OpenWrt http/s redirection

Feature Requests
1

Hello there, I just need some help with redirection, I tried to learn opennds but then, it is too much for a single webpage to be shown when redirected. So is there any way that I can bypass the browser's request for certificate authenticity? Or atleast the browser can show the "ACCEPT THE RISK AND CONTINUE" button when the webpage is not safe? Because I have tried various browsers, especially those famous browsers but then they didn't allow the webpage I created to be loaded. Or is it possible to return a 302 or 307 status code when being redirected?

image
image696×391 27.1 KB

this shows that there is no "ACCEPT THE RISK AND CONTINUE" button.

Thanks for the help.

2

Can you elaborate on how OpenWrt is related here?

3

... or just get a proper cert ?
they're free

4

Well, I just wanted to redirect all ip's that are not registered from my iptables to another webpage that I created. But then the browser doesn't seem to honor the self-signed certificate that I had. So I don't know where to ask. But I saw this forum and tried to get help

5

Are you using openwrt?

You can redirect via ip address, but beyond that, things happen at the application layer, so that would beyond anything a router would do.

6

how to get a proper cert? will it suffice the certificate that the browser needs when you access facebook for example, and the certificate will be the one I had in my local router?

7

You can create certs for your own domains, but not for others.

8

Yes I have done that. But how about https to http redirect? Seems, I only got a problem if the website is https. Is it possible for the router to return a different http status code? For instance, 302?

9

acme.sh

it'll only be for whatever web page you put it on, assuming the name in the cert matches the URLs FQDN.

http is unencrypted, no cert is required.

this is a client side "issue".
as long as you keep using https without the proper cert, you'll get the warning, unless you
import your self signed cert into the browser, or add the URL to the exception list, if still doable.

10

That type of redirect is beyond the function of a router (except for the routers admin web interface). That redirect would have to happen at the application layer (L4-L7; routers operate at l3)

11

Then I think I can do that, I just don't know how. The router I am using right now is mikrotik. And I can access the admin side of the router. I can even use ssh to the router. Can you give me some idea?

12

No, a router cannot do this redirect.

And if you’re not using openwrt, you should direct your questions to the ‘Tik user support channels - we don’t support that os.

13

Yep that's right. And the thing is, I want everyone that connects my network without my permission (in this case, registered in my iptables) to be redirected to an index.html file I created(especially when they tried to access a website). Because I am planning to remove the password in my router.

14

Sounds like you want a captive portal.

What firmware is on your mikrotik?

15

then opennds is the right way to go.

16

Sorry, it is not mikrotik. It is a tplink. My mikrotik was the one I use for my vpn server. Yeah this is the first one that I searched about. But a lot of configurations needed for a single html page to load. And I was so confuse on how to use it

17

You still haven’t told us if OpenWrt is on your router. What firmware is currently installed?

18

Yep, I thought about this through. Opennds was the first one to appear when I search about captive portal

19

It is r9070.

20

This is not openwrt (or at least it doesn’t appear to be).