luci-proto-wireguard: add support for fwmark option

[project/luci.git] / protocols / luci-proto-wireguard / luasrc / model / cbi / admin_network / proto_wireguard.lua

diff --git a/protocols/luci-proto-wireguard/luasrc/model/cbi/admin_network/proto_wireguard.lua b/protocols/luci-proto-wireguard/luasrc/model/cbi/admin_network/proto_wireguard.lua
index 774c6db..11ef10b 100644 (file)
--- a/protocols/luci-proto-wireguard/luasrc/model/cbi/admin_network/proto_wireguard.lua
+++ b/protocols/luci-proto-wireguard/luasrc/model/cbi/admin_network/proto_wireguard.lua
@@ -1,4 +1,4 @@
--- Copyright 2016 Dan Luedtke <mail@danrl.com>
+-- Copyright 2016-2017 Dan Luedtke <mail@danrl.com>
 -- Licensed to the public under the Apache License 2.0.
 
 
@@ -19,7 +19,7 @@ private_key = section:taboption(
   translate("Required. Base64-encoded private key for this interface.")
 )
 private_key.password = true
-private_key.datatype = "rangelength(44, 44)"
+private_key.datatype = "and(base64,rangelength(44,44))"
 private_key.optional = false
 
 
@@ -34,6 +34,16 @@ listen_port.datatype = "port"
 listen_port.placeholder = "51820"
 listen_port.optional = true
 
+addresses = section:taboption(
+  "general",
+  DynamicList,
+  "addresses",
+  translate("IP Addresses"),
+  translate("Recommended. IP addresses of the WireGuard interface.")
+)
+addresses.datatype = "ipaddr"
+addresses.optional = true
+
 
 -- advanced --------------------------------------------------------------------
 
@@ -56,8 +66,8 @@ mtu = section:taboption(
   translate("MTU"),
   translate("Optional. Maximum Transmission Unit of tunnel interface.")
 )
-mtu.datatype = "range(1280,1423)"
-mtu.placeholder = "1423"
+mtu.datatype = "range(1280,1420)"
+mtu.placeholder = "1420"
 mtu.optional = true
 
 
@@ -66,14 +76,27 @@ preshared_key = section:taboption(
   Value,
   "preshared_key",
   translate("Preshared Key"),
-  translate("Optional. Adds in an additional layer of symmetric-key " ..
+  translate("Optional. Base64-encoded preshared key. " ..
+            "Adds in an additional layer of symmetric-key " ..
             "cryptography for post-quantum resistance.")
 )
 preshared_key.password = true
-preshared_key.datatype = "rangelength(44, 44)"
+preshared_key.datatype = "and(base64,rangelength(44,44))"
 preshared_key.optional = true
 
 
+fwmark = section:taboption(
+  "advanced",
+  Value,
+  "fwmark",
+  translate("Firewall Mark"),
+  translate("Optional. 32-bit mark for outgoing encrypted packets. " ..
+            "Enter value in hex, starting with <code>0x</code>.")
+)
+fwmark.datatype = "hex(4)"
+fwmark.optional = true
+
+
 -- peers -----------------------------------------------------------------------
 
 peers = map:section(
@@ -92,9 +115,9 @@ public_key = peers:option(
   Value,
   "public_key",
   translate("Public Key"),
-  translate("Required. Public key of peer.")
+  translate("Required. Base64-encoded public key of peer.")
 )
-public_key.datatype = "rangelength(44, 44)"
+public_key.datatype = "and(base64,rangelength(44,44))"
 public_key.optional = false
 
 
@@ -144,5 +167,5 @@ persistent_keepalive = peers:option(
   translate("Optional. Seconds between keep alive messages. " ..
             "Default is 0 (disabled). Recommended value if " ..
             "this device is behind a NAT is 25."))
-persistent_keepalive.datatype = "range(0, 65535)"
+persistent_keepalive.datatype = "range(0,65535)"
 persistent_keepalive.placeholder = "0"