The content of this topic has been archived on 27 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.
Hello, as the question suggests, my idea is to basicaly make an open wifi hotspot for a convention, allowing anyone to associate to a WRT54G AP..
But i would like that any http url request (google, yahoo, whetever) from those associated clients be forwarded to a single server on a public ip (reachable via WAN), hosting videos about the event.
How could this be achieved ?
A firewall rule ?
A dedicated package ?
Long live to openwrt !
(Last edited by df on 23 Mar 2007, 05:03)
I believe what you want is called 'captive portal'... google and the wiki are your friends 
Just an idea:
iptables -t nat PREROUTING -i $WIFI -d ! $IP_OF_THE_VIDEO_SERVER -p tcp --dport 80 -j REDIRECT
install lighttpd and make sure it is running on the router at port 80 (for other ports add " --to-ports $port" to the end of the iptables line)
edit /etc/lighttpd.conf, customize it to your needs (set the document root, ...) and set
server.error-handler-404 = "/redirect.html"
In the document root directory of lighttpd there has to be just one single file called redirect.html which contains
<html>
<head>
<meta http-equiv="refresh" content="0;url=http://www.yoursite.tld/somewhere">
</head>
</html>
You can't use the openwrt-included httpd instead of lighttpd because its 404 page is hard-coded
(Last edited by wgaa on 24 Mar 2007, 01:29)
another way, quick and dirty, but works:
Redirect via iptables all http traffic directed at port 80 to another port of the router, e.g. port 81, except http traffic to the wanted URL.
In my case, wiithout use of br0:
/usr/sbin/iptables -t nat -A PREROUTING -p tcp --destination ! <ipaddr_URL> --dport 80 -i eth1 -j DNAT --to-destination <ipaddr_router>:81
/usr/sbin/iptables -t nat -A PREROUTING -p tcp --destination ! <ipaddr_URL> --dport 80 -i vlan0 -j DNAT --to-destination <ipaddr_router>:81
3. start via a script 'nc' to answer all calls on that port by spitting out a short html message which contains the redirect command. The script, e.g. //etc/init.d/S80redirect
################################
#!/bin/sh
IFS=" "
while :; do
/usr/bin/nc -l -p 81 < /www/redir.html > /dev/null
done &
################################
//www/redir.html:
#################################
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Draft//EN">
<html>
<head>
<title>Auto-Forward index.html</title>
<meta HTTP-EQUIV="Refresh" CONTENT="0; URL=http://Your_wanted_URL">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>If you are not automatically forwarded, please click <a href="http://Your_wanted_URL">here</a>.
</body>
<HEAD>
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">
</HEAD>
</HTML>
##################################
In this way no http server is needed at all on the router !
in the above:
<ipaddr_URL> = ip address of the website you want the clients to go to.
<ipaddr_router> = ip address of the router the clients connect to.
Your_wanted_URL = web address of the website you want the clients to go.
As an alternative to using the script with endless loop with nc you could launch nc from xinet.
(Last edited by doddel on 24 Mar 2007, 11:55)
The discussion might have continued from here.