summaryrefslogtreecommitdiffhomepage
path: root/applications/luci-app-mwan3/luasrc/model/cbi/mwan/rule.lua
blob: 586f174b28db8e947870fe9375d5d4d522839de5 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
-- ------ extra functions ------ --

function ruleCheck() -- determine if rules needs a proper protocol configured
	uci.cursor():foreach("mwan3", "rule",
		function (section)
			local sourcePort = ut.trim(sys.exec("uci -p /var/state get mwan3." .. section[".name"] .. ".src_port"))
			local destPort = ut.trim(sys.exec("uci -p /var/state get mwan3." .. section[".name"] .. ".dest_port"))
			if sourcePort ~= "" or destPort ~= "" then -- ports configured
				local protocol = ut.trim(sys.exec("uci -p /var/state get mwan3." .. section[".name"] .. ".proto"))
				if protocol == "" or protocol == "all" then -- no or improper protocol
					error_protocol_list = error_protocol_list .. section[".name"] .. " "
				end
			end
		end
	)
end

function ruleWarn() -- display warning messages at the top of the page
	if error_protocol_list ~= " " then
		return "<font color=\"ff0000\"><strong>" .. translate("WARNING: Some rules have a port configured with no or improper protocol specified! Please configure a specific protocol!") .. "</strong></font>"
	else
		return ""
	end
end

-- ------ rule configuration ------ --

dsp = require "luci.dispatcher"
sys = require "luci.sys"
ut = require "luci.util"

error_protocol_list = " "
ruleCheck()


m5 = Map("mwan3", translate("MWAN Rule Configuration"),
	ruleWarn())
	m5:append(Template("mwan/config_css"))


mwan_rule = m5:section(TypedSection, "rule", translate("Traffic Rules"),
	translate("Rules specify which traffic will use a particular MWAN policy based on IP address, port or protocol<br />" ..
	"Rules are matched from top to bottom. Rules below a matching rule are ignored. Traffic not matching any rule is routed using the main routing table<br />" ..
	"Traffic destined for known (other than default) networks is handled by the main routing table. Traffic matching a rule, but all WAN interfaces for that policy are down will be blackholed<br />" ..
	"Names may contain characters A-Z, a-z, 0-9, _ and no spaces<br />" ..
	"Rules may not share the same name as configured interfaces, members or policies"))
	mwan_rule.addremove = true
	mwan_rule.anonymous = false
	mwan_rule.dynamic = false
	mwan_rule.sectionhead = translate("Rule")
	mwan_rule.sortable = true
	mwan_rule.template = "cbi/tblsection"
	mwan_rule.extedit = dsp.build_url("admin", "network", "mwan", "rule", "%s")
	function mwan_rule.create(self, section)
		TypedSection.create(self, section)
		m5.uci:save("mwan3")
		luci.http.redirect(dsp.build_url("admin", "network", "mwan", "rule", section))
	end


src_ip = mwan_rule:option(DummyValue, "src_ip", translate("Source address"))
	src_ip.rawhtml = true
	function src_ip.cfgvalue(self, s)
		return self.map:get(s, "src_ip") or "&#8212;"
	end

src_port = mwan_rule:option(DummyValue, "src_port", translate("Source port"))
	src_port.rawhtml = true
	function src_port.cfgvalue(self, s)
		return self.map:get(s, "src_port") or "&#8212;"
	end

dest_ip = mwan_rule:option(DummyValue, "dest_ip", translate("Destination address"))
	dest_ip.rawhtml = true
	function dest_ip.cfgvalue(self, s)
		return self.map:get(s, "dest_ip") or "&#8212;"
	end

dest_port = mwan_rule:option(DummyValue, "dest_port", translate("Destination port"))
	dest_port.rawhtml = true
	function dest_port.cfgvalue(self, s)
		return self.map:get(s, "dest_port") or "&#8212;"
	end

proto = mwan_rule:option(DummyValue, "proto", translate("Protocol"))
	proto.rawhtml = true
	function proto.cfgvalue(self, s)
		return self.map:get(s, "proto") or "all"
	end

sticky = mwan_rule:option(DummyValue, "sticky", translate("Sticky"))
	sticky.rawhtml = true
	function sticky.cfgvalue(self, s)
		if self.map:get(s, "sticky") == "1" then
			stickied = 1
			return translate("Yes")
		else
			stickied = nil
			return translate("No")
		end
	end

timeout = mwan_rule:option(DummyValue, "timeout", translate("Sticky timeout"))
	timeout.rawhtml = true
	function timeout.cfgvalue(self, s)
		if stickied then
			local timeoutValue = self.map:get(s, "timeout")
			if timeoutValue then
				return timeoutValue .. "s"
			else
				return "600s"
			end
		else
			return "&#8212;"
		end
	end

ipset = mwan_rule:option(DummyValue, "ipset", translate("IPset"))
	ipset.rawhtml = true
	function ipset.cfgvalue(self, s)
		return self.map:get(s, "ipset") or "&#8212;"
	end

use_policy = mwan_rule:option(DummyValue, "use_policy", translate("Policy assigned"))
	use_policy.rawhtml = true
	function use_policy.cfgvalue(self, s)
		return self.map:get(s, "use_policy") or "&#8212;"
	end

errors = mwan_rule:option(DummyValue, "errors", translate("Errors"))
	errors.rawhtml = true
	function errors.cfgvalue(self, s)
		if not string.find(error_protocol_list, " " .. s .. " ") then
			return ""
		else
			return "<span title=\"" .. translate("No protocol specified") .. "\"><img src=\"/luci-static/resources/cbi/reset.gif\" alt=\"error\"></img></span>"
		end
	end


return m5