summaryrefslogtreecommitdiffhomepage
path: root/applications/luci-app-firewall/luasrc/model/cbi
diff options
context:
space:
mode:
authorJo-Philipp Wich <jo@mein.io>2017-01-23 16:18:20 +0100
committerJo-Philipp Wich <jo@mein.io>2017-01-23 16:18:20 +0100
commitc7939d3feb7efae3581ce39c5eb15ad30cb3012d (patch)
tree3ce7dd217495ba2120136372502fe46afa93155f /applications/luci-app-firewall/luasrc/model/cbi
parente4b1bb315606c6c6078a1d3f81eea092762a47e7 (diff)
luci-app-firewall: use new ipmask validation types when applicable
This allows for address specifications like "fdca:1234:0123::abcd/::ffff:ffff:ffff:ffff" which only match the last 64 bits of an address. This syntax is legal and already supported by iptables and firewall3. Fixes https://bugs.lede-project.org/index.php?do=details&task_id=417 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'applications/luci-app-firewall/luasrc/model/cbi')
-rw-r--r--applications/luci-app-firewall/luasrc/model/cbi/firewall/forward-details.lua6
-rw-r--r--applications/luci-app-firewall/luasrc/model/cbi/firewall/rule-details.lua8
-rw-r--r--applications/luci-app-firewall/luasrc/model/cbi/firewall/zone-details.lua4
3 files changed, 9 insertions, 9 deletions
diff --git a/applications/luci-app-firewall/luasrc/model/cbi/firewall/forward-details.lua b/applications/luci-app-firewall/luasrc/model/cbi/firewall/forward-details.lua
index 22f1c77164..17a49483d7 100644
--- a/applications/luci-app-firewall/luasrc/model/cbi/firewall/forward-details.lua
+++ b/applications/luci-app-firewall/luasrc/model/cbi/firewall/forward-details.lua
@@ -73,7 +73,7 @@ o = s:option(Value, "src_ip",
translate("Source IP address"),
translate("Only match incoming traffic from this IP or range."))
o.rmempty = true
-o.datatype = "neg(ip4addr)"
+o.datatype = "neg(ipmask4)"
o.placeholder = translate("any")
luci.sys.net.ipv4_hints(function(ip, name)
@@ -99,7 +99,7 @@ end)
o.rmempty = true
-o.datatype = "neg(ip4addr)"
+o.datatype = "neg(ipmask4)"
o.placeholder = translate("any")
@@ -119,7 +119,7 @@ o.template = "cbi/firewall_zonelist"
o = s:option(Value, "dest_ip", translate("Internal IP address"),
translate("Redirect matched incoming traffic to the specified \
internal host"))
-o.datatype = "ip4addr"
+o.datatype = "ipmask4"
luci.sys.net.ipv4_hints(function(ip, name)
o:value(ip, "%s (%s)" %{ ip, name })
diff --git a/applications/luci-app-firewall/luasrc/model/cbi/firewall/rule-details.lua b/applications/luci-app-firewall/luasrc/model/cbi/firewall/rule-details.lua
index 97e93ae050..1c838888f1 100644
--- a/applications/luci-app-firewall/luasrc/model/cbi/firewall/rule-details.lua
+++ b/applications/luci-app-firewall/luasrc/model/cbi/firewall/rule-details.lua
@@ -99,7 +99,7 @@ elseif rule_type == "redirect" then
o = s:option(Value, "src_ip", translate("Source IP address"))
o.rmempty = true
- o.datatype = "neg(ipaddr)"
+ o.datatype = "neg(ipmask4)"
o.placeholder = translate("any")
luci.sys.net.ipv4_hints(function(ip, name)
@@ -123,7 +123,7 @@ elseif rule_type == "redirect" then
o = s:option(Value, "dest_ip", translate("Destination IP address"))
- o.datatype = "neg(ip4addr)"
+ o.datatype = "neg(ipmask4)"
luci.sys.net.ipv4_hints(function(ip, name)
o:value(ip, "%s (%s)" %{ ip, name })
@@ -269,7 +269,7 @@ else
o = s:option(Value, "src_ip", translate("Source address"))
- o.datatype = "neg(ipaddr)"
+ o.datatype = "neg(ipmask)"
o.placeholder = translate("any")
luci.sys.net.ipv4_hints(function(ip, name)
@@ -290,7 +290,7 @@ else
o = s:option(Value, "dest_ip", translate("Destination address"))
- o.datatype = "neg(ipaddr)"
+ o.datatype = "neg(ipmask)"
o.placeholder = translate("any")
luci.sys.net.ipv4_hints(function(ip, name)
diff --git a/applications/luci-app-firewall/luasrc/model/cbi/firewall/zone-details.lua b/applications/luci-app-firewall/luasrc/model/cbi/firewall/zone-details.lua
index c8b8f22bda..500d1bf32f 100644
--- a/applications/luci-app-firewall/luasrc/model/cbi/firewall/zone-details.lua
+++ b/applications/luci-app-firewall/luasrc/model/cbi/firewall/zone-details.lua
@@ -126,7 +126,7 @@ msrc = s:taboption("advanced", DynamicList, "masq_src",
translate("Restrict Masquerading to given source subnets"))
msrc.optional = true
-msrc.datatype = "list(neg(or(uciname,hostname,ip4addr)))"
+msrc.datatype = "list(neg(or(uciname,hostname,ipmask4)))"
msrc.placeholder = "0.0.0.0/0"
msrc:depends("family", "")
msrc:depends("family", "ipv4")
@@ -135,7 +135,7 @@ mdest = s:taboption("advanced", DynamicList, "masq_dest",
translate("Restrict Masquerading to given destination subnets"))
mdest.optional = true
-mdest.datatype = "list(neg(or(uciname,hostname,ip4addr)))"
+mdest.datatype = "list(neg(or(uciname,hostname,ipmask4)))"
mdest.placeholder = "0.0.0.0/0"
mdest:depends("family", "")
mdest:depends("family", "ipv4")