From a9656dd74520807dc2199b1fa22ee639fd904f6b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=83=85=E7=95=99=E3=83=A1=E8=9A=8A=E5=AD=90?=
 <qlwz@qq.com>
Date: Fri, 6 Jul 2018 22:48:45 +0800
Subject: [PATCH] add luci-app-wifidog-ng

---
 package/lean/luci-app-wifidog-ng/Makefile     |  12 ++
 .../luasrc/controller/wifidog-ng.lua          |  27 ++++
 .../luasrc/model/cbi/wifidog-ng.lua           | 132 ++++++++++++++++++
 .../luasrc/view/wifidog-ng/client_list.htm    |  77 ++++++++++
 .../view/wifidog-ng/wifidog-ng_status.htm     |   6 +
 .../po/zh-cn/luci-app-wifidog-ng.po           | 132 ++++++++++++++++++
 .../root/etc/config/wifidog-ng                |  26 ++++
 .../root/etc/init.d/wifidog-ng                |  60 ++++++++
 .../etc/uci-defaults/001_luci-app-wifidog-ng  |  22 +++
 .../root/tmp/wifidog-ng.init                  |  60 ++++++++
 .../root/tmp/wifidog-ng.procd                 |  71 ++++++++++
 11 files changed, 625 insertions(+)
 create mode 100644 package/lean/luci-app-wifidog-ng/Makefile
 create mode 100644 package/lean/luci-app-wifidog-ng/luasrc/controller/wifidog-ng.lua
 create mode 100644 package/lean/luci-app-wifidog-ng/luasrc/model/cbi/wifidog-ng.lua
 create mode 100644 package/lean/luci-app-wifidog-ng/luasrc/view/wifidog-ng/client_list.htm
 create mode 100644 package/lean/luci-app-wifidog-ng/luasrc/view/wifidog-ng/wifidog-ng_status.htm
 create mode 100644 package/lean/luci-app-wifidog-ng/po/zh-cn/luci-app-wifidog-ng.po
 create mode 100644 package/lean/luci-app-wifidog-ng/root/etc/config/wifidog-ng
 create mode 100644 package/lean/luci-app-wifidog-ng/root/etc/init.d/wifidog-ng
 create mode 100644 package/lean/luci-app-wifidog-ng/root/etc/uci-defaults/001_luci-app-wifidog-ng
 create mode 100644 package/lean/luci-app-wifidog-ng/root/tmp/wifidog-ng.init
 create mode 100644 package/lean/luci-app-wifidog-ng/root/tmp/wifidog-ng.procd

diff --git a/package/lean/luci-app-wifidog-ng/Makefile b/package/lean/luci-app-wifidog-ng/Makefile
new file mode 100644
index 000000000..c178035ca
--- /dev/null
+++ b/package/lean/luci-app-wifidog-ng/Makefile
@@ -0,0 +1,12 @@
+
+
+include $(TOPDIR)/rules.mk
+
+LUCI_TITLE:=LuCI support for WifiDog-ng
+LUCI_DEPENDS:=+luci-lib-json +wifidog-ng-openssl
+PKG_VERSION:=1.0
+PKG_RELEASE:=1
+
+include $(TOPDIR)/feeds/luci/luci.mk
+
+# call BuildPackage - OpenWrt buildroot signature
diff --git a/package/lean/luci-app-wifidog-ng/luasrc/controller/wifidog-ng.lua b/package/lean/luci-app-wifidog-ng/luasrc/controller/wifidog-ng.lua
new file mode 100644
index 000000000..7769ca09c
--- /dev/null
+++ b/package/lean/luci-app-wifidog-ng/luasrc/controller/wifidog-ng.lua
@@ -0,0 +1,27 @@
+
+module("luci.controller.wifidog-ng", package.seeall)
+local json = require "luci.json"
+
+function index()
+    if not nixio.fs.access("/etc/config/wifidog-ng") then
+        return
+    end
+
+    local page
+    page = entry({"admin", "services", "wifidog-ng"}, cbi("wifidog-ng"), _("WifiDog-ng"))
+    page.dependent = true
+    entry({"admin", "services", "wifidog-ng", "getClientList"}, call("getClientList"))
+end
+
+function getClientList()
+    local result = {}
+    local running = luci.sys.call("pgrep wifidog-ng >/dev/null")==0
+    if running then
+        local term = luci.sys.exec("ubus call wifidog-ng term '{\"action\":\"show\"}'")
+        result = json.decode(term)
+    end
+	
+    result["running"] = running
+    luci.http.prepare_content("application/json")
+    luci.http.write_json(result)
+end
\ No newline at end of file
diff --git a/package/lean/luci-app-wifidog-ng/luasrc/model/cbi/wifidog-ng.lua b/package/lean/luci-app-wifidog-ng/luasrc/model/cbi/wifidog-ng.lua
new file mode 100644
index 000000000..cc75e0f5d
--- /dev/null
+++ b/package/lean/luci-app-wifidog-ng/luasrc/model/cbi/wifidog-ng.lua
@@ -0,0 +1,132 @@
+
+local ipc = require "luci.ip"
+local sys = require "luci.sys"
+local opkg = require "luci.model.ipkg"
+
+local packageName = "wifidog-ng"
+local m, s
+
+if opkg.status(packageName)[packageName] then
+    return Map(packageName, translate("WifiDog-ng"), translate('<b style="color:red">WifiDog-ng is not installed..</b>'))
+end
+
+m = Map("wifidog-ng", translate("WifiDog-ng"), translate("<a target=\"_blank\" href=\"https://github.com/zhaojh329/wifidog-ng\">WifiDog-ng</a> It is a very efficient solution for wireless hotspot authentication."))
+
+m:section(SimpleSection).template  = "wifidog-ng/wifidog-ng_status"
+
+s = m:section(TypedSection, "gateway", translate("Client Settings"))
+s.anonymous = true
+s.addremove = false
+
+s:tab("general", translate("General Settings"))
+s:tab("advanced", translate("Advanced Settings"))
+
+-- Client Settings
+Enabled = s:taboption("general", Flag, "enabled", translate("Enabled"),translate(""))
+Enabled.rmempty = false
+Enabled.default = "1"
+
+DhcpHostWhite = s:taboption("general", Flag, "dhcp_host_white", translate("Enabled Trusted DHCP MAC"),translate("Does not support 1.5.6 and below"))
+DhcpHostWhite.rmempty = false
+DhcpHostWhite.default = "1"
+
+Id = s:taboption("general",Value, "id", translate("Gateway ID"), translate("The mac address of the default GatewayInterface"))
+Id.placeholder = luci.util.exec("ifconfig br-lan| grep HWaddr | awk -F \" \" '{print $5}' | awk '$1~//{print;exit}' | sed 's/://g'")
+
+
+GatewayInterface = s:taboption("general", Value, "ifname", translate("Gateway Interface"), translate("Set this to the internal IP address of the gateway, default 'br-lan'"))
+GatewayInterface.default = "br-lan"
+for _, e in ipairs(sys.net.devices()) do
+    if e ~= "lo" then GatewayInterface:value(e) end
+end
+
+Port = s:taboption("advanced", Value, "port", translate("Gateway Port"), translate("Listen HTTP on this port"))
+Port.datatype = "port"
+
+SSLPort = s:taboption("advanced", Value, "ssl_port", translate("Gateway SSLPort"), translate("Listen HTTPS on this port"))
+SSLPort.datatype = "port"
+
+s:taboption("advanced", Value, "ssid", translate("WeChat SSID"), translate("WeChat Use this ssid"))
+
+CheckInterval = s:taboption("advanced", Value, "checkinterval", translate("Check Interval"), translate("How many seconds should we wait between timeout checks."))
+CheckInterval.datatype = "uinteger"
+CheckInterval.default = "30"
+
+ClientTimeout = s:taboption("advanced", Value, "client_timeout", translate("Client Timeout"), translate("Set this to the desired of number of CheckInterval of inactivity before a client is logged out. The timeout will be INTERVAL * TIMEOUT"))
+ClientTimeout.datatype = "uinteger"
+ClientTimeout.default = "5"
+
+TemppassTime = s:taboption("advanced", Value, "temppass_time", translate("Temppass Time"), translate("Allow users to pass in a number of seconds"))
+TemppassTime.datatype = "uinteger"
+TemppassTime.default = "30"
+
+-- Server Settings
+s = m:section(TypedSection, "authserver", translate("Server Settings"))
+s.anonymous = true
+s.addremove = false
+
+s:tab("general", translate("General Settings"))
+s:tab("advanced", translate("Advanced Settings"))
+
+s:taboption("general", Value, "host", translate("AuthServer Hostname"), translate("AuthServer Hostname Or IP"))
+
+Path = s:taboption("general", Value, "path", translate("AuthServer Path"), translate("The path must be both prefixed and suffixed by /. Use a single / for server root."))
+Path.default = "/wifidog/"
+
+ServerPort = s:taboption("general", Value, "port", translate("AuthServer Port"), translate(""))
+ServerPort.datatype = "port"
+
+ServerSSL = s:taboption("general", Flag, "ssl", translate("SSL Available"),translate("Use SSL"))
+ServerSSL.rmempty = false
+ServerSSL.default = "0"
+
+LoginPath = s:taboption("advanced", Value, "login_path", translate("Login ScriptPath"), translate("This is the script the user will be sent to for login."))
+LoginPath.default = "login"
+
+PortalPath = s:taboption("advanced", Value, "portal_path", translate("Portal ScriptPath"), translate("This is the script the user will be sent to after a successfull login."))
+PortalPath.default = "portal"
+
+MsgPath = s:taboption("advanced", Value, "msg_path", translate("Msg ScriptPath"), translate("This is the script the user will be sent to upon error to read a readable message."))
+MsgPath.default = "gw_message.php"
+
+PingPath = s:taboption("advanced", Value, "ping_path", translate("Ping ScriptPath"), translate("This is the script the user will be sent to check server."))
+PingPath.default = "ping"
+
+AuthPath = s:taboption("advanced", Value, "auth_path", translate("Auth ScriptPath"), translate("This is the script the user will be sent to check auth."))
+AuthPath.default = "auth"
+
+-- Trusted MAC List
+s = m:section(TypedSection,"whitelist_mac",translate("Trusted MAC List"), translate("MAC addresses who are allowed to pass through without authentication."))
+s.template = "cbi/tblsection"
+s.anonymous = true
+s.addremove = true
+
+e = s:option(Value, "name", translate("Hostname"))
+
+mac = s:option(Value, "mac", translate("<abbr title=\"Media Access Control\">MAC</abbr>-Address"))
+mac.datatype = "list(macaddr)"
+mac.rmempty  = true
+
+function mac.cfgvalue(self, section)
+    local val = Value.cfgvalue(self, section)
+    return ipc.checkmac(val) or val
+end
+
+sys.net.host_hints(function(m, v4, v6, name)
+    if m and v4 then
+        mac:value(m, "%s (%s)" %{ m, name or v4 })
+    end
+end)
+
+-- Trusted Domain List
+s = m:section(TypedSection,"whitelist_domain",translate("Trusted Domain List"),translate(""))
+s.template = "cbi/tblsection"
+s.anonymous = true
+s.addremove = true
+
+s:option(Value,"domain",translate("Domain Or IP"))
+
+
+m:section(SimpleSection).template = "wifidog-ng/client_list"
+
+return m
\ No newline at end of file
diff --git a/package/lean/luci-app-wifidog-ng/luasrc/view/wifidog-ng/client_list.htm b/package/lean/luci-app-wifidog-ng/luasrc/view/wifidog-ng/client_list.htm
new file mode 100644
index 000000000..1d69bc3a5
--- /dev/null
+++ b/package/lean/luci-app-wifidog-ng/luasrc/view/wifidog-ng/client_list.htm
@@ -0,0 +1,77 @@
+<script type="text/javascript">//<![CDATA[
+XHR.poll(10, '<%=luci.dispatcher.build_url("admin", "services", "wifidog-ng", "getClientList")%>', null,
+function(x, st) {
+    var tb = document.getElementById('client-list');
+    var sa = document.getElementById('wifidog-ng-status');
+    if (st && sa) {
+        if (st.running) {
+            sa.innerHTML = '<em><b><font color=green>WifiDog-ng <%:RUNNING%></font></b></em>';
+        } else {
+            sa.innerHTML = '<em><b><font color=red>WifiDog-ng <%:NOT RUNNING%></font></b></em>';
+        }
+    }
+
+    if (tb) {
+        /* clear all rows */
+        while (tb.firstElementChild !== tb.lastElementChild) {
+            tb.removeChild(tb.lastElementChild);
+        }
+
+        if (st && st.terminals) {
+            for (var i = 0; i < st.terminals.length; i++) {
+                var client = st.terminals[i];
+                var timestr;
+
+				if (client.timeout !== false) {
+					timestr = '<em><%:expired%></em>';
+				} else {
+					timestr = String.format('%t', client.uptime);
+				}
+
+                tb.appendChild(E('<div class="tr cbi-rowstyle-%d">'.format((i % 2) + 1), [
+                    E('<div class="td">', client.ip || '?'),
+                    E('<div class="td">', client.ip),
+                    E('<div class="td">', client.mac),
+                    E('<div class="td">', bandwidth_Label(client.outgoing)),
+                    E('<div class="td">', bandwidth_Label(client.incoming)),
+                    E('<div class="td">', timestr)
+                ]));
+            }
+        }
+
+        if (tb.firstElementChild === tb.lastElementChild) {
+            tb.appendChild(E('<div class="tr"><div class="td"><em><br /><%:No Authenticated Client%></em></div></div>'));
+        }
+    }
+});
+
+function bandwidth_Label(bytes) {
+    var uby = '<%:KB%>';
+    var kby = (bytes / 1024);
+
+    if (kby >= 1024) {
+        uby = '<%:MB%>';
+        kby = (kby / 1024);
+    }
+
+    return String.format("%f %s", kby.toFixed(2), uby);
+}
+//]]></script>
+
+<fieldset class="cbi-section">
+	<legend><%:Authenticated Client%></legend>
+	<div class="table" id="client-list">
+		<div class="tr">
+			<div class="th"><%:Hostname%></div>
+			<div class="th"><%:IPv4-Address%></div>
+			<div class="th"><%:MAC-Address%></div>
+			<div class="th"><%:TX%></div>
+			<div class="th"><%:RX%></div>
+			<div class="th"><%:Uptime%></div>
+		</div>
+		<div class="tr">
+			<div class="td"><em><br /><%:Collecting data...%></em></div>
+		</div>
+	</div>
+	
+</fieldset>
diff --git a/package/lean/luci-app-wifidog-ng/luasrc/view/wifidog-ng/wifidog-ng_status.htm b/package/lean/luci-app-wifidog-ng/luasrc/view/wifidog-ng/wifidog-ng_status.htm
new file mode 100644
index 000000000..5107b44ca
--- /dev/null
+++ b/package/lean/luci-app-wifidog-ng/luasrc/view/wifidog-ng/wifidog-ng_status.htm
@@ -0,0 +1,6 @@
+<style>.mar-10 {margin-left: 50px; margin-right: 10px;}</style>
+<fieldset class="cbi-section">
+	<p id="wifidog-ng-status">
+		<em><%:Collecting data...%></em>
+	</p>
+</fieldset>
diff --git a/package/lean/luci-app-wifidog-ng/po/zh-cn/luci-app-wifidog-ng.po b/package/lean/luci-app-wifidog-ng/po/zh-cn/luci-app-wifidog-ng.po
new file mode 100644
index 000000000..a3f7d719c
--- /dev/null
+++ b/package/lean/luci-app-wifidog-ng/po/zh-cn/luci-app-wifidog-ng.po
@@ -0,0 +1,132 @@
+
+msgid "<a target=\"_blank\" href=\"https://github.com/zhaojh329/wifidog-ng\">WifiDog-ng</a> It is a very efficient solution for wireless hotspot authentication."
+msgstr "<a target=\"_blank\" href=\"https://github.com/zhaojh329/wifidog-ng\">WifiDog-ng</a> 是一个非常高效的无线热点认证解决方案。"
+
+msgid "Client Settings"
+msgstr "程序设置"
+
+msgid "Enabled Trusted DHCP MAC"
+msgstr "启用DHCP中的MAC免验证"
+
+msgid "Does not support 1.5.6 and below"
+msgstr "不支持1.5.6及以下版本"
+
+msgid "Gateway ID"
+msgstr "设备 ID"
+
+msgid "The mac address of the default GatewayInterface"
+msgstr "默认为设备MAC地址"
+
+msgid "Gateway Interface"
+msgstr "内网接口"
+
+msgid "Set this to the internal IP address of the gateway, default 'br-lan'"
+msgstr "指定开启portal认证的网络接口，默认'br-lan'"
+
+msgid "Gateway Port"
+msgstr "HTTP监听的端口"
+
+msgid "Listen HTTP on this port"
+msgstr "HTTP监听此接口"
+
+msgid "Gateway SSLPort""
+msgstr "HTTPS监听的端口"
+
+msgid "Listen HTTPS on this port"
+msgstr "HTTPS监听此接口"
+
+msgid "WeChat SSID"
+msgstr "微信SSID"
+
+msgid "WeChat Use this ssid"
+msgstr "微信认证时使用"
+
+msgid "Check Interval"
+msgstr "检查时间周期（秒）"
+
+msgid "How many seconds should we wait between timeout checks."
+msgstr "作为心跳间隔，以及流量统计间隔"
+
+msgid "Client Timeout"
+msgstr "客户端超时下线时间（秒）"
+
+msgid "Set this to the desired of number of CheckInterval of inactivity before a client is logged out. The timeout will be INTERVAL * TIMEOUT"
+msgstr "超时下线时间：INTERVAL * TIMEOUT"
+
+msgid "Temppass Time"
+msgstr "临时放行时间（秒）"
+
+msgid "Allow users to pass in a number of seconds"
+msgstr "允许用户在规定时间内允许访问"
+
+msgid "Server Setting"
+msgstr "服务器设置"
+
+msgid "AuthServer Hostname"
+msgstr "授权服务器地址（支持域名）"
+
+msgid "AuthServer Hostname Or IP"
+msgstr "认证服务器地址, 可填写域名或IP"
+
+msgid "AuthServer Path"
+msgstr "服务器路径"
+
+msgid "The path must be both prefixed and suffixed by /. Use a single / for server root."
+msgstr "服务端WEB目录，必须以'/'结尾，列'/wifidog/'"
+
+msgid "AuthServer Port"
+msgstr "认证服务器端口"
+
+msgid "SSL Available"
+msgstr "开启SSL"
+
+msgid "Use SSL"
+msgstr "使用SSL"
+
+msgid "Login ScriptPath"
+msgstr "登录接口url路径段"
+
+msgid "This is the script the user will be sent to for login."
+msgstr "登录连接"
+
+msgid "Portal ScriptPath"
+msgstr "认证成功接口url路径段"
+
+msgid "This is the script the user will be sent to after a successfull login."
+msgstr "认证成功连接"
+
+msgid "Msg ScriptPath"
+msgstr "错误信息接口url路径段"
+
+msgid "This is the script the user will be sent to upon error to read a readable message."
+msgstr "错误信息连接"
+
+msgid "Ping ScriptPath"
+msgstr "Ping接口url路径段"
+
+msgid "This is the script the user will be sent to check server."
+msgstr "Ping连接"
+
+msgid "Auth ScriptPath"
+msgstr "授权验证接口url路径段"
+
+msgid "This is the script the user will be sent to check auth."
+msgstr "授权连接"
+
+msgid "Trusted MAC List"
+msgstr "免授权的MAC"
+
+msgid "MAC addresses who are allowed to pass through without authentication."
+msgstr "允许在未经身份验证的情况下通过的MAC地址"
+
+msgid "Trusted Domain List"
+msgstr "免授权的域名"
+
+msgid "Domain Or IP"
+msgstr "域名或者IP"
+
+msgid "Authenticated Client"
+msgstr "已授权的客户端"
+
+msgid "No Authenticated Client"
+msgstr "没有已经授权的客户端"
\ No newline at end of file
diff --git a/package/lean/luci-app-wifidog-ng/root/etc/config/wifidog-ng b/package/lean/luci-app-wifidog-ng/root/etc/config/wifidog-ng
new file mode 100644
index 000000000..af6fe5520
--- /dev/null
+++ b/package/lean/luci-app-wifidog-ng/root/etc/config/wifidog-ng
@@ -0,0 +1,26 @@
+
+config gateway
+    option enabled 0
+    option dhcp_host_white 1
+    option ifname 'br-lan'
+    option port 2060
+    option ssl_port 8443
+    option checkinterval 30
+    option client_timeout 5
+    option temppass_time 30
+ 
+config authserver
+    option host 'authserver.com'
+    option port 80
+    option ssl 0
+    option path '/wifidog/'
+    option login_path 'login'
+    option portal_path 'portal'
+    option msg_path 'gw_message.php'
+    option ping_path 'ping'
+    option auth_path 'auth'
+
+config popularserver
+    list server www.baidu.com
+    list server www.qq.com
+
diff --git a/package/lean/luci-app-wifidog-ng/root/etc/init.d/wifidog-ng b/package/lean/luci-app-wifidog-ng/root/etc/init.d/wifidog-ng
new file mode 100644
index 000000000..4aef9dadc
--- /dev/null
+++ b/package/lean/luci-app-wifidog-ng/root/etc/init.d/wifidog-ng
@@ -0,0 +1,60 @@
+#!/bin/sh /etc/rc.common
+#
+#
+
+START=99
+STOP=10
+
+BIN=/usr/bin/wifidog-ng
+
+parse_whitelist_mac() {
+    local cfg="$1"
+    local mac
+
+    uci_validate_section wifidog-ng whitelist "${1}" \
+        'mac:macaddr'
+
+    [ $? -ne 0 ] && {
+        echo "validation whitelist_mac failed" >&2
+        exit 1
+    }
+}
+
+parse_whitelist_domain() {
+    local cfg="$1"
+    local domain
+
+    uci_validate_section wifidog-ng whitelist "${1}" \
+        'domain:host'
+
+    [ $? -ne 0 ] && {
+        echo "validation whitelist_domain failed" >&2
+        exit 1
+    }
+}
+
+get_config() {
+    config_get_bool vt_enabled $1 enabled 0
+}
+
+start() {
+    config_load wifidog-ng
+    config_foreach get_config gateway
+
+    if [ "$vt_enabled" = 0 ]; then
+        echo "WARNING: WifiDog-ng is disabled."
+        exit 0
+    fi
+
+    #config_foreach parse_whitelist_mac whitelist_mac
+    #config_foreach parse_whitelist_domain whitelist_domain
+
+    modprobe wifidog-ng
+
+    $BIN & >/dev/null &
+}
+
+stop() {
+    rmmod wifidog-ng
+    killall -9 wifidog-ng 2>/dev/null
+}
diff --git a/package/lean/luci-app-wifidog-ng/root/etc/uci-defaults/001_luci-app-wifidog-ng b/package/lean/luci-app-wifidog-ng/root/etc/uci-defaults/001_luci-app-wifidog-ng
new file mode 100644
index 000000000..ab03d5767
--- /dev/null
+++ b/package/lean/luci-app-wifidog-ng/root/etc/uci-defaults/001_luci-app-wifidog-ng
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+uci -q batch <<-EOF >/dev/null
+    delete ucitrack.@wifidog-ng[-1]
+    add ucitrack wifidog-ng
+    set ucitrack.@wifidog-ng[-1].init=wifidog-ng
+    commit ucitrack
+EOF
+
+chmod +x /etc/init.d/wifidog-ng
+
+/etc/init.d/wifidog-ng stop
+
+yes|cp /tmp/wifidog-ng.init /etc/init.d/wifidog-ng
+
+chmod +x /etc/init.d/wifidog-ng
+
+/etc/init.d/wifidog-ng enable
+/etc/init.d/wifidog-ng start
+
+rm -f /tmp/luci-indexcache
+exit 0
\ No newline at end of file
diff --git a/package/lean/luci-app-wifidog-ng/root/tmp/wifidog-ng.init b/package/lean/luci-app-wifidog-ng/root/tmp/wifidog-ng.init
new file mode 100644
index 000000000..4aef9dadc
--- /dev/null
+++ b/package/lean/luci-app-wifidog-ng/root/tmp/wifidog-ng.init
@@ -0,0 +1,60 @@
+#!/bin/sh /etc/rc.common
+#
+#
+
+START=99
+STOP=10
+
+BIN=/usr/bin/wifidog-ng
+
+parse_whitelist_mac() {
+    local cfg="$1"
+    local mac
+
+    uci_validate_section wifidog-ng whitelist "${1}" \
+        'mac:macaddr'
+
+    [ $? -ne 0 ] && {
+        echo "validation whitelist_mac failed" >&2
+        exit 1
+    }
+}
+
+parse_whitelist_domain() {
+    local cfg="$1"
+    local domain
+
+    uci_validate_section wifidog-ng whitelist "${1}" \
+        'domain:host'
+
+    [ $? -ne 0 ] && {
+        echo "validation whitelist_domain failed" >&2
+        exit 1
+    }
+}
+
+get_config() {
+    config_get_bool vt_enabled $1 enabled 0
+}
+
+start() {
+    config_load wifidog-ng
+    config_foreach get_config gateway
+
+    if [ "$vt_enabled" = 0 ]; then
+        echo "WARNING: WifiDog-ng is disabled."
+        exit 0
+    fi
+
+    #config_foreach parse_whitelist_mac whitelist_mac
+    #config_foreach parse_whitelist_domain whitelist_domain
+
+    modprobe wifidog-ng
+
+    $BIN & >/dev/null &
+}
+
+stop() {
+    rmmod wifidog-ng
+    killall -9 wifidog-ng 2>/dev/null
+}
diff --git a/package/lean/luci-app-wifidog-ng/root/tmp/wifidog-ng.procd b/package/lean/luci-app-wifidog-ng/root/tmp/wifidog-ng.procd
new file mode 100644
index 000000000..8471a11b7
--- /dev/null
+++ b/package/lean/luci-app-wifidog-ng/root/tmp/wifidog-ng.procd
@@ -0,0 +1,71 @@
+#!/bin/sh /etc/rc.common
+
+USE_PROCD=1
+START=95
+
+BIN=/usr/bin/wifidog-ng
+
+parse_whitelist_mac() {
+    local cfg="$1"
+    local mac
+
+    uci_validate_section wifidog-ng whitelist "${1}" \
+        'mac:macaddr'
+
+    [ $? -ne 0 ] && {
+        echo "validation whitelist_mac failed" >&2
+        exit 1
+    }
+}
+
+parse_whitelist_domain() {
+    local cfg="$1"
+    local domain
+
+    uci_validate_section wifidog-ng whitelist "${1}" \
+        'domain:host'
+
+    [ $? -ne 0 ] && {
+        echo "validation whitelist_domain failed" >&2
+        exit 1
+    }
+}
+
+get_config() {
+    config_get_bool vt_enabled $1 enabled 0
+}
+
+start_service() {
+    stop_service()
+
+    config_load wifidog-ng
+    config_foreach get_config gateway
+
+    if [ "$vt_enabled" = 0 ]; then
+        echo "WARNING: WifiDog-ng is disabled."
+        exit 0
+    fi
+
+    config_foreach parse_whitelist_mac whitelist_mac
+    config_foreach parse_whitelist_domain whitelist_domain
+
+    modprobe wifidog-ng
+
+    procd_open_instance
+    procd_set_param command $BIN
+    procd_set_param respawn
+    procd_close_instance
+}
+
+stop_service() {
+    rmmod wifidog-ng
+    killall -9 wifidog-ng 2>/dev/null
+}
+
+service_triggers() {
+    procd_add_reload_trigger "wifidog-ng"
+}
+
+reload_service() {
+    start_service()
+}
\ No newline at end of file