diff options
Diffstat (limited to 'applications/luci-app-firewall/luasrc')
10 files changed, 365 insertions, 278 deletions
diff --git a/applications/luci-app-firewall/luasrc/model/cbi/firewall/forward-details.lua b/applications/luci-app-firewall/luasrc/model/cbi/firewall/forward-details.lua index 17a49483d7..d51f8fb79b 100644 --- a/applications/luci-app-firewall/luasrc/model/cbi/firewall/forward-details.lua +++ b/applications/luci-app-firewall/luasrc/model/cbi/firewall/forward-details.lua @@ -55,6 +55,7 @@ o = s:option(Value, "src", translate("Source zone")) o.nocreate = true o.default = "wan" o.template = "cbi/firewall_zonelist" +o.rmempty = false o = s:option(DynamicList, "src_mac", @@ -88,6 +89,10 @@ o.rmempty = true o.datatype = "neg(portrange)" o.placeholder = translate("any") +o:depends("proto", "tcp") +o:depends("proto", "udp") +o:depends("proto", "tcp udp") +o:depends("proto", "tcpudp") o = s:option(Value, "src_dip", translate("External IP address"), @@ -108,7 +113,10 @@ o = s:option(Value, "src_dport", translate("External port"), "destination port or port range on this host")) o.datatype = "neg(portrange)" - +o:depends("proto", "tcp") +o:depends("proto", "udp") +o:depends("proto", "tcp udp") +o:depends("proto", "tcpudp") o = s:option(Value, "dest", translate("Internal zone")) o.nocreate = true @@ -133,6 +141,10 @@ o = s:option(Value, "dest_port", o.placeholder = translate("any") o.datatype = "portrange" +o:depends("proto", "tcp") +o:depends("proto", "udp") +o:depends("proto", "tcp udp") +o:depends("proto", "tcpudp") o = s:option(Flag, "reflection", translate("Enable NAT Loopback")) o.rmempty = true diff --git a/applications/luci-app-firewall/luasrc/model/cbi/firewall/forwards.lua b/applications/luci-app-firewall/luasrc/model/cbi/firewall/forwards.lua index e61ce73cdd..5d1ffe0913 100644 --- a/applications/luci-app-firewall/luasrc/model/cbi/firewall/forwards.lua +++ b/applications/luci-app-firewall/luasrc/model/cbi/firewall/forwards.lua @@ -54,7 +54,7 @@ function s.parse(self, ...) if created then m.uci:save("firewall") luci.http.redirect(ds.build_url( - "admin/network/firewall/redirect", created + "admin/network/firewall/forwards", created )) end end @@ -63,8 +63,9 @@ function s.filter(self, sid) return (self.map:get(sid, "target") ~= "SNAT") end - -ft.opt_name(s, DummyValue, translate("Name")) +function s.sectiontitle(self, sid) + return (self.map:get(sid, "name") or translate("Unnamed forward")) +end local function forward_proto_txt(self, s) @@ -103,7 +104,6 @@ end match = s:option(DummyValue, "match", translate("Match")) match.rawhtml = true -match.width = "50%" function match.cfgvalue(self, s) return "<small>%s<br />%s<br />%s</small>" % { forward_proto_txt(self, s), @@ -115,7 +115,6 @@ end dest = s:option(DummyValue, "dest", translate("Forward to")) dest.rawhtml = true -dest.width = "40%" function dest.cfgvalue(self, s) local z = ft.fmt_zone(self.map:get(s, "dest"), translate("any zone")) local a = ft.fmt_ip(self.map:get(s, "dest_ip"), translate("any host")) @@ -129,6 +128,6 @@ function dest.cfgvalue(self, s) end end -ft.opt_enabled(s, Flag, translate("Enable")).width = "1%" +ft.opt_enabled(s, Flag, translate("Enable")) return m diff --git a/applications/luci-app-firewall/luasrc/model/cbi/firewall/rule-details.lua b/applications/luci-app-firewall/luasrc/model/cbi/firewall/rule-details.lua index 1c838888f1..a4763d5dc4 100644 --- a/applications/luci-app-firewall/luasrc/model/cbi/firewall/rule-details.lua +++ b/applications/luci-app-firewall/luasrc/model/cbi/firewall/rule-details.lua @@ -115,6 +115,10 @@ elseif rule_type == "redirect" then o.datatype = "neg(portrange)" o.placeholder = translate("any") + o:depends("proto", "tcp") + o:depends("proto", "udp") + o:depends("proto", "tcp udp") + o:depends("proto", "tcpudp") o = s:option(Value, "dest", translate("Destination zone")) o.nocreate = true @@ -139,6 +143,10 @@ elseif rule_type == "redirect" then o.placeholder = translate("any") o.datatype = "neg(portrange)" + o:depends("proto", "tcp") + o:depends("proto", "udp") + o:depends("proto", "tcp udp") + o:depends("proto", "tcpudp") o = s:option(Value, "src_dip", translate("SNAT IP address"), @@ -163,6 +171,10 @@ elseif rule_type == "redirect" then o.rmempty = true o.placeholder = translate('Do not rewrite') + o:depends("proto", "tcp") + o:depends("proto", "udp") + o:depends("proto", "tcp udp") + o:depends("proto", "tcpudp") s:option(Value, "extra", translate("Extra arguments"), @@ -212,7 +224,13 @@ else end - o = s:option(DynamicList, "icmp_type", translate("Match ICMP type")) + o = s:option(DropDown, "icmp_type", translate("Match ICMP type")) + o.multiple = true + o.display = 10 + o.dropdown = 10 + o.custom = true + o.cast = "table" + o:value("", "any") o:value("echo-reply") o:value("destination-unreachable") @@ -251,11 +269,13 @@ else o:value("address-mask-request") o:value("address-mask-reply") + o:depends("proto", "icmp") + o = s:option(Value, "src", translate("Source zone")) o.nocreate = true o.allowany = true - o.default = "wan" + o.allowlocal = "src" o.template = "cbi/firewall_zonelist" @@ -269,7 +289,7 @@ else o = s:option(Value, "src_ip", translate("Source address")) - o.datatype = "neg(ipmask)" + o.datatype = "list(neg(ipmask))" o.placeholder = translate("any") luci.sys.net.ipv4_hints(function(ip, name) @@ -281,16 +301,29 @@ else o.datatype = "list(neg(portrange))" o.placeholder = translate("any") + o:depends("proto", "tcp") + o:depends("proto", "udp") + o:depends("proto", "tcp udp") + o:depends("proto", "tcpudp") - o = s:option(Value, "dest", translate("Destination zone")) + o = s:option(Value, "dest_local", translate("Output zone")) + o.nocreate = true + o.allowany = true + o.template = "cbi/firewall_zonelist" + o.alias = "dest" + o:depends("src", "") + + o = s:option(Value, "dest_remote", translate("Destination zone")) o.nocreate = true o.allowany = true o.allowlocal = true o.template = "cbi/firewall_zonelist" + o.alias = "dest" + o:depends({["src"] = "", ["!reverse"] = true}) o = s:option(Value, "dest_ip", translate("Destination address")) - o.datatype = "neg(ipmask)" + o.datatype = "list(neg(ipmask))" o.placeholder = translate("any") luci.sys.net.ipv4_hints(function(ip, name) @@ -302,6 +335,10 @@ else o.datatype = "list(neg(portrange))" o.placeholder = translate("any") + o:depends("proto", "tcp") + o:depends("proto", "udp") + o:depends("proto", "tcp udp") + o:depends("proto", "tcpudp") o = s:option(ListValue, "target", translate("Action")) o.default = "ACCEPT" @@ -316,9 +353,9 @@ else translate("Passes additional arguments to iptables. Use with care!")) end -o = s:option(MultiValue, "weekdays", translate("Week Days")) -o.oneline = true -o.widget = "checkbox" +o = s:option(DropDown, "weekdays", translate("Week Days")) +o.multiple = true +o.display = 5 o:value("Sun", translate("Sunday")) o:value("Mon", translate("Monday")) o:value("Tue", translate("Tuesday")) @@ -327,9 +364,9 @@ o:value("Thu", translate("Thursday")) o:value("Fri", translate("Friday")) o:value("Sat", translate("Saturday")) -o = s:option(MultiValue, "monthdays", translate("Month Days")) -o.oneline = true -o.widget = "checkbox" +o = s:option(DropDown, "monthdays", translate("Month Days")) +o.multiple = true +o.display = 15 for i = 1,31 do o:value(translate(i)) end diff --git a/applications/luci-app-firewall/luasrc/model/cbi/firewall/rules.lua b/applications/luci-app-firewall/luasrc/model/cbi/firewall/rules.lua index c533491977..f4b6b2a928 100644 --- a/applications/luci-app-firewall/luasrc/model/cbi/firewall/rules.lua +++ b/applications/luci-app-firewall/luasrc/model/cbi/firewall/rules.lua @@ -72,7 +72,9 @@ function s.parse(self, ...) end end -ft.opt_name(s, DummyValue, translate("Name")) +function s.sectiontitle(self, sid) + return (self.map:get(sid, "name") or translate("Unnamed rule")) +end local function rule_proto_txt(self, s) local f = self.map:get(s, "family") @@ -89,17 +91,31 @@ local function rule_proto_txt(self, s) end local function rule_src_txt(self, s) - local z = ft.fmt_zone(self.map:get(s, "src"), translate("any zone")) - local a = ft.fmt_ip(self.map:get(s, "src_ip"), translate("any host")) + local z = ft.fmt_zone(self.map:get(s, "src")) local p = ft.fmt_port(self.map:get(s, "src_port")) local m = ft.fmt_mac(self.map:get(s, "src_mac")) - if p and m then - return translatef("From %s in %s with source %s and %s", a, z, p, m) - elseif p or m then - return translatef("From %s in %s with source %s", a, z, p or m) + -- Forward/Input + if z and #z > 0 then + local a = ft.fmt_ip(self.map:get(s, "src_ip"), translate("any host")) + if p and m then + return translatef("From %s in %s with source %s and %s", a, z, p, m) + elseif p or m then + return translatef("From %s in %s with source %s", a, z, p or m) + else + return translatef("From %s in %s", a, z) + end + + -- Output else - return translatef("From %s in %s", a, z) + local a = ft.fmt_ip(self.map:get(s, "src_ip"), translate("any router IP")) + if p and m then + return translatef("From %s on <var>this device</var> with source %s and %s", a, p, m) + elseif p or m then + return translatef("From %s on <var>this device</var> with source %s", a, p or m) + else + return translatef("From %s on <var>this device</var>", a) + end end end @@ -145,7 +161,6 @@ end match = s:option(DummyValue, "match", translate("Match")) match.rawhtml = true -match.width = "70%" function match.cfgvalue(self, s) return "<small>%s<br />%s<br />%s</small>" % { rule_proto_txt(self, s), @@ -156,9 +171,8 @@ end target = s:option(DummyValue, "target", translate("Action")) target.rawhtml = true -target.width = "20%" function target.cfgvalue(self, s) - local t = ft.fmt_target(self.map:get(s, "target"), self.map:get(s, "dest")) + local t = ft.fmt_target(self.map:get(s, "target"), self.map:get(s, "src"), self.map:get(s, "dest")) local l = ft.fmt_limit(self.map:get(s, "limit"), self.map:get(s, "limit_burst")) @@ -169,7 +183,7 @@ function target.cfgvalue(self, s) end end -ft.opt_enabled(s, Flag, translate("Enable")).width = "1%" +ft.opt_enabled(s, Flag, translate("Enable")) -- @@ -226,11 +240,12 @@ function s.filter(self, sid) return (self.map:get(sid, "target") == "SNAT") end -ft.opt_name(s, DummyValue, translate("Name")) +function s.sectiontitle(self, sid) + return (self.map:get(sid, "name") or translate("Unnamed SNAT")) +end match = s:option(DummyValue, "match", translate("Match")) match.rawhtml = true -match.width = "70%" function match.cfgvalue(self, s) return "<small>%s<br />%s<br />%s</small>" % { rule_proto_txt(self, s), @@ -241,7 +256,6 @@ end snat = s:option(DummyValue, "via", translate("Action")) snat.rawhtml = true -snat.width = "20%" function snat.cfgvalue(self, s) local a = ft.fmt_ip(self.map:get(s, "src_dip")) local p = ft.fmt_port(self.map:get(s, "src_dport")) @@ -253,7 +267,7 @@ function snat.cfgvalue(self, s) end end -ft.opt_enabled(s, Flag, translate("Enable")).width = "1%" +ft.opt_enabled(s, Flag, translate("Enable")) return m diff --git a/applications/luci-app-firewall/luasrc/model/cbi/firewall/zone-details.lua b/applications/luci-app-firewall/luasrc/model/cbi/firewall/zone-details.lua index a42c1499f0..e168c3c605 100644 --- a/applications/luci-app-firewall/luasrc/model/cbi/firewall/zone-details.lua +++ b/applications/luci-app-firewall/luasrc/model/cbi/firewall/zone-details.lua @@ -101,9 +101,12 @@ end function net.write(self, section, value) zone:clear_networks() - local n - for n in ut.imatch(value) do - zone:add_network(n) + local net + for net in ut.imatch(value) do + local n = nw:get_network(net) or nw:add_network(net, { proto = "none" }) + if n then + zone:add_network(n:name()) + end end end diff --git a/applications/luci-app-firewall/luasrc/model/cbi/firewall/zones.lua b/applications/luci-app-firewall/luasrc/model/cbi/firewall/zones.lua index 500e5078f4..46402a8fc1 100644 --- a/applications/luci-app-firewall/luasrc/model/cbi/firewall/zones.lua +++ b/applications/luci-app-firewall/luasrc/model/cbi/firewall/zones.lua @@ -3,6 +3,7 @@ local ds = require "luci.dispatcher" local fw = require "luci.model.firewall" +local fs = require "nixio.fs" local m, s, o, p, i, v @@ -32,6 +33,28 @@ for i, v in ipairs(p) do v:value("ACCEPT", translate("accept")) end +-- Netfilter flow offload support + +local offload = fs.access("/sys/module/xt_FLOWOFFLOAD/refcnt") + +if offload then + s:option(DummyValue, "offload_advice", + translate("Routing/NAT Offloading"), + translate("Experimental feature. Not fully compatible with QoS/SQM.")) + + o = s:option(Flag, "flow_offloading", + translate("Software flow offloading"), + translate("Software based offloading for routing/NAT")) + o.optional = true + + o = s:option(Flag, "flow_offloading_hw", + translate("Hardware flow offloading"), + translate("Requires hardware NAT support. Implemented at least for mt7621")) + o.optional = true + o:depends( "flow_offloading", 1) +end + +-- Firewall zones s = m:section(TypedSection, "zone", translate("Zones")) s.template = "cbi/tblsection" @@ -39,6 +62,11 @@ s.anonymous = true s.addremove = true s.extedit = ds.build_url("admin", "network", "firewall", "zones", "%s") +function s.sectiontitle(self, sid) + local z = fw:get_zone(sid) + return z:name() +end + function s.create(self) local z = fw:new_zone() if z then diff --git a/applications/luci-app-firewall/luasrc/tools/firewall.lua b/applications/luci-app-firewall/luasrc/tools/firewall.lua index 2d89bfa2a6..055342bfb3 100644 --- a/applications/luci-app-firewall/luasrc/tools/firewall.lua +++ b/applications/luci-app-firewall/luasrc/tools/firewall.lua @@ -198,8 +198,18 @@ function fmt_limit(limit, burst) end end -function fmt_target(x, dest) - if dest and #dest > 0 then +function fmt_target(x, src, dest) + if not src or #src == 0 then + if x == "ACCEPT" then + return _("Accept output") + elseif x == "REJECT" then + return _("Refuse output") + elseif x == "NOTRACK" then + return _("Do not track output") + else --if x == "DROP" then + return _("Discard output") + end + elseif dest and #dest > 0 then if x == "ACCEPT" then return _("Accept forward") elseif x == "REJECT" then diff --git a/applications/luci-app-firewall/luasrc/view/firewall/cbi_addforward.htm b/applications/luci-app-firewall/luasrc/view/firewall/cbi_addforward.htm index b3079f3a48..f48599b505 100644 --- a/applications/luci-app-firewall/luasrc/view/firewall/cbi_addforward.htm +++ b/applications/luci-app-firewall/luasrc/view/firewall/cbi_addforward.htm @@ -18,95 +18,91 @@ vals[#vals+1] = '%s (%s)' %{ ip, name } end) -%> -<div class="cbi-section-create cbi-tblsection-create"> - <br /> - <table class="cbi-section-table" style="width:810px; margin-left:5px"> - <tr class="cbi-section-table-titles"> - <th class="cbi-section-table-cell" colspan="8"><%:New port forward%>:</th> - </tr> - <tr class="cbi-section-table-descr"> - <th class="cbi-section-table-cell"><%:Name%></th> - <th class="cbi-section-table-cell"><%:Protocol%></th> - <th class="cbi-section-table-cell"><%:External zone%></th> - <th class="cbi-section-table-cell"><%:External port%></th> - <th class="cbi-section-table-cell"><%:Internal zone%></th> - <th class="cbi-section-table-cell"><%:Internal IP address%></th> - <th class="cbi-section-table-cell"><%:Internal port%></th> - <th class="cbi-section-table-cell"></th> - </tr> - <tr class="cbi-section-table-row"> - <td class="cbi-section-table-cell"> - <input type="text" class="cbi-input-text" id="_newfwd.name" name="_newfwd.name" placeholder="<%:New port forward%>" /> - </td> - <td class="cbi-section-table-cell" style="width:110px"> - <select class="cbi-input-select" id="_newfwd.proto" name="_newfwd.proto"> - <option value="tcp udp">TCP+UDP</option> - <option value="tcp">TCP</option> - <option value="udp">UDP</option> - <option value="other"><%:Other...%></option> - </select> - </td> - <td class="cbi-section-table-cell" style="width:55px"> - <select class="cbi-input-select" id="_newfwd.extzone" name="_newfwd.extzone"> - <% for _, z in ipairs(ezl) do -%><option value="<%=z:name()%>"><%=z:name()%></option><%- end %> - </select> - </td> - <td class="cbi-section-table-cell" style="width:110px"> - <input type="text" class="cbi-input-text" id="_newfwd.extport" name="_newfwd.extport" data-type="portrange" data-optional="true" /> - </td> - <td class="cbi-section-table-cell" style="width:55px"> - <select class="cbi-input-select" id="_newfwd.intzone" name="_newfwd.intzone"> - <% for _, z in ipairs(izl) do -%><option value="<%=z:name()%>"><%=z:name()%></option><%- end %> - </select> - </td> - <td class="cbi-section-table-cell" style="width:110px"> - <input type="text" class="cbi-input-text" id="_newfwd.intaddr" name="_newfwd.intaddr" data-type="host" data-optional="true"<%= - ifattr(#keys > 0, "data-choices", {keys, vals}) - %>/> - </td> - <td class="cbi-section-table-cell" style="width:110px"> - <input type="text" class="cbi-input-text" id="_newfwd.intport" name="_newfwd.intport" data-type="portrange" data-optional="true" /> - </td> - <td class="cbi-section-table-cell"> - <input type="submit" class="cbi-button cbi-button-add" name="cbi.cts.<%=self.config%>.<%=self.sectiontype%>.<%=section%>" value="<%:Add%>" /> - </td> - </tr> - </table> - <script type="text/javascript">//<![CDATA[ - cbi_bind(document.getElementById('_newfwd.extport'), 'blur', - function() { - var n = document.getElementById('_newfwd.name'); - var p = document.getElementById('_newfwd.proto'); - var i = document.getElementById('_newfwd.intport'); - var hints = { - /* port name 0=both, 1=tcp, 2=udp, 3=other */ - 21: [ 'FTP', 1 ], - 22: [ 'SSH', 1 ], - 53: [ 'DNS', 0 ], - 80: [ 'HTTP', 1 ], - 443: [ 'HTTPS', 1 ], - 3389: [ 'RDP', 1 ], - 5900: [ 'VNC', 1 ], - }; +<h4><%:New port forward%></h4> +<div class="table"> + <div class="tr table-titles"> + <div class="th"><%:Name%></div> + <div class="th"><%:Protocol%></div> + <div class="th"><%:External zone%></div> + <div class="th"><%:External port%></div> + <div class="th"><%:Internal zone%></div> + <div class="th"><%:Internal IP address%></div> + <div class="th"><%:Internal port%></div> + <div class="th"></div> + </div> + <div class="tr"> + <div class="td"> + <input type="text" class="cbi-input-text" id="_newfwd.name" name="_newfwd.name" placeholder="<%:New port forward%>" /> + </div> + <div class="td"> + <select class="cbi-input-select" id="_newfwd.proto" name="_newfwd.proto"> + <option value="tcp udp">TCP+UDP</option> + <option value="tcp">TCP</option> + <option value="udp">UDP</option> + <option value="other"><%:Other...%></option> + </select> + </div> + <div class="td"> + <select class="cbi-input-select" id="_newfwd.extzone" name="_newfwd.extzone"> + <% for _, z in ipairs(ezl) do -%><option value="<%=z:name()%>"><%=z:name()%></option><%- end %> + </select> + </div> + <div class="td"> + <input type="text" class="cbi-input-text" id="_newfwd.extport" name="_newfwd.extport" data-type="portrange" data-optional="true" /> + </div> + <div class="td"> + <select class="cbi-input-select" id="_newfwd.intzone" name="_newfwd.intzone"> + <% for _, z in ipairs(izl) do -%><option value="<%=z:name()%>"><%=z:name()%></option><%- end %> + </select> + </div> + <div class="td"> + <input type="text" class="cbi-input-text" id="_newfwd.intaddr" name="_newfwd.intaddr" data-type="host" data-optional="true"<%= + ifattr(#keys > 0, "data-choices", {keys, vals}) + %>/> + </div> + <div class="td"> + <input type="text" class="cbi-input-text" id="_newfwd.intport" name="_newfwd.intport" data-type="portrange" data-optional="true" /> + </div> + <div class="td bottom"> + <input type="submit" class="cbi-button cbi-button-add" name="cbi.cts.<%=self.config%>.<%=self.sectiontype%>.<%=section%>" value="<%:Add%>" /> + </div> + </div> +</div> - if (!this.className.match(/invalid/)) - { - if (!i.value) i.value = this.value; +<script type="text/javascript">//<![CDATA[ + cbi_bind(document.getElementById('_newfwd.extport'), 'blur', + function() { + var n = document.getElementById('_newfwd.name'); + var p = document.getElementById('_newfwd.proto'); + var i = document.getElementById('_newfwd.intport'); + var hints = { + /* port name 0=both, 1=tcp, 2=udp, 3=other */ + 21: [ 'FTP', 1 ], + 22: [ 'SSH', 1 ], + 53: [ 'DNS', 0 ], + 80: [ 'HTTP', 1 ], + 443: [ 'HTTPS', 1 ], + 3389: [ 'RDP', 1 ], + 5900: [ 'VNC', 1 ], + }; - var hint = hints[this.value || 0] || hints[i.value || 0]; - if (hint) - { - p.selectedIndex = hint[1]; + if (!this.className.match(/invalid/)) + { + if (!i.value) i.value = this.value; + + var hint = hints[this.value || 0] || hints[i.value || 0]; + if (hint) + { + p.selectedIndex = hint[1]; - if (!n.value) - n.value = hint[0]; - } - else if (!n.value) - { - n.value = 'Forward' + this.value; - } + if (!n.value) + n.value = hint[0]; } - }); - //]]></script> -</div> + else if (!n.value) + { + n.value = 'Forward' + this.value; + } + } + }); +//]]></script> diff --git a/applications/luci-app-firewall/luasrc/view/firewall/cbi_addrule.htm b/applications/luci-app-firewall/luasrc/view/firewall/cbi_addrule.htm index b06fac3de4..273675cd30 100644 --- a/applications/luci-app-firewall/luasrc/view/firewall/cbi_addrule.htm +++ b/applications/luci-app-firewall/luasrc/view/firewall/cbi_addrule.htm @@ -5,112 +5,105 @@ local zones = fw:get_zones() %> -<div class="cbi-section-create cbi-tblsection-create"> - <% if wz then %> - <br /> - <table class="cbi-section-table" style="margin-left:5px"> - <tr class="cbi-section-table-titles"> - <th class="cbi-section-table-cell left" colspan="4"><%:Open ports on router%>:</th> - </tr> - <tr class="cbi-section-table-descr"> - <th class="cbi-section-table-cell"><%:Name%></th> - <th class="cbi-section-table-cell"><%:Protocol%></th> - <th class="cbi-section-table-cell"><%:External port%></th> - <th class="cbi-section-table-cell"></th> - </tr> - <tr class="cbi-section-table-row"> - <td class="cbi-section-table-cell" style="width:130px"> - <input type="text" class="cbi-input-text" id="_newopen.name" name="_newopen.name" placeholder="<%:New input rule%>" /> - </td> - <td class="cbi-section-table-cell" style="width:110px"> - <select class="cbi-input-select" id="_newopen.proto" name="_newopen.proto"> - <option value="tcp udp">TCP+UDP</option> - <option value="tcp">TCP</option> - <option value="udp">UDP</option> - <option value="other"><%:Other...%></option> - </select> - </td> - <td class="cbi-section-table-cell" style="width:110px"> - <input type="text" class="cbi-input-text" id="_newopen.extport" name="_newopen.extport" /> - </td> - <td class="cbi-section-table-cell left"> - <input type="submit" class="cbi-button cbi-button-add" name="_newopen.submit" value="<%:Add%>" /> - </td> - </tr> - </table> - <% end %> - <% if #zones > 1 then %> - <table class="cbi-section-table" style="margin-left:5px"> - <tr class="cbi-section-table-titles"> - <th class="cbi-section-table-cell left" colspan="6"><br /><%:New forward rule%>:</th> - </tr> - <tr class="cbi-section-table-descr"> - <th class="cbi-section-table-cell"><%:Name%></th> - <th class="cbi-section-table-cell"><%:Source zone%></th> - <th class="cbi-section-table-cell"><%:Destination zone%></th> - <th class="cbi-section-table-cell"></th> - </tr> - <tr class="cbi-section-table-row"> - <td class="cbi-section-table-cell" style="width:130px"> - <input type="text" class="cbi-input-text" id="_newfwd.name" name="_newfwd.name" placeholder="<%:New forward rule%>" /> - </td> - <td class="cbi-section-table-cell" style="width:110px"> - <select class="cbi-input-text" id="_newfwd.src" name="_newfwd.src"> - <% local k, v; for k, v in ipairs(fw:get_zones()) do -%> - <option<%=ifattr(v:name() == "wan", "selected", "selected")%> value="<%=v:name()%>"><%=v:name()%></option> - <%- end %> - </select> - </td> - <td class="cbi-section-table-cell" style="width:110px"> - <select class="cbi-input-text" id="_newfwd.dest" name="_newfwd.dest"> - <% local k, v; for k, v in ipairs(fw:get_zones()) do -%> - <option<%=ifattr(v:name() == "lan", "selected", "selected")%> value="<%=v:name()%>"><%=v:name()%></option> - <%- end %> - </select> - </td> - <td class="cbi-section-table-cell left"> - <input type="submit" class="cbi-button cbi-button-link" name="_newfwd.submit" value="<%:Add and edit...%>" /> - </td> - </tr> - </table> - <% else %> - <input type="submit" class="cbi-button cbi-button-add" name="cbi.cts.<%=self.config%>.<%=self.sectiontype%>.<%=section%>" value="<%:Add%>" /> - <% end %> +<% if wz then %> + <h4><%:Open ports on router%></h4> + <div class="table"> + <div class="tr cbi-section-table-titles"> + <div class="th"><%:Name%></div> + <div class="th"><%:Protocol%></div> + <div class="th"><%:External port%></div> + <div class="th"></div> + </div> + <div class="tr"> + <div class="td"> + <input type="text" class="cbi-input-text" id="_newopen.name" name="_newopen.name" placeholder="<%:New input rule%>" /> + </div> + <div class="td"> + <select class="cbi-input-select" id="_newopen.proto" name="_newopen.proto"> + <option value="tcp udp">TCP+UDP</option> + <option value="tcp">TCP</option> + <option value="udp">UDP</option> + <option value="other"><%:Other...%></option> + </select> + </div> + <div class="td"> + <input type="text" class="cbi-input-text" id="_newopen.extport" name="_newopen.extport" /> + </div> + <div class="td bottom"> + <input type="submit" class="cbi-button cbi-button-add" name="_newopen.submit" value="<%:Add%>" /> + </div> + </div> + </div> +<% end %> +<% if #zones > 1 then %> + <h4><%:New forward rule%></h4> + <div class="table"> + <div class="tr cbi-section-table-titles"> + <div class="th"><%:Name%></div> + <div class="th"><%:Source zone%></div> + <div class="th"><%:Destination zone%></div> + <div class="th"></div> + </div> + <div class="tr"> + <div class="td"> + <input type="text" class="cbi-input-text" id="_newfwd.name" name="_newfwd.name" placeholder="<%:New forward rule%>" /> + </div> + <div class="td"> + <select class="cbi-input-text" id="_newfwd.src" name="_newfwd.src"> + <% local k, v; for k, v in ipairs(fw:get_zones()) do -%> + <option<%=ifattr(v:name() == "wan", "selected", "selected")%> value="<%=v:name()%>"><%=v:name()%></option> + <%- end %> + </select> + </div> + <div class="td"> + <select class="cbi-input-text" id="_newfwd.dest" name="_newfwd.dest"> + <% local k, v; for k, v in ipairs(fw:get_zones()) do -%> + <option<%=ifattr(v:name() == "lan", "selected", "selected")%> value="<%=v:name()%>"><%=v:name()%></option> + <%- end %> + </select> + </div> + <div class="td bottom"> + <input type="submit" class="cbi-button cbi-button-link" name="_newfwd.submit" value="<%:Add and edit...%>" /> + </div> + </div> + </div> +<% else %> + <input type="submit" class="cbi-button cbi-button-add" name="cbi.cts.<%=self.config%>.<%=self.sectiontype%>.<%=section%>" value="<%:Add%>" /> +<% end %> - <% if wz then %> - <script type="text/javascript">//<![CDATA[ - cbi_validate_field('_newopen.extport', true, 'list(neg(portrange))'); - cbi_bind(document.getElementById('_newopen.extport'), 'blur', - function() { - var n = document.getElementById('_newopen.name'); - var p = document.getElementById('_newopen.proto'); - var hints = { - /* port name 0=both, 1=tcp, 2=udp, 3=other */ - 22: [ 'SSH', 1 ], - 53: [ 'DNS', 0 ], - 80: [ 'HTTP', 1 ], - 443: [ 'HTTPS', 1 ], - }; +<% if wz then %> + <script type="text/javascript">//<![CDATA[ + cbi_validate_field('_newopen.extport', true, 'list(neg(portrange))'); + cbi_bind(document.getElementById('_newopen.extport'), 'blur', + function() { + var n = document.getElementById('_newopen.name'); + var p = document.getElementById('_newopen.proto'); + var hints = { + /* port name 0=both, 1=tcp, 2=udp, 3=other */ + 22: [ 'SSH', 1 ], + 53: [ 'DNS', 0 ], + 80: [ 'HTTP', 1 ], + 443: [ 'HTTPS', 1 ], + }; - if (!this.className.match(/invalid/)) + if (!this.className.match(/invalid/)) + { + var hint = hints[this.value || 0]; + if (hint) { - var hint = hints[this.value || 0]; - if (hint) - { - p.selectedIndex = hint[1]; + p.selectedIndex = hint[1]; - if (!n.value) - n.value = hint[0]; - } - else if (!n.value && this.value) - { - n.value = 'Open' + this.value; - } + if (!n.value) + n.value = hint[0]; } - }); + else if (!n.value && this.value) + { + n.value = 'Open' + this.value; + } + } + }); - cbi_validate_field('cbi.cts.<%=self.config%>.<%=self.sectiontype%>.<%=section%>', true, 'uciname'); - //]]></script> - <% end %> -</div> + cbi_validate_field('cbi.cts.<%=self.config%>.<%=self.sectiontype%>.<%=section%>', true, 'uciname'); + //]]></script> +<% end %> diff --git a/applications/luci-app-firewall/luasrc/view/firewall/cbi_addsnat.htm b/applications/luci-app-firewall/luasrc/view/firewall/cbi_addsnat.htm index 0a5913fc00..0b4774ccc0 100644 --- a/applications/luci-app-firewall/luasrc/view/firewall/cbi_addsnat.htm +++ b/applications/luci-app-firewall/luasrc/view/firewall/cbi_addsnat.htm @@ -12,53 +12,48 @@ end %> -<div class="cbi-section-create cbi-tblsection-create"> - <% if #zones > 1 then %> - <br /> - <table class="cbi-section-table" style="width:700px; margin-left:5px"> - <tr class="cbi-section-table-titles"> - <th class="cbi-section-table-cell left" colspan="6"><%:New source NAT%>:</th> - </tr> - <tr class="cbi-section-table-descr"> - <th class="cbi-section-table-cell"><%:Name%></th> - <th class="cbi-section-table-cell"><%:Source zone%></th> - <th class="cbi-section-table-cell"><%:Destination zone%></th> - <th class="cbi-section-table-cell"><%:To source IP%></th> - <th class="cbi-section-table-cell"><%:To source port%></th> - <th class="cbi-section-table-cell"></th> - </tr> - <tr class="cbi-section-table-row"> - <td class="cbi-section-table-cell"> - <input type="text" class="cbi-input-text" id="_newsnat.name" name="_newsnat.name" placeholder="<%:New SNAT rule%>" /> - </td> - <td class="cbi-section-table-cell" style="width:110px"> - <select class="cbi-input-text" id="_newsnat.src" name="_newsnat.src"> - <% local k, v; for k, v in ipairs(fw:get_zones()) do -%> - <option<%=ifattr(v:name() == "lan", "selected", "selected")%> value="<%=v:name()%>"><%=v:name()%></option> - <%- end %> - </select> - </td> - <td class="cbi-section-table-cell" style="width:110px"> - <select class="cbi-input-text" id="_newsnat.dest" name="_newsnat.dest"> - <% local k, v; for k, v in ipairs(fw:get_zones()) do -%> - <option<%=ifattr(v:name() == "wan", "selected", "selected")%> value="<%=v:name()%>"><%=v:name()%></option> - <%- end %> - </select> - </td> - <td class="cbi-section-table-cell" style="width:110px"> - <input type="text" class="cbi-input-text" id="_newsnat.dip" name="_newsnat.dip" placeholder="<%:Do not rewrite%>" data-type="ip4addr" data-optional="true"<%= - ifattr(#keys > 0, "data-choices", { keys, vals }) - %> /> - </td> - <td class="cbi-section-table-cell" style="width:110px"> - <input type="text" class="cbi-input-text" id="_newsnat.dport" name="_newsnat.dport" placeholder="<%:Do not rewrite%>" data-type="portrange" data-optional="true" /> - </td> - <td class="cbi-section-table-cell"> - <input type="submit" class="cbi-button cbi-button-link" name="_newsnat.submit" value="<%:Add and edit...%>" /> - </td> - </tr> - </table> - <% else %> - <input type="submit" class="cbi-button cbi-button-add" name="cbi.cts.<%=self.config%>.<%=self.sectiontype%>.<%=section%>" value="<%:Add%>" /> - <% end %> -</div> +<% if #zones > 1 then %> + <h4><%:New source NAT%></h4> + <div class="table"> + <div class="tr cbi-section-table-titles"> + <div class="th"><%:Name%></div> + <div class="th"><%:Source zone%></div> + <div class="th"><%:Destination zone%></div> + <div class="th"><%:To source IP%></div> + <div class="th"><%:To source port%></div> + <div class="th"></div> + </div> + <div class="tr"> + <div class="td"> + <input type="text" class="cbi-input-text" id="_newsnat.name" name="_newsnat.name" placeholder="<%:New SNAT rule%>" /> + </div> + <div class="td"> + <select class="cbi-input-text" id="_newsnat.src" name="_newsnat.src"> + <% local k, v; for k, v in ipairs(fw:get_zones()) do -%> + <option<%=ifattr(v:name() == "lan", "selected", "selected")%> value="<%=v:name()%>"><%=v:name()%></option> + <%- end %> + </select> + </div> + <div class="td"> + <select class="cbi-input-text" id="_newsnat.dest" name="_newsnat.dest"> + <% local k, v; for k, v in ipairs(fw:get_zones()) do -%> + <option<%=ifattr(v:name() == "wan", "selected", "selected")%> value="<%=v:name()%>"><%=v:name()%></option> + <%- end %> + </select> + </div> + <div class="td"> + <input type="text" class="cbi-input-text" id="_newsnat.dip" name="_newsnat.dip" placeholder="<%:Do not rewrite%>" data-type="ip4addr" data-optional="true"<%= + ifattr(#keys > 0, "data-choices", { keys, vals }) + %> /> + </div> + <div class="td"> + <input type="text" class="cbi-input-text" id="_newsnat.dport" name="_newsnat.dport" placeholder="<%:Do not rewrite%>" data-type="portrange" data-optional="true" /> + </div> + <div class="td bottom"> + <input type="submit" class="cbi-button cbi-button-link" name="_newsnat.submit" value="<%:Add and edit...%>" /> + </div> + </div> + </div> +<% else %> + <input type="submit" class="cbi-button cbi-button-add" name="cbi.cts.<%=self.config%>.<%=self.sectiontype%>.<%=section%>" value="<%:Add%>" /> +<% end %> |