# this file is not parsed, but simply sourced
#
# web-splash is GPL software (http://www.fsf.org/licensing/licenses/gpl.html)
# suggestions and questions to: devel@sumpfralle.de
# homepage: https://systemausfall.org/toolforge/web-splash
#


# the source interface (only these packets will be filtered)
IF_SRC=eth1

# intern IP address auf the network, where web-splash will be used
INTERN_IP=192.168.1.1

# name of the local file that should be displayed by the cgi
SPLASH_DOCUMENT=/www/web-splash/splash-info.html

# allowed and denied IPs - separated by spaces
ALLOW_IP_LIST=""
DENY_IP_LIST=""

# templates for the rules to manage forwarding rules (_IP_ will be substituted by the host's IP)
# the first line adds the PREROUTING-ACCEPT rule
# the second line adds the counter rule
RULE_ADD='$IPT -t nat -I $CHAIN_FORWARD_CHECK -s _IP_ -j $CHAIN_FORWARD_ACTION;
	  $IPT -I $CHAIN_RETURN -d _IP_'
RULE_DEL='$IPT -t nat -D $CHAIN_FORWARD_CHECK -s _IP_ -j $CHAIN_FORWARD_ACTION;
	  $IPT -D $CHAIN_RETURN -d _IP_'

# the iptables chain, that contains all forwarded ips
CHAIN_FORWARD_CHECK=web_splash_forward_check
CHAIN_FORWARD_ACTION=web_splash_forward_action
CHAIN_REDIRECT=web_splash_redirect
CHAIN_SERVICES=web_splash_services
CHAIN_RETURN=web_splash_return

# the iptables action for bad packets (e.g. DROP or REJECT)
REJECT_ACTION=DROP

# the location of the iptables program
IPT=/sbin/iptables
[ ! -x "$IPT" ] && IPT=/usr/sbin/iptables

# path to the web-splash scripts
SPLASH_LIB=/usr/lib
SPLASH_BIN=/usr/bin

# activate DEBUG mode 0/1 (only for testing - it produces ugly output)
SPLASH_DEBUG=0