diff options
author | Jo-Philipp Wich <jo@mein.io> | 2017-01-23 16:18:20 +0100 |
---|---|---|
committer | Jo-Philipp Wich <jo@mein.io> | 2017-01-23 16:18:20 +0100 |
commit | c7939d3feb7efae3581ce39c5eb15ad30cb3012d (patch) | |
tree | 3ce7dd217495ba2120136372502fe46afa93155f /applications/luci-app-firewall/luasrc/model/cbi | |
parent | e4b1bb315606c6c6078a1d3f81eea092762a47e7 (diff) |
luci-app-firewall: use new ipmask validation types when applicable
This allows for address specifications like "fdca:1234:0123::abcd/::ffff:ffff:ffff:ffff"
which only match the last 64 bits of an address. This syntax is legal and already supported
by iptables and firewall3.
Fixes https://bugs.lede-project.org/index.php?do=details&task_id=417
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'applications/luci-app-firewall/luasrc/model/cbi')
3 files changed, 9 insertions, 9 deletions
diff --git a/applications/luci-app-firewall/luasrc/model/cbi/firewall/forward-details.lua b/applications/luci-app-firewall/luasrc/model/cbi/firewall/forward-details.lua index 22f1c77164..17a49483d7 100644 --- a/applications/luci-app-firewall/luasrc/model/cbi/firewall/forward-details.lua +++ b/applications/luci-app-firewall/luasrc/model/cbi/firewall/forward-details.lua @@ -73,7 +73,7 @@ o = s:option(Value, "src_ip", translate("Source IP address"), translate("Only match incoming traffic from this IP or range.")) o.rmempty = true -o.datatype = "neg(ip4addr)" +o.datatype = "neg(ipmask4)" o.placeholder = translate("any") luci.sys.net.ipv4_hints(function(ip, name) @@ -99,7 +99,7 @@ end) o.rmempty = true -o.datatype = "neg(ip4addr)" +o.datatype = "neg(ipmask4)" o.placeholder = translate("any") @@ -119,7 +119,7 @@ o.template = "cbi/firewall_zonelist" o = s:option(Value, "dest_ip", translate("Internal IP address"), translate("Redirect matched incoming traffic to the specified \ internal host")) -o.datatype = "ip4addr" +o.datatype = "ipmask4" luci.sys.net.ipv4_hints(function(ip, name) o:value(ip, "%s (%s)" %{ ip, name }) diff --git a/applications/luci-app-firewall/luasrc/model/cbi/firewall/rule-details.lua b/applications/luci-app-firewall/luasrc/model/cbi/firewall/rule-details.lua index 97e93ae050..1c838888f1 100644 --- a/applications/luci-app-firewall/luasrc/model/cbi/firewall/rule-details.lua +++ b/applications/luci-app-firewall/luasrc/model/cbi/firewall/rule-details.lua @@ -99,7 +99,7 @@ elseif rule_type == "redirect" then o = s:option(Value, "src_ip", translate("Source IP address")) o.rmempty = true - o.datatype = "neg(ipaddr)" + o.datatype = "neg(ipmask4)" o.placeholder = translate("any") luci.sys.net.ipv4_hints(function(ip, name) @@ -123,7 +123,7 @@ elseif rule_type == "redirect" then o = s:option(Value, "dest_ip", translate("Destination IP address")) - o.datatype = "neg(ip4addr)" + o.datatype = "neg(ipmask4)" luci.sys.net.ipv4_hints(function(ip, name) o:value(ip, "%s (%s)" %{ ip, name }) @@ -269,7 +269,7 @@ else o = s:option(Value, "src_ip", translate("Source address")) - o.datatype = "neg(ipaddr)" + o.datatype = "neg(ipmask)" o.placeholder = translate("any") luci.sys.net.ipv4_hints(function(ip, name) @@ -290,7 +290,7 @@ else o = s:option(Value, "dest_ip", translate("Destination address")) - o.datatype = "neg(ipaddr)" + o.datatype = "neg(ipmask)" o.placeholder = translate("any") luci.sys.net.ipv4_hints(function(ip, name) diff --git a/applications/luci-app-firewall/luasrc/model/cbi/firewall/zone-details.lua b/applications/luci-app-firewall/luasrc/model/cbi/firewall/zone-details.lua index c8b8f22bda..500d1bf32f 100644 --- a/applications/luci-app-firewall/luasrc/model/cbi/firewall/zone-details.lua +++ b/applications/luci-app-firewall/luasrc/model/cbi/firewall/zone-details.lua @@ -126,7 +126,7 @@ msrc = s:taboption("advanced", DynamicList, "masq_src", translate("Restrict Masquerading to given source subnets")) msrc.optional = true -msrc.datatype = "list(neg(or(uciname,hostname,ip4addr)))" +msrc.datatype = "list(neg(or(uciname,hostname,ipmask4)))" msrc.placeholder = "0.0.0.0/0" msrc:depends("family", "") msrc:depends("family", "ipv4") @@ -135,7 +135,7 @@ mdest = s:taboption("advanced", DynamicList, "masq_dest", translate("Restrict Masquerading to given destination subnets")) mdest.optional = true -mdest.datatype = "list(neg(or(uciname,hostname,ip4addr)))" +mdest.datatype = "list(neg(or(uciname,hostname,ipmask4)))" mdest.placeholder = "0.0.0.0/0" mdest:depends("family", "") mdest:depends("family", "ipv4") |