2 LuCI - Lua Configuration Interface
4 Copyright 2011 Jo-Philipp Wich <xm@subsignal.org>
6 Licensed under the Apache License, Version 2.0 (the "License");
7 you may not use this file except in compliance with the License.
8 You may obtain a copy of the License at
10 http://www.apache.org/licenses/LICENSE-2.0
15 local sys = require "luci.sys"
16 local dsp = require "luci.dispatcher"
17 local ft = require "luci.tools.firewall"
24 translate("Firewall - Port Forwards"),
25 translate("This page allows you to change advanced properties of the port \
26 forwarding entry. In most cases there is no need to modify \
29 m.redirect = dsp.build_url("admin/network/firewall/forwards")
31 if m.uci:get("firewall", arg[1]) ~= "redirect" then
32 luci.http.redirect(m.redirect)
35 local name = m:get(arg[1], "name") or m:get(arg[1], "_name")
36 if not name or #name == 0 then
37 name = translate("(Unnamed Entry)")
39 m.title = "%s - %s" %{ translate("Firewall - Port Forwards"), name }
44 m.uci:foreach("firewall", "zone",
46 local n = s.network or s.name
49 for i in n:gmatch("%S+") do
58 s = m:section(NamedSection, arg[1], "redirect", "")
62 ft.opt_enabled(s, Button)
63 ft.opt_name(s, Value, translate("Name"))
66 o = s:option(Value, "proto", translate("Protocol"))
67 o:value("tcp udp", "TCP+UDP")
70 o:value("icmp", "ICMP")
72 function o.cfgvalue(...)
73 local v = Value.cfgvalue(...)
74 if not v or v == "tcpudp" then
81 o = s:option(Value, "src", translate("Source zone"))
84 o.template = "cbi/firewall_zonelist"
87 o = s:option(DynamicList, "src_mac",
88 translate("Source MAC address"),
89 translate("Only match incoming traffic from these MACs."))
91 o.datatype = "macaddr"
92 o.placeholder = translate("any")
94 luci.sys.net.mac_hints(function(mac, name)
95 o:value(mac, "%s (%s)" %{ mac, name })
99 o = s:option(Value, "src_ip",
100 translate("Source IP address"),
101 translate("Only match incoming traffic from this IP or range."))
103 o.datatype = "neg(ip4addr)"
104 o.placeholder = translate("any")
106 luci.sys.net.ipv4_hints(function(ip, name)
107 o:value(ip, "%s (%s)" %{ ip, name })
111 o = s:option(Value, "src_port",
112 translate("Source port"),
113 translate("Only match incoming traffic originating from the given source port or port range on the client host"))
115 o.datatype = "portrange"
116 o.placeholder = translate("any")
119 o = s:option(Value, "src_dip",
120 translate("External IP address"),
121 translate("Only match incoming traffic directed at the given IP address."))
123 luci.sys.net.ipv4_hints(function(ip, name)
124 o:value(ip, "%s (%s)" %{ ip, name })
129 o.datatype = "ip4addr"
130 o.placeholder = translate("any")
133 o = s:option(Value, "src_dport", translate("External port"),
134 translate("Match incoming traffic directed at the given " ..
135 "destination port or port range on this host"))
136 o.datatype = "portrange"
140 o = s:option(Value, "dest", translate("Internal zone"))
143 o.template = "cbi/firewall_zonelist"
146 o = s:option(Value, "dest_ip", translate("Internal IP address"),
147 translate("Redirect matched incoming traffic to the specified \
149 o.datatype = "ip4addr"
151 luci.sys.net.ipv4_hints(function(ip, name)
152 o:value(ip, "%s (%s)" %{ ip, name })
156 o = s:option(Value, "dest_port",
157 translate("Internal port"),
158 translate("Redirect matched incoming traffic to the given port on \
160 o.placeholder = translate("any")
161 o.datatype = "portrange"
164 o = s:option(Flag, "reflection", translate("Enable NAT Loopback"))
166 o.default = o.enabled
167 o:depends("src", wan_zone)
168 o.cfgvalue = function(...)
169 return Flag.cfgvalue(...) or "1"
173 s:option(Value, "extra",
174 translate("Extra arguments"),
175 translate("Passes additional arguments to iptables. Use with care!"))