diff options
9 files changed, 156 insertions, 126 deletions
diff --git a/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua b/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua index dc7718217..6dc43bec2 100644 --- a/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua +++ b/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-advanced.lua @@ -204,10 +204,6 @@ local knownParams = { "dev_node", "/dev/net/tun", translate("Use tun/tap device node") }, - { Flag, - "tun_ipv6", - 0, - translate("Make tun device IPv6 capable") }, { Value, "ifconfig", "10.200.200.3 10.200.200.1", @@ -248,15 +244,6 @@ local knownParams = { "mtu_test", 0, translate("Empirically measure MTU") }, - { ListValue, - "comp_lzo", - { "yes", "no", "adaptive" }, - translate("Use fast LZO compression") }, - { Flag, - "comp_noadapt", - 0, - translate("Don't use adaptive lzo compression"), - { comp_lzo=1 } }, { Value, "link_mtu", 1500, @@ -375,7 +362,7 @@ local knownParams = { { client="0" }, { client="" } }, { DynamicList, "push", - { "redirect-gateway", "comp-lzo" }, + { "redirect-gateway" }, translate("Push options to peer"), { client="0" }, { client="" } }, { Flag, @@ -398,12 +385,6 @@ local knownParams = { "/etc/openvpn/ipp.txt 600", translate("Persist/unpersist ifconfig-pool"), { client="0" }, { client="" } }, - -- deprecated and replaced by --topology p2p - -- { Flag, - -- "ifconfig_pool_linear", - -- 0, - -- translate("Use individual addresses rather than /30 subnets"), - -- { client="0" }, { client="" } }, { Value, "ifconfig_push", "10.200.200.1 255.255.255.255", @@ -470,11 +451,6 @@ local knownParams = { translate("Allowed maximum of new connections"), { client="0" }, { client="" } }, { Flag, - "client_cert_not_required", - 0, - translate("Don't require client certificate"), - { client="0" }, { client="" } }, - { Flag, "username_as_common_name", 0, translate("Use username as common name"), @@ -591,10 +567,6 @@ local knownParams = { "engine", "dynamic", translate("Enable OpenSSL hardware crypto engines") }, - { Flag, - "no_replay", - 0, - translate("Disable replay protection") }, { Value, "replay_window", "64 15", @@ -608,10 +580,6 @@ local knownParams = { "/var/run/openvpn-replay-state", translate("Persist replay-protection state") }, { Flag, - "no_iv", - 0, - translate("Disable cipher initialisation vector") }, - { Flag, "tls_server", 0, translate("Enable TLS and assume server role"), diff --git a/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-basic.lua b/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-basic.lua index 3f651c0ad..483860c8e 100644 --- a/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-basic.lua +++ b/applications/luci-app-openvpn/luasrc/model/cbi/openvpn-basic.lua @@ -4,7 +4,6 @@ require("luci.ip") require("luci.model.uci") - local basicParams = { -- -- Widget, Name, Default(s), Description @@ -14,14 +13,12 @@ local basicParams = { { Value, "nice",0, translate("Change process priority") }, { Value,"port",1194, translate("TCP/UDP port # for both local and remote") }, { ListValue,"dev_type",{ "tun", "tap" }, translate("Type of used device") }, - { Flag,"tun_ipv6",0, translate("Make tun device IPv6 capable") }, { Value,"ifconfig","10.200.200.3 10.200.200.1", translate("Set tun/tap adapter parameters") }, { Value,"server","10.200.200.0 255.255.255.0", translate("Configure server mode") }, { Value,"server_bridge","192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254", translate("Configure server bridge") }, { Flag,"nobind",0, translate("Do not bind to local address and port") }, - { ListValue,"comp_lzo",{"yes","no","adaptive"}, translate("Use fast LZO compression") }, { Value,"keepalive","10 60", translate("Helper directive to simplify the expression of --ping and --ping-restart in server mode configurations") }, { ListValue,"proto",{ "udp", "tcp-client", "tcp-server" }, translate("Use protocol") }, diff --git a/applications/luci-app-openvpn/luasrc/model/cbi/openvpn.lua b/applications/luci-app-openvpn/luasrc/model/cbi/openvpn.lua index a6b0e1dd9..e17aa4085 100644 --- a/applications/luci-app-openvpn/luasrc/model/cbi/openvpn.lua +++ b/applications/luci-app-openvpn/luasrc/model/cbi/openvpn.lua @@ -52,21 +52,22 @@ function s.create(self, name) luci.cbi.CREATE_PREFIX .. self.config .. "." .. self.sectiontype .. ".select" ) - name = luci.http.formvalue( + local name = luci.http.formvalue( luci.cbi.CREATE_PREFIX .. self.config .. "." .. self.sectiontype .. ".text" ) if #name > 3 and not name:match("[^a-zA-Z0-9_]") then - uci:section( - "openvpn", "openvpn", name, - uci:get_all( "openvpn_recipes", recipe ) - ) - - uci:delete("openvpn", name, "_role") - uci:delete("openvpn", name, "_description") - uci:save("openvpn") - - luci.http.redirect( self.extedit:format(name) ) + local s = uci:section("openvpn", "openvpn", name) + if s then + local options = uci:get_all("openvpn_recipes", recipe) + for k, v in pairs(options) do + uci:set("openvpn", name, k, v) + end + uci:delete("openvpn", name, "_role") + uci:delete("openvpn", name, "_description") + uci:save("openvpn") + luci.http.redirect( self.extedit:format(name) ) + end elseif #name > 0 then self.invalid_cts = true end diff --git a/applications/luci-app-openvpn/luasrc/view/openvpn/pageswitch.htm b/applications/luci-app-openvpn/luasrc/view/openvpn/pageswitch.htm index f22cb68c7..8cb019b46 100644 --- a/applications/luci-app-openvpn/luasrc/view/openvpn/pageswitch.htm +++ b/applications/luci-app-openvpn/luasrc/view/openvpn/pageswitch.htm @@ -4,11 +4,11 @@ Licensed to the public under the Apache License 2.0. -%> -<fieldset class="cbi-section"> - <legend> +<div class="cbi-section"> + <h3> <a href="<%=url('admin/services/openvpn')%>"><%:Overview%></a> » <%=luci.i18n.translatef("Instance \"%s\"", self.instance)%> - </legend> + </h3> <% if self.mode == "basic" then %> <a href="<%=url('admin/services/openvpn/advanced', self.instance, "Service")%>"><%:Switch to advanced configuration ยป%></a> @@ -27,4 +27,4 @@ <% if next(self.categories, i) then %>|<% end %> <% end %> <% end %> -</fieldset> +</div> diff --git a/applications/luci-app-openvpn/root/etc/config/openvpn_recipes b/applications/luci-app-openvpn/root/etc/config/openvpn_recipes index 1b394dffb..69270e48e 100644 --- a/applications/luci-app-openvpn/root/etc/config/openvpn_recipes +++ b/applications/luci-app-openvpn/root/etc/config/openvpn_recipes @@ -2,101 +2,94 @@ # Routed point-to-point server # config openvpn_recipe server_tun_ptp - option _description "Simple server configuration for a routed point-to-point VPN" - option _role "server" - option dev "tun" - option ifconfig "10.0.0.1 10.0.0.2" - option secret "shared-secret.key" - option keepalive "10 60" - option comp_lzo "yes" - option verb "3" - option mssfix "1420" + option _description 'Simple server configuration for a routed point-to-point VPN' + option _role 'server' + option dev 'tun' + option ifconfig '10.0.0.1 10.0.0.2' + option secret 'shared-secret.key' + option keepalive '10 60' + option verb '3' + option mssfix '1420' # # Routed point-to-point client # config openvpn_recipe client_tun_ptp - option _description "Simple client configuration for a routed point-to-point VPN" - option _role "client" - option dev "tun" - list remote "vpnserver.example.org" - option ifconfig "10.0.0.2 10.0.0.1" - option secret "shared-secret.key" - option nobind "1" - option comp_lzo "yes" - option verb "3" + option _description 'Simple client configuration for a routed point-to-point VPN' + option _role 'client' + option dev 'tun' + list remote 'vpnserver.example.org' + option ifconfig '10.0.0.2 10.0.0.1' + option secret 'shared-secret.key' + option nobind '1' + option verb '3' # # Routed multi-client server # config openvpn_recipe server_tun - option _description "Server configuration for a routed multi-client VPN" - option _role "server" - option dev "tun" - option server "10.0.100.0 255.255.255.0" - option ca "ca.crt" - option cert "server.crt" - option key "server.key" - option dh "dh1024.pem" - option keepalive "10 60" - option comp_lzo "yes" - option verb "3" - option mssfix "1420" + option _description 'Server configuration for a routed multi-client VPN' + option _role 'server' + option dev 'tun' + option server '10.0.100.0 255.255.255.0' + option ca 'ca.crt' + option cert 'server.crt' + option key 'server.key' + option dh 'dh1024.pem' + option keepalive '10 60' + option verb '3' + option mssfix '1420' # # Routed client # config openvpn_recipe client_tun - option _description "Client configuration for a routed multi-client VPN" - option _role "client" - option client "1" - option dev "tun" - list remote "vpnserver.example.org" - option pkcs12 "my_client.p12" - option remote_cert_tls "server" - option comp_lzo "yes" - option nobind "1" - option persist_key "1" - option persist_tun "1" - option verb "3" - option reneg_sec "0" - option float "1" + option _description 'Client configuration for a routed multi-client VPN' + option _role 'client' + option client '1' + option dev 'tun' + list remote 'vpnserver.example.org' + option pkcs12 'my_client.p12' + option remote_cert_tls 'server' + option nobind '1' + option persist_key '1' + option persist_tun '1' + option verb '3' + option reneg_sec '0' + option float '1' # # Multi-client ethernet bridge server # config openvpn_recipe server_tap_bridge - option _description "Server configuration for an ethernet bridge VPN" - option _role "server" - option dev "tap" - option server_bridge "192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254" - option ca "ca.crt" - option cert "server.crt" - option key "server.key" - option dh "dh1024.pem" - option keepalive "10 60" - option comp_lzo "yes" - option verb "3" - option mssfix "1420" + option _description 'Server configuration for an ethernet bridge VPN' + option _role 'server' + option dev 'tap' + option server_bridge '192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254' + option ca 'ca.crt' + option cert 'server.crt' + option key 'server.key' + option dh 'dh1024.pem' + option keepalive '10 60' + option verb '3' + option mssfix '1420' # # Ethernet bridge client # config openvpn_recipe client_tap_bridge - option _description "Client configuration for an ethernet bridge VPN" - option _role "client" - option client "1" - option dev "tap" - list remote "vpnserver.example.org" - option ca "ca.crt" - option cert "my_client.crt" - option key "my_client.key" - option dh "dh1024.pem" - option remote_cert_tls "server" - option comp_lzo "yes" - option nobind "1" - option persist_key "1" - option verb "3" - option reneg_sec "0" - option float "1" - + option _description 'Client configuration for an ethernet bridge VPN' + option _role 'client' + option client '1' + option dev 'tap' + list remote 'vpnserver.example.org' + option ca 'ca.crt' + option cert 'my_client.crt' + option key 'my_client.key' + option dh 'dh1024.pem' + option remote_cert_tls 'server' + option nobind '1' + option persist_key '1' + option verb '3' + option reneg_sec '0' + option float '1' diff --git a/applications/luci-app-unbound/luasrc/model/cbi/unbound/configure.lua b/applications/luci-app-unbound/luasrc/model/cbi/unbound/configure.lua index df2164f8a..60d0477d5 100644 --- a/applications/luci-app-unbound/luasrc/model/cbi/unbound/configure.lua +++ b/applications/luci-app-unbound/luasrc/model/cbi/unbound/configure.lua @@ -210,10 +210,11 @@ if (valman == "0") then pro = s1:taboption("resource", ListValue, "protocol", translate("Recursion Protocol"), - translate("Chose the protocol recursion queries leave on")) + translate("Chose the IP versions used upstream and downstream")) pro:value("default", translate("Default")) pro:value("ip4_only", translate("IP4 Only")) - pro:value("ip6_only", translate("IP6 Only")) + pro:value("ip6_local", translate("IP4 All and IP6 Local")) + pro:value("ip6_only", translate("IP6 Only*")) pro:value("ip6_prefer", translate("IP6 Preferred")) pro:value("mixed", translate("IP4 and IP6")) pro.rmempty = false diff --git a/modules/luci-base/luasrc/sys.lua b/modules/luci-base/luasrc/sys.lua index 823e20770..1436a3a23 100644 --- a/modules/luci-base/luasrc/sys.lua +++ b/modules/luci-base/luasrc/sys.lua @@ -70,6 +70,24 @@ function mounts() return data end +function mtds() + local data = {} + + if fs.access("/proc/mtd") then + for l in io.lines("/proc/mtd") do + local d, s, e, n = l:match('^([^%s]+)%s+([^%s]+)%s+([^%s]+)%s+"([^%s]+)"') + if s and n then + local d = {} + d.size = tonumber(s, 16) + d.name = n + table.insert(data, d) + end + end + end + + return data +end + -- containing the whole environment is returned otherwise this function returns -- the corresponding string value for the given name or nil if no such variable -- exists. diff --git a/modules/luci-mod-admin-full/luasrc/controller/admin/system.lua b/modules/luci-mod-admin-full/luasrc/controller/admin/system.lua index 2fa7847fc..46d2e36c3 100644 --- a/modules/luci-mod-admin-full/luasrc/controller/admin/system.lua +++ b/modules/luci-mod-admin-full/luasrc/controller/admin/system.lua @@ -35,6 +35,7 @@ function index() entry({"admin", "system", "flashops"}, call("action_flashops"), _("Backup / Flash Firmware"), 70) entry({"admin", "system", "flashops", "reset"}, post("action_reset")) entry({"admin", "system", "flashops", "backup"}, post("action_backup")) + entry({"admin", "system", "flashops", "backupmtdblock"}, post("action_backupmtdblock")) entry({"admin", "system", "flashops", "backupfiles"}, form("admin_system/backupfiles")) -- call() instead of post() due to upload handling! @@ -318,6 +319,23 @@ function action_backup() luci.ltn12.pump.all(reader, luci.http.write) end +function action_backupmtdblock() + local http = require "luci.http" + local mv = http.formvalue("mtdblockname") + local m, s, n = mv:match('^([^%s]+)/([^%s]+)/([^%s]+)') + + local reader = ltn12_popen("dd if=/dev/mtd%s conv=fsync,notrunc 2>/dev/null" % n) + + luci.http.header( + 'Content-Disposition', 'attachment; filename="backup-%s-%s-%s.bin"' %{ + luci.sys.hostname(), m, + os.date("%Y-%m-%d") + }) + + luci.http.prepare_content("application/octet-stream") + luci.ltn12.pump.all(reader, luci.http.write) +end + function action_restore() local fs = require "nixio.fs" local http = require "luci.http" diff --git a/modules/luci-mod-admin-full/luasrc/view/admin_system/flashops.htm b/modules/luci-mod-admin-full/luasrc/view/admin_system/flashops.htm index f3d2e8d7b..8204d38e3 100644 --- a/modules/luci-mod-admin-full/luasrc/view/admin_system/flashops.htm +++ b/modules/luci-mod-admin-full/luasrc/view/admin_system/flashops.htm @@ -59,6 +59,40 @@ <div class="cbi-section-error"><%:The backup archive does not appear to be a valid gzip file.%></div> <% end %> </div> + + <% local mtds = require("luci.sys").mtds(); if #mtds > 0 then -%> + <h3><%:Save mtdblock contents%></h3> + <div class="cbi-section-descr"><%:Click "Save mtdblock" to download specified mtdblock file. (NOTE: THIS FEATURE IS FOR PROFESSIONALS! )%></div> + <div class="cbi-section-node"> + <form class="inline" method="post" action="<%=url('admin/system/flashops/backupmtdblock')%>"> + <input type="hidden" name="token" value="<%=token%>" /> + <div class="cbi-value"> + <label class="cbi-value-title" for="mtdblockname"><%:Choose mtdblock%></label> + <div class="cbi-value-field"> + <select class="cbi-input-select" data-update="change" name="mtdblockname" id="mtdblockname"> + <% for i, key in ipairs(mtds) do + if key and key.name ~= "rootfs_data" then -%> + <option<%= + attr("id", "mtdblockname-" .. key.name) .. + attr("value", key.name .. '/'.. key.size .. '/' .. i - 1) .. + attr("data-index", i) .. + ifattr(key.name == "linux" or key.name == "firmware", "selected", "selected") + %>><%=pcdata(key.name)%></option> + <% end + end -%> + </select> + </div> + </div> + <div class="cbi-value cbi-value-last<% if reset_avail then %> cbi-value-error<% end %>"> + <label class="cbi-value-title" for="image"><%:Download mtdblock%></label> + <div class="cbi-value-field"> + <input type="submit" class="cbi-button cbi-button-action important" value="<%:Save mtdblock%>" /> + </div> + </div> + </form> + </div> + <% end %> + </div> <div class="cbi-section"> |