summaryrefslogtreecommitdiffhomepage
path: root/modules/luci-mod-network/luasrc/model
diff options
context:
space:
mode:
authorDaniel F. Dickinson <cshored@thecshore.com>2018-08-03 12:36:51 -0400
committerJo-Philipp Wich <jo@mein.io>2018-09-19 20:08:19 +0200
commit58d97b5e271bc0d7507eab5b9bd2902181864e02 (patch)
tree80e250346ad33c79b3f821daf7b7d9be90d99240 /modules/luci-mod-network/luasrc/model
parent6ec0353201435e0d0d7d32820d8ba600b4ca7b5b (diff)
modules: Split luci-mod-full
Move some common elements to luci-base, and otherwise make three packages out of status, system, and network. They were mostly separated already, but there were some shared elements between status and network that are now in luci-base. Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Diffstat (limited to 'modules/luci-mod-network/luasrc/model')
-rw-r--r--modules/luci-mod-network/luasrc/model/cbi/admin_network/dhcp.lua346
-rw-r--r--modules/luci-mod-network/luasrc/model/cbi/admin_network/hosts.lua31
-rw-r--r--modules/luci-mod-network/luasrc/model/cbi/admin_network/iface_add.lua101
-rw-r--r--modules/luci-mod-network/luasrc/model/cbi/admin_network/ifaces.lua563
-rw-r--r--modules/luci-mod-network/luasrc/model/cbi/admin_network/network.lua265
-rw-r--r--modules/luci-mod-network/luasrc/model/cbi/admin_network/proto_ahcp.lua67
-rw-r--r--modules/luci-mod-network/luasrc/model/cbi/admin_network/routes.lua102
-rw-r--r--modules/luci-mod-network/luasrc/model/cbi/admin_network/vlan.lua364
-rw-r--r--modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi.lua1101
-rw-r--r--modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi_add.lua168
-rw-r--r--modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi_overview.lua223
11 files changed, 3331 insertions, 0 deletions
diff --git a/modules/luci-mod-network/luasrc/model/cbi/admin_network/dhcp.lua b/modules/luci-mod-network/luasrc/model/cbi/admin_network/dhcp.lua
new file mode 100644
index 0000000000..3ac49d635d
--- /dev/null
+++ b/modules/luci-mod-network/luasrc/model/cbi/admin_network/dhcp.lua
@@ -0,0 +1,346 @@
+-- Copyright 2008 Steven Barth <steven@midlink.org>
+-- Licensed to the public under the Apache License 2.0.
+
+local ipc = require "luci.ip"
+local sys = require "luci.sys"
+local o
+require "luci.util"
+
+m = Map("dhcp", translate("DHCP and DNS"),
+ translate("Dnsmasq is a combined <abbr title=\"Dynamic Host Configuration Protocol" ..
+ "\">DHCP</abbr>-Server and <abbr title=\"Domain Name System\">DNS</abbr>-" ..
+ "Forwarder for <abbr title=\"Network Address Translation\">NAT</abbr> " ..
+ "firewalls"))
+
+s = m:section(TypedSection, "dnsmasq", translate("Server Settings"))
+s.anonymous = true
+s.addremove = false
+
+s:tab("general", translate("General Settings"))
+s:tab("files", translate("Resolv and Hosts Files"))
+s:tab("tftp", translate("TFTP Settings"))
+s:tab("advanced", translate("Advanced Settings"))
+
+s:taboption("general", Flag, "domainneeded",
+ translate("Domain required"),
+ translate("Don't forward <abbr title=\"Domain Name System\">DNS</abbr>-Requests without " ..
+ "<abbr title=\"Domain Name System\">DNS</abbr>-Name"))
+
+s:taboption("general", Flag, "authoritative",
+ translate("Authoritative"),
+ translate("This is the only <abbr title=\"Dynamic Host Configuration Protocol\">DHCP</" ..
+ "abbr> in the local network"))
+
+
+s:taboption("files", Flag, "readethers",
+ translate("Use <code>/etc/ethers</code>"),
+ translate("Read <code>/etc/ethers</code> to configure the <abbr title=\"Dynamic Host " ..
+ "Configuration Protocol\">DHCP</abbr>-Server"))
+
+s:taboption("files", Value, "leasefile",
+ translate("Leasefile"),
+ translate("file where given <abbr title=\"Dynamic Host Configuration Protocol\">DHCP</" ..
+ "abbr>-leases will be stored"))
+
+s:taboption("files", Flag, "noresolv",
+ translate("Ignore resolve file")).optional = true
+
+rf = s:taboption("files", Value, "resolvfile",
+ translate("Resolve file"),
+ translate("local <abbr title=\"Domain Name System\">DNS</abbr> file"))
+
+rf:depends("noresolv", "")
+rf.optional = true
+
+
+s:taboption("files", Flag, "nohosts",
+ translate("Ignore <code>/etc/hosts</code>")).optional = true
+
+s:taboption("files", DynamicList, "addnhosts",
+ translate("Additional Hosts files")).optional = true
+
+qu = s:taboption("advanced", Flag, "quietdhcp",
+ translate("Suppress logging"),
+ translate("Suppress logging of the routine operation of these protocols"))
+qu.optional = true
+
+se = s:taboption("advanced", Flag, "sequential_ip",
+ translate("Allocate IP sequentially"),
+ translate("Allocate IP addresses sequentially, starting from the lowest available address"))
+se.optional = true
+
+bp = s:taboption("advanced", Flag, "boguspriv",
+ translate("Filter private"),
+ translate("Do not forward reverse lookups for local networks"))
+bp.default = bp.enabled
+
+s:taboption("advanced", Flag, "filterwin2k",
+ translate("Filter useless"),
+ translate("Do not forward requests that cannot be answered by public name servers"))
+
+
+s:taboption("advanced", Flag, "localise_queries",
+ translate("Localise queries"),
+ translate("Localise hostname depending on the requesting subnet if multiple IPs are available"))
+
+local have_dnssec_support = luci.util.checklib("/usr/sbin/dnsmasq", "libhogweed.so")
+
+if have_dnssec_support then
+ o = s:taboption("advanced", Flag, "dnssec",
+ translate("DNSSEC"))
+ o.optional = true
+
+ o = s:taboption("advanced", Flag, "dnsseccheckunsigned",
+ translate("DNSSEC check unsigned"),
+ translate("Requires upstream supports DNSSEC; verify unsigned domain responses really come from unsigned domains"))
+ o.optional = true
+end
+
+s:taboption("general", Value, "local",
+ translate("Local server"),
+ translate("Local domain specification. Names matching this domain are never forwarded and are resolved from DHCP or hosts files only"))
+
+s:taboption("general", Value, "domain",
+ translate("Local domain"),
+ translate("Local domain suffix appended to DHCP names and hosts file entries"))
+
+s:taboption("advanced", Flag, "expandhosts",
+ translate("Expand hosts"),
+ translate("Add local domain suffix to names served from hosts files"))
+
+s:taboption("advanced", Flag, "nonegcache",
+ translate("No negative cache"),
+ translate("Do not cache negative replies, e.g. for not existing domains"))
+
+s:taboption("advanced", Value, "serversfile",
+ translate("Additional servers file"),
+ translate("This file may contain lines like 'server=/domain/1.2.3.4' or 'server=1.2.3.4' for"..
+ "domain-specific or full upstream <abbr title=\"Domain Name System\">DNS</abbr> servers."))
+
+s:taboption("advanced", Flag, "strictorder",
+ translate("Strict order"),
+ translate("<abbr title=\"Domain Name System\">DNS</abbr> servers will be queried in the " ..
+ "order of the resolvfile")).optional = true
+
+s:taboption("advanced", Flag, "allservers",
+ translate("All Servers"),
+ translate("Query all available upstream <abbr title=\"Domain Name System\">DNS</abbr> servers")).optional = true
+
+bn = s:taboption("advanced", DynamicList, "bogusnxdomain", translate("Bogus NX Domain Override"),
+ translate("List of hosts that supply bogus NX domain results"))
+
+bn.optional = true
+bn.placeholder = "67.215.65.132"
+
+
+s:taboption("general", Flag, "logqueries",
+ translate("Log queries"),
+ translate("Write received DNS requests to syslog")).optional = true
+
+df = s:taboption("general", DynamicList, "server", translate("DNS forwardings"),
+ translate("List of <abbr title=\"Domain Name System\">DNS</abbr> " ..
+ "servers to forward requests to"))
+
+df.optional = true
+df.placeholder = "/example.org/10.1.2.3"
+
+
+rp = s:taboption("general", Flag, "rebind_protection",
+ translate("Rebind protection"),
+ translate("Discard upstream RFC1918 responses"))
+
+rp.rmempty = false
+
+
+rl = s:taboption("general", Flag, "rebind_localhost",
+ translate("Allow localhost"),
+ translate("Allow upstream responses in the 127.0.0.0/8 range, e.g. for RBL services"))
+
+rl:depends("rebind_protection", "1")
+
+
+rd = s:taboption("general", DynamicList, "rebind_domain",
+ translate("Domain whitelist"),
+ translate("List of domains to allow RFC1918 responses for"))
+rd.optional = true
+
+rd:depends("rebind_protection", "1")
+rd.datatype = "host(1)"
+rd.placeholder = "ihost.netflix.com"
+
+
+pt = s:taboption("advanced", Value, "port",
+ translate("<abbr title=\"Domain Name System\">DNS</abbr> server port"),
+ translate("Listening port for inbound DNS queries"))
+
+pt.optional = true
+pt.datatype = "port"
+pt.placeholder = 53
+
+
+qp = s:taboption("advanced", Value, "queryport",
+ translate("<abbr title=\"Domain Name System\">DNS</abbr> query port"),
+ translate("Fixed source port for outbound DNS queries"))
+
+qp.optional = true
+qp.datatype = "port"
+qp.placeholder = translate("any")
+
+
+lm = s:taboption("advanced", Value, "dhcpleasemax",
+ translate("<abbr title=\"maximal\">Max.</abbr> <abbr title=\"Dynamic Host Configuration " ..
+ "Protocol\">DHCP</abbr> leases"),
+ translate("Maximum allowed number of active DHCP leases"))
+
+lm.optional = true
+lm.datatype = "uinteger"
+lm.placeholder = translate("unlimited")
+
+
+em = s:taboption("advanced", Value, "ednspacket_max",
+ translate("<abbr title=\"maximal\">Max.</abbr> <abbr title=\"Extension Mechanisms for " ..
+ "Domain Name System\">EDNS0</abbr> packet size"),
+ translate("Maximum allowed size of EDNS.0 UDP packets"))
+
+em.optional = true
+em.datatype = "uinteger"
+em.placeholder = 1280
+
+
+cq = s:taboption("advanced", Value, "dnsforwardmax",
+ translate("<abbr title=\"maximal\">Max.</abbr> concurrent queries"),
+ translate("Maximum allowed number of concurrent DNS queries"))
+
+cq.optional = true
+cq.datatype = "uinteger"
+cq.placeholder = 150
+
+cs = s:taboption("advanced", Value, "cachesize",
+ translate("Size of DNS query cache"),
+ translate("Number of cached DNS entries (max is 10000, 0 is no caching)"))
+cs.optional = true
+cs.datatype = "range(0,10000)"
+cs.placeholder = 150
+
+s:taboption("tftp", Flag, "enable_tftp",
+ translate("Enable TFTP server")).optional = true
+
+tr = s:taboption("tftp", Value, "tftp_root",
+ translate("TFTP server root"),
+ translate("Root directory for files served via TFTP"))
+
+tr.optional = true
+tr:depends("enable_tftp", "1")
+tr.placeholder = "/"
+
+
+db = s:taboption("tftp", Value, "dhcp_boot",
+ translate("Network boot image"),
+ translate("Filename of the boot image advertised to clients"))
+
+db.optional = true
+db:depends("enable_tftp", "1")
+db.placeholder = "pxelinux.0"
+
+o = s:taboption("general", Flag, "localservice",
+ translate("Local Service Only"),
+ translate("Limit DNS service to subnets interfaces on which we are serving DNS."))
+o.optional = false
+o.rmempty = false
+
+o = s:taboption("general", Flag, "nonwildcard",
+ translate("Non-wildcard"),
+ translate("Bind only to specific interfaces rather than wildcard address."))
+o.optional = false
+o.rmempty = false
+
+o = s:taboption("general", DynamicList, "interface",
+ translate("Listen Interfaces"),
+ translate("Limit listening to these interfaces, and loopback."))
+o.optional = true
+o:depends("nonwildcard", true)
+
+o = s:taboption("general", DynamicList, "notinterface",
+ translate("Exclude interfaces"),
+ translate("Prevent listening on these interfaces."))
+o.optional = true
+o:depends("nonwildcard", true)
+
+m:section(SimpleSection).template = "lease_status"
+
+s = m:section(TypedSection, "host", translate("Static Leases"),
+ translate("Static leases are used to assign fixed IP addresses and symbolic hostnames to " ..
+ "DHCP clients. They are also required for non-dynamic interface configurations where " ..
+ "only hosts with a corresponding lease are served.") .. "<br />" ..
+ translate("Use the <em>Add</em> Button to add a new lease entry. The <em>MAC-Address</em> " ..
+ "identifies the host, the <em>IPv4-Address</em> specifies the fixed address to " ..
+ "use, and the <em>Hostname</em> is assigned as a symbolic name to the requesting host. " ..
+ "The optional <em>Lease time</em> can be used to set non-standard host-specific " ..
+ "lease time, e.g. 12h, 3d or infinite."))
+
+s.addremove = true
+s.anonymous = true
+s.template = "cbi/tblsection"
+
+name = s:option(Value, "name", translate("Hostname"))
+name.datatype = "hostname('strict')"
+name.rmempty = true
+
+function name.write(self, section, value)
+ Value.write(self, section, value)
+ m:set(section, "dns", "1")
+end
+
+function name.remove(self, section)
+ Value.remove(self, section)
+ m:del(section, "dns")
+end
+
+mac = s:option(Value, "mac", translate("<abbr title=\"Media Access Control\">MAC</abbr>-Address"))
+mac.datatype = "list(macaddr)"
+mac.rmempty = true
+
+function mac.cfgvalue(self, section)
+ local val = Value.cfgvalue(self, section)
+ return ipc.checkmac(val) or val
+end
+
+ip = s:option(Value, "ip", translate("<abbr title=\"Internet Protocol Version 4\">IPv4</abbr>-Address"))
+ip.datatype = "or(ip4addr,'ignore')"
+
+time = s:option(Value, "leasetime", translate("Lease time"))
+time.rmempty = true
+
+duid = s:option(Value, "duid", translate("<abbr title=\"The DHCP Unique Identifier\">DUID</abbr>"))
+duid.datatype = "and(rangelength(20,36),hexstring)"
+fp = io.open("/var/hosts/odhcpd")
+if fp then
+ for line in fp:lines() do
+ local net_val, duid_val = string.match(line, "# (%S+)%s+(%S+)")
+ if duid_val then
+ duid:value(duid_val, duid_val)
+ end
+ end
+ fp:close()
+end
+
+hostid = s:option(Value, "hostid", translate("<abbr title=\"Internet Protocol Version 6\">IPv6</abbr>-Suffix (hex)"))
+
+sys.net.host_hints(function(m, v4, v6, name)
+ if m and v4 then
+ ip:value(v4)
+ mac:value(m, "%s (%s)" %{ m, name or v4 })
+ end
+end)
+
+function ip.validate(self, value, section)
+ local m = mac:formvalue(section) or ""
+ local n = name:formvalue(section) or ""
+ if value and #n == 0 and #m == 0 then
+ return nil, translate("One of hostname or mac address must be specified!")
+ end
+ return Value.validate(self, value, section)
+end
+
+
+return m
diff --git a/modules/luci-mod-network/luasrc/model/cbi/admin_network/hosts.lua b/modules/luci-mod-network/luasrc/model/cbi/admin_network/hosts.lua
new file mode 100644
index 0000000000..46945af58b
--- /dev/null
+++ b/modules/luci-mod-network/luasrc/model/cbi/admin_network/hosts.lua
@@ -0,0 +1,31 @@
+-- Copyright 2008 Steven Barth <steven@midlink.org>
+-- Copyright 2010-2015 Jo-Philipp Wich <jow@openwrt.org>
+-- Licensed to the public under the Apache License 2.0.
+
+local ipc = require "luci.ip"
+local sys = require "luci.sys"
+
+m = Map("dhcp", translate("Hostnames"))
+
+s = m:section(TypedSection, "domain", translate("Host entries"))
+s.addremove = true
+s.anonymous = true
+s.template = "cbi/tblsection"
+
+hn = s:option(Value, "name", translate("Hostname"))
+hn.datatype = "hostname"
+hn.rmempty = true
+
+ip = s:option(Value, "ip", translate("IP address"))
+ip.datatype = "ipaddr"
+ip.rmempty = true
+
+sys.net.host_hints(function(mac, v4, v6, name)
+ v6 = v6 and ipc.IPv6(v6)
+
+ if v4 or (v6 and not v6:is6linklocal()) then
+ ip:value(tostring(v4 or v6), "%s (%s)" %{ tostring(v4 or v6), name or mac })
+ end
+end)
+
+return m
diff --git a/modules/luci-mod-network/luasrc/model/cbi/admin_network/iface_add.lua b/modules/luci-mod-network/luasrc/model/cbi/admin_network/iface_add.lua
new file mode 100644
index 0000000000..ca66e9f365
--- /dev/null
+++ b/modules/luci-mod-network/luasrc/model/cbi/admin_network/iface_add.lua
@@ -0,0 +1,101 @@
+-- Copyright 2009-2010 Jo-Philipp Wich <jow@openwrt.org>
+-- Licensed to the public under the Apache License 2.0.
+
+local nw = require "luci.model.network".init()
+local fw = require "luci.model.firewall".init()
+local utl = require "luci.util"
+local uci = require "luci.model.uci".cursor()
+
+m = SimpleForm("network", translate("Create Interface"))
+m.redirect = luci.dispatcher.build_url("admin/network/network")
+m.reset = false
+
+function m.on_cancel()
+ luci.http.redirect(luci.dispatcher.build_url("admin/network/network"))
+end
+
+newnet = m:field(Value, "_netname", translate("Name of the new interface"),
+ translate("The allowed characters are: <code>A-Z</code>, <code>a-z</code>, " ..
+ "<code>0-9</code> and <code>_</code>"
+ ))
+
+newnet:depends("_attach", "")
+newnet.default = arg[1] and "net_" .. arg[1]:gsub("[^%w_]+", "_")
+newnet.datatype = "and(uciname,maxlength(15))"
+
+advice = m:field(DummyValue, "d1", translate("Note: interface name length"),
+ translate("Maximum length of the name is 15 characters including " ..
+ "the automatic protocol/bridge prefix (br-, 6in4-, pppoe- etc.)"
+ ))
+
+newproto = m:field(ListValue, "_netproto", translate("Protocol of the new interface"))
+
+netbridge = m:field(Flag, "_bridge", translate("Create a bridge over multiple interfaces"))
+
+
+sifname = m:field(Value, "_ifname", translate("Cover the following interface"))
+
+sifname.widget = "radio"
+sifname.template = "cbi/network_ifacelist"
+sifname.nobridges = true
+
+
+mifname = m:field(Value, "_ifnames", translate("Cover the following interfaces"))
+
+mifname.widget = "checkbox"
+mifname.template = "cbi/network_ifacelist"
+mifname.nobridges = true
+
+
+local _, p
+for _, p in ipairs(nw:get_protocols()) do
+ if p:is_installed() then
+ newproto:value(p:proto(), p:get_i18n())
+ if not p:is_virtual() then netbridge:depends("_netproto", p:proto()) end
+ if not p:is_floating() then
+ sifname:depends({ _bridge = "", _netproto = p:proto()})
+ mifname:depends({ _bridge = "1", _netproto = p:proto()})
+ end
+ end
+end
+
+function newproto.validate(self, value, section)
+ local name = newnet:formvalue(section)
+ if not name or #name == 0 then
+ newnet:add_error(section, translate("No network name specified"))
+ elseif m:get(name) then
+ newnet:add_error(section, translate("The given network name is not unique"))
+ end
+
+ local proto = nw:get_protocol(value)
+ if proto and not proto:is_floating() then
+ local br = (netbridge:formvalue(section) == "1")
+ local ifn = br and mifname:formvalue(section) or sifname:formvalue(section)
+ for ifn in utl.imatch(ifn) do
+ return value
+ end
+ return nil, translate("The selected protocol needs a device assigned")
+ end
+ return value
+end
+
+function newproto.write(self, section, value)
+ local name = newnet:formvalue(section)
+ if name and #name > 0 then
+ local br = (netbridge:formvalue(section) == "1") and "bridge" or nil
+ local net = nw:add_network(name, { proto = value, type = br })
+ if net then
+ local ifn
+ for ifn in utl.imatch(
+ br and mifname:formvalue(section) or sifname:formvalue(section)
+ ) do
+ net:add_interface(ifn)
+ end
+ nw:save("network")
+ nw:save("wireless")
+ end
+ luci.http.redirect(luci.dispatcher.build_url("admin/network/network", name))
+ end
+end
+
+return m
diff --git a/modules/luci-mod-network/luasrc/model/cbi/admin_network/ifaces.lua b/modules/luci-mod-network/luasrc/model/cbi/admin_network/ifaces.lua
new file mode 100644
index 0000000000..8be354b448
--- /dev/null
+++ b/modules/luci-mod-network/luasrc/model/cbi/admin_network/ifaces.lua
@@ -0,0 +1,563 @@
+-- Copyright 2008 Steven Barth <steven@midlink.org>
+-- Copyright 2008-2011 Jo-Philipp Wich <jow@openwrt.org>
+-- Licensed to the public under the Apache License 2.0.
+
+local fs = require "nixio.fs"
+local ut = require "luci.util"
+local pt = require "luci.tools.proto"
+local nw = require "luci.model.network"
+local fw = require "luci.model.firewall"
+
+arg[1] = arg[1] or ""
+
+local has_dnsmasq = fs.access("/etc/config/dhcp")
+local has_firewall = fs.access("/etc/config/firewall")
+
+m = Map("network", translate("Interfaces") .. " - " .. arg[1]:upper(), translate("On this page you can configure the network interfaces. You can bridge several interfaces by ticking the \"bridge interfaces\" field and enter the names of several network interfaces separated by spaces. You can also use <abbr title=\"Virtual Local Area Network\">VLAN</abbr> notation <samp>INTERFACE.VLANNR</samp> (<abbr title=\"for example\">e.g.</abbr>: <samp>eth0.1</samp>)."))
+m.redirect = luci.dispatcher.build_url("admin", "network", "network")
+m:chain("wireless")
+m:chain("luci")
+
+if has_firewall then
+ m:chain("firewall")
+end
+
+nw.init(m.uci)
+fw.init(m.uci)
+
+
+local net = nw:get_network(arg[1])
+
+local function set_ifstate(name, option, value)
+ local found = false
+
+ m.uci:foreach("luci", "ifstate", function (s)
+ if s.interface == name then
+ m.uci:set("luci", s[".name"], option, value)
+ found = true
+ return false
+ end
+ end)
+
+ if not found then
+ local sid = m.uci:add("luci", "ifstate")
+ m.uci:set("luci", sid, "interface", name)
+ m.uci:set("luci", sid, option, value)
+ end
+
+ m.uci:save("luci")
+end
+
+local function get_ifstate(name, option)
+ local val
+
+ m.uci:foreach("luci", "ifstate", function (s)
+ if s.interface == name then
+ val = s[option]
+ return false
+ end
+ end)
+
+ return val
+end
+
+local function backup_ifnames(is_bridge)
+ if not net:is_floating() and not get_ifstate(net:name(), "ifname") then
+ local ifcs = net:get_interfaces() or { net:get_interface() }
+ if ifcs then
+ local _, ifn
+ local ifns = { }
+ for _, ifn in ipairs(ifcs) do
+ local wif = ifn:get_wifinet()
+ ifns[#ifns+1] = wif and wif:id() or ifn:name()
+ end
+ if #ifns > 0 then
+ set_ifstate(net:name(), "ifname", table.concat(ifns, " "))
+ set_ifstate(net:name(), "bridge", tostring(net:is_bridge()))
+ end
+ end
+ end
+end
+
+
+-- redirect to overview page if network does not exist anymore (e.g. after a revert)
+if not net then
+ luci.http.redirect(luci.dispatcher.build_url("admin/network/network"))
+ return
+end
+
+-- protocol switch was requested, rebuild interface config and reload page
+if m:formvalue("cbid.network.%s._switch" % net:name()) then
+ -- get new protocol
+ local ptype = m:formvalue("cbid.network.%s.proto" % net:name()) or "-"
+ local proto = nw:get_protocol(ptype, net:name())
+ if proto then
+ -- backup default
+ backup_ifnames()
+
+ -- if current proto is not floating and target proto is not floating,
+ -- then attempt to retain the ifnames
+ --error(net:proto() .. " > " .. proto:proto())
+ if not net:is_floating() and not proto:is_floating() then
+ -- if old proto is a bridge and new proto not, then clip the
+ -- interface list to the first ifname only
+ if net:is_bridge() and proto:is_virtual() then
+ local _, ifn
+ local first = true
+ for _, ifn in ipairs(net:get_interfaces() or { net:get_interface() }) do
+ if first then
+ first = false
+ else
+ net:del_interface(ifn)
+ end
+ end
+ m:del(net:name(), "type")
+ end
+
+ -- if the current proto is floating, the target proto not floating,
+ -- then attempt to restore ifnames from backup
+ elseif net:is_floating() and not proto:is_floating() then
+ -- if we have backup data, then re-add all orphaned interfaces
+ -- from it and restore the bridge choice
+ local br = (get_ifstate(net:name(), "bridge") == "true")
+ local ifn
+ local ifns = { }
+ for ifn in ut.imatch(get_ifstate(net:name(), "ifname")) do
+ ifn = nw:get_interface(ifn)
+ if ifn and not ifn:get_network() then
+ proto:add_interface(ifn)
+ if not br then
+ break
+ end
+ end
+ end
+ if br then
+ m:set(net:name(), "type", "bridge")
+ end
+
+ -- in all other cases clear the ifnames
+ else
+ local _, ifc
+ for _, ifc in ipairs(net:get_interfaces() or { net:get_interface() }) do
+ net:del_interface(ifc)
+ end
+ m:del(net:name(), "type")
+ end
+
+ -- clear options
+ local k, v
+ for k, v in pairs(m:get(net:name())) do
+ if k:sub(1,1) ~= "." and
+ k ~= "type" and
+ k ~= "ifname"
+ then
+ m:del(net:name(), k)
+ end
+ end
+
+ -- set proto
+ m:set(net:name(), "proto", proto:proto())
+ m.uci:save("network")
+ m.uci:save("wireless")
+
+ -- reload page
+ luci.http.redirect(luci.dispatcher.build_url("admin/network/network", arg[1]))
+ return
+ end
+end
+
+-- dhcp setup was requested, create section and reload page
+if m:formvalue("cbid.dhcp._enable._enable") then
+ m.uci:section("dhcp", "dhcp", arg[1], {
+ interface = arg[1],
+ start = "100",
+ limit = "150",
+ leasetime = "12h"
+ })
+
+ m.uci:save("dhcp")
+ luci.http.redirect(luci.dispatcher.build_url("admin/network/network", arg[1]))
+ return
+end
+
+local ifc = net:get_interface()
+
+s = m:section(NamedSection, arg[1], "interface", translate("Common Configuration"))
+s.addremove = false
+
+s:tab("general", translate("General Setup"))
+s:tab("advanced", translate("Advanced Settings"))
+s:tab("physical", translate("Physical Settings"))
+
+if has_firewall then
+ s:tab("firewall", translate("Firewall Settings"))
+end
+
+
+st = s:taboption("general", DummyValue, "__status", translate("Status"))
+
+local function set_status()
+ -- if current network is empty, print a warning
+ if not net:is_floating() and net:is_empty() then
+ st.template = "cbi/dvalue"
+ st.network = nil
+ st.value = translate("There is no device assigned yet, please attach a network device in the \"Physical Settings\" tab")
+ else
+ st.template = "admin_network/iface_status"
+ st.network = arg[1]
+ st.value = nil
+ end
+end
+
+m.on_init = set_status
+m.on_after_save = set_status
+
+
+p = s:taboption("general", ListValue, "proto", translate("Protocol"))
+p.default = net:proto()
+
+
+if not net:is_installed() then
+ p_install = s:taboption("general", Button, "_install")
+ p_install.title = translate("Protocol support is not installed")
+ p_install.inputtitle = translate("Install package %q" % net:opkg_package())
+ p_install.inputstyle = "apply"
+ p_install:depends("proto", net:proto())
+
+ function p_install.write()
+ return luci.http.redirect(
+ luci.dispatcher.build_url("admin/system/packages") ..
+ "?submit=1&install=%s" % net:opkg_package()
+ )
+ end
+end
+
+
+p_switch = s:taboption("general", Button, "_switch")
+p_switch.title = translate("Really switch protocol?")
+p_switch.inputtitle = translate("Switch protocol")
+p_switch.inputstyle = "apply"
+
+local _, pr
+for _, pr in ipairs(nw:get_protocols()) do
+ p:value(pr:proto(), pr:get_i18n())
+ if pr:proto() ~= net:proto() then
+ p_switch:depends("proto", pr:proto())
+ end
+end
+
+
+auto = s:taboption("advanced", Flag, "auto", translate("Bring up on boot"))
+auto.default = (net:proto() == "none") and auto.disabled or auto.enabled
+
+delegate = s:taboption("advanced", Flag, "delegate", translate("Use builtin IPv6-management"))
+delegate.default = delegate.enabled
+
+force_link = s:taboption("advanced", Flag, "force_link",
+ translate("Force link"),
+ translate("Set interface properties regardless of the link carrier (If set, carrier sense events do not invoke hotplug handlers)."))
+
+force_link.default = (net:proto() == "static") and force_link.enabled or force_link.disabled
+
+
+if not net:is_virtual() then
+ br = s:taboption("physical", Flag, "type", translate("Bridge interfaces"), translate("creates a bridge over specified interface(s)"))
+ br.enabled = "bridge"
+ br.rmempty = true
+ br:depends("proto", "static")
+ br:depends("proto", "dhcp")
+ br:depends("proto", "none")
+
+ stp = s:taboption("physical", Flag, "stp", translate("Enable <abbr title=\"Spanning Tree Protocol\">STP</abbr>"),
+ translate("Enables the Spanning Tree Protocol on this bridge"))
+ stp:depends("type", "bridge")
+ stp.rmempty = true
+
+ igmp = s:taboption("physical", Flag, "igmp_snooping", translate("Enable <abbr title=\"Internet Group Management Protocol\">IGMP</abbr> snooping"),
+ translate("Enables IGMP snooping on this bridge"))
+ igmp:depends("type", "bridge")
+ igmp.rmempty = true
+end
+
+
+if not net:is_floating() then
+ ifname_single = s:taboption("physical", Value, "ifname_single", translate("Interface"))
+ ifname_single.template = "cbi/network_ifacelist"
+ ifname_single.widget = "radio"
+ ifname_single.nobridges = true
+ ifname_single.noaliases = false
+ ifname_single.rmempty = false
+ ifname_single.network = arg[1]
+ ifname_single:depends("type", "")
+
+ function ifname_single.cfgvalue(self, s)
+ -- let the template figure out the related ifaces through the network model
+ return nil
+ end
+
+ function ifname_single.write(self, s, val)
+ local _, i
+ local new_ifs = { }
+ local old_ifs = { }
+
+ local alias = net:is_alias()
+
+ if alias then
+ old_ifs[1] = '@' .. alias
+ else
+ for _, i in ipairs(net:get_interfaces() or { net:get_interface() }) do
+ old_ifs[#old_ifs+1] = i:name()
+ end
+ end
+
+ for i in ut.imatch(val) do
+ new_ifs[#new_ifs+1] = i
+
+ -- if this is not a bridge, only assign first interface
+ if self.option == "ifname_single" then
+ break
+ end
+ end
+
+ table.sort(old_ifs)
+ table.sort(new_ifs)
+
+ for i = 1, math.max(#old_ifs, #new_ifs) do
+ if old_ifs[i] ~= new_ifs[i] then
+ backup_ifnames()
+ for i = 1, #old_ifs do
+ net:del_interface(old_ifs[i])
+ end
+ for i = 1, #new_ifs do
+ net:add_interface(new_ifs[i])
+ end
+ break
+ end
+ end
+ end
+end
+
+
+if not net:is_virtual() then
+ ifname_multi = s:taboption("physical", Value, "ifname_multi", translate("Interface"))
+ ifname_multi.template = "cbi/network_ifacelist"
+ ifname_multi.nobridges = true
+ ifname_multi.noaliases = true
+ ifname_multi.rmempty = false
+ ifname_multi.network = arg[1]
+ ifname_multi.widget = "checkbox"
+ ifname_multi:depends("type", "bridge")
+ ifname_multi.cfgvalue = ifname_single.cfgvalue
+ ifname_multi.write = ifname_single.write
+end
+
+
+if has_firewall then
+ fwzone = s:taboption("firewall", Value, "_fwzone",
+ translate("Create / Assign firewall-zone"),
+ translate("Choose the firewall zone you want to assign to this interface. Select <em>unspecified</em> to remove the interface from the associated zone or fill out the <em>create</em> field to define a new zone and attach the interface to it."))
+
+ fwzone.template = "cbi/firewall_zonelist"
+ fwzone.network = arg[1]
+
+ function fwzone.cfgvalue(self, section)
+ self.iface = section
+ local z = fw:get_zone_by_network(section)
+ return z and z:name()
+ end
+
+ function fwzone.write(self, section, value)
+ local zone = fw:get_zone(value) or fw:add_zone(value)
+ if zone then
+ fw:del_network(section)
+ zone:add_network(section)
+ end
+ end
+
+ function fwzone.remove(self, section)
+ fw:del_network(section)
+ end
+end
+
+
+function p.write() end
+function p.remove() end
+function p.validate(self, value, section)
+ if value == net:proto() then
+ if not net:is_floating() and net:is_empty() then
+ local ifn = ((br and (br:formvalue(section) == "bridge"))
+ and ifname_multi:formvalue(section)
+ or ifname_single:formvalue(section))
+
+ for ifn in ut.imatch(ifn) do
+ return value
+ end
+ return nil, translate("The selected protocol needs a device assigned")
+ end
+ end
+ return value
+end
+
+
+local form, ferr = loadfile(
+ ut.libpath() .. "/model/cbi/admin_network/proto_%s.lua" % net:proto()
+)
+
+if not form then
+ s:taboption("general", DummyValue, "_error",
+ translate("Missing protocol extension for proto %q" % net:proto())
+ ).value = ferr
+else
+ setfenv(form, getfenv(1))(m, s, net)
+end
+
+
+local _, field
+for _, field in ipairs(s.children) do
+ if field ~= st and field ~= p and field ~= p_install and field ~= p_switch then
+ if next(field.deps) then
+ local _, dep
+ for _, dep in ipairs(field.deps) do
+ dep.proto = net:proto()
+ end
+ else
+ field:depends("proto", net:proto())
+ end
+ end
+end
+
+
+--
+-- Display DNS settings if dnsmasq is available
+--
+
+if has_dnsmasq and net:proto() == "static" then
+ m2 = Map("dhcp", "", "")
+
+ local has_section = false
+
+ m2.uci:foreach("dhcp", "dhcp", function(s)
+ if s.interface == arg[1] then
+ has_section = true
+ return false
+ end
+ end)
+
+ if not has_section and has_dnsmasq then
+
+ s = m2:section(TypedSection, "dhcp", translate("DHCP Server"))
+ s.anonymous = true
+ s.cfgsections = function() return { "_enable" } end
+
+ x = s:option(Button, "_enable")
+ x.title = translate("No DHCP Server configured for this interface")
+ x.inputtitle = translate("Setup DHCP Server")
+ x.inputstyle = "apply"
+
+ elseif has_section then
+
+ s = m2:section(TypedSection, "dhcp", translate("DHCP Server"))
+ s.addremove = false
+ s.anonymous = true
+ s:tab("general", translate("General Setup"))
+ s:tab("advanced", translate("Advanced Settings"))
+ s:tab("ipv6", translate("IPv6 Settings"))
+
+ function s.filter(self, section)
+ return m2.uci:get("dhcp", section, "interface") == arg[1]
+ end
+
+ local ignore = s:taboption("general", Flag, "ignore",
+ translate("Ignore interface"),
+ translate("Disable <abbr title=\"Dynamic Host Configuration Protocol\">DHCP</abbr> for " ..
+ "this interface."))
+
+ local start = s:taboption("general", Value, "start", translate("Start"),
+ translate("Lowest leased address as offset from the network address."))
+ start.optional = true
+ start.datatype = "or(uinteger,ip4addr)"
+ start.default = "100"
+
+ local limit = s:taboption("general", Value, "limit", translate("Limit"),
+ translate("Maximum number of leased addresses."))
+ limit.optional = true
+ limit.datatype = "uinteger"
+ limit.default = "150"
+
+ local ltime = s:taboption("general", Value, "leasetime", translate("Lease time"),
+ translate("Expiry time of leased addresses, minimum is 2 minutes (<code>2m</code>)."))
+ ltime.rmempty = true
+ ltime.default = "12h"
+
+ local dd = s:taboption("advanced", Flag, "dynamicdhcp",
+ translate("Dynamic <abbr title=\"Dynamic Host Configuration Protocol\">DHCP</abbr>"),
+ translate("Dynamically allocate DHCP addresses for clients. If disabled, only " ..
+ "clients having static leases will be served."))
+ dd.default = dd.enabled
+
+ s:taboption("advanced", Flag, "force", translate("Force"),
+ translate("Force DHCP on this network even if another server is detected."))
+
+ -- XXX: is this actually useful?
+ --s:taboption("advanced", Value, "name", translate("Name"),
+ -- translate("Define a name for this network."))
+
+ mask = s:taboption("advanced", Value, "netmask",
+ translate("<abbr title=\"Internet Protocol Version 4\">IPv4</abbr>-Netmask"),
+ translate("Override the netmask sent to clients. Normally it is calculated " ..
+ "from the subnet that is served."))
+
+ mask.optional = true
+ mask.datatype = "ip4addr"
+
+ s:taboption("advanced", DynamicList, "dhcp_option", translate("DHCP-Options"),
+ translate("Define additional DHCP options, for example \"<code>6,192.168.2.1," ..
+ "192.168.2.2</code>\" which advertises different DNS servers to clients."))
+
+ for i, n in ipairs(s.children) do
+ if n ~= ignore then
+ n:depends("ignore", "")
+ end
+ end
+
+ o = s:taboption("ipv6", ListValue, "ra", translate("Router Advertisement-Service"))
+ o:value("", translate("disabled"))
+ o:value("server", translate("server mode"))
+ o:value("relay", translate("relay mode"))
+ o:value("hybrid", translate("hybrid mode"))
+
+ o = s:taboption("ipv6", ListValue, "dhcpv6", translate("DHCPv6-Service"))
+ o:value("", translate("disabled"))
+ o:value("server", translate("server mode"))
+ o:value("relay", translate("relay mode"))
+ o:value("hybrid", translate("hybrid mode"))
+
+ o = s:taboption("ipv6", ListValue, "ndp", translate("NDP-Proxy"))
+ o:value("", translate("disabled"))
+ o:value("relay", translate("relay mode"))
+ o:value("hybrid", translate("hybrid mode"))
+
+ o = s:taboption("ipv6", ListValue, "ra_management", translate("DHCPv6-Mode"),
+ translate("Default is stateless + stateful"))
+ o:value("0", translate("stateless"))
+ o:value("1", translate("stateless + stateful"))
+ o:value("2", translate("stateful-only"))
+ o:depends("dhcpv6", "server")
+ o:depends("dhcpv6", "hybrid")
+ o.default = "1"
+
+ o = s:taboption("ipv6", Flag, "ra_default", translate("Always announce default router"),
+ translate("Announce as default router even if no public prefix is available."))
+ o:depends("ra", "server")
+ o:depends("ra", "hybrid")
+
+ s:taboption("ipv6", DynamicList, "dns", translate("Announced DNS servers"))
+ s:taboption("ipv6", DynamicList, "domain", translate("Announced DNS domains"))
+
+ else
+ m2 = nil
+ end
+end
+
+
+return m, m2
diff --git a/modules/luci-mod-network/luasrc/model/cbi/admin_network/network.lua b/modules/luci-mod-network/luasrc/model/cbi/admin_network/network.lua
new file mode 100644
index 0000000000..799386d29c
--- /dev/null
+++ b/modules/luci-mod-network/luasrc/model/cbi/admin_network/network.lua
@@ -0,0 +1,265 @@
+-- Copyright 2008 Steven Barth <steven@midlink.org>
+-- Copyright 2008 Jo-Philipp Wich <jow@openwrt.org>
+-- Licensed to the public under the Apache License 2.0.
+
+local fs = require "nixio.fs"
+local tpl = require "luci.template"
+local ntm = require "luci.model.network".init()
+local fwm = require "luci.model.firewall".init()
+local json = require "luci.jsonc"
+
+m = Map("network", translate("Interfaces"))
+m:chain("wireless")
+m:chain("firewall")
+m:chain("dhcp")
+m.pageaction = false
+
+
+local tpl_networks = tpl.Template(nil, [[
+ <div class="cbi-section-node">
+ <div class="table">
+ <%
+ for i, net in ipairs(netlist) do
+ local z = net[3]
+ local c = z and z:get_color() or "#EEEEEE"
+ local t = z and translate("Part of zone %q" % z:name()) or translate("No zone assigned")
+ local disabled = (net[4]:get("auto") == "0")
+ local dynamic = net[4]:is_dynamic()
+ %>
+ <div class="tr cbi-rowstyle-<%=i % 2 + 1%>">
+ <div class="td col-3 center middle">
+ <div class="ifacebox">
+ <div class="ifacebox-head" style="background-color:<%=c%>" title="<%=pcdata(t)%>">
+ <strong><%=net[1]:upper()%></strong>
+ </div>
+ <div class="ifacebox-body" id="<%=net[1]%>-ifc-devices" data-network="<%=net[1]%>">
+ <img src="<%=resource%>/icons/ethernet_disabled.png" style="width:16px; height:16px" /><br />
+ <small>?</small>
+ </div>
+ </div>
+ </div>
+ <div class="td col-5 left middle" id="<%=net[1]%>-ifc-description">
+ <em><%:Collecting data...%></em>
+ </div>
+ <div class="td cbi-section-actions">
+ <div>
+ <input type="button" class="cbi-button cbi-button-neutral" onclick="iface_reconnect('<%=net[1]%>')" title="<%:Reconnect this interface%>" value="<%:Restart%>"<%=ifattr(disabled or dynamic, "disabled", "disabled")%> />
+
+ <% if disabled then %>
+ <input type="hidden" name="cbid.network.<%=net[1]%>.__disable__" value="1" />
+ <input type="submit" name="cbi.apply" class="cbi-button cbi-button-neutral" onclick="this.previousElementSibling.value='0'" title="<%:Reconnect this interface%>" value="<%:Connect%>"<%=ifattr(dynamic, "disabled", "disabled")%> />
+ <% else %>
+ <input type="hidden" name="cbid.network.<%=net[1]%>.__disable__" value="0" />
+ <input type="submit" name="cbi.apply" class="cbi-button cbi-button-neutral" onclick="this.previousElementSibling.value='1'" title="<%:Shutdown this interface%>" value="<%:Stop%>"<%=ifattr(dynamic, "disabled", "disabled")%> />
+ <% end %>
+
+ <input type="button" class="cbi-button cbi-button-action important" onclick="location.href='<%=url("admin/network/network", net[1])%>'" title="<%:Edit this interface%>" value="<%:Edit%>" id="<%=net[1]%>-ifc-edit"<%=ifattr(dynamic, "disabled", "disabled")%> />
+
+ <input type="hidden" name="cbid.network.<%=net[1]%>.__delete__" value="" />
+ <input type="submit" name="cbi.apply" class="cbi-button cbi-button-negative" onclick="iface_delete(event)" value="<%:Delete%>"<%=ifattr(dynamic, "disabled", "disabled")%> />
+ </div>
+ </div>
+ </div>
+ <% end %>
+ </div>
+ </div>
+ <div class="cbi-section-create">
+ <input type="button" class="cbi-button cbi-button-add" value="<%:Add new interface...%>" onclick="location.href='<%=url("admin/network/iface_add")%>'" />
+ </div>
+]])
+
+local _, net
+local ifaces, netlist = { }, { }
+
+for _, net in ipairs(ntm:get_networks()) do
+ if net:name() ~= "loopback" then
+ local zn = net:zonename()
+ local z = zn and fwm:get_zone(zn) or fwm:get_zone_by_network(net:name())
+
+ local w = 1
+ if net:is_alias() then
+ w = 2
+ elseif net:is_dynamic() then
+ w = 3
+ end
+
+ ifaces[#ifaces+1] = net:name()
+ netlist[#netlist+1] = {
+ net:name(), z and z:name() or "-", z, net, w
+ }
+ end
+end
+
+table.sort(netlist,
+ function(a, b)
+ if a[2] ~= b[2] then
+ return a[2] < b[2]
+ elseif a[5] ~= b[5] then
+ return a[5] < b[5]
+ else
+ return a[1] < b[1]
+ end
+ end)
+
+s = m:section(TypedSection, "interface", translate("Interface Overview"))
+
+function s.sections(self)
+ local _, net, sl = nil, nil, { }
+
+ for _, net in ipairs(netlist) do
+ sl[#sl+1] = net[1]
+ end
+
+ return sl
+end
+
+function s.render(self)
+ tpl_networks:render({
+ netlist = netlist
+ })
+end
+
+o = s:option(Value, "__disable__")
+
+function o.cfgvalue(self, sid)
+ return (m:get(sid, "auto") == "0") and "1" or "0"
+end
+
+function o.write(self, sid, value)
+ if value ~= "1" then
+ m:set(sid, "auto", "")
+ else
+ m:set(sid, "auto", "0")
+ end
+end
+
+o.remove = o.write
+
+o = s:option(Value, "__delete__")
+
+function o.write(self, sid, value)
+ ntm:del_network(sid)
+end
+
+
+m:section(SimpleSection).template = "admin_network/iface_overview_status"
+
+if fs.access("/etc/init.d/dsl_control") then
+ local ok, boarddata = pcall(json.parse, fs.readfile("/etc/board.json"))
+ local modemtype = (ok == true)
+ and (type(boarddata) == "table")
+ and (type(boarddata.dsl) == "table")
+ and (type(boarddata.dsl.modem) == "table")
+ and boarddata.dsl.modem.type
+
+ dsl = m:section(TypedSection, "dsl", translate("DSL"))
+ dsl.anonymous = true
+
+ annex = dsl:option(ListValue, "annex", translate("Annex"))
+ annex:value("a", translate("Annex A + L + M (all)"))
+ annex:value("b", translate("Annex B (all)"))
+ annex:value("j", translate("Annex J (all)"))
+ annex:value("m", translate("Annex M (all)"))
+ annex:value("bdmt", translate("Annex B G.992.1"))
+ annex:value("b2", translate("Annex B G.992.3"))
+ annex:value("b2p", translate("Annex B G.992.5"))
+ annex:value("at1", translate("ANSI T1.413"))
+ annex:value("admt", translate("Annex A G.992.1"))
+ annex:value("alite", translate("Annex A G.992.2"))
+ annex:value("a2", translate("Annex A G.992.3"))
+ annex:value("a2p", translate("Annex A G.992.5"))
+ annex:value("l", translate("Annex L G.992.3 POTS 1"))
+ annex:value("m2", translate("Annex M G.992.3"))
+ annex:value("m2p", translate("Annex M G.992.5"))
+
+ tone = dsl:option(ListValue, "tone", translate("Tone"))
+ tone:value("", translate("auto"))
+ tone:value("a", translate("A43C + J43 + A43"))
+ tone:value("av", translate("A43C + J43 + A43 + V43"))
+ tone:value("b", translate("B43 + B43C"))
+ tone:value("bv", translate("B43 + B43C + V43"))
+
+ if modemtype == "vdsl" then
+ xfer_mode = dsl:option(ListValue, "xfer_mode", translate("Encapsulation mode"))
+ xfer_mode:value("", translate("auto"))
+ xfer_mode:value("atm", translate("ATM (Asynchronous Transfer Mode)"))
+ xfer_mode:value("ptm", translate("PTM/EFM (Packet Transfer Mode)"))
+
+ line_mode = dsl:option(ListValue, "line_mode", translate("DSL line mode"))
+ line_mode:value("", translate("auto"))
+ line_mode:value("adsl", translate("ADSL"))
+ line_mode:value("vdsl", translate("VDSL"))
+
+ ds_snr = dsl:option(ListValue, "ds_snr_offset", translate("Downstream SNR offset"))
+ ds_snr.default = "0"
+ for i = -100, 100, 5 do
+ ds_snr:value(i, translatef("%.1f dB", i / 10))
+ end
+ end
+
+ firmware = dsl:option(Value, "firmware", translate("Firmware File"))
+
+ m.pageaction = true
+end
+
+-- Show ATM bridge section if we have the capabilities
+if fs.access("/usr/sbin/br2684ctl") then
+ atm = m:section(TypedSection, "atm-bridge", translate("ATM Bridges"),
+ translate("ATM bridges expose encapsulated ethernet in AAL5 " ..
+ "connections as virtual Linux network interfaces which can " ..
+ "be used in conjunction with DHCP or PPP to dial into the " ..
+ "provider network."))
+
+ atm.addremove = true
+ atm.anonymous = true
+
+ atm.create = function(self, section)
+ local sid = TypedSection.create(self, section)
+ local max_unit = -1
+
+ m.uci:foreach("network", "atm-bridge",
+ function(s)
+ local u = tonumber(s.unit)
+ if u ~= nil and u > max_unit then
+ max_unit = u
+ end
+ end)
+
+ m.uci:set("network", sid, "unit", max_unit + 1)
+ m.uci:set("network", sid, "atmdev", 0)
+ m.uci:set("network", sid, "encaps", "llc")
+ m.uci:set("network", sid, "payload", "bridged")
+ m.uci:set("network", sid, "vci", 35)
+ m.uci:set("network", sid, "vpi", 8)
+
+ return sid
+ end
+
+ atm:tab("general", translate("General Setup"))
+ atm:tab("advanced", translate("Advanced Settings"))
+
+ vci = atm:taboption("general", Value, "vci", translate("ATM Virtual Channel Identifier (VCI)"))
+ vpi = atm:taboption("general", Value, "vpi", translate("ATM Virtual Path Identifier (VPI)"))
+ encaps = atm:taboption("general", ListValue, "encaps", translate("Encapsulation mode"))
+ encaps:value("llc", translate("LLC"))
+ encaps:value("vc", translate("VC-Mux"))
+
+ atmdev = atm:taboption("advanced", Value, "atmdev", translate("ATM device number"))
+ unit = atm:taboption("advanced", Value, "unit", translate("Bridge unit number"))
+ payload = atm:taboption("advanced", ListValue, "payload", translate("Forwarding mode"))
+ payload:value("bridged", translate("bridged"))
+ payload:value("routed", translate("routed"))
+ m.pageaction = true
+end
+
+local network = require "luci.model.network"
+if network:has_ipv6() then
+ local s = m:section(NamedSection, "globals", "globals", translate("Global network options"))
+ local o = s:option(Value, "ula_prefix", translate("IPv6 ULA-Prefix"))
+ o.datatype = "ip6addr"
+ o.rmempty = true
+ m.pageaction = true
+end
+
+
+return m
diff --git a/modules/luci-mod-network/luasrc/model/cbi/admin_network/proto_ahcp.lua b/modules/luci-mod-network/luasrc/model/cbi/admin_network/proto_ahcp.lua
new file mode 100644
index 0000000000..0818199a93
--- /dev/null
+++ b/modules/luci-mod-network/luasrc/model/cbi/admin_network/proto_ahcp.lua
@@ -0,0 +1,67 @@
+-- Copyright 2011 Jo-Philipp Wich <jow@openwrt.org>
+-- Licensed to the public under the Apache License 2.0.
+
+local map, section, net = ...
+
+local device, apn, service, pincode, username, password
+local ipv6, maxwait, defaultroute, metric, peerdns, dns,
+ keepalive_failure, keepalive_interval, demand
+
+
+mca = s:taboption("ahcp", Value, "multicast_address", translate("Multicast address"))
+mca.optional = true
+mca.placeholder = "ff02::cca6:c0f9:e182:5359"
+mca.datatype = "ip6addr"
+mca:depends("proto", "ahcp")
+
+port = s:taboption("ahcp", Value, "port", translate("Port"))
+port.optional = true
+port.placeholder = 5359
+port.datatype = "port"
+port:depends("proto", "ahcp")
+
+fam = s:taboption("ahcp", ListValue, "_family", translate("Protocol family"))
+fam:value("", translate("IPv4 and IPv6"))
+fam:value("ipv4", translate("IPv4 only"))
+fam:value("ipv6", translate("IPv6 only"))
+fam:depends("proto", "ahcp")
+
+function fam.cfgvalue(self, section)
+ local v4 = m.uci:get_bool("network", section, "ipv4_only")
+ local v6 = m.uci:get_bool("network", section, "ipv6_only")
+ if v4 then
+ return "ipv4"
+ elseif v6 then
+ return "ipv6"
+ end
+ return ""
+end
+
+function fam.write(self, section, value)
+ if value == "ipv4" then
+ m.uci:set("network", section, "ipv4_only", "true")
+ m.uci:delete("network", section, "ipv6_only")
+ elseif value == "ipv6" then
+ m.uci:set("network", section, "ipv6_only", "true")
+ m.uci:delete("network", section, "ipv4_only")
+ end
+end
+
+function fam.remove(self, section)
+ m.uci:delete("network", section, "ipv4_only")
+ m.uci:delete("network", section, "ipv6_only")
+end
+
+nodns = s:taboption("ahcp", Flag, "no_dns", translate("Disable DNS setup"))
+nodns.optional = true
+nodns.enabled = "true"
+nodns.disabled = "false"
+nodns.default = nodns.disabled
+nodns:depends("proto", "ahcp")
+
+ltime = s:taboption("ahcp", Value, "lease_time", translate("Lease validity time"))
+ltime.optional = true
+ltime.placeholder = 3666
+ltime.datatype = "uinteger"
+ltime:depends("proto", "ahcp")
+
diff --git a/modules/luci-mod-network/luasrc/model/cbi/admin_network/routes.lua b/modules/luci-mod-network/luasrc/model/cbi/admin_network/routes.lua
new file mode 100644
index 0000000000..1970f36a28
--- /dev/null
+++ b/modules/luci-mod-network/luasrc/model/cbi/admin_network/routes.lua
@@ -0,0 +1,102 @@
+-- Copyright 2008 Steven Barth <steven@midlink.org>
+-- Licensed to the public under the Apache License 2.0.
+
+local wa = require "luci.tools.webadmin"
+local fs = require "nixio.fs"
+
+m = Map("network",
+ translate("Routes"),
+ translate("Routes specify over which interface and gateway a certain host or network " ..
+ "can be reached."))
+
+s = m:section(TypedSection, "route", translate("Static IPv4 Routes"))
+s.addremove = true
+s.anonymous = true
+
+s.template = "cbi/tblsection"
+
+iface = s:option(ListValue, "interface", translate("Interface"))
+wa.cbi_add_networks(iface)
+
+t = s:option(Value, "target", translate("Target"), translate("Host-<abbr title=\"Internet Protocol Address\">IP</abbr> or Network"))
+t.datatype = "ip4addr"
+t.rmempty = false
+
+n = s:option(Value, "netmask", translate("<abbr title=\"Internet Protocol Version 4\">IPv4</abbr>-Netmask"), translate("if target is a network"))
+n.placeholder = "255.255.255.255"
+n.datatype = "ip4addr"
+n.rmempty = true
+
+g = s:option(Value, "gateway", translate("<abbr title=\"Internet Protocol Version 4\">IPv4</abbr>-Gateway"))
+g.datatype = "ip4addr"
+g.rmempty = true
+
+metric = s:option(Value, "metric", translate("Metric"))
+metric.placeholder = 0
+metric.datatype = "range(0,255)"
+metric.size = 5
+metric.rmempty = true
+
+mtu = s:option(Value, "mtu", translate("MTU"))
+mtu.placeholder = 1500
+mtu.datatype = "range(64,9000)"
+mtu.size = 5
+mtu.rmempty = true
+
+routetype = s:option(Value, "type", translate("Route type"))
+routetype:value("", "unicast")
+routetype:value("local", "local")
+routetype:value("broadcast", "broadcast")
+routetype:value("multicast", "multicast")
+routetype:value("unreachable", "unreachable")
+routetype:value("prohibit", "prohibit")
+routetype:value("blackhole", "blackhole")
+routetype:value("anycast", "anycast")
+routetype.default = ""
+routetype.rmempty = true
+
+if fs.access("/proc/net/ipv6_route") then
+ s = m:section(TypedSection, "route6", translate("Static IPv6 Routes"))
+ s.addremove = true
+ s.anonymous = true
+
+ s.template = "cbi/tblsection"
+
+ iface = s:option(ListValue, "interface", translate("Interface"))
+ wa.cbi_add_networks(iface)
+
+ t = s:option(Value, "target", translate("Target"), translate("<abbr title=\"Internet Protocol Version 6\">IPv6</abbr>-Address or Network (CIDR)"))
+ t.datatype = "ip6addr"
+ t.rmempty = false
+
+ g = s:option(Value, "gateway", translate("<abbr title=\"Internet Protocol Version 6\">IPv6</abbr>-Gateway"))
+ g.datatype = "ip6addr"
+ g.rmempty = true
+
+ metric = s:option(Value, "metric", translate("Metric"))
+ metric.placeholder = 0
+ metric.datatype = "range(0,65535)" -- XXX: not sure
+ metric.size = 5
+ metric.rmempty = true
+
+ mtu = s:option(Value, "mtu", translate("MTU"))
+ mtu.placeholder = 1500
+ mtu.datatype = "range(64,9000)"
+ mtu.size = 5
+ mtu.rmempty = true
+
+ routetype = s:option(Value, "type", translate("Route type"))
+ routetype:value("", "unicast")
+ routetype:value("local", "local")
+ routetype:value("broadcast", "broadcast")
+ routetype:value("multicast", "multicast")
+ routetype:value("unreachable", "unreachable")
+ routetype:value("prohibit", "prohibit")
+ routetype:value("blackhole", "blackhole")
+ routetype:value("anycast", "anycast")
+ routetype.default = ""
+ routetype.rmempty = true
+end
+
+
+return m
diff --git a/modules/luci-mod-network/luasrc/model/cbi/admin_network/vlan.lua b/modules/luci-mod-network/luasrc/model/cbi/admin_network/vlan.lua
new file mode 100644
index 0000000000..d79b3c4704
--- /dev/null
+++ b/modules/luci-mod-network/luasrc/model/cbi/admin_network/vlan.lua
@@ -0,0 +1,364 @@
+-- Copyright 2008 Steven Barth <steven@midlink.org>
+-- Copyright 2010-2011 Jo-Philipp Wich <jow@openwrt.org>
+-- Licensed to the public under the Apache License 2.0.
+
+m = Map("network", translate("Switch"), translate("The network ports on this device can be combined to several <abbr title=\"Virtual Local Area Network\">VLAN</abbr>s in which computers can communicate directly with each other. <abbr title=\"Virtual Local Area Network\">VLAN</abbr>s are often used to separate different network segments. Often there is by default one Uplink port for a connection to the next greater network like the internet and other ports for a local network."))
+
+local fs = require "nixio.fs"
+local ut = require "luci.util"
+local nw = require "luci.model.network"
+local switches = { }
+
+nw.init(m.uci)
+
+local topologies = nw:get_switch_topologies() or {}
+
+local update_interfaces = function(old_ifname, new_ifname)
+ local info = { }
+
+ m.uci:foreach("network", "interface", function(section)
+ local old_ifnames = section.ifname
+ local new_ifnames = { }
+ local cur_ifname
+ local changed = false
+ for cur_ifname in luci.util.imatch(old_ifnames) do
+ if cur_ifname == old_ifname then
+ new_ifnames[#new_ifnames+1] = new_ifname
+ changed = true
+ else
+ new_ifnames[#new_ifnames+1] = cur_ifname
+ end
+ end
+ if changed then
+ m.uci:set("network", section[".name"], "ifname", table.concat(new_ifnames, " "))
+
+ info[#info+1] = translatef("Interface %q device auto-migrated from %q to %q.",
+ section[".name"], old_ifname, new_ifname)
+ end
+ end)
+
+ if #info > 0 then
+ m.message = (m.message and m.message .. "\n" or "") .. table.concat(info, "\n")
+ end
+end
+
+m.uci:foreach("network", "switch",
+ function(x)
+ local sid = x['.name']
+ local switch_name = x.name or sid
+ local has_vlan = nil
+ local has_learn = nil
+ local has_vlan4k = nil
+ local has_jumbo3 = nil
+ local has_mirror = nil
+ local min_vid = 0
+ local max_vid = 16
+ local num_vlans = 16
+
+ local switch_title
+ local enable_vlan4k = false
+
+ local topo = topologies[switch_name]
+
+ if not topo then
+ m.message = translatef("Switch %q has an unknown topology - the VLAN settings might not be accurate.", switch_name)
+ topo = {
+ ports = {
+ { num = 0, label = "Port 1" },
+ { num = 1, label = "Port 2" },
+ { num = 2, label = "Port 3" },
+ { num = 3, label = "Port 4" },
+ { num = 4, label = "Port 5" },
+ { num = 5, label = "CPU (eth0)", tagged = false }
+ }
+ }
+ end
+
+ -- Parse some common switch properties from swconfig help output.
+ local swc = io.popen("swconfig dev %s help 2>/dev/null" % ut.shellquote(switch_name))
+ if swc then
+
+ local is_port_attr = false
+ local is_vlan_attr = false
+
+ while true do
+ local line = swc:read("*l")
+ if not line then break end
+
+ if line:match("^%s+%-%-vlan") then
+ is_vlan_attr = true
+
+ elseif line:match("^%s+%-%-port") then
+ is_vlan_attr = false
+ is_port_attr = true
+
+ elseif line:match("cpu @") then
+ switch_title = line:match("^switch%d: %w+%((.-)%)")
+ num_vlans = tonumber(line:match("vlans: (%d+)")) or 16
+ min_vid = 1
+
+ elseif line:match(": pvid") or line:match(": tag") or line:match(": vid") then
+ if is_vlan_attr then has_vlan4k = line:match(": (%w+)") end
+
+ elseif line:match(": enable_vlan4k") then
+ enable_vlan4k = true
+
+ elseif line:match(": enable_vlan") then
+ has_vlan = "enable_vlan"
+
+ elseif line:match(": enable_learning") then
+ has_learn = "enable_learning"
+
+ elseif line:match(": enable_mirror_rx") then
+ has_mirror = "enable_mirror_rx"
+
+ elseif line:match(": max_length") then
+ has_jumbo3 = "max_length"
+ end
+ end
+
+ swc:close()
+ end
+
+
+ -- Switch properties
+ s = m:section(NamedSection, x['.name'], "switch",
+ switch_title and translatef("Switch %q (%s)", switch_name, switch_title)
+ or translatef("Switch %q", switch_name))
+
+ s.addremove = false
+
+ if has_vlan then
+ s:option(Flag, has_vlan, translate("Enable VLAN functionality"))
+ end
+
+ if has_learn then
+ x = s:option(Flag, has_learn, translate("Enable learning and aging"))
+ x.default = x.enabled
+ end
+
+ if has_jumbo3 then
+ x = s:option(Flag, has_jumbo3, translate("Enable Jumbo Frame passthrough"))
+ x.enabled = "3"
+ x.rmempty = true
+ end
+
+ -- Does this switch support port mirroring?
+ if has_mirror then
+ s:option(Flag, "enable_mirror_rx", translate("Enable mirroring of incoming packets"))
+ s:option(Flag, "enable_mirror_tx", translate("Enable mirroring of outgoing packets"))
+
+ local sp = s:option(ListValue, "mirror_source_port", translate("Mirror source port"))
+ local mp = s:option(ListValue, "mirror_monitor_port", translate("Mirror monitor port"))
+
+ sp:depends("enable_mirror_tx", "1")
+ sp:depends("enable_mirror_rx", "1")
+
+ mp:depends("enable_mirror_tx", "1")
+ mp:depends("enable_mirror_rx", "1")
+
+ local _, pt
+ for _, pt in ipairs(topo.ports) do
+ sp:value(pt.num, pt.label)
+ mp:value(pt.num, pt.label)
+ end
+ end
+
+ -- VLAN table
+ s = m:section(TypedSection, "switch_vlan",
+ switch_title and translatef("VLANs on %q (%s)", switch_name, switch_title)
+ or translatef("VLANs on %q", switch_name))
+
+ s.template = "cbi/tblsection"
+ s.addremove = true
+ s.anonymous = true
+
+ -- Filter by switch
+ s.filter = function(self, section)
+ local device = m:get(section, "device")
+ return (device and device == switch_name)
+ end
+
+ -- Override cfgsections callback to enforce row ordering by vlan id.
+ s.cfgsections = function(self)
+ local osections = TypedSection.cfgsections(self)
+ local sections = { }
+ local section
+
+ for _, section in luci.util.spairs(
+ osections,
+ function(a, b)
+ return (tonumber(m:get(osections[a], has_vlan4k or "vlan")) or 9999)
+ < (tonumber(m:get(osections[b], has_vlan4k or "vlan")) or 9999)
+ end
+ ) do
+ sections[#sections+1] = section
+ end
+
+ return sections
+ end
+
+ -- When creating a new vlan, preset it with the highest found vid + 1.
+ s.create = function(self, section, origin)
+ -- Filter by switch
+ if m:get(origin, "device") ~= switch_name then
+ return
+ end
+
+ local sid = TypedSection.create(self, section)
+
+ local max_nr = 0
+ local max_id = 0
+
+ m.uci:foreach("network", "switch_vlan",
+ function(s)
+ if s.device == switch_name then
+ local nr = tonumber(s.vlan)
+ local id = has_vlan4k and tonumber(s[has_vlan4k])
+ if nr ~= nil and nr > max_nr then max_nr = nr end
+ if id ~= nil and id > max_id then max_id = id end
+ end
+ end)
+
+ m:set(sid, "device", switch_name)
+ m:set(sid, "vlan", max_nr + 1)
+
+ if has_vlan4k then
+ m:set(sid, has_vlan4k, max_id + 1)
+ end
+
+ return sid
+ end
+
+
+ local port_opts = { }
+ local untagged = { }
+
+ -- Parse current tagging state from the "ports" option.
+ local portvalue = function(self, section)
+ local pt
+ for pt in (m:get(section, "ports") or ""):gmatch("%w+") do
+ local pc, tu = pt:match("^(%d+)([tu]*)")
+ if pc == self.option then return (#tu > 0) and tu or "u" end
+ end
+ return ""
+ end
+
+ -- Validate port tagging. Ensure that a port is only untagged once,
+ -- bail out if not.
+ local portvalidate = function(self, value, section)
+ -- ensure that the ports appears untagged only once
+ if value == "u" then
+ if not untagged[self.option] then
+ untagged[self.option] = true
+ else
+ return nil,
+ translatef("%s is untagged in multiple VLANs!", self.title)
+ end
+ end
+ return value
+ end
+
+
+ local vid = s:option(Value, has_vlan4k or "vlan", "VLAN ID")
+ local mx_vid = has_vlan4k and 4094 or (num_vlans - 1)
+
+ vid.rmempty = false
+ vid.forcewrite = true
+ vid.vlan_used = { }
+ vid.datatype = "and(uinteger,range("..min_vid..","..mx_vid.."))"
+
+ -- Validate user provided VLAN ID, make sure its within the bounds
+ -- allowed by the switch.
+ vid.validate = function(self, value, section)
+ local v = tonumber(value)
+ local m = has_vlan4k and 4094 or (num_vlans - 1)
+ if v ~= nil and v >= min_vid and v <= m then
+ if not self.vlan_used[v] then
+ self.vlan_used[v] = true
+ return value
+ else
+ return nil,
+ translatef("Invalid VLAN ID given! Only unique IDs are allowed")
+ end
+ else
+ return nil,
+ translatef("Invalid VLAN ID given! Only IDs between %d and %d are allowed.", min_vid, m)
+ end
+ end
+
+ -- When writing the "vid" or "vlan" option, serialize the port states
+ -- as well and write them as "ports" option to uci.
+ vid.write = function(self, section, new_vid)
+ local o
+ local p = { }
+ for _, o in ipairs(port_opts) do
+ local new_tag = o:formvalue(section)
+ if new_tag == "t" then
+ p[#p+1] = o.option .. new_tag
+ elseif new_tag == "u" then
+ p[#p+1] = o.option
+ end
+
+ if o.info and o.info.device then
+ local old_tag = o:cfgvalue(section)
+ local old_vid = self:cfgvalue(section)
+ if old_tag ~= new_tag or old_vid ~= new_vid then
+ local old_ifname = (old_tag == "u") and o.info.device
+ or "%s.%s" %{ o.info.device, old_vid }
+
+ local new_ifname = (new_tag == "u") and o.info.device
+ or "%s.%s" %{ o.info.device, new_vid }
+
+ if old_ifname ~= new_ifname then
+ update_interfaces(old_ifname, new_ifname)
+ end
+ end
+ end
+ end
+
+ if enable_vlan4k then
+ m:set(sid, "enable_vlan4k", "1")
+ end
+
+ m:set(section, "ports", table.concat(p, " "))
+ return Value.write(self, section, new_vid)
+ end
+
+ -- Fallback to "vlan" option if "vid" option is supported but unset.
+ vid.cfgvalue = function(self, section)
+ return m:get(section, has_vlan4k or "vlan")
+ or m:get(section, "vlan")
+ end
+
+ local _, pt
+ for _, pt in ipairs(topo.ports) do
+ local po = s:option(ListValue, tostring(pt.num), pt.label)
+
+ po:value("", translate("off"))
+
+ if not pt.tagged then
+ po:value("u", translate("untagged"))
+ end
+
+ po:value("t", translate("tagged"))
+
+ po.cfgvalue = portvalue
+ po.validate = portvalidate
+ po.write = function() end
+ po.info = pt
+
+ port_opts[#port_opts+1] = po
+ end
+
+ table.sort(port_opts, function(a, b) return a.option < b.option end)
+ switches[#switches+1] = switch_name
+ end
+)
+
+-- Switch status template
+s = m:section(SimpleSection)
+s.template = "admin_network/switch_status"
+s.switches = switches
+
+return m
diff --git a/modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi.lua b/modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi.lua
new file mode 100644
index 0000000000..743efaa1e8
--- /dev/null
+++ b/modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi.lua
@@ -0,0 +1,1101 @@
+-- Copyright 2008 Steven Barth <steven@midlink.org>
+-- Licensed to the public under the Apache License 2.0.
+
+local wa = require "luci.tools.webadmin"
+local nw = require "luci.model.network"
+local ut = require "luci.util"
+local nt = require "luci.sys".net
+local fs = require "nixio.fs"
+
+local acct_port, acct_secret, acct_server, anonymous_identity, ant1, ant2,
+ auth, auth_port, auth_secret, auth_server, bssid, cacert, cacert2,
+ cc, ch, cipher, clientcert, clientcert2, ea, eaptype, en, encr,
+ ft_protocol, ft_psk_generate_local, hidden, htmode, identity,
+ ieee80211r, ieee80211w, ifname, isolate, key_retries,
+ legacyrates, max_timeout, meshfwd, meshid, ml, mobility_domain, mode,
+ mp, nasid, network, password, pmk_r1_push, privkey, privkey2, privkeypwd,
+ privkeypwd2, r0_key_lifetime, r0kh, r1_key_holder, r1kh,
+ reassociation_deadline, retry_timeout, ssid, st, tp, wepkey, wepslot,
+ wmm, wpakey, wps, disassoc_low_ack, short_preamble, beacon_int, dtim_period
+
+arg[1] = arg[1] or ""
+
+m = Map("wireless", "",
+ translate("The <em>Device Configuration</em> section covers physical settings of the radio " ..
+ "hardware such as channel, transmit power or antenna selection which are shared among all " ..
+ "defined wireless networks (if the radio hardware is multi-SSID capable). Per network settings " ..
+ "like encryption or operation mode are grouped in the <em>Interface Configuration</em>."))
+
+m:chain("network")
+m:chain("firewall")
+m.redirect = luci.dispatcher.build_url("admin/network/wireless")
+
+nw.init(m.uci)
+
+local wnet = nw:get_wifinet(arg[1])
+local wdev = wnet and wnet:get_device()
+
+-- redirect to overview page if network does not exist anymore (e.g. after a revert)
+if not wnet or not wdev then
+ luci.http.redirect(luci.dispatcher.build_url("admin/network/wireless"))
+ return
+end
+
+local function txpower_list(iw)
+ local list = iw.txpwrlist or { }
+ local off = tonumber(iw.txpower_offset) or 0
+ local new = { }
+ local prev = -1
+ local _, val
+ for _, val in ipairs(list) do
+ local dbm = val.dbm + off
+ local mw = math.floor(10 ^ (dbm / 10))
+ if mw ~= prev then
+ prev = mw
+ new[#new+1] = {
+ display_dbm = dbm,
+ display_mw = mw,
+ driver_dbm = val.dbm,
+ driver_mw = val.mw
+ }
+ end
+ end
+ return new
+end
+
+local function txpower_current(pwr, list)
+ pwr = tonumber(pwr)
+ if pwr ~= nil then
+ local _, item
+ for _, item in ipairs(list) do
+ if item.driver_dbm >= pwr then
+ return item.driver_dbm
+ end
+ end
+ end
+ return pwr or ""
+end
+
+local iw = luci.sys.wifi.getiwinfo(arg[1])
+local hw_modes = iw.hwmodelist or { }
+local tx_power_list = txpower_list(iw)
+local tx_power_cur = txpower_current(wdev:get("txpower"), tx_power_list)
+
+-- wireless toggle was requested, commit and reload page
+function m.parse(map)
+ local new_cc = m:formvalue("cbid.wireless.%s.country" % wdev:name())
+ local old_cc = m:get(wdev:name(), "country")
+
+ if m:formvalue("cbid.wireless.%s.__toggle" % wdev:name()) then
+ if wdev:get("disabled") == "1" or wnet:get("disabled") == "1" then
+ wnet:set("disabled", nil)
+ else
+ wnet:set("disabled", "1")
+ end
+ wdev:set("disabled", nil)
+ m.apply_needed = true
+ m.redirect = nil
+ end
+
+ Map.parse(map)
+
+ if m:get(wdev:name(), "type") == "mac80211" and new_cc and new_cc ~= old_cc then
+ luci.sys.call("iw reg set %s" % ut.shellquote(new_cc))
+
+ local old_ch = tonumber(m:formvalue("cbid.wireless.%s._mode_freq.channel" % wdev:name()) or "")
+ if old_ch then
+ local _, c, new_ch
+ for _, c in ipairs(iw.freqlist) do
+ if c.channel > old_ch or (old_ch <= 14 and c.channel > 14) then
+ break
+ end
+ new_ch = c.channel
+ end
+ if new_ch ~= old_ch then
+ wdev:set("channel", new_ch)
+ m.message = translatef("Channel %d is not available in the %s regulatory domain and has been auto-adjusted to %d.",
+ old_ch, new_cc, new_ch)
+ end
+ end
+ end
+
+ if wdev:get("disabled") == "1" or wnet:get("disabled") == "1" then
+ en.title = translate("Wireless network is disabled")
+ en.inputtitle = translate("Enable")
+ en.inputstyle = "apply"
+ else
+ en.title = translate("Wireless network is enabled")
+ en.inputtitle = translate("Disable")
+ en.inputstyle = "reset"
+ end
+end
+
+m.title = luci.util.pcdata(wnet:get_i18n())
+
+s = m:section(NamedSection, wdev:name(), "wifi-device", translate("Device Configuration"))
+s.addremove = false
+
+s:tab("general", translate("General Setup"))
+s:tab("macfilter", translate("MAC-Filter"))
+s:tab("advanced", translate("Advanced Settings"))
+
+st = s:taboption("general", DummyValue, "__status", translate("Status"))
+st.template = "admin_network/wifi_status"
+st.ifname = arg[1]
+
+en = s:taboption("general", Button, "__toggle")
+
+local hwtype = wdev:get("type")
+
+-- NanoFoo
+local nsantenna = wdev:get("antenna")
+
+-- Check whether there are client interfaces on the same radio,
+-- if yes, lock the channel choice as these stations will dicatate the freq
+local found_sta = nil
+local _, net
+if wnet:mode() ~= "sta" then
+ for _, net in ipairs(wdev:get_wifinets()) do
+ if net:mode() == "sta" and net:get("disabled") ~= "1" then
+ if not found_sta then
+ found_sta = {}
+ found_sta.channel = net:channel()
+ found_sta.names = {}
+ end
+ found_sta.names[#found_sta.names+1] = net:shortname()
+ end
+ end
+end
+
+if found_sta then
+ ch = s:taboption("general", DummyValue, "choice", translate("Channel"))
+ ch.value = translatef("Locked to channel %s used by: %s",
+ found_sta.channel or "(auto)", table.concat(found_sta.names, ", "))
+else
+ ch = s:taboption("general", Value, "_mode_freq", '<br />'..translate("Operating frequency"))
+ ch.iwinfo = iw
+ ch.template = "cbi/wireless_modefreq"
+
+ function ch.cfgvalue(self, section)
+ return {
+ m:get(section, "hwmode") or "",
+ m:get(section, "channel") or "auto",
+ m:get(section, "htmode") or ""
+ }
+ end
+
+ function ch.formvalue(self, section)
+ return {
+ m:formvalue(self:cbid(section) .. ".band") or (hw_modes.g and "11g" or "11a"),
+ m:formvalue(self:cbid(section) .. ".channel") or "auto",
+ m:formvalue(self:cbid(section) .. ".htmode") or ""
+ }
+ end
+
+ function ch.write(self, section, value)
+ m:set(section, "hwmode", value[1])
+ m:set(section, "channel", value[2])
+ m:set(section, "htmode", value[3])
+ end
+end
+
+------------------- MAC80211 Device ------------------
+
+if hwtype == "mac80211" then
+ if #tx_power_list > 0 then
+ tp = s:taboption("general", ListValue,
+ "txpower", translate("Transmit Power"), "dBm")
+ tp.rmempty = true
+ tp.default = tx_power_cur
+ function tp.cfgvalue(...)
+ return txpower_current(Value.cfgvalue(...), tx_power_list)
+ end
+
+ tp:value("", translate("auto"))
+ for _, p in ipairs(tx_power_list) do
+ tp:value(p.driver_dbm, "%i dBm (%i mW)"
+ %{ p.display_dbm, p.display_mw })
+ end
+ end
+
+ local cl = iw and iw.countrylist
+ if cl and #cl > 0 then
+ cc = s:taboption("advanced", ListValue, "country", translate("Country Code"), translate("Use ISO/IEC 3166 alpha2 country codes."))
+ cc.default = tostring(iw and iw.country or "00")
+ for _, c in ipairs(cl) do
+ cc:value(c.alpha2, "%s - %s" %{ c.alpha2, c.name })
+ end
+ else
+ s:taboption("advanced", Value, "country", translate("Country Code"), translate("Use ISO/IEC 3166 alpha2 country codes."))
+ end
+
+ legacyrates = s:taboption("advanced", Flag, "legacy_rates", translate("Allow legacy 802.11b rates"))
+ legacyrates.rmempty = false
+ legacyrates.default = "1"
+
+ s:taboption("advanced", Value, "distance", translate("Distance Optimization"),
+ translate("Distance to farthest network member in meters."))
+
+ -- external antenna profiles
+ local eal = iw and iw.extant
+ if eal and #eal > 0 then
+ ea = s:taboption("advanced", ListValue, "extant", translate("Antenna Configuration"))
+ for _, eap in ipairs(eal) do
+ ea:value(eap.id, "%s (%s)" %{ eap.name, eap.description })
+ if eap.selected then
+ ea.default = eap.id
+ end
+ end
+ end
+
+ s:taboption("advanced", Value, "frag", translate("Fragmentation Threshold"))
+ s:taboption("advanced", Value, "rts", translate("RTS/CTS Threshold"))
+
+ s:taboption("advanced", Flag, "noscan", translate("Force 40MHz mode"),
+ translate("Always use 40MHz channels even if the secondary channel overlaps. Using this option does not comply with IEEE 802.11n-2009!")).optional = true
+
+ beacon_int = s:taboption("advanced", Value, "beacon_int", translate("Beacon Interval"))
+ beacon_int.optional = true
+ beacon_int.placeholder = 100
+ beacon_int.datatype = "range(15,65535)"
+end
+
+
+------------------- Broadcom Device ------------------
+
+if hwtype == "broadcom" then
+ tp = s:taboption("general",
+ (#tx_power_list > 0) and ListValue or Value,
+ "txpower", translate("Transmit Power"), "dBm")
+
+ tp.rmempty = true
+ tp.default = tx_power_cur
+
+ function tp.cfgvalue(...)
+ return txpower_current(Value.cfgvalue(...), tx_power_list)
+ end
+
+ tp:value("", translate("auto"))
+ for _, p in ipairs(tx_power_list) do
+ tp:value(p.driver_dbm, "%i dBm (%i mW)"
+ %{ p.display_dbm, p.display_mw })
+ end
+
+ mode = s:taboption("advanced", ListValue, "hwmode", translate("Band"))
+ if hw_modes.b then
+ mode:value("11b", "2.4GHz (802.11b)")
+ if hw_modes.g then
+ mode:value("11bg", "2.4GHz (802.11b+g)")
+ end
+ end
+ if hw_modes.g then
+ mode:value("11g", "2.4GHz (802.11g)")
+ mode:value("11gst", "2.4GHz (802.11g + Turbo)")
+ mode:value("11lrs", "2.4GHz (802.11g Limited Rate Support)")
+ end
+ if hw_modes.a then mode:value("11a", "5GHz (802.11a)") end
+ if hw_modes.n then
+ if hw_modes.g then
+ mode:value("11ng", "2.4GHz (802.11g+n)")
+ mode:value("11n", "2.4GHz (802.11n)")
+ end
+ if hw_modes.a then
+ mode:value("11na", "5GHz (802.11a+n)")
+ mode:value("11n", "5GHz (802.11n)")
+ end
+ htmode = s:taboption("advanced", ListValue, "htmode", translate("HT mode (802.11n)"))
+ htmode:depends("hwmode", "11ng")
+ htmode:depends("hwmode", "11na")
+ htmode:depends("hwmode", "11n")
+ htmode:value("HT20", "20MHz")
+ htmode:value("HT40", "40MHz")
+ end
+
+ ant1 = s:taboption("advanced", ListValue, "txantenna", translate("Transmitter Antenna"))
+ ant1.widget = "radio"
+ ant1:depends("diversity", "")
+ ant1:value("3", translate("auto"))
+ ant1:value("0", translate("Antenna 1"))
+ ant1:value("1", translate("Antenna 2"))
+
+ ant2 = s:taboption("advanced", ListValue, "rxantenna", translate("Receiver Antenna"))
+ ant2.widget = "radio"
+ ant2:depends("diversity", "")
+ ant2:value("3", translate("auto"))
+ ant2:value("0", translate("Antenna 1"))
+ ant2:value("1", translate("Antenna 2"))
+
+ s:taboption("advanced", Flag, "frameburst", translate("Frame Bursting"))
+
+ s:taboption("advanced", Value, "distance", translate("Distance Optimization"))
+ --s:option(Value, "slottime", translate("Slot time"))
+
+ s:taboption("advanced", Value, "country", translate("Country Code"))
+ s:taboption("advanced", Value, "maxassoc", translate("Connection Limit"))
+end
+
+
+--------------------- HostAP Device ---------------------
+
+if hwtype == "prism2" then
+ s:taboption("advanced", Value, "txpower", translate("Transmit Power"), "att units").rmempty = true
+
+ s:taboption("advanced", Flag, "diversity", translate("Diversity")).rmempty = false
+
+ s:taboption("advanced", Value, "txantenna", translate("Transmitter Antenna"))
+ s:taboption("advanced", Value, "rxantenna", translate("Receiver Antenna"))
+end
+
+
+----------------------- Interface -----------------------
+
+s = m:section(NamedSection, wnet.sid, "wifi-iface", translate("Interface Configuration"))
+s.addremove = false
+s.anonymous = true
+s.defaults.device = wdev:name()
+
+s:tab("general", translate("General Setup"))
+s:tab("encryption", translate("Wireless Security"))
+s:tab("macfilter", translate("MAC-Filter"))
+s:tab("advanced", translate("Advanced Settings"))
+
+mode = s:taboption("general", ListValue, "mode", translate("Mode"))
+mode.override_values = true
+mode:value("ap", translate("Access Point"))
+mode:value("sta", translate("Client"))
+mode:value("adhoc", translate("Ad-Hoc"))
+
+meshid = s:taboption("general", Value, "mesh_id", translate("Mesh Id"))
+meshid:depends({mode="mesh"})
+
+meshfwd = s:taboption("advanced", Flag, "mesh_fwding", translate("Forward mesh peer traffic"))
+meshfwd.rmempty = false
+meshfwd.default = "1"
+meshfwd:depends({mode="mesh"})
+
+ssid = s:taboption("general", Value, "ssid", translate("<abbr title=\"Extended Service Set Identifier\">ESSID</abbr>"))
+ssid.datatype = "maxlength(32)"
+ssid:depends({mode="ap"})
+ssid:depends({mode="sta"})
+ssid:depends({mode="adhoc"})
+ssid:depends({mode="ahdemo"})
+ssid:depends({mode="monitor"})
+ssid:depends({mode="ap-wds"})
+ssid:depends({mode="sta-wds"})
+ssid:depends({mode="wds"})
+
+bssid = s:taboption("general", Value, "bssid", translate("<abbr title=\"Basic Service Set Identifier\">BSSID</abbr>"))
+
+network = s:taboption("general", Value, "network", translate("Network"),
+ translate("Choose the network(s) you want to attach to this wireless interface or " ..
+ "fill out the <em>create</em> field to define a new network."))
+
+network.rmempty = true
+network.template = "cbi/network_netlist"
+network.widget = "checkbox"
+network.novirtual = true
+
+function network.write(self, section, value)
+ local i = nw:get_interface(section)
+ if i then
+ local _, net, old, new = nil, nil, {}, {}
+
+ for _, net in ipairs(i:get_networks()) do
+ old[net:name()] = true
+ end
+
+ for net in ut.imatch(value) do
+ new[net] = true
+ if not old[net] then
+ local n = nw:get_network(net) or nw:add_network(net, { proto = "none" })
+ if n then
+ if not n:is_empty() then
+ n:set("type", "bridge")
+ end
+ n:add_interface(i)
+ end
+ end
+ end
+
+ for net, _ in pairs(old) do
+ if not new[net] then
+ local n = nw:get_network(net)
+ if n then
+ n:del_interface(i)
+ end
+ end
+ end
+ end
+end
+
+-------------------- MAC80211 Interface ----------------------
+
+if hwtype == "mac80211" then
+ if fs.access("/usr/sbin/iw") then
+ mode:value("mesh", "802.11s")
+ end
+
+ mode:value("ahdemo", translate("Pseudo Ad-Hoc (ahdemo)"))
+ mode:value("monitor", translate("Monitor"))
+ bssid:depends({mode="adhoc"})
+ bssid:depends({mode="sta"})
+ bssid:depends({mode="sta-wds"})
+
+ mp = s:taboption("macfilter", ListValue, "macfilter", translate("MAC-Address Filter"))
+ mp:depends({mode="ap"})
+ mp:depends({mode="ap-wds"})
+ mp:value("", translate("disable"))
+ mp:value("allow", translate("Allow listed only"))
+ mp:value("deny", translate("Allow all except listed"))
+
+ ml = s:taboption("macfilter", DynamicList, "maclist", translate("MAC-List"))
+ ml.datatype = "macaddr"
+ ml:depends({macfilter="allow"})
+ ml:depends({macfilter="deny"})
+ nt.mac_hints(function(mac, name) ml:value(mac, "%s (%s)" %{ mac, name }) end)
+
+ mode:value("ap-wds", "%s (%s)" % {translate("Access Point"), translate("WDS")})
+ mode:value("sta-wds", "%s (%s)" % {translate("Client"), translate("WDS")})
+
+ function mode.write(self, section, value)
+ if value == "ap-wds" then
+ ListValue.write(self, section, "ap")
+ m.uci:set("wireless", section, "wds", 1)
+ elseif value == "sta-wds" then
+ ListValue.write(self, section, "sta")
+ m.uci:set("wireless", section, "wds", 1)
+ else
+ ListValue.write(self, section, value)
+ m.uci:delete("wireless", section, "wds")
+ end
+ end
+
+ function mode.cfgvalue(self, section)
+ local mode = ListValue.cfgvalue(self, section)
+ local wds = m.uci:get("wireless", section, "wds") == "1"
+
+ if mode == "ap" and wds then
+ return "ap-wds"
+ elseif mode == "sta" and wds then
+ return "sta-wds"
+ else
+ return mode
+ end
+ end
+
+ hidden = s:taboption("general", Flag, "hidden", translate("Hide <abbr title=\"Extended Service Set Identifier\">ESSID</abbr>"))
+ hidden:depends({mode="ap"})
+ hidden:depends({mode="ap-wds"})
+
+ wmm = s:taboption("general", Flag, "wmm", translate("WMM Mode"))
+ wmm:depends({mode="ap"})
+ wmm:depends({mode="ap-wds"})
+ wmm.default = wmm.enabled
+
+ isolate = s:taboption("advanced", Flag, "isolate", translate("Isolate Clients"),
+ translate("Prevents client-to-client communication"))
+ isolate:depends({mode="ap"})
+ isolate:depends({mode="ap-wds"})
+
+ ifname = s:taboption("advanced", Value, "ifname", translate("Interface name"), translate("Override default interface name"))
+ ifname.optional = true
+
+ short_preamble = s:taboption("advanced", Flag, "short_preamble", translate("Short Preamble"))
+ short_preamble.default = short_preamble.enabled
+
+ dtim_period = s:taboption("advanced", Value, "dtim_period", translate("DTIM Interval"), translate("Delivery Traffic Indication Message Interval"))
+ dtim_period.optional = true
+ dtim_period.placeholder = 2
+ dtim_period.datatype = "range(1,255)"
+
+ disassoc_low_ack = s:taboption("advanced", Flag, "disassoc_low_ack", translate("Disassociate On Low Acknowledgement"),
+ translate("Allow AP mode to disconnect STAs based on low ACK condition"))
+ disassoc_low_ack.default = disassoc_low_ack.enabled
+end
+
+
+-------------------- Broadcom Interface ----------------------
+
+if hwtype == "broadcom" then
+ mode:value("wds", translate("WDS"))
+ mode:value("monitor", translate("Monitor"))
+
+ hidden = s:taboption("general", Flag, "hidden", translate("Hide <abbr title=\"Extended Service Set Identifier\">ESSID</abbr>"))
+ hidden:depends({mode="ap"})
+ hidden:depends({mode="adhoc"})
+ hidden:depends({mode="wds"})
+
+ isolate = s:taboption("advanced", Flag, "isolate", translate("Separate Clients"),
+ translate("Prevents client-to-client communication"))
+ isolate:depends({mode="ap"})
+
+ s:taboption("advanced", Flag, "doth", "802.11h")
+ s:taboption("advanced", Flag, "wmm", translate("WMM Mode"))
+
+ bssid:depends({mode="wds"})
+ bssid:depends({mode="adhoc"})
+end
+
+
+----------------------- HostAP Interface ---------------------
+
+if hwtype == "prism2" then
+ mode:value("wds", translate("WDS"))
+ mode:value("monitor", translate("Monitor"))
+
+ hidden = s:taboption("general", Flag, "hidden", translate("Hide <abbr title=\"Extended Service Set Identifier\">ESSID</abbr>"))
+ hidden:depends({mode="ap"})
+ hidden:depends({mode="adhoc"})
+ hidden:depends({mode="wds"})
+
+ bssid:depends({mode="sta"})
+
+ mp = s:taboption("macfilter", ListValue, "macpolicy", translate("MAC-Address Filter"))
+ mp:value("", translate("disable"))
+ mp:value("allow", translate("Allow listed only"))
+ mp:value("deny", translate("Allow all except listed"))
+ ml = s:taboption("macfilter", DynamicList, "maclist", translate("MAC-List"))
+ ml:depends({macpolicy="allow"})
+ ml:depends({macpolicy="deny"})
+ nt.mac_hints(function(mac, name) ml:value(mac, "%s (%s)" %{ mac, name }) end)
+
+ s:taboption("advanced", Value, "rate", translate("Transmission Rate"))
+ s:taboption("advanced", Value, "frag", translate("Fragmentation Threshold"))
+ s:taboption("advanced", Value, "rts", translate("RTS/CTS Threshold"))
+end
+
+
+------------------- WiFI-Encryption -------------------
+
+encr = s:taboption("encryption", ListValue, "encryption", translate("Encryption"))
+encr.override_values = true
+encr.override_depends = true
+encr:depends({mode="ap"})
+encr:depends({mode="sta"})
+encr:depends({mode="adhoc"})
+encr:depends({mode="ahdemo"})
+encr:depends({mode="ap-wds"})
+encr:depends({mode="sta-wds"})
+encr:depends({mode="mesh"})
+
+cipher = s:taboption("encryption", ListValue, "cipher", translate("Cipher"))
+cipher:depends({encryption="wpa"})
+cipher:depends({encryption="wpa2"})
+cipher:depends({encryption="psk"})
+cipher:depends({encryption="psk2"})
+cipher:depends({encryption="wpa-mixed"})
+cipher:depends({encryption="psk-mixed"})
+cipher:value("auto", translate("auto"))
+cipher:value("ccmp", translate("Force CCMP (AES)"))
+cipher:value("tkip", translate("Force TKIP"))
+cipher:value("tkip+ccmp", translate("Force TKIP and CCMP (AES)"))
+
+function encr.cfgvalue(self, section)
+ local v = tostring(ListValue.cfgvalue(self, section))
+ if v == "wep" then
+ return "wep-open"
+ elseif v and v:match("%+") then
+ return (v:gsub("%+.+$", ""))
+ end
+ return v
+end
+
+function encr.write(self, section, value)
+ local e = tostring(encr:formvalue(section))
+ local c = tostring(cipher:formvalue(section))
+ if value == "wpa" or value == "wpa2" then
+ self.map.uci:delete("wireless", section, "key")
+ end
+ if e and (c == "tkip" or c == "ccmp" or c == "tkip+ccmp") then
+ e = e .. "+" .. c
+ end
+ self.map:set(section, "encryption", e)
+end
+
+function cipher.cfgvalue(self, section)
+ local v = tostring(ListValue.cfgvalue(encr, section))
+ if v and v:match("%+") then
+ v = v:gsub("^[^%+]+%+", "")
+ if v == "aes" then v = "ccmp"
+ elseif v == "tkip+aes" then v = "tkip+ccmp"
+ elseif v == "aes+tkip" then v = "tkip+ccmp"
+ elseif v == "ccmp+tkip" then v = "tkip+ccmp"
+ end
+ end
+ return v
+end
+
+function cipher.write(self, section)
+ return encr:write(section)
+end
+
+
+encr:value("none", "No Encryption")
+encr:value("wep-open", translate("WEP Open System"), {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"}, {mode="ahdemo"}, {mode="wds"})
+encr:value("wep-shared", translate("WEP Shared Key"), {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"}, {mode="ahdemo"}, {mode="wds"})
+
+if hwtype == "mac80211" or hwtype == "prism2" then
+ local supplicant = fs.access("/usr/sbin/wpa_supplicant")
+ local hostapd = fs.access("/usr/sbin/hostapd")
+
+ -- Probe EAP support
+ local has_ap_eap = (os.execute("hostapd -veap >/dev/null 2>/dev/null") == 0)
+ local has_sta_eap = (os.execute("wpa_supplicant -veap >/dev/null 2>/dev/null") == 0)
+
+ if hostapd and supplicant then
+ encr:value("psk", "WPA-PSK", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"})
+ encr:value("psk2", "WPA2-PSK", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"})
+ encr:value("psk-mixed", "WPA-PSK/WPA2-PSK Mixed Mode", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"}, {mode="adhoc"})
+ if has_ap_eap and has_sta_eap then
+ encr:value("wpa", "WPA-EAP", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"})
+ encr:value("wpa2", "WPA2-EAP", {mode="ap"}, {mode="sta"}, {mode="ap-wds"}, {mode="sta-wds"})
+ end
+ elseif hostapd and not supplicant then
+ encr:value("psk", "WPA-PSK", {mode="ap"}, {mode="ap-wds"})
+ encr:value("psk2", "WPA2-PSK", {mode="ap"}, {mode="ap-wds"})
+ encr:value("psk-mixed", "WPA-PSK/WPA2-PSK Mixed Mode", {mode="ap"}, {mode="ap-wds"})
+ if has_ap_eap then
+ encr:value("wpa", "WPA-EAP", {mode="ap"}, {mode="ap-wds"})
+ encr:value("wpa2", "WPA2-EAP", {mode="ap"}, {mode="ap-wds"})
+ end
+ encr.description = translate(
+ "WPA-Encryption requires wpa_supplicant (for client mode) or hostapd (for AP " ..
+ "and ad-hoc mode) to be installed."
+ )
+ elseif not hostapd and supplicant then
+ encr:value("psk", "WPA-PSK", {mode="sta"}, {mode="sta-wds"}, {mode="adhoc"})
+ encr:value("psk2", "WPA2-PSK", {mode="sta"}, {mode="sta-wds"}, {mode="adhoc"})
+ encr:value("psk-mixed", "WPA-PSK/WPA2-PSK Mixed Mode", {mode="sta"}, {mode="sta-wds"}, {mode="adhoc"})
+ if has_sta_eap then
+ encr:value("wpa", "WPA-EAP", {mode="sta"}, {mode="sta-wds"})
+ encr:value("wpa2", "WPA2-EAP", {mode="sta"}, {mode="sta-wds"})
+ end
+ encr.description = translate(
+ "WPA-Encryption requires wpa_supplicant (for client mode) or hostapd (for AP " ..
+ "and ad-hoc mode) to be installed."
+ )
+ else
+ encr.description = translate(
+ "WPA-Encryption requires wpa_supplicant (for client mode) or hostapd (for AP " ..
+ "and ad-hoc mode) to be installed."
+ )
+ end
+elseif hwtype == "broadcom" then
+ encr:value("psk", "WPA-PSK")
+ encr:value("psk2", "WPA2-PSK")
+ encr:value("psk+psk2", "WPA-PSK/WPA2-PSK Mixed Mode")
+end
+
+auth_server = s:taboption("encryption", Value, "auth_server", translate("Radius-Authentication-Server"))
+auth_server:depends({mode="ap", encryption="wpa"})
+auth_server:depends({mode="ap", encryption="wpa2"})
+auth_server:depends({mode="ap-wds", encryption="wpa"})
+auth_server:depends({mode="ap-wds", encryption="wpa2"})
+auth_server.rmempty = true
+auth_server.datatype = "host(0)"
+
+auth_port = s:taboption("encryption", Value, "auth_port", translate("Radius-Authentication-Port"), translatef("Default %d", 1812))
+auth_port:depends({mode="ap", encryption="wpa"})
+auth_port:depends({mode="ap", encryption="wpa2"})
+auth_port:depends({mode="ap-wds", encryption="wpa"})
+auth_port:depends({mode="ap-wds", encryption="wpa2"})
+auth_port.rmempty = true
+auth_port.datatype = "port"
+
+auth_secret = s:taboption("encryption", Value, "auth_secret", translate("Radius-Authentication-Secret"))
+auth_secret:depends({mode="ap", encryption="wpa"})
+auth_secret:depends({mode="ap", encryption="wpa2"})
+auth_secret:depends({mode="ap-wds", encryption="wpa"})
+auth_secret:depends({mode="ap-wds", encryption="wpa2"})
+auth_secret.rmempty = true
+auth_secret.password = true
+
+acct_server = s:taboption("encryption", Value, "acct_server", translate("Radius-Accounting-Server"))
+acct_server:depends({mode="ap", encryption="wpa"})
+acct_server:depends({mode="ap", encryption="wpa2"})
+acct_server:depends({mode="ap-wds", encryption="wpa"})
+acct_server:depends({mode="ap-wds", encryption="wpa2"})
+acct_server.rmempty = true
+acct_server.datatype = "host(0)"
+
+acct_port = s:taboption("encryption", Value, "acct_port", translate("Radius-Accounting-Port"), translatef("Default %d", 1813))
+acct_port:depends({mode="ap", encryption="wpa"})
+acct_port:depends({mode="ap", encryption="wpa2"})
+acct_port:depends({mode="ap-wds", encryption="wpa"})
+acct_port:depends({mode="ap-wds", encryption="wpa2"})
+acct_port.rmempty = true
+acct_port.datatype = "port"
+
+acct_secret = s:taboption("encryption", Value, "acct_secret", translate("Radius-Accounting-Secret"))
+acct_secret:depends({mode="ap", encryption="wpa"})
+acct_secret:depends({mode="ap", encryption="wpa2"})
+acct_secret:depends({mode="ap-wds", encryption="wpa"})
+acct_secret:depends({mode="ap-wds", encryption="wpa2"})
+acct_secret.rmempty = true
+acct_secret.password = true
+
+wpakey = s:taboption("encryption", Value, "_wpa_key", translate("Key"))
+wpakey:depends("encryption", "psk")
+wpakey:depends("encryption", "psk2")
+wpakey:depends("encryption", "psk+psk2")
+wpakey:depends("encryption", "psk-mixed")
+wpakey.datatype = "wpakey"
+wpakey.rmempty = true
+wpakey.password = true
+
+wpakey.cfgvalue = function(self, section, value)
+ local key = m.uci:get("wireless", section, "key")
+ if key == "1" or key == "2" or key == "3" or key == "4" then
+ return nil
+ end
+ return key
+end
+
+wpakey.write = function(self, section, value)
+ self.map.uci:set("wireless", section, "key", value)
+ self.map.uci:delete("wireless", section, "key1")
+end
+
+
+wepslot = s:taboption("encryption", ListValue, "_wep_key", translate("Used Key Slot"))
+wepslot:depends("encryption", "wep-open")
+wepslot:depends("encryption", "wep-shared")
+wepslot:value("1", translatef("Key #%d", 1))
+wepslot:value("2", translatef("Key #%d", 2))
+wepslot:value("3", translatef("Key #%d", 3))
+wepslot:value("4", translatef("Key #%d", 4))
+
+wepslot.cfgvalue = function(self, section)
+ local slot = tonumber(m.uci:get("wireless", section, "key"))
+ if not slot or slot < 1 or slot > 4 then
+ return 1
+ end
+ return slot
+end
+
+wepslot.write = function(self, section, value)
+ self.map.uci:set("wireless", section, "key", value)
+end
+
+local slot
+for slot=1,4 do
+ wepkey = s:taboption("encryption", Value, "key" .. slot, translatef("Key #%d", slot))
+ wepkey:depends("encryption", "wep-open")
+ wepkey:depends("encryption", "wep-shared")
+ wepkey.datatype = "wepkey"
+ wepkey.rmempty = true
+ wepkey.password = true
+
+ function wepkey.write(self, section, value)
+ if value and (#value == 5 or #value == 13) then
+ value = "s:" .. value
+ end
+ return Value.write(self, section, value)
+ end
+end
+
+
+if hwtype == "mac80211" or hwtype == "prism2" then
+
+ -- Probe 802.11r support (and EAP support as a proxy for Openwrt)
+ local has_80211r = (os.execute("hostapd -v11r 2>/dev/null || hostapd -veap 2>/dev/null") == 0)
+
+ ieee80211r = s:taboption("encryption", Flag, "ieee80211r",
+ translate("802.11r Fast Transition"),
+ translate("Enables fast roaming among access points that belong " ..
+ "to the same Mobility Domain"))
+ ieee80211r:depends({mode="ap", encryption="wpa"})
+ ieee80211r:depends({mode="ap", encryption="wpa2"})
+ ieee80211r:depends({mode="ap-wds", encryption="wpa"})
+ ieee80211r:depends({mode="ap-wds", encryption="wpa2"})
+ if has_80211r then
+ ieee80211r:depends({mode="ap", encryption="psk"})
+ ieee80211r:depends({mode="ap", encryption="psk2"})
+ ieee80211r:depends({mode="ap", encryption="psk-mixed"})
+ ieee80211r:depends({mode="ap-wds", encryption="psk"})
+ ieee80211r:depends({mode="ap-wds", encryption="psk2"})
+ ieee80211r:depends({mode="ap-wds", encryption="psk-mixed"})
+ end
+ ieee80211r.rmempty = true
+
+ nasid = s:taboption("encryption", Value, "nasid", translate("NAS ID"),
+ translate("Used for two different purposes: RADIUS NAS ID and " ..
+ "802.11r R0KH-ID. Not needed with normal WPA(2)-PSK."))
+ nasid:depends({mode="ap", encryption="wpa"})
+ nasid:depends({mode="ap", encryption="wpa2"})
+ nasid:depends({mode="ap-wds", encryption="wpa"})
+ nasid:depends({mode="ap-wds", encryption="wpa2"})
+ nasid:depends({ieee80211r="1"})
+ nasid.rmempty = true
+
+ mobility_domain = s:taboption("encryption", Value, "mobility_domain",
+ translate("Mobility Domain"),
+ translate("4-character hexadecimal ID"))
+ mobility_domain:depends({ieee80211r="1"})
+ mobility_domain.placeholder = "4f57"
+ mobility_domain.datatype = "and(hexstring,rangelength(4,4))"
+ mobility_domain.rmempty = true
+
+ reassociation_deadline = s:taboption("encryption", Value, "reassociation_deadline",
+ translate("Reassociation Deadline"),
+ translate("time units (TUs / 1.024 ms) [1000-65535]"))
+ reassociation_deadline:depends({ieee80211r="1"})
+ reassociation_deadline.placeholder = "1000"
+ reassociation_deadline.datatype = "range(1000,65535)"
+ reassociation_deadline.rmempty = true
+
+ ft_protocol = s:taboption("encryption", ListValue, "ft_over_ds", translate("FT protocol"))
+ ft_protocol:depends({ieee80211r="1"})
+ ft_protocol:value("1", translatef("FT over DS"))
+ ft_protocol:value("0", translatef("FT over the Air"))
+ ft_protocol.rmempty = true
+
+ ft_psk_generate_local = s:taboption("encryption", Flag, "ft_psk_generate_local",
+ translate("Generate PMK locally"),
+ translate("When using a PSK, the PMK can be generated locally without inter AP communications"))
+ ft_psk_generate_local:depends({ieee80211r="1"})
+
+ r0_key_lifetime = s:taboption("encryption", Value, "r0_key_lifetime",
+ translate("R0 Key Lifetime"), translate("minutes"))
+ r0_key_lifetime:depends({ieee80211r="1", ft_psk_generate_local=""})
+ r0_key_lifetime.placeholder = "10000"
+ r0_key_lifetime.datatype = "uinteger"
+ r0_key_lifetime.rmempty = true
+
+ r1_key_holder = s:taboption("encryption", Value, "r1_key_holder",
+ translate("R1 Key Holder"),
+ translate("6-octet identifier as a hex string - no colons"))
+ r1_key_holder:depends({ieee80211r="1", ft_psk_generate_local=""})
+ r1_key_holder.placeholder = "00004f577274"
+ r1_key_holder.datatype = "and(hexstring,rangelength(12,12))"
+ r1_key_holder.rmempty = true
+
+ pmk_r1_push = s:taboption("encryption", Flag, "pmk_r1_push", translate("PMK R1 Push"))
+ pmk_r1_push:depends({ieee80211r="1", ft_psk_generate_local=""})
+ pmk_r1_push.placeholder = "0"
+ pmk_r1_push.rmempty = true
+
+ r0kh = s:taboption("encryption", DynamicList, "r0kh", translate("External R0 Key Holder List"),
+ translate("List of R0KHs in the same Mobility Domain. " ..
+ "<br />Format: MAC-address,NAS-Identifier,128-bit key as hex string. " ..
+ "<br />This list is used to map R0KH-ID (NAS Identifier) to a destination " ..
+ "MAC address when requesting PMK-R1 key from the R0KH that the STA " ..
+ "used during the Initial Mobility Domain Association."))
+ r0kh:depends({ieee80211r="1", ft_psk_generate_local=""})
+ r0kh.rmempty = true
+
+ r1kh = s:taboption("encryption", DynamicList, "r1kh", translate("External R1 Key Holder List"),
+ translate ("List of R1KHs in the same Mobility Domain. "..
+ "<br />Format: MAC-address,R1KH-ID as 6 octets with colons,128-bit key as hex string. "..
+ "<br />This list is used to map R1KH-ID to a destination MAC address " ..
+ "when sending PMK-R1 key from the R0KH. This is also the " ..
+ "list of authorized R1KHs in the MD that can request PMK-R1 keys."))
+ r1kh:depends({ieee80211r="1", ft_psk_generate_local=""})
+ r1kh.rmempty = true
+ -- End of 802.11r options
+
+ eaptype = s:taboption("encryption", ListValue, "eap_type", translate("EAP-Method"))
+ eaptype:value("tls", "TLS")
+ eaptype:value("ttls", "TTLS")
+ eaptype:value("peap", "PEAP")
+ eaptype:value("fast", "FAST")
+ eaptype:depends({mode="sta", encryption="wpa"})
+ eaptype:depends({mode="sta", encryption="wpa2"})
+ eaptype:depends({mode="sta-wds", encryption="wpa"})
+ eaptype:depends({mode="sta-wds", encryption="wpa2"})
+
+ cacert = s:taboption("encryption", FileUpload, "ca_cert", translate("Path to CA-Certificate"))
+ cacert:depends({mode="sta", encryption="wpa"})
+ cacert:depends({mode="sta", encryption="wpa2"})
+ cacert:depends({mode="sta-wds", encryption="wpa"})
+ cacert:depends({mode="sta-wds", encryption="wpa2"})
+ cacert.rmempty = true
+
+ clientcert = s:taboption("encryption", FileUpload, "client_cert", translate("Path to Client-Certificate"))
+ clientcert:depends({mode="sta", eap_type="tls", encryption="wpa"})
+ clientcert:depends({mode="sta", eap_type="tls", encryption="wpa2"})
+ clientcert:depends({mode="sta-wds", eap_type="tls", encryption="wpa"})
+ clientcert:depends({mode="sta-wds", eap_type="tls", encryption="wpa2"})
+
+ privkey = s:taboption("encryption", FileUpload, "priv_key", translate("Path to Private Key"))
+ privkey:depends({mode="sta", eap_type="tls", encryption="wpa2"})
+ privkey:depends({mode="sta", eap_type="tls", encryption="wpa"})
+ privkey:depends({mode="sta-wds", eap_type="tls", encryption="wpa2"})
+ privkey:depends({mode="sta-wds", eap_type="tls", encryption="wpa"})
+
+ privkeypwd = s:taboption("encryption", Value, "priv_key_pwd", translate("Password of Private Key"))
+ privkeypwd:depends({mode="sta", eap_type="tls", encryption="wpa2"})
+ privkeypwd:depends({mode="sta", eap_type="tls", encryption="wpa"})
+ privkeypwd:depends({mode="sta-wds", eap_type="tls", encryption="wpa2"})
+ privkeypwd:depends({mode="sta-wds", eap_type="tls", encryption="wpa"})
+ privkeypwd.rmempty = true
+ privkeypwd.password = true
+
+ auth = s:taboption("encryption", ListValue, "auth", translate("Authentication"))
+ auth:value("PAP", "PAP", {eap_type="ttls"})
+ auth:value("CHAP", "CHAP", {eap_type="ttls"})
+ auth:value("MSCHAP", "MSCHAP", {eap_type="ttls"})
+ auth:value("MSCHAPV2", "MSCHAPv2", {eap_type="ttls"})
+ auth:value("EAP-GTC")
+ auth:value("EAP-MD5")
+ auth:value("EAP-MSCHAPV2")
+ auth:value("EAP-TLS")
+ auth:depends({mode="sta", eap_type="fast", encryption="wpa2"})
+ auth:depends({mode="sta", eap_type="fast", encryption="wpa"})
+ auth:depends({mode="sta", eap_type="peap", encryption="wpa2"})
+ auth:depends({mode="sta", eap_type="peap", encryption="wpa"})
+ auth:depends({mode="sta", eap_type="ttls", encryption="wpa2"})
+ auth:depends({mode="sta", eap_type="ttls", encryption="wpa"})
+ auth:depends({mode="sta-wds", eap_type="fast", encryption="wpa2"})
+ auth:depends({mode="sta-wds", eap_type="fast", encryption="wpa"})
+ auth:depends({mode="sta-wds", eap_type="peap", encryption="wpa2"})
+ auth:depends({mode="sta-wds", eap_type="peap", encryption="wpa"})
+ auth:depends({mode="sta-wds", eap_type="ttls", encryption="wpa2"})
+ auth:depends({mode="sta-wds", eap_type="ttls", encryption="wpa"})
+
+ cacert2 = s:taboption("encryption", FileUpload, "ca_cert2", translate("Path to inner CA-Certificate"))
+ cacert2:depends({mode="sta", auth="EAP-TLS", encryption="wpa"})
+ cacert2:depends({mode="sta", auth="EAP-TLS", encryption="wpa2"})
+ cacert2:depends({mode="sta-wds", auth="EAP-TLS", encryption="wpa"})
+ cacert2:depends({mode="sta-wds", auth="EAP-TLS", encryption="wpa2"})
+
+ clientcert2 = s:taboption("encryption", FileUpload, "client_cert2", translate("Path to inner Client-Certificate"))
+ clientcert2:depends({mode="sta", auth="EAP-TLS", encryption="wpa"})
+ clientcert2:depends({mode="sta", auth="EAP-TLS", encryption="wpa2"})
+ clientcert2:depends({mode="sta-wds", auth="EAP-TLS", encryption="wpa"})
+ clientcert2:depends({mode="sta-wds", auth="EAP-TLS", encryption="wpa2"})
+
+ privkey2 = s:taboption("encryption", FileUpload, "priv_key2", translate("Path to inner Private Key"))
+ privkey2:depends({mode="sta", auth="EAP-TLS", encryption="wpa"})
+ privkey2:depends({mode="sta", auth="EAP-TLS", encryption="wpa2"})
+ privkey2:depends({mode="sta-wds", auth="EAP-TLS", encryption="wpa"})
+ privkey2:depends({mode="sta-wds", auth="EAP-TLS", encryption="wpa2"})
+
+ privkeypwd2 = s:taboption("encryption", Value, "priv_key2_pwd", translate("Password of inner Private Key"))
+ privkeypwd2:depends({mode="sta", auth="EAP-TLS", encryption="wpa"})
+ privkeypwd2:depends({mode="sta", auth="EAP-TLS", encryption="wpa2"})
+ privkeypwd2:depends({mode="sta-wds", auth="EAP-TLS", encryption="wpa"})
+ privkeypwd2:depends({mode="sta-wds", auth="EAP-TLS", encryption="wpa2"})
+ privkeypwd2.rmempty = true
+ privkeypwd2.password = true
+
+ identity = s:taboption("encryption", Value, "identity", translate("Identity"))
+ identity:depends({mode="sta", eap_type="fast", encryption="wpa2"})
+ identity:depends({mode="sta", eap_type="fast", encryption="wpa"})
+ identity:depends({mode="sta", eap_type="peap", encryption="wpa2"})
+ identity:depends({mode="sta", eap_type="peap", encryption="wpa"})
+ identity:depends({mode="sta", eap_type="ttls", encryption="wpa2"})
+ identity:depends({mode="sta", eap_type="ttls", encryption="wpa"})
+ identity:depends({mode="sta-wds", eap_type="fast", encryption="wpa2"})
+ identity:depends({mode="sta-wds", eap_type="fast", encryption="wpa"})
+ identity:depends({mode="sta-wds", eap_type="peap", encryption="wpa2"})
+ identity:depends({mode="sta-wds", eap_type="peap", encryption="wpa"})
+ identity:depends({mode="sta-wds", eap_type="ttls", encryption="wpa2"})
+ identity:depends({mode="sta-wds", eap_type="ttls", encryption="wpa"})
+ identity:depends({mode="sta", eap_type="tls", encryption="wpa2"})
+ identity:depends({mode="sta", eap_type="tls", encryption="wpa"})
+ identity:depends({mode="sta-wds", eap_type="tls", encryption="wpa2"})
+ identity:depends({mode="sta-wds", eap_type="tls", encryption="wpa"})
+
+ anonymous_identity = s:taboption("encryption", Value, "anonymous_identity", translate("Anonymous Identity"))
+ anonymous_identity:depends({mode="sta", eap_type="fast", encryption="wpa2"})
+ anonymous_identity:depends({mode="sta", eap_type="fast", encryption="wpa"})
+ anonymous_identity:depends({mode="sta", eap_type="peap", encryption="wpa2"})
+ anonymous_identity:depends({mode="sta", eap_type="peap", encryption="wpa"})
+ anonymous_identity:depends({mode="sta", eap_type="ttls", encryption="wpa2"})
+ anonymous_identity:depends({mode="sta", eap_type="ttls", encryption="wpa"})
+ anonymous_identity:depends({mode="sta-wds", eap_type="fast", encryption="wpa2"})
+ anonymous_identity:depends({mode="sta-wds", eap_type="fast", encryption="wpa"})
+ anonymous_identity:depends({mode="sta-wds", eap_type="peap", encryption="wpa2"})
+ anonymous_identity:depends({mode="sta-wds", eap_type="peap", encryption="wpa"})
+ anonymous_identity:depends({mode="sta-wds", eap_type="ttls", encryption="wpa2"})
+ anonymous_identity:depends({mode="sta-wds", eap_type="ttls", encryption="wpa"})
+ anonymous_identity:depends({mode="sta", eap_type="tls", encryption="wpa2"})
+ anonymous_identity:depends({mode="sta", eap_type="tls", encryption="wpa"})
+ anonymous_identity:depends({mode="sta-wds", eap_type="tls", encryption="wpa2"})
+ anonymous_identity:depends({mode="sta-wds", eap_type="tls", encryption="wpa"})
+
+ password = s:taboption("encryption", Value, "password", translate("Password"))
+ password:depends({mode="sta", eap_type="fast", encryption="wpa2"})
+ password:depends({mode="sta", eap_type="fast", encryption="wpa"})
+ password:depends({mode="sta", eap_type="peap", encryption="wpa2"})
+ password:depends({mode="sta", eap_type="peap", encryption="wpa"})
+ password:depends({mode="sta", eap_type="ttls", encryption="wpa2"})
+ password:depends({mode="sta", eap_type="ttls", encryption="wpa"})
+ password:depends({mode="sta-wds", eap_type="fast", encryption="wpa2"})
+ password:depends({mode="sta-wds", eap_type="fast", encryption="wpa"})
+ password:depends({mode="sta-wds", eap_type="peap", encryption="wpa2"})
+ password:depends({mode="sta-wds", eap_type="peap", encryption="wpa"})
+ password:depends({mode="sta-wds", eap_type="ttls", encryption="wpa2"})
+ password:depends({mode="sta-wds", eap_type="ttls", encryption="wpa"})
+ password.rmempty = true
+ password.password = true
+end
+
+-- ieee802.11w options
+if hwtype == "mac80211" then
+ local has_80211w = (os.execute("hostapd -v11w 2>/dev/null || hostapd -veap 2>/dev/null") == 0)
+ if has_80211w then
+ ieee80211w = s:taboption("encryption", ListValue, "ieee80211w",
+ translate("802.11w Management Frame Protection"),
+ translate("Requires the 'full' version of wpad/hostapd " ..
+ "and support from the wifi driver <br />(as of Feb 2017: " ..
+ "ath9k and ath10k, in LEDE also mwlwifi and mt76)"))
+ ieee80211w.default = ""
+ ieee80211w.rmempty = true
+ ieee80211w:value("", translate("Disabled (default)"))
+ ieee80211w:value("1", translate("Optional"))
+ ieee80211w:value("2", translate("Required"))
+ ieee80211w:depends({mode="ap", encryption="wpa2"})
+ ieee80211w:depends({mode="ap-wds", encryption="wpa2"})
+ ieee80211w:depends({mode="ap", encryption="psk2"})
+ ieee80211w:depends({mode="ap", encryption="psk-mixed"})
+ ieee80211w:depends({mode="ap-wds", encryption="psk2"})
+ ieee80211w:depends({mode="ap-wds", encryption="psk-mixed"})
+
+ max_timeout = s:taboption("encryption", Value, "ieee80211w_max_timeout",
+ translate("802.11w maximum timeout"),
+ translate("802.11w Association SA Query maximum timeout"))
+ max_timeout:depends({ieee80211w="1"})
+ max_timeout:depends({ieee80211w="2"})
+ max_timeout.datatype = "uinteger"
+ max_timeout.placeholder = "1000"
+ max_timeout.rmempty = true
+
+ retry_timeout = s:taboption("encryption", Value, "ieee80211w_retry_timeout",
+ translate("802.11w retry timeout"),
+ translate("802.11w Association SA Query retry timeout"))
+ retry_timeout:depends({ieee80211w="1"})
+ retry_timeout:depends({ieee80211w="2"})
+ retry_timeout.datatype = "uinteger"
+ retry_timeout.placeholder = "201"
+ retry_timeout.rmempty = true
+ end
+
+ key_retries = s:taboption("encryption", Flag, "wpa_disable_eapol_key_retries",
+ translate("Enable key reinstallation (KRACK) countermeasures"),
+ translate("Complicates key reinstallation attacks on the client side by disabling retransmission of EAPOL-Key frames that are used to install keys. This workaround might cause interoperability issues and reduced robustness of key negotiation especially in environments with heavy traffic load."))
+
+ key_retries:depends({mode="ap", encryption="wpa2"})
+ key_retries:depends({mode="ap", encryption="psk2"})
+ key_retries:depends({mode="ap", encryption="psk-mixed"})
+ key_retries:depends({mode="ap-wds", encryption="wpa2"})
+ key_retries:depends({mode="ap-wds", encryption="psk2"})
+ key_retries:depends({mode="ap-wds", encryption="psk-mixed"})
+end
+
+if hwtype == "mac80211" or hwtype == "prism2" then
+ local wpasupplicant = fs.access("/usr/sbin/wpa_supplicant")
+ local hostcli = fs.access("/usr/sbin/hostapd_cli")
+ if hostcli and wpasupplicant then
+ wps = s:taboption("encryption", Flag, "wps_pushbutton", translate("Enable WPS pushbutton, requires WPA(2)-PSK"))
+ wps.enabled = "1"
+ wps.disabled = "0"
+ wps.rmempty = false
+ wps:depends("encryption", "psk")
+ wps:depends("encryption", "psk2")
+ wps:depends("encryption", "psk-mixed")
+ end
+end
+
+return m
diff --git a/modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi_add.lua b/modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi_add.lua
new file mode 100644
index 0000000000..e8a3058826
--- /dev/null
+++ b/modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi_add.lua
@@ -0,0 +1,168 @@
+-- Copyright 2009 Jo-Philipp Wich <jow@openwrt.org>
+-- Licensed to the public under the Apache License 2.0.
+
+local fs = require "nixio.fs"
+local nw = require "luci.model.network"
+local fw = require "luci.model.firewall"
+local uci = require "luci.model.uci".cursor()
+local http = require "luci.http"
+
+local iw = luci.sys.wifi.getiwinfo(http.formvalue("device"))
+
+local has_firewall = fs.access("/etc/config/firewall")
+
+if not iw then
+ luci.http.redirect(luci.dispatcher.build_url("admin/network/wireless"))
+ return
+end
+
+m = SimpleForm("network", translatef("Joining Network: %q", http.formvalue("join")))
+m.cancel = translate("Back to scan results")
+m.reset = false
+
+function m.on_cancel()
+ local dev = http.formvalue("device")
+ http.redirect(luci.dispatcher.build_url(
+ dev and "admin/network/wireless_join?device=" .. dev
+ or "admin/network/wireless"
+ ))
+end
+
+nw.init(uci)
+fw.init(uci)
+
+m.hidden = {
+ device = http.formvalue("device"),
+ join = http.formvalue("join"),
+ channel = http.formvalue("channel"),
+ mode = http.formvalue("mode"),
+ bssid = http.formvalue("bssid"),
+ wep = http.formvalue("wep"),
+ wpa_suites = http.formvalue("wpa_suites"),
+ wpa_version = http.formvalue("wpa_version")
+}
+
+if iw and iw.mbssid_support then
+ replace = m:field(Flag, "replace", translate("Replace wireless configuration"),
+ translate("Check this option to delete the existing networks from this radio."))
+
+ function replace.cfgvalue() return "0" end
+else
+ replace = m:field(DummyValue, "replace", translate("Replace wireless configuration"))
+ replace.default = translate("The hardware is not multi-SSID capable and the existing " ..
+ "configuration will be replaced if you proceed.")
+
+ function replace.formvalue() return "1" end
+end
+
+if http.formvalue("wep") == "1" then
+ key = m:field(Value, "key", translate("WEP passphrase"),
+ translate("Specify the secret encryption key here."))
+
+ key.password = true
+ key.datatype = "wepkey"
+
+elseif (tonumber(m.hidden.wpa_version) or 0) > 0 and
+ (m.hidden.wpa_suites == "PSK" or m.hidden.wpa_suites == "PSK2")
+then
+ key = m:field(Value, "key", translate("WPA passphrase"),
+ translate("Specify the secret encryption key here."))
+
+ key.password = true
+ key.datatype = "wpakey"
+ --m.hidden.wpa_suite = (tonumber(http.formvalue("wpa_version")) or 0) >= 2 and "psk2" or "psk"
+end
+
+newnet = m:field(Value, "_netname_new", translate("Name of the new network"),
+ translate("The allowed characters are: <code>A-Z</code>, <code>a-z</code>, " ..
+ "<code>0-9</code> and <code>_</code>"
+ ))
+
+newnet.default = m.hidden.mode == "Ad-Hoc" and "mesh" or "wwan"
+newnet.datatype = "uciname"
+
+if has_firewall then
+ fwzone = m:field(Value, "_fwzone",
+ translate("Create / Assign firewall-zone"),
+ translate("Choose the firewall zone you want to assign to this interface. Select <em>unspecified</em> to remove the interface from the associated zone or fill out the <em>create</em> field to define a new zone and attach the interface to it."))
+
+ fwzone.template = "cbi/firewall_zonelist"
+ fwzone.default = m.hidden.mode == "Ad-Hoc" and "mesh" or "wan"
+end
+
+function newnet.parse(self, section)
+ local net, zone
+
+ if has_firewall then
+ local value = fwzone:formvalue(section)
+ if value and #value > 0 then
+ zone = fw:get_zone(value) or fw:add_zone(value)
+ end
+ end
+
+ local wdev = nw:get_wifidev(m.hidden.device)
+
+ wdev:set("disabled", false)
+ wdev:set("channel", m.hidden.channel)
+
+ if replace:formvalue(section) then
+ local n
+ for _, n in ipairs(wdev:get_wifinets()) do
+ wdev:del_wifinet(n)
+ end
+ end
+
+ local wconf = {
+ device = m.hidden.device,
+ ssid = m.hidden.join,
+ mode = (m.hidden.mode == "Ad-Hoc" and "adhoc" or "sta")
+ }
+
+ if m.hidden.wep == "1" then
+ wconf.encryption = "wep-open"
+ wconf.key = "1"
+ wconf.key1 = key and key:formvalue(section) or ""
+ elseif (tonumber(m.hidden.wpa_version) or 0) > 0 then
+ wconf.encryption = (tonumber(m.hidden.wpa_version) or 0) >= 2 and "psk2" or "psk"
+ wconf.key = key and key:formvalue(section) or ""
+ else
+ wconf.encryption = "none"
+ end
+
+ if wconf.mode == "adhoc" or wconf.mode == "sta" then
+ wconf.bssid = m.hidden.bssid
+ end
+
+ local value = self:formvalue(section)
+ net = nw:add_network(value, { proto = "dhcp" })
+
+ if not net then
+ self.error = { [section] = "missing" }
+ else
+ wconf.network = net:name()
+
+ local wnet = wdev:add_wifinet(wconf)
+ if wnet then
+ if zone then
+ fw:del_network(net:name())
+ zone:add_network(net:name())
+ end
+
+ uci:save("wireless")
+ uci:save("network")
+ uci:save("firewall")
+
+ luci.http.redirect(wnet:adminlink())
+ end
+ end
+end
+
+if has_firewall then
+ function fwzone.cfgvalue(self, section)
+ self.iface = section
+ local z = fw:get_zone_by_network(section)
+ return z and z:name()
+ end
+end
+
+return m
diff --git a/modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi_overview.lua b/modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi_overview.lua
new file mode 100644
index 0000000000..3bffb3502c
--- /dev/null
+++ b/modules/luci-mod-network/luasrc/model/cbi/admin_network/wifi_overview.lua
@@ -0,0 +1,223 @@
+-- Copyright 2018 Jo-Philipp Wich <jo@mein.io>
+-- Licensed to the public under the Apache License 2.0.
+
+local fs = require "nixio.fs"
+local utl = require "luci.util"
+local tpl = require "luci.template"
+local ntm = require "luci.model.network"
+
+local has_iwinfo = pcall(require, "iwinfo")
+
+function guess_wifi_hw(dev)
+ local bands = ""
+ local ifname = dev:name()
+ local name, idx = ifname:match("^([a-z]+)(%d+)")
+ idx = tonumber(idx)
+
+ if has_iwinfo then
+ local bl = dev.iwinfo.hwmodelist
+ if bl and next(bl) then
+ if bl.a then bands = bands .. "a" end
+ if bl.b then bands = bands .. "b" end
+ if bl.g then bands = bands .. "g" end
+ if bl.n then bands = bands .. "n" end
+ if bl.ac then bands = bands .. "ac" end
+ end
+
+ local hw = dev.iwinfo.hardware_name
+ if hw then
+ return "%s 802.11%s" %{ hw, bands }
+ end
+ end
+
+ -- wl.o
+ if name == "wl" then
+ local name = translatef("Broadcom 802.11%s Wireless Controller", bands)
+ local nm = 0
+
+ local fd = nixio.open("/proc/bus/pci/devices", "r")
+ if fd then
+ local ln
+ for ln in fd:linesource() do
+ if ln:match("wl$") then
+ if nm == idx then
+ local version = ln:match("^%S+%s+%S%S%S%S([0-9a-f]+)")
+ name = translatef(
+ "Broadcom BCM%04x 802.11 Wireless Controller",
+ tonumber(version, 16)
+ )
+
+ break
+ else
+ nm = nm + 1
+ end
+ end
+ end
+ fd:close()
+ end
+
+ return name
+
+ -- dunno yet
+ else
+ return translatef("Generic 802.11%s Wireless Controller", bands)
+ end
+end
+
+local tpl_radio = tpl.Template(nil, [[
+ <div class="cbi-section-node">
+ <div class="table">
+ <!-- physical device -->
+ <div class="tr cbi-rowstyle-2">
+ <div class="td col-2 center middle">
+ <span class="ifacebadge"><img src="<%=resource%>/icons/wifi_disabled.png" id="<%=dev:name()%>-iw-upstate" /> <%=dev:name()%></span>
+ </div>
+ <div class="td col-7 left middle">
+ <big><strong><%=hw%></strong></big><br />
+ <span id="<%=dev:name()%>-iw-devinfo"></span>
+ </div>
+ <div class="td middle cbi-section-actions">
+ <div>
+ <input type="button" class="cbi-button cbi-button-neutral" title="<%:Restart radio interface%>" value="<%:Restart%>" data-radio="<%=dev:name()%>" onclick="wifi_restart(event)" />
+ <input type="button" class="cbi-button cbi-button-action important" title="<%:Find and join network%>" value="<%:Scan%>" onclick="cbi_submit(this, 'device', '<%=dev:name()%>', '<%=url('admin/network/wireless_join')%>')" />
+ <input type="button" class="cbi-button cbi-button-add" title="<%:Provide new network%>" value="<%:Add%>" onclick="cbi_submit(this, 'device', '<%=dev:name()%>', '<%=url('admin/network/wireless_add')%>')" />
+ </div>
+ </div>
+ </div>
+ <!-- /physical device -->
+
+ <!-- network list -->
+ <% if #wnets > 0 then %>
+ <% for i, net in ipairs(wnets) do local disabled = (dev:get("disabled") == "1" or net:get("disabled") == "1") %>
+ <div class="tr cbi-rowstyle-<%=1 + ((i-1) % 2)%>">
+ <div class="td col-2 center middle" id="<%=net:id()%>-iw-signal">
+ <span class="ifacebadge" title="<%:Not associated%>"><img src="<%=resource%>/icons/signal-<%= disabled and "none" or "0" %>.png" /> 0%</span>
+ </div>
+ <div class="td col-7 left middle" id="<%=net:id()%>-iw-status" data-network="<%=net:id()%>" data-disabled="<%= disabled and "true" or "false" %>">
+ <em><%= disabled and translate("Wireless is disabled") or translate("Collecting data...") %></em>
+ </div>
+ <div class="td middle cbi-section-actions">
+ <div>
+ <% if disabled then %>
+ <input name="cbid.wireless.<%=net:name()%>.__disable__" type="hidden" value="1" />
+ <input name="cbi.apply" type="submit" class="cbi-button cbi-button-neutral" title="<%:Enable this network%>" value="<%:Enable%>" onclick="this.previousElementSibling.value='0'" />
+ <% else %>
+ <input name="cbid.wireless.<%=net:name()%>.__disable__" type="hidden" value="0" />
+ <input name="cbi.apply" type="submit" class="cbi-button cbi-button-neutral" title="<%:Disable this network%>" value="<%:Disable%>" onclick="this.previousElementSibling.value='1'" />
+ <% end %>
+
+ <input type="button" class="cbi-button cbi-button-action important" onclick="location.href='<%=net:adminlink()%>'" title="<%:Edit this network%>" value="<%:Edit%>" />
+
+ <input name="cbid.wireless.<%=net:name()%>.__delete__" type="hidden" value="" />
+ <input name="cbi.apply" type="submit" class="cbi-button cbi-button-negative" title="<%:Delete this network%>" value="<%:Remove%>" onclick="wifi_delete(event)" />
+ </div>
+ </div>
+ </div>
+ <% end %>
+ <% else %>
+ <div class="tr placeholder">
+ <div class="td">
+ <em><%:No network configured on this device%></em>
+ </div>
+ </div>
+ <% end %>
+ <!-- /network list -->
+ </div>
+ </div>
+]])
+
+
+m = Map("wireless", translate("Wireless Overview"))
+m:chain("network")
+m.pageaction = false
+
+if not has_iwinfo then
+ s = m:section(NamedSection, "__warning__")
+
+ function s.render(self)
+ tpl.render_string([[
+ <div class="alert-message warning">
+ <h4><%:Package libiwinfo required!%></h4>
+ <p><%_The <em>libiwinfo-lua</em> package is not installed. You must install this component for working wireless configuration!%></p>
+ </div>
+ ]])
+ end
+end
+
+local _, dev, net
+for _, dev in ipairs(ntm:get_wifidevs()) do
+ s = m:section(TypedSection)
+ s.wnets = dev:get_wifinets()
+
+ function s.render(self, sid)
+ tpl_radio:render({
+ hw = guess_wifi_hw(dev),
+ dev = dev,
+ wnets = self.wnets
+ })
+ end
+
+ function s.cfgsections(self)
+ local _, net, sl = nil, nil, { }
+ for _, net in ipairs(self.wnets) do
+ sl[#sl+1] = net:name()
+ self.wnets[net:name()] = net
+ end
+ return sl
+ end
+
+ o = s:option(Value, "__disable__")
+
+ function o.cfgvalue(self, sid)
+ local wnet = self.section.wnets[sid]
+ local wdev = wnet:get_device()
+
+ return ((wnet and wnet:get("disabled") == "1") or
+ (wdev and wdev:get("disabled") == "1")) and "1" or "0"
+ end
+
+ function o.write(self, sid, value)
+ local wnet = self.section.wnets[sid]
+ local wdev = wnet:get_device()
+
+ if value ~= "1" then
+ wnet:set("disabled", nil)
+ wdev:set("disabled", nil)
+ else
+ wnet:set("disabled", "1")
+ end
+ end
+
+ o.remove = o.write
+
+
+ o = s:option(Value, "__delete__")
+
+ function o.write(self, sid, value)
+ local wnet = self.section.wnets[sid]
+ local nets = wnet:get_networks()
+
+ ntm:del_wifinet(wnet:id())
+
+ local _, net
+ for _, net in ipairs(nets) do
+ if net:is_empty() then
+ ntm:del_network(net:name())
+ end
+ end
+ end
+end
+
+s = m:section(NamedSection, "__script__")
+s.template = "admin_network/wifi_overview_status"
+
+s = m:section(NamedSection, "__assoclist__")
+
+function s.render(self, sid)
+ tpl.render_string([[
+ <h2><%:Associated Stations%></h2>
+ <%+wifi_assoclist%>
+ ]])
+end
+
+return m