From 2eb4015e18e17e23cf7df3b8f485224a82d0d4e8 Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Fri, 8 Jun 2018 17:09:18 +0200 Subject: luci-app-firewall: recognize egress rules in rule overview Along with 74be6f397 ("treewide: switch firewall zone, network and iface lists to dropdown code"), this change allows luci-app-firewall to recognize OUTPUT rules. Fixes #1457. Signed-off-by: Jo-Philipp Wich --- .../luasrc/model/cbi/firewall/rules.lua | 30 ++++++++++++++++------ .../luci-app-firewall/luasrc/tools/firewall.lua | 14 ++++++++-- 2 files changed, 34 insertions(+), 10 deletions(-) (limited to 'applications/luci-app-firewall/luasrc') diff --git a/applications/luci-app-firewall/luasrc/model/cbi/firewall/rules.lua b/applications/luci-app-firewall/luasrc/model/cbi/firewall/rules.lua index c533491977..22dec5ee6b 100644 --- a/applications/luci-app-firewall/luasrc/model/cbi/firewall/rules.lua +++ b/applications/luci-app-firewall/luasrc/model/cbi/firewall/rules.lua @@ -89,17 +89,31 @@ local function rule_proto_txt(self, s) end local function rule_src_txt(self, s) - local z = ft.fmt_zone(self.map:get(s, "src"), translate("any zone")) - local a = ft.fmt_ip(self.map:get(s, "src_ip"), translate("any host")) + local z = ft.fmt_zone(self.map:get(s, "src")) local p = ft.fmt_port(self.map:get(s, "src_port")) local m = ft.fmt_mac(self.map:get(s, "src_mac")) - if p and m then - return translatef("From %s in %s with source %s and %s", a, z, p, m) - elseif p or m then - return translatef("From %s in %s with source %s", a, z, p or m) + -- Forward/Input + if z and #z > 0 then + local a = ft.fmt_ip(self.map:get(s, "src_ip"), translate("any host")) + if p and m then + return translatef("From %s in %s with source %s and %s", a, z, p, m) + elseif p or m then + return translatef("From %s in %s with source %s", a, z, p or m) + else + return translatef("From %s in %s", a, z) + end + + -- Output else - return translatef("From %s in %s", a, z) + local a = ft.fmt_ip(self.map:get(s, "src_ip"), translate("any router IP")) + if p and m then + return translatef("From %s on this device with source %s and %s", a, p, m) + elseif p or m then + return translatef("From %s on this device with source %s", a, p or m) + else + return translatef("From %s on this device", a) + end end end @@ -158,7 +172,7 @@ target = s:option(DummyValue, "target", translate("Action")) target.rawhtml = true target.width = "20%" function target.cfgvalue(self, s) - local t = ft.fmt_target(self.map:get(s, "target"), self.map:get(s, "dest")) + local t = ft.fmt_target(self.map:get(s, "target"), self.map:get(s, "src"), self.map:get(s, "dest")) local l = ft.fmt_limit(self.map:get(s, "limit"), self.map:get(s, "limit_burst")) diff --git a/applications/luci-app-firewall/luasrc/tools/firewall.lua b/applications/luci-app-firewall/luasrc/tools/firewall.lua index 2d89bfa2a6..055342bfb3 100644 --- a/applications/luci-app-firewall/luasrc/tools/firewall.lua +++ b/applications/luci-app-firewall/luasrc/tools/firewall.lua @@ -198,8 +198,18 @@ function fmt_limit(limit, burst) end end -function fmt_target(x, dest) - if dest and #dest > 0 then +function fmt_target(x, src, dest) + if not src or #src == 0 then + if x == "ACCEPT" then + return _("Accept output") + elseif x == "REJECT" then + return _("Refuse output") + elseif x == "NOTRACK" then + return _("Do not track output") + else --if x == "DROP" then + return _("Discard output") + end + elseif dest and #dest > 0 then if x == "ACCEPT" then return _("Accept forward") elseif x == "REJECT" then -- cgit v1.2.3