summaryrefslogtreecommitdiffhomepage
path: root/applications
diff options
context:
space:
mode:
authordanrl <mail@danrl.com>2017-02-16 19:40:26 +0100
committerdanrl <mail@danrl.com>2017-02-17 07:32:17 +0100
commit58833aa2df97ba93a9512f3b0c428cf558fa2235 (patch)
tree3d31e9898c8f412992f0ec1b8c5eeda509df6f78 /applications
parentc0303598d5420324fa8991bfca8f34d341ab4d44 (diff)
luci-app-wireguard: initial commit
This application allows for monitoring of WireGuard interfaces via the Status menu. Signed-off-by: Dan Luedtke <mail@danrl.com>
Diffstat (limited to 'applications')
-rw-r--r--applications/luci-app-wireguard/Makefile17
-rw-r--r--applications/luci-app-wireguard/luasrc/controller/wireguard.lua8
-rw-r--r--applications/luci-app-wireguard/luasrc/view/wireguard.htm280
3 files changed, 305 insertions, 0 deletions
diff --git a/applications/luci-app-wireguard/Makefile b/applications/luci-app-wireguard/Makefile
new file mode 100644
index 0000000000..2ca3e7e58f
--- /dev/null
+++ b/applications/luci-app-wireguard/Makefile
@@ -0,0 +1,17 @@
+#
+# Copyright (C) 2016-2017 Dan Luedtke <mail@danrl.com>
+#
+# This is free software, licensed under the Apache License, Version 2.0 .
+#
+
+include $(TOPDIR)/rules.mk
+
+LUCI_TITLE:=WireGuard Status
+LUCI_DEPENDS:=+wireguard
+LUCI_PKGARCH:=all
+
+PKG_MAINTAINER:=Dan Luedtke <mail@danrl.com>
+
+include ../../luci.mk
+
+# call BuildPackage - OpenWrt buildroot signature
diff --git a/applications/luci-app-wireguard/luasrc/controller/wireguard.lua b/applications/luci-app-wireguard/luasrc/controller/wireguard.lua
new file mode 100644
index 0000000000..68a82fe5cc
--- /dev/null
+++ b/applications/luci-app-wireguard/luasrc/controller/wireguard.lua
@@ -0,0 +1,8 @@
+-- Copyright 2016-2017 Dan Luedtke <mail@danrl.com>
+-- Licensed to the public under the Apache License 2.0.
+
+module("luci.controller.wireguard", package.seeall)
+
+function index()
+ entry({"admin", "status", "wireguard"}, template("wireguard"), _("WireGuard Status"), 92)
+end
diff --git a/applications/luci-app-wireguard/luasrc/view/wireguard.htm b/applications/luci-app-wireguard/luasrc/view/wireguard.htm
new file mode 100644
index 0000000000..5a7798587a
--- /dev/null
+++ b/applications/luci-app-wireguard/luasrc/view/wireguard.htm
@@ -0,0 +1,280 @@
+<%#
+ Copyright 2016-2017 Dan Luedtke <mail@danrl.com>
+ Licensed to the public under the Apache License 2.0.
+-%>
+
+<%
+ function strip(s)
+ return (s:gsub("^%s*(.-)%s*$", "%1"))
+ end
+
+ function is_valid(s)
+ return (string.len(strip(s)) > 0)
+ end
+
+ function peer_add(peers, public_key)
+ table.insert(peers, {
+ public_key = public_key,
+ endpoint = "",
+ transfer_rx = 0,
+ transfer_tx = 0,
+ latest_handshake = -1,
+ persistent_keepalive = "",
+ allowed_ips = { }
+ })
+ end
+
+ function peer_set_transfer(peers, public_key, rx, tx)
+ for key, peer in pairs(peers) do
+ if peer.public_key == public_key then
+ peers[key].transfer_rx = rx
+ peers[key].transfer_tx = tx
+ break
+ end
+ end
+ end
+
+ function peer_set_latest_handshake(peers, public_key, latest_handshake)
+ for key, peer in pairs(peers) do
+ if peer.public_key == public_key then
+ peers[key].latest_handshake = latest_handshake
+ break
+ end
+ end
+ end
+
+ function peer_set_endpoint(peers, public_key, endpoint)
+ for key, peer in pairs(peers) do
+ if peer.public_key == public_key then
+ peers[key].endpoint = endpoint
+ break
+ end
+ end
+ end
+
+ function peer_set_persistent_keepalive(peers, public_key, persistent_keepalive)
+ for key, peer in pairs(peers) do
+ if peer.public_key == public_key then
+ peers[key].persistent_keepalive = persistent_keepalive
+ break
+ end
+ end
+ end
+
+ function peer_set_allowed_ips(peers, public_key, allowed_ips)
+ for key, peer in pairs(peers) do
+ if peer.public_key == public_key then
+ for ipkey, ipvalue in pairs(string.split(allowed_ips, " ")) do
+ if is_valid(ipvalue) then
+ table.insert(peers[key].allowed_ips, strip(ipvalue))
+ end
+ end
+ break
+ end
+ end
+ end
+
+ local data = { }
+
+ local wg_ifaces = luci.sys.exec("wg show interfaces")
+ for key, name in pairs(string.split(wg_ifaces, "\n")) do
+ if not is_valid(name) then break end
+ name = strip(name)
+ local public_key = luci.sys.exec("wg show \"" .. name .. "\" public-key")
+ local listening_port = luci.sys.exec("wg show \"" .. name .. "\" listen-port")
+
+ local peers = { }
+ local wg_peers = luci.sys.exec("wg show \"" .. name .. "\" peers")
+ for key, public_key in pairs(string.split(wg_peers, "\n")) do
+ if not is_valid(public_key) then break end
+ peer_add(peers, public_key)
+ end
+
+ local wg_endpoints = luci.sys.exec("wg show \"" .. name .. "\" endpoints")
+ for key, endpoint in pairs(string.split(wg_endpoints, "\n")) do
+ if not is_valid(endpoint) then break end
+ local ln = string.split(strip(endpoint), "\t")
+ peer_set_endpoint(peers, ln[1], strip(ln[2]))
+ end
+
+ local wg_allowed_ips = luci.sys.exec("wg show \"" .. name .. "\" allowed-ips")
+ for key, allowed_ips in pairs(string.split(wg_allowed_ips, "\n")) do
+ if not is_valid(allowed_ips) then break end
+ local ln = string.split(strip(allowed_ips), "\t", 2)
+ peer_set_allowed_ips(peers, ln[1], strip(ln[2]))
+ end
+
+ local wg_persistent_keepalives = luci.sys.exec("wg show \"" .. name .. "\" persistent-keepalive")
+ for key, persistent_keepalive in pairs(string.split(wg_persistent_keepalives, "\n")) do
+ if not is_valid(persistent_keepalive) then break end
+ local ln = string.split(strip(persistent_keepalive), "\t")
+ peer_set_persistent_keepalive(peers, strip(ln[1]), strip(ln[2]))
+ end
+
+ local wg_latest_handshakes = luci.sys.exec("wg show \"" .. name .. "\" latest-handshakes")
+ for key, latest_handshake in pairs(string.split(wg_latest_handshakes, "\n")) do
+ if not is_valid(latest_handshake) then break end
+ local ln = string.split(strip(latest_handshake), "\t")
+ peer_set_latest_handshake(peers, strip(ln[1]), tonumber(ln[2]))
+ end
+
+ local wg_transfers = luci.sys.exec("wg show \"" .. name .. "\" transfer")
+ for key, transfer in pairs(string.split(wg_transfers, "\n")) do
+ if not is_valid(transfer) then break end
+ local ln = string.split(strip(transfer), "\t")
+ peer_set_transfer(peers, ln[1], strip(ln[2]), strip(ln[3]))
+ end
+
+ table.insert(data, {
+ name = name,
+ public_key = strip(public_key),
+ listening_port = tonumber(strip(listening_port)),
+ peers = peers
+ })
+ end
+
+ if luci.http.formvalue("status") == "1" then
+ luci.http.prepare_content("application/json")
+ luci.http.write_json(data)
+ return
+ end
+-%>
+
+<%+header%>
+
+<script type="text/javascript" src="<%=resource%>/cbi.js"></script>
+<script type="text/javascript">//<![CDATA[
+
+ function bytes_to_str(bytes) {
+ var sizes = ['B', 'KiB', 'MiB', 'GiB', 'TiB', 'PiB'];
+ var i = parseInt(Math.floor(Math.log(bytes) / Math.log(1024)));
+ return Math.round(bytes / Math.pow(1024, i), 2) + ' ' + sizes[i];
+ };
+
+ function timestamp_to_str(timestamp) {
+ var now = new Date();
+ var seconds = (now.getTime() / 1000) - timestamp;
+ if (seconds < 60){
+ return parseInt(seconds) + '<%:s ago%>';
+ }
+ else if (seconds < 3600){
+ return parseInt(seconds / 60) + '<%:m ago%>';
+ }
+ else if (seconds < 86400){
+ return parseInt(seconds / 3600) + '<%:h ago%>';
+ } else {
+ return '<%:over a day ago%>';
+ }
+ }
+
+ XHR.poll(5, '<%=REQUEST_URI%>', { status: 1 },
+ function(x, data) {
+ for (var i = 0, ilen = data.length; i < ilen; i++) {
+ var iface = data[i];
+ var ifid = iface['public_key'] + "_";
+ var s = String.format(
+ '<strong><%:Public Key%>: </strong>%s' +
+ '<br /><strong><%:Listening Port%>: </strong>%<%:s%>',
+ iface['public_key'],
+ iface['listening_port']
+ );
+ document.getElementById(ifid + "info").innerHTML = s;
+ for (var j = 0, jlen = iface['peers'].length; j < jlen; j++) {
+ var peer = iface['peers'][j];
+ var pid = ifid + peer['public_key'] + "_";
+ s = String.format(
+ '<strong><%:Public Key%>: </strong>%s',
+ peer['public_key']
+ );
+ if (peer['endpoint'] != '(none)') {
+ s += String.format(
+ '<br /><strong><%:Endpoint%>: </strong>%s',
+ peer['endpoint']
+ );
+ }
+ if (peer['allowed_ips'].length > 0) {
+ s += '<br /><strong><%:Allowed IPs%>:</strong>';
+ for (var k = 0, klen = peer['allowed_ips'].length; k < klen; k++) {
+ s += '<br />&nbsp;&nbsp;&bull;&nbsp;' + peer['allowed_ips'][k];
+ }
+ }
+ if (peer['persistent_keepalive'] != 'off') {
+ s += String.format(
+ '<br /><strong><%:Persistent Keepalive%>: </strong>%ss',
+ peer['persistent_keepalive']
+ );
+ }
+ var icon = '<img src="<%=resource%>/icons/tunnel_disabled.png" />';
+ if (((now.getTime() / 1000) - peer['latest_handshake']) < 140) {
+ icon = '<img src="<%=resource%>/icons/tunnel.png" />';
+ s += String.format(
+ '<br /><strong><%:Latest Handshake%>: </strong>%s',
+ timestamp_to_str(peer['latest_handshake'])
+ );
+ }
+ s += String.format(
+ '<br /><strong><%:Data Received%>: </strong>%s' +
+ '<br /><strong><%:Data Transmitted%>: </strong>%s',
+ bytes_to_str(peer['transfer_rx']),
+ bytes_to_str(peer['transfer_tx'])
+ );
+ document.getElementById(pid + "icon").innerHTML = icon;
+ document.getElementById(pid + "info").innerHTML = s;
+ }
+ }
+ });
+//]]></script>
+
+<h2>WireGuard Status</h2>
+
+
+<fieldset class="cbi-section">
+<%-
+for key, iface in pairs(data) do
+ local ifid = iface.public_key .. "_"
+ -%>
+ <legend><%:Interface%> <%=iface.name%></legend>
+ <table width="100%" cellspacing="10">
+ <tr>
+ <td width="33%" style="vertical-align:top"><%:Configuration%></td>
+ <td>
+ <table>
+ <tr>
+ <td id="<%=ifid%>icon" style="width:16px; text-align:center; padding:3px">
+ &nbsp;
+ </td>
+ <td id="<%=ifid%>info" style="vertical-align:middle; padding: 3px">
+ <em><%:Collecting data...%></em>
+ </td>
+ </tr></table>
+ </td>
+ </tr>
+ <%-
+ for key, peer in pairs(iface.peers) do
+ local pid = ifid .. peer.public_key .. "_"
+ -%>
+ <tr>
+ <td width="33%" style="vertical-align:top"><%:Peer%></td>
+ <td>
+ <table>
+ <tr>
+ <td id="<%=pid%>icon" style="width:16px; text-align:center; padding:3px">
+ <img src="<%=resource%>/icons/tunnel_disabled.png" /><br />
+ <small>?</small>
+ </td>
+ <td id="<%=pid%>info" style="vertical-align:middle; padding: 3px">
+ <em><%:Collecting data...%></em>
+ </td>
+ </tr></table>
+ </td>
+ </tr>
+ <%-
+ end
+ -%>
+ </table>
+ <%-
+end
+-%>
+</fieldset>
+
+<%+footer%>