diff options
| author | Jo-Philipp Wich <jo@mein.io> | 2022-04-27 13:17:03 +0200 |
|---|---|---|
| committer | Jo-Philipp Wich <jo@mein.io> | 2022-04-27 13:19:48 +0200 |
| commit | 2f80fe3767207e2dbb8c5286603f49808b66a60d (patch) | |
| tree | 54d08d59dec5eb3cdf1ca27ba98a1300181c277f /modules/luci-mod-status/root/usr | |
| parent | 2e4b5fb8ff2fb3bfd1400bf7cbf721057f02fab9 (diff) | |
luci-mod-status: hide iptables firewall status when nft is present
Do not expose the iptables status page as menu item when nftables is present
on the system. Instead add a warning banner to the nftables status page
directing the user to the hidden iptables status page when we encounter
legacy rules on the system.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'modules/luci-mod-status/root/usr')
| -rw-r--r-- | modules/luci-mod-status/root/usr/share/luci/menu.d/luci-mod-status.json | 15 | ||||
| -rw-r--r-- | modules/luci-mod-status/root/usr/share/rpcd/acl.d/luci-mod-status.json | 4 |
2 files changed, 14 insertions, 5 deletions
diff --git a/modules/luci-mod-status/root/usr/share/luci/menu.d/luci-mod-status.json b/modules/luci-mod-status/root/usr/share/luci/menu.d/luci-mod-status.json index 8aa58e1616..190eef0ad3 100644 --- a/modules/luci-mod-status/root/usr/share/luci/menu.d/luci-mod-status.json +++ b/modules/luci-mod-status/root/usr/share/luci/menu.d/luci-mod-status.json @@ -24,7 +24,7 @@ }, "admin/status/iptables": { - "title": "Firewall (iptables)", + "title": "Firewall", "order": 3, "action": { "type": "view", @@ -33,14 +33,14 @@ "depends": { "acl": [ "luci-mod-status-firewall" ], "fs": [ - { "/usr/sbin/iptables": "executable" }, - { "/usr/sbin/ip6tables": "executable" } + { "/usr/sbin/nft": "absent", "/usr/sbin/iptables": "executable" }, + { "/usr/sbin/nft": "absent", "/usr/sbin/ip6tables": "executable" } ] } }, "admin/status/nftables": { - "title": "Firewall (nftables)", + "title": "Firewall", "order": 3, "action": { "type": "view", @@ -52,6 +52,13 @@ } }, + "admin/status/nftables/iptables": { + "action": { + "type": "view", + "path": "status/iptables" + } + }, + "admin/status/logs": { "title": "System Log", "order": 4, diff --git a/modules/luci-mod-status/root/usr/share/rpcd/acl.d/luci-mod-status.json b/modules/luci-mod-status/root/usr/share/rpcd/acl.d/luci-mod-status.json index 7ad43200a3..f0dab25af2 100644 --- a/modules/luci-mod-status/root/usr/share/rpcd/acl.d/luci-mod-status.json +++ b/modules/luci-mod-status/root/usr/share/rpcd/acl.d/luci-mod-status.json @@ -74,7 +74,9 @@ "/usr/sbin/nft --json list ruleset": [ "exec" ], "/usr/sbin/iptables --line-numbers -w -nvxL -t *": [ "exec" ], "/usr/sbin/ip6tables --line-numbers -w -nvxL -t *": [ "exec" ], - "/usr/sbin/ip6tables": [ "list" ] + "/usr/sbin/ip6tables": [ "list" ], + "/usr/sbin/iptables-save": [ "exec" ], + "/usr/sbin/ip6tables-save": [ "exec" ] }, "ubus": { "file": [ "stat" ] |