我已经用 DD-WRT 版本 V24-preSP 2201412-22-2014-r25697 刷新了 ASUS AC-RT56U 路由器。现在我想用 wifidog 将其变成热点,放在小型企业(健身中心)中
我创建了自己的身份验证服务器,以排除故障。当我连接新的无线设备时,它无法访问互联网,只能访问 DD-WRT 路由器和身份验证服务器。当我输入 URL(例如:www.google.com)时,我不会被重定向到登录页面。在服务器上的 access.log 文件中,我只看到 DD-wrt 路由器向服务器发送 ping 请求。我有它,所以我的自定义身份验证服务器总是回复“Pong”。
我发现这里有一个 bughttp://svn.dd-wrt.com/ticket/3344。但它没有任何回应。这正是我的设备上发生的情况。当我访问 http://routerip:2060 时,我确实得到了我的身份验证服务器的门户页面。
现在我想知道是否可以创建一个 iptables 规则,以便所有未经身份验证的流量都重定向到 http://routerip:2060 页面?我猜当重定向有效时,其余过程就会有效。
这是 wifidog 身份验证过程的示意图。第一个重定向不起作用。 http://dev.wifidog.org/wiki/doc/developer/FlowDiagram
我没有修改 iptables 规则的经验。
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc
DROP udp -- anywhere anywhere udp dpt:route
DROP udp -- anywhere anywhere udp dpt:route
ACCEPT udp -- anywhere anywhere udp dpt:route
ACCEPT tcp -- anywhere dd-wrt tcp dpt:telnet
DROP icmp -- anywhere anywhere
DROP igmp -- anywhere anywhere
ACCEPT 0 -- anywhere anywhere state NEW
ACCEPT 0 -- anywhere anywhere state NEW
DROP 0 -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
WiFiDog_br0_WIFI2Internet 0 -- anywhere anywhere
ACCEPT 0 -- anywhere 123.123.123.123.colo.transip.net
ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT gre -- 192.168.128.0/24 anywhere
ACCEPT tcp -- 192.168.128.0/24 anywhere tcp dpt:1723
lan2wan 0 -- anywhere anywhere
ACCEPT 0 -- anywhere anywhere
TRIGGER 0 -- anywhere anywhere TRIGGER type:in match:0 relate:0
trigger_out 0 -- anywhere anywhere
ACCEPT 0 -- anywhere anywhere state NEW
DROP 0 -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain WiFiDog_br0_AuthServers (1 references)
target prot opt source destination
logaccept 0 -- anywhere 123.123.123.123.colo.transip.net
Chain WiFiDog_br0_Global (1 references)
target prot opt source destination
Chain WiFiDog_br0_Known (1 references)
target prot opt source destination
logaccept 0 -- anywhere anywhere
Chain WiFiDog_br0_Locked (1 references)
target prot opt source destination
logreject 0 -- anywhere anywhere
Chain WiFiDog_br0_Unknown (1 references)
target prot opt source destination
logaccept udp -- anywhere anywhere udp dpt:domain
logaccept tcp -- anywhere anywhere tcp dpt:domain
logaccept udp -- anywhere anywhere udp dpt:bootps
logaccept tcp -- anywhere anywhere tcp dpt:bootps
logreject 0 -- anywhere anywhere
Chain WiFiDog_br0_Validate (1 references)
target prot opt source destination
logaccept 0 -- anywhere anywhere
Chain WiFiDog_br0_WIFI2Internet (1 references)
target prot opt source destination
DROP 0 -- anywhere anywhere state INVALID
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
WiFiDog_br0_AuthServers 0 -- anywhere anywhere
WiFiDog_br0_Locked 0 -- anywhere anywhere mark match 0x254
WiFiDog_br0_Global 0 -- anywhere anywhere
WiFiDog_br0_Validate 0 -- anywhere anywhere mark match 0x1
WiFiDog_br0_Known 0 -- anywhere anywhere mark match 0x2
WiFiDog_br0_Unknown 0 -- anywhere anywhere
Chain advgrp_1 (0 references)
target prot opt source destination
Chain advgrp_10 (0 references)
target prot opt source destination
Chain advgrp_2 (0 references)
target prot opt source destination
Chain advgrp_3 (0 references)
target prot opt source destination
Chain advgrp_4 (0 references)
target prot opt source destination
Chain advgrp_5 (0 references)
target prot opt source destination
Chain advgrp_6 (0 references)
target prot opt source destination
Chain advgrp_7 (0 references)
target prot opt source destination
Chain advgrp_8 (0 references)
target prot opt source destination
Chain advgrp_9 (0 references)
target prot opt source destination
Chain grp_1 (0 references)
target prot opt source destination
Chain grp_10 (0 references)
target prot opt source destination
Chain grp_2 (0 references)
target prot opt source destination
Chain grp_3 (0 references)
target prot opt source destination
Chain grp_4 (0 references)
target prot opt source destination
Chain grp_5 (0 references)
target prot opt source destination
Chain grp_6 (0 references)
target prot opt source destination
Chain grp_7 (0 references)
target prot opt source destination
Chain grp_8 (0 references)
target prot opt source destination
Chain grp_9 (0 references)
target prot opt source destination
Chain lan2wan (1 references)
target prot opt source destination
Chain logaccept (7 references)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere
Chain logdrop (0 references)
target prot opt source destination
DROP 0 -- anywhere anywhere
Chain logreject (2 references)
target prot opt source destination
REJECT tcp -- anywhere anywhere reject-with tcp-reset
Chain trigger_out (1 references)
target prot opt source destination
答案1
这是 DD-WRT 的一个错误,它基本上无人维护和支持,并且已经存在多年了。
您的选择是使用没有此错误的其他东西(理想情况下是积极开发和维护的东西),或者忍受此错误。