I thought it would be pretty nifty if my router (WRT54G v2) could do something useful without being on the internet. The result is a chat room script. Code is attached and installation instructions are in the first few lines.
There are currently two hangups. First, you need to be logged into the Admin section of the router to access the script. Second, you need to know the IP address of the router to find it.
How do I make a file publicly accessible? There does not seem to be anything like an http_access file or public_html directory.
Where do I mess with DNS, to make every address funnel into the router? Sort of like a captive portal setup, but with no internet on the other side.
Thanks!
edit: It seems there is no way to upload an attachment, because every extension is banned. Code here: http://kmkeen.com/tmp/chat.sh
public html serving?
Moderator: Moderators
Re: public html serving?
First, thanks for sharing your script!
If you're not connected to the net and want to drive all web traffic to the router, you can insert the following iptables rules (in the nat table):
The latest version of gargoyle uses a cookie based authentication system, and it's easy to bypass by uploading a .sh file that doesn't have the authentication code. So, using scp upload your file to /www on the router.
Once this is done all web traffic will redirect to the router, and your script will be accessible, but the default entry page will still be the Gargoyle login screen. To change thes edit /etc/config/httpd_gargoyle file on the router and change the default_page_file option to the name of yoru script. Do not change the page_not_found_file option. That should make your script the default landing page.
Your script looks well written, though I really don't see a place for it in default Gargoyle firmware -- Gargoyle is mainly meant for boxes that act as Gateways/Bridges as opposed to web server functionality like this. If size weren't an issue I would probably incorporate it, but many routers have 4MB of flash, which is already a tight fit, and even a few bytes can matter. However, I invite (and encourage) you to post this to the wiki, so that others that want to do this can have this as a reference. Also, if you're interested in helping me develop any other aspects of Gargoyle, let me know. Any help is greatly appreciated. Thanks!
If you're not connected to the net and want to drive all web traffic to the router, you can insert the following iptables rules (in the nat table):
Code: Select all
iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT
iptables -t nat -I PREROUTING -p tcp --dport 443 -j REDIRECT
Once this is done all web traffic will redirect to the router, and your script will be accessible, but the default entry page will still be the Gargoyle login screen. To change thes edit /etc/config/httpd_gargoyle file on the router and change the default_page_file option to the name of yoru script. Do not change the page_not_found_file option. That should make your script the default landing page.
Your script looks well written, though I really don't see a place for it in default Gargoyle firmware -- Gargoyle is mainly meant for boxes that act as Gateways/Bridges as opposed to web server functionality like this. If size weren't an issue I would probably incorporate it, but many routers have 4MB of flash, which is already a tight fit, and even a few bytes can matter. However, I invite (and encourage) you to post this to the wiki, so that others that want to do this can have this as a reference. Also, if you're interested in helping me develop any other aspects of Gargoyle, let me know. Any help is greatly appreciated. Thanks!
Re: public html serving?
Thanks, most of those worked perfectly. iptables did the trick, with a matching set of -D commands when disabling the chat service. Rerouting the start page also worked.
There is still trouble with authentication.
It looks like Gargoyle uses a tweaked Busybox httpd, correct? From what I can tell, there is no way to make httpd authenticate only some files.
This makes things a bit more complicated. Right now I've changed the web admin port to 8080, moved chat.sh to /www_public, and started a new server on port 80 just for this directory.
Am I missing something simpler?
There is still trouble with authentication.
This does not seem to be the case. It still asks for basic authentication login information. This can be disabled with "option no_password 1" in the httpd_gargoyle config file, but then authentication is disabled for all of the pages.The latest version of gargoyle uses a cookie based authentication system, and it's easy to bypass by uploading a .sh file that doesn't have the authentication code. So, using scp upload your file to /www on the router.
Once this is done ... your script will be accessible.
It looks like Gargoyle uses a tweaked Busybox httpd, correct? From what I can tell, there is no way to make httpd authenticate only some files.
This makes things a bit more complicated. Right now I've changed the web admin port to 8080, moved chat.sh to /www_public, and started a new server on port 80 just for this directory.
Am I missing something simpler?
Re: public html serving?
Try using the latest bleeding edge version. It uses a different authentication system from Beta5, which I suspect you are using.
Also, it does not use a modified busybox httpd. It uses a different, specialized, modified minihttpd daemon (called gargoyle_httpd). The busybox httpd is disabled.
Also, it does not use a modified busybox httpd. It uses a different, specialized, modified minihttpd daemon (called gargoyle_httpd). The busybox httpd is disabled.
Re: public html serving?
Whoops, my bad. Did not mean to insult.
Correct on the version. I will try the bleeding edge later tonight.
One thing came up, maybe it is fixed in the bleeding edge. The iptables redirect effectively stopped working when the router was not connected to the internet. It still worked, but the average transfer rate was on the order of 70 bytes per second. Too slow to be usable.
Correct on the version. I will try the bleeding edge later tonight.
One thing came up, maybe it is fixed in the bleeding edge. The iptables redirect effectively stopped working when the router was not connected to the internet. It still worked, but the average transfer rate was on the order of 70 bytes per second. Too slow to be usable.
Re: public html serving?
The redirection works better on the DNS level. Instead of iptables, restart dnsmasq with the option
It now will resolve all DNS queries to the access point. The hardcoded IP seems rather crude and heavy handed, and I will clean this up.
edit: On second thought, this seems to be a very bad idea. It somehow breaks DHCP.
Code: Select all
-A /#/192.168.1.1edit: On second thought, this seems to be a very bad idea. It somehow breaks DHCP.