X-Git-Url: http://git.archive.openwrt.org/?a=blobdiff_plain;f=protocols%2Fluci-proto-wireguard%2Fluasrc%2Fmodel%2Fcbi%2Fadmin_network%2Fproto_wireguard.lua;h=11ef10b5a78b0157c66f709e4c51798681b807f4;hb=1b42d7a02df97c77ff9653de5e53b115610b3121;hp=4cda94c7d0058db7ea060f6579c93bbd22b52ea3;hpb=ebb5a90f76a5c4f3876c94dc6215b4c54ceff216;p=project%2Fluci.git diff --git a/protocols/luci-proto-wireguard/luasrc/model/cbi/admin_network/proto_wireguard.lua b/protocols/luci-proto-wireguard/luasrc/model/cbi/admin_network/proto_wireguard.lua index 4cda94c7d..11ef10b5a 100644 --- a/protocols/luci-proto-wireguard/luasrc/model/cbi/admin_network/proto_wireguard.lua +++ b/protocols/luci-proto-wireguard/luasrc/model/cbi/admin_network/proto_wireguard.lua @@ -1,4 +1,4 @@ --- Copyright 2016 Dan Luedtke +-- Copyright 2016-2017 Dan Luedtke -- Licensed to the public under the Apache License 2.0. @@ -19,7 +19,7 @@ private_key = section:taboption( translate("Required. Base64-encoded private key for this interface.") ) private_key.password = true -private_key.datatype = "rangelength(44, 44)" +private_key.datatype = "and(base64,rangelength(44,44))" private_key.optional = false @@ -34,6 +34,16 @@ listen_port.datatype = "port" listen_port.placeholder = "51820" listen_port.optional = true +addresses = section:taboption( + "general", + DynamicList, + "addresses", + translate("IP Addresses"), + translate("Recommended. IP addresses of the WireGuard interface.") +) +addresses.datatype = "ipaddr" +addresses.optional = true + -- advanced -------------------------------------------------------------------- @@ -56,8 +66,8 @@ mtu = section:taboption( translate("MTU"), translate("Optional. Maximum Transmission Unit of tunnel interface.") ) -mtu.datatype = "range(1280,1423)" -mtu.placeholder = "1423" +mtu.datatype = "range(1280,1420)" +mtu.placeholder = "1420" mtu.optional = true @@ -66,14 +76,27 @@ preshared_key = section:taboption( Value, "preshared_key", translate("Preshared Key"), - translate("Optional. Adds in an additional layer of symmetric-key " .. + translate("Optional. Base64-encoded preshared key. " .. + "Adds in an additional layer of symmetric-key " .. "cryptography for post-quantum resistance.") ) preshared_key.password = true -preshared_key.datatype = "rangelength(44, 44)" +preshared_key.datatype = "and(base64,rangelength(44,44))" preshared_key.optional = true +fwmark = section:taboption( + "advanced", + Value, + "fwmark", + translate("Firewall Mark"), + translate("Optional. 32-bit mark for outgoing encrypted packets. " .. + "Enter value in hex, starting with 0x.") +) +fwmark.datatype = "hex(4)" +fwmark.optional = true + + -- peers ----------------------------------------------------------------------- peers = map:section( @@ -92,9 +115,9 @@ public_key = peers:option( Value, "public_key", translate("Public Key"), - translate("Required. Public key of peer.") + translate("Required. Base64-encoded public key of peer.") ) -public_key.datatype = "rangelength(44, 44)" +public_key.datatype = "and(base64,rangelength(44,44))" public_key.optional = false @@ -103,7 +126,8 @@ allowed_ips = peers:option( "allowed_ips", translate("Allowed IPs"), translate("Required. IP addresses and prefixes that this peer is allowed " .. - "to use inside the tunnel. Routes will be added accordingly.") + "to use inside the tunnel. Usually the peer's tunnel IP " .. + "addresses and the networks the peer routes through the tunnel.") ) allowed_ips.datatype = "ipaddr" allowed_ips.optional = false @@ -143,5 +167,5 @@ persistent_keepalive = peers:option( translate("Optional. Seconds between keep alive messages. " .. "Default is 0 (disabled). Recommended value if " .. "this device is behind a NAT is 25.")) -persistent_keepalive.datatype = "range(0, 65535)" +persistent_keepalive.datatype = "range(0,65535)" persistent_keepalive.placeholder = "0"