summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorJo-Philipp Wich <jo@mein.io>2019-08-14 17:07:55 +0200
committerJo-Philipp Wich <jo@mein.io>2019-08-14 22:58:15 +0200
commited8f1c4c1c47465f79ddaf6af118d1dd29ee7d12 (patch)
tree914ae840352c37975e7053bbd2a60fb743eff34a
parent7610f1d9cfc64f2841faf3f74db6976dc0c190bc (diff)
luci-app-firewall: honour global default policies in per-zone settings
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
-rw-r--r--applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/forwards.js3
-rw-r--r--applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js3
-rw-r--r--applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/zones.js8
-rw-r--r--modules/luci-base/htdocs/luci-static/resources/network.js7
-rwxr-xr-xmodules/luci-base/root/usr/libexec/rpcd/luci90
-rw-r--r--modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json6
-rw-r--r--modules/luci-mod-network/htdocs/luci-static/resources/view/network/dhcp.js9
-rw-r--r--modules/luci-mod-network/htdocs/luci-static/resources/view/network/hosts.js3
-rw-r--r--modules/luci-mod-system/htdocs/luci-static/resources/view/system/leds.js34
-rw-r--r--modules/luci-mod-system/htdocs/luci-static/resources/view/system/system.js15
10 files changed, 98 insertions, 80 deletions
diff --git a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/forwards.js b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/forwards.js
index 63af69f8a9..80938711e9 100644
--- a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/forwards.js
+++ b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/forwards.js
@@ -75,7 +75,8 @@ function forward_via_txt(s) {
return L.view.extend({
callHostHints: rpc.declare({
object: 'luci',
- method: 'host_hints'
+ method: 'getHostHints',
+ expect: { '': {} }
}),
load: function() {
diff --git a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js
index a7924b1076..6df3bc7f85 100644
--- a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js
+++ b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js
@@ -112,7 +112,8 @@ function rule_target_txt(s) {
return L.view.extend({
callHostHints: rpc.declare({
object: 'luci',
- method: 'host_hints'
+ method: 'getHostHints',
+ expect: { '': {} }
}),
load: function() {
diff --git a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/zones.js b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/zones.js
index 22f1683fe4..3ac3f6e2fb 100644
--- a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/zones.js
+++ b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/zones.js
@@ -15,12 +15,14 @@ return L.view.extend({
load: function() {
return Promise.all([
- this.callConntrackHelpers()
+ this.callConntrackHelpers(),
+ firewall.getDefaults()
]);
},
render: function(data) {
var ctHelpers = data[0],
+ fwDefaults = data[1],
m, s, o, inp, out;
m = new form.Map('firewall', _('Firewall - Zone Settings'),
@@ -118,6 +120,10 @@ return L.view.extend({
p[i].editable = true;
}
+ p[0].default = fwDefaults.getInput();
+ p[1].default = fwDefaults.getOutput();
+ p[2].default = fwDefaults.getForward();
+
o = s.taboption('general', form.Flag, 'masq', _('Masquerading'));
o.editable = true;
diff --git a/modules/luci-base/htdocs/luci-static/resources/network.js b/modules/luci-base/htdocs/luci-static/resources/network.js
index 86e6ea5744..487adabb45 100644
--- a/modules/luci-base/htdocs/luci-static/resources/network.js
+++ b/modules/luci-base/htdocs/luci-static/resources/network.js
@@ -51,18 +51,19 @@ var callNetworkWirelessStatus = rpc.declare({
var callLuciNetdevs = rpc.declare({
object: 'luci',
- method: 'netdevs'
+ method: 'getNetworkDevices',
+ expect: { '': {} }
});
var callLuciIfaddrs = rpc.declare({
object: 'luci',
- method: 'ifaddrs',
+ method: 'getIfaddrs',
expect: { result: [] }
});
var callLuciBoardjson = rpc.declare({
object: 'luci',
- method: 'boardjson'
+ method: 'getBoardJSON'
});
var callIwinfoInfo = rpc.declare({
diff --git a/modules/luci-base/root/usr/libexec/rpcd/luci b/modules/luci-base/root/usr/libexec/rpcd/luci
index 7eac09214a..89bf14900c 100755
--- a/modules/luci-base/root/usr/libexec/rpcd/luci
+++ b/modules/luci-base/root/usr/libexec/rpcd/luci
@@ -9,7 +9,7 @@ local function readfile(path)
end
local methods = {
- initList = {
+ getInitList = {
args = { name = "name" },
call = function(args)
local sys = require "luci.sys"
@@ -22,11 +22,11 @@ local methods = {
return { error = "No such init script" }
end
end
- return { result = scripts }
+ return scripts
end
},
- initCall = {
+ setInitAction = {
args = { name = "name", action = "action" },
call = function(args)
local sys = require "luci.sys"
@@ -39,7 +39,7 @@ local methods = {
getLocaltime = {
call = function(args)
- return { localtime = os.time() }
+ return { result = os.time() }
end
},
@@ -52,11 +52,11 @@ local methods = {
sys.call("date -s '%04d-%02d-%02d %02d:%02d:%02d' >/dev/null" %{ date.year, date.month, date.day, date.hour, date.min, date.sec })
sys.call("/etc/init.d/sysfixtime restart >/dev/null")
end
- return { localtime = args.localtime }
+ return { result = args.localtime }
end
},
- timezone = {
+ getTimezones = {
call = function(args)
local util = require "luci.util"
local zones = require "luci.sys.zoneinfo"
@@ -76,11 +76,11 @@ local methods = {
active = (res and res.value == zone[1]) and true or nil
}
end
- return { result = result }
+ return result
end
},
- leds = {
+ getLEDs = {
call = function()
local iter = fs.dir("/sys/class/leds")
local result = { }
@@ -115,7 +115,7 @@ local methods = {
end
},
- usb = {
+ getUSBDevices = {
call = function()
local fs = require "nixio.fs"
local iter = fs.glob("/sys/bus/usb/devices/[0-9]*/manufacturer")
@@ -126,7 +126,7 @@ local methods = {
local p
for p in iter do
- local id = p:match("%d+-%d+")
+ local id = p:match("/([^/]+)/manufacturer$")
result.devices[#result.devices+1] = {
id = id,
@@ -139,18 +139,19 @@ local methods = {
end
end
- iter = fs.glob("/sys/bus/usb/devices/*/usb[0-9]*-port[0-9]*")
+ iter = fs.glob("/sys/bus/usb/devices/*/*-port[0-9]*")
if iter then
result.ports = {}
local p
for p in iter do
- local bus, port = p:match("usb(%d+)-port(%d+)")
+ local port = p:match("([^/]+)$")
+ local link = fs.readlink(p.."/device")
result.ports[#result.ports+1] = {
- hub = tonumber(bus),
- port = tonumber(port)
+ port = port,
+ device = link and fs.basename(link)
}
end
end
@@ -159,20 +160,20 @@ local methods = {
end
},
- ifaddrs = {
+ getIfaddrs = {
call = function()
return { result = nixio.getifaddrs() }
end
},
- host_hints = {
+ getHostHints = {
call = function()
local sys = require "luci.sys"
return sys.net.host_hints()
end
},
- duid_hints = {
+ getDUIDHints = {
call = function()
local fp = io.open('/var/hosts/odhcpd')
local result = { }
@@ -192,7 +193,7 @@ local methods = {
end
},
- leases = {
+ getDHCPLeases = {
args = { family = 0 },
call = function(args)
local s = require "luci.tools.status"
@@ -210,7 +211,7 @@ local methods = {
end
},
- netdevs = {
+ getNetworkDevices = {
call = function(args)
local dir = fs.dir("/sys/class/net")
local result = { }
@@ -273,45 +274,50 @@ local methods = {
end
},
- boardjson = {
+ getBoardJSON = {
call = function(args)
local jsc = require "luci.jsonc"
return jsc.parse(fs.readfile("/etc/board.json") or "")
end
},
- conntrack_helpers = {
+ getConntrackHelpers = {
call = function()
- local fd = io.open("/usr/share/fw3/helpers.conf", "r")
+ local ok, fd = pcall(io.open, "/usr/share/fw3/helpers.conf", "r")
local rv = {}
- local line, entry
- while true do
- line = fd:read("*l")
- if not line then
- break
- end
+ if ok then
+ local entry
- if line:match("^%s*config%s") then
- if entry then
- rv[#rv+1] = entry
+ while true do
+ local line = fd:read("*l")
+ if not line then
+ break
end
- entry = {}
- else
- local opt, val = line:match("^%s*option%s+(%S+)%s+(%S.*)$")
- if opt and val then
- opt = opt:gsub("^'(.+)'$", "%1"):gsub('^"(.+)"$', "%1")
- val = val:gsub("^'(.+)'$", "%1"):gsub('^"(.+)"$', "%1")
- entry[opt] = val
+
+ if line:match("^%s*config%s") then
+ if entry then
+ rv[#rv+1] = entry
+ end
+ entry = {}
+ else
+ local opt, val = line:match("^%s*option%s+(%S+)%s+(%S.*)$")
+ if opt and val then
+ opt = opt:gsub("^'(.+)'$", "%1"):gsub('^"(.+)"$', "%1")
+ val = val:gsub("^'(.+)'$", "%1"):gsub('^"(.+)"$', "%1")
+ entry[opt] = val
+ end
end
end
- end
- if entry then
- rv[#rv+1] = entry
+ if entry then
+ rv[#rv+1] = entry
+ end
+
+ fd:close()
end
- return { helpers = rv }
+ return { result = rv }
end
},
diff --git a/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json b/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json
index fb7be94cf4..5ffcbdc2e6 100644
--- a/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json
+++ b/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json
@@ -22,7 +22,7 @@
"read": {
"ubus": {
"iwinfo": [ "info" ],
- "luci": [ "boardjson", "duid_hints", "host_hints", "ifaddrs", "initList", "getLocaltime", "leases", "leds", "netdevs", "usb" ],
+ "luci": [ "getBoardJSON", "getDUIDHints", "getHostHints", "getIfaddrs", "getInitList", "getLocaltime", "getTimezones", "getDHCPLeases", "getLEDs", "getNetworkDevices", "getUSBDevices" ],
"network.device": [ "status" ],
"network.interface": [ "dump" ],
"network.wireless": [ "status" ],
@@ -33,7 +33,7 @@
},
"write": {
"ubus": {
- "luci": [ "initCall", "setLocaltime", "timezone" ],
+ "luci": [ "setInitAction", "setLocaltime" ],
"uci": [ "add", "apply", "confirm", "delete", "order", "set" ]
},
"uci": [ "*" ]
@@ -43,7 +43,7 @@
"description": "Grant access to firewall procedures",
"read": {
"ubus": {
- "luci": [ "conntrack_helpers" ]
+ "luci": [ "getConntrackHelpers" ]
},
"uci": [ "firewall" ]
},
diff --git a/modules/luci-mod-network/htdocs/luci-static/resources/view/network/dhcp.js b/modules/luci-mod-network/htdocs/luci-static/resources/view/network/dhcp.js
index 7035dc4769..1e9c402e0c 100644
--- a/modules/luci-mod-network/htdocs/luci-static/resources/view/network/dhcp.js
+++ b/modules/luci-mod-network/htdocs/luci-static/resources/view/network/dhcp.js
@@ -7,17 +7,19 @@ var callHostHints, callDUIDHints, callDHCPLeases, CBILeaseStatus;
callHostHints = rpc.declare({
object: 'luci',
- method: 'host_hints'
+ method: 'getHostHints',
+ expect: { '': {} }
});
callDUIDHints = rpc.declare({
object: 'luci',
- method: 'duid_hints'
+ method: 'getDUIDHints',
+ expect: { '': {} }
});
callDHCPLeases = rpc.declare({
object: 'luci',
- method: 'leases',
+ method: 'getDHCPLeases',
params: [ 'family' ],
expect: { dhcp_leases: [] }
});
@@ -57,7 +59,6 @@ return L.view.extend({
m, s, o, ss, so;
m = new form.Map('dhcp', _('DHCP and DNS'), _('Dnsmasq is a combined <abbr title="Dynamic Host Configuration Protocol">DHCP</abbr>-Server and <abbr title="Domain Name System">DNS</abbr>-Forwarder for <abbr title="Network Address Translation">NAT</abbr> firewalls'));
- m.tabbed = true;
s = m.section(form.TypedSection, 'dnsmasq', _('Server Settings'));
s.anonymous = true;
diff --git a/modules/luci-mod-network/htdocs/luci-static/resources/view/network/hosts.js b/modules/luci-mod-network/htdocs/luci-static/resources/view/network/hosts.js
index 2a49b04817..3cdea8adbe 100644
--- a/modules/luci-mod-network/htdocs/luci-static/resources/view/network/hosts.js
+++ b/modules/luci-mod-network/htdocs/luci-static/resources/view/network/hosts.js
@@ -5,7 +5,8 @@
return L.view.extend({
callHostHints: rpc.declare({
object: 'luci',
- method: 'host_hints'
+ method: 'getHostHints',
+ expect: { '': {} }
}),
load: function() {
diff --git a/modules/luci-mod-system/htdocs/luci-static/resources/view/system/leds.js b/modules/luci-mod-system/htdocs/luci-static/resources/view/system/leds.js
index c1109b5d64..a5bda05761 100644
--- a/modules/luci-mod-system/htdocs/luci-static/resources/view/system/leds.js
+++ b/modules/luci-mod-system/htdocs/luci-static/resources/view/system/leds.js
@@ -3,28 +3,23 @@
'require rpc';
'require form';
-var callInitAction, callLeds, callUSB, callNetdevs;
-
-callInitAction = rpc.declare({
- object: 'luci',
- method: 'initCall',
- params: [ 'name', 'action' ],
- expect: { result: false }
-});
+var callLeds, callUSB, callNetdevs;
callLeds = rpc.declare({
object: 'luci',
- method: 'leds'
+ method: 'getLEDs',
+ expect: { '': {} }
});
callUSB = rpc.declare({
object: 'luci',
- method: 'usb'
+ method: 'getUSBDevices',
+ expect: { '': {} }
});
callNetdevs = rpc.declare({
object: 'luci',
- method: 'ifaddrs',
+ method: 'getIfaddrs',
expect: { result: [] },
filter: function(res) {
var devs = {};
@@ -130,16 +125,23 @@ return L.view.extend({
value = String(value || '').split(/\s+/);
for (var i = 0; i < value.length; i++)
- if (value[i].match(/^usb(\d+)-port(\d+)$/))
- ports.push(value[i]);
- else if (value[i].match(/^(\d+)-(\d+)$/))
+ if (value[i].match(/^(\d+)-(\d+)$/))
ports.push('usb%d-port%d'.format(Regexp.$1, Regexp.$2));
+ else
+ ports.push(value[i]);
return ports;
};
usb.ports.forEach(function(usbport) {
- o.value('usb%d-port%d'.format(usbport.hub, usbport.port),
- 'Hub %d, Port %d'.format(usbport.hub, usbport.port));
+ var dev = (usbport.device && Array.isArray(usb.devices))
+ ? usb.devices.filter(function(d) { return d.id == usbport.device })[0] : null;
+
+ var label = _('Port %s').format(usbport.port);
+
+ if (dev)
+ label += ' (%s - %s)'.format(dev.vendor || '?', dev.product || '?');
+
+ o.value(usbport.port, label);
});
}
diff --git a/modules/luci-mod-system/htdocs/luci-static/resources/view/system/system.js b/modules/luci-mod-system/htdocs/luci-static/resources/view/system/system.js
index 6db973a8df..1ed8f64d8f 100644
--- a/modules/luci-mod-system/htdocs/luci-static/resources/view/system/system.js
+++ b/modules/luci-mod-system/htdocs/luci-static/resources/view/system/system.js
@@ -8,9 +8,9 @@ var callInitList, callInitAction, callTimezone,
callInitList = rpc.declare({
object: 'luci',
- method: 'initList',
+ method: 'getInitList',
params: [ 'name' ],
- expect: { result: {} },
+ expect: { '': {} },
filter: function(res) {
for (var k in res)
return +res[k].enabled;
@@ -20,7 +20,7 @@ callInitList = rpc.declare({
callInitAction = rpc.declare({
object: 'luci',
- method: 'initCall',
+ method: 'setInitAction',
params: [ 'name', 'action' ],
expect: { result: false }
});
@@ -28,20 +28,20 @@ callInitAction = rpc.declare({
callGetLocaltime = rpc.declare({
object: 'luci',
method: 'getLocaltime',
- expect: { localtime: 0 }
+ expect: { result: 0 }
});
callSetLocaltime = rpc.declare({
object: 'luci',
method: 'setLocaltime',
params: [ 'localtime' ],
- expect: { localtime: 0 }
+ expect: { result: 0 }
});
callTimezone = rpc.declare({
object: 'luci',
- method: 'timezone',
- expect: { result: {} }
+ method: 'getTimezones',
+ expect: { '': {} }
});
CBILocalTime = form.DummyValue.extend({
@@ -103,7 +103,6 @@ return L.view.extend({
_('Here you can configure the basic aspects of your device like its hostname or the timezone.'));
m.chain('luci');
- m.tabbed = true;
s = m.section(form.TypedSection, 'system', _('System Properties'));
s.anonymous = true;