summaryrefslogtreecommitdiffhomepage
path: root/applications
diff options
context:
space:
mode:
authorJo-Philipp Wich <jo@mein.io>2018-06-08 17:09:18 +0200
committerJo-Philipp Wich <jo@mein.io>2018-06-08 17:09:18 +0200
commit2eb4015e18e17e23cf7df3b8f485224a82d0d4e8 (patch)
tree7f035edee4fd34cd27666696017573e61907fc36 /applications
parente7866c7dccd72943bd985de32031002f37f9a777 (diff)
luci-app-firewall: recognize egress rules in rule overview
Along with 74be6f397 ("treewide: switch firewall zone, network and iface lists to dropdown code"), this change allows luci-app-firewall to recognize OUTPUT rules. Fixes #1457. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'applications')
-rw-r--r--applications/luci-app-firewall/luasrc/model/cbi/firewall/rules.lua30
-rw-r--r--applications/luci-app-firewall/luasrc/tools/firewall.lua14
2 files changed, 34 insertions, 10 deletions
diff --git a/applications/luci-app-firewall/luasrc/model/cbi/firewall/rules.lua b/applications/luci-app-firewall/luasrc/model/cbi/firewall/rules.lua
index c53349197..22dec5ee6 100644
--- a/applications/luci-app-firewall/luasrc/model/cbi/firewall/rules.lua
+++ b/applications/luci-app-firewall/luasrc/model/cbi/firewall/rules.lua
@@ -89,17 +89,31 @@ local function rule_proto_txt(self, s)
end
local function rule_src_txt(self, s)
- local z = ft.fmt_zone(self.map:get(s, "src"), translate("any zone"))
- local a = ft.fmt_ip(self.map:get(s, "src_ip"), translate("any host"))
+ local z = ft.fmt_zone(self.map:get(s, "src"))
local p = ft.fmt_port(self.map:get(s, "src_port"))
local m = ft.fmt_mac(self.map:get(s, "src_mac"))
- if p and m then
- return translatef("From %s in %s with source %s and %s", a, z, p, m)
- elseif p or m then
- return translatef("From %s in %s with source %s", a, z, p or m)
+ -- Forward/Input
+ if z and #z > 0 then
+ local a = ft.fmt_ip(self.map:get(s, "src_ip"), translate("any host"))
+ if p and m then
+ return translatef("From %s in %s with source %s and %s", a, z, p, m)
+ elseif p or m then
+ return translatef("From %s in %s with source %s", a, z, p or m)
+ else
+ return translatef("From %s in %s", a, z)
+ end
+
+ -- Output
else
- return translatef("From %s in %s", a, z)
+ local a = ft.fmt_ip(self.map:get(s, "src_ip"), translate("any router IP"))
+ if p and m then
+ return translatef("From %s on <var>this device</var> with source %s and %s", a, p, m)
+ elseif p or m then
+ return translatef("From %s on <var>this device</var> with source %s", a, p or m)
+ else
+ return translatef("From %s on <var>this device</var>", a)
+ end
end
end
@@ -158,7 +172,7 @@ target = s:option(DummyValue, "target", translate("Action"))
target.rawhtml = true
target.width = "20%"
function target.cfgvalue(self, s)
- local t = ft.fmt_target(self.map:get(s, "target"), self.map:get(s, "dest"))
+ local t = ft.fmt_target(self.map:get(s, "target"), self.map:get(s, "src"), self.map:get(s, "dest"))
local l = ft.fmt_limit(self.map:get(s, "limit"),
self.map:get(s, "limit_burst"))
diff --git a/applications/luci-app-firewall/luasrc/tools/firewall.lua b/applications/luci-app-firewall/luasrc/tools/firewall.lua
index 2d89bfa2a..055342bfb 100644
--- a/applications/luci-app-firewall/luasrc/tools/firewall.lua
+++ b/applications/luci-app-firewall/luasrc/tools/firewall.lua
@@ -198,8 +198,18 @@ function fmt_limit(limit, burst)
end
end
-function fmt_target(x, dest)
- if dest and #dest > 0 then
+function fmt_target(x, src, dest)
+ if not src or #src == 0 then
+ if x == "ACCEPT" then
+ return _("Accept output")
+ elseif x == "REJECT" then
+ return _("Refuse output")
+ elseif x == "NOTRACK" then
+ return _("Do not track output")
+ else --if x == "DROP" then
+ return _("Discard output")
+ end
+ elseif dest and #dest > 0 then
if x == "ACCEPT" then
return _("Accept forward")
elseif x == "REJECT" then