
+`-h'
+     Print a summary of the options to `configure', and exit.
+
+`--version'
+`-V'
+     Print the version of Autoconf used to generate the `configure'
+     script, and exit.
+
+`--cache-file=FILE'
+     Enable the cache: use and save the results of the tests in FILE,
+     traditionally `config.cache'.  FILE defaults to `/dev/null' to
+     disable caching.
+
+`--config-cache'
+`-C'
+     Alias for `--cache-file=config.cache'.
+
+`--quiet'
+`--silent'
+`-q'
+     Do not print messages saying which checks are being made.  To
+     suppress all normal output, redirect it to `/dev/null' (any error
+     messages will still be shown).
+
+`--srcdir=DIR'
+     Look for the package's source code in directory DIR.  Usually
+     `configure' can determine that directory automatically.
+
+`configure' also accepts some other, not widely useful, options.  Run
+`configure --help' for more details.
+

Makefile.am

@@ -0,0 +1,44 @@
+# $Id: Makefile.am 935 2006-02-01 03:22:04Z benoitg $
+
+SUBDIRS = libhttpd src . doc 
+
+docdir = ${prefix}/share/doc/nodogsplash-@VERSION@
+
+doc_DATA = \
+  AUTHORS \
+  COPYING \
+  INSTALL \
+  NEWS \
+  README \
+  ChangeLog
+
+EXTRA_DIST = \
+  FAQ \
+  nodogsplash.spec.in \
+  nodogsplash.spec \
+  config \
+  scripts \
+  debian/rules \
+  debian/control \
+  debian/changelog \
+  ipkg/rules \
+  nodogsplash.conf
+
+.PHONY: doc
+doc:
+	$(MAKE) -C doc doc
+
+.PHONY: ipkg
+ipkg: all
+	./ipkg/rules BUILDROOT=$(BUILDROOT)
+
+.PHONY: rpm
+rpm: dist
+	cp ${builddir}nodogsplash.spec /usr/src/RPM/SPECS
+	cp ${builddir}nodogsplash-@VERSION@.tar.gz /usr/src/RPM/SOURCES
+	rpmbuild -ta ${builddir}nodogsplash-@VERSION@.tar.gz
+
+clean-local:
+	echo "clean-local: " && pwd
+	rm -f *~
+

Makefile.in

@@ -0,0 +1,440 @@
+# Makefile.in generated automatically by automake 1.4-p4 from Makefile.am
+
+# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+# $Id: Makefile.am 935 2006-02-01 03:22:04Z benoitg $
+
+
+SHELL = @SHELL@
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+VPATH = @srcdir@
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+
+bindir = @bindir@
+sbindir = @sbindir@
+libexecdir = @libexecdir@
+datadir = @datadir@
+sysconfdir = @sysconfdir@
+sharedstatedir = @sharedstatedir@
+localstatedir = @localstatedir@
+libdir = @libdir@
+infodir = @infodir@
+mandir = @mandir@
+includedir = @includedir@
+oldincludedir = /usr/include
+
+DESTDIR =
+
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+
+top_builddir = .
+
+ACLOCAL = @ACLOCAL@
+AUTOCONF = @AUTOCONF@
+AUTOMAKE = @AUTOMAKE@
+AUTOHEADER = @AUTOHEADER@
+
+INSTALL = @INSTALL@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+transform = @program_transform_name@
+
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+host_alias = @host_alias@
+host_triplet = @host@
+AR = @AR@
+AS = @AS@
+BUILDROOT = @BUILDROOT@
+CC = @CC@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+DLLTOOL = @DLLTOOL@
+DOT = @DOT@
+DOXYGEN = @DOXYGEN@
+ECHO = @ECHO@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+GCJ = @GCJ@
+GCJFLAGS = @GCJFLAGS@
+HAVE_LIB = @HAVE_LIB@
+LIB = @LIB@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIB = @LTLIB@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+NODOGSPLASH_MAJOR_VERSION = @NODOGSPLASH_MAJOR_VERSION@
+NODOGSPLASH_MINOR_VERSION = @NODOGSPLASH_MINOR_VERSION@
+NODOGSPLASH_VERSION = @NODOGSPLASH_VERSION@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+RANLIB = @RANLIB@
+RC = @RC@
+STRIP = @STRIP@
+VERSION = @VERSION@
+enable_dot = @enable_dot@
+enable_html_docs = @enable_html_docs@
+enable_latex_docs = @enable_latex_docs@
+
+SUBDIRS = libhttpd src . doc 
+
+docdir = ${prefix}/share/doc/nodogsplash-@VERSION@
+
+doc_DATA =    AUTHORS   COPYING   INSTALL   NEWS   README   ChangeLog
+
+
+EXTRA_DIST =    FAQ   nodogsplash.spec.in   nodogsplash.spec   config   scripts   debian/rules   debian/control   debian/changelog   ipkg/rules   nodogsplash.conf
+
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+mkinstalldirs = $(SHELL) $(top_srcdir)/config/mkinstalldirs
+CONFIG_HEADER = config.h
+CONFIG_CLEAN_FILES =  nodogsplash.spec
+DATA =  $(doc_DATA)
+
+DIST_COMMON =  README ./stamp-h.in AUTHORS COPYING ChangeLog INSTALL \
+Makefile.am Makefile.in NEWS aclocal.m4 config.h.in configure \
+configure.in nodogsplash.spec.in
+
+
+DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
+
+TAR = tar
+GZIP_ENV = --best
+all: all-redirect
+.SUFFIXES:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) 
+	cd $(top_srcdir) && $(AUTOMAKE) --gnu Makefile
+
+Makefile: $(srcdir)/Makefile.in  $(top_builddir)/config.status $(BUILT_SOURCES)
+	cd $(top_builddir) \
+	  && CONFIG_FILES=$@ CONFIG_HEADERS= $(SHELL) ./config.status
+
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ configure.in 
+	cd $(srcdir) && $(ACLOCAL)
+
+config.status: $(srcdir)/configure.in $(CONFIG_STATUS_DEPENDENCIES)
+	$(SHELL) ./config.status --recheck
+$(srcdir)/configure: @MAINTAINER_MODE_TRUE@$(srcdir)/configure.in $(ACLOCAL_M4) $(CONFIGURE_DEPENDENCIES)
+	cd $(srcdir) && $(AUTOCONF)
+
+config.h: stamp-h
+	@if test ! -f $@; then \
+		rm -f stamp-h; \
+		$(MAKE) stamp-h; \
+	else :; fi
+stamp-h: $(srcdir)/config.h.in $(top_builddir)/config.status
+	cd $(top_builddir) \
+	  && CONFIG_FILES= CONFIG_HEADERS=config.h \
+	     $(SHELL) ./config.status
+	@echo timestamp > stamp-h 2> /dev/null
+$(srcdir)/config.h.in: @MAINTAINER_MODE_TRUE@$(srcdir)/stamp-h.in
+	@if test ! -f $@; then \
+		rm -f $(srcdir)/stamp-h.in; \
+		$(MAKE) $(srcdir)/stamp-h.in; \
+	else :; fi
+$(srcdir)/stamp-h.in: $(top_srcdir)/configure.in $(ACLOCAL_M4) 
+	cd $(top_srcdir) && $(AUTOHEADER)
+	@echo timestamp > $(srcdir)/stamp-h.in 2> /dev/null
+
+mostlyclean-hdr:
+
+clean-hdr:
+
+distclean-hdr:
+	-rm -f config.h
+
+maintainer-clean-hdr:
+nodogsplash.spec: $(top_builddir)/config.status nodogsplash.spec.in
+	cd $(top_builddir) && CONFIG_FILES=$@ CONFIG_HEADERS= $(SHELL) ./config.status
+
+install-docDATA: $(doc_DATA)
+	@$(NORMAL_INSTALL)
+	$(mkinstalldirs) $(DESTDIR)$(docdir)
+	@list='$(doc_DATA)'; for p in $$list; do \
+	  if test -f $(srcdir)/$$p; then \
+	    echo " $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(docdir)/$$p"; \
+	    $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(docdir)/$$p; \
+	  else if test -f $$p; then \
+	    echo " $(INSTALL_DATA) $$p $(DESTDIR)$(docdir)/$$p"; \
+	    $(INSTALL_DATA) $$p $(DESTDIR)$(docdir)/$$p; \
+	  fi; fi; \
+	done
+
+uninstall-docDATA:
+	@$(NORMAL_UNINSTALL)
+	list='$(doc_DATA)'; for p in $$list; do \
+	  rm -f $(DESTDIR)$(docdir)/$$p; \
+	done
+
+# This directory's subdirectories are mostly independent; you can cd
+# into them and run `make' without going through this Makefile.
+# To change the values of `make' variables: instead of editing Makefiles,
+# (1) if the variable is set in `config.status', edit `config.status'
+#     (which will cause the Makefiles to be regenerated when you run `make');
+# (2) otherwise, pass the desired values on the `make' command line.
+
+@SET_MAKE@
+
+all-recursive install-data-recursive install-exec-recursive \
+installdirs-recursive install-recursive uninstall-recursive  \
+check-recursive installcheck-recursive info-recursive dvi-recursive:
+	@set fnord $(MAKEFLAGS); amf=$$2; \
+	dot_seen=no; \
+	target=`echo $@ | sed s/-recursive//`; \
+	list='$(SUBDIRS)'; for subdir in $$list; do \
+	  echo "Making $$target in $$subdir"; \
+	  if test "$$subdir" = "."; then \
+	    dot_seen=yes; \
+	    local_target="$$target-am"; \
+	  else \
+	    local_target="$$target"; \
+	  fi; \
+	  (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+	   || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \
+	done; \
+	if test "$$dot_seen" = "no"; then \
+	  $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+	fi; test -z "$$fail"
+
+mostlyclean-recursive clean-recursive distclean-recursive \
+maintainer-clean-recursive:
+	@set fnord $(MAKEFLAGS); amf=$$2; \
+	dot_seen=no; \
+	rev=''; list='$(SUBDIRS)'; for subdir in $$list; do \
+	  rev="$$subdir $$rev"; \
+	  test "$$subdir" = "." && dot_seen=yes; \
+	done; \
+	test "$$dot_seen" = "no" && rev=". $$rev"; \
+	target=`echo $@ | sed s/-recursive//`; \
+	for subdir in $$rev; do \
+	  echo "Making $$target in $$subdir"; \
+	  if test "$$subdir" = "."; then \
+	    local_target="$$target-am"; \
+	  else \
+	    local_target="$$target"; \
+	  fi; \
+	  (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+	   || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \
+	done && test -z "$$fail"
+tags-recursive:
+	list='$(SUBDIRS)'; for subdir in $$list; do \
+	  test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \
+	done
+
+tags: TAGS
+
+ID: $(HEADERS) $(SOURCES) $(LISP)
+	list='$(SOURCES) $(HEADERS)'; \
+	unique=`for i in $$list; do echo $$i; done | \
+	  awk '    { files[$$0] = 1; } \
+	       END { for (i in files) print i; }'`; \
+	here=`pwd` && cd $(srcdir) \
+	  && mkid -f$$here/ID $$unique $(LISP)
+
+TAGS: tags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) $(LISP)
+	tags=; \
+	here=`pwd`; \
+	list='$(SUBDIRS)'; for subdir in $$list; do \
+   if test "$$subdir" = .; then :; else \
+	    test -f $$subdir/TAGS && tags="$$tags -i $$here/$$subdir/TAGS"; \
+   fi; \
+	done; \
+	list='$(SOURCES) $(HEADERS)'; \
+	unique=`for i in $$list; do echo $$i; done | \
+	  awk '    { files[$$0] = 1; } \
+	       END { for (i in files) print i; }'`; \
+	test -z "$(ETAGS_ARGS)config.h.in$$unique$(LISP)$$tags" \
+	  || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags config.h.in $$unique $(LISP) -o $$here/TAGS)
+
+mostlyclean-tags:
+
+clean-tags:
+
+distclean-tags:
+	-rm -f TAGS ID
+
+maintainer-clean-tags:
+
+distdir = $(PACKAGE)-$(VERSION)
+top_distdir = $(distdir)
+
+# This target untars the dist file and tries a VPATH configuration.  Then
+# it guarantees that the distribution is self-contained by making another
+# tarfile.
+distcheck: dist
+	-rm -rf $(distdir)
+	GZIP=$(GZIP_ENV) $(TAR) zxf $(distdir).tar.gz
+	mkdir $(distdir)/=build
+	mkdir $(distdir)/=inst
+	dc_install_base=`cd $(distdir)/=inst && pwd`; \
+	cd $(distdir)/=build \
+	  && ../configure --srcdir=.. --prefix=$$dc_install_base \
+	  && $(MAKE) $(AM_MAKEFLAGS) \
+	  && $(MAKE) $(AM_MAKEFLAGS) dvi \
+	  && $(MAKE) $(AM_MAKEFLAGS) check \
+	  && $(MAKE) $(AM_MAKEFLAGS) install \
+	  && $(MAKE) $(AM_MAKEFLAGS) installcheck \
+	  && $(MAKE) $(AM_MAKEFLAGS) dist
+	-rm -rf $(distdir)
+	@banner="$(distdir).tar.gz is ready for distribution"; \
+	dashes=`echo "$$banner" | sed s/./=/g`; \
+	echo "$$dashes"; \
+	echo "$$banner"; \
+	echo "$$dashes"
+dist: distdir
+	-chmod -R a+r $(distdir)
+	GZIP=$(GZIP_ENV) $(TAR) chozf $(distdir).tar.gz $(distdir)
+	-rm -rf $(distdir)
+dist-all: distdir
+	-chmod -R a+r $(distdir)
+	GZIP=$(GZIP_ENV) $(TAR) chozf $(distdir).tar.gz $(distdir)
+	-rm -rf $(distdir)
+distdir: $(DISTFILES)
+	-rm -rf $(distdir)
+	mkdir $(distdir)
+	-chmod 777 $(distdir)
+	here=`cd $(top_builddir) && pwd`; \
+	top_distdir=`cd $(distdir) && pwd`; \
+	distdir=`cd $(distdir) && pwd`; \
+	cd $(top_srcdir) \
+	  && $(AUTOMAKE) --include-deps --build-dir=$$here --srcdir-name=$(top_srcdir) --output-dir=$$top_distdir --gnu Makefile
+	$(mkinstalldirs) $(distdir)/debian $(distdir)/ipkg
+	@for file in $(DISTFILES); do \
+	  d=$(srcdir); \
+	  if test -d $$d/$$file; then \
+	    cp -pr $$d/$$file $(distdir)/$$file; \
+	  else \
+	    test -f $(distdir)/$$file \
+	    || ln $$d/$$file $(distdir)/$$file 2> /dev/null \
+	    || cp -p $$d/$$file $(distdir)/$$file || :; \
+	  fi; \
+	done
+	for subdir in $(SUBDIRS); do \
+	  if test "$$subdir" = .; then :; else \
+	    test -d $(distdir)/$$subdir \
+	    || mkdir $(distdir)/$$subdir \
+	    || exit 1; \
+	    chmod 777 $(distdir)/$$subdir; \
+	    (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir=../$(distdir) distdir=../$(distdir)/$$subdir distdir) \
+	      || exit 1; \
+	  fi; \
+	done
+info-am:
+info: info-recursive
+dvi-am:
+dvi: dvi-recursive
+check-am: all-am
+check: check-recursive
+installcheck-am:
+installcheck: installcheck-recursive
+all-recursive-am: config.h
+	$(MAKE) $(AM_MAKEFLAGS) all-recursive
+
+install-exec-am:
+install-exec: install-exec-recursive
+
+install-data-am: install-docDATA
+install-data: install-data-recursive
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+install: install-recursive
+uninstall-am: uninstall-docDATA
+uninstall: uninstall-recursive
+all-am: Makefile $(DATA) config.h
+all-redirect: all-recursive-am
+install-strip:
+	$(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
+installdirs: installdirs-recursive
+installdirs-am:
+	$(mkinstalldirs)  $(DESTDIR)$(docdir)
+
+
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-rm -f Makefile $(CONFIG_CLEAN_FILES)
+	-rm -f config.cache config.log stamp-h stamp-h[0-9]*
+
+maintainer-clean-generic:
+mostlyclean-am:  mostlyclean-hdr mostlyclean-tags mostlyclean-generic
+
+mostlyclean: mostlyclean-recursive
+
+clean-am:  clean-hdr clean-tags clean-generic mostlyclean-am clean-local
+
+clean: clean-recursive
+
+distclean-am:  distclean-hdr distclean-tags distclean-generic clean-am
+	-rm -f libtool
+
+distclean: distclean-recursive
+	-rm -f config.status
+
+maintainer-clean-am:  maintainer-clean-hdr maintainer-clean-tags \
+		maintainer-clean-generic distclean-am
+	@echo "This command is intended for maintainers to use;"
+	@echo "it deletes files that may require special tools to rebuild."
+
+maintainer-clean: maintainer-clean-recursive
+	-rm -f config.status
+
+.PHONY: mostlyclean-hdr distclean-hdr clean-hdr maintainer-clean-hdr \
+uninstall-docDATA install-docDATA install-data-recursive \
+uninstall-data-recursive install-exec-recursive \
+uninstall-exec-recursive installdirs-recursive uninstalldirs-recursive \
+all-recursive check-recursive installcheck-recursive info-recursive \
+dvi-recursive mostlyclean-recursive distclean-recursive clean-recursive \
+maintainer-clean-recursive tags tags-recursive mostlyclean-tags \
+distclean-tags clean-tags maintainer-clean-tags distdir info-am info \
+dvi-am dvi check check-am installcheck-am installcheck all-recursive-am \
+install-exec-am install-exec install-data-am install-data install-am \
+install uninstall-am uninstall all-redirect all-am all installdirs-am \
+installdirs mostlyclean-generic distclean-generic clean-generic \
+maintainer-clean-generic clean mostlyclean distclean maintainer-clean
+
+
+.PHONY: doc
+doc:
+	$(MAKE) -C doc doc
+
+.PHONY: ipkg
+ipkg: all
+	./ipkg/rules BUILDROOT=$(BUILDROOT)
+
+.PHONY: rpm
+rpm: dist
+	cp ${builddir}nodogsplash.spec /usr/src/RPM/SPECS
+	cp ${builddir}nodogsplash-@VERSION@.tar.gz /usr/src/RPM/SOURCES
+	rpmbuild -ta ${builddir}nodogsplash-@VERSION@.tar.gz
+
+clean-local:
+	echo "clean-local: " && pwd
+	rm -f *~
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:

README

@@ -0,0 +1,170 @@
+
+00.. TThhee NNooddooggssppllaasshh pprroojjeecctt
+
+Nodogsplash offers a simple way to open a free hotspot providing restricted
+access to an internet connection. It is intended for use on wireless access
+points running OpenWRT (but may also work on other Linux-based devices).
+Its functionality is similar to Nocatsplash, but it is derived from the
+codebase of the Wifi Guard Dog project. Nodogsplash is released under the GNU
+General Public License.
+
+* Nodogsplash: _h_t_t_p_:_/_/_k_o_k_o_r_o_._u_c_s_d_._e_d_u_/_n_o_d_o_g_s_p_l_a_s_h
+* OpenWRT: _h_t_t_p_:_/_/_o_p_e_n_w_r_t_._o_r_g_/
+* Wifidog: _h_t_t_p_:_/_/_d_e_v_._w_i_f_i_d_o_g_._o_r_g_/
+* Nocatsplash: _h_t_t_p_:_/_/_n_o_c_a_t_._n_e_t_/
+* GNU GPL: _h_t_t_p_:_/_/_w_w_w_._g_n_u_._o_r_g_/_c_o_p_y_l_e_f_t_/_g_p_l_._h_t_m_l
+
+The following describes how Nodogsplash works, how to get it and run it, and
+how to customize its behavior for your application.
+
+11.. OOvveerrvviieeww
+
+A simple hotspot controller like Nodogsplash is a solution to this problem: You
+want to provide controlled and reasonably secure public access to an internet
+connection; and while you want to require users to give some acknowledgment of
+the service you are providing, you don't need or want the complexity of user
+account names and passwords and maintaining a separate database-backed
+authentication server.
+When installed and running, Nodogsplash implements a simple 'authentication'
+process. First, it detects any user attempting to use your internet connection
+to visit a website. It captures the request, and instead serves back a 'splash'
+web page using its own builtin _l_i_b_h_t_t_p_d_-_b_a_s_e_d web server. The splash page
+provides a link which, when the user clicks on it, opens limited access for
+them to the internet via your connection, beginning by being redirected to
+their originally requested website. This access expires after a certain time
+interval.
+Specific features of Nodogsplash are configurable, by editing the configuration
+file and the splash page. The default installed configuration may be all you
+need, though.
+
+22.. IInnssttaalllliinngg aanndd rruunnnniinngg nnooddooggssppllaasshh
+
+
+* Have a router working with _O_p_e_n_W_R_T. Nodogsplash has been compiled against a
+  OpenWRT White Russian 0.9 buildroot; it may or may not work on other versions
+  of OpenWRT or on other kinds of Linux-based router firmware.
+* Make sure your router is basically working before you try to install
+  nodogsplash. In particular, make sure your DHCP daemon is serving addresses
+  on the interface that nodogsplash will manage (typically eth1), and for the
+  following use ssh or telnet access to your router over a different interface.
+* To install nodogsplash, obtain the latest nodogsplash*.ipk package file from
+  the project website, copy it to /tmp/ on your OpenWRT router, and, in as root
+  on the router, run:
+
+    ipkg install /tmp/nodogsplash*.ipk
+
+* If the interface that you want nodogsplash to manage is not eth1, edit /etc/
+  nodogsplash/nodogsplash.conf and set GatewayInterface.
+* To start nodogsplash, run the following, or just reboot the router:
+
+    /etc/init.d/S65nodogsplash start
+
+* To test the installation, connect a client machine to the interface on your
+  router that is managed by nodogsplash (for example, connect to the router's
+  wireless lan) and in a browser on that machine, attempt to visit any website.
+  You should see the nodogsplash splash page instead. Click on the icon; the
+  browser should redirect to the initially requested website.
+* To see the current status of your nodogsplash process, run:
+
+    /usr/bin/ndctl status
+
+* To stop nodogsplash, run:
+
+    /etc/init.d/S65nodogsplash stop
+
+* To uninstall nodogsplash, run:
+
+    ipkg remove nodogsplash
+
+
+
+33.. HHooww nnooddooggssppllaasshh wwoorrkkss
+
+A wireless router running OpenWRT has two or more interfaces; nodogsplash
+manages one of them. This will typically be eth1, which is conventionally
+bridged to both the wireless and wired LAN, or just the wireless LAN if the br0
+bridge has been broken.
+Nodogsplash considers four kinds of packets coming into the router over that
+interface, determined by source MAC address:
+
+  1. BBlloocckkeedd, if listed in the BlockedMACList in the configuration file. These
+     packets are dropped. (Caveat: this is not a particularly secure mechanism,
+     since MAC addresses are easy to spoof.)
+  2. TTrruusstteedd, if listed in the TrustedMACList in the configuration file. These
+     packets are accepted and routed to any destination address and port.
+     (Caveat: this is not a particularly secure mechanism, since MAC addresses
+     are easy to spoof.)
+  3. AAuutthheennttiiccaatteedd, if the packet's IP and MAC source address has gone through
+     the nodogsplash authentication process and has not yet expired. These
+     packets are accepted and routed to a limited set of addresses and ports
+     (see FirewallRuleSet authenticated-users in the nodogsplash.conf
+     configuration file).
+  4. UUnnkknnoowwnn. Any other packet. These packets are accepted only to DHCP and DNS
+     ports on the router, and to the DNS port at other addresses. Any other
+     packet is dropped, except that a packet for destination port 80 at any
+     address is redirected to port 2050 on the router, where nodogsplash's
+     builtin web server is listening. This begins the 'authentication' process.
+     The server will serve a splash page back to the source IP address of the
+     packet. The user clicking the appropriate link on the splash page will
+     complete the process, causing future packets from this IP/MAC address to
+     be marked as AAuutthheennttiiccaatteedd until the inactive or forced timeout is
+     reached, and its packets revert to being UUnnkknnoowwnn.
+
+Nodogsplash implements these actions by inserting rules in the router's
+iptables mangle PREROUTING table to mark packets, and by inserting rules in the
+nat PREROUTING, filter INPUT and filter FORWARD chains which match on those
+marks. Because it inserts its rules at the beginning of existing chains,
+nodogsplash should be insensitive to almost any existing firewall
+configuration.
+
+44.. CCuussttoommiizziinngg nnooddooggssppllaasshh
+
+The default shipped configuration is intended to be usable and reasonably
+secure as-is for basic internet sharing applications, but it is customizable.
+
+* To change basic nodogsplash settings, edit the configuration file:
+
+    /etc/nodogsplash/nodogsplash.conf
+
+* To change the contents of the splash page, edit the splash page file:
+
+    /etc/nodogsplash/htdocs/splash.html
+
+  When the splash page is served, the following variables in the page are
+  replaced by their values:
+
+  o $gatewayname The value of GatewayName as set in nodogsplash.conf.
+  o $authtarget A URL which encodes a token and the URL of the user's original
+    web request. When nodogsplash receives a request at this URL, it redirects
+    them to their original web request, and subsequent packets from that user
+    are marked as AAuutthheennttiiccaatteedd.
+  o $imagesdir The directory in nodogsplash's web hierarchy where images to be
+    displayed in the splash page must be located.
+
+
+
+55.. DDeebbuuggggiinngg nnooddooggssppllaasshh
+
+
+* To see verbose debugging output from nodogsplash, edit the /etc/init.d/
+  S65nodogsplash file to set the OPTIONS variable to the flags "-s -d 7",
+  restart or reboot, and view messages with logread. The -s flag logs to
+  syslog; the -d 7 flag sets the maximally verbose level for debugging messages
+  (see syslog.h). You don't want to run with these flags routinely, as it will
+  quickly fill the syslog circular buffer, unless you enable remote logging.
+  Alternatively, you can set the flag -f instead of -s, and restart. This will
+  run nodogsplash in the foreground, logging to stdout. However, if you do
+  this, don't reboot the router; nodogsplash will not start at boot with the -
+  f flag set.
+* When stopped, nodogsplash deletes its iptables rules, attempting to leave the
+  router's firewall in its original state. If not (for example, after a crash)
+  subsequently starting and stopping nodogsplash should remove its rules. To
+  check to see all the rules in, for example, the filter table chains, run
+
+    iptables -t filter -L -v
+
+  For extensive suggestions on debugging iptables, see for example _O_s_k_a_r
+  _A_n_d_r_e_a_s_s_o_n_'_s_ _t_u_t_o_r_i_a_l.
+
+-------------------------------------------------------------------------------
+Email contact: nodogsplash (at) kokoro.ucsd.edu

README.html

@@ -0,0 +1,261 @@
+<html>
+<head> <title>nodogsplash README</title> </head>
+<body>
+<h3>0. The Nodogsplash project</h3>
+
+Nodogsplash offers a simple way to
+open a free hotspot providing restricted access to an internet
+connection.  It is intended for use on wireless access points running
+OpenWRT (but may also work on other Linux-based devices).
+ <p>
+Its functionality is similar to Nocatsplash, but it is derived from
+the codebase of the Wifi Guard Dog project. Nodogsplash is released
+under the GNU General Public License.
+ <p>
+<ul>
+<li>
+Nodogsplash: 	
+<a href="http://kokoro.ucsd.edu/nodogsplash">http://kokoro.ucsd.edu/nodogsplash</a>
+</li>
+<li>
+OpenWRT:
+<a href="http://openwrt.org/">http://openwrt.org/</a>
+</li>
+<li>
+Wifidog:
+<a href="http://dev.wifidog.org/">http://dev.wifidog.org/</a>
+</li>
+<li>
+Nocatsplash:
+<a href="http://nocat.net/">http://nocat.net/</a>
+</li>
+<li>
+GNU GPL:
+<a href="http://www.gnu.org/copyleft/gpl.html">http://www.gnu.org/copyleft/gpl.html</a>
+</li>
+</ul>
+ <p>
+The following describes how Nodogsplash works, how to get it and run it,
+and how to customize its behavior for your application.
+
+<h3>1. Overview</h3>
+
+A simple hotspot controller like Nodogsplash is a solution to this
+problem: You want to provide controlled and reasonably secure public access
+to an internet connection; and while you want to require users to give some
+acknowledgment of the service you are providing, you don't need or want the
+complexity of user account names and passwords and
+maintaining a separate database-backed authentication server.
+ <p>
+When installed and running, Nodogsplash implements a simple 'authentication'
+process.  First, it detects any user attempting to
+use your internet connection to visit a website.  It captures
+the request, and instead serves back a 'splash' web page using its own
+builtin <a href="http://www.hughes.com.au/products/libhttpd/">
+libhttpd-based</a> web server.
+The splash page provides a link which, when the user clicks on
+it, opens limited access for them to the internet via your connection,
+beginning by being redirected to their originally requested website.
+This access expires after a certain time interval.
+ <p>
+Specific features of Nodogsplash are configurable, by editing the
+configuration file and the
+splash page.  The default
+installed configuration may be all you need, though.
+
+<h3>2. Installing and running nodogsplash</h3>
+
+<ul>
+<li>
+Have a router working with
+<a href="http://openwrt.org/">OpenWRT</a>.
+Nodogsplash has been compiled against a OpenWRT White Russian 0.9 buildroot;
+it may or may not work on other versions of OpenWRT or on other kinds of 
+Linux-based router firmware.  
+</li>
+<li>
+Make sure your router is basically
+working before you try to install
+nodogsplash. In particular, make sure your DHCP daemon
+is serving addresses on the interface
+that nodogsplash will manage (typically <code>eth1</code>), and for the
+following use ssh or telnet access to your router over a different interface.
+</li>
+<li>
+To install nodogsplash, obtain the latest <code>nodogsplash*.ipk</code> package
+file from the project website, copy it to 
+<code>/tmp/</code> on your OpenWRT router,
+and, in as root on the router, run:
+<pre>
+ipkg install /tmp/nodogsplash*.ipk
+</pre>
+</li>
+<li>
+If the interface that you want nodogsplash to manage is not <code>eth1</code>,
+edit <code>/etc/nodogsplash/nodogsplash.conf</code> and set 
+<code>GatewayInterface</code>.
+</li>
+<li>
+To start nodogsplash, run the following, or just reboot the router:
+<pre>
+/etc/init.d/S65nodogsplash start
+</pre>
+</li>
+<li>
+To test the installation, connect a client machine to the interface
+on your router that is managed by nodogsplash (for example, connect to
+the router's wireless lan) and in a browser on that machine, attempt to visit
+any website.  You should see the nodogsplash splash page instead.  Click on the
+icon; the browser should redirect to the initially requested website.
+</li>
+<li>
+To see the current status of your nodogsplash process, run:
+<pre>
+/usr/bin/ndctl status
+</pre>
+</li>
+<li>
+To stop nodogsplash, run:
+<pre>
+/etc/init.d/S65nodogsplash stop
+</pre>
+</li>
+<li>
+To uninstall nodogsplash, run:
+<pre>
+ipkg remove nodogsplash
+</pre>
+</li>
+</ul>
+
+<h3>3. How nodogsplash works</h3>
+
+A wireless router running OpenWRT has two or more interfaces; nodogsplash
+manages one of them.  This will typically be <code>eth1</code>, which is
+conventionally bridged to both the wireless and wired LAN, or just the wireless
+LAN if the <code>br0</code> bridge has been broken.
+<p>
+Nodogsplash considers four kinds of packets coming into the router
+over that interface, determined by source MAC address:
+<ol>
+<li>
+<em>Blocked</em>, if listed in the BlockedMACList in the configuration file.
+These packets are dropped.  (Caveat: this is not
+a particularly secure mechanism, since MAC addresses are easy to spoof.)
+</li>
+<li>
+<em>Trusted</em>, if listed in the TrustedMACList in the configuration file.
+These packets are accepted and routed to any destination address and port.
+(Caveat: this is not
+a particularly secure mechanism, since MAC addresses are easy to spoof.)
+</li>
+<li>
+<em>Authenticated</em>, if the packet's IP and MAC source address has gone
+through the nodogsplash authentication process and has not yet
+expired.  These packets are accepted and routed to a limited set of 
+addresses and ports (see <code>FirewallRuleSet authenticated-users</code>
+in the <code>nodogsplash.conf</code> configuration file).
+</li>
+<li>
+<em>Unknown</em>.  Any other packet.  These packets are accepted only to DHCP
+and DNS ports on the router, and to the DNS port
+at other addresses.  Any other packet is dropped, except that a packet
+for destination port 80 at any address is redirected to port 2050 on
+the router, where nodogsplash's builtin web server is listening.  This begins
+the 'authentication' process. The
+server will serve a splash page back to the source IP address of the
+packet. The user clicking the appropriate link on the splash page will complete
+the process, causing future packets from this 
+IP/MAC address to be marked as
+<em>Authenticated</em> until the inactive or forced timeout is reached, 
+and its packets revert to being <em>Unknown</em>.
+</li>
+</ol>
+Nodogsplash implements these actions by 
+inserting rules in the router's iptables mangle
+PREROUTING table to mark packets, and by inserting
+rules in the nat PREROUTING, filter INPUT and
+filter FORWARD chains which match on those marks.
+Because it inserts its rules at the beginning
+of existing chains, nodogsplash should be 
+insensitive to almost any existing firewall
+configuration.  
+
+<h3>4. Customizing nodogsplash</h3>
+
+The default shipped configuration is intended to be usable and reasonably
+secure as-is for basic internet sharing applications, but it is
+customizable. 
+<ul>
+<li>
+To change basic nodogsplash settings, edit the configuration file:
+<pre>
+/etc/nodogsplash/nodogsplash.conf
+</pre>
+</li>
+<li>
+To change the contents of the splash page, edit the splash page file:
+<pre>
+/etc/nodogsplash/htdocs/splash.html
+</pre>
+When the splash page is served, the following variables in the page are
+replaced by their values:
+<ul>
+<li>
+<code>$gatewayname</code>  The value of 
+<code>GatewayName</code> as set in <code>nodogsplash.conf</code>.
+</li>
+<li>
+<code>$authtarget</code>  A URL which encodes a token and
+the URL of the user's original web request.  When nodogsplash receives a
+request at this URL, it redirects them
+to their original web request, and subsequent packets from that
+user are marked as <em>Authenticated</em>.
+</li>
+<li>
+<code>$imagesdir</code>  The directory in nodogsplash's web hierarchy
+where images to be displayed in the splash page must be located.
+</li>
+</ul>
+</ul>
+
+<h3>5. Debugging nodogsplash</h3>
+<ul>
+<li>
+To see verbose debugging output from nodogsplash, 
+edit the <code>/etc/init.d/S65nodogsplash</code> file to set the 
+<code>OPTIONS</code>
+variable to the flags <code>"-s -d 7"</code>, restart or reboot, and
+view messages with logread.
+The <code>-s</code> flag logs to syslog; the <code>-d 7</code> flag
+sets the maximally verbose level for debugging messages (see syslog.h).
+You don't want to run with these flags routinely, as it will 
+quickly fill the syslog  circular buffer, unless you enable remote logging.
+<p>
+Alternatively, you can set the flag <code>-f</code> instead of <code>-s</code>,
+and restart.
+This will run nodogsplash in the foreground, logging to stdout. However, 
+if you do this, don't reboot the router;
+nodogsplash will not start at boot with the  <code>-f</code> flag set.
+</li>
+<li>
+When stopped, nodogsplash deletes its iptables rules,
+attempting to leave the router's firewall in its original state.  If 
+not (for example, after a crash)
+subsequently starting and stopping nodogsplash should remove its rules.
+To check to see all the
+rules in, for example, the filter table chains, run
+<pre>
+iptables -t filter -L -v
+</pre>
+For extensive suggestions on debugging iptables, see for example
+<a href="http://iptables-tutorial.frozentux.net/iptables-tutorial.html">
+Oskar Andreasson's tutorial</a>.
+</li>
+</ul>
+
+<hr>
+Email contact: nodogsplash (at) kokoro.ucsd.edu
+
+</body>
+</html>

autom4te.cache/requests

@@ -0,0 +1,130 @@
+# This file was generated by Autom4te Mon Jul 10 17:33:12 PDT 2006.
+# It contains the lists of macros which have been traced.
+# It can be safely removed.
+
+@request = (
+             bless( [
+                      '0',
+                      1,
+                      [
+                        '/usr/share/autoconf'
+                      ],
+                      [
+                        '/usr/share/autoconf/autoconf/autoconf.m4f',
+                        'aclocal.m4',
+                        'configure.in'
+                      ],
+                      {
+                        '_LT_AC_TAGCONFIG' => 1,
+                        'AM_PROG_F77_C_O' => 1,
+                        'm4_pattern_forbid' => 1,
+                        'AC_CANONICAL_TARGET' => 1,
+                        'AC_CONFIG_LIBOBJ_DIR' => 1,
+                        'AC_TYPE_OFF_T' => 1,
+                        'AC_C_VOLATILE' => 1,
+                        'AC_FUNC_CLOSEDIR_VOID' => 1,
+                        'AC_REPLACE_FNMATCH' => 1,
+                        'AC_PROG_LIBTOOL' => 1,
+                        'AC_FUNC_STAT' => 1,
+                        'AC_HEADER_TIME' => 1,
+                        'AC_FUNC_WAIT3' => 1,
+                        'AM_AUTOMAKE_VERSION' => 1,
+                        'AC_STRUCT_TM' => 1,
+                        'AC_FUNC_LSTAT' => 1,
+                        'AC_TYPE_MODE_T' => 1,
+                        'AC_FUNC_GETMNTENT' => 1,
+                        'AC_FUNC_STRTOD' => 1,
+                        'AC_CHECK_HEADERS' => 1,
+                        'LT_CONFIG_LTDL_DIR' => 1,
+                        'AC_FUNC_STRNLEN' => 1,
+                        'm4_sinclude' => 1,
+                        'AC_PROG_CXX' => 1,
+                        'AC_PATH_X' => 1,
+                        'AC_FUNC_LSTAT_FOLLOWS_SLASHED_SYMLINK' => 1,
+                        'AC_PROG_AWK' => 1,
+                        '_m4_warn' => 1,
+                        'AC_HEADER_STDC' => 1,
+                        'AC_HEADER_MAJOR' => 1,
+                        'AM_PROG_CXX_C_O' => 1,
+                        'LT_INIT' => 1,
+                        'AC_FUNC_ERROR_AT_LINE' => 1,
+                        'AC_PROG_GCC_TRADITIONAL' => 1,
+                        'AC_LIBSOURCE' => 1,
+                        'AC_FUNC_MBRTOWC' => 1,
+                        'AC_STRUCT_ST_BLOCKS' => 1,
+                        'AM_PROG_FC_C_O' => 1,
+                        'AC_CANONICAL_BUILD' => 1,
+                        'AC_TYPE_SIGNAL' => 1,
+                        'AC_TYPE_UID_T' => 1,
+                        '_AM_SUBST_NOTMAKE' => 1,
+                        'AC_CONFIG_AUX_DIR' => 1,
+                        'AC_PROG_MAKE_SET' => 1,
+                        'sinclude' => 1,
+                        'm4_pattern_allow' => 1,
+                        'AC_DEFINE_TRACE_LITERAL' => 1,
+                        'AC_FUNC_STRERROR_R' => 1,
+                        'AC_PROG_CC' => 1,
+                        'AC_FUNC_FORK' => 1,
+                        'AC_DECL_SYS_SIGLIST' => 1,
+                        'AC_FUNC_VPRINTF' => 1,
+                        'AC_FUNC_STRCOLL' => 1,
+                        'AC_PROG_YACC' => 1,
+                        'AC_SUBST_TRACE' => 1,
+                        'AC_INIT' => 1,
+                        'AC_STRUCT_TIMEZONE' => 1,
+                        'AC_FUNC_CHOWN' => 1,
+                        'AC_SUBST' => 1,
+                        'AC_FUNC_ALLOCA' => 1,
+                        'AC_FC_SRCEXT' => 1,
+                        'AC_CANONICAL_HOST' => 1,
+                        'AC_FUNC_GETPGRP' => 1,
+                        'AC_PROG_RANLIB' => 1,
+                        'AM_INIT_AUTOMAKE' => 1,
+                        'AC_FUNC_SETPGRP' => 1,
+                        'AC_CONFIG_SUBDIRS' => 1,
+                        'AC_FUNC_MMAP' => 1,
+                        'AC_FUNC_REALLOC' => 1,
+                        'AC_TYPE_SIZE_T' => 1,
+                        'AC_REQUIRE_AUX_FILE' => 1,
+                        'AC_CONFIG_LINKS' => 1,
+                        'AC_CHECK_TYPES' => 1,
+                        'LT_SUPPORTED_TAG' => 1,
+                        'AC_CHECK_MEMBERS' => 1,
+                        'AM_MAINTAINER_MODE' => 1,
+                        'AC_FUNC_UTIME_NULL' => 1,
+                        'AC_FUNC_SELECT_ARGTYPES' => 1,
+                        'AC_FUNC_STRFTIME' => 1,
+                        'AC_HEADER_STAT' => 1,
+                        'AC_C_INLINE' => 1,
+                        'AC_PROG_CPP' => 1,
+                        'AC_TYPE_PID_T' => 1,
+                        'AC_C_CONST' => 1,
+                        'AC_PROG_LEX' => 1,
+                        'AC_CONFIG_FILES' => 1,
+                        'include' => 1,
+                        'AC_FUNC_SETVBUF_REVERSED' => 1,
+                        'AC_PROG_INSTALL' => 1,
+                        'AM_GNU_GETTEXT' => 1,
+                        'AC_FUNC_OBSTACK' => 1,
+                        'AC_CHECK_LIB' => 1,
+                        'AC_FUNC_MALLOC' => 1,
+                        'AC_FUNC_GETGROUPS' => 1,
+                        'AC_FC_FREEFORM' => 1,
+                        'AC_FUNC_GETLOADAVG' => 1,
+                        'AH_OUTPUT' => 1,
+                        'AC_FUNC_FSEEKO' => 1,
+                        'AM_PROG_CC_C_O' => 1,
+                        'AM_CONDITIONAL' => 1,
+                        'AC_CANONICAL_SYSTEM' => 1,
+                        'AC_FUNC_MKTIME' => 1,
+                        'AC_CONFIG_HEADERS' => 1,
+                        'AC_HEADER_SYS_WAIT' => 1,
+                        'AC_FUNC_MEMCMP' => 1,
+                        'AC_PROG_LN_S' => 1,
+                        'm4_include' => 1,
+                        'AC_HEADER_DIRENT' => 1,
+                        'AC_CHECK_FUNCS' => 1
+                      }
+                    ], 'Autom4te::Request' )
+           );
+

autom4te.cache/traces.0

@@ -0,0 +1,654 @@
+m4trace:configure.in:12: -1- AC_INIT([src/common.h])
+m4trace:configure.in:12: -1- m4_pattern_forbid([^_?A[CHUM]_])
+m4trace:configure.in:12: -1- m4_pattern_forbid([_AC_])
+m4trace:configure.in:12: -1- m4_pattern_forbid([^LIBOBJS$], [do not use LIBOBJS directly, use AC_LIBOBJ (see section `AC_LIBOBJ vs LIBOBJS'])
+m4trace:configure.in:12: -1- m4_pattern_allow([^AS_FLAGS$])
+m4trace:configure.in:12: -1- m4_pattern_forbid([^_?m4_])
+m4trace:configure.in:12: -1- m4_pattern_forbid([^dnl$])
+m4trace:configure.in:12: -1- m4_pattern_forbid([^_?AS_])
+m4trace:configure.in:12: -1- AC_SUBST([SHELL], [${CONFIG_SHELL-/bin/sh}])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([SHELL])
+m4trace:configure.in:12: -1- m4_pattern_allow([^SHELL$])
+m4trace:configure.in:12: -1- AC_SUBST([PATH_SEPARATOR])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([PATH_SEPARATOR])
+m4trace:configure.in:12: -1- m4_pattern_allow([^PATH_SEPARATOR$])
+m4trace:configure.in:12: -1- AC_SUBST([PACKAGE_NAME], [m4_ifdef([AC_PACKAGE_NAME],      ['AC_PACKAGE_NAME'])])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([PACKAGE_NAME])
+m4trace:configure.in:12: -1- m4_pattern_allow([^PACKAGE_NAME$])
+m4trace:configure.in:12: -1- AC_SUBST([PACKAGE_TARNAME], [m4_ifdef([AC_PACKAGE_TARNAME],   ['AC_PACKAGE_TARNAME'])])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([PACKAGE_TARNAME])
+m4trace:configure.in:12: -1- m4_pattern_allow([^PACKAGE_TARNAME$])
+m4trace:configure.in:12: -1- AC_SUBST([PACKAGE_VERSION], [m4_ifdef([AC_PACKAGE_VERSION],   ['AC_PACKAGE_VERSION'])])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([PACKAGE_VERSION])
+m4trace:configure.in:12: -1- m4_pattern_allow([^PACKAGE_VERSION$])
+m4trace:configure.in:12: -1- AC_SUBST([PACKAGE_STRING], [m4_ifdef([AC_PACKAGE_STRING],    ['AC_PACKAGE_STRING'])])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([PACKAGE_STRING])
+m4trace:configure.in:12: -1- m4_pattern_allow([^PACKAGE_STRING$])
+m4trace:configure.in:12: -1- AC_SUBST([PACKAGE_BUGREPORT], [m4_ifdef([AC_PACKAGE_BUGREPORT], ['AC_PACKAGE_BUGREPORT'])])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([PACKAGE_BUGREPORT])
+m4trace:configure.in:12: -1- m4_pattern_allow([^PACKAGE_BUGREPORT$])
+m4trace:configure.in:12: -1- AC_SUBST([exec_prefix], [NONE])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([exec_prefix])
+m4trace:configure.in:12: -1- m4_pattern_allow([^exec_prefix$])
+m4trace:configure.in:12: -1- AC_SUBST([prefix], [NONE])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([prefix])
+m4trace:configure.in:12: -1- m4_pattern_allow([^prefix$])
+m4trace:configure.in:12: -1- AC_SUBST([program_transform_name], [s,x,x,])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([program_transform_name])
+m4trace:configure.in:12: -1- m4_pattern_allow([^program_transform_name$])
+m4trace:configure.in:12: -1- AC_SUBST([bindir], ['${exec_prefix}/bin'])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([bindir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^bindir$])
+m4trace:configure.in:12: -1- AC_SUBST([sbindir], ['${exec_prefix}/sbin'])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([sbindir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^sbindir$])
+m4trace:configure.in:12: -1- AC_SUBST([libexecdir], ['${exec_prefix}/libexec'])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([libexecdir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^libexecdir$])
+m4trace:configure.in:12: -1- AC_SUBST([datarootdir], ['${prefix}/share'])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([datarootdir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^datarootdir$])
+m4trace:configure.in:12: -1- AC_SUBST([datadir], ['${datarootdir}'])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([datadir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^datadir$])
+m4trace:configure.in:12: -1- AC_SUBST([sysconfdir], ['${prefix}/etc'])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([sysconfdir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^sysconfdir$])
+m4trace:configure.in:12: -1- AC_SUBST([sharedstatedir], ['${prefix}/com'])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([sharedstatedir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^sharedstatedir$])
+m4trace:configure.in:12: -1- AC_SUBST([localstatedir], ['${prefix}/var'])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([localstatedir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^localstatedir$])
+m4trace:configure.in:12: -1- AC_SUBST([includedir], ['${prefix}/include'])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([includedir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^includedir$])
+m4trace:configure.in:12: -1- AC_SUBST([oldincludedir], ['/usr/include'])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([oldincludedir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^oldincludedir$])
+m4trace:configure.in:12: -1- AC_SUBST([docdir], [m4_ifset([AC_PACKAGE_TARNAME],
+				     ['${datarootdir}/doc/${PACKAGE_TARNAME}'],
+				     ['${datarootdir}/doc/${PACKAGE}'])])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([docdir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^docdir$])
+m4trace:configure.in:12: -1- AC_SUBST([infodir], ['${datarootdir}/info'])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([infodir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^infodir$])
+m4trace:configure.in:12: -1- AC_SUBST([htmldir], ['${docdir}'])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([htmldir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^htmldir$])
+m4trace:configure.in:12: -1- AC_SUBST([dvidir], ['${docdir}'])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([dvidir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^dvidir$])
+m4trace:configure.in:12: -1- AC_SUBST([pdfdir], ['${docdir}'])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([pdfdir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^pdfdir$])
+m4trace:configure.in:12: -1- AC_SUBST([psdir], ['${docdir}'])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([psdir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^psdir$])
+m4trace:configure.in:12: -1- AC_SUBST([libdir], ['${exec_prefix}/lib'])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([libdir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^libdir$])
+m4trace:configure.in:12: -1- AC_SUBST([localedir], ['${datarootdir}/locale'])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([localedir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^localedir$])
+m4trace:configure.in:12: -1- AC_SUBST([mandir], ['${datarootdir}/man'])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([mandir])
+m4trace:configure.in:12: -1- m4_pattern_allow([^mandir$])
+m4trace:configure.in:12: -1- AC_DEFINE_TRACE_LITERAL([PACKAGE_NAME])
+m4trace:configure.in:12: -1- m4_pattern_allow([^PACKAGE_NAME$])
+m4trace:configure.in:12: -1- AH_OUTPUT([PACKAGE_NAME], [/* Define to the full name of this package. */
+#undef PACKAGE_NAME])
+m4trace:configure.in:12: -1- AC_DEFINE_TRACE_LITERAL([PACKAGE_TARNAME])
+m4trace:configure.in:12: -1- m4_pattern_allow([^PACKAGE_TARNAME$])
+m4trace:configure.in:12: -1- AH_OUTPUT([PACKAGE_TARNAME], [/* Define to the one symbol short name of this package. */
+#undef PACKAGE_TARNAME])
+m4trace:configure.in:12: -1- AC_DEFINE_TRACE_LITERAL([PACKAGE_VERSION])
+m4trace:configure.in:12: -1- m4_pattern_allow([^PACKAGE_VERSION$])
+m4trace:configure.in:12: -1- AH_OUTPUT([PACKAGE_VERSION], [/* Define to the version of this package. */
+#undef PACKAGE_VERSION])
+m4trace:configure.in:12: -1- AC_DEFINE_TRACE_LITERAL([PACKAGE_STRING])
+m4trace:configure.in:12: -1- m4_pattern_allow([^PACKAGE_STRING$])
+m4trace:configure.in:12: -1- AH_OUTPUT([PACKAGE_STRING], [/* Define to the full name and version of this package. */
+#undef PACKAGE_STRING])
+m4trace:configure.in:12: -1- AC_DEFINE_TRACE_LITERAL([PACKAGE_BUGREPORT])
+m4trace:configure.in:12: -1- m4_pattern_allow([^PACKAGE_BUGREPORT$])
+m4trace:configure.in:12: -1- AH_OUTPUT([PACKAGE_BUGREPORT], [/* Define to the address where bug reports for this package should be sent. */
+#undef PACKAGE_BUGREPORT])
+m4trace:configure.in:12: -1- AC_SUBST([DEFS])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([DEFS])
+m4trace:configure.in:12: -1- m4_pattern_allow([^DEFS$])
+m4trace:configure.in:12: -1- AC_SUBST([ECHO_C])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([ECHO_C])
+m4trace:configure.in:12: -1- m4_pattern_allow([^ECHO_C$])
+m4trace:configure.in:12: -1- AC_SUBST([ECHO_N])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([ECHO_N])
+m4trace:configure.in:12: -1- m4_pattern_allow([^ECHO_N$])
+m4trace:configure.in:12: -1- AC_SUBST([ECHO_T])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([ECHO_T])
+m4trace:configure.in:12: -1- m4_pattern_allow([^ECHO_T$])
+m4trace:configure.in:12: -1- AC_SUBST([LIBS])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([LIBS])
+m4trace:configure.in:12: -1- m4_pattern_allow([^LIBS$])
+m4trace:configure.in:12: -1- AC_SUBST([build_alias])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([build_alias])
+m4trace:configure.in:12: -1- m4_pattern_allow([^build_alias$])
+m4trace:configure.in:12: -1- AC_SUBST([host_alias])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([host_alias])
+m4trace:configure.in:12: -1- m4_pattern_allow([^host_alias$])
+m4trace:configure.in:12: -1- AC_SUBST([target_alias])
+m4trace:configure.in:12: -1- AC_SUBST_TRACE([target_alias])
+m4trace:configure.in:12: -1- m4_pattern_allow([^target_alias$])
+m4trace:configure.in:13: -1- AC_CONFIG_HEADERS([config.h])
+m4trace:configure.in:13: -1- _m4_warn([obsolete], [The macro `AC_OUTPUT_COMMANDS' is obsolete.
+You should run autoupdate.], [autoconf/status.m4:853: AC_OUTPUT_COMMANDS is expanded from...
+aclocal.m4:976: AM_CONFIG_HEADER is expanded from...
+configure.in:13: the top level])
+m4trace:configure.in:14: -1- AC_CONFIG_AUX_DIR([config])
+m4trace:configure.in:15: -1- AC_PROG_CC
+m4trace:configure.in:15: -1- AC_SUBST([CC])
+m4trace:configure.in:15: -1- AC_SUBST_TRACE([CC])
+m4trace:configure.in:15: -1- m4_pattern_allow([^CC$])
+m4trace:configure.in:15: -1- AC_SUBST([CFLAGS])
+m4trace:configure.in:15: -1- AC_SUBST_TRACE([CFLAGS])
+m4trace:configure.in:15: -1- m4_pattern_allow([^CFLAGS$])
+m4trace:configure.in:15: -1- AC_SUBST([LDFLAGS])
+m4trace:configure.in:15: -1- AC_SUBST_TRACE([LDFLAGS])
+m4trace:configure.in:15: -1- m4_pattern_allow([^LDFLAGS$])
+m4trace:configure.in:15: -1- AC_SUBST([CPPFLAGS])
+m4trace:configure.in:15: -1- AC_SUBST_TRACE([CPPFLAGS])
+m4trace:configure.in:15: -1- m4_pattern_allow([^CPPFLAGS$])
+m4trace:configure.in:15: -1- AC_SUBST([CC])
+m4trace:configure.in:15: -1- AC_SUBST_TRACE([CC])
+m4trace:configure.in:15: -1- m4_pattern_allow([^CC$])
+m4trace:configure.in:15: -1- AC_SUBST([CC])
+m4trace:configure.in:15: -1- AC_SUBST_TRACE([CC])
+m4trace:configure.in:15: -1- m4_pattern_allow([^CC$])
+m4trace:configure.in:15: -1- AC_SUBST([CC])
+m4trace:configure.in:15: -1- AC_SUBST_TRACE([CC])
+m4trace:configure.in:15: -1- m4_pattern_allow([^CC$])
+m4trace:configure.in:15: -1- AC_SUBST([CC])
+m4trace:configure.in:15: -1- AC_SUBST_TRACE([CC])
+m4trace:configure.in:15: -1- m4_pattern_allow([^CC$])
+m4trace:configure.in:15: -1- AC_SUBST([ac_ct_CC])
+m4trace:configure.in:15: -1- AC_SUBST_TRACE([ac_ct_CC])
+m4trace:configure.in:15: -1- m4_pattern_allow([^ac_ct_CC$])
+m4trace:configure.in:15: -1- AC_SUBST([EXEEXT], [$ac_cv_exeext])
+m4trace:configure.in:15: -1- AC_SUBST_TRACE([EXEEXT])
+m4trace:configure.in:15: -1- m4_pattern_allow([^EXEEXT$])
+m4trace:configure.in:15: -1- AC_SUBST([OBJEXT], [$ac_cv_objext])
+m4trace:configure.in:15: -1- AC_SUBST_TRACE([OBJEXT])
+m4trace:configure.in:15: -1- m4_pattern_allow([^OBJEXT$])
+m4trace:configure.in:16: -1- AC_PROG_CXX
+m4trace:configure.in:16: -1- AC_SUBST([CXX])
+m4trace:configure.in:16: -1- AC_SUBST_TRACE([CXX])
+m4trace:configure.in:16: -1- m4_pattern_allow([^CXX$])
+m4trace:configure.in:16: -1- AC_SUBST([CXXFLAGS])
+m4trace:configure.in:16: -1- AC_SUBST_TRACE([CXXFLAGS])
+m4trace:configure.in:16: -1- m4_pattern_allow([^CXXFLAGS$])
+m4trace:configure.in:16: -1- AC_SUBST([LDFLAGS])
+m4trace:configure.in:16: -1- AC_SUBST_TRACE([LDFLAGS])
+m4trace:configure.in:16: -1- m4_pattern_allow([^LDFLAGS$])
+m4trace:configure.in:16: -1- AC_SUBST([CPPFLAGS])
+m4trace:configure.in:16: -1- AC_SUBST_TRACE([CPPFLAGS])
+m4trace:configure.in:16: -1- m4_pattern_allow([^CPPFLAGS$])
+m4trace:configure.in:16: -1- AC_SUBST([CXX])
+m4trace:configure.in:16: -1- AC_SUBST_TRACE([CXX])
+m4trace:configure.in:16: -1- m4_pattern_allow([^CXX$])
+m4trace:configure.in:16: -1- AC_SUBST([ac_ct_CXX])
+m4trace:configure.in:16: -1- AC_SUBST_TRACE([ac_ct_CXX])
+m4trace:configure.in:16: -1- m4_pattern_allow([^ac_ct_CXX$])
+m4trace:configure.in:19: -1- AC_SUBST([BUILDROOT])
+m4trace:configure.in:19: -1- AC_SUBST_TRACE([BUILDROOT])
+m4trace:configure.in:19: -1- m4_pattern_allow([^BUILDROOT$])
+m4trace:configure.in:25: -1- AC_SUBST([NODOGSPLASH_MAJOR_VERSION])
+m4trace:configure.in:25: -1- AC_SUBST_TRACE([NODOGSPLASH_MAJOR_VERSION])
+m4trace:configure.in:25: -1- m4_pattern_allow([^NODOGSPLASH_MAJOR_VERSION$])
+m4trace:configure.in:26: -1- AC_SUBST([NODOGSPLASH_MINOR_VERSION])
+m4trace:configure.in:26: -1- AC_SUBST_TRACE([NODOGSPLASH_MINOR_VERSION])
+m4trace:configure.in:26: -1- m4_pattern_allow([^NODOGSPLASH_MINOR_VERSION$])
+m4trace:configure.in:27: -1- AC_SUBST([NODOGSPLASH_VERSION])
+m4trace:configure.in:27: -1- AC_SUBST_TRACE([NODOGSPLASH_VERSION])
+m4trace:configure.in:27: -1- m4_pattern_allow([^NODOGSPLASH_VERSION$])
+m4trace:configure.in:28: -1- AM_INIT_AUTOMAKE([nodogsplash], [$NODOGSPLASH_VERSION])
+m4trace:configure.in:28: -1- AC_PROG_INSTALL
+m4trace:configure.in:28: -1- AC_REQUIRE_AUX_FILE([install-sh])
+m4trace:configure.in:28: -1- AC_SUBST([INSTALL_PROGRAM])
+m4trace:configure.in:28: -1- AC_SUBST_TRACE([INSTALL_PROGRAM])
+m4trace:configure.in:28: -1- m4_pattern_allow([^INSTALL_PROGRAM$])
+m4trace:configure.in:28: -1- AC_SUBST([INSTALL_SCRIPT])
+m4trace:configure.in:28: -1- AC_SUBST_TRACE([INSTALL_SCRIPT])
+m4trace:configure.in:28: -1- m4_pattern_allow([^INSTALL_SCRIPT$])
+m4trace:configure.in:28: -1- AC_SUBST([INSTALL_DATA])
+m4trace:configure.in:28: -1- AC_SUBST_TRACE([INSTALL_DATA])
+m4trace:configure.in:28: -1- m4_pattern_allow([^INSTALL_DATA$])
+m4trace:configure.in:28: -1- AC_SUBST([PACKAGE])
+m4trace:configure.in:28: -1- AC_SUBST_TRACE([PACKAGE])
+m4trace:configure.in:28: -1- m4_pattern_allow([^PACKAGE$])
+m4trace:configure.in:28: -1- AC_SUBST([VERSION])
+m4trace:configure.in:28: -1- AC_SUBST_TRACE([VERSION])
+m4trace:configure.in:28: -1- m4_pattern_allow([^VERSION$])
+m4trace:configure.in:28: -2- AC_DEFINE_TRACE_LITERAL([PACKAGE])
+m4trace:configure.in:28: -2- m4_pattern_allow([^PACKAGE$])
+m4trace:configure.in:28: -2- AH_OUTPUT([PACKAGE], [/* Name of package */
+#undef PACKAGE])
+m4trace:configure.in:28: -2- AC_DEFINE_TRACE_LITERAL([VERSION])
+m4trace:configure.in:28: -2- m4_pattern_allow([^VERSION$])
+m4trace:configure.in:28: -2- AH_OUTPUT([VERSION], [/* Version number of package */
+#undef VERSION])
+m4trace:configure.in:28: -1- AC_SUBST([ACLOCAL])
+m4trace:configure.in:28: -1- AC_SUBST_TRACE([ACLOCAL])
+m4trace:configure.in:28: -1- m4_pattern_allow([^ACLOCAL$])
+m4trace:configure.in:28: -1- AC_SUBST([AUTOCONF])
+m4trace:configure.in:28: -1- AC_SUBST_TRACE([AUTOCONF])
+m4trace:configure.in:28: -1- m4_pattern_allow([^AUTOCONF$])
+m4trace:configure.in:28: -1- AC_SUBST([AUTOMAKE])
+m4trace:configure.in:28: -1- AC_SUBST_TRACE([AUTOMAKE])
+m4trace:configure.in:28: -1- m4_pattern_allow([^AUTOMAKE$])
+m4trace:configure.in:28: -1- AC_SUBST([AUTOHEADER])
+m4trace:configure.in:28: -1- AC_SUBST_TRACE([AUTOHEADER])
+m4trace:configure.in:28: -1- m4_pattern_allow([^AUTOHEADER$])
+m4trace:configure.in:28: -1- AC_SUBST([MAKEINFO])
+m4trace:configure.in:28: -1- AC_SUBST_TRACE([MAKEINFO])
+m4trace:configure.in:28: -1- m4_pattern_allow([^MAKEINFO$])
+m4trace:configure.in:28: -1- AC_PROG_MAKE_SET
+m4trace:configure.in:28: -1- AC_SUBST([SET_MAKE])
+m4trace:configure.in:28: -1- AC_SUBST_TRACE([SET_MAKE])
+m4trace:configure.in:28: -1- m4_pattern_allow([^SET_MAKE$])
+m4trace:configure.in:31: -1- AM_MAINTAINER_MODE
+m4trace:configure.in:31: -1- AM_CONDITIONAL([MAINTAINER_MODE], [test $USE_MAINTAINER_MODE = yes])
+m4trace:configure.in:31: -1- AC_SUBST([MAINTAINER_MODE_TRUE])
+m4trace:configure.in:31: -1- AC_SUBST_TRACE([MAINTAINER_MODE_TRUE])
+m4trace:configure.in:31: -1- m4_pattern_allow([^MAINTAINER_MODE_TRUE$])
+m4trace:configure.in:31: -1- AC_SUBST([MAINTAINER_MODE_FALSE])
+m4trace:configure.in:31: -1- AC_SUBST_TRACE([MAINTAINER_MODE_FALSE])
+m4trace:configure.in:31: -1- m4_pattern_allow([^MAINTAINER_MODE_FALSE$])
+m4trace:configure.in:31: -1- AC_SUBST([MAINT])
+m4trace:configure.in:31: -1- AC_SUBST_TRACE([MAINT])
+m4trace:configure.in:31: -1- m4_pattern_allow([^MAINT$])
+m4trace:configure.in:33: -1- AC_PROG_INSTALL
+m4trace:configure.in:33: -1- AC_REQUIRE_AUX_FILE([install-sh])
+m4trace:configure.in:33: -1- AC_SUBST([INSTALL_PROGRAM])
+m4trace:configure.in:33: -1- AC_SUBST_TRACE([INSTALL_PROGRAM])
+m4trace:configure.in:33: -1- m4_pattern_allow([^INSTALL_PROGRAM$])
+m4trace:configure.in:33: -1- AC_SUBST([INSTALL_SCRIPT])
+m4trace:configure.in:33: -1- AC_SUBST_TRACE([INSTALL_SCRIPT])
+m4trace:configure.in:33: -1- m4_pattern_allow([^INSTALL_SCRIPT$])
+m4trace:configure.in:33: -1- AC_SUBST([INSTALL_DATA])
+m4trace:configure.in:33: -1- AC_SUBST_TRACE([INSTALL_DATA])
+m4trace:configure.in:33: -1- m4_pattern_allow([^INSTALL_DATA$])
+m4trace:configure.in:36: -1- AC_PROG_LIBTOOL
+m4trace:configure.in:36: -1- _m4_warn([obsolete], [The macro `AC_HELP_STRING' is obsolete.
+You should run autoupdate.], [autoconf/general.m4:209: AC_HELP_STRING is expanded from...
+autoconf/general.m4:1382: AC_ARG_ENABLE is expanded from...
+aclocal.m4:3015: AC_ENABLE_SHARED is expanded from...
+aclocal.m4:1315: AC_LIBTOOL_SETUP is expanded from...
+aclocal.m4:1170: _AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:1150: AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:7390: AM_PROG_LIBTOOL is expanded from...
+configure.in:36: the top level])
+m4trace:configure.in:36: -1- _m4_warn([obsolete], [The macro `AC_HELP_STRING' is obsolete.
+You should run autoupdate.], [autoconf/general.m4:209: AC_HELP_STRING is expanded from...
+autoconf/general.m4:1382: AC_ARG_ENABLE is expanded from...
+aclocal.m4:3054: AC_ENABLE_STATIC is expanded from...
+aclocal.m4:1315: AC_LIBTOOL_SETUP is expanded from...
+aclocal.m4:1170: _AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:1150: AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:7390: AM_PROG_LIBTOOL is expanded from...
+configure.in:36: the top level])
+m4trace:configure.in:36: -1- _m4_warn([obsolete], [The macro `AC_HELP_STRING' is obsolete.
+You should run autoupdate.], [autoconf/general.m4:209: AC_HELP_STRING is expanded from...
+autoconf/general.m4:1382: AC_ARG_ENABLE is expanded from...
+aclocal.m4:3093: AC_ENABLE_FAST_INSTALL is expanded from...
+aclocal.m4:1315: AC_LIBTOOL_SETUP is expanded from...
+aclocal.m4:1170: _AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:1150: AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:7390: AM_PROG_LIBTOOL is expanded from...
+configure.in:36: the top level])
+m4trace:configure.in:36: -1- AC_CANONICAL_HOST
+m4trace:configure.in:36: -1- AC_CANONICAL_BUILD
+m4trace:configure.in:36: -1- AC_REQUIRE_AUX_FILE([config.sub])
+m4trace:configure.in:36: -1- AC_REQUIRE_AUX_FILE([config.guess])
+m4trace:configure.in:36: -1- AC_SUBST([build], [$ac_cv_build])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([build])
+m4trace:configure.in:36: -1- m4_pattern_allow([^build$])
+m4trace:configure.in:36: -1- AC_SUBST([build_cpu], [$[1]])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([build_cpu])
+m4trace:configure.in:36: -1- m4_pattern_allow([^build_cpu$])
+m4trace:configure.in:36: -1- AC_SUBST([build_vendor], [$[2]])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([build_vendor])
+m4trace:configure.in:36: -1- m4_pattern_allow([^build_vendor$])
+m4trace:configure.in:36: -1- AC_SUBST([build_os])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([build_os])
+m4trace:configure.in:36: -1- m4_pattern_allow([^build_os$])
+m4trace:configure.in:36: -1- AC_SUBST([host], [$ac_cv_host])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([host])
+m4trace:configure.in:36: -1- m4_pattern_allow([^host$])
+m4trace:configure.in:36: -1- AC_SUBST([host_cpu], [$[1]])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([host_cpu])
+m4trace:configure.in:36: -1- m4_pattern_allow([^host_cpu$])
+m4trace:configure.in:36: -1- AC_SUBST([host_vendor], [$[2]])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([host_vendor])
+m4trace:configure.in:36: -1- m4_pattern_allow([^host_vendor$])
+m4trace:configure.in:36: -1- AC_SUBST([host_os])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([host_os])
+m4trace:configure.in:36: -1- m4_pattern_allow([^host_os$])
+m4trace:configure.in:36: -1- _m4_warn([obsolete], [The macro `AC_HELP_STRING' is obsolete.
+You should run autoupdate.], [autoconf/general.m4:209: AC_HELP_STRING is expanded from...
+autoconf/general.m4:1400: AC_ARG_WITH is expanded from...
+aclocal.m4:3290: AC_PROG_LD is expanded from...
+aclocal.m4:1315: AC_LIBTOOL_SETUP is expanded from...
+aclocal.m4:1170: _AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:1150: AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:7390: AM_PROG_LIBTOOL is expanded from...
+configure.in:36: the top level])
+m4trace:configure.in:36: -1- AC_SUBST([GREP])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([GREP])
+m4trace:configure.in:36: -1- m4_pattern_allow([^GREP$])
+m4trace:configure.in:36: -1- AC_SUBST([GREP])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([GREP])
+m4trace:configure.in:36: -1- m4_pattern_allow([^GREP$])
+m4trace:configure.in:36: -1- AC_SUBST([EGREP])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([EGREP])
+m4trace:configure.in:36: -1- m4_pattern_allow([^EGREP$])
+m4trace:configure.in:36: -1- AC_SUBST([EGREP])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([EGREP])
+m4trace:configure.in:36: -1- m4_pattern_allow([^EGREP$])
+m4trace:configure.in:36: -1- AC_PROG_LN_S
+m4trace:configure.in:36: -1- AC_SUBST([LN_S], [$as_ln_s])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([LN_S])
+m4trace:configure.in:36: -1- m4_pattern_allow([^LN_S$])
+m4trace:configure.in:36: -1- AC_SUBST([ECHO])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([ECHO])
+m4trace:configure.in:36: -1- m4_pattern_allow([^ECHO$])
+m4trace:configure.in:36: -1- AC_SUBST([AR])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([AR])
+m4trace:configure.in:36: -1- m4_pattern_allow([^AR$])
+m4trace:configure.in:36: -1- AC_SUBST([RANLIB])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([RANLIB])
+m4trace:configure.in:36: -1- m4_pattern_allow([^RANLIB$])
+m4trace:configure.in:36: -1- AC_SUBST([STRIP])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([STRIP])
+m4trace:configure.in:36: -1- m4_pattern_allow([^STRIP$])
+m4trace:configure.in:36: -1- _m4_warn([obsolete], [The macro `AC_HELP_STRING' is obsolete.
+You should run autoupdate.], [autoconf/general.m4:209: AC_HELP_STRING is expanded from...
+autoconf/general.m4:1382: AC_ARG_ENABLE is expanded from...
+aclocal.m4:1315: AC_LIBTOOL_SETUP is expanded from...
+aclocal.m4:1170: _AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:1150: AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:7390: AM_PROG_LIBTOOL is expanded from...
+configure.in:36: the top level])
+m4trace:configure.in:36: -1- _m4_warn([obsolete], [The macro `AC_HELP_STRING' is obsolete.
+You should run autoupdate.], [autoconf/general.m4:209: AC_HELP_STRING is expanded from...
+autoconf/general.m4:1400: AC_ARG_WITH is expanded from...
+aclocal.m4:1315: AC_LIBTOOL_SETUP is expanded from...
+aclocal.m4:1170: _AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:1150: AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:7390: AM_PROG_LIBTOOL is expanded from...
+configure.in:36: the top level])
+m4trace:configure.in:36: -1- _m4_warn([obsolete], [The macro `AC_TRY_LINK' is obsolete.
+You should run autoupdate.], [autoconf/general.m4:2426: AC_TRY_LINK is expanded from...
+../../lib/m4sugar/m4sh.m4:519: AS_IF is expanded from...
+autoconf/general.m4:1922: AC_CACHE_VAL is expanded from...
+autoconf/general.m4:1935: AC_CACHE_CHECK is expanded from...
+aclocal.m4:1703: _LT_AC_LOCK is expanded from...
+aclocal.m4:2189: AC_LIBTOOL_SYS_HARD_LINK_LOCKS is expanded from...
+aclocal.m4:3802: _LT_AC_LANG_C_CONFIG is expanded from...
+aclocal.m4:3733: AC_LIBTOOL_LANG_C_CONFIG is expanded from...
+aclocal.m4:1315: AC_LIBTOOL_SETUP is expanded from...
+aclocal.m4:1170: _AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:1150: AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:7390: AM_PROG_LIBTOOL is expanded from...
+configure.in:36: the top level])
+m4trace:configure.in:36: -1- AC_CHECK_HEADERS([dlfcn.h])
+m4trace:configure.in:36: -1- AH_OUTPUT([HAVE_DLFCN_H], [/* Define to 1 if you have the <dlfcn.h> header file. */
+#undef HAVE_DLFCN_H])
+m4trace:configure.in:36: -1- AC_HEADER_STDC
+m4trace:configure.in:36: -1- AC_PROG_CPP
+m4trace:configure.in:36: -1- AC_SUBST([CPP])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([CPP])
+m4trace:configure.in:36: -1- m4_pattern_allow([^CPP$])
+m4trace:configure.in:36: -1- AC_SUBST([CPPFLAGS])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([CPPFLAGS])
+m4trace:configure.in:36: -1- m4_pattern_allow([^CPPFLAGS$])
+m4trace:configure.in:36: -1- AC_SUBST([CPP])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([CPP])
+m4trace:configure.in:36: -1- m4_pattern_allow([^CPP$])
+m4trace:configure.in:36: -1- AC_DEFINE_TRACE_LITERAL([STDC_HEADERS])
+m4trace:configure.in:36: -1- m4_pattern_allow([^STDC_HEADERS$])
+m4trace:configure.in:36: -1- AH_OUTPUT([STDC_HEADERS], [/* Define to 1 if you have the ANSI C header files. */
+#undef STDC_HEADERS])
+m4trace:configure.in:36: -1- AC_CHECK_HEADERS([sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \
+		  inttypes.h stdint.h unistd.h], [], [], [$ac_includes_default])
+m4trace:configure.in:36: -1- AH_OUTPUT([HAVE_SYS_TYPES_H], [/* Define to 1 if you have the <sys/types.h> header file. */
+#undef HAVE_SYS_TYPES_H])
+m4trace:configure.in:36: -1- AH_OUTPUT([HAVE_SYS_STAT_H], [/* Define to 1 if you have the <sys/stat.h> header file. */
+#undef HAVE_SYS_STAT_H])
+m4trace:configure.in:36: -1- AH_OUTPUT([HAVE_STDLIB_H], [/* Define to 1 if you have the <stdlib.h> header file. */
+#undef HAVE_STDLIB_H])
+m4trace:configure.in:36: -1- AH_OUTPUT([HAVE_STRING_H], [/* Define to 1 if you have the <string.h> header file. */
+#undef HAVE_STRING_H])
+m4trace:configure.in:36: -1- AH_OUTPUT([HAVE_MEMORY_H], [/* Define to 1 if you have the <memory.h> header file. */
+#undef HAVE_MEMORY_H])
+m4trace:configure.in:36: -1- AH_OUTPUT([HAVE_STRINGS_H], [/* Define to 1 if you have the <strings.h> header file. */
+#undef HAVE_STRINGS_H])
+m4trace:configure.in:36: -1- AH_OUTPUT([HAVE_INTTYPES_H], [/* Define to 1 if you have the <inttypes.h> header file. */
+#undef HAVE_INTTYPES_H])
+m4trace:configure.in:36: -1- AH_OUTPUT([HAVE_STDINT_H], [/* Define to 1 if you have the <stdint.h> header file. */
+#undef HAVE_STDINT_H])
+m4trace:configure.in:36: -1- AH_OUTPUT([HAVE_UNISTD_H], [/* Define to 1 if you have the <unistd.h> header file. */
+#undef HAVE_UNISTD_H])
+m4trace:configure.in:36: -1- AC_CHECK_LIB([dl], [dlopen], [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"], [
+    lt_cv_dlopen="dyld"
+    lt_cv_dlopen_libs=
+    lt_cv_dlopen_self=yes
+    ])
+m4trace:configure.in:36: -1- AC_CHECK_LIB([dld], [shl_load], [lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-dld"], [AC_CHECK_FUNC([dlopen],
+	      [lt_cv_dlopen="dlopen"],
+	  [AC_CHECK_LIB([dl], [dlopen],
+		[lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"],
+	    [AC_CHECK_LIB([svld], [dlopen],
+		  [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"],
+	      [AC_CHECK_LIB([dld], [dld_link],
+		    [lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-dld"])
+	      ])
+	    ])
+	  ])
+	])
+m4trace:configure.in:36: -1- AC_CHECK_LIB([dl], [dlopen], [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"], [AC_CHECK_LIB([svld], [dlopen],
+		  [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"],
+	      [AC_CHECK_LIB([dld], [dld_link],
+		    [lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-dld"])
+	      ])
+	    ])
+m4trace:configure.in:36: -1- AC_CHECK_LIB([svld], [dlopen], [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"], [AC_CHECK_LIB([dld], [dld_link],
+		    [lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-dld"])
+	      ])
+m4trace:configure.in:36: -1- AC_CHECK_LIB([dld], [dld_link], [lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-dld"])
+m4trace:configure.in:36: -1- _LT_AC_TAGCONFIG
+m4trace:configure.in:36: -1- _m4_warn([obsolete], [The macro `AC_HELP_STRING' is obsolete.
+You should run autoupdate.], [autoconf/general.m4:209: AC_HELP_STRING is expanded from...
+autoconf/general.m4:1400: AC_ARG_WITH is expanded from...
+aclocal.m4:2969: _LT_AC_TAGCONFIG is expanded from...
+aclocal.m4:1315: AC_LIBTOOL_SETUP is expanded from...
+aclocal.m4:1170: _AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:1150: AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:7390: AM_PROG_LIBTOOL is expanded from...
+configure.in:36: the top level])
+m4trace:configure.in:36: -1- _m4_warn([obsolete], [back quotes and double quotes must not be escaped in: $as_me:$LINENO: error: tag name \"$tagname\" already exists], [aclocal.m4:2969: _LT_AC_TAGCONFIG is expanded from...
+aclocal.m4:1315: AC_LIBTOOL_SETUP is expanded from...
+aclocal.m4:1170: _AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:1150: AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:7390: AM_PROG_LIBTOOL is expanded from...
+configure.in:36: the top level])
+m4trace:configure.in:36: -1- _m4_warn([obsolete], [back quotes and double quotes must not be escaped in: $as_me: error: tag name \"$tagname\" already exists], [aclocal.m4:2969: _LT_AC_TAGCONFIG is expanded from...
+aclocal.m4:1315: AC_LIBTOOL_SETUP is expanded from...
+aclocal.m4:1170: _AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:1150: AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:7390: AM_PROG_LIBTOOL is expanded from...
+configure.in:36: the top level])
+m4trace:configure.in:36: -1- AC_SUBST([CXXCPP])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([CXXCPP])
+m4trace:configure.in:36: -1- m4_pattern_allow([^CXXCPP$])
+m4trace:configure.in:36: -1- AC_SUBST([CPPFLAGS])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([CPPFLAGS])
+m4trace:configure.in:36: -1- m4_pattern_allow([^CPPFLAGS$])
+m4trace:configure.in:36: -1- AC_SUBST([CXXCPP])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([CXXCPP])
+m4trace:configure.in:36: -1- m4_pattern_allow([^CXXCPP$])
+m4trace:configure.in:36: -1- AC_SUBST([F77])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([F77])
+m4trace:configure.in:36: -1- m4_pattern_allow([^F77$])
+m4trace:configure.in:36: -1- AC_SUBST([FFLAGS])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([FFLAGS])
+m4trace:configure.in:36: -1- m4_pattern_allow([^FFLAGS$])
+m4trace:configure.in:36: -1- AC_SUBST([LDFLAGS])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([LDFLAGS])
+m4trace:configure.in:36: -1- m4_pattern_allow([^LDFLAGS$])
+m4trace:configure.in:36: -1- AC_SUBST([F77])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([F77])
+m4trace:configure.in:36: -1- m4_pattern_allow([^F77$])
+m4trace:configure.in:36: -1- AC_SUBST([ac_ct_F77])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([ac_ct_F77])
+m4trace:configure.in:36: -1- m4_pattern_allow([^ac_ct_F77$])
+m4trace:configure.in:36: -1- _m4_warn([obsolete], [The macro `AC_LANG_SAVE' is obsolete.
+You should run autoupdate.], [autoconf/lang.m4:170: AC_LANG_SAVE is expanded from...
+aclocal.m4:5123: _LT_AC_LANG_GCJ_CONFIG is expanded from...
+aclocal.m4:5075: AC_LIBTOOL_LANG_GCJ_CONFIG is expanded from...
+aclocal.m4:2969: _LT_AC_TAGCONFIG is expanded from...
+aclocal.m4:1315: AC_LIBTOOL_SETUP is expanded from...
+aclocal.m4:1170: _AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:1150: AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:7390: AM_PROG_LIBTOOL is expanded from...
+configure.in:36: the top level])
+m4trace:configure.in:36: -1- _m4_warn([obsolete], [The macro `AC_LANG_RESTORE' is obsolete.
+You should run autoupdate.], [autoconf/lang.m4:176: AC_LANG_RESTORE is expanded from...
+aclocal.m4:5123: _LT_AC_LANG_GCJ_CONFIG is expanded from...
+aclocal.m4:5075: AC_LIBTOOL_LANG_GCJ_CONFIG is expanded from...
+aclocal.m4:2969: _LT_AC_TAGCONFIG is expanded from...
+aclocal.m4:1315: AC_LIBTOOL_SETUP is expanded from...
+aclocal.m4:1170: _AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:1150: AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:7390: AM_PROG_LIBTOOL is expanded from...
+configure.in:36: the top level])
+m4trace:configure.in:36: -1- _m4_warn([obsolete], [The macro `AC_LANG_SAVE' is obsolete.
+You should run autoupdate.], [autoconf/lang.m4:170: AC_LANG_SAVE is expanded from...
+aclocal.m4:5167: _LT_AC_LANG_RC_CONFIG is expanded from...
+aclocal.m4:5131: AC_LIBTOOL_LANG_RC_CONFIG is expanded from...
+aclocal.m4:2969: _LT_AC_TAGCONFIG is expanded from...
+aclocal.m4:1315: AC_LIBTOOL_SETUP is expanded from...
+aclocal.m4:1170: _AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:1150: AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:7390: AM_PROG_LIBTOOL is expanded from...
+configure.in:36: the top level])
+m4trace:configure.in:36: -1- _m4_warn([obsolete], [The macro `AC_LANG_RESTORE' is obsolete.
+You should run autoupdate.], [autoconf/lang.m4:176: AC_LANG_RESTORE is expanded from...
+aclocal.m4:5167: _LT_AC_LANG_RC_CONFIG is expanded from...
+aclocal.m4:5131: AC_LIBTOOL_LANG_RC_CONFIG is expanded from...
+aclocal.m4:2969: _LT_AC_TAGCONFIG is expanded from...
+aclocal.m4:1315: AC_LIBTOOL_SETUP is expanded from...
+aclocal.m4:1170: _AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:1150: AC_PROG_LIBTOOL is expanded from...
+aclocal.m4:7390: AM_PROG_LIBTOOL is expanded from...
+configure.in:36: the top level])
+m4trace:configure.in:36: -1- AC_SUBST([LIBTOOL])
+m4trace:configure.in:36: -1- AC_SUBST_TRACE([LIBTOOL])
+m4trace:configure.in:36: -1- m4_pattern_allow([^LIBTOOL$])
+m4trace:configure.in:39: -1- AC_DEFINE_TRACE_LITERAL([WORDS_BIGENDIAN])
+m4trace:configure.in:39: -1- m4_pattern_allow([^WORDS_BIGENDIAN$])
+m4trace:configure.in:39: -1- AH_OUTPUT([WORDS_BIGENDIAN], [/* Define to 1 if your processor stores words with the most significant byte
+   first (like Motorola and SPARC, unlike Intel and VAX). */
+#undef WORDS_BIGENDIAN])
+m4trace:configure.in:40: -1- AC_PROG_MAKE_SET
+m4trace:configure.in:40: -1- AC_SUBST([SET_MAKE])
+m4trace:configure.in:40: -1- AC_SUBST_TRACE([SET_MAKE])
+m4trace:configure.in:40: -1- m4_pattern_allow([^SET_MAKE$])
+m4trace:configure.in:41: -1- AC_HEADER_STDC
+m4trace:configure.in:41: -1- AC_DEFINE_TRACE_LITERAL([STDC_HEADERS])
+m4trace:configure.in:41: -1- m4_pattern_allow([^STDC_HEADERS$])
+m4trace:configure.in:41: -1- AH_OUTPUT([STDC_HEADERS], [/* Define to 1 if you have the ANSI C header files. */
+#undef STDC_HEADERS])
+m4trace:configure.in:84: -1- AC_SUBST([DOXYGEN])
+m4trace:configure.in:84: -1- AC_SUBST_TRACE([DOXYGEN])
+m4trace:configure.in:84: -1- m4_pattern_allow([^DOXYGEN$])
+m4trace:configure.in:84: -1- AC_SUBST([DOT])
+m4trace:configure.in:84: -1- AC_SUBST_TRACE([DOT])
+m4trace:configure.in:84: -1- m4_pattern_allow([^DOT$])
+m4trace:configure.in:84: -1- AM_CONDITIONAL([DOC], [test x$enable_doc = xyes])
+m4trace:configure.in:84: -1- AC_SUBST([DOC_TRUE])
+m4trace:configure.in:84: -1- AC_SUBST_TRACE([DOC_TRUE])
+m4trace:configure.in:84: -1- m4_pattern_allow([^DOC_TRUE$])
+m4trace:configure.in:84: -1- AC_SUBST([DOC_FALSE])
+m4trace:configure.in:84: -1- AC_SUBST_TRACE([DOC_FALSE])
+m4trace:configure.in:84: -1- m4_pattern_allow([^DOC_FALSE$])
+m4trace:configure.in:84: -1- AM_CONDITIONAL([ENABLE_DOXYGEN], [test x$enable_doc = xtrue])
+m4trace:configure.in:84: -1- AC_SUBST([ENABLE_DOXYGEN_TRUE])
+m4trace:configure.in:84: -1- AC_SUBST_TRACE([ENABLE_DOXYGEN_TRUE])
+m4trace:configure.in:84: -1- m4_pattern_allow([^ENABLE_DOXYGEN_TRUE$])
+m4trace:configure.in:84: -1- AC_SUBST([ENABLE_DOXYGEN_FALSE])
+m4trace:configure.in:84: -1- AC_SUBST_TRACE([ENABLE_DOXYGEN_FALSE])
+m4trace:configure.in:84: -1- m4_pattern_allow([^ENABLE_DOXYGEN_FALSE$])
+m4trace:configure.in:84: -1- AC_SUBST([enable_dot])
+m4trace:configure.in:84: -1- AC_SUBST_TRACE([enable_dot])
+m4trace:configure.in:84: -1- m4_pattern_allow([^enable_dot$])
+m4trace:configure.in:84: -1- AC_SUBST([enable_html_docs])
+m4trace:configure.in:84: -1- AC_SUBST_TRACE([enable_html_docs])
+m4trace:configure.in:84: -1- m4_pattern_allow([^enable_html_docs$])
+m4trace:configure.in:84: -1- AC_SUBST([enable_latex_docs])
+m4trace:configure.in:84: -1- AC_SUBST_TRACE([enable_latex_docs])
+m4trace:configure.in:84: -1- m4_pattern_allow([^enable_latex_docs$])
+m4trace:configure.in:88: -1- AC_CHECK_LIB([pthread], [pthread_create], [], [{ { echo "$as_me:$LINENO: error: You need the pthread library" >&5
+echo "$as_me: error: You need the pthread library" >&2;}
+   { (exit 1); exit 1; }; } ])
+m4trace:configure.in:88: -1- AH_OUTPUT([HAVE_LIBPTHREAD], [/* Define to 1 if you have the `pthread\' library (-lpthread). */
+#undef HAVE_LIBPTHREAD])
+m4trace:configure.in:88: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBPTHREAD])
+m4trace:configure.in:88: -1- m4_pattern_allow([^HAVE_LIBPTHREAD$])
+m4trace:configure.in:92: -1- AC_CHECK_HEADERS([string.h strings.h stdarg.h unistd.h])
+m4trace:configure.in:92: -1- AH_OUTPUT([HAVE_STRING_H], [/* Define to 1 if you have the <string.h> header file. */
+#undef HAVE_STRING_H])
+m4trace:configure.in:92: -1- AH_OUTPUT([HAVE_STRINGS_H], [/* Define to 1 if you have the <strings.h> header file. */
+#undef HAVE_STRINGS_H])
+m4trace:configure.in:92: -1- AH_OUTPUT([HAVE_STDARG_H], [/* Define to 1 if you have the <stdarg.h> header file. */
+#undef HAVE_STDARG_H])
+m4trace:configure.in:92: -1- AH_OUTPUT([HAVE_UNISTD_H], [/* Define to 1 if you have the <unistd.h> header file. */
+#undef HAVE_UNISTD_H])
+m4trace:configure.in:93: -1- _m4_warn([obsolete], [The macro `AC_HAVE_LIBRARY' is obsolete.
+You should run autoupdate.], [autoconf/libs.m4:167: AC_HAVE_LIBRARY is expanded from...
+configure.in:93: the top level])
+m4trace:configure.in:93: -1- AC_CHECK_LIB([socket], [main], [], [], [])
+m4trace:configure.in:93: -1- AH_OUTPUT([HAVE_LIBSOCKET], [/* Define to 1 if you have the `socket\' library (-lsocket). */
+#undef HAVE_LIBSOCKET])
+m4trace:configure.in:93: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBSOCKET])
+m4trace:configure.in:93: -1- m4_pattern_allow([^HAVE_LIBSOCKET$])
+m4trace:configure.in:94: -1- _m4_warn([obsolete], [The macro `AC_HAVE_LIBRARY' is obsolete.
+You should run autoupdate.], [autoconf/libs.m4:167: AC_HAVE_LIBRARY is expanded from...
+configure.in:94: the top level])
+m4trace:configure.in:94: -1- AC_CHECK_LIB([nsl], [main], [], [], [])
+m4trace:configure.in:94: -1- AH_OUTPUT([HAVE_LIBNSL], [/* Define to 1 if you have the `nsl\' library (-lnsl). */
+#undef HAVE_LIBNSL])
+m4trace:configure.in:94: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBNSL])
+m4trace:configure.in:94: -1- m4_pattern_allow([^HAVE_LIBNSL$])
+m4trace:configure.in:102: -1- AC_CONFIG_FILES([Makefile 
+	   		nodogsplash.spec
+			src/Makefile
+			libhttpd/Makefile
+			doc/Makefile
+			])
+m4trace:configure.in:102: -1- _m4_warn([obsolete], [AC_OUTPUT should be used without arguments.
+You should run autoupdate.], [])
+m4trace:configure.in:102: -1- AC_SUBST([LIB@&t@OBJS], [$ac_libobjs])
+m4trace:configure.in:102: -1- AC_SUBST_TRACE([LIB@&t@OBJS])
+m4trace:configure.in:102: -1- m4_pattern_allow([^LIB@&t@OBJS$])
+m4trace:configure.in:102: -1- AC_SUBST([LTLIBOBJS], [$ac_ltlibobjs])
+m4trace:configure.in:102: -1- AC_SUBST_TRACE([LTLIBOBJS])
+m4trace:configure.in:102: -1- m4_pattern_allow([^LTLIBOBJS$])
+m4trace:configure.in:102: -1- AC_SUBST_TRACE([top_builddir])
+m4trace:configure.in:102: -1- AC_SUBST_TRACE([srcdir])
+m4trace:configure.in:102: -1- AC_SUBST_TRACE([abs_srcdir])
+m4trace:configure.in:102: -1- AC_SUBST_TRACE([top_srcdir])
+m4trace:configure.in:102: -1- AC_SUBST_TRACE([abs_top_srcdir])
+m4trace:configure.in:102: -1- AC_SUBST_TRACE([builddir])
+m4trace:configure.in:102: -1- AC_SUBST_TRACE([abs_builddir])
+m4trace:configure.in:102: -1- AC_SUBST_TRACE([abs_top_builddir])
+m4trace:configure.in:102: -1- AC_SUBST_TRACE([INSTALL])

config.h.in

@@ -0,0 +1,71 @@
+/* config.h.in.  Generated from configure.in by autoheader.  */
+
+/* Define to 1 if you have the <dlfcn.h> header file. */
+#undef HAVE_DLFCN_H
+
+/* Define to 1 if you have the <inttypes.h> header file. */
+#undef HAVE_INTTYPES_H
+
+/* Define to 1 if you have the `nsl' library (-lnsl). */
+#undef HAVE_LIBNSL
+
+/* Define to 1 if you have the `pthread' library (-lpthread). */
+#undef HAVE_LIBPTHREAD
+
+/* Define to 1 if you have the `socket' library (-lsocket). */
+#undef HAVE_LIBSOCKET
+
+/* Define to 1 if you have the <memory.h> header file. */
+#undef HAVE_MEMORY_H
+
+/* Define to 1 if you have the <stdarg.h> header file. */
+#undef HAVE_STDARG_H
+
+/* Define to 1 if you have the <stdint.h> header file. */
+#undef HAVE_STDINT_H
+
+/* Define to 1 if you have the <stdlib.h> header file. */
+#undef HAVE_STDLIB_H
+
+/* Define to 1 if you have the <strings.h> header file. */
+#undef HAVE_STRINGS_H
+
+/* Define to 1 if you have the <string.h> header file. */
+#undef HAVE_STRING_H
+
+/* Define to 1 if you have the <sys/stat.h> header file. */
+#undef HAVE_SYS_STAT_H
+
+/* Define to 1 if you have the <sys/types.h> header file. */
+#undef HAVE_SYS_TYPES_H
+
+/* Define to 1 if you have the <unistd.h> header file. */
+#undef HAVE_UNISTD_H
+
+/* Name of package */
+#undef PACKAGE
+
+/* Define to the address where bug reports for this package should be sent. */
+#undef PACKAGE_BUGREPORT
+
+/* Define to the full name of this package. */
+#undef PACKAGE_NAME
+
+/* Define to the full name and version of this package. */
+#undef PACKAGE_STRING
+
+/* Define to the one symbol short name of this package. */
+#undef PACKAGE_TARNAME
+
+/* Define to the version of this package. */
+#undef PACKAGE_VERSION
+
+/* Define to 1 if you have the ANSI C header files. */
+#undef STDC_HEADERS
+
+/* Version number of package */
+#undef VERSION
+
+/* Define to 1 if your processor stores words with the most significant byte
+   first (like Motorola and SPARC, unlike Intel and VAX). */
+#undef WORDS_BIGENDIAN

config/depcomp

@@ -0,0 +1,530 @@
+#! /bin/sh
+# depcomp - compile a program generating dependencies as side-effects
+
+scriptversion=2005-07-09.11
+
+# Copyright (C) 1999, 2000, 2003, 2004, 2005 Free Software Foundation, Inc.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301, USA.
+
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# Originally written by Alexandre Oliva <oliva@dcc.unicamp.br>.
+
+case $1 in
+  '')
+     echo "$0: No command.  Try \`$0 --help' for more information." 1>&2
+     exit 1;
+     ;;
+  -h | --h*)
+    cat <<\EOF
+Usage: depcomp [--help] [--version] PROGRAM [ARGS]
+
+Run PROGRAMS ARGS to compile a file, generating dependencies
+as side-effects.
+
+Environment variables:
+  depmode     Dependency tracking mode.
+  source      Source file read by `PROGRAMS ARGS'.
+  object      Object file output by `PROGRAMS ARGS'.
+  DEPDIR      directory where to store dependencies.
+  depfile     Dependency file to output.
+  tmpdepfile  Temporary file to use when outputing dependencies.
+  libtool     Whether libtool is used (yes/no).
+
+Report bugs to <bug-automake@gnu.org>.
+EOF
+    exit $?
+    ;;
+  -v | --v*)
+    echo "depcomp $scriptversion"
+    exit $?
+    ;;
+esac
+
+if test -z "$depmode" || test -z "$source" || test -z "$object"; then
+  echo "depcomp: Variables source, object and depmode must be set" 1>&2
+  exit 1
+fi
+
+# Dependencies for sub/bar.o or sub/bar.obj go into sub/.deps/bar.Po.
+depfile=${depfile-`echo "$object" |
+  sed 's|[^\\/]*$|'${DEPDIR-.deps}'/&|;s|\.\([^.]*\)$|.P\1|;s|Pobj$|Po|'`}
+tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`}
+
+rm -f "$tmpdepfile"
+
+# Some modes work just like other modes, but use different flags.  We
+# parameterize here, but still list the modes in the big case below,
+# to make depend.m4 easier to write.  Note that we *cannot* use a case
+# here, because this file can only contain one case statement.
+if test "$depmode" = hp; then
+  # HP compiler uses -M and no extra arg.
+  gccflag=-M
+  depmode=gcc
+fi
+
+if test "$depmode" = dashXmstdout; then
+   # This is just like dashmstdout with a different argument.
+   dashmflag=-xM
+   depmode=dashmstdout
+fi
+
+case "$depmode" in
+gcc3)
+## gcc 3 implements dependency tracking that does exactly what
+## we want.  Yay!  Note: for some reason libtool 1.4 doesn't like
+## it if -MD -MP comes after the -MF stuff.  Hmm.
+  "$@" -MT "$object" -MD -MP -MF "$tmpdepfile"
+  stat=$?
+  if test $stat -eq 0; then :
+  else
+    rm -f "$tmpdepfile"
+    exit $stat
+  fi
+  mv "$tmpdepfile" "$depfile"
+  ;;
+
+gcc)
+## There are various ways to get dependency output from gcc.  Here's
+## why we pick this rather obscure method:
+## - Don't want to use -MD because we'd like the dependencies to end
+##   up in a subdir.  Having to rename by hand is ugly.
+##   (We might end up doing this anyway to support other compilers.)
+## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like
+##   -MM, not -M (despite what the docs say).
+## - Using -M directly means running the compiler twice (even worse
+##   than renaming).
+  if test -z "$gccflag"; then
+    gccflag=-MD,
+  fi
+  "$@" -Wp,"$gccflag$tmpdepfile"
+  stat=$?
+  if test $stat -eq 0; then :
+  else
+    rm -f "$tmpdepfile"
+    exit $stat
+  fi
+  rm -f "$depfile"
+  echo "$object : \\" > "$depfile"
+  alpha=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
+## The second -e expression handles DOS-style file names with drive letters.
+  sed -e 's/^[^:]*: / /' \
+      -e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile"
+## This next piece of magic avoids the `deleted header file' problem.
+## The problem is that when a header file which appears in a .P file
+## is deleted, the dependency causes make to die (because there is
+## typically no way to rebuild the header).  We avoid this by adding
+## dummy dependencies for each header file.  Too bad gcc doesn't do
+## this for us directly.
+  tr ' ' '
+' < "$tmpdepfile" |
+## Some versions of gcc put a space before the `:'.  On the theory
+## that the space means something, we add a space to the output as
+## well.
+## Some versions of the HPUX 10.20 sed can't process this invocation
+## correctly.  Breaking it into two sed invocations is a workaround.
+    sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile"
+  rm -f "$tmpdepfile"
+  ;;
+
+hp)
+  # This case exists only to let depend.m4 do its work.  It works by
+  # looking at the text of this script.  This case will never be run,
+  # since it is checked for above.
+  exit 1
+  ;;
+
+sgi)
+  if test "$libtool" = yes; then
+    "$@" "-Wp,-MDupdate,$tmpdepfile"
+  else
+    "$@" -MDupdate "$tmpdepfile"
+  fi
+  stat=$?
+  if test $stat -eq 0; then :
+  else
+    rm -f "$tmpdepfile"
+    exit $stat
+  fi
+  rm -f "$depfile"
+
+  if test -f "$tmpdepfile"; then  # yes, the sourcefile depend on other files
+    echo "$object : \\" > "$depfile"
+
+    # Clip off the initial element (the dependent).  Don't try to be
+    # clever and replace this with sed code, as IRIX sed won't handle
+    # lines with more than a fixed number of characters (4096 in
+    # IRIX 6.2 sed, 8192 in IRIX 6.5).  We also remove comment lines;
+    # the IRIX cc adds comments like `#:fec' to the end of the
+    # dependency line.
+    tr ' ' '
+' < "$tmpdepfile" \
+    | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' | \
+    tr '
+' ' ' >> $depfile
+    echo >> $depfile
+
+    # The second pass generates a dummy entry for each header file.
+    tr ' ' '
+' < "$tmpdepfile" \
+   | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \
+   >> $depfile
+  else
+    # The sourcefile does not contain any dependencies, so just
+    # store a dummy comment line, to avoid errors with the Makefile
+    # "include basename.Plo" scheme.
+    echo "#dummy" > "$depfile"
+  fi
+  rm -f "$tmpdepfile"
+  ;;
+
+aix)
+  # The C for AIX Compiler uses -M and outputs the dependencies
+  # in a .u file.  In older versions, this file always lives in the
+  # current directory.  Also, the AIX compiler puts `$object:' at the
+  # start of each line; $object doesn't have directory information.
+  # Version 6 uses the directory in both cases.
+  stripped=`echo "$object" | sed 's/\(.*\)\..*$/\1/'`
+  tmpdepfile="$stripped.u"
+  if test "$libtool" = yes; then
+    "$@" -Wc,-M
+  else
+    "$@" -M
+  fi
+  stat=$?
+
+  if test -f "$tmpdepfile"; then :
+  else
+    stripped=`echo "$stripped" | sed 's,^.*/,,'`
+    tmpdepfile="$stripped.u"
+  fi
+
+  if test $stat -eq 0; then :
+  else
+    rm -f "$tmpdepfile"
+    exit $stat
+  fi
+
+  if test -f "$tmpdepfile"; then
+    outname="$stripped.o"
+    # Each line is of the form `foo.o: dependent.h'.
+    # Do two passes, one to just change these to
+    # `$object: dependent.h' and one to simply `dependent.h:'.
+    sed -e "s,^$outname:,$object :," < "$tmpdepfile" > "$depfile"
+    sed -e "s,^$outname: \(.*\)$,\1:," < "$tmpdepfile" >> "$depfile"
+  else
+    # The sourcefile does not contain any dependencies, so just
+    # store a dummy comment line, to avoid errors with the Makefile
+    # "include basename.Plo" scheme.
+    echo "#dummy" > "$depfile"
+  fi
+  rm -f "$tmpdepfile"
+  ;;
+
+icc)
+  # Intel's C compiler understands `-MD -MF file'.  However on
+  #    icc -MD -MF foo.d -c -o sub/foo.o sub/foo.c
+  # ICC 7.0 will fill foo.d with something like
+  #    foo.o: sub/foo.c
+  #    foo.o: sub/foo.h
+  # which is wrong.  We want:
+  #    sub/foo.o: sub/foo.c
+  #    sub/foo.o: sub/foo.h
+  #    sub/foo.c:
+  #    sub/foo.h:
+  # ICC 7.1 will output
+  #    foo.o: sub/foo.c sub/foo.h
+  # and will wrap long lines using \ :
+  #    foo.o: sub/foo.c ... \
+  #     sub/foo.h ... \
+  #     ...
+
+  "$@" -MD -MF "$tmpdepfile"
+  stat=$?
+  if test $stat -eq 0; then :
+  else
+    rm -f "$tmpdepfile"
+    exit $stat
+  fi
+  rm -f "$depfile"
+  # Each line is of the form `foo.o: dependent.h',
+  # or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'.
+  # Do two passes, one to just change these to
+  # `$object: dependent.h' and one to simply `dependent.h:'.
+  sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile"
+  # Some versions of the HPUX 10.20 sed can't process this invocation
+  # correctly.  Breaking it into two sed invocations is a workaround.
+  sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" |
+    sed -e 's/$/ :/' >> "$depfile"
+  rm -f "$tmpdepfile"
+  ;;
+
+tru64)
+   # The Tru64 compiler uses -MD to generate dependencies as a side
+   # effect.  `cc -MD -o foo.o ...' puts the dependencies into `foo.o.d'.
+   # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put
+   # dependencies in `foo.d' instead, so we check for that too.
+   # Subdirectories are respected.
+   dir=`echo "$object" | sed -e 's|/[^/]*$|/|'`
+   test "x$dir" = "x$object" && dir=
+   base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'`
+
+   if test "$libtool" = yes; then
+      # With Tru64 cc, shared objects can also be used to make a
+      # static library.  This mecanism is used in libtool 1.4 series to
+      # handle both shared and static libraries in a single compilation.
+      # With libtool 1.4, dependencies were output in $dir.libs/$base.lo.d.
+      #
+      # With libtool 1.5 this exception was removed, and libtool now
+      # generates 2 separate objects for the 2 libraries.  These two
+      # compilations output dependencies in in $dir.libs/$base.o.d and
+      # in $dir$base.o.d.  We have to check for both files, because
+      # one of the two compilations can be disabled.  We should prefer
+      # $dir$base.o.d over $dir.libs/$base.o.d because the latter is
+      # automatically cleaned when .libs/ is deleted, while ignoring
+      # the former would cause a distcleancheck panic.
+      tmpdepfile1=$dir.libs/$base.lo.d   # libtool 1.4
+      tmpdepfile2=$dir$base.o.d          # libtool 1.5
+      tmpdepfile3=$dir.libs/$base.o.d    # libtool 1.5
+      tmpdepfile4=$dir.libs/$base.d      # Compaq CCC V6.2-504
+      "$@" -Wc,-MD
+   else
+      tmpdepfile1=$dir$base.o.d
+      tmpdepfile2=$dir$base.d
+      tmpdepfile3=$dir$base.d
+      tmpdepfile4=$dir$base.d
+      "$@" -MD
+   fi
+
+   stat=$?
+   if test $stat -eq 0; then :
+   else
+      rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4"
+      exit $stat
+   fi
+
+   for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4"
+   do
+     test -f "$tmpdepfile" && break
+   done
+   if test -f "$tmpdepfile"; then
+      sed -e "s,^.*\.[a-z]*:,$object:," < "$tmpdepfile" > "$depfile"
+      # That's a tab and a space in the [].
+      sed -e 's,^.*\.[a-z]*:[	 ]*,,' -e 's,$,:,' < "$tmpdepfile" >> "$depfile"
+   else
+      echo "#dummy" > "$depfile"
+   fi
+   rm -f "$tmpdepfile"
+   ;;
+
+#nosideeffect)
+  # This comment above is used by automake to tell side-effect
+  # dependency tracking mechanisms from slower ones.
+
+dashmstdout)
+  # Important note: in order to support this mode, a compiler *must*
+  # always write the preprocessed file to stdout, regardless of -o.
+  "$@" || exit $?
+
+  # Remove the call to Libtool.
+  if test "$libtool" = yes; then
+    while test $1 != '--mode=compile'; do
+      shift
+    done
+    shift
+  fi
+
+  # Remove `-o $object'.
+  IFS=" "
+  for arg
+  do
+    case $arg in
+    -o)
+      shift
+      ;;
+    $object)
+      shift
+      ;;
+    *)
+      set fnord "$@" "$arg"
+      shift # fnord
+      shift # $arg
+      ;;
+    esac
+  done
+
+  test -z "$dashmflag" && dashmflag=-M
+  # Require at least two characters before searching for `:'
+  # in the target name.  This is to cope with DOS-style filenames:
+  # a dependency such as `c:/foo/bar' could be seen as target `c' otherwise.
+  "$@" $dashmflag |
+    sed 's:^[  ]*[^: ][^:][^:]*\:[    ]*:'"$object"'\: :' > "$tmpdepfile"
+  rm -f "$depfile"
+  cat < "$tmpdepfile" > "$depfile"
+  tr ' ' '
+' < "$tmpdepfile" | \
+## Some versions of the HPUX 10.20 sed can't process this invocation
+## correctly.  Breaking it into two sed invocations is a workaround.
+    sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile"
+  rm -f "$tmpdepfile"
+  ;;
+
+dashXmstdout)
+  # This case only exists to satisfy depend.m4.  It is never actually
+  # run, as this mode is specially recognized in the preamble.
+  exit 1
+  ;;
+
+makedepend)
+  "$@" || exit $?
+  # Remove any Libtool call
+  if test "$libtool" = yes; then
+    while test $1 != '--mode=compile'; do
+      shift
+    done
+    shift
+  fi
+  # X makedepend
+  shift
+  cleared=no
+  for arg in "$@"; do
+    case $cleared in
+    no)
+      set ""; shift
+      cleared=yes ;;
+    esac
+    case "$arg" in
+    -D*|-I*)
+      set fnord "$@" "$arg"; shift ;;
+    # Strip any option that makedepend may not understand.  Remove
+    # the object too, otherwise makedepend will parse it as a source file.
+    -*|$object)
+      ;;
+    *)
+      set fnord "$@" "$arg"; shift ;;
+    esac
+  done
+  obj_suffix="`echo $object | sed 's/^.*\././'`"
+  touch "$tmpdepfile"
+  ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@"
+  rm -f "$depfile"
+  cat < "$tmpdepfile" > "$depfile"
+  sed '1,2d' "$tmpdepfile" | tr ' ' '
+' | \
+## Some versions of the HPUX 10.20 sed can't process this invocation
+## correctly.  Breaking it into two sed invocations is a workaround.
+    sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile"
+  rm -f "$tmpdepfile" "$tmpdepfile".bak
+  ;;
+
+cpp)
+  # Important note: in order to support this mode, a compiler *must*
+  # always write the preprocessed file to stdout.
+  "$@" || exit $?
+
+  # Remove the call to Libtool.
+  if test "$libtool" = yes; then
+    while test $1 != '--mode=compile'; do
+      shift
+    done
+    shift
+  fi
+
+  # Remove `-o $object'.
+  IFS=" "
+  for arg
+  do
+    case $arg in
+    -o)
+      shift
+      ;;
+    $object)
+      shift
+      ;;
+    *)
+      set fnord "$@" "$arg"
+      shift # fnord
+      shift # $arg
+      ;;
+    esac
+  done
+
+  "$@" -E |
+    sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \
+       -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' |
+    sed '$ s: \\$::' > "$tmpdepfile"
+  rm -f "$depfile"
+  echo "$object : \\" > "$depfile"
+  cat < "$tmpdepfile" >> "$depfile"
+  sed < "$tmpdepfile" '/^$/d;s/^ //;s/ \\$//;s/$/ :/' >> "$depfile"
+  rm -f "$tmpdepfile"
+  ;;
+
+msvisualcpp)
+  # Important note: in order to support this mode, a compiler *must*
+  # always write the preprocessed file to stdout, regardless of -o,
+  # because we must use -o when running libtool.
+  "$@" || exit $?
+  IFS=" "
+  for arg
+  do
+    case "$arg" in
+    "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI")
+	set fnord "$@"
+	shift
+	shift
+	;;
+    *)
+	set fnord "$@" "$arg"
+	shift
+	shift
+	;;
+    esac
+  done
+  "$@" -E |
+  sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::echo "`cygpath -u \\"\1\\"`":p' | sort | uniq > "$tmpdepfile"
+  rm -f "$depfile"
+  echo "$object : \\" > "$depfile"
+  . "$tmpdepfile" | sed 's% %\\ %g' | sed -n '/^\(.*\)$/ s::	\1 \\:p' >> "$depfile"
+  echo "	" >> "$depfile"
+  . "$tmpdepfile" | sed 's% %\\ %g' | sed -n '/^\(.*\)$/ s::\1\::p' >> "$depfile"
+  rm -f "$tmpdepfile"
+  ;;
+
+none)
+  exec "$@"
+  ;;
+
+*)
+  echo "Unknown depmode $depmode" 1>&2
+  exit 1
+  ;;
+esac
+
+exit 0
+
+# Local Variables:
+# mode: shell-script
+# sh-indentation: 2
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-end: "$"
+# End:

config/install-sh

@@ -0,0 +1,323 @@
+#!/bin/sh
+# install - install a program, script, or datafile
+
+scriptversion=2005-05-14.22
+
+# This originates from X11R5 (mit/util/scripts/install.sh), which was
+# later released in X11R6 (xc/config/util/install.sh) with the
+# following copyright and license.
+#
+# Copyright (C) 1994 X Consortium
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
+# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC-
+# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+# Except as contained in this notice, the name of the X Consortium shall not
+# be used in advertising or otherwise to promote the sale, use or other deal-
+# ings in this Software without prior written authorization from the X Consor-
+# tium.
+#
+#
+# FSF changes to this file are in the public domain.
+#
+# Calling this script install-sh is preferred over install.sh, to prevent
+# `make' implicit rules from creating a file called install from it
+# when there is no Makefile.
+#
+# This script is compatible with the BSD install script, but was written
+# from scratch.  It can only install one file at a time, a restriction
+# shared with many OS's install programs.
+
+# set DOITPROG to echo to test this script
+
+# Don't use :- since 4.3BSD and earlier shells don't like it.
+doit="${DOITPROG-}"
+
+# put in absolute paths if you don't have them in your path; or use env. vars.
+
+mvprog="${MVPROG-mv}"
+cpprog="${CPPROG-cp}"
+chmodprog="${CHMODPROG-chmod}"
+chownprog="${CHOWNPROG-chown}"
+chgrpprog="${CHGRPPROG-chgrp}"
+stripprog="${STRIPPROG-strip}"
+rmprog="${RMPROG-rm}"
+mkdirprog="${MKDIRPROG-mkdir}"
+
+chmodcmd="$chmodprog 0755"
+chowncmd=
+chgrpcmd=
+stripcmd=
+rmcmd="$rmprog -f"
+mvcmd="$mvprog"
+src=
+dst=
+dir_arg=
+dstarg=
+no_target_directory=
+
+usage="Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE
+   or: $0 [OPTION]... SRCFILES... DIRECTORY
+   or: $0 [OPTION]... -t DIRECTORY SRCFILES...
+   or: $0 [OPTION]... -d DIRECTORIES...
+
+In the 1st form, copy SRCFILE to DSTFILE.
+In the 2nd and 3rd, copy all SRCFILES to DIRECTORY.
+In the 4th, create DIRECTORIES.
+
+Options:
+-c         (ignored)
+-d         create directories instead of installing files.
+-g GROUP   $chgrpprog installed files to GROUP.
+-m MODE    $chmodprog installed files to MODE.
+-o USER    $chownprog installed files to USER.
+-s         $stripprog installed files.
+-t DIRECTORY  install into DIRECTORY.
+-T         report an error if DSTFILE is a directory.
+--help     display this help and exit.
+--version  display version info and exit.
+
+Environment variables override the default commands:
+  CHGRPPROG CHMODPROG CHOWNPROG CPPROG MKDIRPROG MVPROG RMPROG STRIPPROG
+"
+
+while test -n "$1"; do
+  case $1 in
+    -c) shift
+        continue;;
+
+    -d) dir_arg=true
+        shift
+        continue;;
+
+    -g) chgrpcmd="$chgrpprog $2"
+        shift
+        shift
+        continue;;
+
+    --help) echo "$usage"; exit $?;;
+
+    -m) chmodcmd="$chmodprog $2"
+        shift
+        shift
+        continue;;
+
+    -o) chowncmd="$chownprog $2"
+        shift
+        shift
+        continue;;
+
+    -s) stripcmd=$stripprog
+        shift
+        continue;;
+
+    -t) dstarg=$2
+	shift
+	shift
+	continue;;
+
+    -T) no_target_directory=true
+	shift
+	continue;;
+
+    --version) echo "$0 $scriptversion"; exit $?;;
+
+    *)  # When -d is used, all remaining arguments are directories to create.
+	# When -t is used, the destination is already specified.
+	test -n "$dir_arg$dstarg" && break
+        # Otherwise, the last argument is the destination.  Remove it from $@.
+	for arg
+	do
+          if test -n "$dstarg"; then
+	    # $@ is not empty: it contains at least $arg.
+	    set fnord "$@" "$dstarg"
+	    shift # fnord
+	  fi
+	  shift # arg
+	  dstarg=$arg
+	done
+	break;;
+  esac
+done
+
+if test -z "$1"; then
+  if test -z "$dir_arg"; then
+    echo "$0: no input file specified." >&2
+    exit 1
+  fi
+  # It's OK to call `install-sh -d' without argument.
+  # This can happen when creating conditional directories.
+  exit 0
+fi
+
+for src
+do
+  # Protect names starting with `-'.
+  case $src in
+    -*) src=./$src ;;
+  esac
+
+  if test -n "$dir_arg"; then
+    dst=$src
+    src=
+
+    if test -d "$dst"; then
+      mkdircmd=:
+      chmodcmd=
+    else
+      mkdircmd=$mkdirprog
+    fi
+  else
+    # Waiting for this to be detected by the "$cpprog $src $dsttmp" command
+    # might cause directories to be created, which would be especially bad
+    # if $src (and thus $dsttmp) contains '*'.
+    if test ! -f "$src" && test ! -d "$src"; then
+      echo "$0: $src does not exist." >&2
+      exit 1
+    fi
+
+    if test -z "$dstarg"; then
+      echo "$0: no destination specified." >&2
+      exit 1
+    fi
+
+    dst=$dstarg
+    # Protect names starting with `-'.
+    case $dst in
+      -*) dst=./$dst ;;
+    esac
+
+    # If destination is a directory, append the input filename; won't work
+    # if double slashes aren't ignored.
+    if test -d "$dst"; then
+      if test -n "$no_target_directory"; then
+	echo "$0: $dstarg: Is a directory" >&2
+	exit 1
+      fi
+      dst=$dst/`basename "$src"`
+    fi
+  fi
+
+  # This sed command emulates the dirname command.
+  dstdir=`echo "$dst" | sed -e 's,/*$,,;s,[^/]*$,,;s,/*$,,;s,^$,.,'`
+
+  # Make sure that the destination directory exists.
+
+  # Skip lots of stat calls in the usual case.
+  if test ! -d "$dstdir"; then
+    defaultIFS='
+	 '
+    IFS="${IFS-$defaultIFS}"
+
+    oIFS=$IFS
+    # Some sh's can't handle IFS=/ for some reason.
+    IFS='%'
+    set x `echo "$dstdir" | sed -e 's@/@%@g' -e 's@^%@/@'`
+    shift
+    IFS=$oIFS
+
+    pathcomp=
+
+    while test $# -ne 0 ; do
+      pathcomp=$pathcomp$1
+      shift
+      if test ! -d "$pathcomp"; then
+        $mkdirprog "$pathcomp"
+	# mkdir can fail with a `File exist' error in case several
+	# install-sh are creating the directory concurrently.  This
+	# is OK.
+	test -d "$pathcomp" || exit
+      fi
+      pathcomp=$pathcomp/
+    done
+  fi
+
+  if test -n "$dir_arg"; then
+    $doit $mkdircmd "$dst" \
+      && { test -z "$chowncmd" || $doit $chowncmd "$dst"; } \
+      && { test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } \
+      && { test -z "$stripcmd" || $doit $stripcmd "$dst"; } \
+      && { test -z "$chmodcmd" || $doit $chmodcmd "$dst"; }
+
+  else
+    dstfile=`basename "$dst"`
+
+    # Make a couple of temp file names in the proper directory.
+    dsttmp=$dstdir/_inst.$$_
+    rmtmp=$dstdir/_rm.$$_
+
+    # Trap to clean up those temp files at exit.
+    trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0
+    trap '(exit $?); exit' 1 2 13 15
+
+    # Copy the file name to the temp name.
+    $doit $cpprog "$src" "$dsttmp" &&
+
+    # and set any options; do chmod last to preserve setuid bits.
+    #
+    # If any of these fail, we abort the whole thing.  If we want to
+    # ignore errors from any of these, just make sure not to ignore
+    # errors from the above "$doit $cpprog $src $dsttmp" command.
+    #
+    { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } \
+      && { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } \
+      && { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } \
+      && { test -z "$chmodcmd" || $doit $chmodcmd "$dsttmp"; } &&
+
+    # Now rename the file to the real destination.
+    { $doit $mvcmd -f "$dsttmp" "$dstdir/$dstfile" 2>/dev/null \
+      || {
+	   # The rename failed, perhaps because mv can't rename something else
+	   # to itself, or perhaps because mv is so ancient that it does not
+	   # support -f.
+
+	   # Now remove or move aside any old file at destination location.
+	   # We try this two ways since rm can't unlink itself on some
+	   # systems and the destination file might be busy for other
+	   # reasons.  In this case, the final cleanup might fail but the new
+	   # file should still install successfully.
+	   {
+	     if test -f "$dstdir/$dstfile"; then
+	       $doit $rmcmd -f "$dstdir/$dstfile" 2>/dev/null \
+	       || $doit $mvcmd -f "$dstdir/$dstfile" "$rmtmp" 2>/dev/null \
+	       || {
+		 echo "$0: cannot unlink or rename $dstdir/$dstfile" >&2
+		 (exit 1); exit 1
+	       }
+	     else
+	       :
+	     fi
+	   } &&
+
+	   # Now rename the file to the real destination.
+	   $doit $mvcmd "$dsttmp" "$dstdir/$dstfile"
+	 }
+    }
+  fi || { (exit 1); exit 1; }
+done
+
+# The final little trick to "correctly" pass the exit status to the exit trap.
+{
+  (exit 0); exit 0
+}
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-end: "$"
+# End:

config/missing

@@ -0,0 +1,360 @@
+#! /bin/sh
+# Common stub for a few missing GNU programs while installing.
+
+scriptversion=2005-06-08.21
+
+# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005
+#   Free Software Foundation, Inc.
+# Originally by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301, USA.
+
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+if test $# -eq 0; then
+  echo 1>&2 "Try \`$0 --help' for more information"
+  exit 1
+fi
+
+run=:
+
+# In the cases where this matters, `missing' is being run in the
+# srcdir already.
+if test -f configure.ac; then
+  configure_ac=configure.ac
+else
+  configure_ac=configure.in
+fi
+
+msg="missing on your system"
+
+case "$1" in
+--run)
+  # Try to run requested program, and just exit if it succeeds.
+  run=
+  shift
+  "$@" && exit 0
+  # Exit code 63 means version mismatch.  This often happens
+  # when the user try to use an ancient version of a tool on
+  # a file that requires a minimum version.  In this case we
+  # we should proceed has if the program had been absent, or
+  # if --run hadn't been passed.
+  if test $? = 63; then
+    run=:
+    msg="probably too old"
+  fi
+  ;;
+
+  -h|--h|--he|--hel|--help)
+    echo "\
+$0 [OPTION]... PROGRAM [ARGUMENT]...
+
+Handle \`PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an
+error status if there is no known handling for PROGRAM.
+
+Options:
+  -h, --help      display this help and exit
+  -v, --version   output version information and exit
+  --run           try to run the given command, and emulate it if it fails
+
+Supported PROGRAM values:
+  aclocal      touch file \`aclocal.m4'
+  autoconf     touch file \`configure'
+  autoheader   touch file \`config.h.in'
+  automake     touch all \`Makefile.in' files
+  bison        create \`y.tab.[ch]', if possible, from existing .[ch]
+  flex         create \`lex.yy.c', if possible, from existing .c
+  help2man     touch the output file
+  lex          create \`lex.yy.c', if possible, from existing .c
+  makeinfo     touch the output file
+  tar          try tar, gnutar, gtar, then tar without non-portable flags
+  yacc         create \`y.tab.[ch]', if possible, from existing .[ch]
+
+Send bug reports to <bug-automake@gnu.org>."
+    exit $?
+    ;;
+
+  -v|--v|--ve|--ver|--vers|--versi|--versio|--version)
+    echo "missing $scriptversion (GNU Automake)"
+    exit $?
+    ;;
+
+  -*)
+    echo 1>&2 "$0: Unknown \`$1' option"
+    echo 1>&2 "Try \`$0 --help' for more information"
+    exit 1
+    ;;
+
+esac
+
+# Now exit if we have it, but it failed.  Also exit now if we
+# don't have it and --version was passed (most likely to detect
+# the program).
+case "$1" in
+  lex|yacc)
+    # Not GNU programs, they don't have --version.
+    ;;
+
+  tar)
+    if test -n "$run"; then
+       echo 1>&2 "ERROR: \`tar' requires --run"
+       exit 1
+    elif test "x$2" = "x--version" || test "x$2" = "x--help"; then
+       exit 1
+    fi
+    ;;
+
+  *)
+    if test -z "$run" && ($1 --version) > /dev/null 2>&1; then
+       # We have it, but it failed.
+       exit 1
+    elif test "x$2" = "x--version" || test "x$2" = "x--help"; then
+       # Could not run --version or --help.  This is probably someone
+       # running `$TOOL --version' or `$TOOL --help' to check whether
+       # $TOOL exists and not knowing $TOOL uses missing.
+       exit 1
+    fi
+    ;;
+esac
+
+# If it does not exist, or fails to run (possibly an outdated version),
+# try to emulate it.
+case "$1" in
+  aclocal*)
+    echo 1>&2 "\
+WARNING: \`$1' is $msg.  You should only need it if
+         you modified \`acinclude.m4' or \`${configure_ac}'.  You might want
+         to install the \`Automake' and \`Perl' packages.  Grab them from
+         any GNU archive site."
+    touch aclocal.m4
+    ;;
+
+  autoconf)
+    echo 1>&2 "\
+WARNING: \`$1' is $msg.  You should only need it if
+         you modified \`${configure_ac}'.  You might want to install the
+         \`Autoconf' and \`GNU m4' packages.  Grab them from any GNU
+         archive site."
+    touch configure
+    ;;
+
+  autoheader)
+    echo 1>&2 "\
+WARNING: \`$1' is $msg.  You should only need it if
+         you modified \`acconfig.h' or \`${configure_ac}'.  You might want
+         to install the \`Autoconf' and \`GNU m4' packages.  Grab them
+         from any GNU archive site."
+    files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' ${configure_ac}`
+    test -z "$files" && files="config.h"
+    touch_files=
+    for f in $files; do
+      case "$f" in
+      *:*) touch_files="$touch_files "`echo "$f" |
+				       sed -e 's/^[^:]*://' -e 's/:.*//'`;;
+      *) touch_files="$touch_files $f.in";;
+      esac
+    done
+    touch $touch_files
+    ;;
+
+  automake*)
+    echo 1>&2 "\
+WARNING: \`$1' is $msg.  You should only need it if
+         you modified \`Makefile.am', \`acinclude.m4' or \`${configure_ac}'.
+         You might want to install the \`Automake' and \`Perl' packages.
+         Grab them from any GNU archive site."
+    find . -type f -name Makefile.am -print |
+	   sed 's/\.am$/.in/' |
+	   while read f; do touch "$f"; done
+    ;;
+
+  autom4te)
+    echo 1>&2 "\
+WARNING: \`$1' is needed, but is $msg.
+         You might have modified some files without having the
+         proper tools for further handling them.
+         You can get \`$1' as part of \`Autoconf' from any GNU
+         archive site."
+
+    file=`echo "$*" | sed -n 's/.*--output[ =]*\([^ ]*\).*/\1/p'`
+    test -z "$file" && file=`echo "$*" | sed -n 's/.*-o[ ]*\([^ ]*\).*/\1/p'`
+    if test -f "$file"; then
+	touch $file
+    else
+	test -z "$file" || exec >$file
+	echo "#! /bin/sh"
+	echo "# Created by GNU Automake missing as a replacement of"
+	echo "#  $ $@"
+	echo "exit 0"
+	chmod +x $file
+	exit 1
+    fi
+    ;;
+
+  bison|yacc)
+    echo 1>&2 "\
+WARNING: \`$1' $msg.  You should only need it if
+         you modified a \`.y' file.  You may need the \`Bison' package
+         in order for those modifications to take effect.  You can get
+         \`Bison' from any GNU archive site."
+    rm -f y.tab.c y.tab.h
+    if [ $# -ne 1 ]; then
+        eval LASTARG="\${$#}"
+	case "$LASTARG" in
+	*.y)
+	    SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'`
+	    if [ -f "$SRCFILE" ]; then
+	         cp "$SRCFILE" y.tab.c
+	    fi
+	    SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'`
+	    if [ -f "$SRCFILE" ]; then
+	         cp "$SRCFILE" y.tab.h
+	    fi
+	  ;;
+	esac
+    fi
+    if [ ! -f y.tab.h ]; then
+	echo >y.tab.h
+    fi
+    if [ ! -f y.tab.c ]; then
+	echo 'main() { return 0; }' >y.tab.c
+    fi
+    ;;
+
+  lex|flex)
+    echo 1>&2 "\
+WARNING: \`$1' is $msg.  You should only need it if
+         you modified a \`.l' file.  You may need the \`Flex' package
+         in order for those modifications to take effect.  You can get
+         \`Flex' from any GNU archive site."
+    rm -f lex.yy.c
+    if [ $# -ne 1 ]; then
+        eval LASTARG="\${$#}"
+	case "$LASTARG" in
+	*.l)
+	    SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'`
+	    if [ -f "$SRCFILE" ]; then
+	         cp "$SRCFILE" lex.yy.c
+	    fi
+	  ;;
+	esac
+    fi
+    if [ ! -f lex.yy.c ]; then
+	echo 'main() { return 0; }' >lex.yy.c
+    fi
+    ;;
+
+  help2man)
+    echo 1>&2 "\
+WARNING: \`$1' is $msg.  You should only need it if
+	 you modified a dependency of a manual page.  You may need the
+	 \`Help2man' package in order for those modifications to take
+	 effect.  You can get \`Help2man' from any GNU archive site."
+
+    file=`echo "$*" | sed -n 's/.*-o \([^ ]*\).*/\1/p'`
+    if test -z "$file"; then
+	file=`echo "$*" | sed -n 's/.*--output=\([^ ]*\).*/\1/p'`
+    fi
+    if [ -f "$file" ]; then
+	touch $file
+    else
+	test -z "$file" || exec >$file
+	echo ".ab help2man is required to generate this page"
+	exit 1
+    fi
+    ;;
+
+  makeinfo)
+    echo 1>&2 "\
+WARNING: \`$1' is $msg.  You should only need it if
+         you modified a \`.texi' or \`.texinfo' file, or any other file
+         indirectly affecting the aspect of the manual.  The spurious
+         call might also be the consequence of using a buggy \`make' (AIX,
+         DU, IRIX).  You might want to install the \`Texinfo' package or
+         the \`GNU make' package.  Grab either from any GNU archive site."
+    # The file to touch is that specified with -o ...
+    file=`echo "$*" | sed -n 's/.*-o \([^ ]*\).*/\1/p'`
+    if test -z "$file"; then
+      # ... or it is the one specified with @setfilename ...
+      infile=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'`
+      file=`sed -n '/^@setfilename/ { s/.* \([^ ]*\) *$/\1/; p; q; }' $infile`
+      # ... or it is derived from the source name (dir/f.texi becomes f.info)
+      test -z "$file" && file=`echo "$infile" | sed 's,.*/,,;s,.[^.]*$,,'`.info
+    fi
+    # If the file does not exist, the user really needs makeinfo;
+    # let's fail without touching anything.
+    test -f $file || exit 1
+    touch $file
+    ;;
+
+  tar)
+    shift
+
+    # We have already tried tar in the generic part.
+    # Look for gnutar/gtar before invocation to avoid ugly error
+    # messages.
+    if (gnutar --version > /dev/null 2>&1); then
+       gnutar "$@" && exit 0
+    fi
+    if (gtar --version > /dev/null 2>&1); then
+       gtar "$@" && exit 0
+    fi
+    firstarg="$1"
+    if shift; then
+	case "$firstarg" in
+	*o*)
+	    firstarg=`echo "$firstarg" | sed s/o//`
+	    tar "$firstarg" "$@" && exit 0
+	    ;;
+	esac
+	case "$firstarg" in
+	*h*)
+	    firstarg=`echo "$firstarg" | sed s/h//`
+	    tar "$firstarg" "$@" && exit 0
+	    ;;
+	esac
+    fi
+
+    echo 1>&2 "\
+WARNING: I can't seem to be able to run \`tar' with the given arguments.
+         You may want to install GNU tar or Free paxutils, or check the
+         command line arguments."
+    exit 1
+    ;;
+
+  *)
+    echo 1>&2 "\
+WARNING: \`$1' is needed, and is $msg.
+         You might have modified some files without having the
+         proper tools for further handling them.  Check the \`README' file,
+         it often tells you about the needed prerequisites for installing
+         this package.  You may also peek at any GNU archive site, in case
+         some other package would contain this missing \`$1' program."
+    exit 1
+    ;;
+esac
+
+exit 0
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-end: "$"
+# End:

config/mkinstalldirs

@@ -0,0 +1 @@
+/usr/share/automake/mkinstalldirs

configure.in

@@ -0,0 +1,103 @@
+## -*-m4-*-
+# $Id: configure.in 1162 2007-01-06 23:51:02Z benoitg $
+
+dnl Process this file with autoconf to produce a configure script.
+
+# FILE:
+# configure.in
+#
+# FUNCTION:
+# implements checks for a variety of system-specific functions
+
+AC_INIT(src/common.h)
+AM_CONFIG_HEADER(config.h)
+AC_CONFIG_AUX_DIR(config)
+AC_PROG_CC
+AC_PROG_CXX
+#AC_PROG_RANLIB
+
+AC_SUBST(BUILDROOT)
+
+NODOGSPLASH_MAJOR_VERSION=0
+NODOGSPLASH_MINOR_VERSION=7_beta7
+NODOGSPLASH_VERSION=$NODOGSPLASH_MAJOR_VERSION.$NODOGSPLASH_MINOR_VERSION
+
+AC_SUBST(NODOGSPLASH_MAJOR_VERSION)
+AC_SUBST(NODOGSPLASH_MINOR_VERSION)
+AC_SUBST(NODOGSPLASH_VERSION)
+AM_INIT_AUTOMAKE(nodogsplash,$NODOGSPLASH_VERSION)
+
+
+AM_MAINTAINER_MODE
+
+AC_PROG_INSTALL
+
+AC_LIBTOOL_DLOPEN
+AM_PROG_LIBTOOL
+
+AC_ISC_POSIX
+AC_C_BIGENDIAN
+AC_PROG_MAKE_SET
+AC_HEADER_STDC
+
+ 
+# check for doxygen, mostly stolen from http://log4cpp.sourceforge.net/
+# ----------------------------------------------------------------------------
+AC_DEFUN([BB_ENABLE_DOXYGEN],
+[
+AC_ARG_ENABLE(doxygen, [  --enable-doxygen        enable documentation generation with doxygen (auto)])
+AC_ARG_ENABLE(dot, [  --enable-dot            use 'dot' to generate graphs in doxygen (auto)])              
+AC_ARG_ENABLE(html-docs, [  --enable-html-docs      enable HTML generation with doxygen (yes)], [], [ enable_html_docs=yes])              
+AC_ARG_ENABLE(latex-docs, [  --enable-latex-docs     enable LaTeX documentation generation with doxygen (no)], [], [ enable_latex_docs=no])              
+if test "x$enable_doxygen" = xno; then
+        enable_doc=no
+else 
+        AC_PATH_PROG(DOXYGEN, doxygen, , $PATH)
+        if test x$DOXYGEN = x; then
+                if test "x$enable_doxygen" = xyes; then
+                        AC_MSG_ERROR([could not find doxygen])
+                fi
+                enable_doc=no
+        else
+                enable_doc=yes
+                AC_PATH_PROG(DOT, dot, , $PATH)
+        fi
+fi
+AM_CONDITIONAL(DOC, test x$enable_doc = xyes)
+
+if test x$DOT = x; then
+        if test "x$enable_dot" = xyes; then
+                AC_MSG_ERROR([could not find dot])
+        fi
+        enable_dot=no
+else
+        enable_dot=yes
+fi
+AM_CONDITIONAL(ENABLE_DOXYGEN, test x$enable_doc = xtrue)
+AC_SUBST(enable_dot)
+AC_SUBST(enable_html_docs)
+AC_SUBST(enable_latex_docs)
+])
+
+# check for doxygen
+# ----------------------------------------------------------------------------
+BB_ENABLE_DOXYGEN
+
+# check for pthread
+AC_CHECK_HEADER(pthread.h, , AC_MSG_ERROR(You need the pthread headers) )
+AC_CHECK_LIB(pthread, pthread_create, , AC_MSG_ERROR(You need the pthread library) )
+
+# libhttpd dependencies
+echo "Begining libhttpd dependencies check"
+AC_CHECK_HEADERS(string.h strings.h stdarg.h unistd.h)
+AC_HAVE_LIBRARY(socket)
+AC_HAVE_LIBRARY(nsl)
+echo "libhttpd dependencies check complete"
+
+AC_OUTPUT( 		Makefile 
+	   		nodogsplash.spec
+			src/Makefile
+			libhttpd/Makefile
+			doc/Makefile
+			)
+

debian/changelog

@@ -0,0 +1,14 @@
+wifidog (1.0.0-1) stable; urgency=low
+
+  * New init.d file.
+  * Inclu
+  * debian/rules: Configuration and init.d file added.
+  * Bump version in anticipation for release
+
+ -- Guillaume Beaudoin <isf@soli.ca>  Sun, 29 Aug 2004 23:14:12 -0400
+
+wifidog (0.2.0-1) stable; urgency=low
+
+  * Initial Package
+
+ -- Philippe April <philippe@philippeapril.com>  Wed, 21 Jul 2004 15:22:50 -0500

debian/control

@@ -0,0 +1,14 @@
+Source: nodogsplash
+Section: net
+Priority: optional
+Maintainer: Paul Kube <nodogsplash@kokoro.ucsd.edu>
+
+Package: nodogsplash
+Architecture: any
+Depends: iptables, modutils, grep, mawk | awk
+Provides: libhttpd
+Description: The Nodogsplash client
+ The Nodogsplash project is a very simple embeddable captive portal
+ solution for wireless community groups or individuals who wish to open
+ a free HotSpot while still preventing abuse of their Internet connection.
+ It is based on the Wifi Dog project.

debian/rules

@@ -0,0 +1,74 @@
+#!/usr/bin/make -f
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+build: build-stamp
+build-stamp:
+	dh_testdir
+
+	./configure --prefix=/usr
+	$(MAKE)
+
+	touch build-stamp
+
+clean:
+	dh_testdir
+	dh_testroot
+	rm -f build-stamp
+
+	-$(MAKE) clean
+	-$(MAKE) distclean
+
+	dh_clean
+
+install: build
+	dh_testdir
+	dh_testroot
+	dh_clean -k
+	dh_installdirs
+
+	$(MAKE) DESTDIR=$(CURDIR)/debian/tmp install
+	mkdir -p $(CURDIR)/debian/tmp/etc
+	cp wifidog.conf $(CURDIR)/debian/tmp/etc
+	cp scripts/init.d/wifidog debian/wifidog.init
+
+# Build architecture-independent files here.
+binary-indep: build install
+# We have nothing to do by default.
+
+# Build architecture-dependent files here.
+binary-arch: build install
+	dh_testdir
+	dh_testroot
+	dh_installchangelogs
+	dh_installdocs
+#	dh_installexamples
+#	dh_install
+#	dh_installmenu
+#	dh_installdebconf	
+#	dh_installlogrotate
+#	dh_installemacsen
+#	dh_installcatalogs
+#	dh_installpam
+#	dh_installmime
+	dh_installinit
+#	dh_installcron
+#	dh_installinfo
+#	dh_undocumented
+	dh_installman
+	dh_link
+	dh_strip
+	dh_compress
+	dh_fixperms
+#	dh_perl
+#	dh_python
+	dh_makeshlibs
+	dh_installdeb
+#	dh_shlibdeps
+	dh_gencontrol
+	dh_md5sums
+	dh_builddeb
+
+binary: binary-indep binary-arch
+.PHONY: build clean binary-indep binary-arch binary install

doc/Makefile.in

@@ -0,0 +1,542 @@
+# Makefile.in generated by automake 1.9.6 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005  Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+top_builddir = ..
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+INSTALL = @INSTALL@
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = doc
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+SOURCES =
+DIST_SOURCES =
+RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
+	html-recursive info-recursive install-data-recursive \
+	install-exec-recursive install-info-recursive \
+	install-recursive installcheck-recursive installdirs-recursive \
+	pdf-recursive ps-recursive uninstall-info-recursive \
+	uninstall-recursive
+ETAGS = etags
+CTAGS = ctags
+DIST_SUBDIRS = $(SUBDIRS)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMDEP_FALSE = @AMDEP_FALSE@
+AMDEP_TRUE = @AMDEP_TRUE@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BUILDROOT = @BUILDROOT@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DOC_FALSE = @DOC_FALSE@
+DOC_TRUE = @DOC_TRUE@
+DOT = @DOT@
+DOXYGEN = @DOXYGEN@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ENABLE_DOXYGEN_FALSE = @ENABLE_DOXYGEN_FALSE@
+ENABLE_DOXYGEN_TRUE = @ENABLE_DOXYGEN_TRUE@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+GREP = @GREP@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAINT = @MAINT@
+MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@
+MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@
+MAKEINFO = @MAKEINFO@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+RANLIB = @RANLIB@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+VERSION = @VERSION@
+WIFIDOG_MAJOR_VERSION = @WIFIDOG_MAJOR_VERSION@
+WIFIDOG_MICRO_VERSION = @WIFIDOG_MICRO_VERSION@
+WIFIDOG_MINOR_VERSION = @WIFIDOG_MINOR_VERSION@
+WIFIDOG_VERSION = @WIFIDOG_VERSION@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
+am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
+am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@
+am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = ${prefix}/share/doc/wifidog-@VERSION@
+dvidir = @dvidir@
+enable_dot = @enable_dot@
+enable_html_docs = @enable_html_docs@
+enable_latex_docs = @enable_latex_docs@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+SUBDIRS = 
+EXTRA_DIST = \
+	doxygen.cfg \
+	doxygen.cfg.in \
+	README.developers.txt
+
+all: all-recursive
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am  $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+		&& exit 0; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu  doc/Makefile'; \
+	cd $(top_srcdir) && \
+	  $(AUTOMAKE) --gnu  doc/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+	esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+
+distclean-libtool:
+	-rm -f libtool
+uninstall-info-am:
+
+# This directory's subdirectories are mostly independent; you can cd
+# into them and run `make' without going through this Makefile.
+# To change the values of `make' variables: instead of editing Makefiles,
+# (1) if the variable is set in `config.status', edit `config.status'
+#     (which will cause the Makefiles to be regenerated when you run `make');
+# (2) otherwise, pass the desired values on the `make' command line.
+$(RECURSIVE_TARGETS):
+	@failcom='exit 1'; \
+	for f in x $$MAKEFLAGS; do \
+	  case $$f in \
+	    *=* | --[!k]*);; \
+	    *k*) failcom='fail=yes';; \
+	  esac; \
+	done; \
+	dot_seen=no; \
+	target=`echo $@ | sed s/-recursive//`; \
+	list='$(SUBDIRS)'; for subdir in $$list; do \
+	  echo "Making $$target in $$subdir"; \
+	  if test "$$subdir" = "."; then \
+	    dot_seen=yes; \
+	    local_target="$$target-am"; \
+	  else \
+	    local_target="$$target"; \
+	  fi; \
+	  (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+	  || eval $$failcom; \
+	done; \
+	if test "$$dot_seen" = "no"; then \
+	  $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \
+	fi; test -z "$$fail"
+
+mostlyclean-recursive clean-recursive distclean-recursive \
+maintainer-clean-recursive:
+	@failcom='exit 1'; \
+	for f in x $$MAKEFLAGS; do \
+	  case $$f in \
+	    *=* | --[!k]*);; \
+	    *k*) failcom='fail=yes';; \
+	  esac; \
+	done; \
+	dot_seen=no; \
+	case "$@" in \
+	  distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \
+	  *) list='$(SUBDIRS)' ;; \
+	esac; \
+	rev=''; for subdir in $$list; do \
+	  if test "$$subdir" = "."; then :; else \
+	    rev="$$subdir $$rev"; \
+	  fi; \
+	done; \
+	rev="$$rev ."; \
+	target=`echo $@ | sed s/-recursive//`; \
+	for subdir in $$rev; do \
+	  echo "Making $$target in $$subdir"; \
+	  if test "$$subdir" = "."; then \
+	    local_target="$$target-am"; \
+	  else \
+	    local_target="$$target"; \
+	  fi; \
+	  (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \
+	  || eval $$failcom; \
+	done && test -z "$$fail"
+tags-recursive:
+	list='$(SUBDIRS)'; for subdir in $$list; do \
+	  test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \
+	done
+ctags-recursive:
+	list='$(SUBDIRS)'; for subdir in $$list; do \
+	  test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) ctags); \
+	done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+	list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+	unique=`for i in $$list; do \
+	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+	  done | \
+	  $(AWK) '    { files[$$0] = 1; } \
+	       END { for (i in files) print i; }'`; \
+	mkid -fID $$unique
+tags: TAGS
+
+TAGS: tags-recursive $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
+		$(TAGS_FILES) $(LISP)
+	tags=; \
+	here=`pwd`; \
+	if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \
+	  include_option=--etags-include; \
+	  empty_fix=.; \
+	else \
+	  include_option=--include; \
+	  empty_fix=; \
+	fi; \
+	list='$(SUBDIRS)'; for subdir in $$list; do \
+	  if test "$$subdir" = .; then :; else \
+	    test ! -f $$subdir/TAGS || \
+	      tags="$$tags $$include_option=$$here/$$subdir/TAGS"; \
+	  fi; \
+	done; \
+	list='$(SOURCES) $(HEADERS)  $(LISP) $(TAGS_FILES)'; \
+	unique=`for i in $$list; do \
+	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+	  done | \
+	  $(AWK) '    { files[$$0] = 1; } \
+	       END { for (i in files) print i; }'`; \
+	if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	    $$tags $$unique; \
+	fi
+ctags: CTAGS
+CTAGS: ctags-recursive $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
+		$(TAGS_FILES) $(LISP)
+	tags=; \
+	here=`pwd`; \
+	list='$(SOURCES) $(HEADERS)  $(LISP) $(TAGS_FILES)'; \
+	unique=`for i in $$list; do \
+	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+	  done | \
+	  $(AWK) '    { files[$$0] = 1; } \
+	       END { for (i in files) print i; }'`; \
+	test -z "$(CTAGS_ARGS)$$tags$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$tags $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && cd $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \
+	list='$(DISTFILES)'; for file in $$list; do \
+	  case $$file in \
+	    $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \
+	    $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \
+	  esac; \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
+	  if test "$$dir" != "$$file" && test "$$dir" != "."; then \
+	    dir="/$$dir"; \
+	    $(mkdir_p) "$(distdir)$$dir"; \
+	  else \
+	    dir=''; \
+	  fi; \
+	  if test -d $$d/$$file; then \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+	    fi; \
+	    cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+	  else \
+	    test -f $(distdir)/$$file \
+	    || cp -p $$d/$$file $(distdir)/$$file \
+	    || exit 1; \
+	  fi; \
+	done
+	list='$(DIST_SUBDIRS)'; for subdir in $$list; do \
+	  if test "$$subdir" = .; then :; else \
+	    test -d "$(distdir)/$$subdir" \
+	    || $(mkdir_p) "$(distdir)/$$subdir" \
+	    || exit 1; \
+	    distdir=`$(am__cd) $(distdir) && pwd`; \
+	    top_distdir=`$(am__cd) $(top_distdir) && pwd`; \
+	    (cd $$subdir && \
+	      $(MAKE) $(AM_MAKEFLAGS) \
+	        top_distdir="$$top_distdir" \
+	        distdir="$$distdir/$$subdir" \
+	        distdir) \
+	      || exit 1; \
+	  fi; \
+	done
+	$(MAKE) $(AM_MAKEFLAGS) \
+	  top_distdir="$(top_distdir)" distdir="$(distdir)" \
+	  dist-hook
+check-am: all-am
+check: check-recursive
+all-am: Makefile
+installdirs: installdirs-recursive
+installdirs-am:
+install: install-recursive
+install-exec: install-exec-recursive
+install-data: install-data-recursive
+uninstall: uninstall-recursive
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-recursive
+install-strip:
+	$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	  install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	  `test -z '$(STRIP)' || \
+	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+clean: clean-recursive
+
+clean-am: clean-generic clean-libtool clean-local mostlyclean-am
+
+distclean: distclean-recursive
+	-rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-libtool \
+	distclean-tags
+
+dvi: dvi-recursive
+
+dvi-am:
+
+html: html-recursive
+
+info: info-recursive
+
+info-am:
+
+install-data-am:
+	@$(NORMAL_INSTALL)
+	$(MAKE) $(AM_MAKEFLAGS) install-data-hook
+
+install-exec-am:
+
+install-info: install-info-recursive
+
+install-man:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-recursive
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic \
+	maintainer-clean-local
+
+mostlyclean: mostlyclean-recursive
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-recursive
+
+pdf-am:
+
+ps: ps-recursive
+
+ps-am:
+
+uninstall-am: uninstall-info-am
+	@$(NORMAL_INSTALL)
+	$(MAKE) $(AM_MAKEFLAGS) uninstall-hook
+
+uninstall-info: uninstall-info-recursive
+
+.PHONY: $(RECURSIVE_TARGETS) CTAGS GTAGS all all-am check check-am \
+	clean clean-generic clean-libtool clean-local clean-recursive \
+	ctags ctags-recursive dist-hook distclean distclean-generic \
+	distclean-libtool distclean-recursive distclean-tags distdir \
+	dvi dvi-am html html-am info info-am install install-am \
+	install-data install-data-am install-data-hook install-exec \
+	install-exec-am install-info install-info-am install-man \
+	install-strip installcheck installcheck-am installdirs \
+	installdirs-am maintainer-clean maintainer-clean-generic \
+	maintainer-clean-local maintainer-clean-recursive mostlyclean \
+	mostlyclean-generic mostlyclean-libtool mostlyclean-recursive \
+	pdf pdf-am ps ps-am tags tags-recursive uninstall uninstall-am \
+	uninstall-hook uninstall-info-am
+
+
+all:
+
+doc: doxygen.cfg
+	echo "doc: " && pwd && 	echo "distdir: " && echo $(distdir)
+	rm -rf html/ refman.pdf
+	$(DOXYGEN) doxygen.cfg
+#	$(MAKE) -C latex/ 
+#	mv latex/refman.pdf ./refman.pdf
+
+dist-hook: doxygen.cfg
+	echo "dist-hook: " && pwd
+	cd $(srcdir) && pwd && rm -rf html refman.pdf && $(DOXYGEN) doxygen.cfg
+	cp -rp html ${distdir}
+
+clean-local:
+	echo "clean-local: " && pwd
+	rm -rf latex/
+	rm -f *~
+	rm -f doxygen.log
+	rm -f doxygen.cfg
+
+maintainer-clean-local: clean-local
+	echo "maintainer-clean-local: " && pwd
+	rm -rf html refman.pdf
+
+install-data-hook:
+	$(mkinstalldirs) $(DESTDIR)$(docdir)
+	mkdir -p html #Workaround to allow libofx-cvs user to install without doc.
+	cp -rp html $(DESTDIR)$(docdir)
+
+uninstall-hook:
+	chmod +w -R $(DESTDIR)${docdir}/html #Why chmod is needed is a mystery
+	rm -rf $(DESTDIR)${docdir}/html
+
+doxygen.cfg: doxygen.cfg.in Makefile
+	rm -f $@.tmp
+	sed < $< > $@.tmp \
+            -e 's:@-top_srcdir-@:${top_srcdir}:g'
+	mv $@.tmp $@
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:

htdocs/splash.html

@@ -0,0 +1,28 @@
+<html>
+<head>
+  <title>$gatewayname Entry</title>
+  <meta HTTP-EQUIV="Pragma" CONTENT="no-cache">
+</head>
+<body bgcolor="#DDDDDD" text="#000000">
+<table border="0" cellpadding="2" cellspacing="0" width="100%">
+<tr>
+  <td align=center>
+  <h2>$gatewayname</h2>
+  </td>
+</tr>
+<tr>
+  <td align=center height="120">
+    <!--
+         A client is authenticated by requesting the page $authtarget.
+         So, href to it here, with an img or link text the user can click on.
+	 Also, note that any images you reference must reside in the
+	 subdirectory that is the value of $imagesdir (default: "images").
+    -->
+    <a href="$authtarget">
+      <img src="$imagesdir/wifidog.png" width="71" height="49" border="0"
+           alt="Click to enter" title="Click to enter"> 
+    </a>
+  </td>
+</tr>
+</body>
+</html>

ipkg/nodogsplash.conffiles

@@ -0,0 +1,4 @@
+/etc/nodogsplash/nodogsplash.conf
+/etc/nodogsplash/htdocs/splash.html
+/etc/init.d/S65nodogsplash
+

ipkg/nodogsplash.control

@@ -0,0 +1,7 @@
+Package: nodogsplash
+Priority: optional
+Section: net
+Maintainer: Paul Kube nodogsplash@kokoro.ucsd.edu
+Depends: iptables, iptables-mod-ipopt, libpthread
+Description: Nodogsplash is a simple configurable hotspot controller.
+

ipkg/rules

@@ -0,0 +1,112 @@
+#!/usr/bin/make -f
+
+ifndef BUILDROOT
+	ERR := $(error Please set BUILDROOT to OpenWRT's buildroot)
+endif
+
+ARCH:=mipsel
+
+NODOGSPLASH_MAJOR_VERSION := $(shell awk -F= '$$1 == "NODOGSPLASH_MAJOR_VERSION" {print $$2}' configure.in)
+NODOGSPLASH_MINOR_VERSION := $(shell awk -F= '$$1 == "NODOGSPLASH_MINOR_VERSION" {print $$2}' configure.in)
+VERSION=$(NODOGSPLASH_MAJOR_VERSION).$(NODOGSPLASH_MINOR_VERSION)
+
+BUILD_DIR:=$(CURDIR)/ipkg
+TMP_DIR:=$(BUILD_DIR)/tmp
+STAGING_DIR=$(BUILDROOT)/staging_dir_$(ARCH)
+IPKG_DIR := $(wildcard $(BUILDROOT)/build_$(ARCH)/ipkg-utils-*/)
+IPTABLES_DIR := $(wildcard $(BUILDROOT)/build_$(ARCH)/iptables-*/)
+KERNEL_VERSION := $(shell awk '$$1 == "\#define" && $$2 == "UTS_RELEASE" {gsub(/["]/, "", $$3); print $$3}' $(STAGING_DIR)/include/linux/version.h)
+KERNEL_MODULES_DIR := $(BUILDROOT)/build_$(ARCH)/linux-2.4-brcm/modules/lib/modules/$(KERNEL_VERSION)
+UCLIBC_DIR := $(wildcard $(BUILDROOT)/build_$(ARCH)/uClibc*/)
+
+GNU_TARGET_NAME=$(ARCH)-linux
+TARGET_CROSS=$(STAGING_DIR)/bin/$(ARCH)-linux-uclibc-
+
+CC=$(TARGET_CROSS)gcc
+LD=$(TARGET_CROSS)ld
+AR=$(TARGET_CROSS)ar
+RANLIB=$(TARGET_CROSS)ranlib
+STRIP=$(TARGET_CROSS)strip
+IPKG_BUILD=$(STAGING_DIR)/usr/bin/ipkg-build
+
+all: binary
+
+build: build-nodogsplash build-iptables build-ipkg-utils
+
+build-nodogsplash: build-nodogsplash-stamp
+build-nodogsplash-stamp:
+	-test -f autogen.sh && ./autogen.sh
+	-$(MAKE) distclean
+	CC=$(CC) LD=$(LD) AR=$(AR) RANLIB=$(RANLIB) ./configure --prefix=/  --host=$(ARCH) --target=$(ARCH)
+	$(MAKE)
+	touch build-nodogsplash-stamp
+
+build-ipkg-utils: $(IPKG_BUILD)
+
+build-ipkg-utils-stamp: 
+	$(MAKE) -C $(BUILDROOT) ipkg-utils
+	touch build-ipkg-utils-stamp
+
+build-iptables: build-iptables-stamp
+build-iptables-stamp:
+	sed "s/PF_EXT_SLIB:=icmp/PF_EXT_SLIB:=mac icmp/" $(IPTABLES_DIR)/extensions/Makefile > $(IPTABLES_DIR)/extensions/Makefile.patched
+	mv -f $(IPTABLES_DIR)/extensions/Makefile.patched $(IPTABLES_DIR)/extensions/Makefile
+	CC=$(CC) LD=$(LD) AR=$(AR) RANLIB=$(RANLIB) $(MAKE) -C $(IPTABLES_DIR) KERNEL_DIR=../../linux/linux/
+
+	touch build-iptables-stamp
+
+clean:
+	-$(MAKE) clean
+	-$(MAKE) distclean
+	-$(MAKE) -C $(IPTABLES_DIR) clean
+	rm -f $(BUILD_DIR)/*.~*~
+	rm -rf $(TMP_DIR)
+	rm -f build-nodogsplash-stamp
+	rm -f build-iptables-stamp
+	rm -f build-ipkg-utils-stamp
+
+install: build install-nodogsplash 
+	mkdir -p $(TMP_DIR)/etc/nodogsplash
+	cp $(CURDIR)/nodogsplash.conf $(TMP_DIR)/etc/nodogsplash
+	cp -r $(CURDIR)/htdocs $(TMP_DIR)/etc/nodogsplash
+	mkdir -p $(TMP_DIR)/etc/init.d
+	cp $(CURDIR)/scripts/init.d/S65nodogsplash $(TMP_DIR)/etc/init.d
+	chmod +x $(TMP_DIR)/etc/init.d/S65nodogsplash
+
+install-nodogsplash:
+	mkdir -p $(TMP_DIR)/usr/bin
+	cp $(CURDIR)/src/nodogsplash $(TMP_DIR)/usr/bin
+	cp $(CURDIR)/src/ndsctl $(TMP_DIR)/usr/bin
+	$(STRIP) $(TMP_DIR)/usr/bin/nodogsplash
+	$(STRIP) $(TMP_DIR)/usr/bin/ndsctl
+
+install-iptables:
+	mkdir -p $(TMP_DIR)/usr/lib/iptables
+	cp $(IPTABLES_DIR)/extensions/libipt_{mac,mark,MARK}.so $(TMP_DIR)/usr/lib/iptables
+
+install-kernel-modules:
+	mkdir -p $(TMP_DIR)/lib/modules/$(KERNEL_VERSION)/kernel/net/ipv4/netfilter
+	cp $(KERNEL_MODULES_DIR)/kernel/net/ipv4/netfilter/ipt_mac.o $(TMP_DIR)/lib/modules/$(KERNEL_VERSION)/kernel/net/ipv4/netfilter
+
+install-pthread:
+	mkdir -p $(TMP_DIR)/lib
+	cp $(UCLIBC_DIR)/lib/libpthread*so $(TMP_DIR)/lib
+	cp $(UCLIBC_DIR)/lib/libpthread*so.0 $(TMP_DIR)/lib
+
+binary: build install
+	mkdir -p $(TMP_DIR)/CONTROL
+	echo "Package: nodogsplash" > $(TMP_DIR)/CONTROL/control
+	echo "Version: $(VERSION)" >> $(TMP_DIR)/CONTROL/control
+	echo "Architecture: $(ARCH)" >> $(TMP_DIR)/CONTROL/control
+	echo "Section: net" >> $(TMP_DIR)/CONTROL/control
+	echo "Maintainer: Paul Kube <nodogsplash@kokoro.ucsd.edu>" >> $(TMP_DIR)/CONTROL/control
+	echo "Priority: optional" >> $(TMP_DIR)/CONTROL/control
+	echo "Description: Nodogsplash is a simple, configurable hotspot controller" >> $(TMP_DIR)/CONTROL/control
+	echo "Source: http://kokoro.ucsd.edu/nodogsplash" >> $(TMP_DIR)/CONTROL/control
+	echo "/etc/nodogsplash/nodogsplash.conf" > $(TMP_DIR)/CONTROL/conffiles
+	echo "/etc/nodogsplash/htdocs/splash.html" >> $(TMP_DIR)/CONTROL/conffiles
+	echo "/etc/init.d/S65nodogsplash" >> $(TMP_DIR)/CONTROL/conffiles
+	$(IPKG_BUILD) -c -o root -g root $(TMP_DIR) $(CURDIR)
+
+.PHONY: all clean build install binary
+

libhttpd/Makefile.am

@@ -0,0 +1,23 @@
+#
+# $Id: Makefile.am 901 2006-01-17 18:58:13Z mina $
+#
+
+lib_LTLIBRARIES = libhttpd.la
+
+libhttpd_la_SOURCES = protocol.c \
+	api.c \
+	version.c \
+	ip_acl.c
+
+noinst_HEADERS = httpd_priv.h
+
+pkginclude_HEADERS = httpd.h
+
+EXTRA_DIST = README
+
+#AM_CPPFLAGS = \
+#	-I${top_srcdir}/inc
+
+clean-local:
+	echo "clean-local: " && pwd
+	rm -f *~

libhttpd/Makefile.in

@@ -0,0 +1,404 @@
+# Makefile.in generated automatically by automake 1.4-p4 from Makefile.am
+
+# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+#
+# $Id: Makefile.am 901 2006-01-17 18:58:13Z mina $
+#
+
+
+SHELL = @SHELL@
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+VPATH = @srcdir@
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+
+bindir = @bindir@
+sbindir = @sbindir@
+libexecdir = @libexecdir@
+datadir = @datadir@
+sysconfdir = @sysconfdir@
+sharedstatedir = @sharedstatedir@
+localstatedir = @localstatedir@
+libdir = @libdir@
+infodir = @infodir@
+mandir = @mandir@
+includedir = @includedir@
+oldincludedir = /usr/include
+
+DESTDIR =
+
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+
+top_builddir = ..
+
+ACLOCAL = @ACLOCAL@
+AUTOCONF = @AUTOCONF@
+AUTOMAKE = @AUTOMAKE@
+AUTOHEADER = @AUTOHEADER@
+
+INSTALL = @INSTALL@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+transform = @program_transform_name@
+
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+host_alias = @host_alias@
+host_triplet = @host@
+AR = @AR@
+AS = @AS@
+BUILDROOT = @BUILDROOT@
+CC = @CC@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+DLLTOOL = @DLLTOOL@
+DOT = @DOT@
+DOXYGEN = @DOXYGEN@
+ECHO = @ECHO@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+GCJ = @GCJ@
+GCJFLAGS = @GCJFLAGS@
+HAVE_LIB = @HAVE_LIB@
+LIB = @LIB@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIB = @LTLIB@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+NODOGSPLASH_MAJOR_VERSION = @NODOGSPLASH_MAJOR_VERSION@
+NODOGSPLASH_MINOR_VERSION = @NODOGSPLASH_MINOR_VERSION@
+NODOGSPLASH_VERSION = @NODOGSPLASH_VERSION@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+RANLIB = @RANLIB@
+RC = @RC@
+STRIP = @STRIP@
+VERSION = @VERSION@
+enable_dot = @enable_dot@
+enable_html_docs = @enable_html_docs@
+enable_latex_docs = @enable_latex_docs@
+
+lib_LTLIBRARIES = libhttpd.la
+
+libhttpd_la_SOURCES = protocol.c 	api.c 	version.c 	ip_acl.c
+
+
+noinst_HEADERS = httpd_priv.h
+
+pkginclude_HEADERS = httpd.h
+
+EXTRA_DIST = README
+mkinstalldirs = $(SHELL) $(top_srcdir)/config/mkinstalldirs
+CONFIG_HEADER = ../config.h
+CONFIG_CLEAN_FILES = 
+LTLIBRARIES =  $(lib_LTLIBRARIES)
+
+
+DEFS = @DEFS@ -I. -I$(srcdir) -I..
+CPPFLAGS = @CPPFLAGS@
+LDFLAGS = @LDFLAGS@
+LIBS = @LIBS@
+libhttpd_la_LDFLAGS = 
+libhttpd_la_LIBADD = 
+libhttpd_la_OBJECTS =  protocol.lo api.lo version.lo ip_acl.lo
+CFLAGS = @CFLAGS@
+COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
+HEADERS =  $(noinst_HEADERS) $(pkginclude_HEADERS)
+
+DIST_COMMON =  README Makefile.am Makefile.in
+
+
+DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
+
+TAR = tar
+GZIP_ENV = --best
+DEP_FILES =  .deps/api.P .deps/ip_acl.P .deps/protocol.P .deps/version.P
+SOURCES = $(libhttpd_la_SOURCES)
+OBJECTS = $(libhttpd_la_OBJECTS)
+
+all: all-redirect
+.SUFFIXES:
+.SUFFIXES: .S .c .lo .o .obj .s
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) 
+	cd $(top_srcdir) && $(AUTOMAKE) --gnu libhttpd/Makefile
+
+Makefile: $(srcdir)/Makefile.in  $(top_builddir)/config.status $(BUILT_SOURCES)
+	cd $(top_builddir) \
+	  && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status
+
+
+mostlyclean-libLTLIBRARIES:
+
+clean-libLTLIBRARIES:
+	-test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+
+distclean-libLTLIBRARIES:
+
+maintainer-clean-libLTLIBRARIES:
+
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+	@$(NORMAL_INSTALL)
+	$(mkinstalldirs) $(DESTDIR)$(libdir)
+	@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+	  if test -f $$p; then \
+	    echo "$(LIBTOOL)  --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \
+	    $(LIBTOOL)  --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \
+	  else :; fi; \
+	done
+
+uninstall-libLTLIBRARIES:
+	@$(NORMAL_UNINSTALL)
+	list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+	  $(LIBTOOL)  --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \
+	done
+
+# FIXME: We should only use cygpath when building on Windows,
+# and only if it is available.
+.c.obj:
+	$(COMPILE) -c `cygpath -w $<`
+
+.s.o:
+	$(COMPILE) -c $<
+
+.S.o:
+	$(COMPILE) -c $<
+
+mostlyclean-compile:
+	-rm -f *.o core *.core
+	-rm -f *.$(OBJEXT)
+
+clean-compile:
+
+distclean-compile:
+	-rm -f *.tab.c
+
+maintainer-clean-compile:
+
+.s.lo:
+	$(LIBTOOL) --mode=compile $(COMPILE) -c $<
+
+.S.lo:
+	$(LIBTOOL) --mode=compile $(COMPILE) -c $<
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+
+distclean-libtool:
+
+maintainer-clean-libtool:
+
+libhttpd.la: $(libhttpd_la_OBJECTS) $(libhttpd_la_DEPENDENCIES)
+	$(LINK) -rpath $(libdir) $(libhttpd_la_LDFLAGS) $(libhttpd_la_OBJECTS) $(libhttpd_la_LIBADD) $(LIBS)
+
+install-pkgincludeHEADERS: $(pkginclude_HEADERS)
+	@$(NORMAL_INSTALL)
+	$(mkinstalldirs) $(DESTDIR)$(pkgincludedir)
+	@list='$(pkginclude_HEADERS)'; for p in $$list; do \
+	  if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \
+	  echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(pkgincludedir)/$$p"; \
+	  $(INSTALL_DATA) $$d$$p $(DESTDIR)$(pkgincludedir)/$$p; \
+	done
+
+uninstall-pkgincludeHEADERS:
+	@$(NORMAL_UNINSTALL)
+	list='$(pkginclude_HEADERS)'; for p in $$list; do \
+	  rm -f $(DESTDIR)$(pkgincludedir)/$$p; \
+	done
+
+tags: TAGS
+
+ID: $(HEADERS) $(SOURCES) $(LISP)
+	list='$(SOURCES) $(HEADERS)'; \
+	unique=`for i in $$list; do echo $$i; done | \
+	  awk '    { files[$$0] = 1; } \
+	       END { for (i in files) print i; }'`; \
+	here=`pwd` && cd $(srcdir) \
+	  && mkid -f$$here/ID $$unique $(LISP)
+
+TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) $(LISP)
+	tags=; \
+	here=`pwd`; \
+	list='$(SOURCES) $(HEADERS)'; \
+	unique=`for i in $$list; do echo $$i; done | \
+	  awk '    { files[$$0] = 1; } \
+	       END { for (i in files) print i; }'`; \
+	test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
+	  || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags  $$unique $(LISP) -o $$here/TAGS)
+
+mostlyclean-tags:
+
+clean-tags:
+
+distclean-tags:
+	-rm -f TAGS ID
+
+maintainer-clean-tags:
+
+distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
+
+subdir = libhttpd
+
+distdir: $(DISTFILES)
+	here=`cd $(top_builddir) && pwd`; \
+	top_distdir=`cd $(top_distdir) && pwd`; \
+	distdir=`cd $(distdir) && pwd`; \
+	cd $(top_srcdir) \
+	  && $(AUTOMAKE) --include-deps --build-dir=$$here --srcdir-name=$(top_srcdir) --output-dir=$$top_distdir --gnu libhttpd/Makefile
+	@for file in $(DISTFILES); do \
+	  d=$(srcdir); \
+	  if test -d $$d/$$file; then \
+	    cp -pr $$d/$$file $(distdir)/$$file; \
+	  else \
+	    test -f $(distdir)/$$file \
+	    || ln $$d/$$file $(distdir)/$$file 2> /dev/null \
+	    || cp -p $$d/$$file $(distdir)/$$file || :; \
+	  fi; \
+	done
+
+DEPS_MAGIC := $(shell mkdir .deps > /dev/null 2>&1 || :)
+
+-include $(DEP_FILES)
+
+mostlyclean-depend:
+
+clean-depend:
+
+distclean-depend:
+	-rm -rf .deps
+
+maintainer-clean-depend:
+
+%.o: %.c
+	@echo '$(COMPILE) -c $<'; \
+	$(COMPILE) -Wp,-MD,.deps/$(*F).pp -c $<
+	@-cp .deps/$(*F).pp .deps/$(*F).P; \
+	tr ' ' '\012' < .deps/$(*F).pp \
+	  | sed -e 's/^\\$$//' -e '/^$$/ d' -e '/:$$/ d' -e 's/$$/ :/' \
+	    >> .deps/$(*F).P; \
+	rm .deps/$(*F).pp
+
+%.lo: %.c
+	@echo '$(LTCOMPILE) -c $<'; \
+	$(LTCOMPILE) -Wp,-MD,.deps/$(*F).pp -c $<
+	@-sed -e 's/^\([^:]*\)\.o[ 	]*:/\1.lo \1.o :/' \
+	  < .deps/$(*F).pp > .deps/$(*F).P; \
+	tr ' ' '\012' < .deps/$(*F).pp \
+	  | sed -e 's/^\\$$//' -e '/^$$/ d' -e '/:$$/ d' -e 's/$$/ :/' \
+	    >> .deps/$(*F).P; \
+	rm -f .deps/$(*F).pp
+info-am:
+info: info-am
+dvi-am:
+dvi: dvi-am
+check-am: all-am
+check: check-am
+installcheck-am:
+installcheck: installcheck-am
+install-exec-am: install-libLTLIBRARIES
+install-exec: install-exec-am
+
+install-data-am: install-pkgincludeHEADERS
+install-data: install-data-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+install: install-am
+uninstall-am: uninstall-libLTLIBRARIES uninstall-pkgincludeHEADERS
+uninstall: uninstall-am
+all-am: Makefile $(LTLIBRARIES) $(HEADERS)
+all-redirect: all-am
+install-strip:
+	$(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
+installdirs:
+	$(mkinstalldirs)  $(DESTDIR)$(libdir) $(DESTDIR)$(pkgincludedir)
+
+
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-rm -f Makefile $(CONFIG_CLEAN_FILES)
+	-rm -f config.cache config.log stamp-h stamp-h[0-9]*
+
+maintainer-clean-generic:
+mostlyclean-am:  mostlyclean-libLTLIBRARIES mostlyclean-compile \
+		mostlyclean-libtool mostlyclean-tags mostlyclean-depend \
+		mostlyclean-generic
+
+mostlyclean: mostlyclean-am
+
+clean-am:  clean-libLTLIBRARIES clean-compile clean-libtool clean-tags \
+		clean-depend clean-generic mostlyclean-am clean-local
+
+clean: clean-am
+
+distclean-am:  distclean-libLTLIBRARIES distclean-compile \
+		distclean-libtool distclean-tags distclean-depend \
+		distclean-generic clean-am
+	-rm -f libtool
+
+distclean: distclean-am
+
+maintainer-clean-am:  maintainer-clean-libLTLIBRARIES \
+		maintainer-clean-compile maintainer-clean-libtool \
+		maintainer-clean-tags maintainer-clean-depend \
+		maintainer-clean-generic distclean-am
+	@echo "This command is intended for maintainers to use;"
+	@echo "it deletes files that may require special tools to rebuild."
+
+maintainer-clean: maintainer-clean-am
+
+.PHONY: mostlyclean-libLTLIBRARIES distclean-libLTLIBRARIES \
+clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \
+uninstall-libLTLIBRARIES install-libLTLIBRARIES mostlyclean-compile \
+distclean-compile clean-compile maintainer-clean-compile \
+mostlyclean-libtool distclean-libtool clean-libtool \
+maintainer-clean-libtool uninstall-pkgincludeHEADERS \
+install-pkgincludeHEADERS tags mostlyclean-tags distclean-tags \
+clean-tags maintainer-clean-tags distdir mostlyclean-depend \
+distclean-depend clean-depend maintainer-clean-depend info-am info \
+dvi-am dvi check check-am installcheck-am installcheck install-exec-am \
+install-exec install-data-am install-data install-am install \
+uninstall-am uninstall all-redirect all-am all installdirs \
+mostlyclean-generic distclean-generic clean-generic \
+maintainer-clean-generic clean mostlyclean distclean maintainer-clean
+
+
+#AM_CPPFLAGS = \
+#	-I${top_srcdir}/inc
+
+clean-local:
+	echo "clean-local: " && pwd
+	rm -f *~
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:

libhttpd/README

@@ -0,0 +1,23 @@
+
+Welcome to LibHTTPD, a library for the creation of embedded web servers.
+Complete documentation is available in the PDF file location in the doc
+directory.
+
+To build this software simply run
+
+	./configure
+	make all
+	make install
+
+The software will be compiled and installed into /usr/local/lib and
+/usr/local/include.  To use the software you will have to include the
+library's header file into your application and link against the library
+itself.  Details are privided in the documentation.
+
+This software has been developed by David J. Hughes (aka Bambi) of 
+Hughes Technologies in Australia.  You can always find a current verion
+of this software at www.Hughes.com.au
+
+This software is released under the GPL.  If you wish to incorporate
+this code in a commercial application then OEM licenses are available
+from Hughes Technology.  Please email info@Hughes.com.au for details.

libhttpd/httpd.h

@@ -0,0 +1,240 @@
+/*
+** Copyright (c) 2002  Hughes Technologies Pty Ltd.  All rights
+** reserved.
+**
+** Terms under which this software may be used or copied are
+** provided in the  specific license associated with this product.
+**
+** hUghes Technologies disclaims all warranties with regard to this
+** software, including all implied warranties of merchantability and
+** fitness, in no event shall Hughes Technologies be liable for any
+** special, indirect or consequential damages or any damages whatsoever
+** resulting from loss of use, data or profits, whether in an action of
+** contract, negligence or other tortious action, arising out of or in
+** connection with the use or performance of this software.
+**
+**
+** $Id: httpd.h 274 2004-11-17 23:54:25Z alexcv $
+**
+*/
+
+/*
+**  libhttpd Header File
+*/
+
+
+/***********************************************************************
+** Standard header preamble.  Ensure singular inclusion, setup for
+** function prototypes and c++ inclusion
+*/
+
+#ifndef LIB_HTTPD_H
+
+#define LIB_HTTPD_H 1
+
+#if !defined(__ANSI_PROTO)
+#if defined(_WIN32) || defined(__STDC__) || defined(__cplusplus)
+#  define __ANSI_PROTO(x)       x
+#else
+#  define __ANSI_PROTO(x)       ()
+#endif
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+
+/***********************************************************************
+** Macro Definitions
+*/
+
+
+#define	HTTP_PORT 		80
+#define HTTP_MAX_LEN		10240
+#define HTTP_MAX_URL		1024
+#define HTTP_MAX_HEADERS	1024
+#define HTTP_MAX_AUTH		128
+#define	HTTP_IP_ADDR_LEN	17
+#define	HTTP_TIME_STRING_LEN	40
+#define	HTTP_READ_BUF_LEN	4096
+#define	HTTP_ANY_ADDR		NULL
+
+#define	HTTP_GET		1
+#define	HTTP_POST		2
+
+#define	HTTP_TRUE		1
+#define HTTP_FALSE		0
+
+#define	HTTP_FILE		1
+#define HTTP_C_FUNCT		2
+#define HTTP_EMBER_FUNCT	3
+#define HTTP_STATIC		4
+#define HTTP_WILDCARD		5
+#define HTTP_C_WILDCARD		6
+
+#define HTTP_METHOD_ERROR "\n<B>ERROR : Method Not Implemented</B>\n\n"
+
+#define httpdRequestMethod(s) 		s->request.method
+#define httpdRequestPath(s)		s->request.path
+#define httpdRequestContentType(s)	s->request.contentType
+#define httpdRequestContentLength(s)	s->request.contentLength
+
+#define HTTP_ACL_PERMIT		1
+#define HTTP_ACL_DENY		2
+
+
+
+extern char 	LIBHTTPD_VERSION[],
+		LIBHTTPD_VENDOR[];
+
+/***********************************************************************
+** Type Definitions
+*/
+
+typedef	struct {
+	int	method,
+		contentLength,
+		authLength;
+	char	path[HTTP_MAX_URL],
+		host[HTTP_MAX_URL], /* acv@acv.ca/wifidog: Added decoding
+				       of host: header if present. */
+		userAgent[HTTP_MAX_URL],
+		referer[HTTP_MAX_URL],
+		ifModified[HTTP_MAX_URL],
+		contentType[HTTP_MAX_URL],
+		authUser[HTTP_MAX_AUTH],
+		authPassword[HTTP_MAX_AUTH];
+} httpReq;
+
+
+typedef struct _httpd_var{
+	char	*name,
+		*value;
+	struct	_httpd_var 	*nextValue,
+				*nextVariable;
+} httpVar;
+
+typedef struct _httpd_content{
+	char	*name;
+	int	type,
+		indexFlag;
+	void	(*function)();
+	char	*data,
+		*path;
+	int	(*preload)();
+	struct	_httpd_content 	*next;
+} httpContent;
+
+typedef struct {
+	int		responseLength;
+	httpContent	*content;
+	char		headersSent,
+			headers[HTTP_MAX_HEADERS],
+			response[HTTP_MAX_URL],
+			contentType[HTTP_MAX_URL];
+} httpRes;
+
+
+typedef struct _httpd_dir{
+	char	*name;
+	struct	_httpd_dir *children,
+			*next;
+	struct	_httpd_content *entries;
+} httpDir;
+
+
+typedef struct ip_acl_s{
+        int     addr;
+        char    len,
+                action;
+        struct  ip_acl_s *next;
+} httpAcl;
+
+typedef struct _httpd_404 {
+	void	(*function)();
+} http404;
+
+typedef struct {
+	int	port,
+		serverSock,
+		startTime,
+		lastError;
+	char	fileBasePath[HTTP_MAX_URL],
+		*host;
+	httpDir	*content;
+	httpAcl	*defaultAcl;
+	http404  *handle404;
+	FILE	*accessLog,
+		*errorLog;
+} httpd;
+
+typedef struct {
+	int	clientSock,
+		readBufRemain;
+	httpReq	request;
+	httpRes response;
+	httpVar	*variables;
+	char	readBuf[HTTP_READ_BUF_LEN + 1],
+		*readBufPtr,
+		clientAddr[HTTP_IP_ADDR_LEN];
+} request;
+
+/***********************************************************************
+** Function Prototypes
+*/
+
+
+int httpdAddCContent __ANSI_PROTO((httpd*,char*,char*,int,int(*)(),void(*)()));
+int httpdAddFileContent __ANSI_PROTO((httpd*,char*,char*,int,int(*)(),char*));
+int httpdAddStaticContent __ANSI_PROTO((httpd*,char*,char*,int,int(*)(),char*));
+int httpdAddWildcardContent __ANSI_PROTO((httpd*,char*,int(*)(),char*));
+int httpdAddCWildcardContent __ANSI_PROTO((httpd*,char*,int(*)(),void(*)()));
+int httpdAddVariable __ANSI_PROTO((request*, char*, char*));
+request *httpdGetConnection __ANSI_PROTO((httpd*, struct timeval*));
+int httpdReadRequest __ANSI_PROTO((httpd*, request*));
+int httpdCheckAcl __ANSI_PROTO((httpd*, request *, httpAcl*));
+int httpdAddC404Content __ANSI_PROTO((httpd*,void(*)()));
+
+char *httpdRequestMethodName __ANSI_PROTO((request*));
+char *httpdUrlEncode __ANSI_PROTO((char *));
+char *httpdUrlDecode __ANSI_PROTO((char *));
+
+void httpdAddHeader __ANSI_PROTO((request*, char*));
+void httpdSetContentType __ANSI_PROTO((request*, char*));
+void httpdSetResponse __ANSI_PROTO((request*, char*));
+void httpdEndRequest __ANSI_PROTO((request*));
+
+httpd *httpdCreate __ANSI_PROTO(());
+void httpdFreeVariables __ANSI_PROTO((request*));
+void httpdDumpVariables __ANSI_PROTO((request*));
+void httpdOutput __ANSI_PROTO((request*, char*));
+void httpdPrintf __ANSI_PROTO((request*, char*, ...));
+void httpdProcessRequest __ANSI_PROTO((httpd*, request *));
+void httpdSendHeaders __ANSI_PROTO((request*));
+void httpdSetFileBase __ANSI_PROTO((httpd*, char*));
+void httpdSetCookie __ANSI_PROTO((request*, char*, char*));
+
+void httpdSetErrorLog __ANSI_PROTO((httpd*, FILE*));
+void httpdSetAccessLog __ANSI_PROTO((httpd*, FILE*));
+void httpdSetDefaultAcl __ANSI_PROTO((httpd*, httpAcl*));
+
+httpVar	*httpdGetVariableByName __ANSI_PROTO((request*, char*));
+httpVar	*httpdGetVariableByPrefix __ANSI_PROTO((request*, char*));
+httpVar	*httpdGetVariableByPrefixedName __ANSI_PROTO((request*, char*, char*));
+httpVar *httpdGetNextVariableByPrefix __ANSI_PROTO((httpVar*, char*));
+
+httpAcl *httpdAddAcl __ANSI_PROTO((httpd*, httpAcl*, char*, int));
+
+
+/***********************************************************************
+** Standard header file footer.  
+*/
+
+#ifdef __cplusplus
+	}
+#endif /* __cplusplus */
+#endif /* file inclusion */
+
+

libhttpd/httpd_priv.h

@@ -0,0 +1,83 @@
+/*
+** Copyright (c) 2002  Hughes Technologies Pty Ltd.  All rights
+** reserved.
+**
+** Terms under which this software may be used or copied are
+** provided in the  specific license associated with this product.
+**
+** Hughes Technologies disclaims all warranties with regard to this
+** software, including all implied warranties of merchantability and
+** fitness, in no event shall Hughes Technologies be liable for any
+** special, indirect or consequential damages or any damages whatsoever
+** resulting from loss of use, data or profits, whether in an action of
+** contract, negligence or other tortious action, arising out of or in
+** connection with the use or performance of this software.
+**
+**
+** $Id: httpd_priv.h 274 2004-11-17 23:54:25Z alexcv $
+**
+*/
+
+/*
+**  libhttpd Private Header File
+*/
+
+
+/***********************************************************************
+** Standard header preamble.  Ensure singular inclusion, setup for
+** function prototypes and c++ inclusion
+*/
+
+#ifndef LIB_HTTPD_PRIV_H
+
+#define LIB_HTTPD_H_PRIV 1
+
+#if !defined(__ANSI_PROTO)
+#if defined(_WIN32) || defined(__STDC__) || defined(__cplusplus)
+#  define __ANSI_PROTO(x)       x
+#else
+#  define __ANSI_PROTO(x)       ()
+#endif
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+#define	LEVEL_NOTICE	"notice"
+#define LEVEL_ERROR	"error"
+
+char * _httpd_unescape __ANSI_PROTO((char*));
+char *_httpd_escape __ANSI_PROTO((char*));
+char _httpd_from_hex  __ANSI_PROTO((char));
+
+
+void _httpd_catFile __ANSI_PROTO((request*, char*));
+void _httpd_send403 __ANSI_PROTO((request*));
+void _httpd_send404 __ANSI_PROTO((httpd*, request*));
+void _httpd_sendText __ANSI_PROTO((request*, char*));
+void _httpd_sendFile __ANSI_PROTO((httpd*, request*, char*));
+void _httpd_sendStatic __ANSI_PROTO((httpd*, request *, char*));
+void _httpd_sendHeaders __ANSI_PROTO((request*, int, int);)
+void _httpd_sanitiseUrl __ANSI_PROTO((char*));
+void _httpd_freeVariables __ANSI_PROTO((httpVar*));
+void _httpd_formatTimeString __ANSI_PROTO((char*, int));
+void _httpd_storeData __ANSI_PROTO((request*, char*));
+void _httpd_writeAccessLog __ANSI_PROTO((httpd*, request*));
+void _httpd_writeErrorLog __ANSI_PROTO((httpd*, request *, char*, char*));
+
+
+int _httpd_net_read __ANSI_PROTO((int, char*, int));
+int _httpd_net_write __ANSI_PROTO((int, char*, int));
+int _httpd_readBuf __ANSI_PROTO((request*, char*, int));
+int _httpd_readChar __ANSI_PROTO((request*, char*));
+int _httpd_readLine __ANSI_PROTO((request*, char*, int));
+int _httpd_checkLastModified __ANSI_PROTO((request*, int));
+int _httpd_sendDirectoryEntry __ANSI_PROTO((httpd*, request *r, httpContent*,
+			char*));
+
+httpContent *_httpd_findContentEntry __ANSI_PROTO((request*, httpDir*, char*));
+httpDir *_httpd_findContentDir __ANSI_PROTO((httpd*, char*, int));
+
+#endif  /* LIB_HTTPD_PRIV_H */

libhttpd/ip_acl.c

@@ -0,0 +1,224 @@
+/*
+** Copyright (c) 2002  Hughes Technologies Pty Ltd.  All rights
+** reserved.
+**
+** Terms under which this software may be used or copied are
+** provided in the  specific license associated with this product.
+**
+** Hughes Technologies disclaims all warranties with regard to this
+** software, including all implied warranties of merchantability and
+** fitness, in no event shall Hughes Technologies be liable for any
+** special, indirect or consequential damages or any damages whatsoever
+** resulting from loss of use, data or profits, whether in an action of
+** contract, negligence or other tortious action, arising out of or in
+** connection with the use or performance of this software.
+**
+**
+** $Id: ip_acl.c 274 2004-11-17 23:54:25Z alexcv $
+**
+*/
+
+#include "config.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#if defined(_WIN32)
+#else
+#include <unistd.h>
+#endif
+
+#include "httpd.h"
+#include "httpd_priv.h"
+
+
+/**************************************************************************
+** GLOBAL VARIABLES
+**************************************************************************/
+
+
+/**************************************************************************
+** PRIVATE ROUTINES
+**************************************************************************/
+
+static int scanCidr(val, result, length)
+	char	*val;
+	u_int	*result,
+		*length;
+{
+	u_int	res, res1, res2, res3, res4, res5;
+	char	*cp;
+
+	cp = val;
+	res1 = atoi(cp);
+	cp = index(cp,'.');
+	if (!cp)
+		return(-1);
+	cp++;
+	res2 = atoi(cp);
+	cp = index(cp,'.');
+	if (!cp)
+		return(-1);
+	cp++;
+	res3 = atoi(cp);
+	cp = index(cp,'.');
+	if (!cp)
+		return(-1);
+	cp++;
+	res4 = atoi(cp);
+	cp = index(cp,'/');
+	if (!cp)
+	{
+		res5 = 32;
+	}
+	else
+	{
+		cp++;
+		res5 = atoi(cp);
+	}
+
+	if (res1>255 || res2>255 || res3>255 || res4>255 || res5>32)
+	{
+		return(-1);
+	}
+	res = (res1 << 24) + (res2 << 16) + (res3 << 8) + res4;
+	*result = res;
+	*length = res5;
+	return(0);
+}
+
+
+static int _isInCidrBlock(httpd *server, request *r, int addr1, int len1,
+		int addr2, int len2)
+{
+	int	count,
+		mask;
+
+	/* if (addr1 == 0 && len1 == 0)
+	{
+		return(1);
+	}*/
+
+	if(len2 < len1)
+	{
+		_httpd_writeErrorLog(server, r, LEVEL_ERROR,
+		    "IP Address must be more specific than network block");
+		return(0);
+	}
+
+	mask = count = 0;
+	while(count < len1)
+	{
+		mask = (mask << 1) + 1;
+		count++;
+	}
+	mask = mask << (32 - len1);
+	if ( (addr1 & mask) == (addr2 & mask))
+	{
+		return(1);
+	}
+	else
+	{
+		return(0);
+	}
+}
+
+
+/**************************************************************************
+** PUBLIC ROUTINES
+**************************************************************************/
+
+httpAcl *httpdAddAcl(server, acl, cidr, action)
+	httpd	*server;
+	httpAcl	*acl;
+        char	*cidr;
+	int	action;
+{
+	httpAcl	*cur;
+	int	addr,
+		len;
+
+	/*
+	** Check the ACL info is reasonable
+	*/
+	if(scanCidr(cidr, &addr, &len) < 0)
+	{
+		_httpd_writeErrorLog(server, NULL, LEVEL_ERROR,
+			"Invalid IP address format");
+		return(NULL);
+	}
+	if (action != HTTP_ACL_PERMIT && action != HTTP_ACL_DENY)
+	{
+		_httpd_writeErrorLog(server, NULL, LEVEL_ERROR,
+			"Invalid acl action");
+		return(NULL);
+	}
+
+	/*
+	** Find a spot to put this ACE
+	*/	
+	if (acl)
+	{
+		cur = acl;
+		while(cur->next)
+		{
+			cur = cur->next;
+		}
+		cur->next = (httpAcl*)malloc(sizeof(httpAcl));
+		cur = cur->next;
+	}
+	else
+	{
+		cur = (httpAcl*)malloc(sizeof(httpAcl));
+		acl = cur;
+	}
+
+	/*
+	** Add the details and return
+	*/
+	cur->addr = addr;
+	cur->len = len;
+	cur->action = action;
+	cur->next = NULL;
+	return(acl);
+}
+
+
+int httpdCheckAcl(httpd *server, request *r, httpAcl *acl)
+{
+	httpAcl	*cur;
+	int	addr, len,
+		res,
+		action;
+
+
+	action = HTTP_ACL_DENY;
+	scanCidr(r->clientAddr, &addr, &len);
+	cur = acl;
+	while(cur)
+	{
+		res = _isInCidrBlock(server, r, cur->addr, cur->len, addr, len);
+		if (res == 1)
+		{
+			action = cur->action;
+			break;
+		}
+		cur = cur->next;
+	}
+	if (action == HTTP_ACL_DENY)
+	{
+		_httpd_send403(r);
+		_httpd_writeErrorLog(server, r, LEVEL_ERROR,
+    			"Access denied by ACL");
+	}
+	return(action);
+}
+
+
+void httpdSetDefaultAcl(server, acl)
+	httpd	*server;
+	httpAcl	*acl;
+{
+	server->defaultAcl = acl;
+}

libhttpd/protocol.c

@@ -0,0 +1,790 @@
+/*
+** Copyright (c) 2002  Hughes Technologies Pty Ltd.  All rights
+** reserved.
+**
+** Terms under which this software may be used or copied are
+** provided in the  specific license associated with this product.
+**
+** Hughes Technologies disclaims all warranties with regard to this
+** software, including all implied warranties of merchantability and
+** fitness, in no event shall Hughes Technologies be liable for any
+** special, indirect or consequential damages or any damages whatsoever
+** resulting from loss of use, data or profits, whether in an action of
+** contract, negligence or other tortious action, arising out of or in
+** connection with the use or performance of this software.
+**
+**
+** $Id: protocol.c 935 2006-02-01 03:22:04Z benoitg $
+**
+*/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <time.h>
+
+#if defined(_WIN32) 
+#else
+#include <unistd.h>
+#include <sys/file.h>
+#endif
+
+#include "config.h"
+#include "httpd.h"
+#include "httpd_priv.h"
+
+int _httpd_net_read(sock, buf, len)
+	int	sock;
+	char	*buf;
+	int	len;
+{
+#if defined(_WIN32) 
+	return( recv(sock, buf, len, 0));
+#else
+	/*return( read(sock, buf, len));*/
+	/* XXX Select based IO */
+
+	int		nfds;
+	fd_set		readfds;
+	struct timeval	timeout;
+	
+	FD_ZERO(&readfds);
+	FD_SET(sock, &readfds);
+	timeout.tv_sec = 10;
+	timeout.tv_usec = 0;
+	nfds = sock + 1;
+
+	nfds = select(nfds, &readfds, NULL, NULL, &timeout);
+
+	if (nfds > 0) {
+		return(read(sock, buf, len));
+	}
+	return(nfds);
+#endif
+}
+
+
+int _httpd_net_write(sock, buf, len)
+	int	sock;
+	char	*buf;
+	int	len;
+{
+#if defined(_WIN32) 
+	return( send(sock, buf, len, 0));
+#else
+	return( write(sock, buf, len));
+#endif
+}
+
+int _httpd_readChar(request *r, char *cp)
+{
+	if (r->readBufRemain == 0)
+	{
+		bzero(r->readBuf, HTTP_READ_BUF_LEN + 1);
+		r->readBufRemain = _httpd_net_read(r->clientSock, 
+			r->readBuf, HTTP_READ_BUF_LEN);
+		if (r->readBufRemain < 1)
+			return(0);
+		r->readBuf[r->readBufRemain] = 0;
+		r->readBufPtr = r->readBuf;
+	}
+	*cp = *r->readBufPtr++;
+	r->readBufRemain--;
+	return(1);
+}
+
+
+int _httpd_readLine(request *r, char *destBuf, int len)
+{
+	char	curChar,
+		*dst;
+	int	count;
+	
+
+	count = 0;
+	dst = destBuf;
+	while(count < len)
+	{
+		if (_httpd_readChar(r, &curChar) < 1)
+			return(0);
+		// Fixed by Mina - if we read binary junk it's probably not a regular HTTP client
+		//if (curChar == '\n')
+		if (curChar == '\n' || !isascii(curChar))
+		{
+			*dst = 0;
+			return(1);
+		}
+		if (curChar == '\r')
+		{
+			continue;
+		}
+		else
+		{
+			*dst++ = curChar;
+			count++;
+		}
+	}
+	*dst = 0;
+	return(1);
+}
+
+
+int _httpd_readBuf(request *r, char *destBuf, int len)
+{
+	char	curChar,
+		*dst;
+	int	count;
+	
+
+	count = 0;
+	dst = destBuf;
+	while(count < len)
+	{
+		if (_httpd_readChar(r, &curChar) < 1)
+			return(0);
+		*dst++ = curChar;
+		count++;
+	}
+	return(1);
+}
+
+void _httpd_writeAccessLog(httpd *server, request *r)
+{
+	char	dateBuf[30];
+	struct 	tm *timePtr;
+	time_t	clock;
+	int	responseCode;
+
+
+	if (server->accessLog == NULL)
+		return;
+	clock = time(NULL);
+	timePtr = localtime(&clock);
+	strftime(dateBuf, 30, "%d/%b/%Y:%T %Z",  timePtr);
+	responseCode = atoi(r->response.response);
+	fprintf(server->accessLog, "%s - - [%s] %s \"%s\" %d %d\n", 
+		r->clientAddr, dateBuf, httpdRequestMethodName(r), 
+		httpdRequestPath(r), responseCode, 
+		r->response.responseLength);
+}
+
+void _httpd_writeErrorLog(httpd *server, request *r, char *level, char *message)
+{
+	char	dateBuf[30];
+	struct 	tm *timePtr;
+	time_t	clock;
+
+
+	if (server->errorLog == NULL)
+		return;
+	clock = time(NULL);
+	timePtr = localtime(&clock);
+	strftime(dateBuf, 30, "%a %b %d %T %Y",  timePtr);
+	if (r != NULL && *r->clientAddr != 0)
+	{
+		fprintf(server->errorLog, "[%s] [%s] [client %s] %s\n",
+			dateBuf, level, r->clientAddr, message);
+	}
+	else
+	{
+		fprintf(server->errorLog, "[%s] [%s] %s\n",
+			dateBuf, level, message);
+	}
+}
+
+
+
+int _httpd_decode (bufcoded, bufplain, outbufsize)
+	char *		bufcoded;
+	char *		bufplain;
+	int		outbufsize;
+{
+	static char six2pr[64] = {
+    		'A','B','C','D','E','F','G','H','I','J','K','L','M',
+    		'N','O','P','Q','R','S','T','U','V','W','X','Y','Z',
+    		'a','b','c','d','e','f','g','h','i','j','k','l','m',
+    		'n','o','p','q','r','s','t','u','v','w','x','y','z',
+    		'0','1','2','3','4','5','6','7','8','9','+','/'   
+	};
+  
+	static unsigned char pr2six[256];
+
+	/* single character decode */
+#	define DEC(c) pr2six[(int)c]
+#	define _DECODE_MAXVAL 63
+
+	static int first = 1;
+
+	int nbytesdecoded, j;
+	register char *bufin = bufcoded;
+	register char *bufout = bufplain;
+	register int nprbytes;
+
+	/*
+	** If this is the first call, initialize the mapping table.
+	** This code should work even on non-ASCII machines.
+	*/
+	if(first) 
+	{
+		first = 0;
+		for(j=0; j<256; j++) pr2six[j] = _DECODE_MAXVAL+1;
+		for(j=0; j<64; j++) pr2six[(int)six2pr[j]] = (unsigned char)j;
+	}
+
+   	/* Strip leading whitespace. */
+
+   	while(*bufcoded==' ' || *bufcoded == '\t') bufcoded++;
+
+	/*
+	** Figure out how many characters are in the input buffer.
+	** If this would decode into more bytes than would fit into
+	** the output buffer, adjust the number of input bytes downwards.
+	*/
+	bufin = bufcoded;
+	while(pr2six[(int)*(bufin++)] <= _DECODE_MAXVAL);
+	nprbytes = bufin - bufcoded - 1;
+	nbytesdecoded = ((nprbytes+3)/4) * 3;
+	if(nbytesdecoded > outbufsize) 
+	{
+		nprbytes = (outbufsize*4)/3;
+	}
+	bufin = bufcoded;
+   
+	while (nprbytes > 0) 
+	{
+		*(bufout++)=(DEC(*bufin)<<2|DEC(bufin[1])>>4);
+		*(bufout++)=(DEC(bufin[1])<<4|DEC(bufin[2])>>2);
+		*(bufout++)=(DEC(bufin[2])<<6|DEC(bufin[3]));
+		bufin += 4;
+		nprbytes -= 4;
+	}
+	if(nprbytes & 03) 
+	{
+		if(pr2six[(int)bufin[-2]] > _DECODE_MAXVAL) 
+		{
+			nbytesdecoded -= 2;
+		}
+		else 
+		{
+			nbytesdecoded -= 1;
+		}
+	}
+	bufplain[nbytesdecoded] = 0;
+	return(nbytesdecoded);
+}
+
+
+
+char _httpd_from_hex (c)
+        char    c;
+{
+    return  c >= '0' && c <= '9' ?  c - '0'
+            : c >= 'A' && c <= 'F'? c - 'A' + 10
+            : c - 'a' + 10;     /* accept small letters just in case */
+}
+
+char * _httpd_unescape(str)
+        char    *str;
+{
+    char * p = str;
+    char * q = str;
+    static char blank[] = "";
+
+    if (!str)
+        return(blank);
+    while(*p) {
+        if (*p == '%') {
+            p++;
+            if (*p) *q = _httpd_from_hex(*p++) * 16;
+            if (*p) *q = (*q + _httpd_from_hex(*p++));
+            q++;
+        } else {
+            if (*p == '+') {
+                *q++ = ' ';
+                p++;
+            } else {
+                *q++ = *p++;
+              }
+        }
+    }
+
+    *q++ = 0;
+    return str;
+} 
+
+
+void _httpd_freeVariables(var)
+	httpVar	*var;
+{
+	httpVar	*curVar, *lastVar;
+
+	if (var == NULL)
+		return;
+	_httpd_freeVariables(var->nextVariable);
+	var->nextVariable = NULL;
+	curVar = var;
+	while(curVar)
+	{
+		lastVar = curVar;
+		curVar = curVar->nextValue;
+		free(lastVar->name);
+		free(lastVar->value);
+		free(lastVar);
+	}
+	return;
+}
+
+void _httpd_storeData(request *r, char *query)
+{
+        char    *cp,
+		*cp2,
+                *var,
+                *val,
+		*tmpVal;
+
+        if (!query)
+                return;
+
+	var = (char *)malloc(strlen(query));
+	
+	cp = query;
+	cp2 = var;
+        bzero(var, strlen(query));
+	val = NULL;
+        while(*cp)
+        {
+                if (*cp == '=')
+                {
+                        cp++;
+			*cp2 = 0;
+                        val = cp;
+                        continue;
+                }
+                if (*cp == '&')
+                {
+			*cp = 0;
+			tmpVal = _httpd_unescape(val);
+			httpdAddVariable(r, var, tmpVal);
+                        cp++;
+                        cp2 = var;
+			val = NULL;
+                        continue;
+                }
+		if (val)
+		{
+			cp++;
+		}
+		else
+		{
+                	*cp2 = *cp++;
+            /*
+			if (*cp2 == '.')
+			{
+				strcpy(cp2,"_dot_");
+				cp2 += 5;
+			}
+			else
+			{
+            */
+				cp2++;
+            /*
+			}
+            */
+		}
+        }
+    if (val != NULL) {
+	    *cp = 0;
+	    tmpVal = _httpd_unescape(val);
+	    httpdAddVariable(r, var, tmpVal);
+    }
+	free(var);
+}
+
+
+void _httpd_formatTimeString(char *ptr, int clock)
+{
+	struct 	tm *timePtr;
+
+	if (clock == 0)
+		clock = time(NULL);
+	timePtr = gmtime((time_t*)&clock);
+	strftime(ptr, HTTP_TIME_STRING_LEN,"%a, %d %b %Y %T GMT",timePtr);
+}
+
+
+void _httpd_sendHeaders(request *r, int contentLength, int modTime)
+{
+	char	tmpBuf[80],
+		timeBuf[HTTP_TIME_STRING_LEN];
+
+	if(r->response.headersSent)
+		return;
+
+	r->response.headersSent = 1;
+	_httpd_net_write(r->clientSock, "HTTP/1.0 ", 9);
+	_httpd_net_write(r->clientSock, r->response.response, 
+		strlen(r->response.response));
+	_httpd_net_write(r->clientSock, r->response.headers, 
+		strlen(r->response.headers));
+
+	_httpd_formatTimeString(timeBuf, 0);
+	_httpd_net_write(r->clientSock,"Date: ", 6);
+	_httpd_net_write(r->clientSock, timeBuf, strlen(timeBuf));
+	_httpd_net_write(r->clientSock, "\n", 1);
+
+	_httpd_net_write(r->clientSock, "Connection: close\n", 18);
+	_httpd_net_write(r->clientSock, "Content-Type: ", 14);
+	_httpd_net_write(r->clientSock, r->response.contentType, 
+		strlen(r->response.contentType));
+	_httpd_net_write(r->clientSock, "\n", 1);
+
+	if (contentLength > 0)
+	{
+		_httpd_net_write(r->clientSock, "Content-Length: ", 16);
+		snprintf(tmpBuf, sizeof(tmpBuf), "%d", contentLength);
+		_httpd_net_write(r->clientSock, tmpBuf, strlen(tmpBuf));
+		_httpd_net_write(r->clientSock, "\n", 1);
+
+		_httpd_formatTimeString(timeBuf, modTime);
+		_httpd_net_write(r->clientSock, "Last-Modified: ", 15);
+		_httpd_net_write(r->clientSock, timeBuf, strlen(timeBuf));
+		_httpd_net_write(r->clientSock, "\n", 1);
+	}
+	_httpd_net_write(r->clientSock, "\n", 1);
+}
+
+httpDir *_httpd_findContentDir(server, dir, createFlag)
+	httpd	*server;
+	char	*dir;
+	int	createFlag;
+{
+	char	buffer[HTTP_MAX_URL],
+		*curDir;
+	httpDir	*curItem,
+		*curChild;
+
+	strncpy(buffer, dir, HTTP_MAX_URL);
+	curItem = server->content;
+	curDir = strtok(buffer,"/");
+	while(curDir)
+	{
+		curChild = curItem->children;
+		while(curChild)
+		{
+			if (strcmp(curChild->name, curDir) == 0)
+				break;
+			curChild = curChild->next;
+		}
+		if (curChild == NULL)
+		{
+			if (createFlag == HTTP_TRUE)
+			{
+				curChild = malloc(sizeof(httpDir));
+				bzero(curChild, sizeof(httpDir));
+				curChild->name = strdup(curDir);
+				curChild->next = curItem->children;
+				curItem->children = curChild;
+			}
+			else
+			{
+				return(NULL);
+			}
+		}
+		curItem = curChild;
+		curDir = strtok(NULL,"/");
+	}
+	return(curItem);
+}
+
+
+httpContent *_httpd_findContentEntry(request *r, httpDir *dir, char *entryName)
+{
+	httpContent *curEntry;
+
+	curEntry = dir->entries;
+	while(curEntry)
+	{
+		if (curEntry->type == HTTP_WILDCARD || 
+		    curEntry->type ==HTTP_C_WILDCARD)
+			break;
+		if (*entryName == 0 && curEntry->indexFlag)
+			break;
+		if (strcmp(curEntry->name, entryName) == 0)
+			break;
+		curEntry = curEntry->next;
+	}
+	if (curEntry)
+		r->response.content = curEntry;
+	return(curEntry);
+}
+
+
+void _httpd_send304(request *r)
+{
+	httpdSetResponse(r, "304 Not Modified\n");
+	_httpd_sendHeaders(r,0,0);
+}
+
+
+void _httpd_send403(request *r)
+{
+	httpdSetResponse(r, "403 Permission Denied\n");
+	_httpd_sendHeaders(r,0,0);
+	_httpd_sendText(r,
+		"<HTML><HEAD><TITLE>403 Permission Denied</TITLE></HEAD>\n");
+	_httpd_sendText(r,
+		"<BODY><H1>Access to the request URL was denied!</H1>\n");
+}
+
+
+void _httpd_send404(httpd *server, request *r)
+{
+	char	msg[HTTP_MAX_URL];
+
+	snprintf(msg, HTTP_MAX_URL,
+		"File does not exist: %s\n", r->request.path);
+	_httpd_writeErrorLog(server, r, LEVEL_ERROR, msg);
+
+	if (server->handle404 && server->handle404->function) {
+		/*
+		 * There's a custom C 404 handler defined with httpdAddC404Content
+		 */
+		(server->handle404->function)(server, r);
+	}
+	else {
+		/*
+		 * Send stock 404
+		 */
+		httpdSetResponse(r, "404 Not Found\n");
+		_httpd_sendHeaders(r,0,0);
+		_httpd_sendText(r,
+			"<HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD>\n");
+		_httpd_sendText(r,
+			"<BODY><H1>The request URL was not found!</H1>\n");
+		_httpd_sendText(r, "</BODY></HTML>\n");
+	}
+}
+
+
+void _httpd_catFile(request *r, char *path)
+{
+	int	fd,
+		len;
+	char	buf[HTTP_MAX_LEN];
+
+	fd = open(path,O_RDONLY);
+	if (fd < 0)
+		return;
+	len = read(fd, buf, HTTP_MAX_LEN);
+	while(len > 0)
+	{
+		r->response.responseLength += len;
+		_httpd_net_write(r->clientSock, buf, len);
+		len = read(fd, buf, HTTP_MAX_LEN);
+	}
+	close(fd);
+}
+
+
+void _httpd_sendStatic(httpd *server, request *r, char *data)
+{
+	if (_httpd_checkLastModified(r, server->startTime) == 0)
+	{
+		_httpd_send304(r);
+	}
+	_httpd_sendHeaders(r, server->startTime, strlen(data));
+	httpdOutput(r, data);
+}
+
+
+
+void _httpd_sendFile(httpd *server, request *r, char *path)
+{
+	char	*suffix;
+	struct 	stat sbuf;
+
+	suffix = rindex(path, '.');
+	if (suffix != NULL)
+	{
+		if (strcasecmp(suffix,".gif") == 0) 
+			strcpy(r->response.contentType,"image/gif");
+		if (strcasecmp(suffix,".jpg") == 0) 
+			strcpy(r->response.contentType,"image/jpeg");
+		if (strcasecmp(suffix,".xbm") == 0) 
+			strcpy(r->response.contentType,"image/xbm");
+		if (strcasecmp(suffix,".png") == 0) 
+			strcpy(r->response.contentType,"image/png");
+	}
+	if (stat(path, &sbuf) < 0)
+	{
+		_httpd_send404(server, r);
+		return;
+	}
+	if (_httpd_checkLastModified(r, sbuf.st_mtime) == 0)
+	{
+		_httpd_send304(r);
+	}
+	else
+	{
+		_httpd_sendHeaders(r, sbuf.st_size, sbuf.st_mtime);
+		_httpd_catFile(r, path);
+	}
+}
+
+
+int _httpd_sendDirectoryEntry(httpd *server, request *r, httpContent *entry,
+		char *entryName)
+{
+	char		path[HTTP_MAX_URL];
+
+	snprintf(path, HTTP_MAX_URL, "%s/%s", entry->path, entryName);
+	_httpd_sendFile(server, r, path);
+	return(0);
+}
+
+
+void _httpd_sendText(request *r, char *msg)
+{
+	r->response.responseLength += strlen(msg);
+	_httpd_net_write(r->clientSock,msg,strlen(msg));
+}
+
+
+int _httpd_checkLastModified(request *r, int modTime)
+{
+	char 	timeBuf[HTTP_TIME_STRING_LEN];
+
+	_httpd_formatTimeString(timeBuf, modTime);
+	if (strcmp(timeBuf, r->request.ifModified) == 0)
+		return(0);
+	return(1);
+}
+
+
+static unsigned char isAcceptable[96] =
+
+/* Overencodes */
+#define URL_XALPHAS     (unsigned char) 1
+#define URL_XPALPHAS    (unsigned char) 2
+
+/*      Bit 0           xalpha          -- see HTFile.h
+**      Bit 1           xpalpha         -- as xalpha but with plus.
+**      Bit 2 ...       path            -- as xpalpha but with /
+** N.B.: changed to disallow space, /
+*/
+    /*   0 1 2 3 4 5 6 7 8 9 A B C D E F */
+    {    0,0,0,0,0,0,0,0,0,0,7,0,0,7,7,0,       /* 2x   !"#$%&'()*+,-./ */
+         7,7,7,7,7,7,7,7,7,7,0,0,0,0,0,0,       /* 3x  0123456789:;<=>?  */
+         7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,       /* 4x  @ABCDEFGHIJKLMNO */
+         7,7,7,7,7,7,7,7,7,7,7,0,0,0,0,7,       /* 5X  PQRSTUVWXYZ[\]^_ */
+         0,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,       /* 6x  `abcdefghijklmno */
+         7,7,7,7,7,7,7,7,7,7,7,0,0,0,0,0 };     /* 7X  pqrstuvwxyz{\}~ DEL */
+ 
+#define ACCEPTABLE(a)   ( a>=32 && a<128 && ((isAcceptable[a-32]) & mask))
+
+static char *hex = "0123456789ABCDEF";
+
+
+char *_httpd_escape(str)
+        char *str;
+{
+    unsigned char mask = URL_XPALPHAS;
+    char * p;
+    char * q;
+    char * result;
+    int unacceptable = 0;
+    for(p=str; *p; p++)
+        if (!ACCEPTABLE((unsigned char)*p))
+                unacceptable +=2;
+    result = (char *) malloc(p-str + unacceptable + 1);
+    bzero(result,(p-str + unacceptable + 1));
+
+    if (result == NULL)
+    {
+	return(NULL);
+    }
+    for(q=result, p=str; *p; p++) {
+        unsigned char a = *p;
+        if (!ACCEPTABLE(a)) {
+            *q++ = '%';  /* Means hex commming */
+            *q++ = hex[a >> 4];
+            *q++ = hex[a & 15];
+        }
+        else *q++ = *p;
+    }
+    *q++ = 0;                   /* Terminate */
+    return result;
+}
+
+
+
+void _httpd_sanitiseUrl(url)
+	char	*url;
+{
+	char	*from,
+		*to,
+		*last;
+
+	/*
+	** Remove multiple slashes
+	*/
+	from = to = url;
+	while(*from)
+	{
+		if (*from == '/' && *(from+1) == '/')
+		{
+			from++;
+			continue;
+		}
+		*to = *from;
+		to++;
+		from++;
+	}
+	*to = 0;
+
+
+	/*
+	** Get rid of ./ sequences
+	*/
+	from = to = url;
+	while(*from)
+	{
+		if (*from == '/' && *(from+1) == '.' && *(from+2)=='/')
+		{
+			from += 2;
+			continue;
+		}
+		*to = *from;
+		to++;
+		from++;
+	}
+	*to = 0;
+
+
+	/*
+	** Catch use of /../ sequences and remove them.  Must track the
+	** path structure and remove the previous path element.
+	*/
+	from = to = last = url;
+	while(*from)
+	{
+		if (*from == '/' && *(from+1) == '.' && 
+			*(from+2)=='.' && *(from+3)=='/')
+		{
+			to = last;
+			from += 3;
+			continue;
+		}
+		if (*from == '/')
+		{
+			last = to;
+		}
+		*to = *from;
+		to++;
+		from++;
+	}
+	*to = 0;
+}

libhttpd/version.c

@@ -0,0 +1,23 @@
+/*
+** Copyright (c) 2002  Hughes Technologies Pty Ltd.  All rights
+** reserved.
+**
+** Terms under which this software may be used or copied are
+** provided in the  specific license associated with this product.
+**
+** Hughes Technologies disclaims all warranties with regard to this
+** software, including all implied warranties of merchantability and
+** fitness, in no event shall Hughes Technologies be liable for any
+** special, indirect or consequential damages or any damages whatsoever
+** resulting from loss of use, data or profits, whether in an action of
+** contract, negligence or other tortious action, arising out of or in
+** connection with the use or performance of this software.
+**
+**
+** $Id: version.c 87 2004-04-19 05:24:36Z benoitg $
+**
+*/
+
+char    LIBHTTPD_VERSION[] =  "1.3",
+        LIBHTTPD_VENDOR[] =   "Hughes Technologies Pty Ltd";
+

nodogsplash.conf

@@ -0,0 +1,143 @@
+#
+# Nodogsplash Configuration File
+#
+
+# Parameter: GatewayInterface
+# Default: NONE
+#
+# This is not autodetected, has no default, and must be set here.
+# Set GatewayInterface to the interface on your router
+# that is to be managed by nodogsplash.
+# Typically eth1 for wifi on OpenWrt.
+
+GatewayInterface eth1
+
+# FirewallRuleSet: authenticated-users
+#
+# Control routing for users after authentication.
+# These rules are inserted at the beginning of the
+# FORWARD chain of the router's filter table, and
+# apply to packets that have come in to the router
+# over the GatewayInterface from MAC addresses that
+# have authenticated with nodogsplash, and that are
+# destined to be routed through the router.  The rules are
+# considered in order, and the first rule that matches
+# a packet applies to it. A packet that does not match 
+# any rule here is REJECTed.
+
+FirewallRuleSet authenticated-users {
+
+ # You may want to open access to a machine on a local
+ # subnet that is otherwise blocked (for example, to
+ # serve a redirect page; see RedirectURL).  If so,
+ # allow that explicitly here, e.g:
+ #  FirewallRule allow tcp port 80 to 192.168.254.254
+
+ # Your router may have several interfaces, and you
+ # probably want to keep them private from the GatewayInterface.
+ # If so, you should block the entire subnets on those interfaces, e.g.:
+    FirewallRule block to 192.168.0.0/16
+    FirewallRule block to 10.0.0.0/8
+
+ # Nodogsplash automatically allows port 53 udp and tcp for DNS.
+ # However you will probably want to open up other ports for
+ # authenticated users; e.g. http, https, ssh:
+    FirewallRule allow tcp port 80
+    FirewallRule allow tcp port 443
+    FirewallRule allow tcp port 22
+
+}
+# end FirewallRuleSet authenticated-users
+
+
+# Parameter: GatewayName
+# Default: NoDogSplash
+#
+# Set  GatewayName to the name of your gateway.  This value
+# will be available as variable $gatewayname in the splash page source
+# and in status output from ndsctl, but otherwise doesn't matter.
+# If none is supplied, the value "NoDogSplash" is used.
+
+# GatewayName NoDogSplash
+
+# Parameter: GatewayAddress
+# Default: Discovered from GatewayInterface
+#
+# This should be autodetected on an OpenWRT system, but if not:
+# Set GatewayAddress to the IP address of the router on
+# the GatewayInterface.
+
+# GatewayAddress 192.168.1.1
+
+# Parameter: ExternalInterface
+# Default: Autodetected from /proc/net/route
+#
+# This should be autodetected on a OpenWRT system, but if not:
+# Set ExtrnalInterface to the 'external' interface on your router, 
+# i.e. the one which provides the default route to the internet.
+# Typically vlan1 for OpenWRT.
+
+# ExternalInterface vlan1
+
+# Parameter: RedirectURL
+# Default: none
+#
+# After authentication, normally a user is redirected 
+# to their initially requested page. 
+# If RedirectURL is set, the user is redirected to this URL instead.
+# 
+# RedirectURL http://www.ilesansfil.org/
+
+# Parameter: GatewayPort
+# Default: 2050
+#
+# nodogsplash's own http server uses GatewayAddress as its IP address.
+# The port it listens to at that IP can be set here; default is 2050.
+
+# GatewayPort 2050
+
+# Parameter: MaxClients
+# Default: 20
+#
+# Set MaxClients to the maximum number of users allowed to 
+# connect at any time.  (Does not include users on the TrustedMACList,
+# who do not authenticate.)
+
+# MaxClients 20
+
+# ClientIdleTimeout
+# Parameter: ClientIdleTimeout
+# Default: 10
+#
+# Set ClientIdleTimeout to the desired of number of minutes
+# of inactivity before a user is automatically 'deauthenticated'.
+
+# ClientIdleTimeout 10
+
+# Parameter: ClientForceTimeout
+# Default: 360
+#
+# Set ClientForceTimeout to the desired number of minutes before
+# a user is automatically 'deauthenticated', whether active or not
+
+# ClientForceTimeout 360
+
+# Parameter: BlockedMACList
+# Default: none
+#
+# Comma-separated list of MAC addresses who will be completely blocked
+# from the GatewayInterface.
+# N.B.: weak security, since MAC addresses are easy to spoof.
+
+# BlockedMACList 00:00:DE:AD:BE:EF,00:00:C0:1D:F0:0D
+
+# Parameter: TrustedMACList
+# Default: none
+#
+# Comma-separated list of MAC addresses who are not subject to
+# authentication, and are not restricted by the authenticated-users
+# FirewallRuleSet.
+# N.B.: weak security, since MAC addresses are easy to spoof.
+
+# TrustedMACList 00:00:CA:FE:BA:BE, 00:00:C0:01:D0:0D
+

nodogsplash.spec.in

@@ -0,0 +1,62 @@
+
+%define name nodogsplash
+%define lib_name libhttpd
+%define version @VERSION@
+%define release 0
+
+Summary:  Nodogsplash is a simple hotspot firewall controller.
+Name: %{name}
+Version: %{version}
+Release: %{release}
+Source: http://kokoro.ucsd.edu/nodogsplash/%{name}-%{version}.tar.gz
+Group: Applications/System
+License: GPL
+BuildRoot: %{_tmppath}/%{name}-%{version}-root
+Prereq: /sbin/ldconfig
+
+%description
+Nodogsplash is a simple hotspot firewall controller.
+
+%prep
+%setup -q
+
+%build
+%configure
+%make
+
+%install
+rm -rf $RPM_BUILD_ROOT
+mkdir -p $RPM_BUILD_ROOT%{_prefix}
+
+
+# Will this overide previous config file?
+mkdir -p $RPM_BUILD_ROOT/etc
+cp nodogsplash.conf $RPM_BUILD_ROOT/etc
+mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d
+cp scripts/init.d/nodogsplash $RPM_BUILD_ROOT/etc/rc.d/init.d
+chmod +x $RPM_BUILD_ROOT/etc/rc.d/init.d/nodogsplash
+
+%makeinstall
+
+%post
+/sbin/ldconfig
+%_post_service nodogsplash
+
+%postun
+/sbin/ldconfig
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+
+%files
+%defattr(-,root,root,0755)
+%doc AUTHORS COPYING ChangeLog INSTALL NEWS README FAQ doc/html
+%config /etc/nodogsplash.conf 
+%config /etc/rc.d/init.d/nodogsplash
+%{_bindir}/*
+%{_libdir}/*.a
+%{_libdir}/*.la
+%{_libdir}/*.so*
+%{_includedir}/*
+

scripts/.svn/all-wcprops

@@ -0,0 +1,5 @@
+K 25
+svn:wc:ra_dav:version-url
+V 39
+/svn/!svn/ver/816/trunk/wifidog/scripts
+END

scripts/.svn/entries

@@ -0,0 +1,34 @@
+8
+
+dir
+1161
+https://dev.wifidog.org/svn/trunk/wifidog/scripts
+https://dev.wifidog.org/svn
+
+
+
+2005-11-02T00:48:45.000000Z
+816
+aprilp
+
+
+svn:special svn:externals svn:needs-lock
+
+
+
+
+
+
+
+
+
+
+
+4c0ea164-750a-0410-922a-bd9993033959
+
+init.d
+dir
+
+openwrt
+dir
+

scripts/.svn/format

@@ -0,0 +1 @@
+8

scripts/init.d/.svn/all-wcprops

@@ -0,0 +1,11 @@
+K 25
+svn:wc:ra_dav:version-url
+V 46
+/svn/!svn/ver/816/trunk/wifidog/scripts/init.d
+END
+wifidog
+K 25
+svn:wc:ra_dav:version-url
+V 54
+/svn/!svn/ver/816/trunk/wifidog/scripts/init.d/wifidog
+END

scripts/init.d/.svn/entries

@@ -0,0 +1,41 @@
+8
+
+dir
+1161
+https://dev.wifidog.org/svn/trunk/wifidog/scripts/init.d
+https://dev.wifidog.org/svn
+
+
+
+2005-11-02T00:48:45.000000Z
+816
+aprilp
+
+
+svn:special svn:externals svn:needs-lock
+
+
+
+
+
+
+
+
+
+
+
+4c0ea164-750a-0410-922a-bd9993033959
+
+wifidog
+file
+
+
+
+
+2006-09-10T20:33:21.000000Z
+0a456a8fa3913e53ed48d19d58bf7f93
+2005-11-02T00:48:45.000000Z
+816
+aprilp
+has-props
+

scripts/init.d/.svn/format

@@ -0,0 +1 @@
+8

scripts/init.d/.svn/prop-base/wifidog.svn-base

@@ -0,0 +1,9 @@
+K 13
+svn:eol-style
+V 6
+native
+K 12
+svn:keywords
+V 23
+Author Date Id Revision
+END

scripts/init.d/.svn/text-base/wifidog.svn-base

@@ -0,0 +1,200 @@
+#!/bin/sh
+#
+# Could be better, but it's working as expected
+#
+# 
+#
+# chkconfig: 345 65 35
+#
+# description: Startup/shutdown script for Wifidog captive portal
+# processname: wifidog
+
+# Date    : 2004-08-25
+# Version : 1.0
+
+IPT=/usr/sbin/iptables
+WD_DIR=/usr/bin
+OPTIONS=""
+
+case "$1" in
+  start)
+    echo "Starting Wifidog ... "
+    if $WD_DIR/wdctl status 2> /dev/null
+    then
+	echo "FAILED:  Wifidog already running"
+    else
+        $0 test-module
+	if $WD_DIR/wifidog $OPTIONS
+	then
+		echo "OK"
+	else
+		echo "FAILED:  Wifidog exited with non 0 status"
+	fi
+    fi
+    ;;
+  restart)
+    $0 stop
+    sleep 2
+    $0 start
+    ;;
+  reload)
+    $0 stop
+    sleep 2
+    $0 start
+    ;;
+  stop)
+    echo "Stopping Wifidog ... "
+    if $WD_DIR/wdctl status 2> /dev/null
+    then
+       	if $WD_DIR/wdctl stop
+	then
+		echo "OK"
+	else
+		echo "FAILED:  wdctl stop exited with non 0 status"
+	fi
+       
+    else
+       echo "FAILED:  Wifidog was not running"
+    fi
+    ;;
+  status)
+    $WD_DIR/wdctl status
+    ;;
+  debug|test-module)
+
+    ### Test ipt_mark with iptables
+    test_ipt_mark () {
+      IPTABLES_OK=$($IPT -A FORWARD -m mark --mark 2 -j ACCEPT 2>&1 | grep "No chain.target.match")
+      if [ -z "$IPTABLES_OK" ]; then
+        $IPT -D FORWARD -m mark --mark 2 -j ACCEPT 2>&1
+        echo 1
+      else
+        echo 0
+      fi
+    }
+    ### Test ipt_mac with iptables
+    test_ipt_mac () {
+      IPTABLES_OK=$($IPT -A INPUT -m mac --mac-source 00:00:00:00:00:00 -j ACCEPT 2>&1 | grep "No chain.target.match")
+      if [ -z "$IPTABLES_OK" ]; then
+        $IPT -D INPUT -m mac --mac-source 00:00:00:00:00:00 -j ACCEPT 2>&1
+        echo 1
+      else
+        echo 0
+      fi
+    }
+
+    ### Test ipt_REDIRECT with iptables
+    test_ipt_REDIRECT () {
+      IPTABLES_OK=$($IPT -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 2060 2>&1 | grep "No chain.target.match")
+      if [ -z "$IPTABLES_OK" ]; then
+        $IPT -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 2060 2>&1
+        echo 1
+      else
+        echo 0
+      fi
+    }
+
+    ### Find a module on disk
+    module_exists () {
+    echo " Looking for a module on disk"
+      EXIST=$(find /lib/modules/`uname -r` -name $1.*o 2>/dev/null)
+      if [ -n "$EXIST" ]; then
+        echo 1
+      else
+        echo 0
+      fi
+    }
+
+    ### Test if a module is in memory
+    module_in_memory () {
+      MODULE=$(lsmod | grep $1 | awk '{print $1}')
+      if [ "$MODULE" = "$1" ]; then
+        echo 1
+      else
+        echo 0
+      fi
+    }
+
+    echo "Testing for iptables modules"
+
+    echo "  Testing ipt_mac"
+    TEST_IPT_MAC=$(test_ipt_mac)
+    if [ "$TEST_IPT_MAC" = "0" ]; then
+      echo "   iptables is not working with ipt_mac"
+      echo "   Scanning disk for ipt_mac module"
+      TEST_IPT_MAC_MODULE_EXISTS=$(module_exists "ipt_mac")
+      if [ "$TEST_IPT_MAC_MODULE_EXISTS" = "0" ]; then
+        echo "   ipt_mac module is missing, please install it (kernel or module)"
+        exit
+      else
+        echo "   ipt_mac module exists, trying to load"
+        insmod ipt_mac > /dev/null
+        TEST_IPT_MAC_MODULE_MEMORY=$(module_in_memory "ipt_mac")
+        if [ "$TEST_IPT_MAC_MODULE_MEMORY" = "0" ]; then
+          echo "  Error: ipt_mac not loaded"
+          exit
+        else
+          echo "  ipt_mac loaded sucessfully"
+        fi
+      fi
+    else
+      echo "   ipt_mac  module is working"
+    fi
+
+    echo "  Testing ipt_mark"
+    TEST_IPT_MARK=$(test_ipt_mark)
+    if [ "$TEST_IPT_MARK" = "0" ]; then
+      echo "   iptables is not working with ipt_mark"
+      echo "   Scanning disk for ipt_mark module"
+      TEST_IPT_MARK_MODULE_EXISTS=$(module_exists "ipt_mark")
+      if [ "$TEST_IPT_MARK_MODULE_EXISTS" = "0" ]; then
+        echo "   iptables ipt_mark module missing, please install it (kernel or module)"
+        exit
+      else
+        echo "   ipt_mark module exists, trying to load"
+        insmod ipt_mark
+        TEST_IPT_MARK_MODULE_MEMORY=$(module_in_memory "ipt_mark")
+        if [ "$TEST_IPT_MARK_MODULE_MEMORY" = "0" ]; then
+          echo "   Error: ipt_mark not loaded"
+          exit
+        else
+          echo "   ipt_mark loaded sucessfully"
+        fi
+      fi
+      else
+    echo "   ipt_mark module is working"
+    fi
+
+    echo "  Testing ipt_REDIRECT"
+    TEST_IPT_MAC=$(test_ipt_REDIRECT)
+    if [ "$TEST_IPT_MAC" = "0" ]; then
+      echo "   iptables is not working with ipt_REDIRECT"
+      echo "   Scanning disk for ipt_REDIRECT module"
+      TEST_IPT_MAC_MODULE_EXISTS=$(module_exists "ipt_REDIRECT")
+      if [ "$TEST_IPT_MAC_MODULE_EXISTS" = "0" ]; then
+        echo "   ipt_REDIRECT module is missing, please install it (kernel or module)"
+        exit
+      else
+        echo "   ipt_REDIRECT module exists, trying to load"
+        insmod ipt_REDIRECT > /dev/null
+        TEST_IPT_MAC_MODULE_MEMORY=$(module_in_memory "ipt_REDIRECT")
+        if [ "$TEST_IPT_MAC_MODULE_MEMORY" = "0" ]; then
+          echo "  Error: ipt_REDIRECT not loaded"
+          exit
+        else
+          echo "  ipt_REDIRECT loaded sucessfully"
+        fi
+      fi
+    else
+      echo "   ipt_REDIRECT  module is working"
+    fi
+
+    ;;
+
+  *)
+   echo "Usage: $0 {start|stop|restart|reload|status|test-module}"
+   exit 1
+   ;;
+esac
+
+

scripts/init.d/S65nodogsplash

@@ -0,0 +1,200 @@
+#!/bin/sh
+#
+# description: Startup/shutdown script for nodogsplash captive portal
+#
+# P. Kube 2007
+#
+# (Based on wifidog startup script
+# Date    : 2004-08-25
+# Version : 1.0
+# Comment by that author: Could be better, but it's working as expected)
+#
+
+
+IPT=/usr/sbin/iptables
+WD_DIR=/usr/bin
+OPTIONS=""
+# -f -d 7 runs in foreground, with level 7 (verbose) debug messages to terminal
+# N.B.: -f will fail if starting at boot from rcS
+#OPTIONS="-f -d 7"
+
+case "$1" in
+  start)
+    echo "Starting nodogsplash ... "
+    if $WD_DIR/ndsctl status 2> /dev/null
+    then
+	echo "FAILED:  nodogsplash already running"
+    else
+        $0 test-module
+	if $WD_DIR/nodogsplash $OPTIONS
+	then
+		echo "OK: nodogsplash started"
+	else
+		echo "FAILED:  nodogsplash exited with non 0 status"
+	fi
+    fi
+    ;;
+  restart)
+    $0 stop
+    sleep 2
+    $0 start
+    ;;
+  reload)
+    $0 stop
+    sleep 2
+    $0 start
+    ;;
+  stop)
+    echo "Stopping nodogsplash ... "
+    if $WD_DIR/ndsctl status 2> /dev/null
+    then
+       	if $WD_DIR/ndsctl stop
+	then
+		echo "OK: nodogsplash stopped"
+	else
+		echo "FAILED:  ndsctl stop exited with non 0 status"
+	fi
+       
+    else
+       echo "FAILED:  nodogsplash was not running"
+    fi
+    ;;
+  status)
+    $WD_DIR/ndsctl status
+    ;;
+  debug|test-module)
+
+    ### Test ipt_mark with iptables
+    test_ipt_mark () {
+      IPTABLES_OK=$($IPT -A FORWARD -m mark --mark 2 -j ACCEPT 2>&1 | grep "No chain.target.match")
+      if [ -z "$IPTABLES_OK" ]; then
+        $IPT -D FORWARD -m mark --mark 2 -j ACCEPT 2>&1
+        echo 1
+      else
+        echo 0
+      fi
+    }
+    ### Test ipt_mac with iptables
+    test_ipt_mac () {
+      IPTABLES_OK=$($IPT -A INPUT -m mac --mac-source 00:00:00:00:00:00 -j ACCEPT 2>&1 | grep "No chain.target.match")
+      if [ -z "$IPTABLES_OK" ]; then
+        $IPT -D INPUT -m mac --mac-source 00:00:00:00:00:00 -j ACCEPT 2>&1
+        echo 1
+      else
+        echo 0
+      fi
+    }
+
+    ### Test ipt_REDIRECT with iptables
+    test_ipt_REDIRECT () {
+      IPTABLES_OK=$($IPT -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 2050 2>&1 | grep "No chain.target.match")
+      if [ -z "$IPTABLES_OK" ]; then
+        $IPT -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 2050 2>&1
+        echo 1
+      else
+        echo 0
+      fi
+    }
+
+    ### Find a module on disk
+    module_exists () {
+    echo " Looking for a module on disk"
+      EXIST=$(find /lib/modules/`uname -r` -name $1.*o 2>/dev/null)
+      if [ -n "$EXIST" ]; then
+        echo 1
+      else
+        echo 0
+      fi
+    }
+
+    ### Test if a module is in memory
+    module_in_memory () {
+      MODULE=$(lsmod | grep $1 | awk '{print $1}')
+      if [ "$MODULE" = "$1" ]; then
+        echo 1
+      else
+        echo 0
+      fi
+    }
+
+    echo "Testing for iptables modules"
+
+    echo "  Testing ipt_mac"
+    TEST_IPT_MAC=$(test_ipt_mac)
+    if [ "$TEST_IPT_MAC" = "0" ]; then
+      echo "   iptables is not working with ipt_mac"
+      echo "   Scanning disk for ipt_mac module"
+      TEST_IPT_MAC_MODULE_EXISTS=$(module_exists "ipt_mac")
+      if [ "$TEST_IPT_MAC_MODULE_EXISTS" = "0" ]; then
+        echo "   ipt_mac module is missing, please install it (kernel or module)"
+        exit
+      else
+        echo "   ipt_mac module exists, trying to load"
+        insmod ipt_mac > /dev/null
+        TEST_IPT_MAC_MODULE_MEMORY=$(module_in_memory "ipt_mac")
+        if [ "$TEST_IPT_MAC_MODULE_MEMORY" = "0" ]; then
+          echo "  Error: ipt_mac not loaded"
+          exit
+        else
+          echo "  ipt_mac loaded sucessfully"
+        fi
+      fi
+    else
+      echo "   ipt_mac  module is working"
+    fi
+
+    echo "  Testing ipt_mark"
+    TEST_IPT_MARK=$(test_ipt_mark)
+    if [ "$TEST_IPT_MARK" = "0" ]; then
+      echo "   iptables is not working with ipt_mark"
+      echo "   Scanning disk for ipt_mark module"
+      TEST_IPT_MARK_MODULE_EXISTS=$(module_exists "ipt_mark")
+      if [ "$TEST_IPT_MARK_MODULE_EXISTS" = "0" ]; then
+        echo "   iptables ipt_mark module missing, please install it (kernel or module)"
+        exit
+      else
+        echo "   ipt_mark module exists, trying to load"
+        insmod ipt_mark
+        TEST_IPT_MARK_MODULE_MEMORY=$(module_in_memory "ipt_mark")
+        if [ "$TEST_IPT_MARK_MODULE_MEMORY" = "0" ]; then
+          echo "   Error: ipt_mark not loaded"
+          exit
+        else
+          echo "   ipt_mark loaded sucessfully"
+        fi
+      fi
+      else
+    echo "   ipt_mark module is working"
+    fi
+
+    echo "  Testing ipt_REDIRECT"
+    TEST_IPT_MAC=$(test_ipt_REDIRECT)
+    if [ "$TEST_IPT_MAC" = "0" ]; then
+      echo "   iptables is not working with ipt_REDIRECT"
+      echo "   Scanning disk for ipt_REDIRECT module"
+      TEST_IPT_MAC_MODULE_EXISTS=$(module_exists "ipt_REDIRECT")
+      if [ "$TEST_IPT_MAC_MODULE_EXISTS" = "0" ]; then
+        echo "   ipt_REDIRECT module is missing, please install it (kernel or module)"
+        exit
+      else
+        echo "   ipt_REDIRECT module exists, trying to load"
+        insmod ipt_REDIRECT > /dev/null
+        TEST_IPT_MAC_MODULE_MEMORY=$(module_in_memory "ipt_REDIRECT")
+        if [ "$TEST_IPT_MAC_MODULE_MEMORY" = "0" ]; then
+          echo "  Error: ipt_REDIRECT not loaded"
+          exit
+        else
+          echo "  ipt_REDIRECT loaded sucessfully"
+        fi
+      fi
+    else
+      echo "   ipt_REDIRECT  module is working"
+    fi
+
+    ;;
+
+  *)
+   echo "Usage: $0 {start|stop|restart|reload|status|test-module}"
+   exit 1
+   ;;
+esac

scripts/init.d/S65nodogsplash.~1~

@@ -0,0 +1,200 @@
+#!/bin/sh
+#
+# description: Startup/shutdown script for nodogsplash captive portal
+#
+# P. Kube 2007
+#
+# (Based on wifidog startup script
+# Date    : 2004-08-25
+# Version : 1.0
+# Comment by that author: Could be better, but it's working as expected)
+#
+
+
+IPT=/usr/sbin/iptables
+WD_DIR=/usr/bin
+OPTIONS=""
+# -f -d 7 runs in foreground, with level 7 (verbose) debug messages to terminal
+# N.B.: -f will fail if starting at boot from rcS
+#OPTIONS="-f -d 7"
+
+case "$1" in
+  start)
+    echo "Starting nodogsplash ... "
+    if $WD_DIR/ndsctl status 2> /dev/null
+    then
+	echo "FAILED:  nodogsplash already running"
+    else
+        $0 test-module
+	if $WD_DIR/nodogsplash $OPTIONS
+	then
+		echo "OK: nodogsplash started"
+	else
+		echo "FAILED:  nodogsplash exited with non 0 status"
+	fi
+    fi
+    ;;
+  restart)
+    $0 stop
+    sleep 2
+    $0 start
+    ;;
+  reload)
+    $0 stop
+    sleep 2
+    $0 start
+    ;;
+  stop)
+    echo "Stopping nodogsplash ... "
+    if $WD_DIR/ndsctl status 2> /dev/null
+    then
+       	if $WD_DIR/ndsctl stop
+	then
+		echo "OK: nodogsplash stopped"
+	else
+		echo "FAILED:  ndsctl stop exited with non 0 status"
+	fi
+       
+    else
+       echo "FAILED:  nodogsplash was not running"
+    fi
+    ;;
+  status)
+    $WD_DIR/ndsctl status
+    ;;
+  debug|test-module)
+
+    ### Test ipt_mark with iptables
+    test_ipt_mark () {
+      IPTABLES_OK=$($IPT -A FORWARD -m mark --mark 2 -j ACCEPT 2>&1 | grep "No chain.target.match")
+      if [ -z "$IPTABLES_OK" ]; then
+        $IPT -D FORWARD -m mark --mark 2 -j ACCEPT 2>&1
+        echo 1
+      else
+        echo 0
+      fi
+    }
+    ### Test ipt_mac with iptables
+    test_ipt_mac () {
+      IPTABLES_OK=$($IPT -A INPUT -m mac --mac-source 00:00:00:00:00:00 -j ACCEPT 2>&1 | grep "No chain.target.match")
+      if [ -z "$IPTABLES_OK" ]; then
+        $IPT -D INPUT -m mac --mac-source 00:00:00:00:00:00 -j ACCEPT 2>&1
+        echo 1
+      else
+        echo 0
+      fi
+    }
+
+    ### Test ipt_REDIRECT with iptables
+    test_ipt_REDIRECT () {
+      IPTABLES_OK=$($IPT -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 2060 2>&1 | grep "No chain.target.match")
+      if [ -z "$IPTABLES_OK" ]; then
+        $IPT -t nat -D PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 2060 2>&1
+        echo 1
+      else
+        echo 0
+      fi
+    }
+
+    ### Find a module on disk
+    module_exists () {
+    echo " Looking for a module on disk"
+      EXIST=$(find /lib/modules/`uname -r` -name $1.*o 2>/dev/null)
+      if [ -n "$EXIST" ]; then
+        echo 1
+      else
+        echo 0
+      fi
+    }
+
+    ### Test if a module is in memory
+    module_in_memory () {
+      MODULE=$(lsmod | grep $1 | awk '{print $1}')
+      if [ "$MODULE" = "$1" ]; then
+        echo 1
+      else
+        echo 0
+      fi
+    }
+
+    echo "Testing for iptables modules"
+
+    echo "  Testing ipt_mac"
+    TEST_IPT_MAC=$(test_ipt_mac)
+    if [ "$TEST_IPT_MAC" = "0" ]; then
+      echo "   iptables is not working with ipt_mac"
+      echo "   Scanning disk for ipt_mac module"
+      TEST_IPT_MAC_MODULE_EXISTS=$(module_exists "ipt_mac")
+      if [ "$TEST_IPT_MAC_MODULE_EXISTS" = "0" ]; then
+        echo "   ipt_mac module is missing, please install it (kernel or module)"
+        exit
+      else
+        echo "   ipt_mac module exists, trying to load"
+        insmod ipt_mac > /dev/null
+        TEST_IPT_MAC_MODULE_MEMORY=$(module_in_memory "ipt_mac")
+        if [ "$TEST_IPT_MAC_MODULE_MEMORY" = "0" ]; then
+          echo "  Error: ipt_mac not loaded"
+          exit
+        else
+          echo "  ipt_mac loaded sucessfully"
+        fi
+      fi
+    else
+      echo "   ipt_mac  module is working"
+    fi
+
+    echo "  Testing ipt_mark"
+    TEST_IPT_MARK=$(test_ipt_mark)
+    if [ "$TEST_IPT_MARK" = "0" ]; then
+      echo "   iptables is not working with ipt_mark"
+      echo "   Scanning disk for ipt_mark module"
+      TEST_IPT_MARK_MODULE_EXISTS=$(module_exists "ipt_mark")
+      if [ "$TEST_IPT_MARK_MODULE_EXISTS" = "0" ]; then
+        echo "   iptables ipt_mark module missing, please install it (kernel or module)"
+        exit
+      else
+        echo "   ipt_mark module exists, trying to load"
+        insmod ipt_mark
+        TEST_IPT_MARK_MODULE_MEMORY=$(module_in_memory "ipt_mark")
+        if [ "$TEST_IPT_MARK_MODULE_MEMORY" = "0" ]; then
+          echo "   Error: ipt_mark not loaded"
+          exit
+        else
+          echo "   ipt_mark loaded sucessfully"
+        fi
+      fi
+      else
+    echo "   ipt_mark module is working"
+    fi
+
+    echo "  Testing ipt_REDIRECT"
+    TEST_IPT_MAC=$(test_ipt_REDIRECT)
+    if [ "$TEST_IPT_MAC" = "0" ]; then
+      echo "   iptables is not working with ipt_REDIRECT"
+      echo "   Scanning disk for ipt_REDIRECT module"
+      TEST_IPT_MAC_MODULE_EXISTS=$(module_exists "ipt_REDIRECT")
+      if [ "$TEST_IPT_MAC_MODULE_EXISTS" = "0" ]; then
+        echo "   ipt_REDIRECT module is missing, please install it (kernel or module)"
+        exit
+      else
+        echo "   ipt_REDIRECT module exists, trying to load"
+        insmod ipt_REDIRECT > /dev/null
+        TEST_IPT_MAC_MODULE_MEMORY=$(module_in_memory "ipt_REDIRECT")
+        if [ "$TEST_IPT_MAC_MODULE_MEMORY" = "0" ]; then
+          echo "  Error: ipt_REDIRECT not loaded"
+          exit
+        else
+          echo "  ipt_REDIRECT loaded sucessfully"
+        fi
+      fi
+    else
+      echo "   ipt_REDIRECT  module is working"
+    fi
+
+    ;;
+
+  *)
+   echo "Usage: $0 {start|stop|restart|reload|status|test-module}"
+   exit 1
+   ;;
+esac

scripts/openwrt/.svn/all-wcprops

@@ -0,0 +1,11 @@
+K 25
+svn:wc:ra_dav:version-url
+V 47
+/svn/!svn/ver/215/trunk/wifidog/scripts/openwrt
+END
+S65wifidog
+K 25
+svn:wc:ra_dav:version-url
+V 58
+/svn/!svn/ver/215/trunk/wifidog/scripts/openwrt/S65wifidog
+END

scripts/openwrt/.svn/entries

@@ -0,0 +1,41 @@
+8
+
+dir
+1161
+https://dev.wifidog.org/svn/trunk/wifidog/scripts/openwrt
+https://dev.wifidog.org/svn
+
+
+
+2004-08-30T18:34:58.000000Z
+215
+benoitg
+
+
+svn:special svn:externals svn:needs-lock
+
+
+
+
+
+
+
+
+
+
+
+4c0ea164-750a-0410-922a-bd9993033959
+
+S65wifidog
+file
+
+
+
+
+2006-09-10T20:33:21.000000Z
+8aba0662ff0571d463c635fb222fa2e0
+2004-08-30T18:34:58.000000Z
+215
+benoitg
+has-props
+

scripts/openwrt/.svn/format

@@ -0,0 +1 @@
+8

scripts/openwrt/.svn/prop-base/S65wifidog.svn-base

@@ -0,0 +1,13 @@
+K 13
+svn:eol-style
+V 6
+native
+K 14
+svn:executable
+V 1
+*
+K 12
+svn:keywords
+V 23
+Author Date Id Revision
+END

scripts/openwrt/.svn/text-base/S65wifidog.svn-base

@@ -0,0 +1,2 @@
+#!/bin/sh
+/usr/bin/wifidog-init start

src/Makefile.am

@@ -0,0 +1,47 @@
+#
+# Based on Wifidog Makefile.am by benoitg
+#
+
+bin_PROGRAMS = nodogsplash \
+	ndsctl
+
+AM_CPPFLAGS = \
+	-I${top_srcdir}/libhttpd/ \
+	-DSYSCONFDIR='"$(sysconfdir)"' 
+nodogsplash_LDADD = $(top_builddir)/libhttpd/libhttpd.la
+
+nodogsplash_SOURCES = commandline.c \
+	conf.c \
+	debug.c \
+	fw_iptables.c \
+	firewall.c \
+	gateway.c \
+	http.c \
+	auth.c \
+	client_list.c \
+	util.c \
+	ndsctl_thread.c \
+	safe.c \
+	httpd_thread.c
+
+noinst_HEADERS = commandline.h \
+	common.h \
+	conf.h \
+	debug.h \
+	fw_iptables.h \
+	firewall.h \
+	gateway.h \
+	http.h \
+	auth.h \
+	client_list.h \
+	util.h \
+	ndsctl_thread.h \
+	ndsctl.h \
+	safe.h \
+	httpd_thread.h
+
+ndsctl_SOURCES = ndsctl.c
+
+clean-local:
+	echo "clean-local: " && pwd
+	rm -f *~

src/Makefile.in

@@ -0,0 +1,406 @@
+# Makefile.in generated automatically by automake 1.4-p4 from Makefile.am
+
+# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+#
+# Based on Wifidog Makefile.am by benoitg
+#
+
+
+SHELL = @SHELL@
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+VPATH = @srcdir@
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+
+bindir = @bindir@
+sbindir = @sbindir@
+libexecdir = @libexecdir@
+datadir = @datadir@
+sysconfdir = @sysconfdir@
+sharedstatedir = @sharedstatedir@
+localstatedir = @localstatedir@
+libdir = @libdir@
+infodir = @infodir@
+mandir = @mandir@
+includedir = @includedir@
+oldincludedir = /usr/include
+
+DESTDIR =
+
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+
+top_builddir = ..
+
+ACLOCAL = @ACLOCAL@
+AUTOCONF = @AUTOCONF@
+AUTOMAKE = @AUTOMAKE@
+AUTOHEADER = @AUTOHEADER@
+
+INSTALL = @INSTALL@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+transform = @program_transform_name@
+
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+host_alias = @host_alias@
+host_triplet = @host@
+AR = @AR@
+AS = @AS@
+BUILDROOT = @BUILDROOT@
+CC = @CC@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+DLLTOOL = @DLLTOOL@
+DOT = @DOT@
+DOXYGEN = @DOXYGEN@
+ECHO = @ECHO@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+GCJ = @GCJ@
+GCJFLAGS = @GCJFLAGS@
+HAVE_LIB = @HAVE_LIB@
+LIB = @LIB@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIB = @LTLIB@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+NODOGSPLASH_MAJOR_VERSION = @NODOGSPLASH_MAJOR_VERSION@
+NODOGSPLASH_MINOR_VERSION = @NODOGSPLASH_MINOR_VERSION@
+NODOGSPLASH_VERSION = @NODOGSPLASH_VERSION@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+RANLIB = @RANLIB@
+RC = @RC@
+STRIP = @STRIP@
+VERSION = @VERSION@
+enable_dot = @enable_dot@
+enable_html_docs = @enable_html_docs@
+enable_latex_docs = @enable_latex_docs@
+
+bin_PROGRAMS = nodogsplash 	ndsctl
+
+
+AM_CPPFLAGS =  	-I${top_srcdir}/libhttpd/ 	-DSYSCONFDIR='"$(sysconfdir)"' 
+
+nodogsplash_LDADD = $(top_builddir)/libhttpd/libhttpd.la
+
+nodogsplash_SOURCES = commandline.c 	conf.c 	debug.c 	fw_iptables.c 	firewall.c 	gateway.c 	http.c 	auth.c 	client_list.c 	util.c 	ndsctl_thread.c 	safe.c 	httpd_thread.c
+
+
+noinst_HEADERS = commandline.h 	common.h 	conf.h 	debug.h 	fw_iptables.h 	firewall.h 	gateway.h 	http.h 	auth.h 	client_list.h 	util.h 	ndsctl_thread.h 	ndsctl.h 	safe.h 	httpd_thread.h
+
+
+ndsctl_SOURCES = ndsctl.c
+mkinstalldirs = $(SHELL) $(top_srcdir)/config/mkinstalldirs
+CONFIG_HEADER = ../config.h
+CONFIG_CLEAN_FILES = 
+bin_PROGRAMS =  nodogsplash$(EXEEXT) ndsctl$(EXEEXT)
+PROGRAMS =  $(bin_PROGRAMS)
+
+
+DEFS = @DEFS@ -I. -I$(srcdir) -I..
+CPPFLAGS = @CPPFLAGS@
+LDFLAGS = @LDFLAGS@
+LIBS = @LIBS@
+nodogsplash_OBJECTS =  commandline.$(OBJEXT) conf.$(OBJEXT) \
+debug.$(OBJEXT) fw_iptables.$(OBJEXT) firewall.$(OBJEXT) \
+gateway.$(OBJEXT) http.$(OBJEXT) auth.$(OBJEXT) client_list.$(OBJEXT) \
+util.$(OBJEXT) ndsctl_thread.$(OBJEXT) safe.$(OBJEXT) \
+httpd_thread.$(OBJEXT)
+nodogsplash_DEPENDENCIES =  $(top_builddir)/libhttpd/libhttpd.la
+nodogsplash_LDFLAGS = 
+ndsctl_OBJECTS =  ndsctl.$(OBJEXT)
+ndsctl_LDADD = $(LDADD)
+ndsctl_DEPENDENCIES = 
+ndsctl_LDFLAGS = 
+CFLAGS = @CFLAGS@
+COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
+HEADERS =  $(noinst_HEADERS)
+
+DIST_COMMON =  Makefile.am Makefile.in
+
+
+DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
+
+TAR = tar
+GZIP_ENV = --best
+DEP_FILES =  .deps/auth.P .deps/client_list.P .deps/commandline.P \
+.deps/conf.P .deps/debug.P .deps/firewall.P .deps/fw_iptables.P \
+.deps/gateway.P .deps/http.P .deps/httpd_thread.P .deps/ndsctl.P \
+.deps/ndsctl_thread.P .deps/safe.P .deps/util.P
+SOURCES = $(nodogsplash_SOURCES) $(ndsctl_SOURCES)
+OBJECTS = $(nodogsplash_OBJECTS) $(ndsctl_OBJECTS)
+
+all: all-redirect
+.SUFFIXES:
+.SUFFIXES: .S .c .lo .o .obj .s
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) 
+	cd $(top_srcdir) && $(AUTOMAKE) --gnu src/Makefile
+
+Makefile: $(srcdir)/Makefile.in  $(top_builddir)/config.status $(BUILT_SOURCES)
+	cd $(top_builddir) \
+	  && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status
+
+
+mostlyclean-binPROGRAMS:
+
+clean-binPROGRAMS:
+	-test -z "$(bin_PROGRAMS)" || rm -f $(bin_PROGRAMS)
+
+distclean-binPROGRAMS:
+
+maintainer-clean-binPROGRAMS:
+
+install-binPROGRAMS: $(bin_PROGRAMS)
+	@$(NORMAL_INSTALL)
+	$(mkinstalldirs) $(DESTDIR)$(bindir)
+	@list='$(bin_PROGRAMS)'; for p in $$list; do \
+	  if test -f $$p; then \
+	    echo " $(LIBTOOL)  --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \
+	    $(LIBTOOL)  --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \
+	  else :; fi; \
+	done
+
+uninstall-binPROGRAMS:
+	@$(NORMAL_UNINSTALL)
+	list='$(bin_PROGRAMS)'; for p in $$list; do \
+	  rm -f $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \
+	done
+
+# FIXME: We should only use cygpath when building on Windows,
+# and only if it is available.
+.c.obj:
+	$(COMPILE) -c `cygpath -w $<`
+
+.s.o:
+	$(COMPILE) -c $<
+
+.S.o:
+	$(COMPILE) -c $<
+
+mostlyclean-compile:
+	-rm -f *.o core *.core
+	-rm -f *.$(OBJEXT)
+
+clean-compile:
+
+distclean-compile:
+	-rm -f *.tab.c
+
+maintainer-clean-compile:
+
+.s.lo:
+	$(LIBTOOL) --mode=compile $(COMPILE) -c $<
+
+.S.lo:
+	$(LIBTOOL) --mode=compile $(COMPILE) -c $<
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+
+distclean-libtool:
+
+maintainer-clean-libtool:
+
+nodogsplash$(EXEEXT): $(nodogsplash_OBJECTS) $(nodogsplash_DEPENDENCIES)
+	@rm -f nodogsplash$(EXEEXT)
+	$(LINK) $(nodogsplash_LDFLAGS) $(nodogsplash_OBJECTS) $(nodogsplash_LDADD) $(LIBS)
+
+ndsctl$(EXEEXT): $(ndsctl_OBJECTS) $(ndsctl_DEPENDENCIES)
+	@rm -f ndsctl$(EXEEXT)
+	$(LINK) $(ndsctl_LDFLAGS) $(ndsctl_OBJECTS) $(ndsctl_LDADD) $(LIBS)
+
+tags: TAGS
+
+ID: $(HEADERS) $(SOURCES) $(LISP)
+	list='$(SOURCES) $(HEADERS)'; \
+	unique=`for i in $$list; do echo $$i; done | \
+	  awk '    { files[$$0] = 1; } \
+	       END { for (i in files) print i; }'`; \
+	here=`pwd` && cd $(srcdir) \
+	  && mkid -f$$here/ID $$unique $(LISP)
+
+TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) $(LISP)
+	tags=; \
+	here=`pwd`; \
+	list='$(SOURCES) $(HEADERS)'; \
+	unique=`for i in $$list; do echo $$i; done | \
+	  awk '    { files[$$0] = 1; } \
+	       END { for (i in files) print i; }'`; \
+	test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
+	  || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags  $$unique $(LISP) -o $$here/TAGS)
+
+mostlyclean-tags:
+
+clean-tags:
+
+distclean-tags:
+	-rm -f TAGS ID
+
+maintainer-clean-tags:
+
+distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
+
+subdir = src
+
+distdir: $(DISTFILES)
+	here=`cd $(top_builddir) && pwd`; \
+	top_distdir=`cd $(top_distdir) && pwd`; \
+	distdir=`cd $(distdir) && pwd`; \
+	cd $(top_srcdir) \
+	  && $(AUTOMAKE) --include-deps --build-dir=$$here --srcdir-name=$(top_srcdir) --output-dir=$$top_distdir --gnu src/Makefile
+	@for file in $(DISTFILES); do \
+	  d=$(srcdir); \
+	  if test -d $$d/$$file; then \
+	    cp -pr $$d/$$file $(distdir)/$$file; \
+	  else \
+	    test -f $(distdir)/$$file \
+	    || ln $$d/$$file $(distdir)/$$file 2> /dev/null \
+	    || cp -p $$d/$$file $(distdir)/$$file || :; \
+	  fi; \
+	done
+
+DEPS_MAGIC := $(shell mkdir .deps > /dev/null 2>&1 || :)
+
+-include $(DEP_FILES)
+
+mostlyclean-depend:
+
+clean-depend:
+
+distclean-depend:
+	-rm -rf .deps
+
+maintainer-clean-depend:
+
+%.o: %.c
+	@echo '$(COMPILE) -c $<'; \
+	$(COMPILE) -Wp,-MD,.deps/$(*F).pp -c $<
+	@-cp .deps/$(*F).pp .deps/$(*F).P; \
+	tr ' ' '\012' < .deps/$(*F).pp \
+	  | sed -e 's/^\\$$//' -e '/^$$/ d' -e '/:$$/ d' -e 's/$$/ :/' \
+	    >> .deps/$(*F).P; \
+	rm .deps/$(*F).pp
+
+%.lo: %.c
+	@echo '$(LTCOMPILE) -c $<'; \
+	$(LTCOMPILE) -Wp,-MD,.deps/$(*F).pp -c $<
+	@-sed -e 's/^\([^:]*\)\.o[ 	]*:/\1.lo \1.o :/' \
+	  < .deps/$(*F).pp > .deps/$(*F).P; \
+	tr ' ' '\012' < .deps/$(*F).pp \
+	  | sed -e 's/^\\$$//' -e '/^$$/ d' -e '/:$$/ d' -e 's/$$/ :/' \
+	    >> .deps/$(*F).P; \
+	rm -f .deps/$(*F).pp
+info-am:
+info: info-am
+dvi-am:
+dvi: dvi-am
+check-am: all-am
+check: check-am
+installcheck-am:
+installcheck: installcheck-am
+install-exec-am: install-binPROGRAMS
+install-exec: install-exec-am
+
+install-data-am:
+install-data: install-data-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+install: install-am
+uninstall-am: uninstall-binPROGRAMS
+uninstall: uninstall-am
+all-am: Makefile $(PROGRAMS) $(HEADERS)
+all-redirect: all-am
+install-strip:
+	$(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
+installdirs:
+	$(mkinstalldirs)  $(DESTDIR)$(bindir)
+
+
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-rm -f Makefile $(CONFIG_CLEAN_FILES)
+	-rm -f config.cache config.log stamp-h stamp-h[0-9]*
+
+maintainer-clean-generic:
+mostlyclean-am:  mostlyclean-binPROGRAMS mostlyclean-compile \
+		mostlyclean-libtool mostlyclean-tags mostlyclean-depend \
+		mostlyclean-generic
+
+mostlyclean: mostlyclean-am
+
+clean-am:  clean-binPROGRAMS clean-compile clean-libtool clean-tags \
+		clean-depend clean-generic mostlyclean-am clean-local
+
+clean: clean-am
+
+distclean-am:  distclean-binPROGRAMS distclean-compile distclean-libtool \
+		distclean-tags distclean-depend distclean-generic \
+		clean-am
+	-rm -f libtool
+
+distclean: distclean-am
+
+maintainer-clean-am:  maintainer-clean-binPROGRAMS \
+		maintainer-clean-compile maintainer-clean-libtool \
+		maintainer-clean-tags maintainer-clean-depend \
+		maintainer-clean-generic distclean-am
+	@echo "This command is intended for maintainers to use;"
+	@echo "it deletes files that may require special tools to rebuild."
+
+maintainer-clean: maintainer-clean-am
+
+.PHONY: mostlyclean-binPROGRAMS distclean-binPROGRAMS clean-binPROGRAMS \
+maintainer-clean-binPROGRAMS uninstall-binPROGRAMS install-binPROGRAMS \
+mostlyclean-compile distclean-compile clean-compile \
+maintainer-clean-compile mostlyclean-libtool distclean-libtool \
+clean-libtool maintainer-clean-libtool tags mostlyclean-tags \
+distclean-tags clean-tags maintainer-clean-tags distdir \
+mostlyclean-depend distclean-depend clean-depend \
+maintainer-clean-depend info-am info dvi-am dvi check check-am \
+installcheck-am installcheck install-exec-am install-exec \
+install-data-am install-data install-am install uninstall-am uninstall \
+all-redirect all-am all installdirs mostlyclean-generic \
+distclean-generic clean-generic maintainer-clean-generic clean \
+mostlyclean distclean maintainer-clean
+
+
+clean-local:
+	echo "clean-local: " && pwd
+	rm -f *~
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:

src/auth.c

@@ -0,0 +1,149 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: auth.c 1104 2006-10-09 00:58:46Z acv $ */
+/** @file auth.c
+    @brief Authentication handling thread
+    @author Copyright (C) 2004 Alexandre Carmel-Veilleux <acv@miniguru.ca>
+*/
+
+#define _GNU_SOURCE
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <pthread.h>
+#include <string.h>
+#include <stdarg.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <unistd.h>
+#include <syslog.h>
+
+#include "httpd.h"
+#include "http.h"
+#include "safe.h"
+#include "conf.h"
+#include "debug.h"
+#include "auth.h"
+#include "fw_iptables.h"
+#include "firewall.h"
+#include "client_list.h"
+#include "util.h"
+
+/* Defined in clientlist.c */
+extern	pthread_mutex_t	client_list_mutex;
+
+/* Defined in util.c */
+extern long authenticated_this_session;
+
+/** Launches a thread that periodically checks if any of the connections has timed out
+@param arg Must contain a pointer to a string containing the IP adress of the client to check to check
+@todo Also pass MAC adress? 
+@todo This thread loops infinitely, need a watchdog to verify that it is still running?
+*/  
+void
+thread_client_timeout_check(void *arg)
+{
+	pthread_cond_t		cond = PTHREAD_COND_INITIALIZER;
+	pthread_mutex_t		cond_mutex = PTHREAD_MUTEX_INITIALIZER;
+	struct	timespec	timeout;
+	
+	while (1) {
+		debug(LOG_DEBUG, "Running fw_refresh_client_list()");
+	
+		fw_refresh_client_list();
+
+		/* Sleep for config.checkinterval seconds... */
+		timeout.tv_sec = time(NULL) + config_get_config()->checkinterval;
+		timeout.tv_nsec = 0;
+
+		/* Mutex must be locked for pthread_cond_timedwait... */
+		pthread_mutex_lock(&cond_mutex);
+		
+		/* Thread safe "sleep" */
+		pthread_cond_timedwait(&cond, &cond_mutex, &timeout);
+
+		/* No longer needs to be locked */
+		pthread_mutex_unlock(&cond_mutex);
+	
+	}
+}
+
+/** Take action on a client, identified in a request.
+ * Alter the firewall rules and client list accordingly.
+@param r httpd request struct
+*/
+void
+auth_client_action(char *ip, char *mac, t_authaction action) {
+  t_client	*client;
+  s_config	*config = NULL;
+
+  LOCK_CLIENT_LIST();
+
+  client = client_list_find_by_ip(ip);
+
+  /* Client should already have hit the splash server and be on the client list */
+  if (client == NULL) {
+    debug(LOG_ERR, "Could not find client for %s", ip);
+    UNLOCK_CLIENT_LIST();
+    return;
+  }
+
+  /* Make sure MAC's match */
+  if (strcmp(client->mac,mac)) {
+    debug(LOG_ERR, "MAC's do not match: %s, %s", client->mac, mac);
+    UNLOCK_CLIENT_LIST();
+    return;
+  }
+  
+
+  /* Prepare some variables we'll need below */
+  config = config_get_config();
+
+  switch(action) {
+
+  case AUTH_MAKE_AUTHENTICATED:
+    debug(LOG_INFO, "AUTHENTICATE  %s at %s ", client->ip, client->mac);
+    if(client->fw_connection_state != FW_MARK_AUTHENTICATED) {
+      client->fw_connection_state = FW_MARK_AUTHENTICATED;
+      iptables_fw_access(AUTH_MAKE_AUTHENTICATED,client->ip,client->mac);
+      authenticated_this_session++;
+    } else {
+      debug(LOG_INFO, "Nothing to do, %s at %s already authenticated", client->ip, client->mac);
+    }
+    break;
+
+  case AUTH_MAKE_DEAUTHENTICATED:
+    debug(LOG_INFO, "DEAUTHENTICATE  %s at %s ", client->ip, client->mac);
+    if(client->fw_connection_state == FW_MARK_AUTHENTICATED) {
+      iptables_fw_access(AUTH_MAKE_DEAUTHENTICATED, client->ip, client->mac);
+    }
+    client_list_delete(client);
+    
+  default:
+    debug(LOG_ERR, "Unknown auth action: %d",action);
+  }
+  UNLOCK_CLIENT_LIST();
+  return;
+
+}
+
+
+

src/auth.h

@@ -0,0 +1,45 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: auth.h 1104 2006-10-09 00:58:46Z acv $ */
+/** @file auth.h
+    @brief Authentication handling thread
+    @author Copyright (C) 2004 Alexandre Carmel-Veilleux <acv@miniguru.ca>
+*/
+
+#ifndef _AUTH_H_
+#define _AUTH_H_
+
+/**
+ * @brief Actions to take on clients.
+ */
+typedef enum {
+    AUTH_MAKE_DEAUTHENTICATED = 1, /**< To make client 'deauthenticated' */
+    AUTH_MAKE_AUTHENTICATED = 2 /**< To make client 'authenticated' */
+} t_authaction;
+
+
+/** @brief Take action on a single client */
+void auth_client_action(char *ip, char *mac, t_authaction action);
+
+/** @brief Periodically check if connections expired */
+void thread_client_timeout_check(void *arg);
+
+#endif

src/client_list.c

@@ -0,0 +1,272 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+ \********************************************************************/
+
+/*
+ * $Id: client_list.c 901 2006-01-17 18:58:13Z mina $
+ */
+/** @file client_list.c
+  @brief Client List Functions
+  @author Copyright (C) 2004 Alexandre Carmel-Veillex <acv@acv.ca>
+ */
+
+#define _GNU_SOURCE
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <syslog.h>
+#include <errno.h>
+#include <pthread.h>
+#include <sys/wait.h>
+#include <sys/types.h>
+#include <sys/unistd.h>
+
+#include <string.h>
+
+#include "safe.h"
+#include "debug.h"
+#include "conf.h"
+#include "client_list.h"
+#include "firewall.h"
+
+/** Client counter */
+static int client_count = 0;
+
+/** Global mutex to protect access to the client list */
+pthread_mutex_t client_list_mutex = PTHREAD_MUTEX_INITIALIZER;
+
+/** @internal
+ * Holds a pointer to the first element of the list 
+ */ 
+t_client         *firstclient = NULL;
+
+/** Return current length of the client list
+ */
+int
+get_client_list_length() {
+  return client_count;
+}
+
+/** Get the first element of the client list
+ */
+t_client *
+client_get_first_client(void)
+{
+    return firstclient;
+}
+
+/**
+ * Initializes the list of connected clients (client)
+ */
+void
+client_list_init(void) {
+  firstclient = NULL;
+  client_count = 0;
+}
+
+/** Based on the parameters it receives, this function creates a new entry
+ * in the connections list. All the memory allocation is done here.
+ * @param ip IP address
+ * @param mac MAC address
+ * @param token Token
+ * @return Pointer to the client we just created
+ */
+t_client         *
+client_list_append(char *ip, char *mac, char *token) {
+  t_client         *curclient, *prevclient;
+  s_config *config;
+  int maxclients;
+
+  config = config_get_config();
+  maxclients = config->maxclients;
+  if(client_count >= maxclients) {
+    debug(LOG_ERR, "Already list %d clients, cannot add IP %s MAC %s", client_count, ip, mac);
+    return NULL;
+  }
+
+  prevclient = NULL;
+  curclient = firstclient;
+
+  while (curclient != NULL) {
+    prevclient = curclient;
+    curclient = curclient->next;
+  }
+
+  curclient = safe_malloc(sizeof(t_client));
+  memset(curclient, 0, sizeof(t_client));
+
+  curclient->ip = safe_strdup(ip);
+  curclient->mac = safe_strdup(mac);
+  curclient->token = token ? safe_strdup(token) : NULL;
+  curclient->fw_connection_state = FW_MARK_UNKNOWN;
+  curclient->counters.incoming = curclient->counters.incoming_history = 0;
+  curclient->counters.outgoing = curclient->counters.outgoing_history = 0;
+  curclient->counters.last_updated = time(NULL);
+  curclient->added_time = time(NULL);
+
+  if (prevclient == NULL) {
+    firstclient = curclient;
+  } else {
+    prevclient->next = curclient;
+  }
+
+
+  debug(LOG_INFO, "Added client %d to linked list: IP: Token: %s",
+	client_count, ip,  token ? token : "none");
+
+  client_count++;
+
+  return curclient;
+}
+
+/** Finds a  client by its IP and MAC, returns NULL if the client could not
+ * be found
+ * @param ip IP we are looking for in the linked list
+ * @param mac MAC we are looking for in the linked list
+ * @return Pointer to the client, or NULL if not found
+ */
+t_client         *
+client_list_find(char *ip, char *mac) {
+  t_client         *ptr;
+
+  ptr = firstclient;
+  while (NULL != ptr) {
+    if (0 == strcmp(ptr->ip, ip) && 0 == strcmp(ptr->mac, mac))
+      return ptr;
+    ptr = ptr->next;
+  }
+
+  return NULL;
+}
+
+
+/**
+ * Finds a  client by its IP, returns NULL if the client could not
+ * be found
+ * @param ip IP we are looking for in the linked list
+ * @return Pointer to the client, or NULL if not found
+ */
+t_client         *
+client_list_find_by_ip(char *ip) {
+  t_client         *ptr;
+
+  ptr = firstclient;
+  while (NULL != ptr) {
+    if (0 == strcmp(ptr->ip, ip))
+      return ptr;
+    ptr = ptr->next;
+  }
+
+  return NULL;
+}
+
+/**
+ * Finds a  client by its Mac, returns NULL if the client could not
+ * be found
+ * @param mac Mac we are looking for in the linked list
+ * @return Pointer to the client, or NULL if not found
+ */
+t_client         *
+client_list_find_by_mac(char *mac) {
+  t_client         *ptr;
+
+  ptr = firstclient;
+  while (NULL != ptr) {
+    if (0 == strcmp(ptr->mac, mac))
+      return ptr;
+    ptr = ptr->next;
+  }
+
+  return NULL;
+}
+
+/** Finds a client by its token
+ * @param token Token we are looking for in the linked list
+ * @return Pointer to the client, or NULL if not found
+ */
+t_client *
+client_list_find_by_token(char *token) {
+  t_client         *ptr;
+
+  ptr = firstclient;
+  while (NULL != ptr) {
+    if (0 == strcmp(ptr->token, token))
+      return ptr;
+    ptr = ptr->next;
+  }
+
+  return NULL;
+}
+
+/** @internal
+ * @brief Frees the memory used by a t_client structure
+ * This function frees the memory used by the t_client structure in the
+ * proper order.
+ * @param client Points to the client to be freed
+ */
+void
+_client_list_free_node(t_client * client) {
+
+  if (client->mac != NULL)
+    free(client->mac);
+
+  if (client->ip != NULL)
+    free(client->ip);
+
+  if (client->token != NULL)
+    free(client->token);
+
+  free(client);
+}
+
+/**
+ * @brief Deletes a client from the connections list
+ *
+ * Removes the specified client from the connections list and then calls
+ * the function _client_list_free_node to free the memory taken by the client.
+ * @param client Points to the client to be deleted
+ */
+void
+client_list_delete(t_client * client) {
+  t_client         *ptr;
+
+  ptr = firstclient;
+
+  if (ptr == NULL) {
+    debug(LOG_ERR, "Node list empty!");
+  } else if (ptr == client) {
+    firstclient = ptr->next;
+    _client_list_free_node(client);
+    client_count--;
+  } else {
+    /* Loop forward until we reach our point in the list. */
+    while (ptr->next != NULL && ptr->next != client) {
+      ptr = ptr->next;
+    }
+    /* If we reach the end before finding out element, complain. */
+    if (ptr->next == NULL) {
+      debug(LOG_ERR, "Node to delete could not be found.");
+      /* Free element. */
+    } else {
+      ptr->next = client->next;
+      _client_list_free_node(client);
+      client_count--;
+    }
+  }
+}

src/client_list.h

@@ -0,0 +1,94 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: client_list.h 901 2006-01-17 18:58:13Z mina $ */
+/** @file client_list.h
+    @brief Client List functions
+    @author Copyright (C) 2004 Alexandre Carmel-Veilleux <acv@acv.ca>
+*/
+
+#ifndef _CLIENT_LIST_H_
+#define _CLIENT_LIST_H_
+
+/** Counters struct for a client's bandwidth usage (in bytes)
+ */
+typedef struct _t_counters {
+    unsigned long long	incoming;	/**< @brief Incoming data total*/
+    unsigned long long	outgoing;	/**< @brief Outgoing data total*/
+    unsigned long long	incoming_history;	/**< @brief Incoming data before nodogsplash restarted*/
+    unsigned long long	outgoing_history;	/**< @brief Outgoing data before nodogsplash restarted*/
+    time_t	last_updated;	/**< @brief Last update of the counters */
+} t_counters;
+
+/** Client node for the connected client linked list.
+ */
+typedef struct	_t_client {
+  struct	_t_client *next;        /**< @brief Pointer to the next client */
+  char	*ip;			/**< @brief Client Ip address */
+  char	*mac;			/**< @brief Client Mac address */
+  char	*token;			/**< @brief Client token */
+  unsigned int fw_connection_state; /**< @brief Connection state in the firewall */
+  time_t added_time;		/**< @brief Time client added to list */
+  t_counters	counters;	/**< @brief Counters for input/output of
+				   the client. */
+} t_client;
+
+/** @brief Get the first element of the list of connected clients
+ */
+t_client *client_get_first_client(void);
+
+/** @brief Initializes the client list */
+void client_list_init(void);
+
+/** @brief Returns number of clients currently on client list */
+int get_client_list_length();
+
+/** @brief Adds a new client to the client list */
+t_client *client_list_append(char *ip, char *mac, char *token);
+
+/** @brief Finds a client by its IP and MAC */
+t_client *client_list_find(char *ip, char *mac);
+
+/** @brief Finds a client only by its IP */
+t_client *client_list_find_by_ip(char *ip); /* needed by fw_iptables.c, auth.c 
+					     * and ndsctl_thread.c */
+
+/** @brief Finds a client only by its Mac */
+t_client *client_list_find_by_mac(char *mac); /* needed by ndsctl_thread.c */
+
+/** @brief Finds a client by its token */
+t_client *client_list_find_by_token(char *token);
+
+/** @brief Deletes a client from the client list */
+void client_list_delete(t_client *client);
+
+#define LOCK_CLIENT_LIST() do { \
+	debug(LOG_DEBUG, "Locking client list"); \
+	pthread_mutex_lock(&client_list_mutex); \
+	debug(LOG_DEBUG, "Client list locked"); \
+} while (0)
+
+#define UNLOCK_CLIENT_LIST() do { \
+	debug(LOG_DEBUG, "Unlocking client list"); \
+	pthread_mutex_unlock(&client_list_mutex); \
+	debug(LOG_DEBUG, "Client list unlocked"); \
+} while (0)
+
+#endif /* _CLIENT_LIST_H_ */

src/commandline.c

@@ -0,0 +1,179 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: commandline.c 935 2006-02-01 03:22:04Z benoitg $ */
+/** @file commandline.c
+    @brief Command line argument handling
+    @author Copyright (C) 2004 Philippe April <papril777@yahoo.com>
+*/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <string.h>
+#include <syslog.h>
+
+#include "debug.h"
+#include "safe.h"
+#include "conf.h"
+
+#include "../config.h"
+
+/*
+ * Holds an argv that could be passed to exec*() if we restart ourselves
+ */
+char ** restartargv = NULL;
+
+static void usage(void);
+
+/*
+ * A flag to denote whether we were restarted via a parent nodogsplash, or started normally
+ * 0 means normally, otherwise it will be populated by the PID of the parent
+ */
+pid_t restart_orig_pid = 0;
+
+/** @internal
+ * @brief Print usage
+ *
+ * Prints usage, called when nodogsplash is run with -h or with an unknown option
+ */
+static void
+usage(void) {
+  printf("Usage: nodogsplash [options]\n");
+  printf("\n");
+  printf("  -c [filename] Use this config file\n");
+  printf("  -f            Run in foreground\n");
+  printf("  -d <level>    Debug level\n");
+  printf("  -s            Log to syslog\n");
+  printf("  -w <path>     Ndsctl socket path\n");
+  printf("  -h            Print usage\n");
+  printf("  -v            Print version information\n");
+  printf("  -x pid        Used internally by nodogsplash when re-starting itself *DO NOT ISSUE THIS SWITCH MANUAlLY*\n");
+  printf("  -i <path>     Internal socket path used when re-starting self\n");
+  printf("\n");
+}
+
+/** Uses getopt() to parse the command line and set configuration values
+ * also populates restartargv
+ */
+void parse_commandline(int argc, char **argv) {
+  int c;
+  int skiponrestart;
+  int i;
+
+  s_config *config = config_get_config();
+
+  //MAGIC 3: Our own -x, the pid, and NULL :
+  restartargv = safe_malloc((argc + 3) * sizeof(char*));
+  i=0;
+  restartargv[i++] = safe_strdup(argv[0]);
+
+  while (-1 != (c = getopt(argc, argv, "c:hfd:sw:vx:i:"))) {
+
+    skiponrestart = 0;
+
+    switch(c) {
+
+    case 'h':
+      usage();
+      exit(1);
+      break;
+
+    case 'c':
+      if (optarg) {
+	strncpy(config->configfile, optarg, sizeof(config->configfile));
+      }
+      break;
+
+    case 'w':
+      if (optarg) {
+	free(config->ndsctl_sock);
+	config->ndsctl_sock = safe_strdup(optarg);
+      }
+      break;
+
+    case 'f':
+      skiponrestart = 1;
+      config->daemon = 0;
+      break;
+
+    case 'd':
+      if (optarg) {
+	config->debuglevel = atoi(optarg);
+      }
+      break;
+
+    case 's':
+      config->log_syslog = 1;
+      break;
+
+    case 'v':
+      printf("This is nodogsplash version " VERSION "\n");
+      exit(1);
+      break;
+
+    case 'x':
+      skiponrestart = 1;
+      if (optarg) {
+	restart_orig_pid = atoi(optarg);
+      }
+      else {
+	printf("The expected PID to the -x switch was not supplied!");
+	exit(1);
+      }
+      break;
+
+    case 'i':
+      if (optarg) {
+	free(config->internal_sock);
+	config->internal_sock = safe_strdup(optarg);
+      }
+      break;
+
+    default:
+      usage();
+      exit(1);
+      break;
+
+    }
+
+    if (!skiponrestart) {
+      /* Add it to restartargv */
+      safe_asprintf(&(restartargv[i++]), "-%c", c);
+      if (optarg) {
+	restartargv[i++] = safe_strdup(optarg);
+      }
+    }
+
+  }
+
+  /* Finally, we should add  the -x, pid and NULL to restartargv
+   * HOWEVER we cannot do it here, since this is called before we fork to background
+   * so we'll leave this job to gateway.c after forking is completed
+   * so that the correct PID is assigned
+   *
+   * We add 3 nulls, and the first 2 will be overridden later
+   */
+  restartargv[i++] = NULL;
+  restartargv[i++] = NULL;
+  restartargv[i++] = NULL;
+
+}
+

src/commandline.h

@@ -0,0 +1,33 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: commandline.h 901 2006-01-17 18:58:13Z mina $ */
+/** @file commandline.h
+    @brief Command line argument handling
+    @author Copyright (C) 2004 Philippe April <papril777@yahoo.com>
+*/
+
+#ifndef _COMMANDLINE_H_
+#define _COMMANDLINE_H_
+
+/** @brief Parses the command line and set the config accordingly */
+void parse_commandline(int, char**);
+
+#endif /* _COMMANDLINE_H_ */

src/common.h

@@ -0,0 +1,33 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: common.h 901 2006-01-17 18:58:13Z mina $ */
+/** @file common.h
+    @brief Common constants and other bits
+    @author Copyright (C) 2004 Philippe April <papril777@yahoo.com>
+*/
+
+#ifndef _COMMON_H_
+#define _COMMON_H_
+
+/** @brief Read buffer for socket read? */
+#define MAX_BUF 4096
+
+#endif /* _COMMON_H_ */

src/conf.c

@@ -0,0 +1,756 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+ \********************************************************************/
+
+/* $Id: conf.c 935 2006-02-01 03:22:04Z benoitg $ */
+/** @file conf.c
+  @brief Config file parsing
+  @author Copyright (C) 2004 Philippe April <papril777@yahoo.com>
+ */
+
+#define _GNU_SOURCE
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <syslog.h>
+
+#include <pthread.h>
+
+#include <string.h>
+#include <ctype.h>
+
+#include "common.h"
+#include "safe.h"
+#include "debug.h"
+#include "conf.h"
+#include "http.h"
+#include "auth.h"
+#include "firewall.h"
+
+#include "util.h"
+
+/** @internal
+ * Holds the current configuration of the gateway */
+static s_config config;
+
+/**
+ * Mutex for the configuration file, used by the auth_servers related
+ * functions. */
+pthread_mutex_t config_mutex = PTHREAD_MUTEX_INITIALIZER;
+
+/** @internal
+ * A flag.  If set to 1, there are missing or empty mandatory parameters in the config
+ */
+static int missing_parms;
+
+/** @internal
+ The different configuration options */
+typedef enum {
+	oBadOption,
+	oDaemon,
+	oDebugLevel,
+	oMaxClients,
+	oExternalInterface,
+	oGatewayName,
+	oGatewayInterface,
+	oGatewayAddress,
+	oGatewayPort,
+	oHTTPDMaxConn,
+	oWebRoot,
+	oSplashPage,
+	oImagesDir,
+	oRedirectURL,
+	oClientIdleTimeout,
+	oClientForceTimeout,
+	oCheckInterval,
+	oTrafficControl,
+	oDownloadLimit,
+	oUploadLimit,
+	oNdsctlSocket,
+	oSyslogFacility,
+	oFirewallRule,
+	oFirewallRuleSet,
+	oTrustedMACList,
+	oBlockedMACList
+} OpCodes;
+
+/** @internal
+ The config file keywords for the different configuration options */
+static const struct {
+	const char *name;
+	OpCodes opcode;
+	int required;
+} keywords[] = {
+	{ "daemon",             oDaemon },
+	{ "debuglevel",         oDebugLevel },
+	{ "maxclients",         oMaxClients },
+	{ "externalinterface",  oExternalInterface },
+	{ "gatewayname",        oGatewayName },
+	{ "gatewayinterface",   oGatewayInterface },
+	{ "gatewayaddress",     oGatewayAddress },
+	{ "gatewayport",        oGatewayPort },
+	{ "webroot",      	oWebRoot },
+	{ "splashpage",      	oSplashPage },
+	{ "imagesdir",   	oImagesDir },
+	{ "redirectURL",      	oRedirectURL },
+	{ "clientidletimeout",  oClientIdleTimeout },
+	{ "clientforcetimeout", oClientForceTimeout },
+	{ "checkinterval",      oCheckInterval },
+	{ "trafficcontrol",	oTrafficControl },
+	{ "downloadlimit",	oDownloadLimit },
+	{ "uploadlimit",	oUploadLimit },
+	{ "syslogfacility", 	oSyslogFacility },
+	{ "syslogfacility", 	oSyslogFacility },
+	{ "ndsctlsocket", 	oNdsctlSocket },
+	{ "firewallruleset",	oFirewallRuleSet },
+	{ "firewallrule",	oFirewallRule },
+	{ "trustedmaclist",	oTrustedMACList },
+	{ "blockedmaclist",	oBlockedMACList },
+	{ NULL,                 oBadOption },
+};
+
+static OpCodes config_parse_opcode(const char *cp, const char *filename, int linenum);
+
+/** Accessor for the current gateway configuration
+@return:  A pointer to the current config.  The pointer isn't opaque, but should be treated as READ-ONLY
+ */
+s_config *
+config_get_config(void) {
+  return &config;
+}
+
+/** Sets the default config parameters and initialises the configuration system */
+void
+config_init(void) {
+  debug(LOG_DEBUG, "Setting default config parameters");
+  strncpy(config.configfile, DEFAULT_CONFIGFILE, sizeof(config.configfile));
+  config.debuglevel = DEFAULT_DEBUGLEVEL;
+  config.external_interface = NULL;
+  config.maxclients = DEFAULT_MAXCLIENTS;
+  config.gw_name = DEFAULT_GATEWAYNAME;
+  config.gw_interface = NULL;
+  config.gw_address = NULL;
+  config.gw_port = DEFAULT_GATEWAYPORT;
+  config.webroot = DEFAULT_WEBROOT;
+  config.splashpage = DEFAULT_SPLASHPAGE;
+  config.imagesdir = DEFAULT_IMAGESDIR;
+  config.authdir = DEFAULT_AUTHDIR;
+  config.denydir = DEFAULT_DENYDIR;
+  config.redirectURL = NULL;
+  config.clienttimeout = DEFAULT_CLIENTTIMEOUT;
+  config.clientforceout = DEFAULT_CLIENTFORCEOUT;
+  config.checkinterval = DEFAULT_CHECKINTERVAL;
+  config.daemon = -1;
+  config.traffic_control = DEFAULT_TRAFFIC_CONTROL;
+  config.upload_limit =  DEFAULT_UPLOAD_LIMIT;
+  config.download_limit = DEFAULT_DOWNLOAD_LIMIT;
+  config.syslog_facility = DEFAULT_SYSLOG_FACILITY;
+  config.log_syslog = DEFAULT_LOG_SYSLOG;
+  config.ndsctl_sock = safe_strdup(DEFAULT_NDSCTL_SOCK);
+  config.internal_sock = safe_strdup(DEFAULT_INTERNAL_SOCK);
+  config.rulesets = NULL;
+  config.trustedmaclist = NULL;
+  config.blockedmaclist = NULL;
+}
+
+/**
+ * If the command-line didn't provide a config, use the default.
+ */
+void
+config_init_override(void) {
+  if (config.daemon == -1) config.daemon = DEFAULT_DAEMON;
+}
+
+/** @internal
+Attempts to parse an opcode from the config file
+*/
+static OpCodes
+config_parse_opcode(const char *cp, const char *filename, int linenum) {
+  int i;
+
+  for (i = 0; keywords[i].name; i++)
+    if (strcasecmp(cp, keywords[i].name) == 0)
+      return keywords[i].opcode;
+
+  debug(LOG_ERR, "%s: line %d: Bad configuration option: %s", 
+	filename, linenum, cp);
+  return oBadOption;
+}
+
+/**
+Advance to the next word
+@param s string to parse, this is the next_word pointer, the value of s
+	 when the macro is called is the current word, after the macro
+	 completes, s contains the beginning of the NEXT word, so you
+	 need to save s to something else before doing TO_NEXT_WORD
+@param e should be 0 when calling TO_NEXT_WORD(), it'll be changed to 1
+	 if the end of the string is reached.
+*/
+#define TO_NEXT_WORD(s, e) do { \
+	while (*s != '\0' && !isblank(*s)) { \
+		s++; \
+	} \
+	if (*s != '\0') { \
+		*s = '\0'; \
+		s++; \
+		while (isblank(*s)) \
+			s++; \
+	} else { \
+		e = 1; \
+	} \
+} while (0)
+
+/** @internal
+Parses firewall rule set information
+*/
+static void
+parse_firewall_ruleset(char *ruleset, FILE *fd, char *filename, int *linenum) {
+  char line[MAX_BUF], *p1, *p2;
+  int  opcode;
+
+  /* find whitespace delimited word in ruleset string */
+  while(isblank(ruleset[0])) ruleset++;
+  p1 = strchr(ruleset,' ');
+  if(p1) *p1 = '\0';
+  p1 = strchr(ruleset,'\t');
+  if(p1) *p1 = '\0';
+
+  debug(LOG_DEBUG, "Adding Firewall Rule Set %s", ruleset);
+	
+  /* Parsing loop */
+  while (1) {
+
+    /* Read a line */
+    memset(line, 0, MAX_BUF);
+    if (fgets(line, MAX_BUF, fd) == NULL) {
+      debug(LOG_ERR, "Unclosed Firewall Rule Set at line %d in %s", *linenum, filename);
+      debug(LOG_ERR, "Exiting...");
+      exit(-1);
+    }
+    (*linenum)++; /* increment line counter. */
+
+
+    p1 = line;
+    /* get rid of returns, newlines */
+    p2 = strchr(p1,'\n');
+    if(p2) *p2 = '\0';
+    p2 = strchr(p1,'\r');
+    if(p2) *p2 = '\0';
+
+    /* strip any comment */
+    p2 = strchr(p1,'#');
+    if(p2) *p2 = '\0';
+    /* strip leading whitespace from the line */
+    while(isblank(p1[0])) p1++;
+    /* strip trailing whitespace from the line */
+    while(p1[0] != '\0' && isblank(p1[strlen(p1)-1])) p1[strlen(p1)-1] = '\0';
+
+    /* if nothing left, get next line */
+    if(p1[0] == '\0') continue;
+
+    /* if closing brace, we are done */
+    if(p1[0] == '}') break;
+
+    /* next, we coopt the parsing of the regular config */
+    
+    /* keep going until word boundary is found. */
+    p2 = p1;
+    while ((*p2 != '\0') && (!isblank(*p2))) p2++;
+    /* if this is end of line, it's a problem */
+    if(p2[0] == '\0') {
+      debug(LOG_ERR, "Firewall Rule incomplete on line %d in %s", *linenum, filename);
+      debug(LOG_ERR, "Exiting...");
+      exit(-1);
+    }
+    /* terminate first word, point past it */
+    *p2 = '\0';
+    p2++;
+
+    /* skip whitespace to point at arg */
+    while (isblank(*p2)) p2++;
+
+    /* Get opcode */
+    opcode = config_parse_opcode(p1, filename, *linenum);
+
+    debug(LOG_DEBUG, "p1 = [%s]; p2 = [%s]", p1, p2);
+			
+    switch (opcode) {
+    case oFirewallRule:
+      _parse_firewall_rule(ruleset, p2);
+      break;
+
+    case oBadOption:
+    default:
+      debug(LOG_ERR, "Bad option %s parsing Firewall Rule Set on line %d in %s", p1, *linenum, filename);
+      debug(LOG_ERR, "Exiting...");
+      exit(-1);
+      break;
+    }
+
+  }
+
+  debug(LOG_DEBUG, "Firewall Rule Set %s added.", ruleset);
+}
+
+/** @internal
+Helper for parse_firewall_ruleset.  Parses a single rule in a ruleset
+*/
+static int
+_parse_firewall_rule(char *ruleset, char *leftover) {
+  int i;
+  int block_allow = 0; /**< 0 == block, 1 == allow */
+  int all_nums = 1; /**< If 0, port contained non-numerics */
+  int finished = 0; /**< reached end of line */
+  char *token = NULL; /**< First word */
+  char *port = NULL; /**< port to open/block */
+  char *protocol = NULL; /**< protocol to block, tcp/udp/icmp */
+  char *mask = NULL; /**< Netmask */
+  char *other_kw = NULL; /**< other key word */
+  t_firewall_ruleset *tmpr;
+  t_firewall_ruleset *tmpr2;
+  t_firewall_rule *tmp;
+  t_firewall_rule *tmp2;
+
+  debug(LOG_DEBUG, "leftover: %s", leftover);
+
+  /* lower case */
+  for (i = 0; *(leftover + i) != '\0'
+	 && (*(leftover + i) = tolower(*(leftover + i))); i++);
+	
+  token = leftover;
+  TO_NEXT_WORD(leftover, finished);
+	
+  /* Parse token */
+  if (!strcasecmp(token, "block") || finished) {
+    block_allow = 0;
+  } else if (!strcasecmp(token, "allow")) {
+    block_allow = 1;
+  } else {
+    debug(LOG_ERR, "Invalid rule type %s, expecting "
+	  "\"block\" or \"allow\"", token);
+    return -1;
+  }
+
+  /* Parse the remainder */
+  /* Get the protocol */
+  if (strncmp(leftover, "tcp", 3) == 0
+      || strncmp(leftover, "udp", 3) == 0
+      || strncmp(leftover, "icmp", 4) == 0) {
+    protocol = leftover;
+    TO_NEXT_WORD(leftover, finished);
+  }
+
+  /* should be exactly "port" */
+  if (strncmp(leftover, "port", 4) == 0) {
+    TO_NEXT_WORD(leftover, finished);
+    /* Get port now */
+    port = leftover;
+    TO_NEXT_WORD(leftover, finished);
+    for (i = 0; *(port + i) != '\0'; i++)
+      if (!isdigit(*(port + i)))
+	all_nums = 0; /*< No longer only digits */
+    if (!all_nums) {
+      debug(LOG_ERR, "Invalid port %s", port);
+      return -3; /*< Fail */
+    }
+  }
+
+  /* Now, further stuff is optional */
+  if (!finished) {
+    /* should be exactly "to" */
+    other_kw = leftover;
+    TO_NEXT_WORD(leftover, finished);
+    if (strcmp(other_kw, "to") || finished) {
+      debug(LOG_ERR, "Invalid or unexpected keyword %s, "
+	    "expecting \"to\"", other_kw);
+      return -4; /*< Fail */
+    }
+
+    /* Get port now */
+    mask = leftover;
+    TO_NEXT_WORD(leftover, finished);
+    all_nums = 1;
+    for (i = 0; *(mask + i) != '\0'; i++)
+      if (!isdigit(*(mask + i)) && (*(mask + i) != '.')
+	  && (*(mask + i) != '/'))
+	all_nums = 0; /*< No longer only digits */
+    if (!all_nums) {
+      debug(LOG_ERR, "Invalid mask %s", mask);
+      return -3; /*< Fail */
+    }
+  }
+
+  /* Generate rule record */
+  tmp = safe_malloc(sizeof(t_firewall_rule));
+  memset((void *)tmp, 0, sizeof(t_firewall_rule));
+  tmp->block_allow = block_allow;
+  if (protocol != NULL)
+    tmp->protocol = safe_strdup(protocol);
+  if (port != NULL)
+    tmp->port = safe_strdup(port);
+  if (mask == NULL)
+    tmp->mask = safe_strdup("0.0.0.0/0");
+  else
+    tmp->mask = safe_strdup(mask);
+
+  debug(LOG_DEBUG, "Adding Firewall Rule %s %s port %s to %s", token, tmp->protocol, tmp->port, tmp->mask);
+	
+  /* Append the rule record */
+  if (config.rulesets == NULL) {
+    config.rulesets = safe_malloc(sizeof(t_firewall_ruleset));
+    memset(config.rulesets, 0, sizeof(t_firewall_ruleset));
+    config.rulesets->name = safe_strdup(ruleset);
+    tmpr = config.rulesets;
+  } else {
+    tmpr2 = tmpr = config.rulesets;
+    while (tmpr != NULL && (strcmp(tmpr->name, ruleset) != 0)) {
+      tmpr2 = tmpr;
+      tmpr = tmpr->next;
+    }
+    if (tmpr == NULL) {
+      /* Rule did not exist */
+      tmpr = safe_malloc(sizeof(t_firewall_ruleset));
+      memset(tmpr, 0, sizeof(t_firewall_ruleset));
+      tmpr->name = safe_strdup(ruleset);
+      tmpr2->next = tmpr;
+    }
+  }
+
+  /* At this point, tmpr == current ruleset */
+  if (tmpr->rules == NULL) {
+    /* No rules... */
+    tmpr->rules = tmp;
+  } else {
+    tmp2 = tmpr->rules;
+    while (tmp2->next != NULL)
+      tmp2 = tmp2->next;
+    tmp2->next = tmp;
+  }
+	
+  return 1;
+}
+
+t_firewall_rule *
+get_ruleset(char *ruleset) {
+  t_firewall_ruleset	*tmp;
+
+  for (tmp = config.rulesets; tmp != NULL
+	 && strcmp(tmp->name, ruleset) != 0; tmp = tmp->next);
+
+  if (tmp == NULL)
+    return NULL;
+
+  return(tmp->rules);
+}
+
+/**
+@param filename Full path of the configuration file to be read 
+*/
+void
+config_read(char *filename) {
+  FILE *fd;
+  char line[MAX_BUF], *s, *p1, *p2;
+  int linenum = 0, opcode, value;
+
+  debug(LOG_INFO, "Reading configuration file '%s'", filename);
+
+  if (!(fd = fopen(filename, "r"))) {
+    debug(LOG_ERR, "Could not open configuration file '%s', "
+	  "exiting...", filename);
+    exit(1);
+  }
+
+  while (1) {
+    /* Read a line */
+    memset(line, 0, MAX_BUF);
+    if (fgets(line, MAX_BUF, fd) == NULL) {
+      break;
+    }
+    linenum++;
+    s = line;
+
+    /* terminate the line at returns, newlines */
+    p1 = strchr(s,'\n');
+    if(p1) *p1 = '\0';
+    p1 = strchr(s,'\r');
+    if(p1) *p1 = '\0';
+
+    /* strip any comment */
+    p1 = strchr(s,'#');
+    if(p1) *p1 = '\0';
+    /* strip leading whitespace from the line */
+    while(isblank(s[0])) s++;
+    /* strip trailing whitespace from the line */
+    while(s[0] != '\0' && isblank(s[strlen(s)-1])) s[strlen(s)-1] = '\0';
+    /* if nothing left, get next line */
+    if(s[0] == '\0') continue;
+
+    /* now we require the line must have form: <opcode><whitespace><arg> */
+    
+    /* see if there is a whitespace-delimited arg following the opcode */
+    p1 = s;
+    /* find first word end boundary */
+    while ((*p1 != '\0') && (!isblank(*p1))) p1++;
+    /* if this is end of line, it's a problem */
+    if(p1[0] == '\0') {
+      debug(LOG_ERR, "Option %s requires argument on line %d in %s", s, linenum, filename);
+      debug(LOG_ERR, "Exiting...");
+      exit(-1);
+    }
+
+    /* terminate opcode, point past it */
+    *p1 = '\0';
+    p1++;
+
+    /* skip delimiting whitespace, make p1 point at arg */
+    while (isblank(*p1)) p1++;
+
+    debug(LOG_DEBUG, "Parsing opcode: %s, arg: %s", s, p1);
+    opcode = config_parse_opcode(s, filename, linenum);
+
+    switch(opcode) {
+    case oDaemon:
+      if (config.daemon == -1 && ((value = parse_boolean_value(p1)) != -1)) {
+	config.daemon = value;
+      }
+      break;
+    case oMaxClients:
+      if(sscanf(p1, "%d", &config.maxclients) < 1) {
+	debug(LOG_ERR, "Bad arg %s to option %s on line %d in %s", p1, s, linenum, filename);
+	debug(LOG_ERR, "Exiting...");
+	exit(-1);
+      }
+    case oExternalInterface:
+      config.external_interface = safe_strdup(p1);
+      break;
+    case oGatewayName:
+      config.gw_name = safe_strdup(p1);
+      break;
+    case oGatewayInterface:
+      config.gw_interface = safe_strdup(p1);
+      break;
+    case oGatewayAddress:
+      config.gw_address = safe_strdup(p1);
+      break;
+    case oGatewayPort:
+      sscanf(p1, "%d", &config.gw_port);
+      break;
+    case oFirewallRuleSet:
+      parse_firewall_ruleset(p1, fd, filename, &linenum);
+      break;
+    case oTrustedMACList:
+      parse_trusted_mac_list(p1);
+      break;
+    case oBlockedMACList:
+      parse_blocked_mac_list(p1);
+      break;
+    case oWebRoot:
+      config.webroot = safe_strdup(p1);
+      break;
+    case oSplashPage:
+      config.splashpage = safe_strdup(p1);
+      break;
+    case oImagesDir:
+      config.imagesdir = safe_strdup(p1);
+      break;
+    case oRedirectURL:
+      config.redirectURL = safe_strdup(p1);
+      break;
+    case oNdsctlSocket:
+      free(config.ndsctl_sock);
+      config.ndsctl_sock = safe_strdup(p1);
+      break;
+    case oClientIdleTimeout:
+      if(sscanf(p1, "%d", &config.clienttimeout) < 1) {
+	debug(LOG_ERR, "Bad arg %s to option %s on line %d in %s", p1, s, linenum, filename);
+	debug(LOG_ERR, "Exiting...");
+	exit(-1);
+      }
+      break;
+    case oClientForceTimeout:
+      if(sscanf(p1, "%d", &config.clientforceout) < 1) {
+	debug(LOG_ERR, "Bad arg %s to option %s on line %d in %s", p1, s, linenum, filename);
+	debug(LOG_ERR, "Exiting...");
+	exit(-1);
+      }
+      break;
+    case oTrafficControl:
+      if ((value = parse_boolean_value(p1)) != -1) {
+	config.traffic_control = value;
+      } else {
+	debug(LOG_ERR, "Bad arg %s to option %s on line %d in %s", p1, s, linenum, filename);
+	debug(LOG_ERR, "Exiting...");
+	exit(-1);
+      }
+      break;
+    case oDownloadLimit:
+      if(sscanf(p1, "%d", &config.download_limit) < 1) {
+	debug(LOG_ERR, "Bad arg %s to option %s on line %d in %s", p1, s, linenum, filename);
+	debug(LOG_ERR, "Exiting...");
+	exit(-1);
+      }
+      break;
+    case oUploadLimit:
+      if(sscanf(p1, "%d", &config.upload_limit) < 1) {
+	debug(LOG_ERR, "Bad arg %s to option %s on line %d in %s", p1, s, linenum, filename);
+	debug(LOG_ERR, "Exiting...");
+	exit(-1);
+      }
+      break;
+
+      
+    case oSyslogFacility:
+      if(sscanf(p1, "%d", &config.syslog_facility) < 1) {
+	debug(LOG_ERR, "Bad arg %s to option %s on line %d in %s", p1, s, linenum, filename);
+	debug(LOG_ERR, "Exiting...");
+	exit(-1);
+      }
+      break;
+    case oBadOption:
+      debug(LOG_ERR, "Bad option %s on line %d in %s", s, linenum, filename);
+      debug(LOG_ERR, "Exiting...");
+      exit(-1);
+      break;
+    }
+  }
+
+  fclose(fd);
+}
+
+/** @internal
+Parses a boolean value from the config file
+*/
+static int
+parse_boolean_value(char *line) {
+  if (strcasecmp(line, "yes") == 0) {
+    return 1;
+  }
+  if (strcasecmp(line, "no") == 0) {
+    return 0;
+  }
+  if (strcmp(line, "1") == 0) {
+    return 1;
+  }
+  if (strcmp(line, "0") == 0) {
+    return 0;
+  }
+
+  return -1;
+}
+
+void parse_trusted_mac_list(char *ptr) {
+  char *ptrcopy = NULL, *ptrcopyptr;
+  char *possiblemac = NULL;
+  char *mac = NULL;
+  t_MAC *p = NULL;
+
+  debug(LOG_DEBUG, "Parsing string [%s] for trusted MAC addresses", ptr);
+
+  mac = safe_malloc(18);
+
+  /* strsep modifies original, so let's make a copy */
+  ptrcopyptr = ptrcopy = safe_strdup(ptr);
+
+  while (possiblemac = strsep(&ptrcopy, ", \t")) {
+    if (sscanf(possiblemac, "%17[A-Fa-f0-9:]", mac) == 1) {
+      /* Copy mac to the list */
+
+      debug(LOG_DEBUG, "Adding MAC address [%s] to trusted list", mac);
+
+      if (config.trustedmaclist == NULL) {
+	config.trustedmaclist = safe_malloc(sizeof(t_MAC));
+	config.trustedmaclist->mac = safe_strdup(mac);
+	config.trustedmaclist->next = NULL;
+      }
+      else {
+	/* Advance to the last entry */
+	for (p = config.trustedmaclist; p->next != NULL; p = p->next);
+	p->next = safe_malloc(sizeof(t_MAC));
+	p = p->next;
+	p->mac = safe_strdup(mac);
+	p->next = NULL;
+      }
+    }
+  }
+  free(ptrcopyptr);
+  free(mac);
+}
+
+void parse_blocked_mac_list(char *ptr) {
+  char *ptrcopy = NULL, *ptrcopyptr;
+  char *possiblemac = NULL;
+  char *mac = NULL;
+  t_MAC *p = NULL;
+
+  debug(LOG_DEBUG, "Parsing string [%s] for blocked MAC addresses", ptr);
+
+  mac = safe_malloc(18);
+
+  /* strsep modifies original, so let's make a copy */
+  ptrcopyptr = ptrcopy = safe_strdup(ptr);
+  
+  while ((possiblemac = strsep(&ptrcopy, ", \t"))) {
+    if (sscanf(possiblemac, "%17[A-Fa-f0-9:]", mac) == 1) {
+      /* Copy mac to the list */
+
+      debug(LOG_DEBUG, "Adding MAC address [%s] to blocked list", mac);
+
+      if (config.blockedmaclist == NULL) {
+	config.blockedmaclist = safe_malloc(sizeof(t_MAC));
+	config.blockedmaclist->mac = safe_strdup(mac);
+	config.blockedmaclist->next = NULL;
+      }
+      else {
+	/* Advance to the last entry */
+	for (p = config.blockedmaclist; p->next != NULL; p = p->next);
+	p->next = safe_malloc(sizeof(t_MAC));
+	p = p->next;
+	p->mac = safe_strdup(mac);
+	p->next = NULL;
+      }
+    }
+  }
+  free(ptrcopyptr);
+  free(mac);
+}
+
+/** Verifies if the configuration is complete and valid.  Terminates the program if it isn't */
+void
+config_validate(void)
+{
+  config_notnull(config.gw_interface, "GatewayInterface");
+
+  if (missing_parms) {
+    debug(LOG_ERR, "Configuration is not complete, exiting...");
+    exit(-1);
+  }
+}
+
+/** @internal
+    Verifies that a required parameter is not a null pointer
+*/
+static void
+config_notnull(void *parm, char *parmname)
+{
+	if (parm == NULL) {
+		debug(LOG_ERR, "%s is not set", parmname);
+		missing_parms = 1;
+	}
+}
+

src/conf.h

@@ -0,0 +1,170 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: conf.h 1162 2007-01-06 23:51:02Z benoitg $ */
+/** @file conf.h
+    @brief Config file parsing
+    @author Copyright (C) 2004 Philippe April <papril777@yahoo.com>
+*/
+
+#ifndef _CONFIG_H_
+#define _CONFIG_H_
+
+/*@{*/ 
+/** Defines */
+/** How long till we give up detecting the interface with the default route */
+#define NUM_EXT_INTERFACE_DETECT_RETRY 120
+/** How often should we try to detect the interface with the default route
+ *  if it isn't up yet */
+#define EXT_INTERFACE_DETECT_RETRY_INTERVAL 1
+
+/** Defaults configuration values */
+#ifndef SYSCONFDIR
+	#define DEFAULT_CONFIGFILE "/etc/nodogsplash/nodogsplash.conf"
+#else
+	#define DEFAULT_CONFIGFILE SYSCONFDIR"/nodogsplash/nodogsplash.conf"
+#endif	
+#define DEFAULT_DAEMON 1
+#define DEFAULT_DEBUGLEVEL LOG_INFO
+#define DEFAULT_MAXCLIENTS 20
+#define DEFAULT_GATEWAYNAME "NoDogSplash"
+#define DEFAULT_GATEWAYPORT 2050
+#define DEFAULT_CHECKINTERVAL 60
+#define DEFAULT_CLIENTTIMEOUT 10
+#define DEFAULT_CLIENTFORCEOUT 360
+#define DEFAULT_WEBROOT "/etc/nodogsplash/htdocs"
+#define DEFAULT_SPLASHPAGE "splash.html"
+#define DEFAULT_IMAGESDIR "images"
+#define DEFAULT_AUTHDIR "nodogsplash_auth"
+#define DEFAULT_DENYDIR "nodogsplash_deny"
+#define DEFAULT_TRAFFIC_CONTROL 0
+#define DEFAULT_UPLOAD_LIMIT 0
+#define DEFAULT_DOWNLOAD_LIMIT 0
+#define DEFAULT_LOG_SYSLOG 0
+#define DEFAULT_SYSLOG_FACILITY LOG_DAEMON
+#define DEFAULT_NDSCTL_SOCK "/tmp/ndsctl.sock"
+#define DEFAULT_INTERNAL_SOCK "/tmp/ndsctl.sock"
+/*@}*/ 
+
+/**
+ * Firewall rules
+ */
+typedef struct _firewall_rule_t {
+    int block_allow;		/**< @brief 1 = Allow rule, 0 = Block rule */
+    char *protocol;		/**< @brief tcp, udp, etc ... */
+    char *port;			/**< @brief Port to block/allow */
+    char *mask;			/**< @brief Mask for the rule *destination* */
+    struct _firewall_rule_t *next;
+} t_firewall_rule;
+
+/**
+ * Firewall rulesets
+ */
+typedef struct _firewall_ruleset_t {
+    char			*name;
+    t_firewall_rule		*rules;
+    struct _firewall_ruleset_t	*next;
+} t_firewall_ruleset;
+
+/**
+ * MAC Addresses
+ */
+typedef struct _MAC_t {
+    char   *mac;
+    struct _MAC_t *next;
+} t_MAC;
+
+
+/**
+ * Configuration structure
+ */
+typedef struct {
+  char configfile[255];	/**< @brief name of the config file */
+  char *ndsctl_sock;		/**< @brief ndsctl path to socket */
+  char *internal_sock;		/**< @brief internal path to socket */
+  int daemon;			/**< @brief if daemon > 0, use daemon mode */
+  int debuglevel;		/**< @brief Debug information verbosity */
+  int maxclients;		/**< @brief Maximum number of clients allowed */
+  char *external_interface;	/**< @brief External network interface name for firewall rules */
+  char *gw_name;		/**< @brief Name of the gateway; e.g. its SSID */
+  char *gw_interface;		/**< @brief Interface we will accept connections on */
+  char *gw_address;		/**< @brief Internal IP address for our web server */
+  int gw_port;			/**< @brief Port the webserver will run on */
+  char *webroot;		/**< @brief Directory containing splash pages, etc. */
+  char *splashpage;		/**< @brief Name of main splash page */
+  char *imagesdir;		/**< @brief Subdir of webroot containing .png .gif files etc */
+  char *redirectURL;		/**< @brief URL to direct client to after authentication */
+  char *authdir;		/**< @brief Notional relative dir for authentication URL */
+  char *denydir;		/**< @brief Notional relative dir for denial URL */
+  int clienttimeout;		/**< @brief How many CheckIntervals before an inactive client
+				   must be re-authenticated */
+  int clientforceout;		/**< @brief How many CheckIntervals before a client
+				   must be re-authenticated */
+  int checkinterval;		/**< @brief Period the the client timeout check
+				   thread will run, in seconds */
+  int traffic_control;		/**< @brief boolean, whether to do tc */
+  int download_limit;		/**< @brief Download limit, kb/s */
+  int upload_limit;		/**< @brief Upload limit, kb/s */
+  int log_syslog;		/**< @brief boolean, whether to log to syslog */
+  int syslog_facility;		/**< @brief facility to use when using syslog for
+			   	logging */
+  t_firewall_ruleset *rulesets;	/**< @brief firewall rules */
+  t_MAC *trustedmaclist; 	/**< @brief list of trusted macs */
+  t_MAC *blockedmaclist; 	/**< @brief list of blocked macs */
+} s_config;
+
+/** @brief Get the current gateway configuration */
+s_config *config_get_config(void);
+
+/** @brief Initialise the conf system */
+void config_init(void);
+
+/** @brief Initialize the variables we override with the command line*/
+void config_init_override(void);
+
+/** @brief Reads the configuration file */
+void config_read(char *filename);
+
+/** @brief Check that the configuration is valid */
+void config_validate(void);
+
+/** @brief Fetch a firewall rule set. */
+t_firewall_rule *get_ruleset(char *);
+
+static void config_notnull(void *parm, char *parmname);
+static int parse_boolean_value(char *);
+static int _parse_firewall_rule(char *ruleset, char *leftover);
+static void parse_firewall_ruleset(char *, FILE *, char *, int *);
+void parse_trusted_mac_list(char *);
+void parse_blocked_mac_list(char *);
+
+#define LOCK_CONFIG() do { \
+	debug(LOG_DEBUG, "Locking config"); \
+	pthread_mutex_lock(&config_mutex); \
+	debug(LOG_DEBUG, "Config locked"); \
+} while (0)
+
+#define UNLOCK_CONFIG() do { \
+	debug(LOG_DEBUG, "Unlocking config"); \
+	pthread_mutex_unlock(&config_mutex); \
+	debug(LOG_DEBUG, "Config unlocked"); \
+} while (0)
+
+#endif /* _CONFIG_H_ */

src/debug.c

@@ -0,0 +1,69 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: debug.c 901 2006-01-17 18:58:13Z mina $ */
+/** @file debug.c
+    @brief Debug output routines
+    @author Copyright (C) 2004 Philippe April <papril777@yahoo.com>
+*/
+
+#include <stdio.h>
+#include <errno.h>
+#include <syslog.h>
+#include <stdarg.h>
+#include <time.h>
+
+#include "conf.h"
+
+/** @internal
+Do not use directly, use the debug macro */
+void
+_debug(char *filename, int line, int level, char *format, ...) {
+  char buf[28];
+  va_list vlist;
+  s_config *config = config_get_config();
+  time_t ts;
+
+  time(&ts);
+
+  if (config->debuglevel >= level) {
+    va_start(vlist, format);
+
+    if (level <= LOG_WARNING) {
+      fprintf(stderr, "[%d][%.24s][%u](%s:%d) ", level, ctime_r(&ts, buf), getpid(),
+	      filename, line);
+      vfprintf(stderr, format, vlist);
+      fputc('\n', stderr);
+    } else if (!config->daemon) {
+      fprintf(stdout, "[%d][%.24s][%u](%s:%d) ", level, ctime_r(&ts, buf), getpid(),
+	      filename, line);
+      vfprintf(stdout, format, vlist);
+      fputc('\n', stdout);
+      fflush(stdout);
+    }
+
+    if (config->log_syslog) {
+      openlog("nodogsplash", LOG_PID, config->syslog_facility);
+      vsyslog(level, format, vlist);
+      closelog();
+    }
+  }
+}
+

src/debug.h

@@ -0,0 +1,38 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: debug.h 901 2006-01-17 18:58:13Z mina $ */
+/** @file debug.h
+    @brief Debug output routines
+    @author Copyright (C) 2004 Philippe April <papril777@yahoo.com>
+*/
+
+#ifndef _DEBUG_H_
+#define _DEBUG_H_
+
+/** @brief Used to output messages.
+ *The messages will include the finlname and line number, and will be sent to syslog if so configured in the config file 
+ */
+#define debug(level, format...) _debug(__FILE__, __LINE__, level, format)
+
+/** @internal */
+void _debug(char *filename, int line, int level, char *format, ...);
+
+#endif /* _DEBUG_H_ */

src/firewall.c

@@ -0,0 +1,327 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+ \********************************************************************/
+
+/*
+ * $Id: firewall.c 1162 2007-01-06 23:51:02Z benoitg $
+ */
+/** @internal
+  @file firewall.c
+  @brief Firewall update functions
+  @author Copyright (C) 2004 Philippe April <papril777@yahoo.com>
+  2006 Benoit Grégoire, Technologies Coeus inc. <bock@step.polymtl.ca>
+ */
+
+#define _GNU_SOURCE
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <syslog.h>
+#include <errno.h>
+#include <pthread.h>
+#include <sys/wait.h>
+#include <sys/types.h>
+#include <sys/unistd.h>
+
+#include <string.h>
+
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <unistd.h>
+#include <sys/uio.h>
+#include <fcntl.h>
+#include <netdb.h>
+#include <sys/time.h>
+
+#ifdef __linux__
+#include <net/ethernet.h>
+#include <netinet/ip.h>
+#include <netinet/ip_icmp.h>
+#include <netpacket/packet.h>
+#endif
+
+#include "httpd.h"
+#include "safe.h"
+#include "debug.h"
+#include "conf.h"
+#include "firewall.h"
+#include "fw_iptables.h"
+#include "auth.h"
+#include "client_list.h"
+
+extern pthread_mutex_t client_list_mutex;
+
+/* from commandline.c */
+extern pid_t restart_orig_pid;
+
+int icmp_fd = 0;
+
+/**
+ * Get an IP's MAC address from the ARP cache.
+ * Go through all the entries in /proc/net/arp until we find the requested
+ * IP address and return the MAC address bound to it.
+ * @todo Make this function portable (using shell scripts?)
+ */
+char           *
+arp_get(char *req_ip) {
+  FILE           *proc;
+  char ip[16];
+  char mac[18];
+  char * reply = NULL;
+
+  if (!(proc = fopen("/proc/net/arp", "r"))) {
+    return NULL;
+  }
+
+  /* Skip first line */
+  while (!feof(proc) && fgetc(proc) != '\n');
+
+  /* Find ip, copy mac in reply */
+  reply = NULL;
+  while (!feof(proc) && (fscanf(proc, " %15[0-9.] %*s %*s %17[A-F0-9:] %*s %*s", ip, mac) == 2)) {
+    if (strcmp(ip, req_ip) == 0) {
+      reply = safe_strdup(mac);
+      break;
+    }
+  }
+
+  fclose(proc);
+
+  return reply;
+}
+
+/** Initialize the firewall rules
+ */
+int
+fw_init(void) {
+  int flags, oneopt = 1, zeroopt = 0;
+  int result = 0;
+  t_client * client = NULL;
+
+  debug(LOG_INFO, "Creating ICMP socket");
+  if ((icmp_fd = socket (AF_INET, SOCK_RAW, IPPROTO_ICMP)) == -1 ||
+      (flags = fcntl(icmp_fd, F_GETFL, 0)) == -1 ||
+      fcntl(icmp_fd, F_SETFL, flags | O_NONBLOCK) == -1 ||
+      setsockopt(icmp_fd, SOL_SOCKET, SO_RCVBUF, &oneopt, sizeof(oneopt)) ||
+      setsockopt(icmp_fd, SOL_SOCKET, SO_DONTROUTE, &zeroopt, sizeof(zeroopt)) == -1) {
+    debug(LOG_ERR, "Cannot create ICMP raw socket.");
+    return;
+  }
+
+  debug(LOG_INFO, "Initializing Firewall");
+  result = iptables_fw_init();
+
+  if (restart_orig_pid) {
+    /** TODO: when restarting, may have a different conf file to read.
+     *  If so, should check if any authenticated clients have been blocked; etc.
+     */
+    debug(LOG_INFO, "Restoring firewall rules for clients inherited from parent");
+    LOCK_CLIENT_LIST();
+    client = client_get_first_client();
+    while (client) {
+      if(client->fw_connection_state == FW_MARK_AUTHENTICATED) {
+	iptables_fw_access(AUTH_MAKE_AUTHENTICATED, client->ip, client->mac);
+      }
+      client = client->next;
+    }
+    UNLOCK_CLIENT_LIST();
+  }
+
+  return result;
+}
+
+
+/** Remove the firewall rules
+ * This is used when we do a clean shutdown of nodogsplash.
+ * @return Return code of the fw.destroy script
+ */
+int
+fw_destroy(void) {
+  if (icmp_fd != 0) {
+    debug(LOG_INFO, "Closing ICMP socket");
+    close(icmp_fd);
+  }
+
+  debug(LOG_INFO, "Removing Firewall rules");
+  return iptables_fw_destroy();
+}
+
+/** Ping clients to see if they are still active,
+ *  refresh their traffic counters,
+ *  remove and deny them if timed out
+ */
+void
+fw_refresh_client_list(void) {
+  char            *ip, *mac;
+  t_client        *p1, *p2;
+  time_t now, added_time, last_updated;
+  unsigned long long	    incoming, outgoing;
+  s_config *config = config_get_config();
+
+  /* Update all the counters */
+  if (-1 == iptables_fw_counters_update()) {
+    debug(LOG_ERR, "Could not get counters from firewall!");
+    return;
+  }
+
+  LOCK_CLIENT_LIST();
+
+  for (p1 = p2 = client_get_first_client(); NULL != p1; p1 = p2) {
+    p2 = p1->next;
+
+    ip = safe_strdup(p1->ip);
+    mac = safe_strdup(p1->mac);
+    outgoing = p1->counters.outgoing;
+    incoming = p1->counters.incoming;
+
+    UNLOCK_CLIENT_LIST();
+    
+    /* If the client is authenticated, ping him.
+     * If he responds it'll keep activity on the link.
+     * However, if the firewall blocks it, it will not help.  The suggested
+     * way to deal with this is to keep the DHCP lease time extremely 
+     * short:  Shorter than config->checkinterval * config->clienttimeout */
+    if(FW_MARK_AUTHENTICATED == p1->fw_connection_state) {
+      icmp_ping(ip);
+    }
+
+    LOCK_CLIENT_LIST();
+	
+    if (!(p1 = client_list_find(ip, mac))) {
+      debug(LOG_ERR, "Node %s was freed while being re-validated!", ip);
+    } else {
+      now = time(NULL);
+      last_updated = p1->counters.last_updated;
+      added_time = p1->added_time;
+      if (last_updated +  (config->checkinterval * config->clienttimeout) <= now) {
+	/* Timing out inactive user */
+	debug(LOG_INFO, "%s - Inactive for %ld seconds, deauthenticating client",
+	      p1->ip, config->checkinterval * config->clienttimeout);
+
+	iptables_fw_access(AUTH_MAKE_DEAUTHENTICATED, p1->ip, p1->mac);
+	client_list_delete(p1);
+      } else if (added_time +  (config->checkinterval * config->clientforceout) <= now) {
+	/* Forcing out user */
+	debug(LOG_INFO, "%s - Connected for %ld seconds, deauthenticating client",
+	      p1->ip, config->checkinterval * config->clientforceout);
+	iptables_fw_access(AUTH_MAKE_DEAUTHENTICATED, p1->ip, p1->mac);
+	client_list_delete(p1);
+      }
+    }
+
+    free(ip);
+    free(mac);
+  }
+  UNLOCK_CLIENT_LIST();
+}
+
+/** Return a string representing a connection state */
+char *
+fw_connection_state_as_string(t_fw_marks mark) {
+
+  switch(mark) {
+  case FW_MARK_UNKNOWN:
+    return "Unknown";
+  case FW_MARK_AUTHENTICATED:
+    return "Authenticated";
+  case   FW_MARK_TRUSTED:
+    return "Trusted";
+  case FW_MARK_BLOCKED:
+    return "Blocked";
+  default:
+    return "ERROR: unrecognized mark";
+  }
+
+  return ""; /* unreached */
+}
+
+
+void 
+icmp_ping(char *host) {
+  struct sockaddr_in saddr;
+#ifdef __linux__
+  struct { 
+    struct ip ip;
+    struct icmp icmp;
+  } packet;
+#endif
+  unsigned int i, j;
+  int opt = 2000;
+  unsigned short id = rand16();
+
+  saddr.sin_family = AF_INET;
+  saddr.sin_port = 0;
+  inet_aton(host, &saddr.sin_addr);
+#ifdef HAVE_SOCKADDR_SA_LEN
+  saddr.sin_len = sizeof(struct sockaddr_in);
+#endif
+
+  memset(&(saddr.sin_zero), '\0', sizeof(saddr.sin_zero));
+
+#ifdef __linux__
+  memset(&packet.icmp, 0, sizeof(packet.icmp));
+  packet.icmp.icmp_type = ICMP_ECHO;
+  packet.icmp.icmp_id = id;
+  for (j = 0, i = 0; i < sizeof(struct icmp) / 2; i++)
+    j += ((unsigned short *)&packet.icmp)[i];
+  while (j>>16)
+    j = (j & 0xffff) + (j >> 16);  
+  packet.icmp.icmp_cksum = (j == 0xffff) ? j : ~j;
+
+  if (setsockopt(icmp_fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt)) == -1) {
+      debug(LOG_ERR, "setsockopt(): %s", strerror(errno));
+  }
+  if (sendto(icmp_fd, (char *)&packet.icmp, sizeof(struct icmp), 0, (struct sockaddr *)&saddr, sizeof(saddr)) == -1) {
+      debug(LOG_ERR, "sendto(): %s", strerror(errno));
+  }
+  opt = 1;
+  if (setsockopt(icmp_fd, SOL_SOCKET, SO_RCVBUF, &opt, sizeof(opt)) == -1) {
+      debug(LOG_ERR, "setsockopt(): %s", strerror(errno));
+  }
+#endif
+
+  return;
+}
+
+unsigned short rand16(void) {
+  static int been_seeded = 0;
+
+  if (!been_seeded) {
+    int fd, n = 0;
+    unsigned int c = 0, seed = 0;
+    char sbuf[sizeof(seed)];
+    char *s;
+    struct timeval now;
+
+    /* not a very good seed but what the heck, it needs to be quickly acquired */
+    gettimeofday(&now, NULL);
+    seed = now.tv_sec ^ now.tv_usec ^ (getpid() << 16);
+
+    srand(seed);
+    been_seeded = 1;
+  }
+
+  /* Some rand() implementations have less randomness in low bits
+   * than in high bits, so we only pay attention to the high ones.
+   * But most implementations don't touch the high bit, so we 
+   * ignore that one.
+   **/
+  return( (unsigned short) (rand() >> 15) );
+}

src/firewall.h

@@ -0,0 +1,59 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: firewall.h 935 2006-02-01 03:22:04Z benoitg $ */
+/** @file firewall.h
+    @brief Firewall update functions
+    @author Copyright (C) 2004 Philippe April <papril777@yahoo.com>
+*/
+
+#ifndef _FIREWALL_H_
+#define _FIREWALL_H_
+
+/** Used by fw_iptables.c to mark packets. Unmarked packets are considered 'unknown' */
+typedef enum _t_fw_marks {
+  FW_MARK_UNKNOWN = 0,  /**< @brief Actually not used as a packet mark */ 
+  FW_MARK_AUTHENTICATED = 0xd,  /**< @brief The client is authenticated */ 
+  FW_MARK_BLOCKED = 0xe, /**< @brief The client is blocked */
+  FW_MARK_TRUSTED = 0xf  /**< @brief The client is trusted */
+} t_fw_marks;
+
+/** @brief Initialize the firewall */
+int fw_init(void);
+
+/** @brief Destroy the firewall */
+int fw_destroy(void);
+
+/** @brief Refreshes the entire client list */
+void fw_refresh_client_list(void);
+
+/** @brief Get an IP's MAC address from the ARP cache.*/
+char *arp_get(char *req_ip);
+
+/** @brief Return a string representing a connection state */
+char *fw_connection_state_as_string(t_fw_marks mark);
+
+/** @brief ICMP Ping an IP */
+void icmp_ping(char *host);
+
+/** @brief cheap random */
+unsigned short rand16(void);
+
+#endif /* _FIREWALL_H_ */

src/fw_iptables.c

@@ -0,0 +1,538 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+ \********************************************************************/
+
+/* $Id: fw_iptables.c 1162 2007-01-06 23:51:02Z benoitg $ */
+/** @internal
+  @file fw_iptables.c
+  @brief Firewall iptables functions
+  @author Copyright (C) 2004 Philippe April <papril777@yahoo.com>
+ */
+
+#define _GNU_SOURCE
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include <syslog.h>
+#include <errno.h>
+#include <string.h>
+#include <pthread.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+#include "common.h"
+
+#include "safe.h"
+#include "conf.h"
+#include "auth.h"
+#include "fw_iptables.h"
+#include "firewall.h"
+#include "debug.h"
+#include "util.h"
+#include "client_list.h"
+
+static int iptables_do_command(char *format, ...);
+static char *iptables_compile(char *, char *, t_firewall_rule *);
+static void iptables_load_ruleset(char *, char *, char *);
+
+extern pthread_mutex_t	client_list_mutex;
+extern pthread_mutex_t	config_mutex;
+
+/**
+Used to supress the error output of the firewall during destruction */ 
+static int fw_quiet = 0;
+
+/** @internal */
+static int
+iptables_do_command(char *format, ...) {
+  va_list vlist;
+  char *fmt_cmd,
+    *cmd;
+  int rc;
+
+  va_start(vlist, format);
+  safe_vasprintf(&fmt_cmd, format, vlist);
+  va_end(vlist);
+
+  safe_asprintf(&cmd, "iptables %s", fmt_cmd);
+
+  free(fmt_cmd);
+
+  debug(LOG_DEBUG, "Executing command: %s", cmd);
+	
+  rc = execute(cmd, fw_quiet);
+
+  free(cmd);
+
+  return rc;
+}
+
+/**
+ * @internal
+ * Compiles a struct definition of a firewall rule into a valid iptables
+ * command.
+ * @arg table Table containing the chain.
+ * @arg chain Chain that the command will be (-A)ppended to.
+ * @arg rule Definition of a rule into a struct, from conf.c.
+ */
+static char *
+iptables_compile(char * table, char *chain, t_firewall_rule *rule)
+{
+    char	command[MAX_BUF],
+    		*mode;
+    
+    memset(command, 0, MAX_BUF);
+    
+    if (rule->block_allow == 1) {
+        mode = safe_strdup("ACCEPT");
+    } else {
+        mode = safe_strdup("REJECT");
+    }
+    
+    snprintf(command, sizeof(command),  "-t %s -A %s ",table, chain);
+    if (rule->mask != NULL) {
+        snprintf((command + strlen(command)), (sizeof(command) - 
+                strlen(command)), "-d %s ", rule->mask);
+    }
+    if (rule->protocol != NULL) {
+        snprintf((command + strlen(command)), (sizeof(command) -
+                strlen(command)), "-p %s ", rule->protocol);
+    }
+    if (rule->port != NULL) {
+        snprintf((command + strlen(command)), (sizeof(command) -
+                strlen(command)), "--dport %s ", rule->port);
+    }
+    snprintf((command + strlen(command)), (sizeof(command) - 
+            strlen(command)), "-j %s", mode);
+    
+    free(mode);
+
+    /* XXX The buffer command, an automatic variable, will get cleaned
+     * off of the stack when we return, so we strdup() it. */
+    return(safe_strdup(command));
+}
+
+/**
+ * @internal
+ * Load all the rules in a rule set.
+ * @arg ruleset Name of the ruleset
+ * @arg table Table containing the chain.
+ * @arg chain IPTables chain the rules go into
+ */
+static void
+iptables_load_ruleset(char * table, char *ruleset, char *chain) {
+  t_firewall_rule   *rule;
+  char		    *cmd;
+
+  debug(LOG_DEBUG, "Load ruleset %s into table %s, chain %s", ruleset, table, chain);
+	
+  for (rule = get_ruleset(ruleset); rule != NULL; rule = rule->next) {
+    cmd = iptables_compile(table, chain, rule);
+    debug(LOG_DEBUG, "Loading rule \"%s\" into table %s, chain %s", cmd, table, chain);
+    iptables_do_command(cmd);
+    free(cmd);
+  }
+
+  debug(LOG_DEBUG, "Ruleset %s loaded into table %s, chain %s", ruleset, table, chain);
+}
+
+/** Initialize the firewall rules
+ */
+int
+iptables_fw_init(void) {
+  s_config *config;
+  char * gw_interface = NULL;
+  char * gw_address = NULL;
+  char * ext_interface = NULL;
+  int gw_port = 0;
+  t_MAC *pt;
+  t_MAC *pb;
+   
+  fw_quiet = 0;
+
+  LOCK_CONFIG();
+  config = config_get_config();
+  gw_interface = safe_strdup(config->gw_interface);
+  gw_address = safe_strdup(config->gw_address);
+  gw_port = config->gw_port;
+  if (config->external_interface) {
+    ext_interface = safe_strdup(config->external_interface);
+  } else {
+    ext_interface = get_ext_iface();
+  }
+  UNLOCK_CONFIG();
+    
+  /*
+   *
+   * Everything in the mangle table
+   *
+   */
+
+  /* Create new chains in the mangle table */
+  iptables_do_command("-t mangle -N " CHAIN_TRUSTED);
+  iptables_do_command("-t mangle -N " CHAIN_BLOCKED);
+  iptables_do_command("-t mangle -N " CHAIN_INCOMING);
+  iptables_do_command("-t mangle -N " CHAIN_OUTGOING);
+
+  /* Assign links and rules to these new chains */
+  iptables_do_command("-t mangle -I PREROUTING 1 -i %s -j " CHAIN_OUTGOING, gw_interface);
+  iptables_do_command("-t mangle -I PREROUTING 2 -i %s -j " CHAIN_TRUSTED, gw_interface);
+  iptables_do_command("-t mangle -I PREROUTING 3 -i %s -j " CHAIN_BLOCKED, gw_interface);
+  iptables_do_command("-t mangle -I POSTROUTING 1 -o %s -j " CHAIN_INCOMING, gw_interface);
+
+  /* Rules to mark trusted MAC address packets */
+  for (pt = config->trustedmaclist; pt != NULL; pt = pt->next)
+    iptables_do_command("-t mangle -A " CHAIN_TRUSTED " -m mac --mac-source %s -j MARK --set-mark 0x%x", pt->mac, FW_MARK_TRUSTED);
+
+  /* Rules to mark blocked MAC address packets */
+  for (pb = config->blockedmaclist; pb != NULL; pb = pb->next)
+    iptables_do_command("-t mangle -A " CHAIN_BLOCKED " -m mac --mac-source %s -j MARK --set-mark 0x%x", pb->mac, FW_MARK_BLOCKED);
+
+
+  /*
+   *
+   * Everything in the nat table
+   *
+   */
+
+  /* Create new chains in nat table */
+  iptables_do_command("-t nat -N " CHAIN_OUTGOING);
+  /*
+   * nat PREROUTING
+   */
+  /* packets coming in on gw_interface jump to CHAIN_OUTGOING */
+  iptables_do_command("-t nat -A PREROUTING -i %s -j " CHAIN_OUTGOING, gw_interface);
+  /* CHAIN_OUTGOING, packets marked TRUSTED  ACCEPT */
+  iptables_do_command("-t nat -A " CHAIN_OUTGOING " -m mark --mark 0x%x -j ACCEPT", FW_MARK_TRUSTED);
+  /* CHAIN_OUTGOING, packets marked AUTHENTICATED  ACCEPT */
+  iptables_do_command("-t nat -A " CHAIN_OUTGOING " -m mark --mark 0x%x -j ACCEPT", FW_MARK_AUTHENTICATED);
+  /* CHAIN_OUTGOING, packets for tcp port 80, redirect to gw_port on primary address for the iface */
+  iptables_do_command("-t nat -A " CHAIN_OUTGOING " -p tcp --dport 80 -j REDIRECT --to-ports %d", gw_port);
+  /* CHAIN_OUTGOING, other packets  ACCEPT */
+  iptables_do_command("-t nat -A " CHAIN_OUTGOING " -j ACCEPT");
+
+
+  /*
+   *
+   * Everything in the filter table
+   *
+   */
+
+  /* Create new chains in the filter table */
+  iptables_do_command("-t filter -N " CHAIN_TO_INTERNET);
+  iptables_do_command("-t filter -N " CHAIN_TO_ROUTER);
+  iptables_do_command("-t filter -N " CHAIN_AUTHENTICATED);
+
+  /*
+   * filter INPUT
+   */
+  /* packets coming in on gw_interface jump to CHAIN_TO_ROUTER */
+  iptables_do_command("-t filter -I INPUT -i %s -j " CHAIN_TO_ROUTER, gw_interface);
+  /* CHAIN_TO_ROUTER packets marked BLOCKED  DROP */
+  iptables_do_command("-t filter -A " CHAIN_TO_ROUTER " -m mark --mark 0x%x -j DROP", FW_MARK_BLOCKED);
+  /* CHAIN_TO_ROUTER, invalid packets  DROP */
+  iptables_do_command("-t filter -A " CHAIN_TO_ROUTER " -m state --state INVALID -j DROP");
+  /* CHAIN_TO_ROUTER, related and established packets  ACCEPT */
+  iptables_do_command("-t filter -A " CHAIN_TO_ROUTER " -m state --state RELATED,ESTABLISHED -j ACCEPT");
+  /* CHAIN_TO_ROUTER, bogus SYN packets  DROP */
+  iptables_do_command("-t filter -A " CHAIN_TO_ROUTER " -p tcp --tcp-flags SYN SYN --tcp-option \\! 2 -j  DROP");
+  /* CHAIN_TO_ROUTER, packets marked TRUSTED  ACCEPT */
+  iptables_do_command("-t filter -A " CHAIN_TO_ROUTER " -m mark --mark 0x%x -j ACCEPT", FW_MARK_TRUSTED);
+  /* CHAIN_TO_ROUTER, packets to HTTP listening on gw_port on router ACCEPT */
+  iptables_do_command("-t filter -A " CHAIN_TO_ROUTER " -p tcp --dport %d -j ACCEPT", gw_port);
+  /* CHAIN_TO_ROUTER, udp packets to DHCP (port 67) on router ACCEPT */
+  iptables_do_command("-t filter -A " CHAIN_TO_ROUTER " -p udp --dport 67 -j ACCEPT");
+  /* CHAIN_TO_ROUTER, tcp or udp packets to DNS (port 53) on router ACCEPT */
+  iptables_do_command("-t filter -A " CHAIN_TO_ROUTER " -p tcp --dport 53 -j ACCEPT");
+  iptables_do_command("-t filter -A " CHAIN_TO_ROUTER " -p udp --dport 53 -j ACCEPT");
+  /* CHAIN_TO_ROUTER, REJECT everything else */
+  iptables_do_command("-t filter -A " CHAIN_TO_ROUTER " -j REJECT --reject-with icmp-port-unreachable");
+
+
+  /*
+   * filter FORWARD
+   */
+  /* packets coming in on gw_interface jump to CHAIN_TO_INTERNET */
+  iptables_do_command("-t filter -I FORWARD -i %s -j " CHAIN_TO_INTERNET, gw_interface);
+  /* CHAIN_TO_INTERNET packets marked BLOCKED  DROP */
+  iptables_do_command("-t filter -A " CHAIN_TO_INTERNET " -m mark --mark 0x%x -j DROP", FW_MARK_BLOCKED);
+  /* CHAIN_TO_INTERNET, invalid packets  DROP */
+  iptables_do_command("-t filter -A " CHAIN_TO_INTERNET " -m state --state INVALID -j DROP");
+  /* CHAIN_TO_INTERNET, allow MSS as large as possible */
+  /* XXX this mangles, so 'should' be done in the mangle POSTROUTING chain.
+   * However OpenWRT standard S35firewall does it in filter FORWARD, and since
+   * we are pre-empting that chain here, we put it in */
+  iptables_do_command("-t filter -A " CHAIN_TO_INTERNET " -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu");
+  /* CHAIN_TO_INTERNET, related and established packets  ACCEPT */
+  iptables_do_command("-t filter -A " CHAIN_TO_INTERNET " -m state --state RELATED,ESTABLISHED -j ACCEPT");
+
+  /* CHAIN_TO_INTERNET, packets marked TRUSTED  ACCEPT */
+  iptables_do_command("-t filter -A " CHAIN_TO_INTERNET " -m mark --mark 0x%x -j ACCEPT", FW_MARK_TRUSTED);
+  /* CHAIN_TO_INTERNET, all packets tcp/udp to DNS (port 53) ACCEPT */
+  iptables_do_command("-t filter -A " CHAIN_TO_INTERNET " -p tcp --dport 53 -j ACCEPT");
+  iptables_do_command("-t filter -A " CHAIN_TO_INTERNET " -p udp --dport 53 -j ACCEPT");
+  /* CHAIN_TO_INTERNET, packets marked AUTHENTICATED jump to CHAIN_AUTHENTICATED */
+  iptables_do_command("-t filter -A " CHAIN_TO_INTERNET " -m mark --mark 0x%x -j " CHAIN_AUTHENTICATED, FW_MARK_AUTHENTICATED);
+  /* CHAIN_AUTHENTICATED, load the "authenticated-users" ruleset */
+  iptables_load_ruleset("filter", "authenticated-users", CHAIN_AUTHENTICATED);
+  /* CHAIN_AUTHENTICATED, any packets not matching that ruleset  REJECT */
+  iptables_do_command("-t filter -A " CHAIN_AUTHENTICATED " -j REJECT --reject-with icmp-port-unreachable");
+  /* CHAIN_TO_INTERNET, all other packets REJECT */
+  iptables_do_command("-t filter -A " CHAIN_TO_INTERNET " -j REJECT --reject-with icmp-port-unreachable");
+
+  free(gw_interface);
+  free(gw_address);
+
+  return 1;
+}
+
+/** Remove the firewall rules
+ * This is used when we do a clean shutdown of nodogsplash and when it starts to make
+ * sure there are no rules left over
+ */
+int
+iptables_fw_destroy(void) {
+  fw_quiet = 1;
+
+  debug(LOG_DEBUG, "Destroying our iptables entries");
+
+  /*
+   *
+   * Everything in the manglends table
+   *
+   */
+  debug(LOG_DEBUG, "Destroying chains in the MANGLE table");
+  iptables_fw_destroy_mention("mangle", "PREROUTING", CHAIN_TRUSTED);
+  iptables_fw_destroy_mention("mangle", "PREROUTING", CHAIN_BLOCKED);
+  iptables_fw_destroy_mention("mangle", "PREROUTING", CHAIN_OUTGOING);
+  iptables_fw_destroy_mention("mangle", "POSTROUTING", CHAIN_INCOMING);
+  iptables_do_command("-t mangle -F " CHAIN_TRUSTED);
+  iptables_do_command("-t mangle -F " CHAIN_BLOCKED);
+  iptables_do_command("-t mangle -F " CHAIN_OUTGOING);
+  iptables_do_command("-t mangle -F " CHAIN_INCOMING);
+  iptables_do_command("-t mangle -X " CHAIN_TRUSTED);
+  iptables_do_command("-t mangle -X " CHAIN_BLOCKED);
+  iptables_do_command("-t mangle -X " CHAIN_OUTGOING);
+  iptables_do_command("-t mangle -X " CHAIN_INCOMING);
+
+  /*
+   *
+   * Everything in the nat table
+   *
+   */
+
+  debug(LOG_DEBUG, "Destroying chains in the NAT table");
+  iptables_fw_destroy_mention("nat", "PREROUTING", CHAIN_OUTGOING);
+  iptables_do_command("-t nat -F " CHAIN_OUTGOING);
+  iptables_do_command("-t nat -X " CHAIN_OUTGOING);
+
+  /*
+   *
+   * Everything in the filter table
+   *
+   */
+
+  debug(LOG_DEBUG, "Destroying chains in the FILTER table");
+  iptables_fw_destroy_mention("filter", "INPUT", CHAIN_TO_ROUTER);
+  iptables_fw_destroy_mention("filter", "FORWARD", CHAIN_TO_INTERNET);
+  iptables_do_command("-t filter -F " CHAIN_TO_ROUTER);
+  iptables_do_command("-t filter -F " CHAIN_TO_INTERNET);
+  iptables_do_command("-t filter -F " CHAIN_AUTHENTICATED);
+  iptables_do_command("-t filter -X " CHAIN_TO_ROUTER);
+  iptables_do_command("-t filter -X " CHAIN_TO_INTERNET);
+  iptables_do_command("-t filter -X " CHAIN_AUTHENTICATED);
+
+  return 1;
+}
+
+/*
+ * Helper for iptables_fw_destroy
+ * @param table The table to search
+ * @param chain The chain in that table to search
+ * @param mention A word to find and delete in rules in the given table+chain
+ */
+int
+iptables_fw_destroy_mention(
+		char * table,
+		char * chain,
+		char * mention
+) {
+  FILE *p = NULL;
+  char *command = NULL;
+  char *command2 = NULL;
+  char line[MAX_BUF];
+  char rulenum[10];
+  int deleted = 0;
+
+  debug(LOG_DEBUG, "Attempting to destroy all mention of %s from %s.%s", mention, table, chain);
+
+  safe_asprintf(&command, "iptables -t %s -L %s -n --line-numbers -v", table, chain);
+
+  if ((p = popen(command, "r"))) {
+    /* Skip first 2 lines */
+    while (!feof(p) && fgetc(p) != '\n');
+    while (!feof(p) && fgetc(p) != '\n');
+    /* Loop over entries */
+    while (fgets(line, sizeof(line), p)) {
+      /* Look for mention */
+      if (strstr(line, mention)) {
+	/* Found mention - Get the rule number into rulenum*/
+	if (sscanf(line, "%9[0-9]", rulenum) == 1) {
+	  /* Delete the rule: */
+	  debug(LOG_DEBUG, "Deleting rule %s from %s.%s because it mentions %s", rulenum, table, chain, mention);
+	  safe_asprintf(&command2, "-t %s -D %s %s", table, chain, rulenum);
+	  iptables_do_command(command2);
+	  free(command2);
+	  deleted = 1;
+	  /* Do not keep looping - the captured rulenums will no longer be accurate */
+	  break;
+	}
+      }
+    }
+    pclose(p);
+  }
+
+  free(command);
+
+  if (deleted) {
+    /* Recurse just in case there are more in the same table+chain */
+    iptables_fw_destroy_mention(table, chain, mention);
+  }
+
+  return (deleted);
+}
+
+/** Insert or delete firewall mangle rules marking a client's packets.
+ */
+int
+iptables_fw_access(t_authaction action, char *ip, char *mac) {
+  int rc;
+
+  fw_quiet = 0;
+
+  switch(action) {
+  case AUTH_MAKE_AUTHENTICATED:
+    /* This rule is for marking upload packets, and for upload byte counting */
+    rc = iptables_do_command("-t mangle -A " CHAIN_OUTGOING " -s %s -m mac --mac-source %s -j MARK --set-mark 0x%x", ip, mac, FW_MARK_AUTHENTICATED);
+    /* This rule is just for download byte counting */
+    rc = iptables_do_command("-t mangle -A " CHAIN_INCOMING " -d %s -j ACCEPT", ip);
+    break;
+  case AUTH_MAKE_DEAUTHENTICATED:
+    /* Remove the authentication rules. */
+    rc = iptables_do_command("-t mangle -D " CHAIN_OUTGOING " -s %s -m mac --mac-source %s -j MARK --set-mark 0x%x", ip, mac, FW_MARK_AUTHENTICATED);
+    rc = iptables_do_command("-t mangle -D " CHAIN_INCOMING " -d %s -j ACCEPT", ip);
+    break;
+  default:
+    rc = -1;
+    break;
+  }
+
+  return rc;
+}
+
+/** Update the counters of all the clients in the client list */
+int
+iptables_fw_counters_update(void) {
+  FILE *output;
+  char *script,
+    ip[16],
+    rc;
+  unsigned long long int counter;
+  t_client *p1;
+  struct in_addr tempaddr;
+
+  /* Look for outgoing traffic */
+  safe_asprintf(&script, "%s %s", "iptables", "-v -n -x -t mangle -L " CHAIN_OUTGOING);
+  output = popen(script, "r");
+  free(script);
+  if (!output) {
+    debug(LOG_ERR, "popen(): %s", strerror(errno));
+    return -1;
+  }
+
+  /* skip the first two lines */
+  while (('\n' != fgetc(output)) && !feof(output))
+    ;
+  while (('\n' != fgetc(output)) && !feof(output))
+    ;
+  while (output && !(feof(output))) {
+    rc = fscanf(output, "%*s %llu %*s %*s %*s %*s %*s %15[0-9.] %*s %*s %*s %*s %*s 0x%*u", &counter, ip);
+    if (2 == rc && EOF != rc) {
+      /* Sanity*/
+      if (!inet_aton(ip, &tempaddr)) {
+	debug(LOG_WARNING, "I was supposed to read an IP address but instead got [%s] - ignoring it", ip);
+	continue;
+      }
+      debug(LOG_DEBUG, "Outgoing %s Bytes=%llu", ip, counter);
+      LOCK_CLIENT_LIST();
+      if ((p1 = client_list_find_by_ip(ip))) {
+	if ((p1->counters.outgoing - p1->counters.outgoing_history) < counter) {
+	  p1->counters.outgoing = p1->counters.outgoing_history + counter;
+	  p1->counters.last_updated = time(NULL);
+	  debug(LOG_DEBUG, "%s - Updated counter.outgoing to %llu bytes", ip, counter);
+	}
+      } else {
+	debug(LOG_ERR, "Could not find %s in client list", ip);
+      }
+      UNLOCK_CLIENT_LIST();
+    }
+  }
+  pclose(output);
+
+  /* Look for incoming traffic */
+  safe_asprintf(&script, "%s %s", "iptables", "-v -n -x -t mangle -L " CHAIN_INCOMING);
+  output = popen(script, "r");
+  free(script);
+  if (!output) {
+    debug(LOG_ERR, "popen(): %s", strerror(errno));
+    return -1;
+  }
+
+  /* skip the first two lines */
+  while (('\n' != fgetc(output)) && !feof(output))
+    ;
+  while (('\n' != fgetc(output)) && !feof(output))
+    ;
+  while (output && !(feof(output))) {
+    rc = fscanf(output, "%*s %llu %*s %*s %*s %*s %*s %*s %15[0-9.]", &counter, ip);
+    if (2 == rc && EOF != rc) {
+      /* Sanity*/
+      if (!inet_aton(ip, &tempaddr)) {
+	debug(LOG_WARNING, "I was supposed to read an IP address but instead got [%s] - ignoring it", ip);
+	continue;
+      }
+      debug(LOG_DEBUG, "Incoming %s Bytes=%llu", ip, counter);
+      LOCK_CLIENT_LIST();
+      if ((p1 = client_list_find_by_ip(ip))) {
+	if ((p1->counters.incoming - p1->counters.incoming_history) < counter) {
+	  p1->counters.incoming = p1->counters.incoming_history + counter;
+	  debug(LOG_DEBUG, "%s - Updated counter.incoming to %llu bytes", ip, counter);
+	}
+      } else {
+	debug(LOG_ERR, "Could not find %s in client list", ip);
+      }
+      UNLOCK_CLIENT_LIST();
+    }
+  }
+  pclose(output);
+
+  return 1;
+}

src/fw_iptables.h

@@ -0,0 +1,66 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: fw_iptables.h 901 2006-01-17 18:58:13Z mina $ */
+/** @file fw_iptables.h
+    @brief Firewall iptables functions
+    @author Copyright (C) 2004 Philippe April <papril777@yahoo.com>
+*/
+
+#ifndef _FW_IPTABLES_H_
+#define _FW_IPTABLES_H_
+
+#include "firewall.h"
+#include "auth.h"
+
+/*@{*/ 
+/**Iptable chain names used by nodogsplash */
+#define CHAIN_TO_INTERNET "nodogsplash_toInternet"
+#define CHAIN_TO_ROUTER "nodogsplash_toRouter"
+#define CHAIN_OUTGOING  "nodogsplash_Outgoing"
+#define CHAIN_INCOMING  "nodogsplash_Incoming"
+#define CHAIN_AUTHENTICATED     "nodogsplash_Authenticated"
+#define CHAIN_UNKNOWN   "nodogsplash_Unknown"
+#define CHAIN_BLOCKED    "nodogsplash_Blocked"
+#define CHAIN_TRUSTED    "nodogsplash_Trusted"
+/*@}*/ 
+
+/** @brief Initialize the firewall */
+int iptables_fw_init(void);
+
+/** @brief Initializes the authservers table */
+void iptables_fw_set_authservers(void);
+
+/** @brief Clears the authservers table */
+void iptables_fw_clear_authservers(void);
+
+/** @brief Destroy the firewall */
+int iptables_fw_destroy(void);
+
+/** @brief Helper function for iptables_fw_destroy */
+int iptables_fw_destroy_mention( char * table, char * chain, char * mention);
+
+/** @brief Define the access of a specific client */
+int iptables_fw_access(t_authaction action, char *ip, char *mac);
+
+/** @brief All counters in the client list */
+int iptables_fw_counters_update(void);
+
+#endif /* _IPTABLES_H_ */

src/gateway.c

@@ -0,0 +1,539 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free:Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+ \********************************************************************/
+
+/* $Id: gateway.c 1104 2006-10-09 00:58:46Z acv $ */
+/** @internal
+  @file gateway.c
+  @brief Main loop
+  @author Copyright (C) 2004 Philippe April <papril777@yahoo.com>
+  @author Copyright (C) 2004 Alexandre Carmel-Veilleux <acv@miniguru.ca>
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <syslog.h>
+#include <pthread.h>
+#include <signal.h>
+#include <errno.h>
+#include <time.h>
+
+/* for strerror() */
+#include <string.h>
+
+/* for wait() */
+#include <sys/wait.h>
+
+/* for unix socket communication*/
+#include <sys/socket.h>
+#include <sys/un.h>
+
+#include "common.h"
+#include "httpd.h"
+#include "safe.h"
+#include "debug.h"
+#include "conf.h"
+#include "gateway.h"
+#include "firewall.h"
+#include "commandline.h"
+#include "auth.h"
+#include "http.h"
+#include "client_list.h"
+#include "ndsctl_thread.h"
+#include "httpd_thread.h"
+#include "util.h"
+
+/** XXX Ugly hack 
+ * We need to remember the thread IDs of threads that simulate wait with pthread_cond_timedwait
+ * so we can explicitly kill them in the termination handler
+ */
+static pthread_t tid_fw_counter = 0;
+static pthread_t tid_ping = 0; 
+
+/* The internal web server */
+httpd * webserver = NULL;
+
+/* from commandline.c */
+extern char ** restartargv;
+extern pid_t restart_orig_pid;
+t_client *firstclient;
+
+/* from client_list.c */
+extern pthread_mutex_t client_list_mutex;
+
+/* Time when nodogsplash started  */
+time_t started_time = 0;
+
+/* Appends -x, the current PID, and NULL to restartargv
+ * see parse_commandline in commandline.c for details
+ *
+ * Why is restartargv global? Shouldn't it be at most static to commandline.c
+ * and this function static there? -Alex @ 8oct2006
+ */
+void append_x_restartargv(void) {
+  int i;
+
+  for (i=0; restartargv[i]; i++);
+
+  restartargv[i++] = safe_strdup("-x");
+  safe_asprintf(&(restartargv[i++]), "%d", getpid());
+}
+
+/* @internal
+ * @brief During gateway restart, connects to the parent process via the internal socket
+ * Downloads from it the active client list
+ */
+void get_clients_from_parent(void) {
+  int sock;
+  struct sockaddr_un	sa_un;
+  s_config * config = NULL;
+  char linebuffer[MAX_BUF];
+  int len = 0;
+  char *running1 = NULL;
+  char *running2 = NULL;
+  char *token1 = NULL;
+  char *token2 = NULL;
+  char onechar;
+  char *command = NULL;
+  char *key = NULL;
+  char *value = NULL;
+  t_client * client = NULL;
+  t_client * lastclient = NULL;
+
+  config = config_get_config();
+	
+  debug(LOG_INFO, "Connecting to parent to download clients");
+
+  /* Connect to socket */
+  sock = socket(AF_UNIX, SOCK_STREAM, 0);
+  memset(&sa_un, 0, sizeof(sa_un));
+  sa_un.sun_family = AF_UNIX;
+  strncpy(sa_un.sun_path, config->internal_sock, (sizeof(sa_un.sun_path) - 1));
+
+  if (connect(sock, (struct sockaddr *)&sa_un, strlen(sa_un.sun_path) + sizeof(sa_un.sun_family))) {
+    debug(LOG_ERR, "Failed to connect to parent (%s) - client list not downloaded", strerror(errno));
+    return;
+  }
+
+  debug(LOG_INFO, "Connected to parent.  Downloading clients");
+
+  LOCK_CLIENT_LIST();
+
+  command = NULL;
+  memset(linebuffer, 0, sizeof(linebuffer));
+  len = 0;
+  client = NULL;
+  /* Get line by line */
+  while (read(sock, &onechar, 1) == 1) {
+    if (onechar == '\n') {
+      /* End of line */
+      onechar = '\0';
+    }
+    linebuffer[len++] = onechar;
+
+    if (!onechar) {
+      /* We have a complete entry in linebuffer - parse it */
+      debug(LOG_DEBUG, "Received from parent: [%s]", linebuffer);
+      running1 = linebuffer;
+      while ((token1 = strsep(&running1, "|")) != NULL) {
+	if (!command) {
+	  /* The first token is the command */
+	  command = token1;
+	}
+	else {
+	  /* Token1 has something like "foo=bar" */
+	  running2 = token1;
+	  key = value = NULL;
+	  while ((token2 = strsep(&running2, "=")) != NULL) {
+	    if (!key) {
+	      key = token2;
+	    }
+	    else if (!value) {
+	      value = token2;
+	    }
+	  }
+	}
+
+	if (strcmp(command, "CLIENT") == 0) {
+	  /* This line has info about a client in the client list */
+	  if (!client) {
+	    /* Create a new client struct */
+	    client = safe_malloc(sizeof(t_client));
+	    memset(client, 0, sizeof(t_client));
+	  }
+	}
+
+	if (key && value) {
+	  if (strcmp(command, "CLIENT") == 0) {
+	    /* Assign the key into the appropriate slot in the connection structure */
+	    if (strcmp(key, "ip") == 0) {
+	      client->ip = safe_strdup(value);
+	    }
+	    else if (strcmp(key, "mac") == 0) {
+	      client->mac = safe_strdup(value);
+	    }
+	    else if (strcmp(key, "token") == 0) {
+	      client->token = strcmp(value,"NULL") ? safe_strdup(value) : NULL;
+	    }
+	    else if (strcmp(key, "fw_connection_state") == 0) {
+	      client->fw_connection_state = atoi(value);
+	    }
+	    else if (strcmp(key, "added_time") == 0) {
+	      client->added_time = (time_t) atoll(value);
+	    }
+	    else if (strcmp(key, "counters_incoming") == 0) {
+	      client->counters.incoming_history = atoll(value);
+	      client->counters.incoming = client->counters.incoming_history;
+	    }
+	    else if (strcmp(key, "counters_outgoing") == 0) {
+	      client->counters.outgoing_history = atoll(value);
+	      client->counters.outgoing = client->counters.outgoing_history;
+	    }
+	    else if (strcmp(key, "counters_last_updated") == 0) {
+	      client->counters.last_updated = (time_t) atoll(value);
+	    }
+	    else {
+	      debug(LOG_NOTICE, "I don't know how to inherit key [%s] value [%s] from parent", key, value);
+	    }
+	  }
+	}
+      }
+
+      /* End of parsing this command */
+      if (client) {
+	/* Add this client to the client list */
+	if (!firstclient) {
+	  firstclient = client;
+	  lastclient = firstclient;
+	}
+	else {
+	  lastclient->next = client;
+	  lastclient = client;
+	}
+      }
+
+      /* Clean up */
+      command = NULL;
+      memset(linebuffer, 0, sizeof(linebuffer));
+      len = 0;
+      client = NULL;
+    }
+  }
+
+  UNLOCK_CLIENT_LIST();
+  debug(LOG_INFO, "Client list downloaded successfully from parent");
+
+  close(sock);
+}
+
+/**@internal
+ * @brief Handles SIGCHLD signals to avoid zombie processes
+ *
+ * When a child process exits, it causes a SIGCHLD to be sent to the
+ * process. This handler catches it and reaps the child process so it
+ * can exit. Otherwise we'd get zombie processes.
+ */
+void
+sigchld_handler(int s) {
+  int	status;
+  pid_t rc;
+	
+  debug(LOG_DEBUG, "Handler for SIGCHLD called. Trying to reap a child");
+
+  rc = waitpid(-1, &status, WNOHANG);
+
+  debug(LOG_DEBUG, "Handler for SIGCHLD reaped child PID %d", rc);
+}
+
+/** Exits cleanly after cleaning up the firewall.  
+ *  Use this function anytime you need to exit after firewall initialization */
+void
+termination_handler(int s) {
+  static	pthread_mutex_t	sigterm_mutex = PTHREAD_MUTEX_INITIALIZER;
+  s_config *config = config_get_config();
+
+  debug(LOG_INFO, "Handler for termination caught signal %d", s);
+
+  /* Makes sure we only call fw_destroy() once. */
+  if (pthread_mutex_trylock(&sigterm_mutex)) {
+    debug(LOG_INFO, "Another thread already began global termination handler. I'm exiting");
+    pthread_exit(NULL);
+  }
+  else {
+    debug(LOG_INFO, "Cleaning up and exiting");
+  }
+
+  debug(LOG_INFO, "Flushing firewall rules...");
+  fw_destroy();
+
+  /* XXX Hack
+   * Aparently pthread_cond_timedwait under openwrt prevents signals (and therefore
+   * termination handler) from happening so we need to explicitly kill the threads 
+   * that use that
+   */
+  if (tid_fw_counter) {
+    debug(LOG_INFO, "Explicitly killing the fw_counter thread");
+    pthread_kill(tid_fw_counter, SIGKILL);
+  }
+  if (tid_ping) {
+    debug(LOG_INFO, "Explicitly killing the ping thread");
+    pthread_kill(tid_ping, SIGKILL);
+  }
+
+  debug(LOG_NOTICE, "Exiting...");
+  exit(s == 0 ? 1 : 0);
+}
+
+/** @internal 
+ * Registers all the signal handlers
+ */
+static void
+init_signals(void) {
+  struct sigaction sa;
+
+  debug(LOG_DEBUG, "Initializing signal handlers");
+	
+  sa.sa_handler = sigchld_handler;
+  sigemptyset(&sa.sa_mask);
+  sa.sa_flags = SA_RESTART;
+  if (sigaction(SIGCHLD, &sa, NULL) == -1) {
+    debug(LOG_ERR, "sigaction(): %s", strerror(errno));
+    exit(1);
+  }
+
+  /* Trap SIGPIPE */
+  /* This is done so that when libhttpd does a socket operation on
+   * a disconnected socket (i.e.: Broken Pipes) we catch the signal
+   * and do nothing. The alternative is to exit. SIGPIPE are harmless
+   * if not desirable.
+   */
+  sa.sa_handler = SIG_IGN;
+  if (sigaction(SIGPIPE, &sa, NULL) == -1) {
+    debug(LOG_ERR, "sigaction(): %s", strerror(errno));
+    exit(1);
+  }
+
+  sa.sa_handler = termination_handler;
+  sigemptyset(&sa.sa_mask);
+  sa.sa_flags = SA_RESTART;
+
+  /* Trap SIGTERM */
+  if (sigaction(SIGTERM, &sa, NULL) == -1) {
+    debug(LOG_ERR, "sigaction(): %s", strerror(errno));
+    exit(1);
+  }
+
+  /* Trap SIGQUIT */
+  if (sigaction(SIGQUIT, &sa, NULL) == -1) {
+    debug(LOG_ERR, "sigaction(): %s", strerror(errno));
+    exit(1);
+  }
+
+  /* Trap SIGINT */
+  if (sigaction(SIGINT, &sa, NULL) == -1) {
+    debug(LOG_ERR, "sigaction(): %s", strerror(errno));
+    exit(1);
+  }
+}
+
+/**@internal
+ * Main execution loop 
+ */
+static void
+main_loop(void) {
+  int result;
+  pthread_t	tid;
+  s_config *config = config_get_config();
+  request *r;
+  void **params;
+  FILE *fh;
+
+  /* Set the time when nodogsplash started */
+  if (!started_time) {
+    debug(LOG_INFO, "Setting started_time");
+    started_time = time(NULL);
+  }
+  else if (started_time < MINIMUM_STARTED_TIME) {
+    debug(LOG_WARNING, "Detected possible clock skew - re-setting started_time");
+    started_time = time(NULL);
+  }
+
+  /* If we don't have the Gateway IP address, get it. Can't fail. */
+  if (!config->gw_address) {
+    debug(LOG_DEBUG, "Finding IP address of %s", config->gw_interface);
+    if ((config->gw_address = get_iface_ip(config->gw_interface)) == NULL) {
+      debug(LOG_ERR, "Could not get IP address information of %s, exiting...", config->gw_interface);
+      exit(1);
+    }
+    debug(LOG_DEBUG, "Detected gateway %s = %s", config->gw_interface, config->gw_address);
+  }
+
+  /* Initializes the web server */
+  debug(LOG_NOTICE, "Creating web server on %s:%d", config->gw_address, config->gw_port);
+  if ((webserver = httpdCreate(config->gw_address, config->gw_port)) == NULL) {
+    debug(LOG_ERR, "Could not create web server: %s", strerror(errno));
+    exit(1);
+  }
+
+  /* Set web root for server */
+  debug(LOG_DEBUG, "Setting web root: %s",config->webroot);
+  httpdSetFileBase(webserver,config->webroot);
+
+  /* Add images files to server: any file in config->splashimagesdir can be served */
+  debug(LOG_DEBUG, "Setting images subdir: %s",config->imagesdir);
+  httpdAddWildcardContent(webserver,config->imagesdir,NULL,config->imagesdir);
+
+  debug(LOG_DEBUG, "Assigning callbacks to web server");
+	
+  httpdAddCContent(webserver, "/", "", 0, NULL, http_nodogsplash_callback_index);
+  httpdAddCWildcardContent(webserver, config->authdir, NULL, http_nodogsplash_callback_auth);
+  httpdAddCWildcardContent(webserver, config->denydir, NULL, http_nodogsplash_callback_deny);
+  httpdAddC404Content(webserver, http_nodogsplash_callback_404);
+
+  /* Reset the firewall (if nodogsplash crashed) */
+  fw_destroy();
+  /* Then initialize it */
+  fw_init();
+
+  /* Start clean up thread */
+  result = pthread_create(&tid_fw_counter, NULL, (void *)thread_client_timeout_check, NULL);
+  if (result != 0) {
+    debug(LOG_ERR, "FATAL: Failed to create a new thread (fw_counter) - exiting");
+    termination_handler(0);
+  }
+  pthread_detach(tid_fw_counter);
+
+  /* Start control thread */
+  result = pthread_create(&tid, NULL, (void *)thread_ndsctl, (void *)safe_strdup(config->ndsctl_sock));
+  if (result != 0) {
+    debug(LOG_ERR, "FATAL: Failed to create a new thread (ndsctl) - exiting");
+    termination_handler(0);
+  }
+  pthread_detach(tid);
+	
+  debug(LOG_NOTICE, "Waiting for connections");
+  while(1) {
+    r = httpdGetConnection(webserver, NULL);
+
+    /* We can't convert this to a switch because there might be
+     * values that are not -1, 0 or 1. */
+    if (webserver->lastError == -1) {
+      /* Interrupted system call */
+      continue; /* restart loop */
+    }
+    else if (webserver->lastError < -1) {
+      /*
+       * FIXME
+       * An error occurred - should we abort?
+       * reboot the device ?
+       */
+      debug(LOG_ERR, "FATAL: httpdGetConnection returned unexpected value %d, exiting.", webserver->lastError);
+      termination_handler(0);
+    }
+    else if (r != NULL) {
+      /*
+       * We got a connection
+       *
+       * We should create another thread  (memory leak here?)
+       */
+      debug(LOG_INFO, "Received connection from %s, spawning worker thread", r->clientAddr);
+      /* The void**'s are a simulation of the normal C
+       * function calling sequence. */
+      params = safe_malloc(2 * sizeof(void *));
+      *params = webserver;
+      *(params + 1) = r;
+
+      result = pthread_create(&tid, NULL, (void *)thread_httpd, (void *)params);
+      if (result != 0) {
+	debug(LOG_ERR, "FATAL: Failed to create a new thread (httpd) - exiting");
+	termination_handler(0);
+      }
+      pthread_detach(tid);
+    }
+    else {
+      /* webserver->lastError should be 2 */
+      /* XXX We failed an ACL.... No handling because
+       * we don't set any... */
+    }
+  }
+
+  /* never reached */
+}
+
+/** Main entry point for nodogsplash.
+ * Reads the configuration file and then starts the main loop.
+ */
+int main(int argc, char **argv) {
+
+  s_config *config = config_get_config();
+  config_init();
+
+  parse_commandline(argc, argv);
+
+  /* Initialize the config */
+  config_read(config->configfile);
+  config_validate();
+
+  /* Initializes the linked list of connected clients */
+  client_list_init();
+
+  /* Init the signals to catch chld/quit/etc */
+  init_signals();
+
+  if (restart_orig_pid) {
+    /*
+     * We were restarted and our parent is waiting for us to talk to it over the socket
+     */
+    get_clients_from_parent();
+
+    /*
+     * At this point the parent will start destroying itself and the firewall.
+     * Let it finish its job before we continue
+     */
+    while (kill(restart_orig_pid, 0) != -1) {
+      debug(LOG_INFO, "Waiting for parent PID %d to die before continuing loading", restart_orig_pid);
+      sleep(1);
+    }
+
+    debug(LOG_INFO, "Parent PID %d seems to be dead. Continuing loading.");
+  }
+
+  if (config->daemon) {
+
+    debug(LOG_INFO, "Forking into background");
+
+    switch(safe_fork()) {
+    case 0: /* child */
+      setsid();
+      append_x_restartargv();
+      main_loop();
+      break;
+
+    default: /* parent */
+      exit(0);
+      break;
+    }
+  }
+  else {
+    append_x_restartargv();
+    main_loop();
+  }
+
+  return(0); /* never reached */
+}

src/gateway.h

@@ -0,0 +1,35 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: gateway.h 901 2006-01-17 18:58:13Z mina $ */
+/** @file gateway.h
+    @brief Main loop
+    @author Copyright (C) 2004 Philippe April <papril777@yahoo.com>
+*/
+
+#ifndef _GATEWAY_H_
+#define _GATEWAY_H_
+
+#define MINIMUM_STARTED_TIME 1178487900 /* 2007-05-06 */
+ 
+/** @brief exits cleanly and clear the firewall rules. */
+void termination_handler(int s);
+
+#endif /* _GATEWAY_H_ */

src/http.c

@@ -0,0 +1,496 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+ \********************************************************************/
+
+/* $Id: http.c 1104 2006-10-09 00:58:46Z acv $ */
+/** @file http.c
+  @brief HTTP IO functions
+  @author Copyright (C) 2004 Philippe April <papril777@yahoo.com>
+ */
+
+#define _GNU_SOURCE
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <pthread.h>
+#include <string.h>
+#include <unistd.h>
+#include <syslog.h>
+
+#include "httpd.h"
+
+#include "safe.h"
+#include "debug.h"
+#include "conf.h"
+#include "auth.h"
+#include "firewall.h"
+#include "http.h"
+#include "httpd.h"
+#include "client_list.h"
+#include "common.h"
+
+#include "util.h"
+
+#include "../config.h"
+
+extern pthread_mutex_t	client_list_mutex;
+
+
+void 
+http_callback_about(httpd *webserver, request *r) {
+  http_nodogsplash_header(r, "About nodogsplash");
+  httpdOutput(r, "This is nodogsplash version <b>" VERSION "</b>");
+  http_nodogsplash_footer(r);
+}
+
+void 
+http_callback_status(httpd *webserver, request *r) {
+  char * status = NULL;
+  status = get_status_text();
+  http_nodogsplash_header(r, "nodogsplash Status");
+  httpdOutput(r, "<pre>");
+  httpdOutput(r, status);
+  httpdOutput(r, "</pre>");
+  http_nodogsplash_footer(r);
+  free(status);
+}
+
+
+void
+http_nodogsplash_header(request *r, char *title) {
+  httpdOutput(r, "<html>\n");
+  httpdOutput(r, "<head>\n");
+  httpdPrintf(r, "<title>%s</title>\n", title);
+  httpdOutput(r, "<meta HTTP-EQUIV='Pragma' CONTENT='no-cache'>\n");
+
+  httpdOutput(r, "<style>\n");
+  httpdOutput(r, "body {\n");
+  httpdOutput(r, "  margin: 10px 60px 0 60px; \n");
+  httpdOutput(r, "  font-family : bitstream vera sans, sans-serif;\n");
+  httpdOutput(r, "  color: #000000;\n");
+  httpdOutput(r, "}\n");
+
+  httpdOutput(r, "a {\n");
+  httpdOutput(r, "  color: #000000;\n");
+  httpdOutput(r, "}\n");
+
+  httpdOutput(r, "a:active {\n");
+  httpdOutput(r, "  color: #000000;\n");
+  httpdOutput(r, "}\n");
+
+  httpdOutput(r, "a:link {\n");
+  httpdOutput(r, "  color: #000000;\n");
+  httpdOutput(r, "}\n");
+
+  httpdOutput(r, "a:visited {\n");
+  httpdOutput(r, "  color: #000000;\n");
+  httpdOutput(r, "}\n");
+
+  httpdOutput(r, "#header {\n");
+  httpdOutput(r, "  height: 30px;\n");
+  httpdOutput(r, "  background-color: #DDDDDD;\n");
+  httpdOutput(r, "  padding: 20px;\n");
+  httpdOutput(r, "  font-size: 20pt;\n");
+  httpdOutput(r, "  text-align: center;\n");
+  httpdOutput(r, "  border: 2px solid #000000;\n");
+  httpdOutput(r, "  border-bottom: 0;\n");
+  httpdOutput(r, "}\n");
+
+  httpdOutput(r, "#menu {\n");
+  httpdOutput(r, "  width: 200px;\n");
+  httpdOutput(r, "  float: right;\n");
+  httpdOutput(r, "  background-color: #DDDDDD;\n");
+  httpdOutput(r, "  border: 2px solid #000000;\n");
+  httpdOutput(r, "  font-size: 80%;\n");
+  httpdOutput(r, "  min-height: 300px;\n");
+  httpdOutput(r, "}\n");
+
+  httpdOutput(r, "#menu h2 {\n");
+  httpdOutput(r, "  margin: 0;\n");
+  httpdOutput(r, "  background-color: #000000;\n");
+  httpdOutput(r, "  text-align: center;\n");
+  httpdOutput(r, "  color: #DDDDDD;\n");
+  httpdOutput(r, "}\n");
+
+  httpdOutput(r, "#copyright {\n");
+  httpdOutput(r, "}\n");
+
+  httpdOutput(r, "#content {\n");
+  httpdOutput(r, "  padding: 20px;\n");
+  httpdOutput(r, "  border: 2px solid #000000;\n");
+  httpdOutput(r, "  min-height: 300px;\n");
+  httpdOutput(r, "}\n");
+  httpdOutput(r, "</style>\n");
+
+  httpdOutput(r, "</head>\n");
+
+  httpdOutput(r, "<body\n");
+
+  httpdOutput(r, "<div id=\"header\">\n");
+  httpdPrintf(r, "    %s\n", title);
+  httpdOutput(r, "</div>\n");
+
+  httpdOutput(r, "<div id=\"menu\">\n");
+
+
+  httpdOutput(r, "    <h2>Info</h2>\n");
+  httpdOutput(r, "    <ul>\n");
+  httpdOutput(r, "    <li>Version: " VERSION "\n");
+  httpdPrintf(r, "    <li>Node ID: %s\n", config_get_config()->gw_name);
+  httpdOutput(r, "    </ul>\n");
+  httpdOutput(r, "    <br>\n");
+
+  httpdOutput(r, "</div>\n");
+
+  httpdOutput(r, "<div id=\"content\">\n");
+  httpdPrintf(r, "<h2>%s</h2>\n", title);
+}
+
+void
+http_nodogsplash_footer(request *r) {
+  httpdOutput(r, "</div>\n");
+
+  httpdOutput(r, "<div id=\"copyright\">\n");
+  httpdOutput(r, "Copyright (C) 2004-2007.  This software is released under the GNU GPL license.\n");
+  httpdOutput(r, "</div>\n");
+
+  httpdOutput(r, "</body>\n");
+  httpdOutput(r, "</html>\n");
+}
+
+
+/** The 404 handler adds the client to the client list
+ *  and serves the splash page
+ */
+void
+http_nodogsplash_callback_404(httpd *webserver, request *r) {
+  t_client *client;
+  
+  debug(LOG_INFO, "Capturing as 404 request from %s for [%s%s]",
+	r->clientAddr, r->request.host, r->request.path);
+
+  
+  client = http_nodogsplash_add_client(r);
+  if(client) {
+    http_nodogsplash_serve_splash(r,client->token,r->request.host,r->request.path);
+  }
+
+}
+
+
+/** The index handler adds the client to the client list
+ *  and serves the splash page
+ */
+void 
+http_nodogsplash_callback_index(httpd *webserver, request *r) {
+  t_client *client;
+
+  debug(LOG_INFO, "Capturing index request from %s for [%s%s]",
+	r->clientAddr, r->request.host, r->request.path);
+
+  client = http_nodogsplash_add_client(r);
+  if(client) {
+    http_nodogsplash_serve_splash(r,client->token,r->request.host,r->request.path);
+  }
+}
+
+void
+_report_warning(request *r, char *msg) {
+    debug(LOG_WARNING, msg);
+    http_nodogsplash_header(r, "Nodogsplash Error");
+    httpdOutput(r, msg);
+    http_nodogsplash_footer(r);
+}
+
+/** The multipurpose handler */
+void
+http_nodogsplash_callback_action(httpd *webserver, request *r, t_authaction action) {
+  t_client	*client;
+  char *mac;
+  char *ip;
+  char *p1, *p2, *pathcopy;
+  char *redir = NULL;
+  char *clienttoken = NULL;
+  char *requesttoken = NULL;
+  s_config *config;
+
+  config = config_get_config();
+  
+  /* Get components of path in request */
+  /* Make a copy; we will modify it */
+  pathcopy = safe_strdup(r->request.path);
+  /* path has the form: /<directory>/<rest>,
+   * where <directory> is not needed here,and
+   * where <rest> has been httpdUrlEncoded to encode slashes.
+   * (See http_nodogsplash_serve_splash() for how this
+   * path is constructed.)
+   * So, here we first find <rest> and httpdUrlDecode it,
+   * to see that <rest> has the form: <requesttoken>/<redir>
+   */
+  p1 = strchr(pathcopy,'/');        /* initial slash */
+  if(!p1) { _report_warning(r,"Malformed action request: first"); free(pathcopy); return; }
+  p1++;
+  p1 = strchr(p1,'/');              /* second slash */
+  if(!p1) { _report_warning(r,"Malformed action request: second"); free(pathcopy); return; }
+  p1++;
+  /* httpdUrlDecode the rest.  This recovers slashes, among other things. */
+  p1 = httpdUrlDecode(p1); /* Note: this decodes in-place */
+  /* now look for <requesttoken>/<redir> */
+  p2 = strchr(p1,'/');              /* third slash */
+  if(!p2) { _report_warning(r,"Malformed action request: third"); free(pathcopy); return; }
+  *p2 = '\0';
+  /* p1 now pointing at terminated token; allocate a copy */
+  requesttoken = safe_strdup(p1); 
+  p2++;
+  /* p2 now pointing at decoded redirect; allocate a copy */
+  safe_asprintf(&redir,"http://%s",p2);
+  free(pathcopy);
+
+  ip = r->clientAddr;
+
+  if (!(mac = arp_get(ip))) {
+    /* We could not get their MAC address */
+    
+    debug(LOG_WARNING, "Failed to retrieve MAC address for ip %s", ip);
+    http_nodogsplash_header(r, "Nodogsplash Error");
+    httpdOutput(r, "Failed to retrieve your MAC address.");
+    http_nodogsplash_footer(r);
+    free(requesttoken);
+    free(redir);
+    return;
+  }
+
+  /* We have their MAC address, find them on the client list */
+  LOCK_CLIENT_LIST();
+  client = client_list_find(ip, mac);
+  if(client && client->token) clienttoken = safe_strdup(client->token);
+  UNLOCK_CLIENT_LIST();
+
+  if(!client) {
+    debug(LOG_WARNING, "Client %s at %s requesting action %d is not on client list",
+	  ip, mac, action);
+    http_nodogsplash_header(r, "Nodogsplash Error");
+    httpdOutput(r, "You are not on the client list.");
+    http_nodogsplash_footer(r);
+    free(mac);
+    free(requesttoken);
+    free(redir);
+    return;
+  }
+
+  /* We have a client */
+  /* If there is a redir in the config, use it instead of redir in this request */
+  if(config->redirectURL) {
+    free(redir);
+    redir = safe_strdup(config->redirectURL);
+  }
+
+  /* Do we have a client token? */
+  if(!clienttoken) {
+    debug(LOG_WARNING, "Client %s at %s does not have a token", ip, mac);
+    http_nodogsplash_header(r, "Nodogsplash Error");
+    httpdOutput(r, "No token available.");
+    http_nodogsplash_footer(r);
+    free(mac);
+    free(requesttoken);
+    free(redir);
+    return;
+  } 
+
+  debug(LOG_DEBUG, "Action %d: IP %s MAC %s: client: %s, request: %s",
+	action, ip, mac, clienttoken, requesttoken);  
+  debug(LOG_DEBUG, "Redirect:  %s", redir);
+  /* Check if tokens match */
+  if (! strcmp(clienttoken,requesttoken)) {
+    /* take action */
+    switch(action) {
+    case AUTH_MAKE_AUTHENTICATED:
+      auth_client_action(ip,mac,action);
+      http_nodogsplash_redirect(r, redir);
+      break;
+    case AUTH_MAKE_DEAUTHENTICATED:
+      auth_client_action(ip,mac,action);
+      http_nodogsplash_header(r, "Nodogsplash Deny");
+      httpdOutput(r, "OK, see you later!");
+      http_nodogsplash_footer(r);
+      break;
+    default:
+      debug(LOG_ERR, "Unknown auth action: %d", action);
+    }
+    
+  } else {
+    /* tokens don't match, reject */
+    debug(LOG_NOTICE, "Client %s at MAC %s tokens %s, %s do not match",
+	  r->clientAddr, mac, clienttoken, requesttoken);
+    http_nodogsplash_header(r, "Nodogsplash Error");
+    httpdOutput(r, "Tokens do not match.");
+    http_nodogsplash_footer(r);
+  }
+  free(mac);
+  free(redir);
+  free(requesttoken);
+  free(clienttoken);
+
+}
+
+/** The auth handler registers the client as authenticated, and redirects their web request */
+void
+http_nodogsplash_callback_auth(httpd *webserver, request *r) {
+
+  http_nodogsplash_callback_action ( webserver, r, AUTH_MAKE_AUTHENTICATED );
+
+}
+
+/** The deny handler removes the client from the client list */
+void
+http_nodogsplash_callback_deny(httpd *webserver, request *r) {
+
+  http_nodogsplash_callback_action ( webserver, r, AUTH_MAKE_DEAUTHENTICATED );
+
+}
+
+
+
+/**
+ *  Add client making a request to client list, creating a
+ *  random token for them.
+ *  Does nothing if a client with the same IP and MAC address
+ *  is already on the list.
+ *
+ *  N.B.: This does not authenticate the client; it only makes
+ *  their information available on the client list.
+ */
+t_client *
+http_nodogsplash_add_client(request *r) {
+  t_client	*client;
+  char	*mac, *token;
+  s_config	*config;
+
+  if (!(mac = arp_get(r->clientAddr))) {
+    /* We could not get their MAC address */
+    debug(LOG_WARNING, "Failed to retrieve MAC address for ip %s", r->clientAddr);
+  } 
+
+
+  LOCK_CLIENT_LIST();
+			
+  if ((client = client_list_find(r->clientAddr, mac)) == NULL) {
+    token = http_make_auth_token();  /* get a new random token */
+    debug(LOG_DEBUG, "New client %s at %s token %s",
+	  r->clientAddr, mac, token);
+    client = client_list_append(r->clientAddr, mac, token);
+    free(token);
+  } else {
+    debug(LOG_DEBUG, "Client %s at %s already exists",
+	  r->clientAddr, mac);
+  }
+  UNLOCK_CLIENT_LIST();
+  free(mac);
+  return client;
+}
+ 
+
+/* Serve the splash page from its file. */
+void
+http_nodogsplash_serve_splash(request *r, char *token, char *host, char *path) {
+  char *redirectURL;
+  char line [MAX_BUF];
+  char *splashfilename, *authtarget, *denytarget, *imagesdir;
+  char *encodedthp, *tokenhostpath;
+  FILE *fd;
+  s_config	*config;
+
+
+  config = config_get_config();
+  /* Set variables; these can be interpolated in the splash page text. */
+
+  httpdAddVariable(r,"gatewayname",config->gw_name);
+
+  /* Work on setting up auth and deny targets. */
+  safe_asprintf(&tokenhostpath,"%s/%s%s", token, host, path);
+  /* We httpdUrlEncode() the concatenation of token, host, path.
+   * This requires a modified version of httpdUrlEncode() which encodes slashes
+   * (as well as the usual things).
+   * This is because we must have an
+   * authtarget that looks like a top-level directory, and one file in it.
+   * (Similarly for denytarget.)
+   * Slashes will be recovered when we httpdUrlDecode() in
+   * http_nodogsplash_callback_action().
+   */
+  encodedthp = httpdUrlEncode(tokenhostpath);  /* malloc's */
+  free(tokenhostpath);
+  safe_asprintf(&authtarget, "http://%s:%d/%s/%s",
+		config->gw_address, config->gw_port, config->authdir, encodedthp);
+  httpdAddVariable(r,"authtarget",authtarget);
+  free(authtarget);
+  
+  safe_asprintf(&denytarget, "http://%s:%d/%s/%s",
+		config->gw_address, config->gw_port, config->denydir, encodedthp);
+  httpdAddVariable(r,"denytarget",denytarget);
+  free(denytarget);
+  
+  free(encodedthp);
+
+  safe_asprintf(&imagesdir, "/%s", config->imagesdir);
+  httpdAddVariable(r,"imagesdir",imagesdir);
+  free(imagesdir);
+
+  /* Pipe page from file */
+  safe_asprintf(&splashfilename, "%s/%s", config->webroot, config->splashpage );
+  if (!(fd = fopen(splashfilename, "r"))) {
+    debug(LOG_ERR, "Could not open splash page file '%s'", splashfilename);
+    http_nodogsplash_header(r, "Nodogsplash Error");
+    httpdOutput(r, "Failed to open splash page file");
+    http_nodogsplash_footer(r);
+  } else {
+    while (fgets(line, MAX_BUF, fd)) {
+      httpdOutput(r,line);
+    }
+    fclose(fd);
+  }
+
+  free(splashfilename);
+
+}
+
+void
+http_nodogsplash_redirect(request *r, char *url) {
+  char *header;
+
+  httpdSetResponse(r, "307 Temporary Redirect");
+  safe_asprintf(&header, "Location: %s",url);
+  httpdAddHeader(r, header);
+
+  httpdPrintf(r, "<html><head></head><body><a href='%s'>Click here to continue to<br>%s</a></body></html>",url,url);
+
+  free(header);
+
+}
+
+/** Allocate and return a random string of 8 hex digits suitable as an authentication token.
+ *  Caller must free.
+ */
+char *
+http_make_auth_token() {
+  char * token;
+
+  safe_asprintf(&token,"%04hx%04hx", rand16(), rand16());
+
+  return token;
+}

src/http.h

@@ -0,0 +1,54 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: http.h 1104 2006-10-09 00:58:46Z acv $ */
+/** @file http.h
+    @brief HTTP IO functions
+    @author Copyright (C) 2004 Philippe April <papril777@yahoo.com>
+*/
+
+#ifndef _HTTP_H_
+#define _HTTP_H_
+
+#include "httpd.h"
+#include "client_list.h"
+
+/**@brief Callback for libhttpd, serves nodogsplash splash page */
+void http_nodogsplash_callback_404(httpd *webserver, request *r);
+/**@brief Callback for libhttpd, serves nodogsplash splash page */
+void http_nodogsplash_callback_index(httpd *webserver, request *r);
+/**@brief Callback for libhttpd, authenticates a client for nodogsplash */
+void http_nodogsplash_callback_auth(httpd *webserver, request *r);
+/**@brief Callback for libhttpd, denies a client for nodogsplash */
+void http_nodogsplash_callback_deny(httpd *webserver, request *r);
+/**@brief Add client identified in request to client list. */
+t_client* http_nodogsplash_add_client(request *r);
+/**@brief Serves a 307 Temporary Redirect */
+void http_nodogsplash_redirect(request *r, char *url);
+/**@brief Serve the splash page from its file */
+void http_nodogsplash_serve_splash(request *r, char *token, char *host, char *path);
+/**@brief Allocate and return a random string of 8 hex digits suitable as an authentication token */
+char * http_make_auth_token();
+/** @brief Sends HTML header to web browser */
+void http_nodogsplash_header(request *r, char *title);
+/** @brief Sends HTML footer to web browser */
+void http_nodogsplash_footer(request *r);
+
+#endif /* _HTTP_H_ */

src/httpd_thread.c

@@ -0,0 +1,73 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: httpd_thread.c 901 2006-01-17 18:58:13Z mina $ */
+
+/** @file httpd_thread.c
+    @brief Handles one web request.
+    @author Copyright (C) 2004 Alexandre Carmel-Veilleux <acv@acv.ca>
+*/
+
+#define _GNU_SOURCE
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <pthread.h>
+#include <string.h>
+#include <unistd.h>
+#include <syslog.h>
+#include <signal.h>
+#include <errno.h>
+
+#include "httpd.h"
+
+#include "../config.h"
+#include "common.h"
+#include "debug.h"
+#include "httpd_thread.h"
+
+/** Main request handling thread.
+@param args Two item array of void-cast pointers to the httpd and request struct
+*/
+void
+thread_httpd(void *args) {
+  void	**params;
+  httpd	*webserver;
+  request	*r;
+	
+  params = (void **)args;
+  webserver = *params;
+  r = *(params + 1);
+  free(params); /* XXX We must release this ourselves. */
+	
+  if (httpdReadRequest(webserver, r) == 0) {
+    /*
+     * We read the request fine
+     */
+    debug(LOG_DEBUG, "Calling httpdProcessRequest() for %s", r->clientAddr);
+    httpdProcessRequest(webserver, r);
+    debug(LOG_DEBUG, "Returned from httpdProcessRequest() for %s", r->clientAddr);
+  }
+  else {
+    debug(LOG_DEBUG, "No valid request received from %s", r->clientAddr);
+  }
+  debug(LOG_DEBUG, "Closing connection with %s", r->clientAddr);
+  httpdEndRequest(r);
+}

src/httpd_thread.h

@@ -0,0 +1,33 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: httpd_thread.h 901 2006-01-17 18:58:13Z mina $ */
+/** @file httpd_thread.h
+    @brief nodogsplash httpd worker thread
+    @author Copyright (C) 2004 Alexandre Carmel-Veilleux <acv@acv.ca>
+*/
+
+#ifndef _HTTPD_THREAD_H_
+#define _HTTPD_THREAD_H_
+
+/** @brief Handle a web request */
+void thread_httpd(void *args);
+
+#endif

src/ndsctl.c

@@ -0,0 +1,329 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: ndsctl.c 901 2006-01-17 18:58:13Z mina $ */
+/** @file ndsctl.c
+    @brief Monitoring and control of nodogsplash, client part
+    @author Copyright (C) 2004 Alexandre Carmel-Veilleux <acv@acv.ca>
+    trivially modified for nodogsplash
+*/
+
+#define _GNU_SOURCE
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <pthread.h>
+#include <string.h>
+#include <stdarg.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+#include <unistd.h>
+#include <syslog.h>
+#include <errno.h>
+
+#include "ndsctl.h"
+
+s_config config;
+
+static void usage(void);
+static void init_config(void);
+static void parse_commandline(int, char **);
+static int connect_to_server(char *);
+static int send_request(int, char *);
+static void ndsctl_status(void);
+static void ndsctl_stop(void);
+static void ndsctl_reset(void);
+static void ndsctl_restart(void);
+
+/** @internal
+ * @brief Print usage
+ *
+ * Prints usage, called when ndsctl is run with -h or with an unknown option
+ */
+static void
+usage(void)
+{
+    printf("Usage: ndsctl [options] command [arguments]\n");
+    printf("\n");
+    printf("options:\n");
+    printf("  -s <path>         Path to the socket\n");
+    printf("  -h                Print usage\n");
+    printf("\n");
+    printf("commands:\n");
+    /*
+    printf("  reset [mac|ip]    Reset the specified mac or ip connection\n");
+    */
+    printf("  status            Obtain the status of nodogsplash\n");
+    printf("  stop              Stop the running nodogsplash\n");
+    /*
+    printf("  restart           Re-start the running nodogsplash (without disconnecting active users!)\n");
+    */
+    printf("\n");
+}
+
+/** @internal
+ *
+ * Init default values in config struct
+ */
+static void
+init_config(void)
+{
+
+	config.socket = strdup(DEFAULT_SOCK);
+	config.command = NDSCTL_UNDEF;
+}
+
+/** @internal
+ *
+ * Uses getopt() to parse the command line and set configuration values
+ */
+void
+parse_commandline(int argc, char **argv) {
+  extern int optind;
+  int c;
+
+  while (-1 != (c = getopt(argc, argv, "s:h"))) {
+    switch(c) {
+    case 'h':
+      usage();
+      exit(1);
+      break;
+
+    case 's':
+      if (optarg) {
+	free(config.socket);
+	config.socket = strdup(optarg);
+      }
+      break;
+
+    default:
+      usage();
+      exit(1);
+      break;
+    }
+  }
+
+  if ((argc - optind) <= 0) {
+    usage();
+    exit(1);
+  }
+
+  if (strcmp(*(argv + optind), "status") == 0) {
+    config.command = NDSCTL_STATUS;
+  }
+
+  else if (strcmp(*(argv + optind), "stop") == 0) {
+    config.command = NDSCTL_STOP;
+  } 
+  /*  Nodogsplash doesn't use these; deal with S65nodogsplash instead.
+      else if (strcmp(*(argv + optind), "reset") == 0) {
+    config.command = NDSCTL_KILL;
+    if ((argc - (optind + 1)) <= 0) {
+      fprintf(stderr, "ndsctl: Error: You must specify an IP "
+	      "or a Mac address to reset\n");
+      usage();
+      exit(1);
+    }
+    config.param = strdup(*(argv + optind + 1));
+  } else if (strcmp(*(argv + optind), "restart") == 0) {
+    config.command = NDSCTL_RESTART;
+  }
+  */
+  else {
+    fprintf(stderr, "ndsctl: Error: Invalid command \"%s\"\n", *(argv + optind));
+    usage();
+    exit(1);
+  }
+}
+
+static int
+connect_to_server(char *sock_name) {
+  int sock;
+  struct sockaddr_un	sa_un;
+	
+  /* Connect to socket */
+  sock = socket(AF_UNIX, SOCK_STREAM, 0);
+  memset(&sa_un, 0, sizeof(sa_un));
+  sa_un.sun_family = AF_UNIX;
+  strncpy(sa_un.sun_path, sock_name, (sizeof(sa_un.sun_path) - 1));
+
+  if (connect(sock, (struct sockaddr *)&sa_un, 
+	      strlen(sa_un.sun_path) + sizeof(sa_un.sun_family))) {
+    fprintf(stderr, "ndsctl: nodogsplash probably not started (Error: %s)\n", strerror(errno));
+    exit(1);
+  }
+
+  return sock;
+}
+
+static int
+send_request(int sock, char *request) {
+  ssize_t	len,
+    written;
+		
+  len = 0;
+  while (len != strlen(request)) {
+    written = write(sock, (request + len), strlen(request) - len);
+    if (written == -1) {
+      fprintf(stderr, "Write to nodogsplash failed: %s\n",
+	      strerror(errno));
+      exit(1);
+    }
+    len += written;
+  }
+
+  return((int)len);
+}
+
+static void
+ndsctl_status(void) {
+  int	sock;
+  char	buffer[4096];
+  char	request[16];
+  int	len;
+
+  sock = connect_to_server(config.socket);
+		
+  strncpy(request, "status\r\n\r\n", 15);
+
+  len = send_request(sock, request);
+	
+  while ((len = read(sock, buffer, sizeof(buffer))) > 0) {
+    buffer[len] = '\0';
+    printf("%s", buffer);
+  }
+
+  shutdown(sock, 2);
+  close(sock);
+}
+
+static void
+ndsctl_stop(void) {
+  int	sock;
+  char	buffer[4096];
+  char	request[16];
+  int	len;
+
+  sock = connect_to_server(config.socket);
+		
+  strncpy(request, "stop\r\n\r\n", 15);
+
+  len = send_request(sock, request);
+	
+  while ((len = read(sock, buffer, sizeof(buffer))) > 0) {
+    buffer[len] = '\0';
+    printf("%s", buffer);
+  }
+
+  shutdown(sock, 2);
+  close(sock);
+}
+
+void
+ndsctl_reset(void) {
+  int	sock;
+  char	buffer[4096];
+  char	request[64];
+  int	len,
+    rlen;
+
+  sock = connect_to_server(config.socket);
+		
+  strncpy(request, "reset ", 64);
+  strncat(request, config.param, (64 - strlen(request)));
+  strncat(request, "\r\n\r\n", (64 - strlen(request)));
+
+  len = send_request(sock, request);
+	
+  len = 0;
+  memset(buffer, 0, sizeof(buffer));
+  while ((len < sizeof(buffer)) && ((rlen = read(sock, (buffer + len),
+						 (sizeof(buffer) - len))) > 0)){
+    len += rlen;
+  }
+
+  if (strcmp(buffer, "Yes") == 0) {
+    printf("Connection %s successfully reset.\n", config.param);
+  } else if (strcmp(buffer, "No") == 0) {
+    printf("Connection %s was not active.\n", config.param);
+  } else {
+    fprintf(stderr, "ndsctl: Error: nodogsplash sent an abnormal "
+	    "reply.\n");
+  }
+
+  shutdown(sock, 2);
+  close(sock);
+}
+
+static void
+ndsctl_restart(void) {
+  int	sock;
+  char	buffer[4096];
+  char	request[16];
+  int	len;
+
+  sock = connect_to_server(config.socket);
+		
+  strncpy(request, "restart\r\n\r\n", 15);
+
+  len = send_request(sock, request);
+	
+  while ((len = read(sock, buffer, sizeof(buffer))) > 0) {
+    buffer[len] = '\0';
+    printf("%s", buffer);
+  }
+
+  shutdown(sock, 2);
+  close(sock);
+}
+
+int
+main(int argc, char **argv) {
+
+  /* Init configuration */
+  init_config();
+  parse_commandline(argc, argv);
+
+  switch(config.command) {
+  case NDSCTL_STATUS:
+    ndsctl_status();
+    break;
+	
+  case NDSCTL_STOP:
+    ndsctl_stop();
+    break;
+
+  case NDSCTL_KILL:
+    ndsctl_reset();
+    break;
+		
+  case NDSCTL_RESTART:
+    ndsctl_restart();
+    break;
+
+  default:
+    /* XXX NEVER REACHED */
+    fprintf(stderr, "Oops\n");
+    exit(1);
+    break;
+  }
+  exit(0);
+}

src/ndsctl.h

@@ -0,0 +1,44 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: ndsctl.h 901 2006-01-17 18:58:13Z mina $ */
+/** @file ndsctl.h
+    @brief nodogsplash monitoring client
+    @author Copyright (C) 2004 Alexandre Carmel-Veilleux <acv@acv.ca>
+    trivially modified 2007 for nodogsplash
+*/
+
+#ifndef _NDSCTL_H_
+#define _NDSCTL_H_
+
+#define DEFAULT_SOCK	"/tmp/ndsctl.sock"
+
+#define NDSCTL_UNDEF		0
+#define NDSCTL_STATUS		1
+#define NDSCTL_STOP		2
+#define NDSCTL_KILL		3
+#define NDSCTL_RESTART	4
+
+typedef struct {
+	char	*socket;
+	int	command;
+	char	*param;
+} s_config;
+#endif

src/ndsctl_thread.c

@@ -0,0 +1,395 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: ndsctl_thread.c 969 2006-02-23 17:09:32Z papril $ */
+/** @file ndsctl_thread.c
+    @brief Monitoring and control of nodogsplash, server part
+    @author Copyright (C) 2004 Alexandre Carmel-Veilleux <acv@acv.ca>
+    trivially modified for nodogsplash
+*/
+
+#define _GNU_SOURCE
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <pthread.h>
+#include <string.h>
+#include <stdarg.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+#include <unistd.h>
+#include <syslog.h>
+#include <signal.h>
+#include <errno.h>
+
+#include "common.h"
+#include "httpd.h"
+#include "util.h"
+#include "conf.h"
+#include "debug.h"
+#include "auth.h"
+#include "fw_iptables.h"
+#include "firewall.h"
+#include "client_list.h"
+#include "ndsctl_thread.h"
+
+/* Defined in clientlist.c */
+extern	pthread_mutex_t	client_list_mutex;
+extern	pthread_mutex_t	config_mutex;
+
+/* From commandline.c: */
+extern char ** restartargv;
+static void *thread_ndsctl_handler(void *);
+static void ndsctl_status(int);
+static void ndsctl_stop(int);
+static void ndsctl_reset(int, char *);
+static void ndsctl_restart(int);
+
+/** Launches a thread that monitors the control socket for request
+@param arg Must contain a pointer to a string containing the Unix domain socket to open
+@todo This thread loops infinitely, need a watchdog to verify that it is still running?
+*/  
+void
+thread_ndsctl(void *arg) {
+  int	sock,
+    fd;
+  char	*sock_name;
+  struct 	sockaddr_un	sa_un;
+  int result;
+  pthread_t	tid;
+  socklen_t len;
+
+  debug(LOG_DEBUG, "Starting ndsctl.");
+
+  memset(&sa_un, 0, sizeof(sa_un));
+  sock_name = (char *)arg;
+  debug(LOG_DEBUG, "Socket name: %s", sock_name);
+
+  if (strlen(sock_name) > (sizeof(sa_un.sun_path) - 1)) {
+    /* TODO: Die handler with logging.... */
+    debug(LOG_ERR, "NDSCTL socket name too long");
+    exit(1);
+  }
+	
+
+  debug(LOG_DEBUG, "Creating socket");
+  sock = socket(PF_UNIX, SOCK_STREAM, 0);
+
+  debug(LOG_DEBUG, "Got server socket %d", sock);
+
+  /* If it exists, delete... Not the cleanest way to deal. */
+  unlink(sock_name);
+
+  debug(LOG_DEBUG, "Filling sockaddr_un");
+  strcpy(sa_un.sun_path, sock_name); /* XXX No size check because we
+				      * check a few lines before. */
+  sa_un.sun_family = AF_UNIX;
+	
+  debug(LOG_DEBUG, "Binding socket (%s) (%d)", sa_un.sun_path,
+	strlen(sock_name));
+	
+  /* Which to use, AF_UNIX, PF_UNIX, AF_LOCAL, PF_LOCAL? */
+  if (bind(sock, (struct sockaddr *)&sa_un, strlen(sock_name) 
+	   + sizeof(sa_un.sun_family))) {
+    debug(LOG_ERR, "Could not bind control socket: %s",
+	  strerror(errno));
+    pthread_exit(NULL);
+  }
+
+  if (listen(sock, 5)) {
+    debug(LOG_ERR, "Could not listen on control socket: %s",
+	  strerror(errno));
+    pthread_exit(NULL);
+  }
+
+  while (1) {
+    memset(&sa_un, 0, sizeof(sa_un));
+    if ((fd = accept(sock, (struct sockaddr *)&sa_un, &len)) == -1){
+      debug(LOG_ERR, "Accept failed on control socket: %s",
+	    strerror(errno));
+    } else {
+      debug(LOG_DEBUG, "Accepted connection on ndsctl socket %d (%s)", fd, sa_un.sun_path);
+      result = pthread_create(&tid, NULL, &thread_ndsctl_handler, (void *)fd);
+      if (result != 0) {
+	debug(LOG_ERR, "FATAL: Failed to create a new thread (ndsctl handler) - exiting");
+	termination_handler(0);
+      }
+      pthread_detach(tid);
+    }
+  }
+}
+
+
+static void *
+thread_ndsctl_handler(void *arg) {
+  int	fd,
+    done,
+    i;
+  char	request[MAX_BUF];
+  ssize_t	read_bytes,
+    len;
+
+  debug(LOG_DEBUG, "Entering thread_ndsctl_handler....");
+
+  fd = (int)arg;
+	
+  debug(LOG_DEBUG, "Read bytes and stuff from %d", fd);
+
+  /* Init variables */
+  read_bytes = 0;
+  done = 0;
+  memset(request, 0, sizeof(request));
+	
+  /* Read.... */
+  while (!done && read_bytes < (sizeof(request) - 1)) {
+    len = read(fd, request + read_bytes,
+	       sizeof(request) - read_bytes);
+
+    /* Have we gotten a command yet? */
+    for (i = read_bytes; i < (read_bytes + len); i++) {
+      if (request[i] == '\r' || request[i] == '\n') {
+	request[i] = '\0';
+	done = 1;
+      }
+    }
+		
+    /* Increment position */
+    read_bytes += len;
+  }
+
+  debug(LOG_DEBUG, "ndsctl request received: [%s]", request);
+
+  if (strncmp(request, "status", 6) == 0) {
+    ndsctl_status(fd);
+  } else if (strncmp(request, "stop", 4) == 0) {
+    ndsctl_stop(fd);
+  } else if (strncmp(request, "reset", 5) == 0) {
+    ndsctl_reset(fd, (request + 6));
+  } else if (strncmp(request, "restart", 7) == 0) {
+    ndsctl_restart(fd);
+  }
+
+  if (!done) {
+    debug(LOG_ERR, "Invalid ndsctl request.");
+    shutdown(fd, 2);
+    close(fd);
+    pthread_exit(NULL);
+  }
+
+  debug(LOG_DEBUG, "ndsctl request processed: [%s]", request);
+	
+  shutdown(fd, 2);
+  close(fd);
+  debug(LOG_DEBUG, "Exiting thread_ndsctl_handler....");
+
+  return NULL;
+}
+
+static void
+ndsctl_status(int fd) {
+  char * status = NULL;
+  int len = 0;
+
+  status = get_status_text();
+  len = strlen(status);
+
+  write(fd, status, len);
+
+  free(status);
+}
+
+/** A bit of an hack, self kills.... */
+static void
+ndsctl_stop(int fd) {
+  pid_t	pid;
+
+  pid = getpid();
+  kill(pid, SIGINT);
+}
+
+static void
+ndsctl_restart(int afd) {
+  int	sock,
+    fd;
+  char	*sock_name;
+  struct 	sockaddr_un	sa_un;
+  int result;
+  s_config * conf = NULL;
+  t_client * client = NULL;
+  char * tempstring = NULL;
+  pid_t pid;
+  ssize_t written;
+  socklen_t len;
+
+  conf = config_get_config();
+
+  debug(LOG_NOTICE, "Will restart myself");
+
+  /*
+   * First, prepare the internal socket
+   */
+  memset(&sa_un, 0, sizeof(sa_un));
+  sock_name = conf->internal_sock;
+  debug(LOG_DEBUG, "Socket name: %s", sock_name);
+
+  if (strlen(sock_name) > (sizeof(sa_un.sun_path) - 1)) {
+    /* TODO: Die handler with logging.... */
+    debug(LOG_ERR, "INTERNAL socket name too long");
+    return;
+  }
+
+  debug(LOG_DEBUG, "Creating socket");
+  sock = socket(PF_UNIX, SOCK_STREAM, 0);
+
+  debug(LOG_DEBUG, "Got internal socket %d", sock);
+
+  /* If it exists, delete... Not the cleanest way to deal. */
+  unlink(sock_name);
+
+  debug(LOG_DEBUG, "Filling sockaddr_un");
+  strcpy(sa_un.sun_path, sock_name); /* XXX No size check because we check a few lines before. */
+  sa_un.sun_family = AF_UNIX;
+	
+  debug(LOG_DEBUG, "Binding socket (%s) (%d)", sa_un.sun_path, strlen(sock_name));
+	
+  /* Which to use, AF_UNIX, PF_UNIX, AF_LOCAL, PF_LOCAL? */
+  if (bind(sock, (struct sockaddr *)&sa_un, strlen(sock_name) + sizeof(sa_un.sun_family))) {
+    debug(LOG_ERR, "Could not bind internal socket: %s", strerror(errno));
+    return;
+  }
+
+  if (listen(sock, 5)) {
+    debug(LOG_ERR, "Could not listen on internal socket: %s", strerror(errno));
+    return;
+  }
+	
+  /*
+   * The internal socket is ready, fork and exec ourselves
+   */
+  debug(LOG_DEBUG, "Forking in preparation for exec()...");
+  pid = safe_fork();
+  if (pid > 0) {
+    /* Parent */
+
+    /* Wait for the child to connect to our socket :*/
+    debug(LOG_DEBUG, "Waiting for child to connect on internal socket");
+    if ((fd = accept(sock, (struct sockaddr *)&sa_un, &len)) == -1){
+      debug(LOG_ERR, "Accept failed on internal socket: %s", strerror(errno));
+      close(sock);
+      return;
+    }
+
+    close(sock);
+
+    debug(LOG_DEBUG, "Received connection from child.  Sending them all existing clients");
+
+    /* The child is connected. Send them over the socket the existing clients */
+    LOCK_CLIENT_LIST();
+    client = client_get_first_client();
+    while (client) {
+      /* Send this client */
+      safe_asprintf(&tempstring,
+		    "CLIENT|ip=%s|mac=%s|token=%s|fw_connection_state=%u|added_time=%llu|counters_incoming=%llu|counters_outgoing=%llu|counters_last_updated=%llu\n",
+		    client->ip,
+		    client->mac,
+		    client->token ? client->token : "NULL",
+		    client->fw_connection_state,
+		    (unsigned long long) (client->added_time),
+		    client->counters.incoming,
+		    client->counters.outgoing,
+		    (unsigned long long) client->counters.last_updated);
+      debug(LOG_DEBUG, "Sending to child client data: %s", tempstring);
+      len = 0;
+      while (len != strlen(tempstring)) {
+	written = write(fd, (tempstring + len), strlen(tempstring) - len);
+	if (written == -1) {
+	  debug(LOG_ERR, "Failed to write client data to child: %s", strerror(errno));
+	  free(tempstring);
+	  break;
+	}
+	else {
+	  len += written;
+	}
+      }
+      free(tempstring);
+      client = client->next;
+    }
+    UNLOCK_CLIENT_LIST();
+
+    close(fd);
+
+    debug(LOG_INFO, "Sent all existing clients to child.  Committing suicide!");
+
+    shutdown(afd, 2);
+    close(afd);
+
+    /* Our job in life is done. Commit suicide! */
+    ndsctl_stop(afd);
+  }
+  else {
+    /* Child */
+    close(sock);
+    shutdown(afd, 2);
+    close(afd);
+    debug(LOG_NOTICE, "Re-executing myself (%s)", restartargv[0]);
+    setsid();
+    execvp(restartargv[0], restartargv);
+    /* If we've reached here the exec() failed - die quickly and silently */
+    debug(LOG_ERR, "I failed to re-execute myself: %s", strerror(errno));
+    debug(LOG_ERR, "Exiting without cleanup");
+    exit(1);
+  }
+
+}
+
+static void
+ndsctl_reset(int fd, char *arg) {
+  t_client	*node;
+
+  debug(LOG_DEBUG, "Entering ndsctl_reset...");
+	
+  LOCK_CLIENT_LIST();
+  debug(LOG_DEBUG, "Argument: %s (@%x)", arg, arg);
+	
+  /* We get the node or return... */
+  if ((node = client_list_find_by_ip(arg)) != NULL);
+  else if ((node = client_list_find_by_mac(arg)) != NULL);
+  else {
+    debug(LOG_DEBUG, "Client not found.");
+    UNLOCK_CLIENT_LIST();
+    write(fd, "No", 2);
+    return;
+  }
+
+  debug(LOG_DEBUG, "Got node %x.", node);
+	
+  /* deny.... */
+  /* TODO: maybe just deleting the connection is not best... But this
+   * is a manual command, I don't anticipate it'll be that useful. */
+  iptables_fw_access(AUTH_MAKE_DEAUTHENTICATED, node->ip, node->mac);
+  client_list_delete(node);
+	
+  UNLOCK_CLIENT_LIST();
+	
+  write(fd, "Yes", 3);
+	
+  debug(LOG_DEBUG, "Exiting ndsctl_reset...");
+}

src/ndsctl_thread.h

@@ -0,0 +1,36 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: ndsctl_thread.h 901 2006-01-17 18:58:13Z mina $ */
+/** @file ndsctl_thread.h
+    @brief nodogsplash monitoring thread
+    @author Copyright (C) 2004 Alexandre Carmel-Veilleux <acv@acv.ca>
+    trivially modified for nodogsplash
+*/
+
+#ifndef _NDSCTL_THREAD_H_
+#define _NDSCTL_THREAD_H_
+
+#define DEFAULT_NDSCTL_SOCK	"/tmp/ndsctl.sock"
+
+/** @brief Listen for nodogsplash control messages on a unix domain socket */
+void thread_ndsctl(void *arg);
+
+#endif

src/safe.c

@@ -0,0 +1,110 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+ \********************************************************************/
+
+/*
+ * $Id: safe.c 901 2006-01-17 18:58:13Z mina $
+ */
+/**
+  @file safe.c
+  @brief Safe versions of stdlib/string functions that error out and exit if memory allocation fails
+  @author Copyright (C) 2005 Mina Naguib <mina@ilesansfil.org>
+ */
+
+
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+
+#include "httpd.h"
+#include "safe.h"
+#include "debug.h"
+#include <syslog.h>
+
+/* From gateway.c */
+extern httpd * webserver;
+
+void * safe_malloc (size_t size) {
+	void * retval = NULL;
+	retval = malloc(size);
+	if (!retval) {
+		debug(LOG_CRIT, "Failed to malloc %d bytes of memory: %s.  Bailing out", size, strerror(errno));
+		exit(1);
+	}
+	return (retval);
+}
+
+char * safe_strdup(const char *s) {
+	char * retval = NULL;
+	if (!s) {
+		debug(LOG_CRIT, "safe_strdup called with NULL which would have crashed strdup. Bailing out");
+		exit(1);
+	}
+	retval = strdup(s);
+	if (!retval) {
+		debug(LOG_CRIT, "Failed to duplicate a string: %s.  Bailing out", strerror(errno));
+		exit(1);
+	}
+	return (retval);
+}
+
+int safe_asprintf(char **strp, const char *fmt, ...) {
+	va_list ap;
+	int retval;
+
+	va_start(ap, fmt);
+	retval = safe_vasprintf(strp, fmt, ap);
+	va_end(ap);
+
+	return (retval);
+}
+
+int safe_vasprintf(char **strp, const char *fmt, va_list ap) {
+	int retval;
+
+	retval = vasprintf(strp, fmt, ap);
+
+	if (retval == -1) {
+		debug(LOG_CRIT, "Failed to vasprintf: %s.  Bailing out", strerror(errno));
+		exit (1);
+	}
+	return (retval);
+}
+
+pid_t safe_fork(void) {
+	pid_t result;
+	result = fork();
+
+	if (result == -1) {
+		debug(LOG_CRIT, "Failed to fork: %s.  Bailing out", strerror(errno));
+		exit (1);
+	}
+	else if (result == 0) {
+		/* I'm the child - do some cleanup */
+		if (webserver) {
+			close(webserver->serverSock);
+			webserver = NULL;
+		}
+	}
+
+	return result;
+}
+

src/safe.h

@@ -0,0 +1,56 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: safe.h 901 2006-01-17 18:58:13Z mina $ */
+/** @file safe.h
+	  @brief Safe versions of stdlib/string functions that error out and exit if memory allocation fails
+	  @author Copyright (C) 2005 Mina Naguib <mina@ilesansfil.org>
+*/
+
+#ifndef _SAFE_H_
+#define _SAFE_H_
+
+#include <stdarg.h> /* For va_list */
+#include <sys/types.h> /* For fork */
+#include <unistd.h> /* For fork */
+
+/** @brief Safe version of malloc
+ */
+void * safe_malloc (size_t size);
+
+/* @brief Safe version of strdup
+ */
+char * safe_strdup(const char *s);
+
+/* @brief Safe version of asprintf
+ */
+int safe_asprintf(char **strp, const char *fmt, ...);
+
+/* @brief Safe version of vasprintf
+ */
+int safe_vasprintf(char **strp, const char *fmt, va_list ap);
+
+/* @brief Safe version of fork
+ */
+
+pid_t safe_fork(void);
+
+#endif /* _SAFE_H_ */
+

src/util.c

@@ -0,0 +1,453 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+ \********************************************************************/
+
+/*
+ * $Id: util.c 1162 2007-01-06 23:51:02Z benoitg $
+ */
+/**
+  @file util.c
+  @brief Misc utility functions
+  @author Copyright (C) 2004 Philippe April <papril777@yahoo.com>
+  @author Copyright (C) 2006 Benoit Grégoire <bock@step.polymtl.ca>
+ */
+
+#define _GNU_SOURCE
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <syslog.h>
+#include <errno.h>
+#include <pthread.h>
+#include <sys/wait.h>
+#include <sys/types.h>
+#include <sys/unistd.h>
+#include <netinet/in.h>
+#include <sys/ioctl.h>
+
+#ifdef __linux__
+#include <net/if.h>
+#endif
+
+#include <string.h>
+#include <pthread.h>
+#include <netdb.h>
+
+#include "common.h"
+#include "client_list.h"
+#include "safe.h"
+#include "util.h"
+#include "conf.h"
+#include "debug.h"
+#include "firewall.h"
+
+#include "../config.h"
+
+static pthread_mutex_t ghbn_mutex = PTHREAD_MUTEX_INITIALIZER;
+
+/* Defined in gateway.c */
+extern time_t started_time;
+
+/* Defined in clientlist.c */
+extern	pthread_mutex_t	client_list_mutex;
+extern	pthread_mutex_t	config_mutex;
+
+/* Defined in commandline.c */
+extern pid_t restart_orig_pid;
+
+/* XXX Do these need to be locked ? */
+static time_t last_online_time = 0;
+static time_t last_offline_time = 0;
+static time_t last_auth_online_time = 0;
+static time_t last_auth_offline_time = 0;
+
+long authenticated_this_session = 0;
+
+/** Fork a child and execute a shell command, the parent
+ * process waits for the child to return and returns the child's exit()
+ * value.
+ * @return Return code of the command
+ */
+int
+execute(char *cmd_line, int quiet) {
+  int pid,
+    status,
+    rc;
+
+  const char *new_argv[4];
+  new_argv[0] = "/bin/sh";
+  new_argv[1] = "-c";
+  new_argv[2] = cmd_line;
+  new_argv[3] = NULL;
+
+  pid = safe_fork();
+  if (pid == 0) {    /* for the child process:         */
+    /* We don't want to see any errors if quiet flag is on */
+    if (quiet) close(2);
+    if (execvp("/bin/sh", (char *const *)new_argv) < 0) {    /* execute the command  */
+      debug(LOG_ERR, "execvp(): %s", strerror(errno));
+      exit(1);
+    }
+  }
+  else {        /* for the parent:      */
+    debug(LOG_DEBUG, "Waiting for PID %d to exit", pid);
+    rc = waitpid(pid, &status, 0);
+    debug(LOG_DEBUG, "Process PID %d exited", rc);
+  }
+
+  return (WEXITSTATUS(status));
+}
+
+struct in_addr *
+wd_gethostbyname(const char *name) {
+  struct hostent *he;
+  struct in_addr *h_addr, *in_addr_temp;
+
+  /* XXX Calling function is reponsible for free() */
+
+  h_addr = safe_malloc(sizeof(struct in_addr));
+	
+  LOCK_GHBN();
+
+  he = gethostbyname(name);
+
+  if (he == NULL) {
+    free(h_addr);
+    UNLOCK_GHBN();
+    return NULL;
+  }
+
+  mark_online();
+
+  in_addr_temp = (struct in_addr *)he->h_addr_list[0];
+  h_addr->s_addr = in_addr_temp->s_addr;
+	
+  UNLOCK_GHBN();
+
+  return h_addr;
+}
+
+char *get_iface_ip(char *ifname) {
+#ifdef __linux__
+  struct ifreq if_data;
+#endif
+  struct in_addr in;
+  char *ip_str;
+  int sockd;
+  u_int32_t ip;
+
+#ifdef __linux__
+    
+  /* Create a socket.  SOCK_PACKET is obsolete */
+  if ((sockd = socket (PF_INET, SOCK_RAW, htons(0x8086))) < 0) {
+    debug(LOG_ERR, "socket(): %s", strerror(errno));
+    return NULL;
+  }
+
+  /* Get IP of internal interface */
+  strcpy (if_data.ifr_name, ifname);
+
+  /* Get the IP address */
+  if (ioctl (sockd, SIOCGIFADDR, &if_data) < 0) {
+    debug(LOG_ERR, "ioctl(): SIOCGIFADDR %s", strerror(errno));
+    return NULL;
+  }
+  memcpy ((void *) &ip, (void *) &if_data.ifr_addr.sa_data + 2, 4);
+  in.s_addr = ip;
+
+  ip_str = (char *)inet_ntoa(in);
+  return safe_strdup(ip_str);
+#else
+  return safe_strdup("0.0.0.0");
+#endif
+}
+
+char *get_iface_mac (char *ifname) {
+#ifdef __linux__
+  int r, s;
+  struct ifreq ifr;
+  char *hwaddr, mac[13];
+    
+  strcpy(ifr.ifr_name, ifname);
+
+  s = socket(PF_INET, SOCK_RAW, htons(0x8086));
+  if (-1 == s) {
+    debug(LOG_ERR, "get_iface_mac socket: %s", strerror(errno));
+    return NULL;
+  }
+
+  r = ioctl(s, SIOCGIFHWADDR, &ifr);
+  if (r == -1) {
+    debug(LOG_ERR, "get_iface_mac ioctl(SIOCGIFHWADDR): %s", strerror(errno));
+    close(s);
+    return NULL;
+  }
+
+  hwaddr = ifr.ifr_hwaddr.sa_data;
+  snprintf(mac, 13, "%02X%02X%02X%02X%02X%02X", 
+	   hwaddr[0] & 0xFF,
+	   hwaddr[1] & 0xFF,
+	   hwaddr[2] & 0xFF,
+	   hwaddr[3] & 0xFF,
+	   hwaddr[4] & 0xFF,
+	   hwaddr[5] & 0xFF
+	   );
+       
+  close(s);
+  return safe_strdup(mac);
+#else
+  return NULL;
+#endif
+}
+
+char *get_ext_iface (void) {
+#ifdef __linux__
+  FILE *input;
+  char *device, *gw;
+  int i;
+  pthread_cond_t		cond = PTHREAD_COND_INITIALIZER;
+  pthread_mutex_t		cond_mutex = PTHREAD_MUTEX_INITIALIZER;
+  struct	timespec	timeout;
+  device = (char *)malloc(16);
+  gw = (char *)malloc(16);
+  debug(LOG_DEBUG, "get_ext_iface(): Autodectecting the external interface from routing table");
+  for (i=1; i<=NUM_EXT_INTERFACE_DETECT_RETRY; i++) {
+    input = fopen("/proc/net/route", "r");
+    while (!feof(input)) {
+      fscanf(input, "%s %s %*s %*s %*s %*s %*s %*s %*s %*s %*s\n", device, gw);
+      if (strcmp(gw, "00000000") == 0) {
+	free(gw);
+	debug(LOG_INFO, "get_ext_iface(): Detected %s as the default interface after try %d", device, i);
+	return device;
+      }
+    }
+    fclose(input);
+    debug(LOG_ERR, "get_ext_iface(): Failed to detect the external interface after try %d of %d (maybe the interface is not up yet?)", i, NUM_EXT_INTERFACE_DETECT_RETRY);
+    /* Sleep for EXT_INTERFACE_DETECT_RETRY_INTERVAL seconds */
+    timeout.tv_sec = time(NULL) + EXT_INTERFACE_DETECT_RETRY_INTERVAL;
+    timeout.tv_nsec = 0;
+    /* Mutex must be locked for pthread_cond_timedwait... */
+    pthread_mutex_lock(&cond_mutex);	
+    /* Thread safe "sleep" */
+    pthread_cond_timedwait(&cond, &cond_mutex, &timeout);
+    /* No longer needs to be locked */
+    pthread_mutex_unlock(&cond_mutex);
+  }
+  debug(LOG_ERR, "get_ext_iface(): Failed to detect the external interface after %d tries, aborting", NUM_EXT_INTERFACE_DETECT_RETRY);
+  exit(1);
+  free(device);
+  free(gw);
+#endif
+  return NULL;
+}
+
+void mark_online() {
+  int before;
+  int after;
+
+  before = is_online();
+  time(&last_online_time);
+  after = is_online();
+
+  if (before != after) {
+    debug(LOG_INFO, "ONLINE status became %s", (after ? "ON" : "OFF"));
+  }
+
+}
+
+void mark_offline() {
+  int before;
+  int after;
+
+  before = is_online();
+  time(&last_offline_time);
+  after = is_online();
+
+  if (before != after) {
+    debug(LOG_INFO, "ONLINE status became %s", (after ? "ON" : "OFF"));
+  }
+
+  /* If we're offline it definately means the auth server is offline */
+  /*   mark_auth_offline(); */
+
+}
+
+int is_online() {
+  if (last_online_time == 0 || (last_offline_time - last_online_time) >= (config_get_config()->checkinterval * 2) ) {
+    /* We're probably offline */
+    return (0);
+  }
+  else {
+    /* We're probably online */
+    return (1);
+  }
+}
+
+
+/*
+ * @return A string containing human-readable status text. MUST BE free()d by caller
+ */
+char * get_status_text() {
+  char buffer[STATUS_BUF_SIZ];
+  char timebuf[32];
+  ssize_t len;
+  s_config *config;
+  t_client	*first;
+  int		indx;
+  unsigned long int uptime = 0;
+  unsigned int days = 0, hours = 0, minutes = 0, seconds = 0;
+  t_MAC *trust_mac;
+  t_MAC *block_mac;
+	
+  config = config_get_config();
+
+  len = 0;
+  snprintf(buffer, (sizeof(buffer) - len), "==================\nNoDogSplash Status\n====\n");
+  len = strlen(buffer);
+
+  uptime = time(NULL) - started_time;
+  days    = uptime / (24 * 60 * 60);
+  uptime -= days * (24 * 60 * 60);
+  hours   = uptime / (60 * 60);
+  uptime -= hours * (60 * 60);
+  minutes = uptime / 60;
+  uptime -= minutes * 60;
+  seconds = uptime;
+
+  snprintf((buffer + len), (sizeof(buffer) - len), "Version: " VERSION "\n");
+  len = strlen(buffer);
+
+  snprintf((buffer + len), (sizeof(buffer) - len), "Uptime: %ud %uh %um %us\n", days, hours, minutes, seconds);
+  len = strlen(buffer);
+
+  snprintf((buffer + len), (sizeof(buffer) - len), "Gateway Name: %s\n", config->gw_name);
+  len = strlen(buffer);
+
+  snprintf((buffer + len), (sizeof(buffer) - len), "Managed interface: %s\n", config->gw_interface);
+  len = strlen(buffer);
+
+  snprintf((buffer + len), (sizeof(buffer) - len), "Server listening: %s:%d\n",
+	   config->gw_address, config->gw_port);
+  len = strlen(buffer);
+
+  snprintf((buffer + len), (sizeof(buffer) - len), "Splashpage: %s/%s\n",
+	   config->webroot, config->splashpage);
+  len = strlen(buffer);
+
+
+  /** not needed in nodogsplash, since we don't permit ndsctl restart
+  snprintf((buffer + len), (sizeof(buffer) - len), "Has been restarted: ");
+  len = strlen(buffer);
+  if (restart_orig_pid) {
+    snprintf((buffer + len), (sizeof(buffer) - len), "yes (from PID %d)\n", restart_orig_pid);
+    len = strlen(buffer);
+  }
+  else {
+    snprintf((buffer + len), (sizeof(buffer) - len), "no\n");
+    len = strlen(buffer);
+  }
+  */
+  
+  /** doubtful usefulness in nodogsplash
+  snprintf((buffer + len), (sizeof(buffer) - len), "Internet Connectivity: %s\n", (is_online() ? "yes" : "no"));
+  len = strlen(buffer);
+  */
+
+  snprintf((buffer + len), (sizeof(buffer) - len), "====\n");
+  len = strlen(buffer);
+
+  snprintf((buffer + len), (sizeof(buffer) - len), "Clients authenticated this session: %lu\n", authenticated_this_session);
+  len = strlen(buffer);
+
+  LOCK_CLIENT_LIST();
+	
+  snprintf((buffer + len), (sizeof(buffer) - len), "Current clients: %d\n", get_client_list_length());
+  len = strlen(buffer);
+
+  first = client_get_first_client();
+  if(first) {
+    snprintf((buffer + len), (sizeof(buffer) - len), "\n");
+    len = strlen(buffer);
+  }
+  indx = 0;
+  while (first != NULL) {
+    snprintf((buffer + len), (sizeof(buffer) - len), "Client %d\n", indx);
+    len = strlen(buffer);
+
+    snprintf((buffer + len), (sizeof(buffer) - len), "  IP: %s MAC: %s\n", first->ip, first->mac);
+    len = strlen(buffer);
+
+    ctime_r(&(first->added_time),timebuf);
+    snprintf((buffer + len), (sizeof(buffer) - len), "  Added:   %s", timebuf);
+    len = strlen(buffer);
+
+    ctime_r(&(first->counters.last_updated),timebuf);
+    snprintf((buffer + len), (sizeof(buffer) - len), "  Active:  %s", timebuf);
+    len = strlen(buffer);
+
+    snprintf((buffer + len), (sizeof(buffer) - len), "  Token: %s\n", first->token ? first->token : "none");
+    len = strlen(buffer);
+
+    snprintf((buffer + len), (sizeof(buffer) - len), "  State: %s\n",
+	     fw_connection_state_as_string(first->fw_connection_state));
+    len = strlen(buffer);
+
+    snprintf((buffer + len), (sizeof(buffer) - len), "  Download bytes: %llu\n  Upload bytes:   %llu\n\n" , first->counters.incoming, first->counters.outgoing);
+    len = strlen(buffer);
+
+    indx++;
+    first = first->next;
+  }
+
+  UNLOCK_CLIENT_LIST();
+
+  snprintf((buffer + len), (sizeof(buffer) - len), "====\n");
+  len = strlen(buffer);
+  
+  snprintf((buffer + len), (sizeof(buffer) - len), "Blocked MAC addresses:\n");
+  len = strlen(buffer);
+
+  if (config->blockedmaclist != NULL) {
+    for (block_mac = config->blockedmaclist; block_mac != NULL; block_mac = block_mac->next) {
+      snprintf((buffer + len), (sizeof(buffer) - len), "  %s\n", block_mac->mac);
+      len = strlen(buffer);
+    }
+  } else {
+      snprintf((buffer + len), (sizeof(buffer) - len), "  none\n");
+      len = strlen(buffer);
+  }
+
+  snprintf((buffer + len), (sizeof(buffer) - len), "Trusted MAC addresses:\n");
+  len = strlen(buffer);
+
+  if (config->trustedmaclist != NULL) {
+    for (trust_mac = config->trustedmaclist; trust_mac != NULL; trust_mac = trust_mac->next) {
+      snprintf((buffer + len), (sizeof(buffer) - len), "  %s\n", trust_mac->mac);
+      len = strlen(buffer);
+    }
+  } else {
+      snprintf((buffer + len), (sizeof(buffer) - len), "  none\n");
+      len = strlen(buffer);
+  }
+  
+  snprintf((buffer + len), (sizeof(buffer) - len), "========\n");
+  len = strlen(buffer);
+  
+  return safe_strdup(buffer);
+}

src/util.h

@@ -0,0 +1,78 @@
+/********************************************************************\
+ * This program is free software; you can redistribute it and/or    *
+ * modify it under the terms of the GNU General Public License as   *
+ * published by the Free Software Foundation; either version 2 of   *
+ * the License, or (at your option) any later version.              *
+ *                                                                  *
+ * This program is distributed in the hope that it will be useful,  *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
+ * GNU General Public License for more details.                     *
+ *                                                                  *
+ * You should have received a copy of the GNU General Public License*
+ * along with this program; if not, contact:                        *
+ *                                                                  *
+ * Free Software Foundation           Voice:  +1-617-542-5942       *
+ * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
+ * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
+ *                                                                  *
+\********************************************************************/
+
+/* $Id: util.h 969 2006-02-23 17:09:32Z papril $ */
+/** @file util.h
+    @brief Misc utility functions
+    @author Copyright (C) 2004 Philippe April <papril777@yahoo.com>
+*/
+
+#ifndef _UTIL_H_
+#define _UTIL_H_
+
+#define STATUS_BUF_SIZ	16384
+
+/** @brief Execute a shell command
+ */
+int execute(char *cmd_line, int quiet);
+struct in_addr *wd_gethostbyname(const char *name);
+
+/* @brief Get IP address of an interface */
+char *get_iface_ip(char *ifname);
+
+/* @brief Get MAC address of an interface */
+char *get_iface_mac(char *ifname);
+
+/* @brief Get interface name of default gateway */
+char *get_ext_iface (void);
+
+/* @brief Sets hint that an online action (dns/connect/etc using WAN) succeeded */
+void mark_online();
+/* @brief Sets hint that an online action (dns/connect/etc using WAN) failed */
+void mark_offline();
+/* @brief Returns a guess (true or false) on whether we're online or not based on previous calls to mark_online and mark_offline */
+int is_online();
+
+/* @brief Sets hint that an auth server online action succeeded */
+void mark_auth_online();
+/* @brief Sets hint that an auth server online action failed */
+void mark_auth_offline();
+/* @brief Returns a guess (true or false) on whether we're an auth server is online or not based on previous calls to mark_auth_online and mark_auth_offline */
+int is_auth_online();
+
+/*
+ * @brief Creates a human-readable paragraph of the status of the nodogsplash process
+ */
+char * get_status_text();
+
+#define LOCK_GHBN() do { \
+	debug(LOG_DEBUG, "Locking wd_gethostbyname()"); \
+	pthread_mutex_lock(&ghbn_mutex); \
+	debug(LOG_DEBUG, "wd_gethostbyname() locked"); \
+} while (0)
+
+#define UNLOCK_GHBN() do { \
+	debug(LOG_DEBUG, "Unlocking wd_gethostbyname()"); \
+	pthread_mutex_unlock(&ghbn_mutex); \
+	debug(LOG_DEBUG, "wd_gethostbyname() unlocked"); \
+} while (0)
+
+#endif /* _UTIL_H_ */
+