Age | Commit message (Collapse) | Author |
|
Pull request app firewall timedate
|
|
UCI config for the firewall has the option of specifying time and date
limitations; add these options the UI.
|
|
Adding LuCI configuation of the firewall time and data uci options
is in progress and this adds the necessary datatypes for validating
those fields.
|
|
save across sysupgrade
/lib/uci/upload is a rather odd place for configuration files
Also the files were not saved across sysupgrade, which is somewhat
counter-productive for configuration files.
Signed-off By: Daniel Dickinson <openwrt@daniel.thecshore.com>
|
|
The new function is twice as fast as the old implementation and properly
summarizes outgoing and incoming byte and packet counters.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
For better view of 'Interface Overview' IPv4/IPv6 addresses for
interfaces should be displayed as lists, but not as comma separated
strings.
Signed-off-by: Alexander Logger <intagger@gmail.com>
|
|
Sync translations.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
|
Add two new types 'hostport' and 'ipaddrport' to validate strings in the form
'sub.example.org:1234' and '0.0.0.0:80'. The 'hostport' accepts hostnames or
IP addresses followed by a colon and a port number while the 'ipaddrport' type
accepts numeric IP addresses only, followed by a colon and a port.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
When using os.execute or luci.sys.call the shell is called with the
command line which means that standard shell interpretation of strings
occurs. To allow to use these commands more easily we add functions
for properly escaping single-quoted strings used on the command line
|
|
Adds a button that does block detect and write the new configuration
to /etc/config/fstab.
|
|
mounts
Previously the global configuration options were missing the the LuCI configuration,
however these options are useful, so make them available to the UI.
|
|
The user is unlikely to care about the plethora of jail bind mounts
when using jails, so don't display them in this app.
|
|
Add an unmount button for non-system mounts which will unmount
the corresponding file system.
|
|
Add luci proto pppossh
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
152ba9ab228ad4ea4c1748f29fe4ffa5f8f74ac6
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Add dependency on luci-lib-jsonc and use it to
reimplement luci.util.serialize_json().
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
20fdac1ac4a126ceebde13fb627a9f88bba0e2b3
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Also adjust for changed IP address format emitted by iface_status call.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Also implement :ipaddrs() and :ip6addrs() helper for network instances.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Redirect to root on empty path (signed off)
|
|
Signed-off-by: Ran Bao <worksev@gmail.com>
|
|
Limit the name of a new interface to 15 characters.
Add a note about the maximum length and the automatic protocol/bridge
prefixes (br-, 6in4-, pppoe- etc.).
Reference to:
https://dev.openwrt.org/ticket/20380
https://github.com/openwrt/luci/issues/507
There is a 15 character limit to the "real" interface name,
enforced both in the firewall and dnsmasq. The real interface name
includes the possible prefix "br-", "6in4-" etc. Example of an error:
interface name `br-lan_protected' must be shorter than IFNAMSIZ (15)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
* Prevents an empty Location header
* Useful in environments where build_url() could return an empty string (such as http server rewrites requests to /cgi-bin/luci)
Signed-off-by: Joel Pedraza <github@saik0.net>
|
|
Two new arguments url, defpath were added to cbi_dynlist_init() for
initializing the brower button.
An example of usage
identity = section:taboption("general", DynamicList, "identity",
translate("List of SSH key files for auth"))
identity.datatype = "file"
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
|
As per http://tools.ietf.org/html/rfc3986#section-2.3
Characters that are allowed in a URI but do not have a reserved
purpose are called unreserved. These include uppercase and lowercase
letters, decimal digits, hyphen, period, underscore, and tilde.
unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~"
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
|
template cbi/value.htm implement already documented property maxlength
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
|
|
cbi.lua: Implement "readonly" property for "Value"
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
|
|
template cbi/value.htm: add "readonly" property
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
|
|
cbi.lua
- Implement Flag.validate function to be overwritable
- rewritten if clause for easier reading ;-)
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
|
|
resources/icons: Use gifsicle to save a few bytes.
|
|
Rewrite `luci.sys.wifi.getiwinfo()` to use the ubus wireless state instead of
depreacated uci state vars in order to map abstract network notation to
wireless ifnames.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Do not use standard post security checking for actions that require file upload
since reading the token value will trigger parsing of the http message body
before the file upload handler has been set, which causes LuCI to buffer the
entire request body in memory.
In order to simplify the code and logic flow, split action_flashops() into
separate handlers for reset, backup, restore and sysupgrade.
Let the backup restore and sysupgrade handlers use the new test_post_security()
method in luci.dispatcher to perform token checking *after* setting the upload
handler.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Allows external code to perform POST and token checking manually.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Now that we don't have an url token anymore, '/cgi-bin/luci' becomes a valid
url while cookies are restricted to only '/cgi-bin/luci/' and below.
In order to ensure that the first request after login refers to a path
covered by the authentication cookie, change build_url() to always append
a trailing slash if we're referring to the base url.
This should fix the login problems mentioned in #516.
While we're touching the dispatcher, also remove remaining url token code.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
The urltoken table is going to be removed.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Now that sensitive urls require post requests and only accept them if a valid
security token is sent along the request, we can drop the global random url
token to improve LuCI usability.
The main improvement is the ability to use multiple tabs with the same login
session, but also deep linking to specific urls without the need for another
login becomes feasible, e.g. for documentation purposes.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
* Use post_on() target to require csrf token verification for modifying actions
* Ensure that package and flash operation handlers guard modifying operations
with parameter check
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
* Add a generic helper function to check need for post / csrf token validation
* Remove custom token verification in cbi targets
* Support requiring post security depending on specific submit parameters,
usable through post_on() action
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|