diff options
Diffstat (limited to 'protocols')
10 files changed, 208 insertions, 13 deletions
diff --git a/protocols/luci-proto-gre/htdocs/luci-static/resources/protocol/gre.js b/protocols/luci-proto-gre/htdocs/luci-static/resources/protocol/gre.js index e431bccd76..f43e92019d 100644 --- a/protocols/luci-proto-gre/htdocs/luci-static/resources/protocol/gre.js +++ b/protocols/luci-proto-gre/htdocs/luci-static/resources/protocol/gre.js @@ -46,6 +46,13 @@ return network.registerProtocol('gre', { o = s.taboption('general', form.Value, 'ipaddr', _("Local IPv4 address"), _("The local IPv4 address over which the tunnel is created (optional).")); o.optional = true; o.datatype = 'ip4addr("nomask")'; + o.load = function(section_id) { + return network.getWANNetworks().then(L.bind(function(nets) { + if (nets.length) + this.placeholder = nets[0].getIPAddr(); + return form.Value.prototype.load.apply(this, [section_id]); + }, this)); + }; // -- advanced --------------------------------------------------------------------- @@ -64,11 +71,11 @@ return network.registerProtocol('gre', { o.placeholder = 64; o.datatype = 'min(1)'; - o = s.taboption('advanced', form.Value, 'tos', _('Override TOS'), _("Specify a TOS (Type of Service). Can be either <code>inherit</code> (the outer header inherits the value of the inner header) or an hexadecimal value starting with <code>0x</code> (optional).")); + o = s.taboption('advanced', form.Value, 'tos', _("Override TOS"), _("Specify a TOS (Type of Service). Can be <code>inherit</code> (the outer header inherits the value of the inner header), or an hexadecimal value <code>00..FF</code> (optional).")); o.optional = true; o.validate = function(section_id, value) { - if (value.length > 0 && !value.match(/^0x[a-fA-F0-9]{1,2}$/) && !value.match(/^inherit$/i)) - return _('Invalid value'); + if (value.length > 0 && !value.match(/^[a-f0-9]{1,2}$/i) && !value.match(/^inherit$/i)) + return _("Invalid TOS value, expected 00..FF or inherit"); return true; }; @@ -79,6 +86,9 @@ return network.registerProtocol('gre', { o = s.taboption('advanced', form.Flag, 'nohostroute', _("No host route"), _("Do not create host route to peer (optional).")); o.optional = true; + o = s.taboption('advanced', form.Flag, 'multicast', _("Multicast"), _("Enable support for multicast traffic (optional).")); + o.optional = true; + o = s.taboption('advanced', form.Value, 'ikey', _("Incoming key"), _("Key for incoming packets (optional).")); o.optional = true; o.datatype = 'integer'; diff --git a/protocols/luci-proto-gre/htdocs/luci-static/resources/protocol/gretap.js b/protocols/luci-proto-gre/htdocs/luci-static/resources/protocol/gretap.js index 426b5d98df..bb61805bda 100644 --- a/protocols/luci-proto-gre/htdocs/luci-static/resources/protocol/gretap.js +++ b/protocols/luci-proto-gre/htdocs/luci-static/resources/protocol/gretap.js @@ -46,6 +46,13 @@ return network.registerProtocol('gretap', { o = s.taboption('general', form.Value, 'ipaddr', _("Local IPv4 address"), _("The local IPv4 address over which the tunnel is created (optional).")); o.optional = true; o.datatype = 'ip4addr("nomask")'; + o.load = function(section_id) { + return network.getWANNetworks().then(L.bind(function(nets) { + if (nets.length) + this.placeholder = nets[0].getIPAddr(); + return form.Value.prototype.load.apply(this, [section_id]); + }, this)); + }; o = s.taboption('general', widgets.NetworkSelect, 'network', _("Network interface"), _("Logical network to which the tunnel will be added (bridged) (optional).")); o.exclude = s.section; @@ -69,11 +76,11 @@ return network.registerProtocol('gretap', { o.placeholder = 64; o.datatype = 'min(1)'; - o = s.taboption('advanced', form.Value, 'tos', _('Override TOS'), _("Specify a TOS (Type of Service). Can be either <code>inherit</code> (the outer header inherits the value of the inner header) or an hexadecimal value starting with <code>0x</code> (optional).")); + o = s.taboption('advanced', form.Value, 'tos', _("Override TOS"), _("Specify a TOS (Type of Service). Can be <code>inherit</code> (the outer header inherits the value of the inner header) or an hexadecimal value <code>00..FF</code> (optional).")); o.optional = true; o.validate = function(section_id, value) { - if (value.length > 0 && !value.match(/^0x[a-fA-F0-9]{1,2}$/) && !value.match(/^inherit$/i)) - return _('Invalid value'); + if (value.length > 0 && !value.match(/^[a-f0-9]{1,2}$/i) && !value.match(/^inherit$/i)) + return _("Invalid TOS value, expected 00..FF or inherit"); return true; }; @@ -84,6 +91,9 @@ return network.registerProtocol('gretap', { o = s.taboption('advanced', form.Flag, 'nohostroute', _("No host route"), _("Do not create host route to peer (optional).")); o.optional = true; + o = s.taboption('advanced', form.Flag, 'multicast', _("Multicast"), _("Enable support for multicast traffic (optional).")); + o.optional = true; + o = s.taboption('advanced', form.Value, 'ikey', _("Incoming key"), _("Key for incoming packets (optional).")); o.optional = true; o.datatype = 'integer'; diff --git a/protocols/luci-proto-gre/htdocs/luci-static/resources/protocol/grev6.js b/protocols/luci-proto-gre/htdocs/luci-static/resources/protocol/grev6.js index bd9a43e27b..d8fb3d3377 100644 --- a/protocols/luci-proto-gre/htdocs/luci-static/resources/protocol/grev6.js +++ b/protocols/luci-proto-gre/htdocs/luci-static/resources/protocol/grev6.js @@ -46,6 +46,13 @@ return network.registerProtocol('grev6', { o = s.taboption('general', form.Value, 'ip6addr', _("Local IPv6 address"), _("The local IPv6 address over which the tunnel is created (optional).")); o.optional = true; o.datatype = 'ip6addr("nomask")'; + o.load = function(section_id) { + return network.getWAN6Networks().then(L.bind(function(nets) { + if (Array.isArray(nets) && nets.length) + this.placeholder = nets[0].getIP6Addr(); + return form.Value.prototype.load.apply(this, [section_id]); + }, this)); + }; o = s.taboption('general', widgets.NetworkSelect, 'weakif', _("Source interface"), _("Logical network from which to select the local endpoint if local IPv6 address is empty and no WAN IPv6 is available (optional).")); o.exclude = s.section; @@ -69,11 +76,11 @@ return network.registerProtocol('grev6', { o.placeholder = 64; o.datatype = 'min(1)'; - o = s.taboption('advanced', form.Value, 'tos', _('Traffic Class'), _("Specify a Traffic Class. Can be either <code>inherit</code> (the outer header inherits the value of the inner header) or an hexadecimal value starting with <code>0x</code> (optional).")); + o = s.taboption('advanced', form.Value, 'tos', _("Traffic Class"), _("Specify a Traffic Class. Can be <code>inherit</code> (the outer header inherits the value of the inner header) or an hexadecimal value <code>00..FF</code> (optional).")); o.optional = true; o.validate = function(section_id, value) { - if (value.length > 0 && !value.match(/^0x[a-fA-F0-9]{1,2}$/) && !value.match(/^inherit$/i)) - return _('Invalid value'); + if (value.length > 0 && !value.match(/^[a-f0-9]{1,2}$/i) && !value.match(/^inherit$/i))) + return _("Invalid Traffic Class value, expected 00..FF or inherit"); return true; }; @@ -81,6 +88,9 @@ return network.registerProtocol('grev6', { o = s.taboption('advanced', form.Flag, 'nohostroute', _("No host route"), _("Do not create host route to peer (optional).")); o.optional = true; + o = s.taboption('advanced', form.Flag, 'multicast', _("Multicast"), _("Enable support for multicast traffic (optional).")); + o.optional = true; + o = s.taboption('advanced', form.Value, 'ikey', _("Incoming key"), _("Key for incoming packets (optional).")); o.optional = true; o.datatype = 'integer'; diff --git a/protocols/luci-proto-gre/htdocs/luci-static/resources/protocol/grev6tap.js b/protocols/luci-proto-gre/htdocs/luci-static/resources/protocol/grev6tap.js index 3b1a503719..bf3eead669 100644 --- a/protocols/luci-proto-gre/htdocs/luci-static/resources/protocol/grev6tap.js +++ b/protocols/luci-proto-gre/htdocs/luci-static/resources/protocol/grev6tap.js @@ -42,6 +42,13 @@ return network.registerProtocol('grev6tap', { o = s.taboption('general', form.Value, 'peer6addr', _("Remote IPv6 address or FQDN"), _("The IPv6 address or the fully-qualified domain name of the remote tunnel end.")); o.optional = false; o.datatype = 'or(hostname,ip6addr("nomask"))'; + o.load = function(section_id) { + return network.getWAN6Networks().then(L.bind(function(nets) { + if (Array.isArray(nets) && nets.length) + this.placeholder = nets[0].getIP6Addr(); + return form.Value.prototype.load.apply(this, [section_id]); + }, this)); + }; o = s.taboption('general', form.Value, 'ip6addr', _("Local IPv6 address"), _("The local IPv6 address over which the tunnel is created (optional).")); o.optional = true; @@ -74,11 +81,11 @@ return network.registerProtocol('grev6tap', { o.placeholder = 64; o.datatype = 'min(1)'; - o = s.taboption('advanced', form.Value, 'tos', _('Traffic Class'), _("Specify a Traffic Class. Can be either <code>inherit</code> (the outer header inherits the value of the inner header) or an hexadecimal value starting with <code>0x</code> (optional).")); + o = s.taboption('advanced', form.Value, 'tos', _("Traffic Class"), _("Specify a Traffic Class. Can be <code>inherit</code> (the outer header inherits the value of the inner header) or an hexadecimal value <code>00..FF</code> (optional).")); o.optional = true; o.validate = function(section_id, value) { - if (value.length > 0 && !value.match(/^0x[a-fA-F0-9]{1,2}$/) && !value.match(/^inherit$/i)) - return _('Invalid value'); + if (value.length > 0 && !value.match(/^[a-f0-9]{1,2}$/i) && !value.match(/^inherit$/i)) + return _("Invalid Traffic Class value, expected 00..FF or inherit"); return true; }; @@ -86,6 +93,9 @@ return network.registerProtocol('grev6tap', { o = s.taboption('advanced', form.Flag, 'nohostroute', _("No host route"), _("Do not create host route to peer (optional).")); o.optional = true; + o = s.taboption('advanced', form.Flag, 'multicast', _("Multicast"), _("Enable support for multicast traffic (optional).")); + o.optional = true; + o = s.taboption('advanced', form.Value, 'ikey', _("Incoming key"), _("Key for incoming packets (optional).")); o.optional = true; o.datatype = 'integer'; diff --git a/protocols/luci-proto-ipv6/htdocs/luci-static/resources/protocol/map.js b/protocols/luci-proto-ipv6/htdocs/luci-static/resources/protocol/map.js index 006ebfbf08..5c292af619 100644 --- a/protocols/luci-proto-ipv6/htdocs/luci-static/resources/protocol/map.js +++ b/protocols/luci-proto-ipv6/htdocs/luci-static/resources/protocol/map.js @@ -40,7 +40,7 @@ return network.registerProtocol('map', { renderFormOptions: function(s) { var o; - o = s.taboption('general', form.ListValue, 'type', _('Type')); + o = s.taboption('general', form.ListValue, 'maptype', _('Type')); o.value('map-e', 'MAP-E'); o.value('map-t', 'MAP-T'); o.value('lw4o6', 'LW4over6'); @@ -92,5 +92,7 @@ return network.registerProtocol('map', { o = s.taboption('advanced', form.Value, 'mtu', _('Use MTU on tunnel interface')); o.placeholder = '1280'; o.datatype = 'max(9200)'; + + o = s.taboption('advanced', form.Flag, 'legacymap', _('Use legacy MAP'), _('Use legacy MAP interface identifier format (draft-ietf-softwire-map-00) instead of RFC7597')); } }); diff --git a/protocols/luci-proto-openfortivpn/Makefile b/protocols/luci-proto-openfortivpn/Makefile new file mode 100644 index 0000000000..17a63f78eb --- /dev/null +++ b/protocols/luci-proto-openfortivpn/Makefile @@ -0,0 +1,14 @@ +# +# Copyright (C) 2008-2020 The LuCI Team <luci@lists.subsignal.org> +# +# This is free software, licensed under the Apache License, Version 2.0 . +# + +include $(TOPDIR)/rules.mk + +LUCI_TITLE:=Support for OpenFortivpn +LUCI_DEPENDS:=+openfortivpn + +include ../../luci.mk + +# call BuildPackage - OpenWrt buildroot signature diff --git a/protocols/luci-proto-openfortivpn/htdocs/luci-static/resources/protocol/openfortivpn.js b/protocols/luci-proto-openfortivpn/htdocs/luci-static/resources/protocol/openfortivpn.js new file mode 100644 index 0000000000..d0e6bdb011 --- /dev/null +++ b/protocols/luci-proto-openfortivpn/htdocs/luci-static/resources/protocol/openfortivpn.js @@ -0,0 +1,83 @@ +'use strict'; +'require rpc'; +'require form'; +'require network'; +'require tools.widgets as widgets'; + +network.registerPatternVirtual(/^vpn-.+$/); + + +return network.registerProtocol('openfortivpn', { + getI18n: function() { + return _('OpenFortivpn'); + }, + + getIfname: function() { + return this._ubus('l3_device') || 'vpn-%s'.format(this.sid); + }, + + getOpkgPackage: function() { + return 'openfortivpn'; + }, + + isFloating: function() { + return true; + }, + + isVirtual: function() { + return true; + }, + + getDevices: function() { + return null; + }, + + containsDevice: function(ifname) { + return (network.getIfnameOf(ifname) == this.getIfname()); + }, + + renderFormOptions: function(s) { + var o; + + o = s.taboption('general', form.Value, 'peeraddr', _('VPN Server')); + o.datatype = 'host(0)'; + + o = s.taboption('general', form.Value, 'port', _('VPN Server port')); + o.placeholder = '443'; + o.datatype = 'port'; + o.optional = true; + + s.taboption("general", form.Value, "username", _("Username")); + + o = s.taboption('general', form.Value, 'password', _('Password')); + o.password = true; + + o = s.taboption('advanced', widgets.NetworkSelect, 'tunlink', _('Bind interface'), _('Bind the tunnel to this interface (optional).')); + o.exclude = s.section; + o.nocreate = true; + o.optional = true; + + o = s.taboption('advanced', form.Value, 'trusted_cert', _("VPN Server's certificate SHA1 hash")); + o.datatype = 'and(hexstring,length(64))' + o.optional = true; + + o = s.taboption('advanced', form.Flag, 'defaultroute', _('Use default gateway'), _('If unchecked, no default route is configured')); + o.default = o.enabled; + o.optional = true; + + o = s.taboption('advanced', form.Flag, 'peerdns', _('Use DNS servers advertised by peer'), _('If unchecked, the advertised DNS server addresses are ignored')); + o.default = o.enabled; + o.optional = true; + + o = s.taboption('advanced', form.Value, 'metric', _('Use gateway metric')); + o.placeholder = '0'; + o.datatype = 'uinteger'; + o.optional = true; + + o = s.taboption("advanced", form.Value, 'local_ip', _("Local IP address")); + o.placeholder = '192.168.0.5' + o.dataype = 'ipaddr' + o.optional = true; + + } +}); diff --git a/protocols/luci-proto-wireguard/htdocs/luci-static/resources/protocol/wireguard.js b/protocols/luci-proto-wireguard/htdocs/luci-static/resources/protocol/wireguard.js index e88c07c339..4690ecfc7f 100644 --- a/protocols/luci-proto-wireguard/htdocs/luci-static/resources/protocol/wireguard.js +++ b/protocols/luci-proto-wireguard/htdocs/luci-static/resources/protocol/wireguard.js @@ -1,8 +1,16 @@ 'use strict'; +'require ui'; 'require uci'; +'require rpc'; 'require form'; 'require network'; +var generateKey = rpc.declare({ + object: 'luci.wireguard', + method: 'generateKeyPair', + expect: { keys: {} } +}); + function validateBase64(section_id, value) { if (value.length == 0) return true; @@ -55,6 +63,18 @@ return network.registerProtocol('wireguard', { o.validate = validateBase64; o.rmempty = false; + o = s.taboption('general', form.Button, 'generate_key', _('Generate Key')); + o.inputstyle = 'apply'; + o.onclick = ui.createHandlerFn(this, function(section_id, ev) { + return generateKey().then(function(keypair) { + var keyInput = document.getElementById('widget.cbid.network.%s.private_key'.format(section_id)), + changeEvent = new Event('change'); + + keyInput.value = keypair.priv || ''; + keyInput.dispatchEvent(changeEvent); + }); + }, s.section); + o = s.taboption('general', form.Value, 'listen_port', _('Listen Port'), _('Optional. UDP port used for outgoing and incoming packets.')); o.datatype = 'port'; o.placeholder = _('random'); diff --git a/protocols/luci-proto-wireguard/root/usr/libexec/rpcd/luci.wireguard b/protocols/luci-proto-wireguard/root/usr/libexec/rpcd/luci.wireguard new file mode 100755 index 0000000000..a6c951f3de --- /dev/null +++ b/protocols/luci-proto-wireguard/root/usr/libexec/rpcd/luci.wireguard @@ -0,0 +1,26 @@ +#!/bin/sh + +. /usr/share/libubox/jshn.sh + +case "$1" in + list) + json_init + json_add_object "generateKeyPair" + json_close_object + json_dump + ;; + call) + case "$2" in + generateKeyPair) + prv=$(wg genkey) + pub=$(echo $prv | wg pubkey) + json_init + json_add_object "keys" + json_add_string "priv" "$prv" + json_add_string "pub" "$pub" + json_close_object + json_dump + ;; + esac + ;; +esac diff --git a/protocols/luci-proto-wireguard/root/usr/share/rpcd/acl.d/luci-wireguard.json b/protocols/luci-proto-wireguard/root/usr/share/rpcd/acl.d/luci-wireguard.json new file mode 100644 index 0000000000..4bbcb81578 --- /dev/null +++ b/protocols/luci-proto-wireguard/root/usr/share/rpcd/acl.d/luci-wireguard.json @@ -0,0 +1,10 @@ +{ + "luci-proto-wireguard": { + "description": "Grant access to LuCI Wireguard procedures", + "write": { + "ubus": { + "luci.wireguard": [ "generateKeyPair" ] + } + } + } +} |