captive.whump.shanti-portal/docs/examples/iptables/cp_iptables.sh.j2

#!/usr/bin/env bash

# Captiveportal iptables wrapper script
#iptables_mac = iptables -t mangle -I internet 1 -m mac --mac-source {mac_address} -j RETURN

# First argument must be IP-address of client
test -n "$1" || exit 1

client_ip="$1"
ipt=/sbin/iptables

# Enable client traffic in internet chain by jumping over the mark
$ipt -t mangle -I internet 1 -p tcp --source "$client_ip" -j RETURN &>/dev/null && \
    $ipt -t mangle -I internet 1 -p udp --source "$client_ip" -j RETURN &>/dev/null
iptables_rc=$?

# Delete conntrack info for client IP
/usr/local/sbin/rmtrack.sh "$client_ip" &>/dev/null
rmtrack_rc=$?

if [[ $iptables_rc == 0 && $rmtrack_rc == 0 ]]; then
    # Success
    exit 0
else
    echo "Error: iptables[$iptables_rc], rmtrack[$rmtrack_rc]" 1&>2
    exit 1
fi
more docs and examples. 2016-12-13 14:33:20 +00:00			`#!/usr/bin/env bash`

			`# Captiveportal iptables wrapper script`
			`#iptables_mac = iptables -t mangle -I internet 1 -m mac --mac-source {mac_address} -j RETURN`

			`# First argument must be IP-address of client`
			`test -n "$1" \|\| exit 1`

			`client_ip="$1"`
			`ipt=/sbin/iptables`

			`# Enable client traffic in internet chain by jumping over the mark`
			`$ipt -t mangle -I internet 1 -p tcp --source "$client_ip" -j RETURN &>/dev/null && \`
			`$ipt -t mangle -I internet 1 -p udp --source "$client_ip" -j RETURN &>/dev/null`
			`iptables_rc=$?`

			`# Delete conntrack info for client IP`
			`/usr/local/sbin/rmtrack.sh "$client_ip" &>/dev/null`
			`rmtrack_rc=$?`

			`if [[ $iptables_rc == 0 && $rmtrack_rc == 0 ]]; then`
			`# Success`
			`exit 0`
			`else`
			`echo "Error: iptables[$iptables_rc], rmtrack[$rmtrack_rc]" 1&>2`
			`exit 1`
			`fi`