Background
I have configured OpenWRT in the Bridge Mode.
I push the packets from L2 to L3 using net.bridge.bridge-nf-call-iptables=1
Untagged Packets Scenario
In the case of untagged packets, this setup works fine and I am able to intercept all the packets and redirect them to the captive portal using iptable rule like :
iptables -A PREROUTING -m physdev --physdev-in ath242113 -j prt_captive_2113
iptables -A PREROUTING -m physdev --physdev-in ath512113 -j prt_captive_2113
iptables -A prt_captive_2113 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
iptables -A prt_captive_2113 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443
where ath242113 and ath512113 are my wifi interfaces
Tagged Packets / VLAN Scenario
In the case of a bridged VLAN setup, the redirection didn't work with the regular configurations and iptables rule like the above.
This is my bridge setup :
br-vlan80 7fff.587be915a963 no ath242113
ath512113
eth0.80
where, ath242113 and ath512113 are the wireless interface and eth0.80 is the tagged ethernet interface.
So, I tried enabling net.bridge.bridge-nf-filter-vlan-tagged=1 and bridge-nf-pass-vlan-input-device=1 as per this patch :
https://patchwork.ozlabs.org/project/netfilter-devel/patch/[email protected]/
I also changed the iptables rule to :
iptables -A PREROUTING -i br-vlan80 -j prt_captive_2113
iptables -A prt_captive_2113 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
iptables -A prt_captive_2113 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443
But it doesn't seem to work either.
