diff options
Diffstat (limited to 'protocols/luci-proto-wireguard')
| -rw-r--r-- | protocols/luci-proto-wireguard/Makefile | 1 | ||||
| -rw-r--r-- | protocols/luci-proto-wireguard/luasrc/model/cbi/admin_network/proto_wireguard.lua | 71 |
2 files changed, 52 insertions, 20 deletions
diff --git a/protocols/luci-proto-wireguard/Makefile b/protocols/luci-proto-wireguard/Makefile index ed94a557b6..0dc70cf31e 100644 --- a/protocols/luci-proto-wireguard/Makefile +++ b/protocols/luci-proto-wireguard/Makefile @@ -8,6 +8,7 @@ include $(TOPDIR)/rules.mk LUCI_TITLE:=Support for WireGuard VPN LUCI_DEPENDS:=+kmod-wireguard +wireguard-tools +LUCI_PKGARCH:=all PKG_MAINTAINER:=Dan Luedtke <mail@danrl.com> diff --git a/protocols/luci-proto-wireguard/luasrc/model/cbi/admin_network/proto_wireguard.lua b/protocols/luci-proto-wireguard/luasrc/model/cbi/admin_network/proto_wireguard.lua index 774c6db22b..64e256a517 100644 --- a/protocols/luci-proto-wireguard/luasrc/model/cbi/admin_network/proto_wireguard.lua +++ b/protocols/luci-proto-wireguard/luasrc/model/cbi/admin_network/proto_wireguard.lua @@ -1,11 +1,11 @@ --- Copyright 2016 Dan Luedtke <mail@danrl.com> +-- Copyright 2016-2017 Dan Luedtke <mail@danrl.com> -- Licensed to the public under the Apache License 2.0. local map, section, net = ... local ifname = net:get_interface():name() local private_key, listen_port -local metric, mtu, preshared_key +local metric, mtu, preshared_key, description local peers, public_key, allowed_ips, endpoint, persistent_keepalive @@ -19,7 +19,7 @@ private_key = section:taboption( translate("Required. Base64-encoded private key for this interface.") ) private_key.password = true -private_key.datatype = "rangelength(44, 44)" +private_key.datatype = "and(base64,rangelength(44,44))" private_key.optional = false @@ -31,9 +31,19 @@ listen_port = section:taboption( translate("Optional. UDP port used for outgoing and incoming packets.") ) listen_port.datatype = "port" -listen_port.placeholder = "51820" +listen_port.placeholder = translate("random") listen_port.optional = true +addresses = section:taboption( + "general", + DynamicList, + "addresses", + translate("IP Addresses"), + translate("Recommended. IP addresses of the WireGuard interface.") +) +addresses.datatype = "ipaddr" +addresses.optional = true + -- advanced -------------------------------------------------------------------- @@ -42,7 +52,7 @@ metric = section:taboption( Value, "metric", translate("Metric"), - translate("Optional.") + translate("Optional") ) metric.datatype = "uinteger" metric.placeholder = "0" @@ -56,22 +66,20 @@ mtu = section:taboption( translate("MTU"), translate("Optional. Maximum Transmission Unit of tunnel interface.") ) -mtu.datatype = "range(1280,1423)" -mtu.placeholder = "1423" +mtu.datatype = "range(1280,1420)" +mtu.placeholder = "1420" mtu.optional = true - -preshared_key = section:taboption( +fwmark = section:taboption( "advanced", Value, - "preshared_key", - translate("Preshared Key"), - translate("Optional. Adds in an additional layer of symmetric-key " .. - "cryptography for post-quantum resistance.") + "fwmark", + translate("Firewall Mark"), + translate("Optional. 32-bit mark for outgoing encrypted packets. " .. + "Enter value in hex, starting with <code>0x</code>.") ) -preshared_key.password = true -preshared_key.datatype = "rangelength(44, 44)" -preshared_key.optional = true +fwmark.datatype = "hex(4)" +fwmark.optional = true -- peers ----------------------------------------------------------------------- @@ -81,23 +89,46 @@ peers = map:section( "wireguard_" .. ifname, translate("Peers"), translate("Further information about WireGuard interfaces and peers " .. - "at <a href=\"http://wireguard.io\">wireguard.io</a>.") + "at <a href=\"http://wireguard.com\">wireguard.com</a>.") ) peers.template = "cbi/tsection" peers.anonymous = true peers.addremove = true +description = peers:option( + Value, + "description", + translate("Description"), + translate("Optional. Description of peer.")) +description.placeholder = "My Peer" +description.datatype = "string" +description.optional = true + + public_key = peers:option( Value, "public_key", translate("Public Key"), - translate("Required. Public key of peer.") + translate("Required. Base64-encoded public key of peer.") ) -public_key.datatype = "rangelength(44, 44)" +public_key.datatype = "and(base64,rangelength(44,44))" public_key.optional = false +preshared_key = peers:option( + Value, + "preshared_key", + translate("Preshared Key"), + translate("Optional. Base64-encoded preshared key. " .. + "Adds in an additional layer of symmetric-key " .. + "cryptography for post-quantum resistance.") +) +preshared_key.password = true +preshared_key.datatype = "and(base64,rangelength(44,44))" +preshared_key.optional = true + + allowed_ips = peers:option( DynamicList, "allowed_ips", @@ -144,5 +175,5 @@ persistent_keepalive = peers:option( translate("Optional. Seconds between keep alive messages. " .. "Default is 0 (disabled). Recommended value if " .. "this device is behind a NAT is 25.")) -persistent_keepalive.datatype = "range(0, 65535)" +persistent_keepalive.datatype = "range(0,65535)" persistent_keepalive.placeholder = "0" |