NIU:

+PortFw
+QoS
Reorganize Network

14 files changed, 327 insertions, 36 deletions

diff --git a/modules/niu/htdocs/luci-static/resources/icons32/preferences-system-network.png b/modules/niu/htdocs/luci-static/resources/icons32/preferences-system-network.png
new file mode 100644
index 000000000..0e16fd703
--- /dev/null
+++ b/modules/niu/htdocs/luci-static/resources/icons32/preferences-system-network.png
diff --git a/modules/niu/luasrc/controller/niu/network.lua b/modules/niu/luasrc/controller/niu/network.lua
index c0afba9e5..de3d7d49e 100644
--- a/modules/niu/luasrc/controller/niu/network.lua
+++ b/modules/niu/luasrc/controller/niu/network.lua
@@ -32,22 +32,12 @@ function index()
 	uci.inst_state:foreach("dhcp", "dhcp", function(s)
 		if s.interface == "lan" and s.ignore ~= "1" then 
 			entry({"niu", "network", "assign"}, cbi("niu/network/assign",
-	 			toniu), "Display and Customize Address Assignment", 30)
+	 			toniu), "Manage Address Assignment", 30)
 	 	end
 	end)
-	
-	entry({"niu", "network", "routes"},  cbi("niu/network/routes",
-	 toniu), "Display and Customize Routing", 40)
-	 
-	entry({"niu", "network", "conntrack"},  call("cnntrck"),
-	 "Display Local Network Activity", 50)
 	 
 	 if fs.access("/etc/config/ddns") then
 		entry({"niu", "network", "ddns"},  cbi("niu/network/ddns", toniu),
 		 "Configure Dynamic-DNS names", 60)		
 	 end
 end
-
-function cnntrck()
-	require "luci.template".render("niu/network/conntrack")
-end
diff --git a/modules/niu/luasrc/controller/niu/system.lua b/modules/niu/luasrc/controller/niu/system.lua
index e9e767a1d..593a44883 100644
--- a/modules/niu/luasrc/controller/niu/system.lua
+++ b/modules/niu/luasrc/controller/niu/system.lua
@@ -18,7 +18,7 @@ module "luci.controller.niu.system"
 function index()
 	local toniu = {on_success_to={"niu"}}
 
-	local e = entry({"niu", "system"}, alias("niu"), "System", 30)
+	local e = entry({"niu", "system"}, alias("niu"), "System", 40)
 	e.niu_dbtemplate = "niu/system"
 	e.niu_dbtasks = true
 	e.niu_dbicon = "icons32/preferences-system.png"
diff --git a/modules/niu/luasrc/controller/niu/traffic.lua b/modules/niu/luasrc/controller/niu/traffic.lua
new file mode 100644
index 000000000..76584eabf
--- /dev/null
+++ b/modules/niu/luasrc/controller/niu/traffic.lua
@@ -0,0 +1,45 @@
+--[[
+LuCI - Lua Development Framework
+
+Copyright 2009 Steven Barth <steven@midlink.org>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+	http://www.apache.org/licenses/LICENSE-2.0
+
+$Id$
+]]--
+
+local require = require
+module "luci.controller.niu.traffic"
+
+function index()
+	local toniu = {on_success_to={"niu"}}
+	
+	local e = entry({"niu", "traffic"}, alias("niu"), "Network Traffic", 30)
+	e.niu_dbtemplate = "niu/traffic"
+	e.niu_dbtasks = true
+	e.niu_dbicon = "icons32/preferences-system-network.png"
+	
+	if fs.access("/etc/config/firewall") then
+		entry({"niu", "traffic", "portfw"}, cbi("niu/traffic/portfw",
+	 	 toniu), "Manage Port Forwarding", 1)
+	end
+	
+	if fs.access("/etc/config/qos") then
+		entry({"niu", "traffic", "qos"}, cbi("niu/traffic/qos",
+	 	 toniu), "Manage Prioritization (QoS)", 2)
+	end
+	
+	entry({"niu", "traffic", "routes"},  cbi("niu/traffic/routes",
+	 toniu), "Manage Traffic Routing", 30)
+	 
+	entry({"niu", "traffic", "conntrack"},  call("cnntrck"),
+	 "Display Local Network Activity", 50)
+end
+
+function cnntrck()
+	require "luci.template".render("niu/traffic/conntrack")
+end
\ No newline at end of file
diff --git a/modules/niu/luasrc/model/cbi/niu/traffic/portfw.lua b/modules/niu/luasrc/model/cbi/niu/traffic/portfw.lua
new file mode 100644
index 000000000..bf4e132df
--- /dev/null
+++ b/modules/niu/luasrc/model/cbi/niu/traffic/portfw.lua
@@ -0,0 +1,20 @@
+local uci = require "luci.model.uci"
+local cursor = uci.cursor()
+local d = Delegator()
+d.allow_finish = true
+d.allow_back = true
+d.allow_cancel = true
+
+d:add("portfw1", load("niu/traffic/portfw1"))
+
+function d.on_cancel()
+	cursor:revert("firewall")
+	cursor:revert("upnpd")
+end
+
+function d.on_done()
+	cursor:commit("firewall")
+	cursor:commit("upnpd")
+end
+
+return d
\ No newline at end of file
diff --git a/modules/niu/luasrc/model/cbi/niu/traffic/portfw1.lua b/modules/niu/luasrc/model/cbi/niu/traffic/portfw1.lua
new file mode 100644
index 000000000..11ed4aa92
--- /dev/null
+++ b/modules/niu/luasrc/model/cbi/niu/traffic/portfw1.lua
@@ -0,0 +1,65 @@
+--[[
+LuCI - Lua Configuration Interface
+
+Copyright 2008 Steven Barth <steven@midlink.org>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+	http://www.apache.org/licenses/LICENSE-2.0
+
+$Id$
+]]--
+local fs = require "nixio.fs"
+local sys = require "luci.sys"
+
+m = Map("firewall", translate("Manage Port Forwarding"))
+
+s = m:section(TypedSection, "redirect", translate("Manual Port Forwarding"), 
+translate([[To manually define a forwarding rule you have to specify at least
+the internal IP-address and port of the service that should be forwarded.
+If you ommit the external port it will be the same as the internal port.
+You also can forward a range of ports by using the syntax first-last Port
+(e.g. 1024-1030) in the port field.]]))
+s.template  = "cbi/tblsection"
+s.addremove = true
+s.anonymous = true
+
+name = s:option(Value, "_name", translate("Name"), translate("optional"))
+name.size = 10
+
+iface = s:option(ListValue, "src", translate("Zone"))
+iface:value("wan", "Internet")
+iface.default = "wan"
+
+proto = s:option(ListValue, "proto", translate("Protocol"))
+proto:value("tcp", "TCP")
+proto:value("udp", "UDP")
+proto:value("tcpudp", "TCP+UDP")
+
+dport = s:option(Value, "src_dport", translate("Internal Port"))
+dport.size = 5
+
+to = s:option(Value, "dest_ip", translate("Internal Address"), translate("Device running the service"))
+for i, dataset in ipairs(sys.net.arptable()) do
+	to:value(dataset["IP address"])
+end
+
+toport = s:option(Value, "dest_port", translate("External Port"), translate("optional"));
+toport.size = 5
+
+local m2
+if fs.access("/etc/config/upnpd") then
+	m2 = Map("upnpd")
+	s = m2:section(NamedSection, "config", "upnpd", translate("Automatic Port Forwarding (UPnP IGD)"),
+	translate([[Allows UPnP-capable applications to automatically forward ports on the router to their IP-Address.
+	Be aware that this is a potential security risk as applications are not authenticated.]]))
+	s.addremove = false
+	
+	on = s:option(ListValue, "external_iface", translate("Port Forwarding Restrictions"))
+	on:value("none", translate("Manual Forwarding Only")) 
+	on:value("wan", translate("Automatic and Manual Forwarding"))
+end
+
+return m, m2
diff --git a/modules/niu/luasrc/model/cbi/niu/traffic/qos.lua b/modules/niu/luasrc/model/cbi/niu/traffic/qos.lua
new file mode 100644
index 000000000..aa1f3f89e
--- /dev/null
+++ b/modules/niu/luasrc/model/cbi/niu/traffic/qos.lua
@@ -0,0 +1,36 @@
+local uci = require "luci.model.uci"
+local cursor = uci.cursor()
+
+if not cursor:get("qos", "wan", "_niuinit") then
+	-- Load some more sensible default classifications
+	cursor:delete_all("qos", "classify")
+	cursor:section("qos", "classify", "dns", 
+		{target = "Priority", ports = "53", _name = "DNS"}
+	)
+	cursor:section("qos", "classify", "inet1",
+		{target = "Normal", ports = "20,21,22,80,443", _name = "WWW, SSH, FTP"}
+	)
+	cursor:section("qos", "classify", "inet2",
+		{target = "Normal", ports = "25,110,119,143", _name = "E-Mail, News"}
+	)
+
+	cursor:set("qos", "wan", "_niuinit", "1")
+	cursor:save("qos")
+end
+
+local d = Delegator()
+d.allow_finish = true
+d.allow_back = true
+d.allow_cancel = true
+
+d:add("qos1", load("niu/traffic/qos1"))
+
+function d.on_cancel()
+	cursor:revert("qos")
+end
+
+function d.on_done()
+	cursor:commit("qos")
+end
+
+return d
\ No newline at end of file
diff --git a/modules/niu/luasrc/model/cbi/niu/traffic/qos1.lua b/modules/niu/luasrc/model/cbi/niu/traffic/qos1.lua
new file mode 100644
index 000000000..6171dfaa7
--- /dev/null
+++ b/modules/niu/luasrc/model/cbi/niu/traffic/qos1.lua
@@ -0,0 +1,89 @@
+--[[
+LuCI - Lua Configuration Interface
+
+Copyright 2008 Steven Barth <steven@midlink.org>
+Copyright 2008 Jo-Philipp Wich <xm@leipzig.freifunk.net>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+	http://www.apache.org/licenses/LICENSE-2.0
+
+$Id$
+]]--
+
+local sys = require "luci.sys"
+local fs = require "nixio.fs"
+
+m = Map("qos", translate("Manage Prioritization (QoS)"), translate([[Different
+kinds of network traffic usually have different transmission requirements.
+For example the important factor for a large HTTP-download is bandwith whereas
+VoIP has a large focus on low packet latency. Prioritization takes these quality
+of service factors into account and optimizes priorities to allow reasonable 
+performance for time critical services.]]))
+
+s = m:section(NamedSection, "wan", "interface", translate("General Settings"),
+translate([[For QoS to work correctly you need to provide the upload and
+download speed of your internet connection. Values are in kilobits per second.
+For comparison a standard consumer ADSL connection has between 1000 and 25000
+kbps as donwload speed and between 128 and 1000 kbps upload speed.]]))
+s.addremove = false
+
+local en = s:option(ListValue, "enabled", translate("Prioritization"))
+en:value("1", "Enable Quality of Service")
+en:value("0", "Disable")
+
+local dl = s:option(Value, "download", translate("Maximum Download Speed"), "kbps")
+dl:depends("enabled", "1")
+
+local ul = s:option(Value, "upload", translate("Maximum Upload Speed"), "kbps")
+ul:depends("enabled", "1")
+
+s = m:section(TypedSection, "classify", translate("Finetuning"), translate([[
+The QoS application provides different useful default prioritization rules not
+listed here that cover many common use-cases. You however can add custom rules
+to finetune the prioritization process.]]))
+s.template = "cbi/tblsection"
+
+s.anonymous = true
+s.addremove = true
+
+n = s:option(Value, "_name", translate("Name"), translate("optional"))
+
+srch = s:option(Value, "srchost", translate("Local IP-Address"))
+srch.rmempty = true
+srch:value("", translate("all"))
+for i, dataset in ipairs(sys.net.arptable()) do
+	srch:value(dataset["IP address"])
+end
+
+p = s:option(ListValue, "proto", translate("Protocol"))
+p:value("", translate("all"))
+p:value("tcp", "TCP")
+p:value("udp", "UDP")
+p.rmempty = true
+
+ports = s:option(Value, "ports", translate("Ports"))
+ports.rmempty = true
+ports:value("", translate("any"))
+
+if fs.access("/etc/l7-protocols") then
+	l7 = s:option(ListValue, "layer7", translate("Service"))
+	l7.rmempty = true
+	l7:value("", translate("all"))
+	for f in fs.glob("/etc/l7-protocols/*.pat") do
+		l7:value(f:sub(19, #f-4))
+	end
+end
+
+s:option(Value, "connbytes", translate("Bytes sent"), translate("from[-to]"))
+
+t = s:option(ListValue, "target", translate("Priority"))
+t:value("Priority", translate("Highest"))
+t:value("Express", translate("High"))
+t:value("Normal", translate("Normal"))
+t:value("Bulk", translate("Low"))
+t.default = "Normal"
+
+return m
diff --git a/modules/niu/luasrc/model/cbi/niu/network/routes.lua b/modules/niu/luasrc/model/cbi/niu/traffic/routes.lua
index 64a587c81..f8e8a8af9 100644
--- a/modules/niu/luasrc/model/cbi/niu/network/routes.lua
+++ b/modules/niu/luasrc/model/cbi/niu/traffic/routes.lua
@@ -4,7 +4,7 @@ d.allow_finish = true
 d.allow_back = true
 d.allow_cancel = true
 
-d:add("routes1", load("niu/network/routes1"))
+d:add("routes1", load("niu/traffic/routes1"))
 
 function d.on_cancel()
 	cursor:revert("network")
diff --git a/modules/niu/luasrc/model/cbi/niu/network/routes1.lua b/modules/niu/luasrc/model/cbi/niu/traffic/routes1.lua
index 094831e72..094831e72 100644
--- a/modules/niu/luasrc/model/cbi/niu/network/routes1.lua
+++ b/modules/niu/luasrc/model/cbi/niu/traffic/routes1.lua
diff --git a/modules/niu/luasrc/view/niu/network.htm b/modules/niu/luasrc/view/niu/network.htm
index e49c93065..5f48317dc 100644
--- a/modules/niu/luasrc/view/niu/network.htm
+++ b/modules/niu/luasrc/view/niu/network.htm
@@ -15,17 +15,6 @@ end
 local wanon = uci.inst_state:get("network", "wan", "proto")
 local wanup = uci.inst_state:get("network", "wan", "up")
 local wanip = uci.inst_state:get("network", "wan", "ipaddr")
-local wanif = uci.inst_state:get("network", "wan", "ifname")
-local wanul, wandl
-
-if wanif then
-	local devstats = fs.readfile("/proc/net/dev")
- 	local rx, tx = devstats:match("%s*"..wanif..
- 	":%s*([0-9]+)%s+[0-9]+%s+[0-9]+%s+[0-9]+%s+"..
- 	"[0-9]+%s+[0-9]+%s+[0-9]+%s+[0-9]+%s+([0-9]+)")
- 	wanul = tx and (tonumber(tx) / 1000000000)
- 	wandl = rx and (tonumber(rx) / 1000000000)
-end
 
 local leasefn
 uci.inst:foreach("dhcp", "dnsmasq",
@@ -57,10 +46,10 @@ end
 <% if wanon and wanon ~= "none" then %>
 <tr>
 <% if wanup then %>
-<th>Uplink Address</th>
+<th>Uplink Address:</th>
 <td><%=wanip%></td>
 <% else %>
-<th>Uplink</th>
+<th>Uplink:</th>
 <td><span style="color: darkred"><em>offline</em></span>
 </td>
 <% end %>
@@ -68,23 +57,15 @@ end
 </tr>
 <% end %>
 
-<% if wanul and wandl then %>
-<tr>
-<th>Uplink Traffic</th><td>
-<%=("%.2f"):format(wandl)%> GB&#8659; <%=("%.2f"):format(wanul)%> GB&#8657;
-</td>
-</tr>
-<% end %> 
-
 <tr>
-<th>Local Address</th><td>
+<th>Local Address:</th><td>
 <%=uci.inst_state:get("network", "lan", "ipaddr")%>
 </td>
 </tr>
 
 <% if arps then %>
 <tr>
-<th>Active IP-Devices</th><td><%=arps%><% if leasefn then %>
+<th>Active IP-Devices:</th><td><%=arps%><% if leasefn then %>
 (<%=leasefn%> assigned)
 <% end %></td>
 </tr>
diff --git a/modules/niu/luasrc/view/niu/traffic.htm b/modules/niu/luasrc/view/niu/traffic.htm
new file mode 100644
index 000000000..97a18a151
--- /dev/null
+++ b/modules/niu/luasrc/view/niu/traffic.htm
@@ -0,0 +1,58 @@
+<%
+local uci = require "luci.model.uci"
+local fs = require "nixio.fs"
+
+local wanon = uci.inst_state:get("network", "wan", "up") == "1"
+local wanif = wanon and uci.inst_state:get("network", "wan", "ifname")
+local lanif = uci.inst_state:get("network", "lan", "ifname")
+local wanul, wandl, lanul, landl
+local devstats = fs.readfile("/proc/net/dev")
+
+local fwav = fs.access("/etc/config/firewall", "r")
+local fwon = uci.inst_state:get("firewall", "core", "loaded") == "1"
+
+if lanif then
+	local rx, tx = devstats:match("%s*"..lanif..
+ 	":%s*([0-9]+)%s+[0-9]+%s+[0-9]+%s+[0-9]+%s+"..
+ 	"[0-9]+%s+[0-9]+%s+[0-9]+%s+[0-9]+%s+([0-9]+)")
+ 	lanul = tx and (tonumber(tx) / 1000000000)
+ 	landl = rx and (tonumber(rx) / 1000000000)
+end
+
+if wanif then
+ 	local rx, tx = devstats:match("%s*"..wanif..
+ 	":%s*([0-9]+)%s+[0-9]+%s+[0-9]+%s+[0-9]+%s+"..
+ 	"[0-9]+%s+[0-9]+%s+[0-9]+%s+[0-9]+%s+([0-9]+)")
+ 	wanul = tx and (tonumber(tx) / 1000000000)
+ 	wandl = rx and (tonumber(rx) / 1000000000)
+end
+
+%>
+
+<table class="dbstattbl">
+<% if wanul and wandl then %>
+<tr>
+<th>Uplink Traffic: </th><td>
+<%=("%.2f"):format(wandl)%> GB&#8659; <%=("%.2f"):format(wanul)%> GB&#8657;
+</td>
+</tr>
+<% end %> 
+
+<% if lanul and landl then %>
+<tr>
+<th>Local Traffic: </th><td>
+<%=("%.2f"):format(landl)%> GB&#8659; <%=("%.2f"):format(lanul)%> GB&#8657;
+</td>
+</tr>
+<% end %>
+
+<% if fwav then %>
+<tr>
+<th>Firewall: </th><td>
+<%=fwon and translate("active") or translate("inactive")%>
+</td>
+</tr>
+<% end %>
+
+</table>
+<br />
\ No newline at end of file
diff --git a/modules/niu/luasrc/view/niu/network/conntrack.htm b/modules/niu/luasrc/view/niu/traffic/conntrack.htm
index 09b1d6b1c..09b1d6b1c 100644
--- a/modules/niu/luasrc/view/niu/network/conntrack.htm
+++ b/modules/niu/luasrc/view/niu/traffic/conntrack.htm
diff --git a/modules/niu/root/etc/uci-defaults/luci-niu-firstrun b/modules/niu/root/etc/uci-defaults/luci-niu-firstrun
new file mode 100644
index 000000000..3462a38ee
--- /dev/null
+++ b/modules/niu/root/etc/uci-defaults/luci-niu-firstrun
@@ -0,0 +1,7 @@
+#!/bin/sh
+# Disable some services by default
+
+uci get luci.main._niuinit && exit 0
+uci set qos.wan.enabled=0
+uci set upnpd.config.external_iface=none
+uci set luci.main._niuinit=1
\ No newline at end of file