summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--applications/luci-app-banip/Makefile12
-rw-r--r--applications/luci-app-banip/luasrc/controller/banip.lua100
-rw-r--r--applications/luci-app-banip/luasrc/model/cbi/banip/blacklist_tab.lua55
-rw-r--r--applications/luci-app-banip/luasrc/model/cbi/banip/configuration_tab.lua52
-rw-r--r--applications/luci-app-banip/luasrc/model/cbi/banip/overview_tab.lua200
-rw-r--r--applications/luci-app-banip/luasrc/model/cbi/banip/whitelist_tab.lua55
-rw-r--r--applications/luci-app-banip/luasrc/view/banip/banip_css.htm91
-rw-r--r--applications/luci-app-banip/luasrc/view/banip/ipsetview.htm66
-rw-r--r--applications/luci-app-banip/luasrc/view/banip/logview.htm36
-rw-r--r--applications/luci-app-banip/luasrc/view/banip/ripeview.htm105
-rw-r--r--applications/luci-app-banip/luasrc/view/banip/runtime.htm130
-rw-r--r--applications/luci-app-banip/luasrc/view/banip/sourcelist.htm47
-rwxr-xr-xapplications/luci-app-banip/root/etc/uci-defaults/40_luci-banip11
13 files changed, 960 insertions, 0 deletions
diff --git a/applications/luci-app-banip/Makefile b/applications/luci-app-banip/Makefile
new file mode 100644
index 000000000..1936bc36b
--- /dev/null
+++ b/applications/luci-app-banip/Makefile
@@ -0,0 +1,12 @@
+# Copyright 2018 Dirk Brenken (dev@brenken.org)
+# This is free software, licensed under the Apache License, Version 2.0
+
+include $(TOPDIR)/rules.mk
+
+LUCI_TITLE:=LuCI support for banIP
+LUCI_DEPENDS:=+banip +luci-lib-jsonc
+LUCI_PKGARCH:=all
+
+include ../../luci.mk
+
+# call BuildPackage - OpenWrt buildroot signature
diff --git a/applications/luci-app-banip/luasrc/controller/banip.lua b/applications/luci-app-banip/luasrc/controller/banip.lua
new file mode 100644
index 000000000..e201295d5
--- /dev/null
+++ b/applications/luci-app-banip/luasrc/controller/banip.lua
@@ -0,0 +1,100 @@
+-- Copyright 2018 Dirk Brenken (dev@brenken.org)
+-- This is free software, licensed under the Apache License, Version 2.0
+
+module("luci.controller.banip", package.seeall)
+
+local util = require("luci.util")
+local http = require("luci.http")
+local i18n = require("luci.i18n")
+local json = require("luci.jsonc")
+local uci = require("luci.model.uci").cursor()
+
+function index()
+ if not nixio.fs.access("/etc/config/banip") then
+ return
+ end
+ entry({"admin", "services", "banip"}, firstchild(), _("banIP"), 40).dependent = false
+ entry({"admin", "services", "banip", "tab_from_cbi"}, cbi("banip/overview_tab", {hideresetbtn=true, hidesavebtn=true}), _("Overview"), 10).leaf = true
+ entry({"admin", "services", "banip", "ipset"}, template("banip/ipsetview"), _("IPSet-Lookup"), 20).leaf = true
+ entry({"admin", "services", "banip", "ripe"}, template("banip/ripeview"), _("RIPE-Lookup"), 30).leaf = true
+ entry({"admin", "services", "banip", "log"}, template("banip/logview"), _("View Logfile"), 40).leaf = true
+ entry({"admin", "services", "banip", "advanced"}, firstchild(), _("Advanced"), 100)
+ entry({"admin", "services", "banip", "advanced", "blacklist"}, form("banip/blacklist_tab"), _("Edit Blacklist"), 110).leaf = true
+ entry({"admin", "services", "banip", "advanced", "whitelist"}, form("banip/whitelist_tab"), _("Edit Whitelist"), 120).leaf = true
+ entry({"admin", "services", "banip", "advanced", "configuration"}, form("banip/configuration_tab"), _("Edit Configuration"), 130).leaf = true
+ entry({"admin", "services", "banip", "ipsetview"}, call("ipset_view"), nil).leaf = true
+ entry({"admin", "services", "banip", "ripeview"}, call("ripe_view"), nil).leaf = true
+ entry({"admin", "services", "banip", "logview"}, call("log_view"), nil).leaf = true
+ entry({"admin", "services", "banip", "status"}, call("status_update"), nil).leaf = true
+ entry({"admin", "services", "banip", "action"}, call("ban_action"), nil).leaf = true
+end
+
+function ban_action(name)
+ if name == "do_refresh" then
+ luci.sys.call("/etc/init.d/banip start >/dev/null 2>&1")
+ end
+ luci.http.prepare_content("text/plain")
+ luci.http.write("0")
+end
+
+function status_update()
+ local rt_file
+ local content
+
+ rt_file = uci:get("banip", "global", "ban_rtfile") or "/tmp/ban_runtime.json"
+
+ if nixio.fs.access(rt_file) then
+ content = json.parse(nixio.fs.readfile(rt_file) or "")
+ http.prepare_content("application/json")
+ http.write_json(content)
+ end
+end
+
+function log_view()
+ local content
+
+ if nixio.fs.access("/var/log/messages") then
+ content = util.trim(util.exec("grep -F 'banIP-' /var/log/messages"))
+ else
+ content = util.trim(util.exec("logread -e 'banIP-' 2>/dev/null"))
+ end
+
+ if content == "" then
+ content = "No banIP related logs yet!"
+ end
+ http.write(content)
+end
+
+function ipset_view(ipset, filter)
+ local content
+
+ if not (ipset or filter) then
+ return
+ end
+
+ if filter == "false" then
+ content = util.trim(util.exec("ipset -L " .. ipset .. " 2>/dev/null"))
+ else
+ content = util.trim(util.exec("ipset -L " .. ipset .. " 2>/dev/null | grep -e 'packets [1-9]\\|^[A-Z]'"))
+ end
+
+ if content == "" then
+ content = "IPSet is empty!"
+ end
+ http.write(content)
+end
+
+function ripe_view(query, input)
+ local content
+
+ if not (query or input) then
+ return
+ end
+
+ content = util.trim(util.exec("uclient-fetch --no-check-certificate -O- https://stat.ripe.net/data/" ..query.. "/data.json?resource=" ..input.. " 2>/dev/null"))
+
+ if content == "" then
+ content = "No response!"
+ end
+ http.write(content)
+end
diff --git a/applications/luci-app-banip/luasrc/model/cbi/banip/blacklist_tab.lua b/applications/luci-app-banip/luasrc/model/cbi/banip/blacklist_tab.lua
new file mode 100644
index 000000000..422182f4f
--- /dev/null
+++ b/applications/luci-app-banip/luasrc/model/cbi/banip/blacklist_tab.lua
@@ -0,0 +1,55 @@
+-- Copyright 2018 Dirk Brenken (dev@brenken.org)
+-- This is free software, licensed under the Apache License, Version 2.0
+
+local fs = require("nixio.fs")
+local util = require("luci.util")
+local uci = require("luci.model.uci").cursor()
+local input = uci:get("banip", "blacklist", "ban_src") or uci:get("banip", "blacklist", "ban_src_6") or "/etc/banip/adblock.blacklist"
+
+if not fs.access(input) then
+ m = SimpleForm("error", nil, translate("Input file not found, please check your configuration."))
+ m.reset = false
+ m.submit = false
+ return m
+end
+
+if fs.stat(input).size >= 102400 then
+ m = SimpleForm("error", nil,
+ translate("The file size is too large for online editing in LuCI (≥ 100 KB). ")
+ .. translate("Please edit this file directly in a terminal session."))
+ m.reset = false
+ m.submit = false
+ return m
+end
+
+m = SimpleForm("edit", nil)
+m:append(Template("banip/banip_css"))
+m.submit = translate("Save")
+m.reset = false
+
+s = m:section(SimpleSection, nil,
+ translatef("This form allows you to modify the content of the banIP blacklist (%s).<br />", input)
+ .. translate("Please add only one IPv4 or IPv6 address per line. IP ranges in CIDR notation and comments introduced with '#' are allowed."))
+
+f = s:option(TextValue, "data")
+f.datatype = "string"
+f.rows = 20
+f.rmempty = true
+
+function f.cfgvalue()
+ return fs.readfile(input) or ""
+end
+
+function f.write(self, section, data)
+ return fs.writefile(input, "\n" .. util.trim(data:gsub("\r\n", "\n")) .. "\n")
+end
+
+function f.remove(self, section, value)
+ return fs.writefile(input, "")
+end
+
+function s.handle(self, state, data)
+ return true
+end
+
+return m
diff --git a/applications/luci-app-banip/luasrc/model/cbi/banip/configuration_tab.lua b/applications/luci-app-banip/luasrc/model/cbi/banip/configuration_tab.lua
new file mode 100644
index 000000000..f90b11be0
--- /dev/null
+++ b/applications/luci-app-banip/luasrc/model/cbi/banip/configuration_tab.lua
@@ -0,0 +1,52 @@
+-- Copyright 2018 Dirk Brenken (dev@brenken.org)
+-- This is free software, licensed under the Apache License, Version 2.0
+
+local fs = require("nixio.fs")
+local util = require("luci.util")
+local input = "/etc/config/banip"
+
+if not fs.access(input) then
+ m = SimpleForm("error", nil, translate("Input file not found, please check your configuration."))
+ m.reset = false
+ m.submit = false
+ return m
+end
+
+if fs.stat(input).size >= 102400 then
+ m = SimpleForm("error", nil,
+ translate("The file size is too large for online editing in LuCI (&ge; 100 KB). ")
+ .. translate("Please edit this file directly in a terminal session."))
+ m.reset = false
+ m.submit = false
+ return m
+end
+
+m = SimpleForm("edit", nil)
+m:append(Template("banip/banip_css"))
+m.submit = translate("Save")
+m.reset = false
+
+s = m:section(SimpleSection, nil,
+ translate("This form allows you to modify the content of the main banIP configuration file (/etc/config/banip)."))
+
+f = s:option(TextValue, "data")
+f.rows = 20
+f.rmempty = true
+
+function f.cfgvalue()
+ return fs.readfile(input) or ""
+end
+
+function f.write(self, section, data)
+ return fs.writefile(input, "\n" .. util.trim(data:gsub("\r\n", "\n")) .. "\n")
+end
+
+function f.remove(self, section, value)
+ return fs.writefile(input, "")
+end
+
+function s.handle(self, state, data)
+ return true
+end
+
+return m
diff --git a/applications/luci-app-banip/luasrc/model/cbi/banip/overview_tab.lua b/applications/luci-app-banip/luasrc/model/cbi/banip/overview_tab.lua
new file mode 100644
index 000000000..00bb5e426
--- /dev/null
+++ b/applications/luci-app-banip/luasrc/model/cbi/banip/overview_tab.lua
@@ -0,0 +1,200 @@
+-- Copyright 2018 Dirk Brenken (dev@brenken.org)
+-- This is free software, licensed under the Apache License, Version 2.0
+
+local fs = require("nixio.fs")
+local uci = require("luci.model.uci").cursor()
+local sys = require("luci.sys")
+local net = require "luci.model.network".init()
+local util = require("luci.util")
+local dump = util.ubus("network.interface", "dump", {})
+local devices = sys.net:devices()
+
+m = Map("banip", translate("banIP"),
+ translate("Configuration of the banIP package to block ip adresses/subnets via IPSet. ")
+ .. translatef("For further information "
+ .. "<a href=\"%s\" target=\"_blank\">"
+ .. "check the online documentation</a>", "https://github.com/openwrt/packages/blob/master/net/banip/files/README.md"))
+
+-- Main banIP Options
+
+s = m:section(NamedSection, "global", "banip")
+
+o1 = s:option(Flag, "ban_enabled", translate("Enable banIP"))
+o1.default = o1.disabled
+o1.rmempty = false
+
+o2 = s:option(Flag, "ban_automatic", translate("Automatic WAN Interface Detection"))
+o2.default = o2.enabled
+o2.rmempty = false
+
+o3 = s:option(ListValue, "ban_iface", " ")
+for _, dev in ipairs(devices) do
+ if dev ~= "lo" and dev ~= "br-lan" then
+ local iface = net:get_interface(dev)
+ if iface then
+ iface = iface:get_networks() or {}
+ for k, v in pairs(iface) do
+ iface[k] = iface[k].sid
+ if iface[k] ~= "lan" then
+ o3:value(iface[k], iface[k].. " (" ..dev.. ")")
+ end
+ end
+ end
+ end
+end
+o3.default = ban_iface
+o3.rmempty = false
+
+o4 = s:option(ListValue, "ban_fetchutil", translate("Download Utility"),
+ translate("List of supported and fully pre-configured download utilities."))
+o4:value("uclient-fetch")
+o4:value("wget")
+o4:value("curl")
+o4:value("aria2c")
+o4:value("wget-nossl", "wget-nossl (noSSL)")
+o4:value("busybox", "wget-busybox (noSSL)")
+o4.default = "uclient-fetch"
+o4.rmempty = false
+
+-- Runtime Information
+
+ds = s:option(DummyValue, "_dummy")
+ds.template = "banip/runtime"
+
+-- Source Table
+
+bl = m:section(TypedSection, "source", translate("IP Blocklist Sources"))
+bl.template = "banip/sourcelist"
+
+ssl = bl:option(DummyValue, "ban_src", translate("SSL req."))
+function ssl.cfgvalue(self, section)
+ local source = self.map:get(section, "ban_src") or self.map:get(section, "ban_src_6")
+ if source then
+ if source:match("https://") then
+ return translate("Yes")
+ else
+ return translate("No")
+ end
+ end
+ return translate("n/a")
+end
+
+name_4 = bl:option(Flag, "ban_src_on", translate("enable IPv4"))
+name_4.rmempty = false
+
+name_6 = bl:option(Flag, "ban_src_on_6", translate("enable IPv6"))
+name_6.rmempty = false
+
+type = bl:option(ListValue, "ban_src_ruletype", translate("SRC/DST"))
+type:value("src")
+type:value("dst")
+type:value("src+dst")
+type.default = "src"
+type.rmempty = false
+
+des = bl:option(DummyValue, "ban_src_desc", translate("Description"))
+
+cat = bl:option(DynamicList, "ban_src_cat", translate("ASN/Country"))
+cat.datatype = "uciname"
+cat.optional = true
+
+-- Extra options
+
+e = m:section(NamedSection, "extra", "banip", translate("Extra Options"),
+ translate("Options for further tweaking in case the defaults are not suitable for you."))
+
+e1 = e:option(Flag, "ban_debug", translate("Verbose Debug Logging"),
+ translate("Enable verbose debug logging in case of any processing error."))
+e1.default = e1.disabled
+e1.rmempty = false
+
+e2 = e:option(Flag, "ban_nice", translate("Low Priority Service"),
+ translate("Set the nice level to 'low priority' and banIP background processing will take less resources from the system. ")
+ ..translate("This change requires a manual service stop/re-start to take effect."))
+e2.default = e2.disabled
+e2.disabled = "0"
+e2.enabled = "10"
+e2.rmempty = false
+
+e3 = e:option(Value, "ban_maxqueue", translate("Max. Download Queue"),
+ translate("Size of the download queue to handle downloads &amp; IPset processing in parallel (default '8'). ")
+ .. translate("For further performance improvements you can raise this value, e.g. '16' or '32' should be safe."))
+e3.default = 8
+e3.datatype = "range(1,32)"
+e3.rmempty = false
+
+e4 = e:option(Value, "ban_triggerdelay", translate("Trigger Delay"),
+ translate("Additional trigger delay in seconds before banIP processing begins."))
+e4.default = 2
+e4.datatype = "range(1,60)"
+e4.optional = true
+
+e5 = e:option(Value, "ban_fetchparm", translate("Download Options"),
+ translate("Special options for the selected download utility, e.g. '--timeout=20 --no-check-certificate -O'."))
+e5.optional = true
+
+e10 = e:option(Value, "ban_wan_input_chain", translate("WAN Input Chain IPv4"))
+e10.default = "input_wan_rule"
+e10.datatype = "uciname"
+e10.optional = true
+
+e11 = e:option(Value, "ban_wan_forward_chain", translate("WAN Forward Chain IPv4"))
+e11.default = "forwarding_wan_rule"
+e11.datatype = "uciname"
+e11.optional = true
+
+e12 = e:option(Value, "ban_lan_input_chain", translate("LAN Input Chain IPv4"))
+e12.default = "input_lan_rule"
+e12.datatype = "uciname"
+e12.optional = true
+
+e13 = e:option(Value, "ban_lan_forward_chain", translate("LAN Forward Chain IPv4"))
+e13.default = "forwarding_lan_rule"
+e13.datatype = "uciname"
+e13.optional = true
+
+e14 = e:option(ListValue, "ban_target_src", translate("SRC Target IPv4"))
+e14:value("REJECT")
+e14:value("DROP")
+e14.default = "DROP"
+e14.optional = true
+
+e15 = e:option(ListValue, "ban_target_dst", translate("DST Target IPv4"))
+e15:value("REJECT")
+e15:value("DROP")
+e15.default = "REJECT"
+e15.optional = true
+
+e16 = e:option(Value, "ban_wan_input_chain_6", translate("WAN Input Chain IPv6"))
+e16.default = "input_wan_rule"
+e16.datatype = "uciname"
+e16.optional = true
+
+e17 = e:option(Value, "ban_wan_forward_chain_6", translate("WAN Forward Chain IPv6"))
+e17.default = "forwarding_wan_rule"
+e17.datatype = "uciname"
+e17.optional = true
+
+e18 = e:option(Value, "ban_lan_input_chain_6", translate("LAN Input Chain IPv6"))
+e18.default = "input_lan_rule"
+e18.datatype = "uciname"
+e18.optional = true
+
+e19 = e:option(Value, "ban_lan_forward_chain_6", translate("LAN Forward Chain IPv6"))
+e19.default = "forwarding_lan_rule"
+e19.datatype = "uciname"
+e19.optional = true
+
+e20 = e:option(ListValue, "ban_target_src_6", translate("SRC Target IPv6"))
+e20:value("REJECT")
+e20:value("DROP")
+e20.default = "DROP"
+e20.optional = true
+
+e21 = e:option(ListValue, "ban_target_dst_6", translate("DST Target IPv6"))
+e21:value("REJECT")
+e21:value("DROP")
+e21.default = "REJECT"
+e21.optional = true
+
+return m
diff --git a/applications/luci-app-banip/luasrc/model/cbi/banip/whitelist_tab.lua b/applications/luci-app-banip/luasrc/model/cbi/banip/whitelist_tab.lua
new file mode 100644
index 000000000..c56e40f11
--- /dev/null
+++ b/applications/luci-app-banip/luasrc/model/cbi/banip/whitelist_tab.lua
@@ -0,0 +1,55 @@
+-- Copyright 2018 Dirk Brenken (dev@brenken.org)
+-- This is free software, licensed under the Apache License, Version 2.0
+
+local fs = require("nixio.fs")
+local util = require("luci.util")
+local uci = require("luci.model.uci").cursor()
+local input = uci:get("banip", "whitelist", "ban_src") or uci:get("banip", "whitelist", "ban_src_6") or "/etc/banip/adblock.whitelist"
+
+if not fs.access(input) then
+ m = SimpleForm("error", nil, translate("Input file not found, please check your configuration."))
+ m.reset = false
+ m.submit = false
+ return m
+end
+
+if fs.stat(input).size >= 102400 then
+ m = SimpleForm("error", nil,
+ translate("The file size is too large for online editing in LuCI (&ge; 100 KB). ")
+ .. translate("Please edit this file directly in a terminal session."))
+ m.reset = false
+ m.submit = false
+ return m
+end
+
+m = SimpleForm("edit", nil)
+m:append(Template("banip/banip_css"))
+m.submit = translate("Save")
+m.reset = false
+
+s = m:section(SimpleSection, nil,
+ translatef("This form allows you to modify the content of the banIP whitelist (%s).<br />", input)
+ .. translate("Please add only one IPv4 or IPv6 address per line. IP ranges in CIDR notation and comments introduced with '#' are allowed."))
+
+f = s:option(TextValue, "data")
+f.datatype = "string"
+f.rows = 20
+f.rmempty = true
+
+function f.cfgvalue()
+ return fs.readfile(input) or ""
+end
+
+function f.write(self, section, data)
+ return fs.writefile(input, "\n" .. util.trim(data:gsub("\r\n", "\n")) .. "\n")
+end
+
+function f.remove(self, section, value)
+ return fs.writefile(input, "")
+end
+
+function s.handle(self, state, data)
+ return true
+end
+
+return m
diff --git a/applications/luci-app-banip/luasrc/view/banip/banip_css.htm b/applications/luci-app-banip/luasrc/view/banip/banip_css.htm
new file mode 100644
index 000000000..807102452
--- /dev/null
+++ b/applications/luci-app-banip/luasrc/view/banip/banip_css.htm
@@ -0,0 +1,91 @@
+<style type="text/css">
+ textarea
+ {
+ border: 1px solid #cccccc;
+ padding: 5px;
+ font-size: 12px;
+ font-family: monospace;
+ resize: none;
+ white-space: pre;
+ overflow-wrap: normal;
+ overflow-x: scroll;
+ }
+
+ select[readonly],
+ textarea[readonly]
+ {
+ width: 100%;
+ height: 450px;
+ border: 1px solid #cccccc;
+ padding: 5px;
+ font-size: 12px;
+ font-family: monospace;
+ resize: none;
+ pointer-events: auto;
+ cursor: auto;
+ }
+
+ .table.cbi-section-table .th,
+ .table.cbi-section-table .td,
+ .cbi-section-table-cell,
+ .cbi-section-table-row,
+ .tr[data-title]::before
+ {
+ text-align: left;
+ vertical-align: top;
+ margin-left: 0px;
+ padding-left: 2px;
+ }
+
+ .table.cbi-section-table .th
+ {
+ white-space: nowrap;
+ }
+
+ .cbi-section-table-row > .cbi-value-field .cbi-input-select,
+ .table.cbi-section-table select
+ {
+ width: 70px;
+ }
+
+ .cbi-section-table-row > .cbi-value-field [data-dynlist] > input,
+ .table.cbi-section-table input[type="text"],
+ .cbi-dynlist > .item,
+ .table.cbi-section-table input
+ {
+ width: 6em;
+ }
+
+ .cbi-input-checkbox
+ {
+ height: 1em;
+ }
+
+ .cbi-input-text
+ {
+ text-align: left;
+ padding-left: 2px;
+ outline: none;
+ box-shadow: none;
+ background: transparent;
+ width: 4em;
+ }
+
+ .runtime
+ {
+ color: #37c;
+ font-weight: bold;
+ display: inline-block;
+ width: 100%;
+ padding-top: 0.5rem;
+ }
+
+ .ripe_desc
+ {
+ font-style: italic;
+ display: inline-block;
+ width: 100%;
+ height: 20px;
+ margin: 2px 2px;
+ }
+</style>
diff --git a/applications/luci-app-banip/luasrc/view/banip/ipsetview.htm b/applications/luci-app-banip/luasrc/view/banip/ipsetview.htm
new file mode 100644
index 000000000..14932ffae
--- /dev/null
+++ b/applications/luci-app-banip/luasrc/view/banip/ipsetview.htm
@@ -0,0 +1,66 @@
+<%#
+Copyright 2018 Dirk Brenken (dev@brenken.org)
+This is free software, licensed under the Apache License, Version 2.0
+-%>
+
+<%-
+ local util = require("luci.util")
+ local ipsets = util.split(util.trim(util.exec("ipset -n -L 2>/dev/null | sort")), "\n", nil, true) or {}
+-%>
+
+<%+header%>
+<%+banip/banip_css%>
+
+<script type="text/javascript">
+//<![CDATA[
+ function ipset_view()
+ {
+ var ipset = div_ipsets.querySelector("#s_ipsets").value;
+ var filter = document.getElementById("checkbox_filter").checked;
+ var view = document.getElementById("view_id");
+
+ if (!ipset)
+ {
+ return;
+ }
+ view.value = "<%:Loading ...%>";
+
+ new XHR().get('<%=luci.dispatcher.build_url("admin", "services", "banip")%>/ipsetview/' + ipset + "/" + filter, null,
+ function(x)
+ {
+ if (!x)
+ {
+ view.value = "<%:No response!%>";
+ return;
+ }
+ view.value = x.responseText;
+ });
+ }
+//]]>
+</script>
+
+<div class="cbi-map">
+ <div class="cbi-section">
+ <div class="cbi-section-descr"><%:Check the current available IPSets.%></div>
+ <div class="cbi-section-node">
+ <div class="table cbi-section-table">
+ <div class="tr cbi-section-table-row">
+ <div class="td left">
+ <input class="cbi-input-checkbox" data-update="click change" type="checkbox" id="checkbox_filter" name="checkbox_filter" value="1" checked="checked" />
+ <label for="checkbox_filter"><%_Show only set member with packet counter &gt; 0%></label>
+ </div>
+ </div>
+ <div class="tr cbi-section-table-row" id="div_ipsets">
+ <div class="td left">
+ <select id="s_ipsets" class="cbi-input-select cbi-button" style="width:15em">
+ <%- for _, z in ipairs(ipsets) do -%><option value="<%=z%>"><%=z%></option><%- end -%>
+ </select>
+ <input type="button" id="bt_load" value="<%:Load%>" onclick="ipset_view()" class="cbi-button cbi-button-add" />
+ </div>
+ </div>
+ </div>
+ </div>
+ <textarea id="view_id" readonly="readonly" wrap="off" value=""></textarea>
+ </div>
+</div>
+<%+footer%>
diff --git a/applications/luci-app-banip/luasrc/view/banip/logview.htm b/applications/luci-app-banip/luasrc/view/banip/logview.htm
new file mode 100644
index 000000000..d298b24de
--- /dev/null
+++ b/applications/luci-app-banip/luasrc/view/banip/logview.htm
@@ -0,0 +1,36 @@
+<%#
+Copyright 2018 Dirk Brenken (dev@brenken.org)
+This is free software, licensed under the Apache License, Version 2.0
+-%>
+
+<%+header%>
+<%+banip/banip_css%>
+
+<script type="text/javascript">
+//<![CDATA[
+ function log_update()
+ {
+ XHR.poll(5, '<%=luci.dispatcher.build_url("admin", "services", "banip", "logview")%>', null,
+ function(x)
+ {
+ if (!x)
+ {
+ return;
+ }
+ var view = document.getElementById("view_id");
+ view.value = x.responseText;
+ view.scrollTop = view.scrollHeight;
+ });
+ }
+ window.onload = log_update();
+//]]>
+</script>
+
+<div class="cbi-map">
+ <div class="cbi-section">
+ <div class="cbi-section-descr"><%:The syslog output, pre-filtered for banIP related messages only.%></div>
+ <textarea id="view_id" readonly="readonly" wrap="off" value=""></textarea>
+ </div>
+</div>
+
+<%+footer%>
diff --git a/applications/luci-app-banip/luasrc/view/banip/ripeview.htm b/applications/luci-app-banip/luasrc/view/banip/ripeview.htm
new file mode 100644
index 000000000..118504fd6
--- /dev/null
+++ b/applications/luci-app-banip/luasrc/view/banip/ripeview.htm
@@ -0,0 +1,105 @@
+<%#
+Copyright 2018 Dirk Brenken (dev@brenken.org)
+This is free software, licensed under the Apache License, Version 2.0
+-%>
+
+<%+header%>
+<%+banip/banip_css%>
+
+<script type="text/javascript">
+//<![CDATA[
+ function ripe_desc()
+ {
+ var query = div_ripe.querySelector("#s_ripe").value;
+ var output = document.getElementById("ripe_desc");
+
+ switch (query) {
+ case "geoloc":
+ output.innerHTML = "<%:This data call returns geolocation information for the given IP space, or for announced IP prefixes in the case of ASNs.%>";
+ break;
+ case "as-overview":
+ output.innerHTML = "<%:This data call shows general informations about an ASN like its announcement status and the name of its holder according to the WHOIS service.%>";
+ break;
+ case "announced-prefixes":
+ output.innerHTML = "<%:This data call returns all announced prefixes for a given ASN.%>";
+ break;
+ case "network-info":
+ output.innerHTML = "<%:This data call returns the containing prefix and announcing ASN of a given IP address.%>";
+ break;
+ case "country-resource-list":
+ output.innerHTML = "<%:This data call lists the Internet resources associated with a country, including ASNs, IPv4 ranges and IPv4/6 CIDR prefixes.%>";
+ break;
+ case "whois":
+ output.innerHTML = "<%:This data call returns whois information from the relevant Regional Internet Registry and Routing Registry.%>";
+ break;
+ case "dns-chain":
+ output.innerHTML = "<%:This data call returns the recursive chain of DNS forward (A/AAAA/CNAME) and reverse (PTR) records starting form either a hostname or an IP address.%>";
+ break;
+ case "iana-registry-info":
+ output.innerHTML = "<%:This data call gives access to various data sources maintained by IANA.%>";
+ break;
+ default:
+ output.innerHTML = "";
+ }
+ }
+
+ function ripe_view()
+ {
+ var query = div_ripe.querySelector("#s_ripe").value;
+ var input = document.getElementById("ripe_input");
+ var view = document.getElementById("view_id");
+
+ if (!input.value)
+ {
+ return;
+ }
+ view.value = "<%:Loading ...%>";
+
+ new XHR().get('<%=luci.dispatcher.build_url("admin", "services", "banip")%>/ripeview/' + query + "/" + input.value, null,
+ function(x)
+ {
+ if (!x)
+ {
+ view.value = "<%:No response!%>";
+ return;
+ }
+ view.value = x.responseText;
+ });
+ }
+ window.onload = ripe_desc;
+//]]>
+</script>
+
+<div class="cbi-map">
+ <div class="cbi-section">
+ <div class="cbi-section-descr"><%_The RIPEstat Data API is the public data interface provided by RIPE NCC, for details look <a href="https://stat.ripe.net/docs/data_api" target="_blank" rel="noopener noreferrer">here</a>.%></div>
+ <div class="cbi-section-node">
+ <div class="table cbi-section-table">
+ <div class="tr cbi-section-table-row">
+ <div class="td left">
+ <input class="cbi-input-text" style="width:20em" type="text" id="ripe_input" placeholder="<%:Enter IP/CIDR/ASN/ISO%>" value="" />
+ </div>
+ </div>
+ <div class="tr cbi-section-table-row" id="div_ripe">
+ <div class="td left">
+ <select id="s_ripe" class="cbi-input-select cbi-button" style="width:15em" onchange="ripe_desc()">
+ <option value="geoloc" selected="selected"><%:Geo Location%></option>
+ <option value="as-overview"><%:ASN Overview%></option>
+ <option value="announced-prefixes"><%:ASN Prefixes%></option>
+ <option value="network-info"><%:IP/ASN Mapping%></option>
+ <option value="country-resource-list"><%:Country Resources%></option>
+ <option value="whois"><%:Whois Information%></option>
+ <option value="dns-chain"><%:DNS Chain%></option>
+ <option value="iana-registry-info"><%:IANA Information%></option>
+ </select>
+ <input type="button" id="bt_load" value="<%:Load%>" onclick="ripe_view()" class="cbi-button cbi-button-add" /><br /><br />
+ <span class="ripe_desc" id="ripe_desc"></span>
+ </div>
+ </div>
+ </div>
+ </div>
+ <textarea id="view_id" readonly="readonly" wrap="off" value=""></textarea>
+ </div>
+</div>
+
+<%+footer%> \ No newline at end of file
diff --git a/applications/luci-app-banip/luasrc/view/banip/runtime.htm b/applications/luci-app-banip/luasrc/view/banip/runtime.htm
new file mode 100644
index 000000000..041fcb143
--- /dev/null
+++ b/applications/luci-app-banip/luasrc/view/banip/runtime.htm
@@ -0,0 +1,130 @@
+<%#
+Copyright 2018 Dirk Brenken (dev@brenken.org)
+This is free software, licensed under the Apache License, Version 2.0
+-%>
+
+<%+banip/banip_css%>
+<script type="text/javascript">
+//<![CDATA[
+ function status_update(json)
+ {
+ var btn1 = document.getElementById("btn1");
+ var btn1_running = document.getElementById("btn1_running");
+ var view = document.getElementById("value_1");
+ var input = json.data.status;
+
+ btn1.value = "<%:Refresh%>";
+ btn1.name = "do_refresh";
+ view.innerHTML = input || "-";
+ if (input != "running")
+ {
+ btn1.disabled = false;
+ running(btn1_running, 0);
+ }
+ view = document.getElementById("value_2");
+ input = json.data.version;
+ view.innerHTML = input || "-";
+ view = document.getElementById("value_3");
+ input = json.data.fetch_info;
+ view.innerHTML = input || "-";
+ view = document.getElementById("value_4");
+ input = json.data.ipset_info;
+ view.innerHTML = input || "-";
+ view = document.getElementById("value_5");
+ input = json.data.last_run;
+ view.innerHTML = input || "-";
+ }
+
+function btn_action(action)
+ {
+ var btn1 = document.getElementById("btn1");
+ var btn1_running = document.getElementById("btn1_running");
+
+ btn1.disabled = true;
+ running(btn1_running, 1);
+
+ new XHR.get('<%=luci.dispatcher.build_url("admin", "services", "banip")%>/action/' + action.name, null,
+ function(x)
+ {
+ if (!x)
+ {
+ return;
+ }
+ });
+ }
+
+ function running(element, state)
+ {
+ if (state === 1)
+ {
+ var running_html = '<img src="<%=resource%>/icons/loading.gif" alt="<%:Loading%>" width="16" height="16" style="vertical-align:middle" />';
+ element.innerHTML = running_html;
+ }
+ else
+ {
+ element.innerHTML = '';
+ }
+ }
+
+ XHR.get('<%=luci.dispatcher.build_url("admin", "services", "banip", "status")%>', null,
+ function(x, json_info)
+ {
+ if (!x || !json_info)
+ {
+ return;
+ }
+ status_update(json_info)
+ });
+
+ XHR.poll(5, '<%=luci.dispatcher.build_url("admin", "services", "banip", "status")%>', null,
+ function(x, json_info)
+ {
+ if (!x || !json_info)
+ {
+ return;
+ }
+ status_update(json_info)
+ });
+//]]>
+</script>
+
+<h3><%:Runtime Information%></h3>
+<div class="cbi-value" id="status_1">
+ <label class="cbi-value-title" for="status_1"><%:banIP Status%></label>
+ <div class="cbi-value-field">
+ <span class="runtime" id="value_1">-</span>
+ </div>
+</div>
+<div class="cbi-value" id="status_2">
+ <label class="cbi-value-title" for="status_2"><%:banIP Version%></label>
+ <div class="cbi-value-field">
+ <span class="runtime" id="value_2">-</span>
+ </div>
+</div>
+<div class="cbi-value" id="status_3">
+ <label class="cbi-value-title" for="status_3"><%:Download Utility (SSL Library)%></label>
+ <div class="cbi-value-field">
+ <span class="runtime" id="value_3">-</span>
+ </div>
+</div>
+<div class="cbi-value" id="status_4">
+ <label class="cbi-value-title" for="status_4"><%:IPSet Information%></label>
+ <div class="cbi-value-field">
+ <span class="runtime" id="value_4">-</span>
+ </div>
+</div>
+<div class="cbi-value" id="status_5">
+ <label class="cbi-value-title" for="status_5"><%:Last Run%></label>
+ <div class="cbi-value-field">
+ <span class="runtime" id="value_5">-</span>
+ </div>
+</div>
+<hr />
+<div class="cbi-value" id="button_1">
+ <label class="cbi-value-title" for="button_1"><%:Refresh IPSets%></label>
+ <div class="cbi-value-field">
+ <input class="cbi-button cbi-button-apply" id="btn1" type="button" name="do_refresh" value="<%:Refresh%>" onclick="btn_action(this)" />
+ <span id="btn1_running" style="display:inline-block; width:16px; height:16px; margin:0 5px"></span>
+ </div>
+</div>
+
diff --git a/applications/luci-app-banip/luasrc/view/banip/sourcelist.htm b/applications/luci-app-banip/luasrc/view/banip/sourcelist.htm
new file mode 100644
index 000000000..743886f88
--- /dev/null
+++ b/applications/luci-app-banip/luasrc/view/banip/sourcelist.htm
@@ -0,0 +1,47 @@
+<%#
+Copyright 2018 Dirk Brenken (dev@brenken.org)
+This is free software, licensed under the Apache License, Version 2.0
+-%>
+
+<%-
+local anonclass = (not self.anonymous or self.sectiontitle) and "named" or "anonymous"
+-%>
+
+<%+banip/banip_css%>
+
+<div class="cbi-section" id="cbi-<%=self.config%>-<%=self.sectiontype%>">
+ <% if self.title then -%>
+ <h3><%=self.title%></h3>
+ <%- end %>
+ <div class="cbi-section-descr"><%=self.description%></div>
+ <div class="cbi-section-node">
+ <div class="table cbi-section-table">
+ <div class="tr cbi-section-table-titles <%=anonclass%>">
+ <%- for i, k in pairs(self.children) do -%>
+ <div class="th cbi-section-table-cell">
+ <%-=k.title-%>
+ </div>
+ <%- end -%>
+ </div>
+ <%- local section, scope, isempty = true
+ for i, k in ipairs(self:cfgsections()) do
+ section = k
+ local sectionname = striptags((type(self.sectiontitle) == "function") and self:sectiontitle(section) or k)
+ local sectiontitle = ifattr(sectionname and (not self.anonymous or self.sectiontitle), "data-title", sectionname)
+ isempty = false
+ scope = { valueheader = "cbi/cell_valueheader", valuefooter = "cbi/cell_valuefooter" }
+ -%>
+ <div class="tr cbi-section-table-row" id="cbi-<%=self.config%>-<%=section%>"<%=sectiontitle%>>
+ <%-
+ for k, node in ipairs(self.children) do
+ node:render(section, scope or {})
+ end
+ if not scope.cbid:match("ban_src_cat") then
+ -%>
+ <div class="td cbi-value-field">&#160;</div>
+ <%- end -%>
+ </div>
+ <%- end -%>
+ </div>
+ </div>
+</div>
diff --git a/applications/luci-app-banip/root/etc/uci-defaults/40_luci-banip b/applications/luci-app-banip/root/etc/uci-defaults/40_luci-banip
new file mode 100755
index 000000000..adb22da91
--- /dev/null
+++ b/applications/luci-app-banip/root/etc/uci-defaults/40_luci-banip
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+uci -q batch <<-EOF >/dev/null
+ delete ucitrack.@banip[-1]
+ add ucitrack banip
+ set ucitrack.@banip[-1].init=banip
+ commit ucitrack
+EOF
+
+rm -f /tmp/luci-indexcache
+exit 0