diff options
author | danrl <mail@danrl.com> | 2017-02-16 19:40:26 +0100 |
---|---|---|
committer | danrl <mail@danrl.com> | 2017-02-17 07:32:17 +0100 |
commit | 58833aa2df97ba93a9512f3b0c428cf558fa2235 (patch) | |
tree | 3d31e9898c8f412992f0ec1b8c5eeda509df6f78 /applications | |
parent | c0303598d5420324fa8991bfca8f34d341ab4d44 (diff) |
luci-app-wireguard: initial commit
This application allows for monitoring of WireGuard interfaces via the
Status menu.
Signed-off-by: Dan Luedtke <mail@danrl.com>
Diffstat (limited to 'applications')
-rw-r--r-- | applications/luci-app-wireguard/Makefile | 17 | ||||
-rw-r--r-- | applications/luci-app-wireguard/luasrc/controller/wireguard.lua | 8 | ||||
-rw-r--r-- | applications/luci-app-wireguard/luasrc/view/wireguard.htm | 280 |
3 files changed, 305 insertions, 0 deletions
diff --git a/applications/luci-app-wireguard/Makefile b/applications/luci-app-wireguard/Makefile new file mode 100644 index 0000000000..2ca3e7e58f --- /dev/null +++ b/applications/luci-app-wireguard/Makefile @@ -0,0 +1,17 @@ +# +# Copyright (C) 2016-2017 Dan Luedtke <mail@danrl.com> +# +# This is free software, licensed under the Apache License, Version 2.0 . +# + +include $(TOPDIR)/rules.mk + +LUCI_TITLE:=WireGuard Status +LUCI_DEPENDS:=+wireguard +LUCI_PKGARCH:=all + +PKG_MAINTAINER:=Dan Luedtke <mail@danrl.com> + +include ../../luci.mk + +# call BuildPackage - OpenWrt buildroot signature diff --git a/applications/luci-app-wireguard/luasrc/controller/wireguard.lua b/applications/luci-app-wireguard/luasrc/controller/wireguard.lua new file mode 100644 index 0000000000..68a82fe5cc --- /dev/null +++ b/applications/luci-app-wireguard/luasrc/controller/wireguard.lua @@ -0,0 +1,8 @@ +-- Copyright 2016-2017 Dan Luedtke <mail@danrl.com> +-- Licensed to the public under the Apache License 2.0. + +module("luci.controller.wireguard", package.seeall) + +function index() + entry({"admin", "status", "wireguard"}, template("wireguard"), _("WireGuard Status"), 92) +end diff --git a/applications/luci-app-wireguard/luasrc/view/wireguard.htm b/applications/luci-app-wireguard/luasrc/view/wireguard.htm new file mode 100644 index 0000000000..5a7798587a --- /dev/null +++ b/applications/luci-app-wireguard/luasrc/view/wireguard.htm @@ -0,0 +1,280 @@ +<%# + Copyright 2016-2017 Dan Luedtke <mail@danrl.com> + Licensed to the public under the Apache License 2.0. +-%> + +<% + function strip(s) + return (s:gsub("^%s*(.-)%s*$", "%1")) + end + + function is_valid(s) + return (string.len(strip(s)) > 0) + end + + function peer_add(peers, public_key) + table.insert(peers, { + public_key = public_key, + endpoint = "", + transfer_rx = 0, + transfer_tx = 0, + latest_handshake = -1, + persistent_keepalive = "", + allowed_ips = { } + }) + end + + function peer_set_transfer(peers, public_key, rx, tx) + for key, peer in pairs(peers) do + if peer.public_key == public_key then + peers[key].transfer_rx = rx + peers[key].transfer_tx = tx + break + end + end + end + + function peer_set_latest_handshake(peers, public_key, latest_handshake) + for key, peer in pairs(peers) do + if peer.public_key == public_key then + peers[key].latest_handshake = latest_handshake + break + end + end + end + + function peer_set_endpoint(peers, public_key, endpoint) + for key, peer in pairs(peers) do + if peer.public_key == public_key then + peers[key].endpoint = endpoint + break + end + end + end + + function peer_set_persistent_keepalive(peers, public_key, persistent_keepalive) + for key, peer in pairs(peers) do + if peer.public_key == public_key then + peers[key].persistent_keepalive = persistent_keepalive + break + end + end + end + + function peer_set_allowed_ips(peers, public_key, allowed_ips) + for key, peer in pairs(peers) do + if peer.public_key == public_key then + for ipkey, ipvalue in pairs(string.split(allowed_ips, " ")) do + if is_valid(ipvalue) then + table.insert(peers[key].allowed_ips, strip(ipvalue)) + end + end + break + end + end + end + + local data = { } + + local wg_ifaces = luci.sys.exec("wg show interfaces") + for key, name in pairs(string.split(wg_ifaces, "\n")) do + if not is_valid(name) then break end + name = strip(name) + local public_key = luci.sys.exec("wg show \"" .. name .. "\" public-key") + local listening_port = luci.sys.exec("wg show \"" .. name .. "\" listen-port") + + local peers = { } + local wg_peers = luci.sys.exec("wg show \"" .. name .. "\" peers") + for key, public_key in pairs(string.split(wg_peers, "\n")) do + if not is_valid(public_key) then break end + peer_add(peers, public_key) + end + + local wg_endpoints = luci.sys.exec("wg show \"" .. name .. "\" endpoints") + for key, endpoint in pairs(string.split(wg_endpoints, "\n")) do + if not is_valid(endpoint) then break end + local ln = string.split(strip(endpoint), "\t") + peer_set_endpoint(peers, ln[1], strip(ln[2])) + end + + local wg_allowed_ips = luci.sys.exec("wg show \"" .. name .. "\" allowed-ips") + for key, allowed_ips in pairs(string.split(wg_allowed_ips, "\n")) do + if not is_valid(allowed_ips) then break end + local ln = string.split(strip(allowed_ips), "\t", 2) + peer_set_allowed_ips(peers, ln[1], strip(ln[2])) + end + + local wg_persistent_keepalives = luci.sys.exec("wg show \"" .. name .. "\" persistent-keepalive") + for key, persistent_keepalive in pairs(string.split(wg_persistent_keepalives, "\n")) do + if not is_valid(persistent_keepalive) then break end + local ln = string.split(strip(persistent_keepalive), "\t") + peer_set_persistent_keepalive(peers, strip(ln[1]), strip(ln[2])) + end + + local wg_latest_handshakes = luci.sys.exec("wg show \"" .. name .. "\" latest-handshakes") + for key, latest_handshake in pairs(string.split(wg_latest_handshakes, "\n")) do + if not is_valid(latest_handshake) then break end + local ln = string.split(strip(latest_handshake), "\t") + peer_set_latest_handshake(peers, strip(ln[1]), tonumber(ln[2])) + end + + local wg_transfers = luci.sys.exec("wg show \"" .. name .. "\" transfer") + for key, transfer in pairs(string.split(wg_transfers, "\n")) do + if not is_valid(transfer) then break end + local ln = string.split(strip(transfer), "\t") + peer_set_transfer(peers, ln[1], strip(ln[2]), strip(ln[3])) + end + + table.insert(data, { + name = name, + public_key = strip(public_key), + listening_port = tonumber(strip(listening_port)), + peers = peers + }) + end + + if luci.http.formvalue("status") == "1" then + luci.http.prepare_content("application/json") + luci.http.write_json(data) + return + end +-%> + +<%+header%> + +<script type="text/javascript" src="<%=resource%>/cbi.js"></script> +<script type="text/javascript">//<![CDATA[ + + function bytes_to_str(bytes) { + var sizes = ['B', 'KiB', 'MiB', 'GiB', 'TiB', 'PiB']; + var i = parseInt(Math.floor(Math.log(bytes) / Math.log(1024))); + return Math.round(bytes / Math.pow(1024, i), 2) + ' ' + sizes[i]; + }; + + function timestamp_to_str(timestamp) { + var now = new Date(); + var seconds = (now.getTime() / 1000) - timestamp; + if (seconds < 60){ + return parseInt(seconds) + '<%:s ago%>'; + } + else if (seconds < 3600){ + return parseInt(seconds / 60) + '<%:m ago%>'; + } + else if (seconds < 86400){ + return parseInt(seconds / 3600) + '<%:h ago%>'; + } else { + return '<%:over a day ago%>'; + } + } + + XHR.poll(5, '<%=REQUEST_URI%>', { status: 1 }, + function(x, data) { + for (var i = 0, ilen = data.length; i < ilen; i++) { + var iface = data[i]; + var ifid = iface['public_key'] + "_"; + var s = String.format( + '<strong><%:Public Key%>: </strong>%s' + + '<br /><strong><%:Listening Port%>: </strong>%<%:s%>', + iface['public_key'], + iface['listening_port'] + ); + document.getElementById(ifid + "info").innerHTML = s; + for (var j = 0, jlen = iface['peers'].length; j < jlen; j++) { + var peer = iface['peers'][j]; + var pid = ifid + peer['public_key'] + "_"; + s = String.format( + '<strong><%:Public Key%>: </strong>%s', + peer['public_key'] + ); + if (peer['endpoint'] != '(none)') { + s += String.format( + '<br /><strong><%:Endpoint%>: </strong>%s', + peer['endpoint'] + ); + } + if (peer['allowed_ips'].length > 0) { + s += '<br /><strong><%:Allowed IPs%>:</strong>'; + for (var k = 0, klen = peer['allowed_ips'].length; k < klen; k++) { + s += '<br /> • ' + peer['allowed_ips'][k]; + } + } + if (peer['persistent_keepalive'] != 'off') { + s += String.format( + '<br /><strong><%:Persistent Keepalive%>: </strong>%ss', + peer['persistent_keepalive'] + ); + } + var icon = '<img src="<%=resource%>/icons/tunnel_disabled.png" />'; + if (((now.getTime() / 1000) - peer['latest_handshake']) < 140) { + icon = '<img src="<%=resource%>/icons/tunnel.png" />'; + s += String.format( + '<br /><strong><%:Latest Handshake%>: </strong>%s', + timestamp_to_str(peer['latest_handshake']) + ); + } + s += String.format( + '<br /><strong><%:Data Received%>: </strong>%s' + + '<br /><strong><%:Data Transmitted%>: </strong>%s', + bytes_to_str(peer['transfer_rx']), + bytes_to_str(peer['transfer_tx']) + ); + document.getElementById(pid + "icon").innerHTML = icon; + document.getElementById(pid + "info").innerHTML = s; + } + } + }); +//]]></script> + +<h2>WireGuard Status</h2> + + +<fieldset class="cbi-section"> +<%- +for key, iface in pairs(data) do + local ifid = iface.public_key .. "_" + -%> + <legend><%:Interface%> <%=iface.name%></legend> + <table width="100%" cellspacing="10"> + <tr> + <td width="33%" style="vertical-align:top"><%:Configuration%></td> + <td> + <table> + <tr> + <td id="<%=ifid%>icon" style="width:16px; text-align:center; padding:3px"> + + </td> + <td id="<%=ifid%>info" style="vertical-align:middle; padding: 3px"> + <em><%:Collecting data...%></em> + </td> + </tr></table> + </td> + </tr> + <%- + for key, peer in pairs(iface.peers) do + local pid = ifid .. peer.public_key .. "_" + -%> + <tr> + <td width="33%" style="vertical-align:top"><%:Peer%></td> + <td> + <table> + <tr> + <td id="<%=pid%>icon" style="width:16px; text-align:center; padding:3px"> + <img src="<%=resource%>/icons/tunnel_disabled.png" /><br /> + <small>?</small> + </td> + <td id="<%=pid%>info" style="vertical-align:middle; padding: 3px"> + <em><%:Collecting data...%></em> + </td> + </tr></table> + </td> + </tr> + <%- + end + -%> + </table> + <%- +end +-%> +</fieldset> + +<%+footer%> |