root@LiMeSplash:~# ndsctl status ================== NoDogSplash Status ==== Version: 0.9_beta9.9.9 Uptime: 0d 0h 0m 33s Gateway Name: 10.5.6.162:80 Managed interface: br-lan Managed IP range: 10.5.0.0/21 Server listening: 10.5.6.162:2050 Splashpage: /etc/nodogsplash/htdocs/splash.html Redirect URL: https://en.wikipedia.org/wiki/Missionary_Church_of_Kopimism Traffic control: no Total download: 0 kByte; avg: 0 kbit/s Total upload: 1 kByte; avg: 0.45697 kbit/s ==== Client authentications since start: 0 Httpd request threads created/current: 0/0 Current clients: 0 ==== Blocked MAC addresses: none Allowed MAC addresses: N/A Trusted MAC addresses: none ======== root@LiMeSplash:~# logread | grep nodogsplash Mon Apr 3 19:53:42 2017 daemon.notice nodogsplash[23669]: Reading and validating configuration file /etc/nodogsplash/nodogsplash.conf Mon Apr 3 19:53:42 2017 daemon.notice nodogsplash[23669]: Initializing signal handlers Mon Apr 3 19:53:42 2017 daemon.notice nodogsplash[23669]: Detected gateway br-lan at 10.5.6.162 (A0F3C19946A2) Mon Apr 3 19:53:42 2017 daemon.notice nodogsplash[23669]: Created web server on 10.5.6.162:2050 Mon Apr 3 19:53:46 2017 daemon.notice nodogsplash[23669]: Initializing firewall rules Mon Apr 3 19:53:49 2017 daemon.notice nodogsplash[23669]: Waiting for connections root@LiMeSplash:~# cat /etc/nodogsplash/nodogsplash.conf GatewayInterface br-lan GatewayInterfaceExtra bmx+ GatewayInterfaceExtra2 anygw FirewallRuleSet authenticated-users { FirewallRule allow to 0.0.0.0/0 } FirewallRuleSet users-to-router { # Nodogsplash automatically allows tcp to GatewayPort, # at GatewayAddress, to serve the splash page. # However you may want to open up other ports, e.g. # 53 for DNS and 67 for DHCP if the router itself is # providing these services. FirewallRule allow udp port 53 FirewallRule allow tcp port 53 FirewallRule allow udp port 67 # You may want to allow ssh, http, and https to the router # for administration from the GatewayInterface. If not, # comment these out. FirewallRule allow tcp port 22 FirewallRule allow tcp port 80 FirewallRule allow tcp port 443 } # end FirewallRuleSet users-to-router FirewallRuleSet preauthenticated-users { # For preauthenticated users to resolve IP addresses in their initial # request not using the router itself as a DNS server, # you probably want to allow port 53 udp and tcp for DNS. FirewallRule allow tcp port 53 FirewallRule allow udp port 53 # For splash page content not hosted on the router, you # will want to allow port 80 tcp to the remote host here. # Doing so circumvents the usual capture and redirect of # any port 80 request to this remote host. # Note that the remote host's numerical IP address must be known # and used here. #change the IP for the address of the gateway router FirewallRule allow tcp port 80 to 10.5.6.162 } # end FirewallRuleSet preauthenticated-users EmptyRuleSetPolicy preauthenticated-users passthrough EmptyRuleSetPolicy users-to-router passthrough #change the IP for the address of the gateway router GatewayName 10.5.6.162:80 #GatewayPort 80 MaxClients 500 ClientIdleTimeout 720 ClientForceTimeout 14400 #change the range for the ip range of your mesh network GatewayIPRange 10.5.0.0/21 EnablePreAuth yes #change to the place where you want to redirect the users after login RedirectURL https://en.wikipedia.org/wiki/Missionary_Church_of_Kopimism