diff options
13 files changed, 960 insertions, 0 deletions
diff --git a/applications/luci-app-banip/Makefile b/applications/luci-app-banip/Makefile new file mode 100644 index 000000000..1936bc36b --- /dev/null +++ b/applications/luci-app-banip/Makefile @@ -0,0 +1,12 @@ +# Copyright 2018 Dirk Brenken (dev@brenken.org) +# This is free software, licensed under the Apache License, Version 2.0 + +include $(TOPDIR)/rules.mk + +LUCI_TITLE:=LuCI support for banIP +LUCI_DEPENDS:=+banip +luci-lib-jsonc +LUCI_PKGARCH:=all + +include ../../luci.mk + +# call BuildPackage - OpenWrt buildroot signature diff --git a/applications/luci-app-banip/luasrc/controller/banip.lua b/applications/luci-app-banip/luasrc/controller/banip.lua new file mode 100644 index 000000000..e201295d5 --- /dev/null +++ b/applications/luci-app-banip/luasrc/controller/banip.lua @@ -0,0 +1,100 @@ +-- Copyright 2018 Dirk Brenken (dev@brenken.org) +-- This is free software, licensed under the Apache License, Version 2.0 + +module("luci.controller.banip", package.seeall) + +local util = require("luci.util") +local http = require("luci.http") +local i18n = require("luci.i18n") +local json = require("luci.jsonc") +local uci = require("luci.model.uci").cursor() + +function index() + if not nixio.fs.access("/etc/config/banip") then + return + end + entry({"admin", "services", "banip"}, firstchild(), _("banIP"), 40).dependent = false + entry({"admin", "services", "banip", "tab_from_cbi"}, cbi("banip/overview_tab", {hideresetbtn=true, hidesavebtn=true}), _("Overview"), 10).leaf = true + entry({"admin", "services", "banip", "ipset"}, template("banip/ipsetview"), _("IPSet-Lookup"), 20).leaf = true + entry({"admin", "services", "banip", "ripe"}, template("banip/ripeview"), _("RIPE-Lookup"), 30).leaf = true + entry({"admin", "services", "banip", "log"}, template("banip/logview"), _("View Logfile"), 40).leaf = true + entry({"admin", "services", "banip", "advanced"}, firstchild(), _("Advanced"), 100) + entry({"admin", "services", "banip", "advanced", "blacklist"}, form("banip/blacklist_tab"), _("Edit Blacklist"), 110).leaf = true + entry({"admin", "services", "banip", "advanced", "whitelist"}, form("banip/whitelist_tab"), _("Edit Whitelist"), 120).leaf = true + entry({"admin", "services", "banip", "advanced", "configuration"}, form("banip/configuration_tab"), _("Edit Configuration"), 130).leaf = true + entry({"admin", "services", "banip", "ipsetview"}, call("ipset_view"), nil).leaf = true + entry({"admin", "services", "banip", "ripeview"}, call("ripe_view"), nil).leaf = true + entry({"admin", "services", "banip", "logview"}, call("log_view"), nil).leaf = true + entry({"admin", "services", "banip", "status"}, call("status_update"), nil).leaf = true + entry({"admin", "services", "banip", "action"}, call("ban_action"), nil).leaf = true +end + +function ban_action(name) + if name == "do_refresh" then + luci.sys.call("/etc/init.d/banip start >/dev/null 2>&1") + end + luci.http.prepare_content("text/plain") + luci.http.write("0") +end + +function status_update() + local rt_file + local content + + rt_file = uci:get("banip", "global", "ban_rtfile") or "/tmp/ban_runtime.json" + + if nixio.fs.access(rt_file) then + content = json.parse(nixio.fs.readfile(rt_file) or "") + http.prepare_content("application/json") + http.write_json(content) + end +end + +function log_view() + local content + + if nixio.fs.access("/var/log/messages") then + content = util.trim(util.exec("grep -F 'banIP-' /var/log/messages")) + else + content = util.trim(util.exec("logread -e 'banIP-' 2>/dev/null")) + end + + if content == "" then + content = "No banIP related logs yet!" + end + http.write(content) +end + +function ipset_view(ipset, filter) + local content + + if not (ipset or filter) then + return + end + + if filter == "false" then + content = util.trim(util.exec("ipset -L " .. ipset .. " 2>/dev/null")) + else + content = util.trim(util.exec("ipset -L " .. ipset .. " 2>/dev/null | grep -e 'packets [1-9]\\|^[A-Z]'")) + end + + if content == "" then + content = "IPSet is empty!" + end + http.write(content) +end + +function ripe_view(query, input) + local content + + if not (query or input) then + return + end + + content = util.trim(util.exec("uclient-fetch --no-check-certificate -O- https://stat.ripe.net/data/" ..query.. "/data.json?resource=" ..input.. " 2>/dev/null")) + + if content == "" then + content = "No response!" + end + http.write(content) +end diff --git a/applications/luci-app-banip/luasrc/model/cbi/banip/blacklist_tab.lua b/applications/luci-app-banip/luasrc/model/cbi/banip/blacklist_tab.lua new file mode 100644 index 000000000..422182f4f --- /dev/null +++ b/applications/luci-app-banip/luasrc/model/cbi/banip/blacklist_tab.lua @@ -0,0 +1,55 @@ +-- Copyright 2018 Dirk Brenken (dev@brenken.org) +-- This is free software, licensed under the Apache License, Version 2.0 + +local fs = require("nixio.fs") +local util = require("luci.util") +local uci = require("luci.model.uci").cursor() +local input = uci:get("banip", "blacklist", "ban_src") or uci:get("banip", "blacklist", "ban_src_6") or "/etc/banip/adblock.blacklist" + +if not fs.access(input) then + m = SimpleForm("error", nil, translate("Input file not found, please check your configuration.")) + m.reset = false + m.submit = false + return m +end + +if fs.stat(input).size >= 102400 then + m = SimpleForm("error", nil, + translate("The file size is too large for online editing in LuCI (≥ 100 KB). ") + .. translate("Please edit this file directly in a terminal session.")) + m.reset = false + m.submit = false + return m +end + +m = SimpleForm("edit", nil) +m:append(Template("banip/banip_css")) +m.submit = translate("Save") +m.reset = false + +s = m:section(SimpleSection, nil, + translatef("This form allows you to modify the content of the banIP blacklist (%s).<br />", input) + .. translate("Please add only one IPv4 or IPv6 address per line. IP ranges in CIDR notation and comments introduced with '#' are allowed.")) + +f = s:option(TextValue, "data") +f.datatype = "string" +f.rows = 20 +f.rmempty = true + +function f.cfgvalue() + return fs.readfile(input) or "" +end + +function f.write(self, section, data) + return fs.writefile(input, "\n" .. util.trim(data:gsub("\r\n", "\n")) .. "\n") +end + +function f.remove(self, section, value) + return fs.writefile(input, "") +end + +function s.handle(self, state, data) + return true +end + +return m diff --git a/applications/luci-app-banip/luasrc/model/cbi/banip/configuration_tab.lua b/applications/luci-app-banip/luasrc/model/cbi/banip/configuration_tab.lua new file mode 100644 index 000000000..f90b11be0 --- /dev/null +++ b/applications/luci-app-banip/luasrc/model/cbi/banip/configuration_tab.lua @@ -0,0 +1,52 @@ +-- Copyright 2018 Dirk Brenken (dev@brenken.org) +-- This is free software, licensed under the Apache License, Version 2.0 + +local fs = require("nixio.fs") +local util = require("luci.util") +local input = "/etc/config/banip" + +if not fs.access(input) then + m = SimpleForm("error", nil, translate("Input file not found, please check your configuration.")) + m.reset = false + m.submit = false + return m +end + +if fs.stat(input).size >= 102400 then + m = SimpleForm("error", nil, + translate("The file size is too large for online editing in LuCI (≥ 100 KB). ") + .. translate("Please edit this file directly in a terminal session.")) + m.reset = false + m.submit = false + return m +end + +m = SimpleForm("edit", nil) +m:append(Template("banip/banip_css")) +m.submit = translate("Save") +m.reset = false + +s = m:section(SimpleSection, nil, + translate("This form allows you to modify the content of the main banIP configuration file (/etc/config/banip).")) + +f = s:option(TextValue, "data") +f.rows = 20 +f.rmempty = true + +function f.cfgvalue() + return fs.readfile(input) or "" +end + +function f.write(self, section, data) + return fs.writefile(input, "\n" .. util.trim(data:gsub("\r\n", "\n")) .. "\n") +end + +function f.remove(self, section, value) + return fs.writefile(input, "") +end + +function s.handle(self, state, data) + return true +end + +return m diff --git a/applications/luci-app-banip/luasrc/model/cbi/banip/overview_tab.lua b/applications/luci-app-banip/luasrc/model/cbi/banip/overview_tab.lua new file mode 100644 index 000000000..00bb5e426 --- /dev/null +++ b/applications/luci-app-banip/luasrc/model/cbi/banip/overview_tab.lua @@ -0,0 +1,200 @@ +-- Copyright 2018 Dirk Brenken (dev@brenken.org) +-- This is free software, licensed under the Apache License, Version 2.0 + +local fs = require("nixio.fs") +local uci = require("luci.model.uci").cursor() +local sys = require("luci.sys") +local net = require "luci.model.network".init() +local util = require("luci.util") +local dump = util.ubus("network.interface", "dump", {}) +local devices = sys.net:devices() + +m = Map("banip", translate("banIP"), + translate("Configuration of the banIP package to block ip adresses/subnets via IPSet. ") + .. translatef("For further information " + .. "<a href=\"%s\" target=\"_blank\">" + .. "check the online documentation</a>", "https://github.com/openwrt/packages/blob/master/net/banip/files/README.md")) + +-- Main banIP Options + +s = m:section(NamedSection, "global", "banip") + +o1 = s:option(Flag, "ban_enabled", translate("Enable banIP")) +o1.default = o1.disabled +o1.rmempty = false + +o2 = s:option(Flag, "ban_automatic", translate("Automatic WAN Interface Detection")) +o2.default = o2.enabled +o2.rmempty = false + +o3 = s:option(ListValue, "ban_iface", " ") +for _, dev in ipairs(devices) do + if dev ~= "lo" and dev ~= "br-lan" then + local iface = net:get_interface(dev) + if iface then + iface = iface:get_networks() or {} + for k, v in pairs(iface) do + iface[k] = iface[k].sid + if iface[k] ~= "lan" then + o3:value(iface[k], iface[k].. " (" ..dev.. ")") + end + end + end + end +end +o3.default = ban_iface +o3.rmempty = false + +o4 = s:option(ListValue, "ban_fetchutil", translate("Download Utility"), + translate("List of supported and fully pre-configured download utilities.")) +o4:value("uclient-fetch") +o4:value("wget") +o4:value("curl") +o4:value("aria2c") +o4:value("wget-nossl", "wget-nossl (noSSL)") +o4:value("busybox", "wget-busybox (noSSL)") +o4.default = "uclient-fetch" +o4.rmempty = false + +-- Runtime Information + +ds = s:option(DummyValue, "_dummy") +ds.template = "banip/runtime" + +-- Source Table + +bl = m:section(TypedSection, "source", translate("IP Blocklist Sources")) +bl.template = "banip/sourcelist" + +ssl = bl:option(DummyValue, "ban_src", translate("SSL req.")) +function ssl.cfgvalue(self, section) + local source = self.map:get(section, "ban_src") or self.map:get(section, "ban_src_6") + if source then + if source:match("https://") then + return translate("Yes") + else + return translate("No") + end + end + return translate("n/a") +end + +name_4 = bl:option(Flag, "ban_src_on", translate("enable IPv4")) +name_4.rmempty = false + +name_6 = bl:option(Flag, "ban_src_on_6", translate("enable IPv6")) +name_6.rmempty = false + +type = bl:option(ListValue, "ban_src_ruletype", translate("SRC/DST")) +type:value("src") +type:value("dst") +type:value("src+dst") +type.default = "src" +type.rmempty = false + +des = bl:option(DummyValue, "ban_src_desc", translate("Description")) + +cat = bl:option(DynamicList, "ban_src_cat", translate("ASN/Country")) +cat.datatype = "uciname" +cat.optional = true + +-- Extra options + +e = m:section(NamedSection, "extra", "banip", translate("Extra Options"), + translate("Options for further tweaking in case the defaults are not suitable for you.")) + +e1 = e:option(Flag, "ban_debug", translate("Verbose Debug Logging"), + translate("Enable verbose debug logging in case of any processing error.")) +e1.default = e1.disabled +e1.rmempty = false + +e2 = e:option(Flag, "ban_nice", translate("Low Priority Service"), + translate("Set the nice level to 'low priority' and banIP background processing will take less resources from the system. ") + ..translate("This change requires a manual service stop/re-start to take effect.")) +e2.default = e2.disabled +e2.disabled = "0" +e2.enabled = "10" +e2.rmempty = false + +e3 = e:option(Value, "ban_maxqueue", translate("Max. Download Queue"), + translate("Size of the download queue to handle downloads & IPset processing in parallel (default '8'). ") + .. translate("For further performance improvements you can raise this value, e.g. '16' or '32' should be safe.")) +e3.default = 8 +e3.datatype = "range(1,32)" +e3.rmempty = false + +e4 = e:option(Value, "ban_triggerdelay", translate("Trigger Delay"), + translate("Additional trigger delay in seconds before banIP processing begins.")) +e4.default = 2 +e4.datatype = "range(1,60)" +e4.optional = true + +e5 = e:option(Value, "ban_fetchparm", translate("Download Options"), + translate("Special options for the selected download utility, e.g. '--timeout=20 --no-check-certificate -O'.")) +e5.optional = true + +e10 = e:option(Value, "ban_wan_input_chain", translate("WAN Input Chain IPv4")) +e10.default = "input_wan_rule" +e10.datatype = "uciname" +e10.optional = true + +e11 = e:option(Value, "ban_wan_forward_chain", translate("WAN Forward Chain IPv4")) +e11.default = "forwarding_wan_rule" +e11.datatype = "uciname" +e11.optional = true + +e12 = e:option(Value, "ban_lan_input_chain", translate("LAN Input Chain IPv4")) +e12.default = "input_lan_rule" +e12.datatype = "uciname" +e12.optional = true + +e13 = e:option(Value, "ban_lan_forward_chain", translate("LAN Forward Chain IPv4")) +e13.default = "forwarding_lan_rule" +e13.datatype = "uciname" +e13.optional = true + +e14 = e:option(ListValue, "ban_target_src", translate("SRC Target IPv4")) +e14:value("REJECT") +e14:value("DROP") +e14.default = "DROP" +e14.optional = true + +e15 = e:option(ListValue, "ban_target_dst", translate("DST Target IPv4")) +e15:value("REJECT") +e15:value("DROP") +e15.default = "REJECT" +e15.optional = true + +e16 = e:option(Value, "ban_wan_input_chain_6", translate("WAN Input Chain IPv6")) +e16.default = "input_wan_rule" +e16.datatype = "uciname" +e16.optional = true + +e17 = e:option(Value, "ban_wan_forward_chain_6", translate("WAN Forward Chain IPv6")) +e17.default = "forwarding_wan_rule" +e17.datatype = "uciname" +e17.optional = true + +e18 = e:option(Value, "ban_lan_input_chain_6", translate("LAN Input Chain IPv6")) +e18.default = "input_lan_rule" +e18.datatype = "uciname" +e18.optional = true + +e19 = e:option(Value, "ban_lan_forward_chain_6", translate("LAN Forward Chain IPv6")) +e19.default = "forwarding_lan_rule" +e19.datatype = "uciname" +e19.optional = true + +e20 = e:option(ListValue, "ban_target_src_6", translate("SRC Target IPv6")) +e20:value("REJECT") +e20:value("DROP") +e20.default = "DROP" +e20.optional = true + +e21 = e:option(ListValue, "ban_target_dst_6", translate("DST Target IPv6")) +e21:value("REJECT") +e21:value("DROP") +e21.default = "REJECT" +e21.optional = true + +return m diff --git a/applications/luci-app-banip/luasrc/model/cbi/banip/whitelist_tab.lua b/applications/luci-app-banip/luasrc/model/cbi/banip/whitelist_tab.lua new file mode 100644 index 000000000..c56e40f11 --- /dev/null +++ b/applications/luci-app-banip/luasrc/model/cbi/banip/whitelist_tab.lua @@ -0,0 +1,55 @@ +-- Copyright 2018 Dirk Brenken (dev@brenken.org) +-- This is free software, licensed under the Apache License, Version 2.0 + +local fs = require("nixio.fs") +local util = require("luci.util") +local uci = require("luci.model.uci").cursor() +local input = uci:get("banip", "whitelist", "ban_src") or uci:get("banip", "whitelist", "ban_src_6") or "/etc/banip/adblock.whitelist" + +if not fs.access(input) then + m = SimpleForm("error", nil, translate("Input file not found, please check your configuration.")) + m.reset = false + m.submit = false + return m +end + +if fs.stat(input).size >= 102400 then + m = SimpleForm("error", nil, + translate("The file size is too large for online editing in LuCI (≥ 100 KB). ") + .. translate("Please edit this file directly in a terminal session.")) + m.reset = false + m.submit = false + return m +end + +m = SimpleForm("edit", nil) +m:append(Template("banip/banip_css")) +m.submit = translate("Save") +m.reset = false + +s = m:section(SimpleSection, nil, + translatef("This form allows you to modify the content of the banIP whitelist (%s).<br />", input) + .. translate("Please add only one IPv4 or IPv6 address per line. IP ranges in CIDR notation and comments introduced with '#' are allowed.")) + +f = s:option(TextValue, "data") +f.datatype = "string" +f.rows = 20 +f.rmempty = true + +function f.cfgvalue() + return fs.readfile(input) or "" +end + +function f.write(self, section, data) + return fs.writefile(input, "\n" .. util.trim(data:gsub("\r\n", "\n")) .. "\n") +end + +function f.remove(self, section, value) + return fs.writefile(input, "") +end + +function s.handle(self, state, data) + return true +end + +return m diff --git a/applications/luci-app-banip/luasrc/view/banip/banip_css.htm b/applications/luci-app-banip/luasrc/view/banip/banip_css.htm new file mode 100644 index 000000000..807102452 --- /dev/null +++ b/applications/luci-app-banip/luasrc/view/banip/banip_css.htm @@ -0,0 +1,91 @@ +<style type="text/css"> + textarea + { + border: 1px solid #cccccc; + padding: 5px; + font-size: 12px; + font-family: monospace; + resize: none; + white-space: pre; + overflow-wrap: normal; + overflow-x: scroll; + } + + select[readonly], + textarea[readonly] + { + width: 100%; + height: 450px; + border: 1px solid #cccccc; + padding: 5px; + font-size: 12px; + font-family: monospace; + resize: none; + pointer-events: auto; + cursor: auto; + } + + .table.cbi-section-table .th, + .table.cbi-section-table .td, + .cbi-section-table-cell, + .cbi-section-table-row, + .tr[data-title]::before + { + text-align: left; + vertical-align: top; + margin-left: 0px; + padding-left: 2px; + } + + .table.cbi-section-table .th + { + white-space: nowrap; + } + + .cbi-section-table-row > .cbi-value-field .cbi-input-select, + .table.cbi-section-table select + { + width: 70px; + } + + .cbi-section-table-row > .cbi-value-field [data-dynlist] > input, + .table.cbi-section-table input[type="text"], + .cbi-dynlist > .item, + .table.cbi-section-table input + { + width: 6em; + } + + .cbi-input-checkbox + { + height: 1em; + } + + .cbi-input-text + { + text-align: left; + padding-left: 2px; + outline: none; + box-shadow: none; + background: transparent; + width: 4em; + } + + .runtime + { + color: #37c; + font-weight: bold; + display: inline-block; + width: 100%; + padding-top: 0.5rem; + } + + .ripe_desc + { + font-style: italic; + display: inline-block; + width: 100%; + height: 20px; + margin: 2px 2px; + } +</style> diff --git a/applications/luci-app-banip/luasrc/view/banip/ipsetview.htm b/applications/luci-app-banip/luasrc/view/banip/ipsetview.htm new file mode 100644 index 000000000..14932ffae --- /dev/null +++ b/applications/luci-app-banip/luasrc/view/banip/ipsetview.htm @@ -0,0 +1,66 @@ +<%# +Copyright 2018 Dirk Brenken (dev@brenken.org) +This is free software, licensed under the Apache License, Version 2.0 +-%> + +<%- + local util = require("luci.util") + local ipsets = util.split(util.trim(util.exec("ipset -n -L 2>/dev/null | sort")), "\n", nil, true) or {} +-%> + +<%+header%> +<%+banip/banip_css%> + +<script type="text/javascript"> +//<![CDATA[ + function ipset_view() + { + var ipset = div_ipsets.querySelector("#s_ipsets").value; + var filter = document.getElementById("checkbox_filter").checked; + var view = document.getElementById("view_id"); + + if (!ipset) + { + return; + } + view.value = "<%:Loading ...%>"; + + new XHR().get('<%=luci.dispatcher.build_url("admin", "services", "banip")%>/ipsetview/' + ipset + "/" + filter, null, + function(x) + { + if (!x) + { + view.value = "<%:No response!%>"; + return; + } + view.value = x.responseText; + }); + } +//]]> +</script> + +<div class="cbi-map"> + <div class="cbi-section"> + <div class="cbi-section-descr"><%:Check the current available IPSets.%></div> + <div class="cbi-section-node"> + <div class="table cbi-section-table"> + <div class="tr cbi-section-table-row"> + <div class="td left"> + <input class="cbi-input-checkbox" data-update="click change" type="checkbox" id="checkbox_filter" name="checkbox_filter" value="1" checked="checked" /> + <label for="checkbox_filter"><%_Show only set member with packet counter > 0%></label> + </div> + </div> + <div class="tr cbi-section-table-row" id="div_ipsets"> + <div class="td left"> + <select id="s_ipsets" class="cbi-input-select cbi-button" style="width:15em"> + <%- for _, z in ipairs(ipsets) do -%><option value="<%=z%>"><%=z%></option><%- end -%> + </select> + <input type="button" id="bt_load" value="<%:Load%>" onclick="ipset_view()" class="cbi-button cbi-button-add" /> + </div> + </div> + </div> + </div> + <textarea id="view_id" readonly="readonly" wrap="off" value=""></textarea> + </div> +</div> +<%+footer%> diff --git a/applications/luci-app-banip/luasrc/view/banip/logview.htm b/applications/luci-app-banip/luasrc/view/banip/logview.htm new file mode 100644 index 000000000..d298b24de --- /dev/null +++ b/applications/luci-app-banip/luasrc/view/banip/logview.htm @@ -0,0 +1,36 @@ +<%# +Copyright 2018 Dirk Brenken (dev@brenken.org) +This is free software, licensed under the Apache License, Version 2.0 +-%> + +<%+header%> +<%+banip/banip_css%> + +<script type="text/javascript"> +//<![CDATA[ + function log_update() + { + XHR.poll(5, '<%=luci.dispatcher.build_url("admin", "services", "banip", "logview")%>', null, + function(x) + { + if (!x) + { + return; + } + var view = document.getElementById("view_id"); + view.value = x.responseText; + view.scrollTop = view.scrollHeight; + }); + } + window.onload = log_update(); +//]]> +</script> + +<div class="cbi-map"> + <div class="cbi-section"> + <div class="cbi-section-descr"><%:The syslog output, pre-filtered for banIP related messages only.%></div> + <textarea id="view_id" readonly="readonly" wrap="off" value=""></textarea> + </div> +</div> + +<%+footer%> diff --git a/applications/luci-app-banip/luasrc/view/banip/ripeview.htm b/applications/luci-app-banip/luasrc/view/banip/ripeview.htm new file mode 100644 index 000000000..118504fd6 --- /dev/null +++ b/applications/luci-app-banip/luasrc/view/banip/ripeview.htm @@ -0,0 +1,105 @@ +<%# +Copyright 2018 Dirk Brenken (dev@brenken.org) +This is free software, licensed under the Apache License, Version 2.0 +-%> + +<%+header%> +<%+banip/banip_css%> + +<script type="text/javascript"> +//<![CDATA[ + function ripe_desc() + { + var query = div_ripe.querySelector("#s_ripe").value; + var output = document.getElementById("ripe_desc"); + + switch (query) { + case "geoloc": + output.innerHTML = "<%:This data call returns geolocation information for the given IP space, or for announced IP prefixes in the case of ASNs.%>"; + break; + case "as-overview": + output.innerHTML = "<%:This data call shows general informations about an ASN like its announcement status and the name of its holder according to the WHOIS service.%>"; + break; + case "announced-prefixes": + output.innerHTML = "<%:This data call returns all announced prefixes for a given ASN.%>"; + break; + case "network-info": + output.innerHTML = "<%:This data call returns the containing prefix and announcing ASN of a given IP address.%>"; + break; + case "country-resource-list": + output.innerHTML = "<%:This data call lists the Internet resources associated with a country, including ASNs, IPv4 ranges and IPv4/6 CIDR prefixes.%>"; + break; + case "whois": + output.innerHTML = "<%:This data call returns whois information from the relevant Regional Internet Registry and Routing Registry.%>"; + break; + case "dns-chain": + output.innerHTML = "<%:This data call returns the recursive chain of DNS forward (A/AAAA/CNAME) and reverse (PTR) records starting form either a hostname or an IP address.%>"; + break; + case "iana-registry-info": + output.innerHTML = "<%:This data call gives access to various data sources maintained by IANA.%>"; + break; + default: + output.innerHTML = ""; + } + } + + function ripe_view() + { + var query = div_ripe.querySelector("#s_ripe").value; + var input = document.getElementById("ripe_input"); + var view = document.getElementById("view_id"); + + if (!input.value) + { + return; + } + view.value = "<%:Loading ...%>"; + + new XHR().get('<%=luci.dispatcher.build_url("admin", "services", "banip")%>/ripeview/' + query + "/" + input.value, null, + function(x) + { + if (!x) + { + view.value = "<%:No response!%>"; + return; + } + view.value = x.responseText; + }); + } + window.onload = ripe_desc; +//]]> +</script> + +<div class="cbi-map"> + <div class="cbi-section"> + <div class="cbi-section-descr"><%_The RIPEstat Data API is the public data interface provided by RIPE NCC, for details look <a href="https://stat.ripe.net/docs/data_api" target="_blank" rel="noopener noreferrer">here</a>.%></div> + <div class="cbi-section-node"> + <div class="table cbi-section-table"> + <div class="tr cbi-section-table-row"> + <div class="td left"> + <input class="cbi-input-text" style="width:20em" type="text" id="ripe_input" placeholder="<%:Enter IP/CIDR/ASN/ISO%>" value="" /> + </div> + </div> + <div class="tr cbi-section-table-row" id="div_ripe"> + <div class="td left"> + <select id="s_ripe" class="cbi-input-select cbi-button" style="width:15em" onchange="ripe_desc()"> + <option value="geoloc" selected="selected"><%:Geo Location%></option> + <option value="as-overview"><%:ASN Overview%></option> + <option value="announced-prefixes"><%:ASN Prefixes%></option> + <option value="network-info"><%:IP/ASN Mapping%></option> + <option value="country-resource-list"><%:Country Resources%></option> + <option value="whois"><%:Whois Information%></option> + <option value="dns-chain"><%:DNS Chain%></option> + <option value="iana-registry-info"><%:IANA Information%></option> + </select> + <input type="button" id="bt_load" value="<%:Load%>" onclick="ripe_view()" class="cbi-button cbi-button-add" /><br /><br /> + <span class="ripe_desc" id="ripe_desc"></span> + </div> + </div> + </div> + </div> + <textarea id="view_id" readonly="readonly" wrap="off" value=""></textarea> + </div> +</div> + +<%+footer%>
\ No newline at end of file diff --git a/applications/luci-app-banip/luasrc/view/banip/runtime.htm b/applications/luci-app-banip/luasrc/view/banip/runtime.htm new file mode 100644 index 000000000..041fcb143 --- /dev/null +++ b/applications/luci-app-banip/luasrc/view/banip/runtime.htm @@ -0,0 +1,130 @@ +<%# +Copyright 2018 Dirk Brenken (dev@brenken.org) +This is free software, licensed under the Apache License, Version 2.0 +-%> + +<%+banip/banip_css%> +<script type="text/javascript"> +//<![CDATA[ + function status_update(json) + { + var btn1 = document.getElementById("btn1"); + var btn1_running = document.getElementById("btn1_running"); + var view = document.getElementById("value_1"); + var input = json.data.status; + + btn1.value = "<%:Refresh%>"; + btn1.name = "do_refresh"; + view.innerHTML = input || "-"; + if (input != "running") + { + btn1.disabled = false; + running(btn1_running, 0); + } + view = document.getElementById("value_2"); + input = json.data.version; + view.innerHTML = input || "-"; + view = document.getElementById("value_3"); + input = json.data.fetch_info; + view.innerHTML = input || "-"; + view = document.getElementById("value_4"); + input = json.data.ipset_info; + view.innerHTML = input || "-"; + view = document.getElementById("value_5"); + input = json.data.last_run; + view.innerHTML = input || "-"; + } + +function btn_action(action) + { + var btn1 = document.getElementById("btn1"); + var btn1_running = document.getElementById("btn1_running"); + + btn1.disabled = true; + running(btn1_running, 1); + + new XHR.get('<%=luci.dispatcher.build_url("admin", "services", "banip")%>/action/' + action.name, null, + function(x) + { + if (!x) + { + return; + } + }); + } + + function running(element, state) + { + if (state === 1) + { + var running_html = '<img src="<%=resource%>/icons/loading.gif" alt="<%:Loading%>" width="16" height="16" style="vertical-align:middle" />'; + element.innerHTML = running_html; + } + else + { + element.innerHTML = ''; + } + } + + XHR.get('<%=luci.dispatcher.build_url("admin", "services", "banip", "status")%>', null, + function(x, json_info) + { + if (!x || !json_info) + { + return; + } + status_update(json_info) + }); + + XHR.poll(5, '<%=luci.dispatcher.build_url("admin", "services", "banip", "status")%>', null, + function(x, json_info) + { + if (!x || !json_info) + { + return; + } + status_update(json_info) + }); +//]]> +</script> + +<h3><%:Runtime Information%></h3> +<div class="cbi-value" id="status_1"> + <label class="cbi-value-title" for="status_1"><%:banIP Status%></label> + <div class="cbi-value-field"> + <span class="runtime" id="value_1">-</span> + </div> +</div> +<div class="cbi-value" id="status_2"> + <label class="cbi-value-title" for="status_2"><%:banIP Version%></label> + <div class="cbi-value-field"> + <span class="runtime" id="value_2">-</span> + </div> +</div> +<div class="cbi-value" id="status_3"> + <label class="cbi-value-title" for="status_3"><%:Download Utility (SSL Library)%></label> + <div class="cbi-value-field"> + <span class="runtime" id="value_3">-</span> + </div> +</div> +<div class="cbi-value" id="status_4"> + <label class="cbi-value-title" for="status_4"><%:IPSet Information%></label> + <div class="cbi-value-field"> + <span class="runtime" id="value_4">-</span> + </div> +</div> +<div class="cbi-value" id="status_5"> + <label class="cbi-value-title" for="status_5"><%:Last Run%></label> + <div class="cbi-value-field"> + <span class="runtime" id="value_5">-</span> + </div> +</div> +<hr /> +<div class="cbi-value" id="button_1"> + <label class="cbi-value-title" for="button_1"><%:Refresh IPSets%></label> + <div class="cbi-value-field"> + <input class="cbi-button cbi-button-apply" id="btn1" type="button" name="do_refresh" value="<%:Refresh%>" onclick="btn_action(this)" /> + <span id="btn1_running" style="display:inline-block; width:16px; height:16px; margin:0 5px"></span> + </div> +</div> + diff --git a/applications/luci-app-banip/luasrc/view/banip/sourcelist.htm b/applications/luci-app-banip/luasrc/view/banip/sourcelist.htm new file mode 100644 index 000000000..743886f88 --- /dev/null +++ b/applications/luci-app-banip/luasrc/view/banip/sourcelist.htm @@ -0,0 +1,47 @@ +<%# +Copyright 2018 Dirk Brenken (dev@brenken.org) +This is free software, licensed under the Apache License, Version 2.0 +-%> + +<%- +local anonclass = (not self.anonymous or self.sectiontitle) and "named" or "anonymous" +-%> + +<%+banip/banip_css%> + +<div class="cbi-section" id="cbi-<%=self.config%>-<%=self.sectiontype%>"> + <% if self.title then -%> + <h3><%=self.title%></h3> + <%- end %> + <div class="cbi-section-descr"><%=self.description%></div> + <div class="cbi-section-node"> + <div class="table cbi-section-table"> + <div class="tr cbi-section-table-titles <%=anonclass%>"> + <%- for i, k in pairs(self.children) do -%> + <div class="th cbi-section-table-cell"> + <%-=k.title-%> + </div> + <%- end -%> + </div> + <%- local section, scope, isempty = true + for i, k in ipairs(self:cfgsections()) do + section = k + local sectionname = striptags((type(self.sectiontitle) == "function") and self:sectiontitle(section) or k) + local sectiontitle = ifattr(sectionname and (not self.anonymous or self.sectiontitle), "data-title", sectionname) + isempty = false + scope = { valueheader = "cbi/cell_valueheader", valuefooter = "cbi/cell_valuefooter" } + -%> + <div class="tr cbi-section-table-row" id="cbi-<%=self.config%>-<%=section%>"<%=sectiontitle%>> + <%- + for k, node in ipairs(self.children) do + node:render(section, scope or {}) + end + if not scope.cbid:match("ban_src_cat") then + -%> + <div class="td cbi-value-field"> </div> + <%- end -%> + </div> + <%- end -%> + </div> + </div> +</div> diff --git a/applications/luci-app-banip/root/etc/uci-defaults/40_luci-banip b/applications/luci-app-banip/root/etc/uci-defaults/40_luci-banip new file mode 100755 index 000000000..adb22da91 --- /dev/null +++ b/applications/luci-app-banip/root/etc/uci-defaults/40_luci-banip @@ -0,0 +1,11 @@ +#!/bin/sh + +uci -q batch <<-EOF >/dev/null + delete ucitrack.@banip[-1] + add ucitrack banip + set ucitrack.@banip[-1].init=banip + commit ucitrack +EOF + +rm -f /tmp/luci-indexcache +exit 0 |