Redesigned firewall configuration

author: Steven Barth <steven@midlink.org> 2008-10-03 16:04:09 +0000
committer: Steven Barth <steven@midlink.org> 2008-10-03 16:04:09 +0000
commit: 1e10c4ae4a6a43ca0a2ea07c2b4cf95fce66cc7d (patch)
tree: b62814b4527adc5912e72403215f56085b07fad6 /applications/luci-fw/luasrc/model
parent: c2a2fccca3ad2cd805ff366a99d9f656918484d7 (diff)
6 files changed, 106 insertions, 51 deletions
diff --git a/applications/luci-fw/luasrc/model/cbi/luci_fw/portfw.lua b/applications/luci-fw/luasrc/model/cbi/luci_fw/redirect.lua
index 9afd4f3e5..3aa1066f5 100644
--- a/applications/luci-fw/luasrc/model/cbi/luci_fw/portfw.lua
+++ b/applications/luci-fw/luasrc/model/cbi/luci_fw/redirect.lua
@@ -12,13 +12,14 @@ You may obtain a copy of the License at
 $Id$
 ]]--
 require("luci.sys")
-m = Map("firewall", translate("fw_portfw"), translate("fw_portfw1"))
+m = Map("firewall", translate("fw_redirect"), translate("fw_redirect_desc"))
 
 
 s = m:section(TypedSection, "redirect", "")
 s.template  = "cbi/tblsection"
 s.addremove = true
 s.anonymous = true
+s.extedit   = luci.dispatcher.build_url("admin", "network", "firewall", "redirect", "%s")
 
 name = s:option(Value, "_name", translate("name"), translate("cbi_optional"))
 name.size = 10
diff --git a/applications/luci-fw/luasrc/model/cbi/luci_fw/routing.lua b/applications/luci-fw/luasrc/model/cbi/luci_fw/routing.lua
deleted file mode 100644
index f8689a05c..000000000
--- a/applications/luci-fw/luasrc/model/cbi/luci_fw/routing.lua
+++ /dev/null
@@ -1,30 +0,0 @@
---[[
-LuCI - Lua Configuration Interface
-
-Copyright 2008 Steven Barth <steven@midlink.org>
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-	http://www.apache.org/licenses/LICENSE-2.0
-
-$Id$
-]]--
-m = Map("firewall", translate("fw_forwarding"), translate("fw_forwarding1"))
-
-s = m:section(TypedSection, "forwarding", "")
-s.template  = "cbi/tblsection"
-s.addremove = true
-s.anonymous = true
-
-iface = s:option(ListValue, "src")
-oface = s:option(ListValue, "dest")
-
-luci.model.uci.cursor():foreach("firewall", "zone",
-	function (section)
-			iface:value(section.name)
-			oface:value(section.name)
-	end)
-
-return m
diff --git a/applications/luci-fw/luasrc/model/cbi/luci_fw/customfwd.lua b/applications/luci-fw/luasrc/model/cbi/luci_fw/rrule.lua
index b883c4750..795867616 100644
--- a/applications/luci-fw/luasrc/model/cbi/luci_fw/customfwd.lua
+++ b/applications/luci-fw/luasrc/model/cbi/luci_fw/rrule.lua
@@ -12,11 +12,12 @@ You may obtain a copy of the License at
 $Id$
 ]]--
 require("luci.sys")
-m = Map("firewall", translate("fw_portfw"), translate("fw_portfw1"))
+arg[1] = arg[1] or ""
 
+m = Map("firewall", translate("fw_redirect"), translate("fw_redirect_desc"))
 
-s = m:section(TypedSection, "redirect", "")
-s.addremove = true
+
+s = m:section(NamedSection, arg[1], "redirect", "")
 s.anonymous = true
 
 name = s:option(Value, "_name", translate("name"))
@@ -30,10 +31,10 @@ luci.model.uci.cursor():foreach("firewall", "zone",
 		iface:value(section.name)
 	end)
 	
-s:option(Value, "src_ip").optional = true
-s:option(Value, "src_mac").optional = true
+s:option(Value, "src_ip", translate("firewall_redirect_srcip")).optional = true
+s:option(Value, "src_mac", translate("firewall_redirect_srcmac")).optional = true
 
-sport = s:option(Value, "src_port")
+sport = s:option(Value, "src_port", translate("firewall_redirect_srcport"))
 sport.optional = true
 sport:depends("proto", "tcp")
 sport:depends("proto", "udp")
@@ -46,19 +47,19 @@ proto:value("tcp", "TCP")
 proto:value("udp", "UDP")
 proto:value("tcpudp", "TCP+UDP")
 
-dport = s:option(Value, "src_dport")
+dport = s:option(Value, "src_dport", translate("firewall_redirect_srcdport"))
 dport.size = 5
 dport.optional = true
 dport:depends("proto", "tcp")
 dport:depends("proto", "udp")
 dport:depends("proto", "tcpudp")
 
-to = s:option(Value, "dest_ip")
+to = s:option(Value, "dest_ip", translate("firewall_redirect_destip"))
 for i, dataset in ipairs(luci.sys.net.arptable()) do
 	to:value(dataset["IP address"])
 end
 
-toport = s:option(Value, "dest_port")
+toport = s:option(Value, "dest_port", translate("firewall_redirect_destport"))
 toport.optional = true
 toport.size = 5
 
diff --git a/applications/luci-fw/luasrc/model/cbi/luci_fw/traffic.lua b/applications/luci-fw/luasrc/model/cbi/luci_fw/traffic.lua
new file mode 100644
index 000000000..660f9706a
--- /dev/null
+++ b/applications/luci-fw/luasrc/model/cbi/luci_fw/traffic.lua
@@ -0,0 +1,80 @@
+--[[
+LuCI - Lua Configuration Interface
+
+Copyright 2008 Steven Barth <steven@midlink.org>
+Copyright 2008 Jo-Philipp Wich <xm@leipzig.freifunk.net>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+	http://www.apache.org/licenses/LICENSE-2.0
+
+$Id$
+]]--
+
+m = Map("firewall", translate("fw_traffic"))
+s = m:section(TypedSection, "forwarding", translate("fw_forwarding"), translate("fw_forwarding1"))
+s.template  = "cbi/tblsection"
+s.addremove = true
+s.anonymous = true
+
+iface = s:option(ListValue, "src", translate("fw_src"))
+oface = s:option(ListValue, "dest", translate("fw_dest"))
+
+luci.model.uci.cursor():foreach("firewall", "zone",
+	function (section)
+			iface:value(section.name)
+			oface:value(section.name)
+	end)
+
+
+
+s = m:section(TypedSection, "rule")
+s.addremove = true
+s.anonymous = true
+s.template = "cbi/tblsection"
+s.extedit   = luci.dispatcher.build_url("admin", "network", "firewall", "rule", "%s")
+
+local created = nil
+
+function s.create(self, section)
+	created = TypedSection.create(self, section)
+end
+
+function s.parse(self, ...)
+	TypedSection.parse(self, ...)
+	if created then
+		m.uci:save("firewall")
+		luci.http.redirect(luci.dispatcher.build_url(
+			"admin", "network", "firewall", "rule", created
+		))
+	end
+end
+
+s:option(DummyValue, "_name", translate("name"))
+s:option(DummyValue, "proto", translate("protocol"))
+
+src = s:option(DummyValue, "src", translate("fw_src"))
+function src.cfgvalue(self, s)
+	return "%s:%s:%s" % {
+		self.map:get(s, "src") or "*",
+		self.map:get(s, "src_ip") or "0.0.0.0/0",
+		self.map:get(s, "src_port") or "*"
+	} 
+end
+
+dest = s:option(DummyValue, "dest", translate("fw_dest"))
+function dest.cfgvalue(self, s)
+	return "%s:%s:%s" % {
+		self.map:get(s, "dest") or "*",
+		self.map:get(s, "dest_ip") or "0.0.0.0/0",
+		self.map:get(s, "dest_port") or "*"
+	} 
+end
+
+
+s:option(DummyValue, "target")
+
+
+return m
+\ No newline at end of file
diff --git a/applications/luci-fw/luasrc/model/cbi/luci_fw/firewall.lua b/applications/luci-fw/luasrc/model/cbi/luci_fw/trule.lua
index 0d9af93fc..3712196ff 100644
--- a/applications/luci-fw/luasrc/model/cbi/luci_fw/firewall.lua
+++ b/applications/luci-fw/luasrc/model/cbi/luci_fw/trule.lua
@@ -11,16 +11,19 @@ You may obtain a copy of the License at
 
 $Id$
 ]]--
-m = Map("firewall", translate("fw_rules"), translate("fw_rules1"))
+arg[1] = arg[1] or ""
+m = Map("firewall", translate("firewall_rule"), translate("firewall_rule_desc"))
 
-s = m:section(TypedSection, "rule", "")
-s.addremove = true
+s = m:section(NamedSection, arg[1], "rule", "")
 s.anonymous = true
 
-iface = s:option(ListValue, "src")
+name = s:option(Value, "_name", translate("name")..translate("cbi_optional"))
+name.rmempty = true
+
+iface = s:option(ListValue, "src", translate("firewall_rule_src"))
 iface.rmempty = true
 
-oface = s:option(ListValue, "dest")
+oface = s:option(ListValue, "dest", translate("firewall_rule_dest"))
 oface:value("")
 oface.optional = true
 
@@ -38,23 +41,23 @@ proto:value("tcp", "TCP")
 proto:value("udp", "UDP")
 proto:value("icmp", "ICMP")
 
-s:option(Value, "src_ip").optional = true
-s:option(Value, "dest_ip").optional = true
-s:option(Value, "src_mac").optional = true
+s:option(Value, "src_ip", translate("firewall_rule_srcip")).optional = true
+s:option(Value, "dest_ip", translate("firewall_rule_destip")).optional = true
+s:option(Value, "src_mac", translate("firewall_rule_srcmac")).optional = true
 
-sport = s:option(Value, "src_port")
+sport = s:option(Value, "src_port", translate("firewall_rule_srcport"))
 sport.optional = true
 sport:depends("proto", "tcp")
 sport:depends("proto", "udp")
 sport:depends("proto", "tcpudp")
 
-dport = s:option(Value, "dest_port")
+dport = s:option(Value, "dest_port", translate("firewall_rule_destport"))
 dport.optional = true
 dport:depends("proto", "tcp")
 dport:depends("proto", "udp")
 dport:depends("proto", "tcpudp")
 
-jump = s:option(ListValue, "target")
+jump = s:option(ListValue, "target", translate("firewall_rule_target"))
 jump.rmempty = true
 jump.default = "ACCEPT"
 jump:value("DROP", translate("fw_drop"))
diff --git a/applications/luci-fw/luasrc/model/cbi/luci_fw/general.lua b/applications/luci-fw/luasrc/model/cbi/luci_fw/zones.lua
index 38f95136d..38f95136d 100644
--- a/applications/luci-fw/luasrc/model/cbi/luci_fw/general.lua
+++ b/applications/luci-fw/luasrc/model/cbi/luci_fw/zones.lua
author	Steven Barth <steven@midlink.org>	2008-10-03 16:04:09 +0000
committer	Steven Barth <steven@midlink.org>	2008-10-03 16:04:09 +0000
commit	1e10c4ae4a6a43ca0a2ea07c2b4cf95fce66cc7d (patch)
tree	b62814b4527adc5912e72403215f56085b07fad6 /applications/luci-fw/luasrc/model
parent	c2a2fccca3ad2cd805ff366a99d9f656918484d7 (diff)