npub12m5exm2uk3xa674cc5r0hlyvccs5xxn7qv83ezuteefv5972nquq4j4szl/esp32-tollgate/main/dns_server.c, branch feature/mining-payment[no description]https://upleb.uk/npub12m5exm2uk3xa674cc5r0hlyvccs5xxn7qv83ezuteefv5972nquq4j4szl/esp32-tollgate/atom?h=feature%2Fmining-payment2026-05-15T23:16:32+00:00Captive portal detection fix + Phase 2 tests 16-18,20 passing (17/17)2026-05-15T23:16:32+00:00Your Nameyou@example.com2026-05-15T23:16:32+00:00urn:sha1:50b5975ac8793d6d820c35b5999f8a909f64e71b
- Add DoT reject server on port 853 (TCP RST forces DNS-over-TLS fallback)
- DNS hijack returns NXDOMAIN for all non-A query types (no forwarding for unauthed)
- Shorter TTL on hijack responses (10s) for faster captive detection
- Explicit 302 redirect handlers for /generate_204, /hotspot-detect.html, etc.
- HTTP and DNS request logging for debugging captive detection
- Per-MAC tracking in firewall (find_by_mac, get_mac_for_ip with ARP fallback)
- Session MAC tracking (session_find_by_mac)
- Phase 2 test 18: add route through TollGate before ping test
- All 17 Phase 2 tests pass (15-21 + whoami + portal form)
Phase 1 working: captive portal, DNS hijack, NAT-based access control2026-05-15T11:33:40+00:00Your Nameyou@example.com2026-05-15T11:33:40+00:00urn:sha1:a7d0a672d59bf8985a6fc0e61b49015fabd96513
- Fix WiFi init order: netif creation before esp_wifi_init, set mode before set_config
- Replace broken netif input filter with NAPT on/off per authentication state
- NAPT disabled by default, enabled when client granted, disabled on revoke
- Fix test helpers: use -I wlp59s0 for ping, handle nslookup exit code 1
- All 20 API tests pass, all 6 smoke tests pass
initiall commit2026-05-15T07:36:25+00:00Your Nameyou@example.com2026-05-15T07:36:25+00:00urn:sha1:8a2307a5ced6da94cc674602219d5a68a1246264