summaryrefslogtreecommitdiffhomepage
path: root/libs/sys
diff options
context:
space:
mode:
Diffstat (limited to 'libs/sys')
-rw-r--r--libs/sys/luasrc/sys.lua493
-rw-r--r--libs/sys/luasrc/sys/iptparser.lua244
2 files changed, 737 insertions, 0 deletions
diff --git a/libs/sys/luasrc/sys.lua b/libs/sys/luasrc/sys.lua
new file mode 100644
index 0000000000..14a2f294f3
--- /dev/null
+++ b/libs/sys/luasrc/sys.lua
@@ -0,0 +1,493 @@
+--[[
+LuCI - System library
+
+Description:
+Utilities for interaction with the Linux system
+
+FileId:
+$Id$
+
+License:
+Copyright 2008 Steven Barth <steven@midlink.org>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+]]--
+
+--- LuCI Linux and POSIX system utilities.
+module("luci.sys", package.seeall)
+require("posix")
+require("luci.bits")
+require("luci.util")
+require("luci.fs")
+
+--- Invoke the luci-flash executable to write an image to the flash memory.
+-- @param kpattern Pattern of files to keep over flash process
+-- @return Return value of os.execute()
+function flash(image, kpattern)
+ local cmd = "luci-flash "
+ if kpattern then
+ cmd = cmd .. "-k '" .. kpattern:gsub("'", "") .. "' "
+ end
+ cmd = cmd .. "'" .. image:gsub("'", "") .. "' >/dev/null 2>&1"
+
+ return os.execute(cmd)
+end
+
+--- Retrieve environment variables. If no variable is given then a table
+-- containing the whole environment is returned otherwise this function returns
+-- the corresponding string value for the given name or nil if no such variable
+-- exists.
+-- @class function
+-- @name getenv
+-- @param var Name of the environment variable to retrieve (optional)
+-- @return String containg the value of the specified variable
+-- @return Table containing all variables if no variable name is given
+getenv = posix.getenv
+
+--- Determine the current hostname.
+-- @return String containing the system hostname
+function hostname()
+ return io.lines("/proc/sys/kernel/hostname")()
+end
+
+--- Returns the contents of a documented referred by an URL.
+-- @param url The URL to retrieve
+-- @param stream Return a stream instead of a buffer
+-- @return String containing the contents of given the URL
+function httpget(url, stream)
+ local source = stream and io.open or luci.util.exec
+ return source("wget -qO- '"..url:gsub("'", "").."'")
+end
+
+--- Returns the system load average values.
+-- @return String containing the average load value 1 minute ago
+-- @return String containing the average load value 5 minutes ago
+-- @return String containing the average load value 15 minutes ago
+-- @return String containing the active and total number of processes
+-- @return String containing the last used pid
+function loadavg()
+ local loadavg = io.lines("/proc/loadavg")()
+ return loadavg:match("^(.-) (.-) (.-) (.-) (.-)$")
+end
+
+--- Initiate a system reboot.
+-- @return Return value of os.execute()
+function reboot()
+ return os.execute("reboot >/dev/null 2>&1")
+end
+
+--- Returns the system type, cpu name and installed physical memory.
+-- @return String containing the system or platform identifier
+-- @return String containing hardware model information
+-- @return String containing the total memory amount in kB
+-- @return String containing the memory used for caching in kB
+-- @return String containing the memory used for buffering in kB
+-- @return String containing the free memory amount in kB
+-- @return Number containing free memory in percent
+-- @return Number containing buffer memory in percent
+-- @return Number containing cache memory in percent
+function sysinfo()
+ local c1 = "cat /proc/cpuinfo|grep system\\ typ|cut -d: -f2 2>/dev/null"
+ local c2 = "uname -m 2>/dev/null"
+ local c3 = "cat /proc/cpuinfo|grep model\\ name|cut -d: -f2 2>/dev/null"
+ local c4 = "cat /proc/cpuinfo|grep cpu\\ model|cut -d: -f2 2>/dev/null"
+ local c5 = "cat /proc/meminfo|grep MemTotal|awk {' print $2 '} 2>/dev/null"
+ local c6 = "cat /proc/meminfo|grep ^Cached|awk {' print $2 '} 2>/dev/null"
+ local c7 = "cat /proc/meminfo|grep MemFree|awk {' print $2 '} 2>/dev/null"
+ local c8 = "cat /proc/meminfo|grep Buffers|awk {' print $2 '} 2>/dev/null"
+
+ local system = luci.util.trim(luci.util.exec(c1))
+ local model = ""
+ local memtotal = luci.util.trim(luci.util.exec(c5))
+ local memcached = luci.util.trim(luci.util.exec(c6))
+ local memfree = luci.util.trim(luci.util.exec(c7))
+ local membuffers = luci.util.trim(luci.util.exec(c8))
+ local perc_memfree = math.floor((memfree/memtotal)*100)
+ local perc_membuffers = math.floor((membuffers/memtotal)*100)
+ local perc_memcached = math.floor((memcached/memtotal)*100)
+
+ if system == "" then
+ system = luci.util.trim(luci.util.exec(c2))
+ model = luci.util.trim(luci.util.exec(c3))
+ else
+ model = luci.util.trim(luci.util.exec(c4))
+ end
+
+ return system, model, memtotal, memcached, membuffers, memfree, perc_memfree, perc_membuffers, perc_memcached
+end
+
+--- Retrieves the output of the "logread" command.
+-- @return String containing the current log buffer
+function syslog()
+ return luci.util.exec("logread")
+end
+
+--- Generates a random id with specified length.
+-- @param bytes Number of bytes for the unique id
+-- @return String containing hex encoded id
+function uniqueid(bytes)
+ local fp = io.open("/dev/urandom")
+ local chunk = { fp:read(bytes):byte(1, bytes) }
+ fp:close()
+
+ local hex = ""
+
+ local pattern = "%02X"
+ for i, byte in ipairs(chunk) do
+ hex = hex .. pattern:format(byte)
+ end
+
+ return hex
+end
+
+--- Returns the current system uptime stats.
+-- @return String containing total uptime in seconds
+-- @return String containing idle time in seconds
+function uptime()
+ local loadavg = io.lines("/proc/uptime")()
+ return loadavg:match("^(.-) (.-)$")
+end
+
+--- LuCI system utilities / POSIX user group related functions.
+-- @class module
+-- @name luci.sys.group
+group = {}
+
+--- Returns information about a POSIX user group.
+-- @param group Group ID or name of a system user group
+-- @return Table with information about the requested group
+group.getgroup = posix.getgroup
+
+
+--- LuCI system utilities / network related functions.
+-- @class module
+-- @name luci.sys.net
+net = {}
+
+--- Returns the current arp-table entries as two-dimensional table.
+-- @return Table of table containing the current arp entries.
+-- The following fields are defined for arp entry objects:
+-- { "IP address", "HW address", "HW type", "Flags", "Mask", "Device" }
+function net.arptable()
+ return _parse_delimited_table(io.lines("/proc/net/arp"), "%s%s+")
+end
+
+--- Test whether an IP-Adress belongs to a certain net.
+-- @param ip IPv4 address to test
+-- @param ipnet IPv4 network address of the net range to compare against
+-- @param prefix Network prefix of the net range to compare against
+-- @return Boolean indicating wheather the ip is within the range
+function net.belongs(ip, ipnet, prefix)
+ return (net.ip4bin(ip):sub(1, prefix) == net.ip4bin(ipnet):sub(1, prefix))
+end
+
+--- Determine the current default route.
+-- @return Table with the properties of the current default route.
+-- The following fields are defined:
+-- { "Mask", "RefCnt", "Iface", "Flags", "Window", "IRTT",
+-- "MTU", "Gateway", "Destination", "Metric", "Use" }
+function net.defaultroute()
+ local routes = net.routes()
+ local route = nil
+
+ for i, r in pairs(luci.sys.net.routes()) do
+ if r.Destination == "00000000" and (not route or route.Metric > r.Metric) then
+ route = r
+ end
+ end
+
+ return route
+end
+
+--- Determine the names of available network interfaces.
+-- @return Table containing all current interface names
+function net.devices()
+ local devices = {}
+ for line in io.lines("/proc/net/dev") do
+ table.insert(devices, line:match(" *(.-):"))
+ end
+ return devices
+end
+
+-- Determine the MAC address belonging to the given IP address.
+-- @param ip IPv4 address
+-- @return String containing the MAC address or nil if it cannot be found
+function net.ip4mac(ip)
+ local mac = nil
+
+ for i, l in ipairs(net.arptable()) do
+ if l["IP address"] == ip then
+ mac = l["HW address"]
+ end
+ end
+
+ return mac
+end
+
+--- Calculate the prefix from a given netmask.
+-- @param mask IPv4 net mask
+-- @return Number containing the corresponding numerical prefix
+function net.mask4prefix(mask)
+ local bin = net.ip4bin(mask)
+
+ if not bin then
+ return nil
+ end
+
+ return #luci.util.split(bin, "1")-1
+end
+
+--- Returns the current kernel routing table entries.
+-- @return Table of tables with properties of the corresponding routes.
+-- The following fields are defined for route entry tables:
+-- { "Mask", "RefCnt", "Iface", "Flags", "Window", "IRTT",
+-- "MTU", "Gateway", "Destination", "Metric", "Use" }
+function net.routes()
+ return _parse_delimited_table(io.lines("/proc/net/route"))
+end
+
+--- Convert hexadecimal 32 bit value to IPv4 address.
+-- @param hex String containing the hexadecimal value
+-- @param be Boolean indicating wheather the given value is big endian
+-- @return String containing the corresponding IP4 address
+function net.hexip4(hex, be)
+ if #hex ~= 8 then
+ return nil
+ end
+
+ be = be or luci.util.bigendian()
+
+ local hexdec = luci.bits.Hex2Dec
+
+ local ip = ""
+ if be then
+ ip = ip .. tostring(hexdec(hex:sub(1,2))) .. "."
+ ip = ip .. tostring(hexdec(hex:sub(3,4))) .. "."
+ ip = ip .. tostring(hexdec(hex:sub(5,6))) .. "."
+ ip = ip .. tostring(hexdec(hex:sub(7,8)))
+ else
+ ip = ip .. tostring(hexdec(hex:sub(7,8))) .. "."
+ ip = ip .. tostring(hexdec(hex:sub(5,6))) .. "."
+ ip = ip .. tostring(hexdec(hex:sub(3,4))) .. "."
+ ip = ip .. tostring(hexdec(hex:sub(1,2)))
+ end
+
+ return ip
+end
+
+--- Convert given IPv4 address to binary value.
+-- @param ip String containing a IPv4 address
+-- @return String containing corresponding binary value
+function net.ip4bin(ip)
+ local parts = luci.util.split(ip, '.')
+ if #parts ~= 4 then
+ return nil
+ end
+
+ local decbin = luci.bits.Dec2Bin
+
+ local bin = ""
+ bin = bin .. decbin(parts[1], 8)
+ bin = bin .. decbin(parts[2], 8)
+ bin = bin .. decbin(parts[3], 8)
+ bin = bin .. decbin(parts[4], 8)
+
+ return bin
+end
+
+--- Tests whether the given host responds to ping probes.
+-- @param host String containing a hostname or IPv4 address
+-- @return Number containing 0 on success and >= 1 on error
+function net.pingtest(host)
+ return os.execute("ping -c1 '"..host:gsub("'", '').."' >/dev/null 2>&1")
+end
+
+
+--- LuCI system utilities / process related functions.
+-- @class module
+-- @name luci.sys.process
+process = {}
+
+--- Get the current process id.
+-- @return Number containing the current pid
+process.info = posix.getpid
+
+--- Set the gid of a process identified by given pid.
+-- @param pid Number containing the process id
+-- @param gid Number containing the Unix group id
+-- @return Boolean indicating successful operation
+-- @return String containing the error message if failed
+-- @return Number containing the error code if failed
+function process.setgroup(pid, gid)
+ return posix.setpid("g", pid, gid)
+end
+
+--- Set the uid of a process identified by given pid.
+-- @param pid Number containing the process id
+-- @param uid Number containing the Unix user id
+-- @return Boolean indicating successful operation
+-- @return String containing the error message if failed
+-- @return Number containing the error code if failed
+function process.setuser(pid, uid)
+ return posix.setpid("u", pid, uid)
+end
+
+
+--- LuCI system utilities / user related functions.
+-- @class module
+-- @name luci.sys.user
+user = {}
+
+--- Retrieve user informations for given uid.
+-- @class function
+-- @name getuser
+-- @param uid Number containing the Unix user id
+-- @return Table containing the following fields:
+-- { "uid", "gid", "name", "passwd", "dir", "shell", "gecos" }
+user.getuser = posix.getpasswd
+
+--- Test whether given string matches the password of a given system user.
+-- @param username String containing the Unix user name
+-- @param password String containing the password to compare
+-- @return Boolean indicating wheather the passwords are equal
+function user.checkpasswd(username, password)
+ local account = user.getuser(username)
+
+ -- FIXME: detect testing environment
+ if luci.fs.stat("/etc/shadow") and not luci.fs.access("/etc/shadow", "r") then
+ return true
+ elseif account then
+ if account.passwd == "!" then
+ return true
+ else
+ return (account.passwd == posix.crypt(password, account.passwd))
+ end
+ end
+end
+
+--- Change the password of given user.
+-- @param username String containing the Unix user name
+-- @param password String containing the password to compare
+-- @return Number containing 0 on success and >= 1 on error
+function user.setpasswd(username, password)
+ if password then
+ password = password:gsub("'", "")
+ end
+
+ if username then
+ username = username:gsub("'", "")
+ end
+
+ local cmd = "(echo '"..password.."';sleep 1;echo '"..password.."')|"
+ cmd = cmd .. "passwd '"..username.."' >/dev/null 2>&1"
+ return os.execute(cmd)
+end
+
+
+--- LuCI system utilities / wifi related functions.
+-- @class module
+-- @name luci.sys.wifi
+wifi = {}
+
+--- Get iwconfig output for all wireless devices.
+-- @return Table of tables containing the iwconfing output for each wifi device
+function wifi.getiwconfig()
+ local cnt = luci.util.exec("/usr/sbin/iwconfig 2>/dev/null")
+ local iwc = {}
+
+ for i, l in pairs(luci.util.split(luci.util.trim(cnt), "\n\n")) do
+ local k = l:match("^(.-) ")
+ l = l:gsub("^(.-) +", "", 1)
+ if k then
+ iwc[k] = _parse_mixed_record(l)
+ end
+ end
+
+ return iwc
+end
+
+--- Get iwlist scan output from all wireless devices.
+-- @return Table of tables contaiing all scan results
+function wifi.iwscan()
+ local cnt = luci.util.exec("iwlist scan 2>/dev/null")
+ local iws = {}
+
+ for i, l in pairs(luci.util.split(luci.util.trim(cnt), "\n\n")) do
+ local k = l:match("^(.-) ")
+ l = l:gsub("^[^\n]+", "", 1)
+ l = luci.util.trim(l)
+ if k then
+ iws[k] = {}
+ for j, c in pairs(luci.util.split(l, "\n Cell")) do
+ c = c:gsub("^(.-)- ", "", 1)
+ c = luci.util.split(c, "\n", 7)
+ c = table.concat(c, "\n", 1)
+ table.insert(iws[k], _parse_mixed_record(c))
+ end
+ end
+ end
+
+ return iws
+end
+
+
+-- Internal functions
+
+function _parse_delimited_table(iter, delimiter)
+ delimiter = delimiter or "%s+"
+
+ local data = {}
+ local trim = luci.util.trim
+ local split = luci.util.split
+
+ local keys = split(trim(iter()), delimiter, nil, true)
+ for i, j in pairs(keys) do
+ keys[i] = trim(keys[i])
+ end
+
+ for line in iter do
+ local row = {}
+ line = trim(line)
+ if #line > 0 then
+ for i, j in pairs(split(line, delimiter, nil, true)) do
+ if keys[i] then
+ row[keys[i]] = j
+ end
+ end
+ end
+ table.insert(data, row)
+ end
+
+ return data
+end
+
+function _parse_mixed_record(cnt)
+ local data = {}
+
+ for i, l in pairs(luci.util.split(luci.util.trim(cnt), "\n")) do
+ for j, f in pairs(luci.util.split(luci.util.trim(l), " ")) do
+ local k, x, v = f:match('([^%s][^:=]+) *([:=]*) *"*([^\n"]*)"*')
+
+ if k then
+ if x == "" then
+ table.insert(data, k)
+ else
+ data[k] = v
+ end
+ end
+ end
+ end
+
+ return data
+end
diff --git a/libs/sys/luasrc/sys/iptparser.lua b/libs/sys/luasrc/sys/iptparser.lua
new file mode 100644
index 0000000000..2e8085a55d
--- /dev/null
+++ b/libs/sys/luasrc/sys/iptparser.lua
@@ -0,0 +1,244 @@
+--[[
+LuCI - Iptables parser and query library
+
+Copyright 2008 Jo-Philipp Wich <freifunk@wwsnet.net>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+$Id$
+
+]]--
+
+module("luci.sys.iptparser", package.seeall)
+require("luci.util")
+
+
+IptParser = luci.util.class()
+
+--[[
+IptParser.__init__( ... )
+
+The class constructor, initializes the internal lookup table.
+]]--
+
+function IptParser.__init__( self, ... )
+ self._rules = { }
+ self._chain = nil
+ self:_parse_rules()
+end
+
+
+--[[
+IptParser.find( args )
+
+Find all firewall rules that match the given criteria. Expects a table with search criteria as only argument.
+If args is nil or an empty table then all rules will be returned.
+
+The following keys in the args table are recognized:
+
+ - table Match rules that are located within the given table
+ - chain Match rules that are located within the given chain
+ - target Match rules with the given target
+ - protocol Match rules that match the given protocol, rules with protocol "all" are always matched
+ - source Match rules with the given source, rules with source "0.0.0.0/0" are always matched
+ - destination Match rules with the given destination, rules with destination "0.0.0.0/0" are always matched
+ - inputif Match rules with the given input interface, rules with input interface "*" (=all) are always matched
+ - outputif Match rules with the given output interface, rules with output interface "*" (=all) are always matched
+ - flags Match rules that match the given flags, current supported values are "-f" (--fragment) and "!f" (! --fragment)
+ - options Match rules containing all given options
+
+The return value is a list of tables representing the matched rules.
+Each rule table contains the following fields:
+
+ - index The index number of the rule
+ - table The table where the rule is located, can be one of "filter", "nat" or "mangle"
+ - chain The chain where the rule is located, e.g. "INPUT" or "postrouting_wan"
+ - target The rule target, e.g. "REJECT" or "DROP"
+ - protocol The matching protocols, e.g. "all" or "tcp"
+ - flags Special rule options ("--", "-f" or "!f")
+ - inputif Input interface of the rule, e.g. "eth0.0" or "*" for all interfaces
+ - outputif Output interface of the rule, e.g. "eth0.0" or "*" for all interfaces
+ - source The source ip range, e.g. "0.0.0.0/0"
+ - destination The destination ip range, e.g. "0.0.0.0/0"
+ - options A list of specific options of the rule, e.g. { "reject-with", "tcp-reset" }
+ - packets The number of packets matched by the rule
+ - bytes The number of total bytes matched by the rule
+
+Example:
+
+ip = luci.sys.iptparser.IptParser()
+result = ip.find( {
+ target="REJECT",
+ protocol="tcp",
+ options={ "reject-with", "tcp-reset" }
+} )
+
+This will match all rules with target "-j REJECT", protocol "-p tcp" (or "-p all") and the option "--reject-with tcp-reset".
+
+]]--
+
+function IptParser.find( self, args )
+
+ local args = args or { }
+ local rv = { }
+
+ for i, rule in ipairs(self._rules) do
+ local match = true
+
+ -- match table
+ if not ( not args.table or args.table == rule.table ) then
+ match = false
+ end
+
+ -- match chain
+ if not ( match == true and ( not args.chain or args.chain == rule.chain ) ) then
+ match = false
+ end
+
+ -- match target
+ if not ( match == true and ( not args.target or args.target == rule.target ) ) then
+ match = false
+ end
+
+ -- match protocol
+ if not ( match == true and ( not args.protocol or rule.protocol == "all" or args.protocol == rule.protocol ) ) then
+ match = false
+ end
+
+ -- match source (XXX: implement ipcalc stuff so that 192.168.1.0/24 matches 0.0.0.0/0 etc.)
+ if not ( match == true and ( not args.source or rule.source == "0.0.0.0/0" or rule.source == args.source ) ) then
+ match = false
+ end
+
+ -- match destination (XXX: implement ipcalc stuff so that 192.168.1.0/24 matches 0.0.0.0/0 etc.)
+ if not ( match == true and ( not args.destination or rule.destination == "0.0.0.0/0" or rule.destination == args.destination ) ) then
+ match = false
+ end
+
+ -- match input interface
+ if not ( match == true and ( not args.inputif or rule.inputif == "*" or args.inputif == rule.inputif ) ) then
+ match = false
+ end
+
+ -- match output interface
+ if not ( match == true and ( not args.outputif or rule.outputif == "*" or args.outputif == rule.outputif ) ) then
+ match = false
+ end
+
+ -- match flags (the "opt" column)
+ if not ( match == true and ( not args.flags or rule.flags == args.flags ) ) then
+ match = false
+ end
+
+ -- match specific options
+ if not ( match == true and ( not args.options or self:_match_options( rule.options, args.options ) ) ) then
+ match = false
+ end
+
+
+ -- insert match
+ if match == true then
+ table.insert( rv, rule )
+ end
+ end
+
+ return rv
+end
+
+
+--[[
+IptParser.resync()
+
+Rebuild the internal lookup table, for example when rules have changed through external commands.
+]]--
+
+function IptParser.resync( self )
+ self._rules = { }
+ self._chain = nil
+ self:_parse_rules()
+end
+
+
+--[[
+IptParser._parse_rules()
+
+[internal] Parse iptables output from all tables.
+]]--
+
+function IptParser._parse_rules( self )
+
+ for i, tbl in ipairs({ "filter", "nat", "mangle" }) do
+
+ for i, rule in ipairs(luci.util.execl("iptables -t " .. tbl .. " --line-numbers -nxvL")) do
+
+ if rule:find( "Chain " ) == 1 then
+
+ self._chain = rule:gsub("Chain ([^%s]*) .*", "%1")
+
+ else
+ if rule:find("%d") == 1 then
+
+ local rule_parts = luci.util.split( rule, "%s+", nil, true )
+ local rule_details = { }
+
+ rule_details["table"] = tbl
+ rule_details["chain"] = self._chain
+ rule_details["index"] = tonumber(rule_parts[1])
+ rule_details["packets"] = tonumber(rule_parts[2])
+ rule_details["bytes"] = tonumber(rule_parts[3])
+ rule_details["target"] = rule_parts[4]
+ rule_details["protocol"] = rule_parts[5]
+ rule_details["flags"] = rule_parts[6]
+ rule_details["inputif"] = rule_parts[7]
+ rule_details["outputif"] = rule_parts[8]
+ rule_details["source"] = rule_parts[9]
+ rule_details["destination"] = rule_parts[10]
+ rule_details["options"] = { }
+
+ for i = 11, #rule_parts - 1 do
+ rule_details["options"][i-10] = rule_parts[i]
+ end
+
+ table.insert( self._rules, rule_details )
+ end
+ end
+ end
+ end
+
+ self._chain = nil
+end
+
+
+--[[
+IptParser._match_options( optlist1, optlist2 )
+
+[internal] Return true if optlist1 contains all elements of optlist2. Return false in all other cases.
+]]--
+
+function IptParser._match_options( self, o1, o2 )
+
+ -- construct a hashtable of first options list to speed up lookups
+ local oh = { }
+ for i, opt in ipairs( o1 ) do oh[opt] = true end
+
+ -- iterate over second options list
+ -- each string in o2 must be also present in o1
+ -- if o2 contains a string which is not found in o1 then return false
+ for i, opt in ipairs( o2 ) do
+ if not oh[opt] then
+ return false
+ end
+ end
+
+ return true
+end