From acb289083c6cc94363db8adbb94cfee8ff34938a Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Wed, 8 Aug 2012 15:20:07 +0000 Subject: [PATCH] applications/luci-firewall: fix rule table formatting, add mac & ip hints to various ip related fields --- .../luasrc/model/cbi/firewall/forward-details.lua | 20 +++- .../luasrc/model/cbi/firewall/forwards.lua | 47 +++++---- .../luasrc/model/cbi/firewall/rule-details.lua | 29 +++++- .../luasrc/model/cbi/firewall/rules.lua | 106 +++++++++------------ .../luci-firewall/luasrc/tools/firewall.lua | 4 +- .../luasrc/view/firewall/cbi_addforward.htm | 6 +- 6 files changed, 117 insertions(+), 95 deletions(-) diff --git a/applications/luci-firewall/luasrc/model/cbi/firewall/forward-details.lua b/applications/luci-firewall/luasrc/model/cbi/firewall/forward-details.lua index c3618ec01..162767f4d 100644 --- a/applications/luci-firewall/luasrc/model/cbi/firewall/forward-details.lua +++ b/applications/luci-firewall/luasrc/model/cbi/firewall/forward-details.lua @@ -91,6 +91,10 @@ o.rmempty = true o.datatype = "macaddr" o.placeholder = translate("any") +luci.sys.net.mac_hints(function(mac, name) + o:value(mac, "%s (%s)" %{ mac, name }) +end) + o = s:option(Value, "src_ip", translate("Source IP address"), @@ -99,6 +103,10 @@ o.rmempty = true o.datatype = "neg(ip4addr)" o.placeholder = translate("any") +luci.sys.net.ipv4_hints(function(ip, name) + o:value(ip, "%s (%s)" %{ ip, name }) +end) + o = s:option(Value, "src_port", translate("Source port"), @@ -112,6 +120,11 @@ o = s:option(Value, "src_dip", translate("External IP address"), translate("Only match incoming traffic directed at the given IP address.")) +luci.sys.net.ipv4_hints(function(ip, name) + o:value(ip, "%s (%s)" %{ ip, name }) +end) + + o.rmempty = true o.datatype = "ip4addr" o.placeholder = translate("any") @@ -134,9 +147,10 @@ o = s:option(Value, "dest_ip", translate("Internal IP address"), translate("Redirect matched incoming traffic to the specified \ internal host")) o.datatype = "ip4addr" -for i, dataset in ipairs(sys.net.arptable()) do - o:value(dataset["IP address"]) -end + +luci.sys.net.ipv4_hints(function(ip, name) + o:value(ip, "%s (%s)" %{ ip, name }) +end) o = s:option(Value, "dest_port", diff --git a/applications/luci-firewall/luasrc/model/cbi/firewall/forwards.lua b/applications/luci-firewall/luasrc/model/cbi/firewall/forwards.lua index 714b08e79..660848cee 100644 --- a/applications/luci-firewall/luasrc/model/cbi/firewall/forwards.lua +++ b/applications/luci-firewall/luasrc/model/cbi/firewall/forwards.lua @@ -2,6 +2,7 @@ LuCI - Lua Configuration Interface Copyright 2008 Steven Barth +Copyright 2010-2012 Jo-Philipp Wich Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -9,7 +10,6 @@ You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -$Id$ ]]-- local ds = require "luci.dispatcher" @@ -75,17 +75,15 @@ end ft.opt_name(s, DummyValue, translate("Name")) -proto = s:option(DummyValue, "proto", translate("Protocol")) -proto.rawhtml = true -function proto.cfgvalue(self, s) - return ft.fmt_proto(self.map:get(s, "proto")) or "Any" +local function forward_proto_txt(self, s) + return "%s-%s" %{ + translate("IPv4"), + ft.fmt_proto(self.map:get(s, "proto"), + self.map:get(s, "icmp_type")) or "TCP+UDP" + } end - -src = s:option(DummyValue, "src", translate("Source")) -src.rawhtml = true -src.width = "20%" -function src.cfgvalue(self, s) +local function forward_src_txt(self, s) local z = ft.fmt_zone(self.map:get(s, "src"), translate("any zone")) local a = ft.fmt_ip(self.map:get(s, "src_ip"), translate("any host")) local p = ft.fmt_port(self.map:get(s, "src_port")) @@ -100,23 +98,32 @@ function src.cfgvalue(self, s) end end -via = s:option(DummyValue, "via", translate("Via")) -via.rawhtml = true -via.width = "20%" -function via.cfgvalue(self, s) +local function forward_via_txt(self, s) local a = ft.fmt_ip(self.map:get(s, "src_dip"), translate("any router IP")) local p = ft.fmt_port(self.map:get(s, "src_dport")) if p then - return translatef("To %s at %s", a, p) + return translatef("Via %s at %s", a, p) else - return translatef("To %s", a) + return translatef("Via %s", a) end end -dest = s:option(DummyValue, "dest", translate("Destination")) +match = s:option(DummyValue, "match", translate("Match")) +match.rawhtml = true +match.width = "50%" +function match.cfgvalue(self, s) + return "%s
%s
%s" % { + forward_proto_txt(self, s), + forward_src_txt(self, s), + forward_via_txt(self, s) + } +end + + +dest = s:option(DummyValue, "dest", translate("Forward to")) dest.rawhtml = true -dest.width = "30%" +dest.width = "40%" function dest.cfgvalue(self, s) local z = ft.fmt_zone(self.map:get(s, "dest"), translate("any zone")) local a = ft.fmt_ip(self.map:get(s, "dest_ip"), translate("any host")) @@ -124,9 +131,9 @@ function dest.cfgvalue(self, s) ft.fmt_port(self.map:get(s, "src_dport")) if p then - return translatef("Forward to %s, %s in %s", a, p, z) + return translatef("%s, %s in %s", a, p, z) else - return translatef("Forward to %s in %s", a, z) + return translatef("%s in %s", a, z) end end diff --git a/applications/luci-firewall/luasrc/model/cbi/firewall/rule-details.lua b/applications/luci-firewall/luasrc/model/cbi/firewall/rule-details.lua index cd34030fa..8a8ac3236 100644 --- a/applications/luci-firewall/luasrc/model/cbi/firewall/rule-details.lua +++ b/applications/luci-firewall/luasrc/model/cbi/firewall/rule-details.lua @@ -2,7 +2,7 @@ LuCI - Lua Configuration Interface Copyright 2008 Steven Barth -Copyright 2010 Jo-Philipp Wich +Copyright 2010-2012 Jo-Philipp Wich Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -10,7 +10,6 @@ You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -$Id$ ]]-- local sys = require "luci.sys" @@ -112,12 +111,20 @@ elseif rule_type == "redirect" then o.datatype = "neg(macaddr)" o.placeholder = translate("any") + luci.sys.net.mac_hints(function(mac, name) + o:value(mac, "%s (%s)" %{ mac, name }) + end) + o = s:option(Value, "src_ip", translate("Source IP address")) o.rmempty = true o.datatype = "neg(ipaddr)" o.placeholder = translate("any") + luci.sys.net.ipv4_hints(function(ip, name) + o:value(ip, "%s (%s)" %{ ip, name }) + end) + o = s:option(Value, "src_port", translate("Source port"), @@ -137,9 +144,9 @@ elseif rule_type == "redirect" then o = s:option(Value, "dest_ip", translate("Destination IP address")) o.datatype = "neg(ip4addr)" - for i, dataset in ipairs(luci.sys.net.arptable()) do - o:value(dataset["IP address"]) - end + luci.sys.net.ipv4_hints(function(ip, name) + o:value(ip, "%s (%s)" %{ ip, name }) + end) o = s:option(Value, "dest_port", @@ -275,11 +282,19 @@ else o.datatype = "list(macaddr)" o.placeholder = translate("any") + luci.sys.net.mac_hints(function(mac, name) + o:value(mac, "%s (%s)" %{ mac, name }) + end) + o = s:option(Value, "src_ip", translate("Source address")) o.datatype = "neg(ipaddr)" o.placeholder = translate("any") + luci.sys.net.ipv4_hints(function(ip, name) + o:value(ip, "%s (%s)" %{ ip, name }) + end) + o = s:option(Value, "src_port", translate("Source port")) o.datatype = "list(neg(portrange))" @@ -297,6 +312,10 @@ else o.datatype = "neg(ipaddr)" o.placeholder = translate("any") + luci.sys.net.ipv4_hints(function(ip, name) + o:value(ip, "%s (%s)" %{ ip, name }) + end) + o = s:option(Value, "dest_port", translate("Destination port")) o.datatype = "list(neg(portrange))" diff --git a/applications/luci-firewall/luasrc/model/cbi/firewall/rules.lua b/applications/luci-firewall/luasrc/model/cbi/firewall/rules.lua index 290096ba4..0f7462bcd 100644 --- a/applications/luci-firewall/luasrc/model/cbi/firewall/rules.lua +++ b/applications/luci-firewall/luasrc/model/cbi/firewall/rules.lua @@ -2,6 +2,7 @@ LuCI - Lua Configuration Interface Copyright 2008 Steven Barth +Copyright 2010-2012 Jo-Philipp Wich Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -9,7 +10,6 @@ You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -$Id$ ]]-- local ds = require "luci.dispatcher" @@ -84,30 +84,21 @@ end ft.opt_name(s, DummyValue, translate("Name")) -family = s:option(DummyValue, "family", translate("Family")) -function family.cfgvalue(self, s) +local function rule_proto_txt(self, s) local f = self.map:get(s, "family") + local p = ft.fmt_proto(self.map:get(s, "proto"), + self.map:get(s, "icmp_type")) or "TCP+UDP" + if f and f:match("4") then - return translate("IPv4") + return "%s-%s" %{ translate("IPv4"), p } elseif f and f:match("6") then - return translate("IPv6") + return "%s-%s" %{ translate("IPv6"), p } else - return translate("Any") + return "%s %s" %{ translate("Any"), p } end end -proto = s:option(DummyValue, "proto", translate("Protocol")) -proto.rawhtml = true -proto.width = "20%" -function proto.cfgvalue(self, s) - return ft.fmt_proto(self.map:get(s, "proto"), self.map:get(s, "icmp_type")) - or "TCP+UDP" -end - -src = s:option(DummyValue, "src", translate("Source")) -src.rawhtml = true -src.width = "20%" -function src.cfgvalue(self, s) +local function rule_src_txt(self, s) local z = ft.fmt_zone(self.map:get(s, "src"), translate("any zone")) local a = ft.fmt_ip(self.map:get(s, "src_ip"), translate("any host")) local p = ft.fmt_port(self.map:get(s, "src_port")) @@ -122,10 +113,7 @@ function src.cfgvalue(self, s) end end -dest = s:option(DummyValue, "dest", translate("Destination")) -dest.rawhtml = true -dest.width = "20%" -function dest.cfgvalue(self, s) +local function rule_dest_txt(self, s) local z = ft.fmt_zone(self.map:get(s, "dest")) local p = ft.fmt_port(self.map:get(s, "dest_port")) @@ -151,6 +139,30 @@ function dest.cfgvalue(self, s) end end +local function snat_dest_txt(self, s) + local z = ft.fmt_zone(self.map:get(s, "dest"), translate("any zone")) + local a = ft.fmt_ip(self.map:get(s, "dest_ip"), translate("any host")) + local p = ft.fmt_port(self.map:get(s, "dest_port")) or + ft.fmt_port(self.map:get(s, "src_dport")) + + if p then + return translatef("To %s, %s in %s", a, p, z) + else + return translatef("To %s in %s", a, z) + end +end + + +match = s:option(DummyValue, "match", translate("Match")) +match.rawhtml = true +match.width = "70%" +function match.cfgvalue(self, s) + return "%s
%s
%s" % { + rule_proto_txt(self, s), + rule_src_txt(self, s), + rule_dest_txt(self, s) + } +end target = s:option(DummyValue, "target", translate("Action")) target.rawhtml = true @@ -226,48 +238,18 @@ end ft.opt_name(s, DummyValue, translate("Name")) -proto = s:option(DummyValue, "proto", translate("Protocol")) -proto.rawhtml = true -function proto.cfgvalue(self, s) - return ft.fmt_proto(self.map:get(s, "proto")) or "TCP+UDP" -end - - -src = s:option(DummyValue, "src", translate("Source")) -src.rawhtml = true -src.width = "20%" -function src.cfgvalue(self, s) - local z = ft.fmt_zone(self.map:get(s, "src"), translate("any zone")) - local a = ft.fmt_ip(self.map:get(s, "src_ip"), translate("any host")) - local p = ft.fmt_port(self.map:get(s, "src_port")) - local m = ft.fmt_mac(self.map:get(s, "src_mac")) - - if p and m then - return translatef("From %s in %s with source %s and %s", a, z, p, m) - elseif p or m then - return translatef("From %s in %s with source %s", a, z, p or m) - else - return translatef("From %s in %s", a, z) - end -end - -dest = s:option(DummyValue, "dest", translate("Destination")) -dest.rawhtml = true -dest.width = "30%" -function dest.cfgvalue(self, s) - local z = ft.fmt_zone(self.map:get(s, "dest"), translate("any zone")) - local a = ft.fmt_ip(self.map:get(s, "dest_ip"), translate("any host")) - local p = ft.fmt_port(self.map:get(s, "dest_port")) or - ft.fmt_port(self.map:get(s, "src_dport")) - - if p then - return translatef("To %s, %s in %s", a, p, z) - else - return translatef("To %s in %s", a, z) - end +match = s:option(DummyValue, "match", translate("Match")) +match.rawhtml = true +match.width = "70%" +function match.cfgvalue(self, s) + return "%s
%s
%s" % { + rule_proto_txt(self, s), + rule_src_txt(self, s), + snat_dest_txt(self, s) + } end -snat = s:option(DummyValue, "via", translate("SNAT")) +snat = s:option(DummyValue, "via", translate("Action")) snat.rawhtml = true snat.width = "20%" function snat.cfgvalue(self, s) diff --git a/applications/luci-firewall/luasrc/tools/firewall.lua b/applications/luci-firewall/luasrc/tools/firewall.lua index 55c417e13..26240aa7a 100644 --- a/applications/luci-firewall/luasrc/tools/firewall.lua +++ b/applications/luci-firewall/luasrc/tools/firewall.lua @@ -1,7 +1,7 @@ --[[ LuCI - Lua Configuration Interface -Copyright 2011 Jo-Philipp Wich +Copyright 2011-2012 Jo-Philipp Wich Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -9,7 +9,6 @@ You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -$Id$ ]]-- module("luci.tools.firewall", package.seeall) @@ -154,6 +153,7 @@ function fmt_proto(x, icmp_types) v, n = fmt_neg(v) if v == "tcpudp" then l[#l+1] = "TCP" + l[#l+1] = ", " l[#l+1] = "UDP" l[#l+1] = ", " elseif v ~= "all" then diff --git a/applications/luci-firewall/luasrc/view/firewall/cbi_addforward.htm b/applications/luci-firewall/luasrc/view/firewall/cbi_addforward.htm index 6a49266b7..9b17d52e7 100644 --- a/applications/luci-firewall/luasrc/view/firewall/cbi_addforward.htm +++ b/applications/luci-firewall/luasrc/view/firewall/cbi_addforward.htm @@ -45,9 +45,9 @@ cbi_validate_field('_newfwd.intport', true, 'portrange'); cbi_combobox_init('_newfwd.intaddr', { - <% local i, e; for i, e in ipairs(luci.sys.net.arptable()) do -%> - <%- if i > 1 then %>,<% end -%>'<%=e["IP address"]%>': '<%=e["IP address"]%>' - <%- end %> }, '', '<%: -- custom -- %>'); + <% first = true; luci.sys.net.ipv4_hints(function(ip, name) %> + <%- if first then first = false else %>,<% end -%>'<%=ip%>': '<%=ip%> (<%=name%>)' + <%- end) %> }, '', '<%: -- custom -- %>'); cbi_bind(document.getElementById('_newfwd.extport'), 'blur', function() { -- 2.11.0