CN103269313B - The implementation method of embedded Linux home gateway forced gate - Google Patents
The implementation method of embedded Linux home gateway forced gate Download PDFInfo
- Publication number
- CN103269313B CN103269313B CN201310195089.7A CN201310195089A CN103269313B CN 103269313 B CN103269313 B CN 103269313B CN 201310195089 A CN201310195089 A CN 201310195089A CN 103269313 B CN103269313 B CN 103269313B
- Authority
- CN
- China
- Prior art keywords
- user
- home gateway
- steps
- program
- html
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a kind of implementation method of embedded Linux home gateway forced gate, comprise the following steps: during user's internet login web, send the HTTP message of request to home gateway, home gateway calls iptables program, the object IP address of the HTTP message of amendment user request is home gateway address, destination interface is self-defined port, is redirected to the thttpd routine processes in described self-defined port snooping; Whether thttpd program exists according to login logo file/etc/havelogined, judges the whether logged forced gate network address of user, thus determines that whether performing window is redirected.The present invention, the software thttpd using linux to carry, coordinates the simple html page and cgi program development, meet forced gate functional requirement, save the development time, and this function realizes on home gateway, without the need to processing in local side BAS system, decrease the burden of local side apparatus.
Description
Technical field
The present invention relates to embedded device, be specifically related to the implementation method of embedded Linux home gateway forced gate.
Background technology
In broadband inserting service, service provider's force users when user's first time online accesses the page of a customization, this customized web page is exactly forced gate, simple forced gate can be advertising message or the user's registration information of service provider, some forced gates are also had to provide account number safety audit function, force household gateway update operating system patch and anti-virus storehouse, strengthen home gateway to the Initiative Defense ability of virus attack.
For the consideration to performance and cost, the implementation of current embedded Linux home gateway forced gate has following several:
1) revise DNS name resolution module and realize forced gate function.
Such as, user accesses www.sohu.com network address, first the dnsproxy program on home gateway intercepts and captures this dns query message, if user is first time inquiry, just return to the IP address of forced gate, instead of the IP address of the sohu website that should return, what such user browser showed is exactly the forced gate page.
2) self-documenting code realizes.
Home gateway starts forced gate redirector, the IP destination interface that this program intercepting and capturing user sends is the data message of 80, if user is inquiry of surfing the Net first time, just return the redirected forced gate page to user, and mark the logged forced gate network address of this user, later without the need to again logging in.
3) in local side apparatus BAS (broadband Access Server), forced gate function is realized.
No longer support forced gate function in home gateway, but support this function in local side access device BAS, the realization of this function is with said method 2.
The deficiency that these three kinds of modes are main is above:
The first, by amendment DNS name resolution module, cannot meet consumers' demand completely, because DNS only just can come into force when doing domain name mapping, if user directly inputs the access of IP address, just walk around DNS name resolution module, cannot forced gate have been ejected.
The second, self-documenting code mode, increases development amount on the one hand, realizes comparatively complicated on the other hand.
3rd, this function is moved on to local side apparatus BAS process from gateway, the burden of local side apparatus can be increased, increase the weight of the load of whole network.
In sum, it is complicated to there is realization in above forced gate implementation method, and the shortcoming that can not meet consumers' demand completely, in the application in the urgent need to a kind of simple implementation method.
Summary of the invention
Technical problem to be solved by this invention is the implementation method complexity solving home gateway forced gate, the problem that can not meet consumers' demand completely.
In order to solve the problems of the technologies described above, the technical solution adopted in the present invention is to provide a kind of implementation method of embedded Linux home gateway forced gate, comprises the following steps:
When steps A 10, user's internet login web, send the HTTP message of request to home gateway, home gateway calls iptables program, the object IP address of the HTTP message of amendment user request is home gateway address, amendment destination interface is self-defined port, and the http address that user asks is redirected to the Thttpd routine processes in described self-defined port snooping;
Whether steps A 20, Thttpd program exist according to login logo file/etc/havelogined, judge the whether logged forced gate network address of user, thus determine that whether performing window is redirected.
In the above-mentioned methods, steps A 20 comprises the following steps:
Steps A 201, described thttpd program have homepage index.html, and when user surfs the Net, described homepage index.html is pushed to user browser;
Steps A 202, user browser perform the javascript code in described homepage index.html, redirect to cgi program redirectportal.cgi;
Steps A 203, described cgi program redirectportal.cgi judge whether Thttpd program exists login logo file/etc/havelogined, if existed, then the object IP address that user asks are pushed to user; Otherwise judge that user is as first time online, forced gate network address is pushed to user, and setting logs in logo file, described login logo file is /etc/ catalogue in havelogined file, if logged in, then use this file of touch/etc/havelogined order establishment, whether redirectportal.cgi exists judge the whether logged forced gate network address of user by inquiring about this file.
In the above-mentioned methods, further comprising the steps of:
Steps A 204, described thttpd program also have error handle page error404.html, and the content of described error handle page error404.html is identical with described homepage index.html;
Before execution steps A 203, whether thttpd program judges that user inputs network address is in a browser certain specific webpage under certain network address, if so, then goes to step A204, otherwise execution steps A 203.
In the above-mentioned methods, in steps A 10, described home gateway address is 192.168.1.1, and described self-defined port is 49153.
The present invention, the software thttpd using linux to carry, coordinates the simple html page and cgi program development, just can meet forced gate functional requirement, greatly save the development time, user, by domain name access or access the Internet, IP address, can be redirected to forced gate.And this function realizes on home gateway, without the need to processing in local side BAS system, decrease the burden of local side apparatus.
Accompanying drawing explanation
Fig. 1 is the implementation method flow chart of embedded Linux home gateway forced gate provided by the invention;
Fig. 2 is the course of work schematic diagram of home gateway in the present invention.
Embodiment
Below in conjunction with accompanying drawing, the present invention is described in detail.
As shown in Figure 1 and Figure 2, the implementation method of embedded Linux home gateway forced gate provided by the invention comprises the following steps:
Steps A 10: during user's internet login web, send the HTTP message of request to home gateway, home gateway calls iptables program, the object IP address of the HTTP message of amendment user request is home gateway address 192.168.1.1, amendment destination interface is self-defined port 49153, and the http address that user asks is redirected to the Thttpd routine processes in described self-defined port snooping.
Specific instructions is as follows:
iptables-t nat-A PREROUTING-p tcp--dport80-i br0!-d192.168.1.1-j DNAT--to-destination192.168.1.1:49153
Whether steps A 20:thttpd program exists according to login logo file/etc/havelogined, judges the whether logged forced gate network address of user, thus determines that whether performing window is redirected.In thttpd program, start-up parameter-p49153 represents that Thttpd program is at 49153 port accepts http messages;-d/portal represents the directory path at the file places such as index.html;-c/cgi-bin/* represents the directory path at cgi file place;-u root represents and to start with root authority;-T utf-8 represents utf-8 character set, such thttpd just can treatment step A10 be redirected user request HTTP message, specific instructions is as follows:
thttpd-u root-nor-T utf-8-p49153-d/portal-c'/cgi-bin/*|/*'
Steps A 20 comprises the following steps:
The homepage index.html that steps A 201:thttpd program has, when user surfs the Net, homepage index.html is pushed to user by thttpd program, and the code sample of homepage index.html is as follows:
<html>
<head>
<title>portal web page title</title>
<meta http-equiv="Content-Type"content="text/html"charset="gb2312"/>
<script language="javascript">
function autoredirect()
</script>
</head>
<body onLoad="autoredirect()">
</body>
</html>
Steps A 202, user browser explain the javascript code performed in the page, and redirect to cgi program redirectportal.cgi, cgi handling procedure redirectportal.cgi is for the treatment of redirect forced gate network address.
Steps A 203, cgi handling procedure redirectportal.cgi judge whether to exist and log in logo file/etc/havelogined, if existed, then the object IP address that user asks are pushed to user, so user can access the Internet web srever; Otherwise judge that user is as first time online, forced gate network address is pushed to user, the index.html page of access forced gate, and setting logs in logo file, log in logo file be /etc/ catalogue in havelogined file, if logged in, then use this file of touch/etc/havelogined order establishment, whether redirectportal.cgi exists judge the whether logged forced gate network address of user by inquiring about this file.
The code sample of redirectportal.cgi is as follows:
#!/bin/sh
Whether # judgement/etc/havelogined logs in logo file exists, and there is not expression and does not step on
# recorded, and must be redirected to forced gate network address, created simultaneously and logged in logo file.
if[!-f/etc/havelogined];then
echo Content-type:text/html
echo
echo"
<html>
<head>
<script language=\"javascript\">
Window.location=" http: // forced gate network address ";
</script>
</head>
<title></title>
<body>
</body>
</html>"
# creates and logs in logo file
touch/etc/havelogined
else
# is logged forced gate network address, deletes and is redirected rule, no longer logs in later and forces door
# family network address
iptables-t nat-D PREROUTING-p tcp--dport80-i br0!-d192.168.1.1-j DNAT--to-destination192.168.1.1:49153
fi
In order to improve fault-tolerant processing ability of the present invention, thttpd program also has error handle page error404.html, and the content of error handle page error404.html is identical with homepage index.html.
Before execution steps A 203, whether thttpd program judges that user inputs network address is in a browser certain specific webpage under certain network address, if so, then performs steps A 204, otherwise continuation steps A 203.
Steps A 204: described homepage index.html is pushed to user browser.
Because user has two kinds of HTTP request modes, such as user wants to access the file in this network address of www.sohu.com, the first is input http://www.sohu.com/, represent that user wants the homepage of accessing this network address, the second way is input http://www.sohu.com/abc.html, represents that user wants to access the specific webpage abc.html in this network address.Under first kind of way, thttpd program defaultly can return the index.html page, thus utilizes in steps A 203 and will be redirected; Under the second way, thttpd program can search whether abc.html under local directory, but local directory does not have abc.html file, this file is the file in www.sohu.com network address, so thttpd program can return error404.html to user, because the content of error404.html is identical with interarea face index.html, therefore, also can realize being redirected to forced gate network address.
The present invention is not limited to above-mentioned preferred forms, and anyone should learn the structural change made under enlightenment of the present invention, and every have identical or close technical scheme with the present invention, all falls within protection scope of the present invention.
Claims (4)
1. the implementation method of embedded Linux home gateway forced gate, is characterized in that, comprises the following steps:
When steps A 10, user's internet login web, send the HTTP message of request to home gateway, home gateway calls iptables program, the object IP address of the HTTP message of amendment user request is home gateway address, amendment destination interface is self-defined port, and the http address that user asks is redirected to the thttpd routine processes in described self-defined port snooping;
Whether steps A 20, thttpd program exist according to login logo file/etc/havelogined, judge the whether logged forced gate network address of user, thus determine that whether performing window is redirected.
2. the implementation method of embedded Linux home gateway forced gate as claimed in claim 1, it is characterized in that, steps A 20 comprises the following steps:
Steps A 201, described thttpd program have homepage index.html, when user surfs the Net, described homepage index.html are pushed to user browser;
Steps A 202, user browser perform the javascript code in described homepage index.html, redirect to cgi program redirectportal.cgi;
Steps A 203, described cgi program redirectportal.cgi judge whether local directory exists login logo file/etc/havelogined, if existed, then the object IP address that user asks are pushed to user; Otherwise judge that user is as first time online, forced gate network address is pushed to user, and setting logs in logo file, described login logo file is /etc/ catalogue in havelogined file, if logged in, then use this file of touch/etc/havelogined order establishment, whether redirectportal.cgi exists judge the whether logged forced gate network address of user by inquiring about this file.
3. the implementation method of embedded Linux home gateway forced gate as claimed in claim 2, is characterized in that, further comprising the steps of:
Steps A 204, described thttpd program also have error handle page error404.html, and the content of described error handle page error404.html is identical with described homepage index.html, and described homepage index.html is pushed to user browser;
Before execution steps A 202, whether Thttpd program judges that user inputs network address is in a browser certain specific webpage under certain network address, if so, then goes to step A204, otherwise execution steps A 203.
4. the implementation method of embedded Linux home gateway forced gate as claimed in claim 1, it is characterized in that, in steps A 10, described home gateway address is 192.168.1.1, and described self-defined port is 49153.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310195089.7A CN103269313B (en) | 2013-05-21 | 2013-05-21 | The implementation method of embedded Linux home gateway forced gate |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310195089.7A CN103269313B (en) | 2013-05-21 | 2013-05-21 | The implementation method of embedded Linux home gateway forced gate |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103269313A CN103269313A (en) | 2013-08-28 |
| CN103269313B true CN103269313B (en) | 2015-10-28 |
Family
ID=49012922
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310195089.7A Active CN103269313B (en) | 2013-05-21 | 2013-05-21 | The implementation method of embedded Linux home gateway forced gate |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103269313B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103825969A (en) * | 2013-10-29 | 2014-05-28 | 电子科技大学 | DNS query method based on anonymous network |
| TWI530129B (en) | 2014-02-14 | 2016-04-11 | 群暉科技股份有限公司 | Method for managing static uniform resource locator access, and associated apparatus and associated computer program product |
| JP6074550B2 (en) * | 2014-06-30 | 2017-02-01 | 華為技術有限公司Huawei Technologies Co.,Ltd. | Web page push method and apparatus, and terminal |
| CN105791375A (en) * | 2014-12-26 | 2016-07-20 | 上海斐讯数据通信技术有限公司 | Page directing method for Web server |
| GB2555108B (en) * | 2016-10-17 | 2021-03-03 | Global Reach Tech Inc | Improvements in and relating to network communications |
| CN107257352B (en) * | 2017-08-02 | 2020-09-08 | 赛尔网络有限公司 | DPDK-based URL authentication redirection system and method |
| CN113724410A (en) * | 2021-08-30 | 2021-11-30 | 长江大学 | Classroom attendance system based on openwrt |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0986230A2 (en) * | 1998-09-04 | 2000-03-15 | Ncr International Inc. | System and method for redirecting a user to an alternative web page |
| CN1416056A (en) * | 2002-06-28 | 2003-05-07 | 华为技术有限公司 | Method of easy to access portal web site of network service provider |
| CN1145111C (en) * | 2002-09-23 | 2004-04-07 | 华为技术有限公司 | Method for pushing customized web page to network users |
| CN101212297A (en) * | 2006-12-28 | 2008-07-02 | 中国移动通信集团公司 | WEB-based WLAN access authentication method and system |
| CA2388623C (en) * | 1999-10-22 | 2010-06-22 | Nomadix,Inc. | Systems and methods for redirecting users attempting to access a network site |
| CN102594887A (en) * | 2012-02-15 | 2012-07-18 | 中国联合网络通信集团有限公司 | Push method and remote management system for home portal businesses |
| CA2775900A1 (en) * | 2011-07-20 | 2013-01-20 | Bridgewater Systems Corp. | Systems and methods for authenticating users accessing unsecured wifi access points |
-
2013
- 2013-05-21 CN CN201310195089.7A patent/CN103269313B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0986230A2 (en) * | 1998-09-04 | 2000-03-15 | Ncr International Inc. | System and method for redirecting a user to an alternative web page |
| CA2388623C (en) * | 1999-10-22 | 2010-06-22 | Nomadix,Inc. | Systems and methods for redirecting users attempting to access a network site |
| CN1416056A (en) * | 2002-06-28 | 2003-05-07 | 华为技术有限公司 | Method of easy to access portal web site of network service provider |
| CN1145111C (en) * | 2002-09-23 | 2004-04-07 | 华为技术有限公司 | Method for pushing customized web page to network users |
| CN101212297A (en) * | 2006-12-28 | 2008-07-02 | 中国移动通信集团公司 | WEB-based WLAN access authentication method and system |
| CA2775900A1 (en) * | 2011-07-20 | 2013-01-20 | Bridgewater Systems Corp. | Systems and methods for authenticating users accessing unsecured wifi access points |
| CN102594887A (en) * | 2012-02-15 | 2012-07-18 | 中国联合网络通信集团有限公司 | Push method and remote management system for home portal businesses |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103269313A (en) | 2013-08-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103269313B (en) | The implementation method of embedded Linux home gateway forced gate | |
| US11323522B2 (en) | Secure, anonymous browsing with a remote browsing server | |
| US9264435B2 (en) | Apparatus and methods for access solutions to wireless and wired networks | |
| CN101753606B (en) | Method for realizing WEB reverse proxy | |
| US8819819B1 (en) | Method and system for automatically obtaining webpage content in the presence of javascript | |
| US8806040B2 (en) | Accessing external network via proxy server | |
| US8789198B2 (en) | Triggering a private browsing function of a web browser application program | |
| EP2571228B1 (en) | Access control method and system, and access terminal | |
| US8924505B2 (en) | Method and device for configuring a user agent to operate as a web server | |
| CN103024740B (en) | Method and system for accessing internet by mobile terminal | |
| CN103186739B (en) | The method and system browsed for Secure Web | |
| WO2014019427A1 (en) | Network accessing method, application server and system | |
| JP2003058498A (en) | Method, system and program for managing session | |
| JP2004509413A (en) | System and method for implementing a robot proof web site | |
| JP2014534498A (en) | Apparatus, method and computer readable storage medium for protecting JavaScript | |
| CN106550056B (en) | A kind of domain name analytic method and device | |
| CN106161617A (en) | Reverse proxy method based on NODEJS, Reverse Proxy and system | |
| CN104917838A (en) | Method and system for achieving route redirection | |
| CN102456063A (en) | Method and system for correcting webpage access error | |
| CN105338072A (en) | HTTP (hyper text transport protocol) redirecting method and routing equipment | |
| US8789177B1 (en) | Method and system for automatically obtaining web page content in the presence of redirects | |
| CN103607454B (en) | The method that android system browser arranges privately owned proxy server | |
| US10057390B2 (en) | Method and system for modifying HTTP request headers without terminating the connection | |
| CN102801814A (en) | Internet access method, device and system | |
| CN105279156B (en) | Network information communication means and network information browsing apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |