summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorS. Brusch <ne20002@gmx.ch>2023-01-30 20:40:13 +0100
committerne20002 <ne20002@gmx.ch>2023-07-25 13:17:57 +0200
commit3a4843f341c9d0c5749b9cad4c82eacf67b0a79c (patch)
tree58c583f586e0b318316d3b513d984042e4caa4e6
parent075b86ceebe7c9ef31a11fcecad0b26960fd4dc3 (diff)
crowdsec-firewall-bouncer: add app
Signed-off-by: S. Brusch <ne20002@gmx.ch> Maintainer: S. Brusch <ne20002@gmx.ch> Compile tested: no compile, script Run tested: ipq40xx/generic, Fritzbox 4040, Openwrt 22.03.3 Description: this is the luci app for crowdsec-firewall-bouncer package
-rw-r--r--applications/luci-app-crowdsec-firewall-bouncer/Makefile18
-rw-r--r--applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer/form.js64
-rw-r--r--applications/luci-app-crowdsec-firewall-bouncer/po/en/crowdsec-firewall-bouncer.po73
-rw-r--r--applications/luci-app-crowdsec-firewall-bouncer/po/templates/crowdsec-firewall-bouncer.pot70
-rw-r--r--applications/luci-app-crowdsec-firewall-bouncer/root/usr/share/luci/menu.d/luci-app-crowdsec-firewall-bouncer.json13
-rw-r--r--applications/luci-app-crowdsec-firewall-bouncer/root/usr/share/rpcd/acl.d/luci-app-crowdsec-firewall-bouncer.json11
6 files changed, 249 insertions, 0 deletions
diff --git a/applications/luci-app-crowdsec-firewall-bouncer/Makefile b/applications/luci-app-crowdsec-firewall-bouncer/Makefile
new file mode 100644
index 0000000000..fb28d24ae4
--- /dev/null
+++ b/applications/luci-app-crowdsec-firewall-bouncer/Makefile
@@ -0,0 +1,18 @@
+#
+# Copyright (C) 2010 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+LUCI_TITLE:=CrowdSec firewall bouncer LuCI interface
+LUCI_DEPENDS:=+luci-base +crowdsec-firewall-bouncer
+
+PKG_MAINTAINER:=S. Brusch <ne20002@gmx.ch>
+PKG_LICENSE:=Apache-2.0
+
+include ../../luci.mk
+
+# call BuildPackage - OpenWrt buildroot signature
diff --git a/applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer/form.js b/applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer/form.js
new file mode 100644
index 0000000000..b8fe2ae02d
--- /dev/null
+++ b/applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer/form.js
@@ -0,0 +1,64 @@
+'use strict';
+'require view';
+'require form';
+'require tools.widgets as widgets';
+
+return view.extend({
+ render: function() {
+ var m, s, o;
+
+ m = new form.Map('crowdsec', _('CrowdSec'),
+ _('Gain <a href="http://www.crowdsec.net">crowd-sourced</a> protection against malicious IPs. ' +
+ 'Benefit from the most accurate CTI in the world.'));
+
+
+ s = m.section(form.TypedSection, 'bouncer', _('Bouncer'));
+ s.anonymous = true;
+
+ o = s.option(form.Flag, 'enabled', _('Enable'));
+ o.default = '0';
+ o.rmempty = false;
+
+ o = s.option(form.Value, 'api_url', _('URL of local API'),
+ _('The URL of your local CrowdSec API instance.'));
+ o.default = '';
+ o.rmempty = false;
+
+ o = s.option(form.Value, 'api_key', _('API key'),
+ _('The key of your bouncer as registered on the local CrowdSec API.'));
+ o.default = '';
+ o.password = true;
+ o.rmempty = false;
+
+ o = s.option(widgets.DeviceSelect, 'interface', _('Filtered interfaces'),
+ _('List of interfaces with traffic to be filtered.'));
+ o.noaliases = true;
+ o.multiple = true;
+ o.rmempty = false;
+
+ o = s.option(form.Flag, 'ipv6', _('Enable support for IPv6'),
+ _('If unchecked IPv6 will not be filtered.'));
+ o.default = '1';
+ o.rmempty = false;
+
+ o = s.option(form.Flag, 'filter_input', _('Filter input chain'),
+ _('Block packets from filtered interfaces addressed to the router itself.'));
+ o.default = '1';
+ o.rmempty = false;
+
+ o = s.option(form.Flag, 'filter_forward', _('Filter forward chain'),
+ _('Block packets from filtered interfaces addressed to devices in your network.'));
+ o.default = '1';
+ o.rmempty = false;
+
+ o = s.option(form.Flag, 'deny_log', _('Log filtered ip addresses'),
+ _('If checked, a log statement will be added to the firewall rule and blocked ' +
+ 'ip addresses will be logged to System Log.'));
+ o.default = '0';
+ o.rmempty = false;
+
+
+ return m.render();
+ },
+});
+
diff --git a/applications/luci-app-crowdsec-firewall-bouncer/po/en/crowdsec-firewall-bouncer.po b/applications/luci-app-crowdsec-firewall-bouncer/po/en/crowdsec-firewall-bouncer.po
new file mode 100644
index 0000000000..6b1a24876b
--- /dev/null
+++ b/applications/luci-app-crowdsec-firewall-bouncer/po/en/crowdsec-firewall-bouncer.po
@@ -0,0 +1,73 @@
+msgid ""
+msgstr ""
+"Language: en\n"
+"Content-Type: text/plain; charset=UTF-8"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:11
+msgid ""
+"Gain <a href=\"http://www.crowdsec.net\">crowd-sourced</a> protection against malicious IPs. "
+"Benefit from the most accurate CTI in the world."
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:18
+msgid "Enable"
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:22
+msgid "URL of local API"
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:23
+msgid "The URL of your local CrowdSec API instance."
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:27
+msgid "API key"
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:28
+msgid "The key of your bouncer as registered on the local CrowdSec API."
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:33
+msgid "Filtered interfaces"
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:34
+msgid "List of interfaces with traffic to be filtered."
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:40
+msgid "Enable support for IPv6"
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:41
+msgid "If unchecked IPv6 will not be filtered."
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:45
+msgid "Filter input chain"
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:46
+msgid "Block packets from filtered interfaces addressed to the router itself."
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:50
+msgid "Filter forward chain"
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:51
+msgid "Block packets from filtered interfaces addressed to devices in your network."
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:55
+msgid "Log filtered ip addresses"
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:56
+msgid ""
+"If checked, a log statement will be added to the firewall rule and blocked "
+"ip addresses will be logged to System Log."
+msgstr ""
diff --git a/applications/luci-app-crowdsec-firewall-bouncer/po/templates/crowdsec-firewall-bouncer.pot b/applications/luci-app-crowdsec-firewall-bouncer/po/templates/crowdsec-firewall-bouncer.pot
new file mode 100644
index 0000000000..8274a654ba
--- /dev/null
+++ b/applications/luci-app-crowdsec-firewall-bouncer/po/templates/crowdsec-firewall-bouncer.pot
@@ -0,0 +1,70 @@
+msgid ""
+msgstr "Content-Type: text/plain; charset=UTF-8"
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:11
+msgid ""
+"Gain <a href=\"http://www.crowdsec.net\">crowd-sourced</a> protection against malicious IPs. "
+"Benefit from the most accurate CTI in the world."
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:18
+msgid "Enable"
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:22
+msgid "URL of local API"
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:23
+msgid "The URL of your local CrowdSec API instance."
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:27
+msgid "API key"
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:28
+msgid "The key of your bouncer as registered on the local CrowdSec API."
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:33
+msgid "Filtered interfaces"
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:34
+msgid "List of interfaces with traffic to be filtered."
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:40
+msgid "Enable support for IPv6"
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:41
+msgid "If unchecked IPv6 will not be filtered."
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:45
+msgid "Filter input chain"
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:46
+msgid "Block packets from filtered interfaces addressed to the router itself."
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:50
+msgid "Filter forward chain"
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:51
+msgid "Block packets from filtered interfaces addressed to devices in your network."
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:55
+msgid "Log filtered ip addresses"
+msgstr ""
+
+#: applications/luci-app-crowdsec-firewall-bouncer/htdocs/luci-static/resources/view/crowdsec-firewall-bouncer.form.js:56
+msgid ""
+"If checked, a log statement will be added to the firewall rule and blocked "
+"ip addresses will be logged to System Log."
+msgstr ""
diff --git a/applications/luci-app-crowdsec-firewall-bouncer/root/usr/share/luci/menu.d/luci-app-crowdsec-firewall-bouncer.json b/applications/luci-app-crowdsec-firewall-bouncer/root/usr/share/luci/menu.d/luci-app-crowdsec-firewall-bouncer.json
new file mode 100644
index 0000000000..12bc1631c5
--- /dev/null
+++ b/applications/luci-app-crowdsec-firewall-bouncer/root/usr/share/luci/menu.d/luci-app-crowdsec-firewall-bouncer.json
@@ -0,0 +1,13 @@
+{
+ "admin/network/firewall/crowdsec-firewall-bouncer": {
+ "title": "CrowdSec Bouncer",
+ "order": 60,
+ "action": {
+ "type": "view",
+ "path": "crowdsec-firewall-bouncer/form"
+ },
+ "depends": {
+ "acl": [ "luci-app-crowdsec-firewall-bouncer" ]
+ }
+ },
+}
diff --git a/applications/luci-app-crowdsec-firewall-bouncer/root/usr/share/rpcd/acl.d/luci-app-crowdsec-firewall-bouncer.json b/applications/luci-app-crowdsec-firewall-bouncer/root/usr/share/rpcd/acl.d/luci-app-crowdsec-firewall-bouncer.json
new file mode 100644
index 0000000000..bc35211a2a
--- /dev/null
+++ b/applications/luci-app-crowdsec-firewall-bouncer/root/usr/share/rpcd/acl.d/luci-app-crowdsec-firewall-bouncer.json
@@ -0,0 +1,11 @@
+{
+ "luci-app-crowdsec-firewall-bouncer": {
+ "description": "Grant UCI access to LuCI app crowdsec-firewall-bouncer",
+ "read": {
+ "uci": [ "crowdsec" ]
+ },
+ "write": {
+ "uci": [ "crowdsec" ]
+ }
+ }
+}