Disable the session status page #716
Description
I'm running 10.3.0 compiled into OpenWrt 23.05.2 and want to disable the session status page.
According to the documentation, I should be able to set gatewayfqdn to disable to do so, but the page is still accessible on the gateway using its IP.
For reference, I am using 2 different types of configuration:
- Local theme
# uci show opennds
opennds.@opennds[0]=opennds
opennds.@opennds[0].gatewayinterface='switch0.10'
opennds.@opennds[0].faskey='xxx'
opennds.@opennds[0].debuglevel='3'
opennds.@opennds[0].themespec_path='/path/to/opennds_theme.sh'
opennds.@opennds[0].max_page_size='66560'
opennds.@opennds[0].login_option_enabled='3'
opennds.@opennds[0].gatewayfqdn='disable'
opennds.@opennds[0].users_to_router='allow tcp port 53' 'allow udp port 53' 'allow udp port 67'
opennds.@opennds[0].enabled='1'
- Remote FAS (Note: I locally introduced
fas_secure_enabledoptions 5 and 6 which are http/https versions of 0 and 1 with a custom parameter string provided to the FAS)
# uci show opennds
opennds.@opennds[0]=opennds
opennds.@opennds[0].gatewayinterface='switch0.10'
opennds.@opennds[0].faskey='xxx'
opennds.@opennds[0].debuglevel='3'
opennds.@opennds[0].fas_secure_enabled='6'
opennds.@opennds[0].fasport='443'
opennds.@opennds[0].faspath='/'
opennds.@opennds[0].fasremotefqdn='xxx.com'
opennds.@opennds[0].gatewayfqdn='disable'
opennds.@opennds[0].users_to_router='allow tcp port 53' 'allow udp port 53' 'allow udp port 67' 'allow tcp port 4444'
opennds.@opennds[0].walledgarden_port_list='80' '443'
opennds.@opennds[0].enabled='1'
One thing I remarked with using gatewayfqdn='disable' with the local theme was a trouble initializing the firewall.
Because in main.c, I was hitting this condition:
// If fasport not set, override any FAS configuration
if (config->fas_port == 0) {
which subsequently sets fas_remotefqdn to gatewayfqdn='disable'
config->fas_remotefqdn = safe_strdup(config->gw_fqdn);
which was not handled properly in fw_iptables.c that is checking for "disabled", not "disable".