summaryrefslogtreecommitdiffhomepage
path: root/protocols
AgeCommit message (Collapse)Author
2022-08-10luci-proto-openfortivpn: Correct server certificate SHA labelMatthew Hagan
According to the documentation[1], the SHA256 hash is used for the trusted-cert option, not SHA1. [1] https://github.com/adrienverge/openfortivpn/blob/master/doc/openfortivpn.1.in Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
2022-08-10luci-proto-openfortivpn: add persistent reconnect optionMatthew Hagan
Add ability to specify persistent reconnection interval. Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
2022-08-10luci-proto-openfortivpn: add user, key, CA PEM supportMatthew Hagan
Add PEM inputs and file handling for user cert, key and CA cert. This handling is largely based upon that used in luci-proto-openconnect. Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
2022-08-01luci-proto-wireguard: handle multiple peers in imported configurationJo-Philipp Wich
When importing a fully configuration, import all peer entries from it instead of non-deterministically merging all peer keys into one. When importing a remote configuration as peer, only use the setting from the peer section matching our local interface pubkey. Also relabel the `Import peer configuration` button to `Import configuration as peer` in order to be more explicit. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-07-28luci-proto-ncm: adds missing error messages, removes 'dialnumber' option, ↵Jalakas
changes 'delay' according to real behavior This commit: Adds missing error messages and harmonizes message texts with comgt-ncm script. [1] Removes option 'dialnumber' not used in comgt-ncm. [1][2] Fixes option 'delay' according to comgt-ncm script real behavior. (No default value, if parameter is set, then there's always sleep) [1] [1] https://github.com/openwrt/openwrt/blob/master/package/network/utils/comgt/files/ncm.sh [2] https://github.com/openwrt/openwrt/blob/master/package/network/utils/comgt/files/ncm.json Signed-off-by: Anari Jalakas <anari.jalakas@gmail.com>
2022-07-23luci-proto-wireguard: configuration import improvementsJo-Philipp Wich
- Reword texts in import dialogs for better clarity, use different descriptions for full import and peer import - Allow importing configurations without [Peer] section Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-07-23luci-proto-ncm: rename `service` option to `mode`Jo-Philipp Wich
Package luci-proto-ncm depends on comgt-ncm which uses an option called 'mode' to set the radiomode of the modem. There is no option 'service' in the comgt-ncm scripts. Suggested-by: breenstorm <49235337+breenstorm@users.noreply.github.com> [fix commit subject, add commit message, rebase onto master branch] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-06-21luci-proto-wireguard: gracefully deal with missing uci configsJo-Philipp Wich
The /etc/config/ddns in particular might not be present on the system, don't fail if it is absent. Fixes: #5838 Fixes: 9ba20645b0 ("luci-proto-wireguard: rewrite protocol handler") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-06-20luci-proto-wireguard: grant uci read access to system and ddns configJo-Philipp Wich
The configuration export requires access to /e/c/system and /e/c/ddns for external hostname hints. Fixes: #5838 Fixes: 9ba20645b0 ("luci-proto-wireguard: rewrite protocol handler") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-05-17luci-proto-wireguard: rewrite protocol handlerJo-Philipp Wich
This commit rewrites large chunks of the WireGuard protocol handler in order to simplify the process of importing and exporting configuration. The major changes are: 1) The wireguard interface configuration tab (General Settings) gained an import assistant which allows dragging or pasting a native WireGuard configuration file in order to import required settrings into uci 2) The peer configuration tab gained a similar import assistant which allows importing the settings for a WireGuard peer from an existing native WireGuard configuration file 3) The QR code export feature has been rewritten to make the resulting codes actually useful for importing into a WireGuard client application. Additionally the plaintext native WireGuard configuration is displayed to allow copy-pasting it for use on a Linux or OS X system Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-04-16Merge pull request #5698 from onemarcfifty/luci-ptoto-batadvFlorian Eckert
luci-proto-batman-adv: LuCI Support for the batman-adv protocol
2022-04-14luci-proto-batman-adv: add luci-proto-batman-advMarc Ahlgrim
This commit adds support for the batadv and the batadv_hardif protocols to LuCI Signed-off-by: Marc Ahlgrim <marc@onemarcfifty.com>
2022-04-14luci-proto-wireguard: adjust MTU range from 0-8940Florian Eckert
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2022-04-12luci-proto-wireguard: remove MTU limitFlorian Eckert
fixes #5737 Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2022-03-18luci-proto-wireguard: add generate psk buttonLukas Voegl
Signed-off-by: Lukas Voegl <lvoegl@tdt.de>
2022-01-22Merge pull request #5642 from hgl/xfrmFlorian Eckert
luci-proto-xfrm: add luci xfrm support
2022-01-19luci-proto-ipip: add nohostroute configurableMatthew Hagan
Add configurable to explicitly disable creation of route to the peer address. Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
2022-01-19luci-proto-ipip: explicitly set df to optionalMatthew Hagan
Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
2022-01-19luci-proto-xfrm: add xfrm proto supportGlen Huang
Signed-off-by: Glen Huang <heyhgl@gmail.com>
2021-12-02Merge pull request #5540 from jow-/wireguard-peer-gridsectionJo-Philipp Wich
Implement nested grid section support and use it for wireguard peer config
2021-11-30Merge pull request #5400 from systemcrash/wg_pubkeyFlorian Eckert
luci-proto-wireguard: display interface public key
2021-11-22luci-proto-wireguard: turn peer configuration into grid viewJo-Philipp Wich
Turn the list of configured peers into a grid section in order to improve the overview of the configuration form. Fixes: #5489 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-11-21luci-proto-wireguard: fix QR code generation markupJo-Philipp Wich
The custom code generation markup lacked a required CSS class. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-11-17luci-proto-wireguard: add option to disable peer-sectionRobert Walli
Submitted-by: Robert Walli <12079858+rwalli@users.noreply.github.com> Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2021-11-11luci-proto-wireguard: display interface public keyPaul Dee
Signed-off-by: Paul Dee <itsascambutmailmeanyway@gmail.com>
2021-10-08luci-proto-wireguard: fix potential shell injection vulnerabilitiesJo-Philipp Wich
The `luci.wireguard.generateQrCode` UBUS method allows injecting arbitrary shell code by not sanitizing the `privkey` and `allowed_ips` arguments before concatenating them into shell command expressions. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-10-07luci-proto-wireguard: fix markup not valid for XHTMLJo-Philipp Wich
Fixes: #5407 Fixes: 03d615f62c ("luci-proto-wireguard: add more options to qr code") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-10-01Merge pull request #5403 from lvoegl/luci-app-wireguard-fix-parsingFlorian Eckert
luci-app-wireguard: fix allowed_ip parsing
2021-10-01luci-app-wireguard: fix allowed_ip parsinglvoegl
Signed-off-by: lvoegl <lvoegl@tdt.de>
2021-09-30luci-proto-wireguard: fix luci.wireguard rpcd dependencyFlorian Eckert
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2021-09-26luci-app-wireguard: fix dependencyFlorian Eckert
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2021-09-17luci-proto-wireguard: add more options to qr codelvoegl
Signed-off-by: lvoegl <lvoegl@tdt.de>
2021-09-17luci-proto-wireguard: client qr code generationlvoegl
Signed-off-by: lvoegl <lvoegl@tdt.de>
2021-09-17luci-app-wireguard: merge app and proto rpcdlvoegl
Signed-off-by: lvoegl <lvoegl@tdt.de>
2021-08-28#5307 Made AllowedIPs optionalKeith Irwin
Signed-off-by: Keith Irwin <git@ki9.us>
2021-08-19protocols: make APN option optional againJo-Philipp Wich
Fixes: #5284 Fixes: 1661ac6bf8 ("luci-proto-ncm: add APN and PIN validation") Fixes: 114dc38dc2 ("luci-proto-qmi: add APN and PIN validation") Fixes: 6a8ad40b05 ("luci-proto-3g: add APN and PIN validation") Fixes: ebb676ef7b ("luci-proto-modemmanager: add APN and PIN validation") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-08-09Merge pull request #5190 from TDT-AG/pr/20210715-proto-bondingJo-Philipp Wich
luci-proto-bonding: fix member because of API change
2021-07-19luci-proto-bonding: bugfix xmit_hash_policy dependenciesHelge Mader
Signed-off-by: Helge Mader <ma@dev.tdt.de>
2021-07-15luci-proto-bonding: fix member because of API changeHelge Mader
Signed-off-by: Helge Mader <ma@dev.tdt.de>
2021-07-13luci-proto-ncm: add APN and PIN validationNicholas Smith
Signed-off-by: Nicholas Smith <nicholas@nbembedded.com> [squash commits, fix whitespace] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-07-13luci-proto-qmi: add APN and PIN validationNicholas Smith
Signed-off-by: Nicholas Smith <nicholas@nbembedded.com> [squash commits, fix whitespace] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-07-13luci-proto-3g: add APN and PIN validationNicholas Smith
Signed-off-by: Nicholas Smith <nicholas@nbembedded.com> [squash commits, fix whitespace] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-07-13luci-proto-modemmanager: add APN and PIN validationNicholas Smith
Signed-off-by: Nicholas Smith <nicholas@nbembedded.com> [squash commits, fix white space] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-06-07protocols: unify TOS and TTL description stringsJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-06-07treewide: consolidate {IPv4,IPv6,MAC} {address,gateway} spellingsJo-Philipp Wich
- Turn IPv4-Address into IPv4 address - Turn IPv4-Gateway into IPv4 gateway - Turn IPv6-Address into IPv6 address - Turn IPv6-Gateway into IPv6 gateway - Turn MAC-Address into MAC address Also remove related duplicate translation entries. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-06-03luci-proto-wireguard: fix fwmark validation to allow 32 bit valuesJo-Philipp Wich
The iptables mark field is 32 bits wide, which is 4 bytes and so 8 hex characters. Fix the fwmark validation to allow 8 characters in the hex string. Fixes: #5098 Suggested-by: Robert <32970961+differentblue@users.noreply.github.com> Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-06-01protocols: rename "device" option to "_modem_device"Jo-Philipp Wich
This is required to resolve clashes with the generic "option device" referring to netdev names in current netifd versions. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-05-28treewide: drop MAC and MTU from interfaces (protocols)Rafał Miłecki
Those are L2 options that are not part of interfaces (L3), should not be set there and don't work. Setting MAC and MTU should be done at device layer (config device) and is supported for basic types already. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-03-29protocols: fix interface.ipv6 vs. device.ipv6 option conflictJo-Philipp Wich
Ref: https://forum.openwrt.org/t/pppoe-disable-ipv6/92548 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-03-15treewide: remove rendundant proto handler optionsJo-Philipp Wich
The introduction of network device configuration support also implemented all common, protocol-independent interface options directly in the interface config view, so drop the redundant option definitions. Signed-off-by: Jo-Philipp Wich <jo@mein.io>