Age | Commit message (Collapse) | Author |
|
Prevent reflected XSS through the reset button by url encoding the
display parameter.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Instead of passing the full LuCI request url, pass the relative resolved
request path instead and filter the received value through the lookup()
dispatcher function to only allow paths to actual internal pages.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
luci-app-firewall/luci-base/luci-mod-admin-full: some fixes and improvements
|
|
Use the new luci.ip MAC address facilities to parse and verify MAC addresses
in a common way, instead of relying on various ad-hoc solutions.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Add a hint to backup restore that files could remain on the system.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
The length of DUID-LL is 80 bits (16 bit DUID type, 16 bit hardware type, 48 bit mac)
which corresponds to 20 nibbles. Also lower the minimum required length of DUID to
20 nibbles in order to allow entering a DUID-LL.
Signed-off-by: Arjen de Korte <build+github@de-korte.org>
|
|
fix DHCPv6 hostname display
|
|
Fixes [FS#1118](https://bugs.lede-project.org/index.php?do=details&task_id=1118)
Luci chokes on devices that do not have _iptables_ installed with:
/usr/lib/lua/luci/dispatcher.lua:460: Failed to execute function dispatcher target for entry '/'.
The called action terminated with an exception:
/usr/lib/lua/luci/dispatcher.lua:460: Failed to execute firstchild dispatcher target for entry '/admin'.
The called action terminated with an exception:
/usr/lib/lua/luci/dispatcher.lua:460: Failed to execute function dispatcher target for entry '/admin/status'.
The called action terminated with an exception:
/usr/lib/lua/luci/dispatcher.lua:460: Failed to execute template dispatcher target for entry '/admin/status/overview'.
The called action terminated with an exception:
/usr/lib/lua/luci/template.lua:97: Failed to execute template 'admin_status/index'.
A runtime error occured: [string "/usr/lib/lua/luci/view/admin_status/index.h..."]:34: bad argument #1 to 'tonumber' (string expected, got nil)
stack traceback:
[C]: in function 'assert'
/usr/lib/lua/luci/dispatcher.lua:460: in function 'dispatch'
/usr/lib/lua/luci/dispatcher.lua:141: in function </usr/lib/lua/luci/dispatcher.lua:140>
The code should be more defensive.
|
|
In case the DUID can be mapped to the MAC-Address of an already known
host, show the already know hostname next to the DHCPv6 supplied one in
case they differ.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
Don't show a DHCPv6 supplied hostname if none was send. It happens in
case the DUID can be mapped to the MAC-Address of an existing host and
the existing host has a name set.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
Don't replace the DHCPv6 supplied hostname if the DUID can be mapped to
the MAC-Address of an already known host.
It hides the issue of a missing DHCPv6 hostname and could lead to the
conclution that the already known host has an IPv6 address.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
add fontsize style parameter to reduce output text size
Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
|
|
add fontsize style parameter to reduce output text size
Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
|
|
As suggested by PR #1114, use `/proc/sys/net/netfilter/nf_conntrack_count`
instead of counting the lines in `/proc/net/nf_conntrack` but use a slightly
more efficient approach which avoids spawning an extra `cat` command.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Remove the code related to the deprecated madwifi driver.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
luci ignores only 127.0.0.1 in real time connections.
The dnsmasq.init script sets up resolv.conf(s) as such.
With alternate DNS servers configured 'localhost' will
resolve to '127.0.0.1' or '::1'. The connections graph
will spam itself. openwrt/luci#996
Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
|
|
The Overview page and Network>Interfaces page currently do not give much information about IPv6, particularly with Prefix Delegated setups. In these setups, ISP will delegate a prefix to the router. Currently LuCI doesn't display this Prefix Delegation from the ISP anywhere. A number of changes was added to this commit:
1) self:_ubus("ipv6-prefix") was extracted and put into protocol.ip6prefix.
2) Network>Interfaces page, if a .ip6prefix is present, show it under Status. (IPv6-PD).
3) On the Overview page, "Type" and "Prefix Delegated" has been added to the IPv6 Network Overview Status:
- Type will display the .proto, similar to the IPv4 case. If a .ip6prefix is present, it'll display a "-pd" at the end of the Type: i.e. dhcpv6-pd vs. dhcpv6.
- If no .ip6prefix is present, it'll do what it does currently, and just show Address, or :: if no address is present.
- If .ip6prefix is present, it'll show the "Prefix Delegated", it'll also hide "Address" if no address is present, else it'll show ifc6.ip6addr as well.
Signed-off-by: Cody R. Brown <dev@codybrown.ca>
|
|
Remove some non-essential references to explicit distro names.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
When a lease objects expires property is set to "false", its expiry time is
unlimited, so adjust the templates to properly display that state.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Simplify the sysupgrade image checksum strings in order to
avoid translating "Checksum xxx" items both for MD5 and SHA256.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
Show also the sha256 checksum in addition to MD5 checksum to enable
image verification also for builds with only sha256 checksums.
If the 'sha256sum' command is not present in the system, the value
remains empty.
Note: The easiest way to get the 'sha256sum' command is to compile it
into busybox.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
Fix incomplete port status display on vlan setup page when ports in the middle
are not used, e.g. some Lantiq boards use ports 0, 1, 2 and 4 for LAN ports so
JS code should not attempt to reference an undefined status element for port 3.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Display a question mark for undefined SSID and BSSID strings.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Gracefully handle a missing diag section in /etc/config/luci when rendering
the network diagnostics tool page.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
|
|
When a wireless network is disabled it can't be removed. From
wifi_overview.htm the delete call is generated as wlan0, wlan1 or
whatever. This wlan is not working because it is disabled, then LuCI
deletes the virtual radio which really is named as wlan0.
|
|
This patch fixes the wrong visualization of Noise Margin (SNR) and Signal Attenuation (SATN) stats
Signed-off-by: Luca Debernardi <luca.debernardi@gmail.com>
|
|
When kmod-nf-nat6 and kmod-ipt-nat6 are installed, the firewall has also
the 'nat' table for ipv6, and packages like 'adblock' utilize that table.
Currently that table is not shown on the Luci firewall status page,
although it is visible by 'ip6tables -L -v -t nat' from console.
Detect 'nat' table's presence from /proc/net/ip6_tables_names
Show 'nat' table in Status->Firewall->IPv6 if that table is present.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
This adds a lot of new status information about the dsl line.
It now looks like this on a Telekom line:
Status: UP
Line State: showtime_tc_sync [0x801]
Line Mode: G.993.2 (VDSL2)
Annex: B
Profile: 17a
Data Rate: 51.391 Mb/s / 10.046 Mb/s
Max. Attainable Data Rate (ATTNDR): 63.817 Mb/s / 23.908 Mb/s
Latency: 4.0 ms / 8.0 ms
Line Attenuation (LATN): 10.5 dB / 9.9 dB
Signal Attenuation (SATN): 8.2 dB / 14.4 dB
Noise Margin (SNR): 10.5 dB / 9.7 dB
Aggregate Transmit Power(ACTATP): -14 dB / 12.4 dB
Forward Error Correction Seconds (FECS): 1 / 1723485
Errored seconds (ES): 0 / 2477
Severely Errored Seconds (SES): 0 / 50
Loss of Signal Seconds (LOSS): 0 / 0
Unavailable Seconds (UAS): 31 / 31
Header Error Code Errors (HEC): 0 / 0
Non Pre-emtive CRC errors (CRC_P): 0 / 0
Pre-emtive CRC errors (CRCP_P): 0 / 0
Line Uptime: 2m 3s
ATU-C System Vendor ID: Broadcom 176.15
Power Management Mode: L0 - Synchronized
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
This could also be a VDSL link
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
the driver
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Map DUIDs to their corresponding MAC addresses in order to correlate them with
IPv4 information. This is useful to e.g. identify IPv6 hosts which do not send
a name.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
stats
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Copy the changes made by f8d0ba00b2ff27dc9e2f10712bc343ae655fbdf9
also to the interface details pages in order to clarify display of
multiple addresses.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
For better view of 'Interface Overview' IPv4/IPv6 addresses for
interfaces should be displayed as lists, but not as comma separated
strings.
Signed-off-by: Alexander Logger <intagger@gmail.com>
|
|
152ba9ab228ad4ea4c1748f29fe4ffa5f8f74ac6
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
20fdac1ac4a126ceebde13fb627a9f88bba0e2b3
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Also adjust for changed IP address format emitted by iface_status call.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Do not use standard post security checking for actions that require file upload
since reading the token value will trigger parsing of the http message body
before the file upload handler has been set, which causes LuCI to buffer the
entire request body in memory.
In order to simplify the code and logic flow, split action_flashops() into
separate handlers for reset, backup, restore and sysupgrade.
Let the backup restore and sysupgrade handlers use the new test_post_security()
method in luci.dispatcher to perform token checking *after* setting the upload
handler.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
* Use post_on() target to require csrf token verification for modifying actions
* Ensure that package and flash operation handlers guard modifying operations
with parameter check
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|