summaryrefslogtreecommitdiffhomepage
path: root/applications/luci-firewall
diff options
context:
space:
mode:
Diffstat (limited to 'applications/luci-firewall')
-rw-r--r--applications/luci-firewall/luasrc/model/cbi/firewall/forward-details.lua20
-rw-r--r--applications/luci-firewall/luasrc/model/cbi/firewall/forwards.lua47
-rw-r--r--applications/luci-firewall/luasrc/model/cbi/firewall/rule-details.lua29
-rw-r--r--applications/luci-firewall/luasrc/model/cbi/firewall/rules.lua106
-rw-r--r--applications/luci-firewall/luasrc/tools/firewall.lua4
-rw-r--r--applications/luci-firewall/luasrc/view/firewall/cbi_addforward.htm6
6 files changed, 117 insertions, 95 deletions
diff --git a/applications/luci-firewall/luasrc/model/cbi/firewall/forward-details.lua b/applications/luci-firewall/luasrc/model/cbi/firewall/forward-details.lua
index c3618ec01b..162767f4db 100644
--- a/applications/luci-firewall/luasrc/model/cbi/firewall/forward-details.lua
+++ b/applications/luci-firewall/luasrc/model/cbi/firewall/forward-details.lua
@@ -91,6 +91,10 @@ o.rmempty = true
o.datatype = "macaddr"
o.placeholder = translate("any")
+luci.sys.net.mac_hints(function(mac, name)
+ o:value(mac, "%s (%s)" %{ mac, name })
+end)
+
o = s:option(Value, "src_ip",
translate("Source IP address"),
@@ -99,6 +103,10 @@ o.rmempty = true
o.datatype = "neg(ip4addr)"
o.placeholder = translate("any")
+luci.sys.net.ipv4_hints(function(ip, name)
+ o:value(ip, "%s (%s)" %{ ip, name })
+end)
+
o = s:option(Value, "src_port",
translate("Source port"),
@@ -112,6 +120,11 @@ o = s:option(Value, "src_dip",
translate("External IP address"),
translate("Only match incoming traffic directed at the given IP address."))
+luci.sys.net.ipv4_hints(function(ip, name)
+ o:value(ip, "%s (%s)" %{ ip, name })
+end)
+
+
o.rmempty = true
o.datatype = "ip4addr"
o.placeholder = translate("any")
@@ -134,9 +147,10 @@ o = s:option(Value, "dest_ip", translate("Internal IP address"),
translate("Redirect matched incoming traffic to the specified \
internal host"))
o.datatype = "ip4addr"
-for i, dataset in ipairs(sys.net.arptable()) do
- o:value(dataset["IP address"])
-end
+
+luci.sys.net.ipv4_hints(function(ip, name)
+ o:value(ip, "%s (%s)" %{ ip, name })
+end)
o = s:option(Value, "dest_port",
diff --git a/applications/luci-firewall/luasrc/model/cbi/firewall/forwards.lua b/applications/luci-firewall/luasrc/model/cbi/firewall/forwards.lua
index 714b08e79c..660848cee6 100644
--- a/applications/luci-firewall/luasrc/model/cbi/firewall/forwards.lua
+++ b/applications/luci-firewall/luasrc/model/cbi/firewall/forwards.lua
@@ -2,6 +2,7 @@
LuCI - Lua Configuration Interface
Copyright 2008 Steven Barth <steven@midlink.org>
+Copyright 2010-2012 Jo-Philipp Wich <xm@subsignal.org>
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -9,7 +10,6 @@ You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
-$Id$
]]--
local ds = require "luci.dispatcher"
@@ -75,17 +75,15 @@ end
ft.opt_name(s, DummyValue, translate("Name"))
-proto = s:option(DummyValue, "proto", translate("Protocol"))
-proto.rawhtml = true
-function proto.cfgvalue(self, s)
- return ft.fmt_proto(self.map:get(s, "proto")) or "Any"
+local function forward_proto_txt(self, s)
+ return "%s-%s" %{
+ translate("IPv4"),
+ ft.fmt_proto(self.map:get(s, "proto"),
+ self.map:get(s, "icmp_type")) or "TCP+UDP"
+ }
end
-
-src = s:option(DummyValue, "src", translate("Source"))
-src.rawhtml = true
-src.width = "20%"
-function src.cfgvalue(self, s)
+local function forward_src_txt(self, s)
local z = ft.fmt_zone(self.map:get(s, "src"), translate("any zone"))
local a = ft.fmt_ip(self.map:get(s, "src_ip"), translate("any host"))
local p = ft.fmt_port(self.map:get(s, "src_port"))
@@ -100,23 +98,32 @@ function src.cfgvalue(self, s)
end
end
-via = s:option(DummyValue, "via", translate("Via"))
-via.rawhtml = true
-via.width = "20%"
-function via.cfgvalue(self, s)
+local function forward_via_txt(self, s)
local a = ft.fmt_ip(self.map:get(s, "src_dip"), translate("any router IP"))
local p = ft.fmt_port(self.map:get(s, "src_dport"))
if p then
- return translatef("To %s at %s", a, p)
+ return translatef("Via %s at %s", a, p)
else
- return translatef("To %s", a)
+ return translatef("Via %s", a)
end
end
-dest = s:option(DummyValue, "dest", translate("Destination"))
+match = s:option(DummyValue, "match", translate("Match"))
+match.rawhtml = true
+match.width = "50%"
+function match.cfgvalue(self, s)
+ return "<small>%s<br />%s<br />%s</small>" % {
+ forward_proto_txt(self, s),
+ forward_src_txt(self, s),
+ forward_via_txt(self, s)
+ }
+end
+
+
+dest = s:option(DummyValue, "dest", translate("Forward to"))
dest.rawhtml = true
-dest.width = "30%"
+dest.width = "40%"
function dest.cfgvalue(self, s)
local z = ft.fmt_zone(self.map:get(s, "dest"), translate("any zone"))
local a = ft.fmt_ip(self.map:get(s, "dest_ip"), translate("any host"))
@@ -124,9 +131,9 @@ function dest.cfgvalue(self, s)
ft.fmt_port(self.map:get(s, "src_dport"))
if p then
- return translatef("Forward to %s, %s in %s", a, p, z)
+ return translatef("%s, %s in %s", a, p, z)
else
- return translatef("Forward to %s in %s", a, z)
+ return translatef("%s in %s", a, z)
end
end
diff --git a/applications/luci-firewall/luasrc/model/cbi/firewall/rule-details.lua b/applications/luci-firewall/luasrc/model/cbi/firewall/rule-details.lua
index cd34030fae..8a8ac3236c 100644
--- a/applications/luci-firewall/luasrc/model/cbi/firewall/rule-details.lua
+++ b/applications/luci-firewall/luasrc/model/cbi/firewall/rule-details.lua
@@ -2,7 +2,7 @@
LuCI - Lua Configuration Interface
Copyright 2008 Steven Barth <steven@midlink.org>
-Copyright 2010 Jo-Philipp Wich <xm@subsignal.org>
+Copyright 2010-2012 Jo-Philipp Wich <xm@subsignal.org>
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -10,7 +10,6 @@ You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
-$Id$
]]--
local sys = require "luci.sys"
@@ -112,12 +111,20 @@ elseif rule_type == "redirect" then
o.datatype = "neg(macaddr)"
o.placeholder = translate("any")
+ luci.sys.net.mac_hints(function(mac, name)
+ o:value(mac, "%s (%s)" %{ mac, name })
+ end)
+
o = s:option(Value, "src_ip", translate("Source IP address"))
o.rmempty = true
o.datatype = "neg(ipaddr)"
o.placeholder = translate("any")
+ luci.sys.net.ipv4_hints(function(ip, name)
+ o:value(ip, "%s (%s)" %{ ip, name })
+ end)
+
o = s:option(Value, "src_port",
translate("Source port"),
@@ -137,9 +144,9 @@ elseif rule_type == "redirect" then
o = s:option(Value, "dest_ip", translate("Destination IP address"))
o.datatype = "neg(ip4addr)"
- for i, dataset in ipairs(luci.sys.net.arptable()) do
- o:value(dataset["IP address"])
- end
+ luci.sys.net.ipv4_hints(function(ip, name)
+ o:value(ip, "%s (%s)" %{ ip, name })
+ end)
o = s:option(Value, "dest_port",
@@ -275,11 +282,19 @@ else
o.datatype = "list(macaddr)"
o.placeholder = translate("any")
+ luci.sys.net.mac_hints(function(mac, name)
+ o:value(mac, "%s (%s)" %{ mac, name })
+ end)
+
o = s:option(Value, "src_ip", translate("Source address"))
o.datatype = "neg(ipaddr)"
o.placeholder = translate("any")
+ luci.sys.net.ipv4_hints(function(ip, name)
+ o:value(ip, "%s (%s)" %{ ip, name })
+ end)
+
o = s:option(Value, "src_port", translate("Source port"))
o.datatype = "list(neg(portrange))"
@@ -297,6 +312,10 @@ else
o.datatype = "neg(ipaddr)"
o.placeholder = translate("any")
+ luci.sys.net.ipv4_hints(function(ip, name)
+ o:value(ip, "%s (%s)" %{ ip, name })
+ end)
+
o = s:option(Value, "dest_port", translate("Destination port"))
o.datatype = "list(neg(portrange))"
diff --git a/applications/luci-firewall/luasrc/model/cbi/firewall/rules.lua b/applications/luci-firewall/luasrc/model/cbi/firewall/rules.lua
index 290096ba44..0f7462bcdc 100644
--- a/applications/luci-firewall/luasrc/model/cbi/firewall/rules.lua
+++ b/applications/luci-firewall/luasrc/model/cbi/firewall/rules.lua
@@ -2,6 +2,7 @@
LuCI - Lua Configuration Interface
Copyright 2008 Steven Barth <steven@midlink.org>
+Copyright 2010-2012 Jo-Philipp Wich <xm@subsignal.org>
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -9,7 +10,6 @@ You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
-$Id$
]]--
local ds = require "luci.dispatcher"
@@ -84,30 +84,21 @@ end
ft.opt_name(s, DummyValue, translate("Name"))
-family = s:option(DummyValue, "family", translate("Family"))
-function family.cfgvalue(self, s)
+local function rule_proto_txt(self, s)
local f = self.map:get(s, "family")
+ local p = ft.fmt_proto(self.map:get(s, "proto"),
+ self.map:get(s, "icmp_type")) or "TCP+UDP"
+
if f and f:match("4") then
- return translate("IPv4")
+ return "%s-%s" %{ translate("IPv4"), p }
elseif f and f:match("6") then
- return translate("IPv6")
+ return "%s-%s" %{ translate("IPv6"), p }
else
- return translate("Any")
+ return "%s %s" %{ translate("Any"), p }
end
end
-proto = s:option(DummyValue, "proto", translate("Protocol"))
-proto.rawhtml = true
-proto.width = "20%"
-function proto.cfgvalue(self, s)
- return ft.fmt_proto(self.map:get(s, "proto"), self.map:get(s, "icmp_type"))
- or "TCP+UDP"
-end
-
-src = s:option(DummyValue, "src", translate("Source"))
-src.rawhtml = true
-src.width = "20%"
-function src.cfgvalue(self, s)
+local function rule_src_txt(self, s)
local z = ft.fmt_zone(self.map:get(s, "src"), translate("any zone"))
local a = ft.fmt_ip(self.map:get(s, "src_ip"), translate("any host"))
local p = ft.fmt_port(self.map:get(s, "src_port"))
@@ -122,10 +113,7 @@ function src.cfgvalue(self, s)
end
end
-dest = s:option(DummyValue, "dest", translate("Destination"))
-dest.rawhtml = true
-dest.width = "20%"
-function dest.cfgvalue(self, s)
+local function rule_dest_txt(self, s)
local z = ft.fmt_zone(self.map:get(s, "dest"))
local p = ft.fmt_port(self.map:get(s, "dest_port"))
@@ -151,6 +139,30 @@ function dest.cfgvalue(self, s)
end
end
+local function snat_dest_txt(self, s)
+ local z = ft.fmt_zone(self.map:get(s, "dest"), translate("any zone"))
+ local a = ft.fmt_ip(self.map:get(s, "dest_ip"), translate("any host"))
+ local p = ft.fmt_port(self.map:get(s, "dest_port")) or
+ ft.fmt_port(self.map:get(s, "src_dport"))
+
+ if p then
+ return translatef("To %s, %s in %s", a, p, z)
+ else
+ return translatef("To %s in %s", a, z)
+ end
+end
+
+
+match = s:option(DummyValue, "match", translate("Match"))
+match.rawhtml = true
+match.width = "70%"
+function match.cfgvalue(self, s)
+ return "<small>%s<br />%s<br />%s</small>" % {
+ rule_proto_txt(self, s),
+ rule_src_txt(self, s),
+ rule_dest_txt(self, s)
+ }
+end
target = s:option(DummyValue, "target", translate("Action"))
target.rawhtml = true
@@ -226,48 +238,18 @@ end
ft.opt_name(s, DummyValue, translate("Name"))
-proto = s:option(DummyValue, "proto", translate("Protocol"))
-proto.rawhtml = true
-function proto.cfgvalue(self, s)
- return ft.fmt_proto(self.map:get(s, "proto")) or "TCP+UDP"
-end
-
-
-src = s:option(DummyValue, "src", translate("Source"))
-src.rawhtml = true
-src.width = "20%"
-function src.cfgvalue(self, s)
- local z = ft.fmt_zone(self.map:get(s, "src"), translate("any zone"))
- local a = ft.fmt_ip(self.map:get(s, "src_ip"), translate("any host"))
- local p = ft.fmt_port(self.map:get(s, "src_port"))
- local m = ft.fmt_mac(self.map:get(s, "src_mac"))
-
- if p and m then
- return translatef("From %s in %s with source %s and %s", a, z, p, m)
- elseif p or m then
- return translatef("From %s in %s with source %s", a, z, p or m)
- else
- return translatef("From %s in %s", a, z)
- end
-end
-
-dest = s:option(DummyValue, "dest", translate("Destination"))
-dest.rawhtml = true
-dest.width = "30%"
-function dest.cfgvalue(self, s)
- local z = ft.fmt_zone(self.map:get(s, "dest"), translate("any zone"))
- local a = ft.fmt_ip(self.map:get(s, "dest_ip"), translate("any host"))
- local p = ft.fmt_port(self.map:get(s, "dest_port")) or
- ft.fmt_port(self.map:get(s, "src_dport"))
-
- if p then
- return translatef("To %s, %s in %s", a, p, z)
- else
- return translatef("To %s in %s", a, z)
- end
+match = s:option(DummyValue, "match", translate("Match"))
+match.rawhtml = true
+match.width = "70%"
+function match.cfgvalue(self, s)
+ return "<small>%s<br />%s<br />%s</small>" % {
+ rule_proto_txt(self, s),
+ rule_src_txt(self, s),
+ snat_dest_txt(self, s)
+ }
end
-snat = s:option(DummyValue, "via", translate("SNAT"))
+snat = s:option(DummyValue, "via", translate("Action"))
snat.rawhtml = true
snat.width = "20%"
function snat.cfgvalue(self, s)
diff --git a/applications/luci-firewall/luasrc/tools/firewall.lua b/applications/luci-firewall/luasrc/tools/firewall.lua
index 55c417e135..26240aa7a4 100644
--- a/applications/luci-firewall/luasrc/tools/firewall.lua
+++ b/applications/luci-firewall/luasrc/tools/firewall.lua
@@ -1,7 +1,7 @@
--[[
LuCI - Lua Configuration Interface
-Copyright 2011 Jo-Philipp Wich <xm@subsignal.org>
+Copyright 2011-2012 Jo-Philipp Wich <xm@subsignal.org>
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -9,7 +9,6 @@ You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
-$Id$
]]--
module("luci.tools.firewall", package.seeall)
@@ -154,6 +153,7 @@ function fmt_proto(x, icmp_types)
v, n = fmt_neg(v)
if v == "tcpudp" then
l[#l+1] = "TCP"
+ l[#l+1] = ", "
l[#l+1] = "UDP"
l[#l+1] = ", "
elseif v ~= "all" then
diff --git a/applications/luci-firewall/luasrc/view/firewall/cbi_addforward.htm b/applications/luci-firewall/luasrc/view/firewall/cbi_addforward.htm
index 6a49266b7b..9b17d52e7f 100644
--- a/applications/luci-firewall/luasrc/view/firewall/cbi_addforward.htm
+++ b/applications/luci-firewall/luasrc/view/firewall/cbi_addforward.htm
@@ -45,9 +45,9 @@
cbi_validate_field('_newfwd.intport', true, 'portrange');
cbi_combobox_init('_newfwd.intaddr', {
- <% local i, e; for i, e in ipairs(luci.sys.net.arptable()) do -%>
- <%- if i > 1 then %>,<% end -%>'<%=e["IP address"]%>': '<%=e["IP address"]%>'
- <%- end %> }, '', '<%: -- custom -- %>');
+ <% first = true; luci.sys.net.ipv4_hints(function(ip, name) %>
+ <%- if first then first = false else %>,<% end -%>'<%=ip%>': '<%=ip%> (<%=name%>)'
+ <%- end) %> }, '', '<%: -- custom -- %>');
cbi_bind(document.getElementById('_newfwd.extport'), 'blur',
function() {