diff options
Diffstat (limited to 'applications/luci-app-fwknopd')
| -rw-r--r-- | applications/luci-app-fwknopd/Makefile | 2 | ||||
| -rw-r--r-- | applications/luci-app-fwknopd/po/pt-br/fwknopd.po | 116 | ||||
| -rw-r--r-- | applications/luci-app-fwknopd/po/ru/fwknopd.po | 119 | ||||
| -rw-r--r-- | applications/luci-app-fwknopd/root/etc/uci-defaults/40_luci-fwknopd | 1 | ||||
| -rw-r--r-- | applications/luci-app-fwknopd/root/usr/sbin/gen-qr.sh | 18 |
5 files changed, 245 insertions, 11 deletions
diff --git a/applications/luci-app-fwknopd/Makefile b/applications/luci-app-fwknopd/Makefile index 3fbd88ad61..ba7a8568e7 100644 --- a/applications/luci-app-fwknopd/Makefile +++ b/applications/luci-app-fwknopd/Makefile @@ -8,8 +8,6 @@ include $(TOPDIR)/rules.mk LUCI_TITLE:=Fwknopd config - web config for the firewall knock daemon LUCI_DEPENDS:=+fwknopd +qrencode -PKG_VERSION:=1.0 -PKG_RELEASE:=1 PKG_LICENSE:=GPLv2 PKG_MAINTAINER:=Jonathan Bennett <JBennett@incomsystems.biz> include ../../luci.mk diff --git a/applications/luci-app-fwknopd/po/pt-br/fwknopd.po b/applications/luci-app-fwknopd/po/pt-br/fwknopd.po new file mode 100644 index 0000000000..286b49db31 --- /dev/null +++ b/applications/luci-app-fwknopd/po/pt-br/fwknopd.po @@ -0,0 +1,116 @@ +msgid "" +msgstr "" +"Content-Type: text/plain; charset=UTF-8\n" +"Project-Id-Version: \n" +"POT-Creation-Date: \n" +"PO-Revision-Date: \n" +"Language-Team: \n" +"MIME-Version: 1.0\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Poedit 1.8.11\n" +"Last-Translator: Luiz Angelo Daros de Luca <luizluca@gmail.com>\n" +"Plural-Forms: nplurals=2; plural=(n > 1);\n" +"Language: pt_BR\n" + +msgid "" +"Allow SPA clients to request access to services through an iptables firewall " +"instead of just to it." +msgstr "" +"Permitir que clientes SPA requeiram acesso a serviços através de um firewall " +"iptables ao invés de apenas fazê-lo." + +msgid "Allow SPA clients to request forwarding destination by DNS name." +msgstr "" +"Permitir que clientes SPA requeiram encaminhamento de destinos por nome DNS." + +msgid "Base 64 key" +msgstr "Chave em formato base64" + +msgid "" +"Define a set of ports and protocols (tcp or udp) that will be opened if a " +"valid knock sequence is seen. If this entry is not set, fwknopd will attempt " +"to honor any proto/port request specified in the SPA data (unless of it " +"matches any “RESTRICT_PORTS” entries). Multiple entries are comma-separated." +msgstr "" +"Define um conjunto de porta e protocolos (TCP ou UDP) que serão abertos se " +"uma sequência de batidas for observada. Se esta entrada não estiver " +"definida, fwknopd irá tentar honrar qualquer requisição de protocolo/porta " +"especificada nos dados SPA (a não ser se casar com qualquer entrada de " +"\"RESTRICT_PORTS\"). Múltiplas entradas serão separadas por vírgula." + +msgid "" +"Define the length of time access will be granted by fwknopd through the " +"firewall after a valid knock sequence from a source IP address. If " +"“FW_ACCESS_TIMEOUT” is not set then the default timeout of 30 seconds will " +"automatically be set." +msgstr "" +"Define a duração do tempo de acesso que será concedido pelo fwknopd através " +"do firewall depois de uma sequência de batidas válida de um endereço IP. Se " +"“FW_ACCESS_TIMEOUT” não estiver definido, o valor padrão será de 30 " +"segundos. " + +msgid "" +"Define the symmetric key used for decrypting an incoming SPA packet that is " +"encrypted by the fwknop client with Rijndael." +msgstr "" +"Define a chave simétrica usada para decifrar um pacote SPA entrante que foi " +"cifrado pelo cliente fwknop com o algoritmo Rijndael." + +msgid "Enable Uci/Luci control" +msgstr "Habilitar o controle UCI/Luci" + +msgid "Enable config overwrite" +msgstr "Habilitar a sobrescrita da configuração" + +msgid "Firewall Knock Daemon" +msgstr "Servidor do Firwall Knock" + +msgid "Firewall Knock Operator" +msgstr "Operador do Firewall Knock" + +msgid "" +"Force all SPA packets to contain a real IP address within the encrypted " +"data. This makes it impossible to use the -s command line argument on the " +"fwknop client command line, so either -R has to be used to automatically " +"resolve the external address (if the client behind a NAT) or the client must " +"know the external IP and set it via the -a argument." +msgstr "" +"Forçar que todos os pacotes SPA contenham um endereço IP real dentro do " +"pacote cifrado. Isto torna impossível o uso do argumento de linha de comando " +"'-s' no cliente fwknop. Desta forma, ou o argumento '-R' deve ser usada para " +"resolver os endereços externos automaticamente (se o cliente estiver atrás " +"de uma NAT) ou o ciente deve conhecer o seu endereço IP externo e defini-lo " +"através do argumento '-a'." + +msgid "" +"Maximum age in seconds that an SPA packet will be accepted. defaults to 120 " +"seconds" +msgstr "" +"Idade máxima, em segundos, que um pacote SPA será aceito. Padrão é 120 " +"segundos." + +msgid "Normal Key" +msgstr "Chave Normal" + +msgid "Specify the ethernet interface on which fwknopd will sniff packets." +msgstr "" +"Especifica o dispositivo ethernet no qual o fwknopd irá observar os pacotes." + +msgid "The base64 hmac key" +msgstr "A chave de autenticação HMAC em formato base64" + +msgid "Use ANY for any source ip" +msgstr "Use \"ANY\" para qualquer endereço IP de origem" + +msgid "" +"When unchecked, the config files in /etc/fwknopd will be used as is, " +"ignoring any settings here." +msgstr "" +"Quando desmarcado, os arquivos de configuração em /etc/fwknopd serão usados " +"como estão, ignorando qualquer ajustes feitos aqui." + +msgid "access.conf stanzas" +msgstr "Estâncias do access.conf" + +msgid "fwknopd.conf config options" +msgstr "Opções do fwknopd.conf" diff --git a/applications/luci-app-fwknopd/po/ru/fwknopd.po b/applications/luci-app-fwknopd/po/ru/fwknopd.po new file mode 100644 index 0000000000..c8922823b5 --- /dev/null +++ b/applications/luci-app-fwknopd/po/ru/fwknopd.po @@ -0,0 +1,119 @@ +msgid "" +msgstr "" +"Content-Type: text/plain; charset=UTF-8\n" +"Project-Id-Version: LuCI: fwknopd\n" +"POT-Creation-Date: 2017-12-01 12:15+0300\n" +"PO-Revision-Date: 2018-01-13 14:53+0300\n" +"Language-Team: http://cyber-place.ru\n" +"MIME-Version: 1.0\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Poedit 1.8.7.1\n" +"Last-Translator: Vladimir aka sunny <picfun@ya.ru>\n" +"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" +"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" +"Language: ru\n" +"Project-Info: Это технический перевод, не дословный. Главное-удобный русский " +"интерфейс, все проверялось в графическом режиме, совместим с другими apps\n" + +msgid "" +"Allow SPA clients to request access to services through an iptables firewall " +"instead of just to it." +msgstr "" +"Разрешить SPA клиентам запрашивать доступ к сервисам через iptables " +"межсетевого экрана, а не напрямую." + +msgid "Allow SPA clients to request forwarding destination by DNS name." +msgstr "" +"Разрешить SPA клиентам запрашивать направление переадресации по DNS-имени." + +msgid "Base 64 key" +msgstr "64-битный ключ" + +msgid "" +"Define a set of ports and protocols (tcp or udp) that will be opened if a " +"valid knock sequence is seen. If this entry is not set, fwknopd will attempt " +"to honor any proto/port request specified in the SPA data (unless of it " +"matches any “RESTRICT_PORTS” entries). Multiple entries are comma-separated." +msgstr "" +"Задайте порты и протоколы (TCP или UDP), которые будут открыты, если задана " +"допустимая последовательность защищенного постукивания. Если порты и " +"протоколы не заданы, fwknopd постарается исполнить любой прото/порт запрос, " +"указанный в SPA данных (если он соответствует любой 'RESTRICT_PORTS' " +"записи). Последовательность данных, разделенных запятыми." + +msgid "" +"Define the length of time access will be granted by fwknopd through the " +"firewall after a valid knock sequence from a source IP address. If " +"“FW_ACCESS_TIMEOUT” is not set then the default timeout of 30 seconds will " +"automatically be set." +msgstr "" +"Задайте промежуток времени, в течение которого демоном fwknopd будет " +"предоставлен доступ через межсетевой экран, после допустимой " +"последовательности защищенного постукивания из исходящего IP-адреса. Если " +"параметр 'FW_ACCESS_TIMEOUT' не установлен, то автоматически устанавливается " +"время ожидания по умолчанию 30 секунд." + +msgid "" +"Define the symmetric key used for decrypting an incoming SPA packet that is " +"encrypted by the fwknop client with Rijndael." +msgstr "" +"Задайте симметричный ключ, используемый для расшифровки входящего SPA пакета " +"зашифрованного fwknop клиентом с помощью Rijndael." + +msgid "Enable Uci/Luci control" +msgstr "Включить управление в Uci/LuCI" + +msgid "Enable config overwrite" +msgstr "Настроить config файл" + +msgid "Firewall Knock Daemon" +msgstr "Firewall Knock Daemon" + +msgid "Firewall Knock Operator" +msgstr "Настройка защищенного постукивания межсетевого экрана" + +msgid "" +"Force all SPA packets to contain a real IP address within the encrypted " +"data. This makes it impossible to use the -s command line argument on the " +"fwknop client command line, so either -R has to be used to automatically " +"resolve the external address (if the client behind a NAT) or the client must " +"know the external IP and set it via the -a argument." +msgstr "" +"Обязать все SPA пакеты содержать реальный IP-адрес в зашифрованных данных. " +"Это делает невозможным использование аргумента командной строки '-s' в " +"командной строке fwknop клиента, поэтому либо аргумент '-R' должен " +"использоваться для автоматического разрешения внешнего адреса (если клиент " +"за NAT), либо клиент должен знать внешний IP и установить его используя " +"аргумент '-a'." + +msgid "" +"Maximum age in seconds that an SPA packet will be accepted. defaults to 120 " +"seconds" +msgstr "" +"Максимальное время в секундах, в течение которых будет принят SPA пакет, по " +"умолчанию 120 секунд." + +msgid "Normal Key" +msgstr "Нормальный ключ" + +msgid "Specify the ethernet interface on which fwknopd will sniff packets." +msgstr "Укажите ethernet интерфейс, пакеты которого fwknopd будет снифить." + +msgid "The base64 hmac key" +msgstr "Ключ Base64 HMAC." + +msgid "Use ANY for any source ip" +msgstr "Использовать ЛЮБОЙ, для любого исходящего IP." + +msgid "" +"When unchecked, the config files in /etc/fwknopd will be used as is, " +"ignoring any settings here." +msgstr "" +"Если не отмечено, будет использоваться дефолтный config файл fwknopd (/etc/" +"fwknopd), игнорируя любые изменения настроек fwknopd здесь. " + +msgid "access.conf stanzas" +msgstr "Строки config файла access.conf" + +msgid "fwknopd.conf config options" +msgstr "Настройка config файла - fwknopd.conf" diff --git a/applications/luci-app-fwknopd/root/etc/uci-defaults/40_luci-fwknopd b/applications/luci-app-fwknopd/root/etc/uci-defaults/40_luci-fwknopd index 65ef012450..9e5057e701 100644 --- a/applications/luci-app-fwknopd/root/etc/uci-defaults/40_luci-fwknopd +++ b/applications/luci-app-fwknopd/root/etc/uci-defaults/40_luci-fwknopd @@ -3,6 +3,7 @@ #-- Licensed to the public under the GNU General Public License v2. . /lib/functions/network.sh +[ "$(uci -q get fwknopd.@access[0].KEY)" != "CHANGEME" ] && exit 0 uci batch <<EOF add ucitrack fwknopd set ucitrack.@fwknopd[-1].init=fwknopd diff --git a/applications/luci-app-fwknopd/root/usr/sbin/gen-qr.sh b/applications/luci-app-fwknopd/root/usr/sbin/gen-qr.sh index abca5d3e5a..48850bd361 100644 --- a/applications/luci-app-fwknopd/root/usr/sbin/gen-qr.sh +++ b/applications/luci-app-fwknopd/root/usr/sbin/gen-qr.sh @@ -4,23 +4,23 @@ if [ "$1" != "" ]; then entry_num=$1 fi -key_base64=$(uci get fwknopd.@access[$entry_num].KEY_BASE64) -key=$(uci get fwknopd.@access[$entry_num].KEY) -hmac_key_base64=$(uci get fwknopd.@access[$entry_num].HMAC_KEY_BASE64) -hmac_key=$(uci get fwknopd.@access[$entry_num].HMAC_KEY) +key_base64=$(uci -q get fwknopd.@access[$entry_num].KEY_BASE64) +key=$(uci -q get fwknopd.@access[$entry_num].KEY) +hmac_key_base64=$(uci -q get fwknopd.@access[$entry_num].HMAC_KEY_BASE64) +hmac_key=$(uci -q get fwknopd.@access[$entry_num].HMAC_KEY) -if [ $key_base64 != "" ]; then +if [ "$key_base64" != "" ]; then qr="KEY_BASE64:$key_base64" fi -if [ $key != "" ]; then +if [ "$key" != "" ]; then qr="$qr KEY:$key" fi -if [ $hmac_key_base64 != "" ]; then +if [ "$hmac_key_base64" != "" ]; then qr="$qr HMAC_KEY_BASE64:$hmac_key_base64" fi -if [ $hmac_key != "" ]; then +if [ "$hmac_key" != "" ]; then qr="$qr HMAC_KEY:$hmac_key" fi -qrencode -o - "$qr" +qrencode -t svg -I -o - "$qr" |