</div>
<input class="cbi-button" value="search for updates" onclick="update_request()" type="button" id="update_button">
<div style="display: none" id="packages" class="alert-message success"></div>
+<div class="cbi-value" id="update_packages_container" style="display: block">
+ <label class="cbi-value-title" for="keep">search for package updates:</label>
+ <div class="cbi-value-field">
+ <input type="checkbox" name="update_packages" id="update_packages" />
+ </div>
+</div>
<div class="cbi-value" id="keep_container" style="display: none">
<label class="cbi-value-title" for="keep">keep settings:</label>
<div class="cbi-value-field">
<script type="text/javascript">
-latest_release = "";
+latest_version = "";
data = {};
ubus_counter = 1
origin = document.location.href.replace(location.pathname, "")
console.log(callback)
if(typeof callback === "string") {
response_json = JSON.parse(response_object.responseText).result[1]
+ if (callback == "release") {
+ latest_version = response_json.release.version
+ }
data[callback] = response_json[callback]
} else {
callback(response_object)
console.log(callback)
response_json = JSON.parse(response_object.responseText).result[1].value
data[callback] = response_json
+
+ document.getElementById("update_packages").checked = data.update_packages;
} else {
console.log(respons_object.responseText)
}
ubus_request("system", "board", {}, "board_name");
ubus_request("system", "board", {}, "model");
ubus_request("uci", "get", { "config": "attendedsysupgrade", "section": "updateserver", "option": "url" }, "update_server")
+ ubus_request("uci", "get", { "config": "attendedsysupgrade", "section": "updateclient", "option": "update_packages" }, "update_packages")
}
// shows notification if update is available
function update_error(error_output) {
document.getElementById("update_error").style.display = "block";
document.getElementById("update_error").innerHTML = error_output;
- document.getElementById("update_info").style.display = "None";
+ document.getElementById("update_info").style.display = "none";
}
// asks server for news updates, actually only based on relesae not packages
request_dict = {}
request_dict.version = data.release.version;
request_dict.packages = data.packagelist;
+ if (document.getElementById("update_packages").checked == 1) {
+ request_dict.update_packages = 1
+ }
server_request(request_dict, "update-request", update_request_callback)
}
// bad request
console.log(response_object.responseText)
response_object_content = JSON.parse(response_object.responseText)
- update_error(response_object_content)
+ update_error(response_object_content.error)
} else if (response_object.status === 200) {
// new release/updates
response_object_content = JSON.parse(response_object.responseText)
for (update in response_content.updates) {
info_output += "<b>" + update + "</b>: " + response_content.updates[update][1] + " to " + response_content.updates[update][0] + "</br>"
}
- data.packages = response_content.packages
}
+ data.packages = response_content.packages
update_info(info_output)
document.getElementById("update_button").value = "request image";
+ document.getElementById("update_packages_container").style.display = "none";
document.getElementById("update_button").onclick = image_request;
}
// request the image, need merge with update_request
function image_request() {
console.log("image_request")
+ document.getElementById("update_packages_container").style.display = "none";
request_dict = {}
request_dict.version = latest_version;
request_dict.board = data.board_name
luci.sys.call("env -i /bin/uclient-fetch --no-check-certificate -O " .. res_input .. " " .. url .. " >/dev/null 2>&1")
end
+if not uci:get_first("dnscrypt-proxy", "global") then
+ uci:add("dnscrypt-proxy", "global")
+ uci:save("dnscrypt-proxy")
+ uci:commit("dnscrypt-proxy")
+end
+
for line in io.lines(res_input) do
local name = line:match("^[%w_.-]*")
res_list[#res_list + 1] = { name = name }
luci.sys.call("env -i /etc/init.d/dnscrypt-proxy restart >/dev/null 2>&1")
end
--- Trigger selection
-
s = m:section(TypedSection, "global", translate("General options"))
s.anonymous = true
end
t.rmempty = true
+-- Extra options
+
+ds = s:option(DummyValue, "_dummy", translate("Extra options"),
+ translate("Options for further tweaking in case the defaults are not suitable for you."))
+ds.template = "cbi/nullsection"
+
+btn = s:option(Button, "", translate("Create custom config file"),
+ translate("Create '/etc/resolv-crypt.conf' with 'options timeout:1' to reduce DNS upstream timeouts with multiple DNSCrypt instances. ")
+ .. translatef("For further information "
+ .. "<a href=\"%s\" target=\"_blank\">"
+ .. "see the wiki online</a>", "https://wiki.openwrt.org/inbox/dnscrypt"))
+btn.inputtitle = translate("Create Config File")
+btn.inputstyle = "apply"
+btn.disabled = false
+function btn.write(self, section, value)
+ if not fs.access("/etc/resolv-crypt.conf") then
+ luci.sys.call("env -i echo 'options timeout:1' > '/etc/resolv-crypt.conf'")
+ end
+end
+
-- Mandatory options per instance
s = m:section(TypedSection, "dnscrypt-proxy", translate("Instance options"))
s.addremove = true
o1 = s:option(Value, "address", translate("IP Address"),
- translate("The local IP address."))
-o1.datatype = "ip4addr"
+ translate("The local IPv4 or IPv6 address. The latter one should be specified within brackets, e.g. '[::1]'."))
o1.default = address or "127.0.0.1"
o1.rmempty = false
msgid "Configuration of the DNSCrypt-Proxy package."
msgstr "DNSCrypt-Proxy パッケージの設定です。"
+msgid ""
+"Create '/etc/resolv-crypt.conf' with 'options timeout:1' to reduce DNS "
+"upstream timeouts with multiple DNSCrypt instances."
+msgstr ""
+"複数の DNSCrypt インスタンスで DNS アップストリーム タイムアウトの設定値を共"
+"用するため、 'options timeout:1' を含めた '/etc/resolv-crypt.conf' を作成しま"
+"す。"
+
+msgid "Create Config File"
+msgstr "設定ファイルの作成"
+
+msgid "Create custom config file"
+msgstr "カスタム設定ファイルの作成"
+
msgid "DNS Query Logfile"
msgstr "DNS クエリ ログファイル"
msgid "Ephemeral Keys"
msgstr "一時的なキー"
+msgid "Extra options"
+msgstr "拡張オプション"
+
msgid "File Checksum"
msgstr "ファイル チェックサム"
msgid "Name of the remote DNS service for resolving queries."
msgstr "クエリの名前解決を行う、リモートの DNS サービス名です。"
+msgid ""
+"Options for further tweaking in case the defaults are not suitable for you."
+msgstr "デフォルト設定が適切でない場合、追加で設定するためのオプションです。"
+
msgid "Overview"
msgstr "概要"
msgid "The listening port for DNS queries."
msgstr "DNS クエリを待ち受けるポートです。"
-msgid "The local IP address."
-msgstr "ローカル IP アドレスです。"
+msgid ""
+"The local IPv4 or IPv6 address. The latter one should be specified within "
+"brackets, e.g. '[::1]'."
+msgstr ""
+"ローカルの IPv4 または IPv6 アドレスです。 IPv6 アドレスの場合、ブラケット "
+"\"[ ]\" を含めて記述される必要があります(例: '[::1]')。"
msgid ""
"The value for this property is the blocklist type and path to the file, e."
msgid "Configuration of the DNSCrypt-Proxy package."
msgstr ""
+msgid ""
+"Create '/etc/resolv-crypt.conf' with 'options timeout:1' to reduce DNS "
+"upstream timeouts with multiple DNSCrypt instances."
+msgstr ""
+
+msgid "Create Config File"
+msgstr ""
+
+msgid "Create custom config file"
+msgstr ""
+
msgid "DNS Query Logfile"
msgstr ""
msgid "Ephemeral Keys"
msgstr ""
+msgid "Extra options"
+msgstr ""
+
msgid "File Checksum"
msgstr ""
msgid "Name of the remote DNS service for resolving queries."
msgstr ""
+msgid ""
+"Options for further tweaking in case the defaults are not suitable for you."
+msgstr ""
+
msgid "Overview"
msgstr ""
msgid "The listening port for DNS queries."
msgstr ""
-msgid "The local IP address."
+msgid ""
+"The local IPv4 or IPv6 address. The latter one should be specified within "
+"brackets, e.g. '[::1]'."
msgstr ""
msgid ""
msgid "Enabled"
msgstr "有効"
+msgid "Enter value in hex, starting with <code>0x</code>"
+msgstr "<code>0x</code> で始まる16進数の値を入力してください。"
+
msgid "Error collecting troubleshooting information"
msgstr "トラブルシューティング情報の収集エラー"
msgstr "エラー"
msgid "Expect interface state on up event"
-msgstr ""
+msgstr "Up イベント時に予想されるインターフェースの状態です。"
msgid "Failure interval"
msgstr "障害検出 インターバル"
+msgid "Firewall mask"
+msgstr "ファイアウォール マスク"
+
msgid "Flush conntrack table"
msgstr ""
msgstr ""
msgid "Globals"
-msgstr ""
+msgstr "全般"
msgid "Globals mwan3 options"
-msgstr ""
+msgstr "MWAN3 全般オプション"
msgid "Hotplug Script"
msgstr "ホットプラグ スクリプト"
msgstr "IPv6"
msgid "Initial state"
-msgstr ""
+msgstr "初期状態"
msgid "Interface"
msgstr "インターフェース"
msgstr "オフライン"
msgid "Online"
-msgstr ""
+msgstr "オンライン"
msgid "Online (tracking active)"
msgstr "オンライン(追跡実行中)"
msgstr "Ping インターバル"
msgid "Ping interval during failure detection"
-msgstr "障害検出動作中の Ping 実行間隔です。"
+msgstr "障害検出中の Ping 実行間隔です。"
msgid "Ping interval during failure recovering"
msgstr "障害復旧中の Ping 実行間隔です。"
msgid "Restart MWAN"
msgstr "MWAN の再起動"
-msgid "Restore default hotplug script"
-msgstr "デフォルトのホットプラグ スクリプトの復元"
-
-msgid "Restore..."
-msgstr "復元..."
-
msgid "Rule"
msgstr "ルール"
"に対して Ping の送信が行われます。常にオンラインとする場合、空欄のままにしま"
"す。"
+msgid ""
+"This section allows you to modify the content of \"/etc/mwan3.user\".<br /"
+">The file is also preserved during sysupgrade.<br /><br />Notes:<br />This "
+"file is interpreted as a shell script.<br />The first line of the script "
+"must be "#!/bin/sh" without quotes.<br />Lines beginning with # are "
+"comments and are not executed.<br />Put your custom mwan3 action here, they "
+"will<br />be executed with each netifd hotplug interface event<br />on "
+"interfaces for which mwan3 is enabled.<br /><br />There are three main "
+"environment variables that are passed to this script.<br /><br />$ACTION "
+"Either \"ifup\" or \"ifdown\"<br />$INTERFACE Name of the interface which "
+"went up or down (e.g. \"wan\" or \"wwan\")<br />$DEVICE Physical device name "
+"which interface went up or down (e.g. \"eth0\" or \"wwan0\")<br /><br />"
+msgstr ""
+"このセクションでは、 \"/etc/mwan3.user\" の内容を変更することができます。"
+"<br />このファイルは、 sysupgrade 時に保持されます。<br /><br />注意: <br />"
+"このファイルは、シェルスクリプトとして解釈されます。<br />スクリプトの1行目"
+"は、"#!bin/sh" である必要があります(クォーテーション不要)。<br /># "
+"で始まる行はコメントであり、実行されません。<br />mwan3 のカスタム動作をここ"
+"に入力してください。これらは、 mwan3 が有効なインターフェースの<br />netifd "
+"ホットプラグ インターフェース イベント毎に実行されます。<br /><br />主に3つの"
+"環境変数が利用可能です。<br /><br />$ACTION - \"ifup\" および \"ifdown\"<br /"
+">$INTERFACE - Up または Down が行われたインターフェース名(例: \"wan\" や "
+"\"wwan\")<br />$DEVICE - Up または Down が行われた物理デバイス名(例: "
+"\"eth0\" や \"wwan0\")<br /><br />"
+
msgid "This section allows you to modify the contents of /etc/config/mwan3"
msgstr ""
"このセクションでは、 /etc/config/mwan3 の内容を変更することができます。"
msgstr ""
"このセクションでは、 /etc/config/wireless の内容を変更することができます。"
-msgid ""
-"This section allows you to modify the contents of /etc/hotplug.d/iface/16-"
-"mwancustom<br />This is useful for running system commands and/or scripts "
-"based on interface ifup or ifdown hotplug events<br /><br />Notes:<br />The "
-"first line of the script must be "#!/bin/sh" without quotes<br /"
-">Lines beginning with # are comments and are not executed<br /><br /"
-">Available variables:<br />$ACTION is the hotplug event (ifup, ifdown)<br />"
-"$INTERFACE is the interface name (wan1, wan2, etc.)<br />$DEVICE is the "
-"device name attached to the interface (eth0.1, eth1, etc.)"
-msgstr ""
-"このセクションでは、 /etc/hotplug.d/iface/16-mwancustom の内容を変更すること"
-"ができます。<br />これは、インターフェースの ifup または ifdown ホットプラグ "
-"イベント時にシステムコマンドまたはスクリプト、もしくはその両方を実行すること"
-"に役立ちます。<br /><br />注意:<br />スクリプトの1行目は、"#!bin/sh" "
-"である必要があります(クオーテーション不要)。<br /># で始まる行はコメントと"
-"して認識され、実行されません。<br /><br />利用可能な変数:<br />$ACTION - ホッ"
-"トプラグ イベント (ifup, ifdown)<br />$INTERFACE - インターフェース名(wan1, "
-"wan2, その他)<br />$DEVICE - インターフェースにアタッチされたデバイスの名前"
-"(eth0.1, eth1, その他)"
-
msgid "Tracking IP"
msgstr "追跡 IP"
msgid "Tracking hostname or IP address"
msgstr "追跡ホスト名または IP アドレス"
+msgid "Tracking method"
+msgstr "追跡方式"
+
msgid "Tracking reliability"
msgstr "追跡の信頼性"
"Use the IP address of this interface as source IP address for traffic "
"initiated by the router itself"
msgstr ""
+"ルーター自身によって発生するトラフィックのアクセス元 IP アドレスとして、この"
+"インターフェースの IP アドレスが使用されます。"
msgid "View the contents of /etc/protocols for protocol descriptions"
msgstr "プロトコルの説明については、 /etc/protocols の内容を確認してください。"
msgid "unreachable (reject)"
msgstr "unreachable (reject)"
-
-#~ msgid ""
-#~ "This IP address will be pinged to dermine if the link is up or down. "
-#~ "Leave blank to assume interface is always online"
-#~ msgstr ""
-#~ "これらは、リンクの Up または Down を判定するために Ping が送信されるIP ア"
-#~ "ドレスです。常にオンラインとする場合、空欄のままにします。"
msgid "Enabled"
msgstr ""
+msgid "Enter value in hex, starting with <code>0x</code>"
+msgstr ""
+
msgid "Error collecting troubleshooting information"
msgstr ""
msgid "Failure interval"
msgstr ""
+msgid "Firewall mask"
+msgstr ""
+
msgid "Flush conntrack table"
msgstr ""
msgid "Restart MWAN"
msgstr ""
-msgid "Restore default hotplug script"
-msgstr ""
-
-msgid "Restore..."
-msgstr ""
-
msgid "Rule"
msgstr ""
"down. Leave blank to assume interface is always online"
msgstr ""
+msgid ""
+"This section allows you to modify the content of \"/etc/mwan3.user\".<br /"
+">The file is also preserved during sysupgrade.<br /><br />Notes:<br />This "
+"file is interpreted as a shell script.<br />The first line of the script "
+"must be "#!/bin/sh" without quotes.<br />Lines beginning with # are "
+"comments and are not executed.<br />Put your custom mwan3 action here, they "
+"will<br />be executed with each netifd hotplug interface event<br />on "
+"interfaces for which mwan3 is enabled.<br /><br />There are three main "
+"environment variables that are passed to this script.<br /><br />$ACTION "
+"Either \"ifup\" or \"ifdown\"<br />$INTERFACE Name of the interface which "
+"went up or down (e.g. \"wan\" or \"wwan\")<br />$DEVICE Physical device name "
+"which interface went up or down (e.g. \"eth0\" or \"wwan0\")<br /><br />"
+msgstr ""
+
msgid "This section allows you to modify the contents of /etc/config/mwan3"
msgstr ""
msgid "This section allows you to modify the contents of /etc/config/wireless"
msgstr ""
-msgid ""
-"This section allows you to modify the contents of /etc/hotplug.d/iface/16-"
-"mwancustom<br />This is useful for running system commands and/or scripts "
-"based on interface ifup or ifdown hotplug events<br /><br />Notes:<br />The "
-"first line of the script must be "#!/bin/sh" without quotes<br /"
-">Lines beginning with # are comments and are not executed<br /><br /"
-">Available variables:<br />$ACTION is the hotplug event (ifup, ifdown)<br />"
-"$INTERFACE is the interface name (wan1, wan2, etc.)<br />$DEVICE is the "
-"device name attached to the interface (eth0.1, eth1, etc.)"
-msgstr ""
-
msgid "Tracking IP"
msgstr ""
msgid "Enabled"
msgstr "启用"
+msgid "Enter value in hex, starting with <code>0x</code>"
+msgstr ""
+
msgid "Error collecting troubleshooting information"
msgstr "收集故障排除信息时出错"
msgid "Failure interval"
msgstr "故障检测间隔"
+msgid "Firewall mask"
+msgstr ""
+
msgid "Flush conntrack table"
msgstr "刷新连接跟踪表"
msgid "Restart MWAN"
msgstr "重启 MWAN"
-msgid "Restore default hotplug script"
-msgstr "恢复默认的 hotplug 脚本"
-
-msgid "Restore..."
-msgstr "恢复..."
-
msgid "Rule"
msgstr "规则"
"down. Leave blank to assume interface is always online"
msgstr "通过 ping 此主机或 IP 地址来确定链路是否在线。留空则认为接口始终在线"
+msgid ""
+"This section allows you to modify the content of \"/etc/mwan3.user\".<br /"
+">The file is also preserved during sysupgrade.<br /><br />Notes:<br />This "
+"file is interpreted as a shell script.<br />The first line of the script "
+"must be "#!/bin/sh" without quotes.<br />Lines beginning with # are "
+"comments and are not executed.<br />Put your custom mwan3 action here, they "
+"will<br />be executed with each netifd hotplug interface event<br />on "
+"interfaces for which mwan3 is enabled.<br /><br />There are three main "
+"environment variables that are passed to this script.<br /><br />$ACTION "
+"Either \"ifup\" or \"ifdown\"<br />$INTERFACE Name of the interface which "
+"went up or down (e.g. \"wan\" or \"wwan\")<br />$DEVICE Physical device name "
+"which interface went up or down (e.g. \"eth0\" or \"wwan0\")<br /><br />"
+msgstr ""
+
msgid "This section allows you to modify the contents of /etc/config/mwan3"
msgstr "这里允许你修改 /etc/config/mwan3 的内容"
msgid "This section allows you to modify the contents of /etc/config/wireless"
msgstr "这里允许你修改 /etc/config/wireless 的内容"
-msgid ""
-"This section allows you to modify the contents of /etc/hotplug.d/iface/16-"
-"mwancustom<br />This is useful for running system commands and/or scripts "
-"based on interface ifup or ifdown hotplug events<br /><br />Notes:<br />The "
-"first line of the script must be "#!/bin/sh" without quotes<br /"
-">Lines beginning with # are comments and are not executed<br /><br /"
-">Available variables:<br />$ACTION is the hotplug event (ifup, ifdown)<br />"
-"$INTERFACE is the interface name (wan1, wan2, etc.)<br />$DEVICE is the "
-"device name attached to the interface (eth0.1, eth1, etc.)"
-msgstr ""
-"这里允许你修改 /etc/hotplug.d/iface/16-mwancustom 的内容<br />这可以在接口 "
-"ifup 或 ifdown Hotplug 事件时运行系统命令或脚本<br /><br />注意:<br />脚本的"
-"第一行必须是 "#!/bin/sh" 不含引号<br />以#开头的行是注释,不会执行"
-"<br /><br />可用变量:<br />$ACTION 是 Hotplug 事件(ifup, ifdown)<br />"
-"$INTERFACE 是接口名称(wan1、wan2 等)<br />$DEVICE 是连接到接口的设备名称 "
-"(eth0.1、eth1 等)"
-
msgid "Tracking IP"
msgstr "追踪的 IP"
msgid "Tracking hostname or IP address"
msgstr "追踪的主机或 IP 地址"
+msgid "Tracking method"
+msgstr ""
+
msgid "Tracking reliability"
msgstr "追踪可靠性"
msgid "unreachable (reject)"
msgstr "不可达(拒绝)"
+
+#~ msgid "Restore default hotplug script"
+#~ msgstr "恢复默认的 hotplug 脚本"
+
+#~ msgid "Restore..."
+#~ msgstr "恢复..."
+
+#~ msgid ""
+#~ "This section allows you to modify the contents of /etc/hotplug.d/iface/16-"
+#~ "mwancustom<br />This is useful for running system commands and/or scripts "
+#~ "based on interface ifup or ifdown hotplug events<br /><br />Notes:<br /"
+#~ ">The first line of the script must be "#!/bin/sh" without "
+#~ "quotes<br />Lines beginning with # are comments and are not executed<br /"
+#~ "><br />Available variables:<br />$ACTION is the hotplug event (ifup, "
+#~ "ifdown)<br />$INTERFACE is the interface name (wan1, wan2, etc.)<br />"
+#~ "$DEVICE is the device name attached to the interface (eth0.1, eth1, etc.)"
+#~ msgstr ""
+#~ "这里允许你修改 /etc/hotplug.d/iface/16-mwancustom 的内容<br />这可以在接"
+#~ "口 ifup 或 ifdown Hotplug 事件时运行系统命令或脚本<br /><br />注意:<br />"
+#~ "脚本的第一行必须是 "#!/bin/sh" 不含引号<br />以#开头的行是注释,"
+#~ "不会执行<br /><br />可用变量:<br />$ACTION 是 Hotplug 事件(ifup, ifdown)"
+#~ "<br />$INTERFACE 是接口名称(wan1、wan2 等)<br />$DEVICE 是连接到接口的设"
+#~ "备名称 (eth0.1、eth1 等)"
translate("Redir Rules"),
translate("On this page you can configure how traffics are to be \
forwarded to ss-redir instances. \
- If enabled, packets will first have their source ip addresses checked \
- against <em>Src ip bypass</em>, <em>Src ip forward</em>, \
- <em>Src ip checkdst</em> and if none matches <em>Src default</em> \
+ If enabled, packets will first have their src ip addresses checked \
+ against <em>Src ip/net bypass</em>, <em>Src ip/net forward</em>, \
+ <em>Src ip/net checkdst</em> and if none matches <em>Src default</em> \
will give the default action to be taken. \
If the prior check results in action <em>checkdst</em>, packets will continue \
- to have their destination addresses checked."))
+ to have their dst addresses checked."))
local sdata = m:get('ss_rules')
if not sdata then
m:set('ss_rules', nil, 'ss_rules')
- m:set('ss_rules', 'ss_rules', 'disabled', true)
+ m:set('ss_rules', 'disabled', "1")
+end
+
+function src_dst_option(s, ...)
+ local o = s:taboption(...)
+ o.datatype = "or(ip4addr,cidr4)"
end
s = m:section(NamedSection, "ss_rules", "ss_rules")
s:tab("general", translate("General Settings"))
-s:tab("srcip", translate("Source Settings"))
-s:tab("dstip", translate("Destination Settings"))
+s:tab("src", translate("Source Settings"))
+s:tab("dst", translate("Destination Settings"))
s:taboption('general', Flag, "disabled", translate("Disable"))
ss.option_install_package(s, 'general')
o = s:taboption('general', ListValue, "local_default",
translate("Local-out default"),
- translate("Default action for locally generated packets"))
+ translate("Default action for locally generated TCP packets"))
ss.values_actions(o)
+o = s:taboption('general', DynamicList, "ifnames",
+ translate("Ingress interfaces"),
+ translate("Only apply rules on packets from these network interfaces"))
+ss.values_ifnames(o)
s:taboption('general', Value, "ipt_args",
translate("Extra arguments"),
translate("Passes additional arguments to iptables. Use with care!"))
-s:taboption('srcip', DynamicList, "src_ips_bypass",
- translate("Src ip bypass"),
- translate("Bypass redir action for packets with source addresses in this list"))
-s:taboption('srcip', DynamicList, "src_ips_forward",
- translate("Src ip forward"),
- translate("Go through redir action for packets with source addresses in this list"))
-s:taboption('srcip', DynamicList, "src_ips_checkdst",
- translate("Src ip checkdst"),
- translate("Continue to have dst address checked for packets with source addresses in this list"))
-o = s:taboption('srcip', ListValue, "src_default",
+src_dst_option(s, 'src', DynamicList, "src_ips_bypass",
+ translate("Src ip/net bypass"),
+ translate("Bypass ss-redir for packets with src address in this list"))
+src_dst_option(s, 'src', DynamicList, "src_ips_forward",
+ translate("Src ip/net forward"),
+ translate("Forward through ss-redir for packets with src address in this list"))
+src_dst_option(s, 'src', DynamicList, "src_ips_checkdst",
+ translate("Src ip/net checkdst"),
+ translate("Continue to have dst address checked for packets with src address in this list"))
+o = s:taboption('src', ListValue, "src_default",
translate("Src default"),
- translate("Default action for packets whose source addresses do not match any of the source ip list"))
+ translate("Default action for packets whose src address do not match any of the src ip/net list"))
ss.values_actions(o)
-s:taboption('dstip', DynamicList, "dst_ips_bypass",
- translate("Dst ip bypass"),
- translate("Bypass redir action for packets with destination addresses in this list"))
-s:taboption('dstip', DynamicList, "dst_ips_forward",
- translate("Dst ip forward"),
- translate("Go through redir action for packets with destination addresses in this list"))
+src_dst_option(s, 'dst', DynamicList, "dst_ips_bypass",
+ translate("Dst ip/net bypass"),
+ translate("Bypass ss-redir for packets with dst address in this list"))
+src_dst_option(s, 'dst', DynamicList, "dst_ips_forward",
+ translate("Dst ip/net forward"),
+ translate("Forward through ss-redir for packets with dst address in this list"))
-o = s:taboption('dstip', FileBrowser, "dst_ips_bypass_file",
- translate("Dst ip bypass file"),
- translate("File containing ip addresses for the purposes as with <em>Dst ip bypass</em>"))
+o = s:taboption('dst', FileBrowser, "dst_ips_bypass_file",
+ translate("Dst ip/net bypass file"),
+ translate("File containing ip/net for the purposes as with <em>Dst ip/net bypass</em>"))
o.datatype = "file"
-s:taboption('dstip', FileBrowser, "dst_ips_forward_file",
- translate("Dst ip forward file"),
- translate("File containing ip addresses for the purposes as with <em>Dst ip forward</em>"))
+s:taboption('dst', FileBrowser, "dst_ips_forward_file",
+ translate("Dst ip/net forward file"),
+ translate("File containing ip/net for the purposes as with <em>Dst ip/net forward</em>"))
o.datatype = "file"
+o = s:taboption('dst', ListValue, "dst_default",
+ translate("Dst default"),
+ translate("Default action for packets whose dst address do not match any of the dst ip list"))
+ss.values_actions(o)
+
+local installed = os.execute("iptables -m recent -h &>/dev/null") == 0
+if installed then
+ o = s:taboption('dst', Flag, "dst_forward_recentrst")
+else
+ m:set('ss_rules', 'dst_forward_recentrst', "0")
+ o = s:taboption("dst", Button, "_install")
+ o.inputtitle = translate("Install package iptables-mod-conntrack-extra")
+ o.inputstyle = "apply"
+ o.write = function()
+ return luci.http.redirect(
+ luci.dispatcher.build_url("admin/system/packages") ..
+ "?submit=1&install=iptables-mod-conntrack-extra"
+ )
+ end
+end
+o.title = translate("Forward recentrst")
+o.description = translate("Forward those packets whose dst have recently sent to us multiple tcp-rst")
return m
local _up = getfenv(3)
local ut = require("luci.util")
+local sys = require("luci.sys")
local ds = require("luci.dispatcher")
local nw = require("luci.model.network")
nw.init()
end)
function values_actions(o)
- for _, a in ipairs(actions) do
- o:value(a)
+ o:value("bypass")
+ o:value("forward")
+ if o.option ~= "dst_default" then
+ o:value("checkdst")
end
end
function values_redir(o, xmode)
o.map.uci.foreach("shadowsocks-libev", "ss_redir", function(sdata)
+ local disabled = ucival_to_bool(sdata["disabled"])
local sname = sdata[".name"]
local mode = sdata["mode"] or "tcp_only"
- if mode and mode:find(xmode) then
+ if not disabled and mode:find(xmode) then
local desc = "%s - %s" % {sname, mode}
o:value(sname, desc)
end
end)
+ o:value("", "<unset>")
+ o.default = ""
end
function values_serverlist(o)
end
function values_ipaddr(o)
- local keys, vals = {}, {}
for _, v in ipairs(nw:get_interfaces()) do
for _, a in ipairs(v:ipaddrs()) do
o:value(a:host():string(), '%s (%s)' %{ a:host(), v:shortname() })
end
end
+function values_ifnames(o)
+ for _, v in ipairs(sys.net.devices()) do
+ o:value(v)
+ end
+end
+
function options_client(s, tab)
local o
"udp_only",
}
-actions = {
- "bypass",
- "forward",
- "checkdst",
-}
-
methods = {
-- aead
"aes-128-gcm",
"aes-192-gcm",
"aes-256-gcm",
+ "chacha20-ietf-poly1305",
+ "xchacha20-ietf-poly1305",
-- stream
"table",
"rc4",
translate("Options for further tweaking in case the defaults are not suitable for you."))
e1 = e:option(Value, "trm_radio", translate("Radio selection"),
- translate("Restrict travelmate to a dedicated radio, e.g. 'radio0'"))
+ translate("Restrict travelmate to a dedicated radio, e.g. 'radio0'."))
e1.datatype = "and(uciname,rangelength(6,6))"
e1.rmempty = true
e2 = e:option(Value, "trm_maxretry", translate("Connection Limit"),
- translate("How many times should travelmate try to connect to an Uplink"))
+ translate("How many times should travelmate try to connect to an Uplink. ")
+ .. translate("To disable this feature set it to '0' which means unlimited retries."))
e2.default = 3
-e2.datatype = "range(1,10)"
+e2.datatype = "range(0,30)"
e2.rmempty = false
e3 = e:option(Value, "trm_maxwait", translate("Interface Timeout"),
- translate("How long should travelmate wait for a successful wlan interface reload"))
+ translate("How long should travelmate wait for a successful wlan interface reload."))
e3.default = 30
e3.datatype = "range(5,60)"
e3.rmempty = false
e4 = e:option(Value, "trm_timeout", translate("Overall Timeout"),
- translate("Timeout in seconds between retries in 'automatic' mode"))
+ translate("Timeout in seconds between retries in 'automatic' mode."))
e4.default = 60
e4.datatype = "range(60,300)"
e4.rmempty = false
"詳細な情報は <a href=\"%s\" target=\"_blank\">オンライン ドキュメント</a> を"
"確認してください。"
-msgid "How long should travelmate wait for a successful wlan interface reload"
+msgid "How long should travelmate wait for a successful wlan interface reload."
msgstr ""
"無線LAN インターフェースのリロードが成功するまでの、Travelmate の待機時間で"
"す。"
-msgid "How many times should travelmate try to connect to an Uplink"
+msgid "How many times should travelmate try to connect to an Uplink."
msgstr "Travelmate がアップリンクへの接続を試行する回数です。"
msgid "Input file not found, please check your configuration."
msgid "Rescan"
msgstr "再スキャン"
-msgid "Restrict travelmate to a dedicated radio, e.g. 'radio0'"
-msgstr "Travelmate が指定された無線に接続するよう制限します。例: 'radio0'"
+msgid "Restrict travelmate to a dedicated radio, e.g. 'radio0'."
+msgstr "Travelmate が指定された無線に接続するよう制御します。(例: 'radio0')"
msgid "Runtime information"
msgstr "実行情報"
"このフォームには、システムログ内の Travelmate に関するメッセージのみが表示さ"
"れます。"
-msgid "Timeout in seconds between retries in 'automatic' mode"
+msgid "Timeout in seconds between retries in 'automatic' mode."
msgstr "'automatic' モード時に接続を確認または再試行する間隔(秒)です。"
+msgid "To disable this feature set it to '0' which means unlimited retries."
+msgstr ""
+"この機能を無効にして接続の再試行を無制限にする場合、 '0' を設定します。"
+
msgid "Travelmate"
msgstr "Travelmate"
"documentation</a>"
msgstr ""
-msgid "How long should travelmate wait for a successful wlan interface reload"
+msgid "How long should travelmate wait for a successful wlan interface reload."
msgstr ""
-msgid "How many times should travelmate try to connect to an Uplink"
+msgid "How many times should travelmate try to connect to an Uplink."
msgstr ""
msgid "Input file not found, please check your configuration."
msgid "Rescan"
msgstr ""
-msgid "Restrict travelmate to a dedicated radio, e.g. 'radio0'"
+msgid "Restrict travelmate to a dedicated radio, e.g. 'radio0'."
msgstr ""
msgid "Runtime information"
"messages only."
msgstr ""
-msgid "Timeout in seconds between retries in 'automatic' mode"
+msgid "Timeout in seconds between retries in 'automatic' mode."
+msgstr ""
+
+msgid "To disable this feature set it to '0' which means unlimited retries."
msgstr ""
msgid "Travelmate"
"documentation</a>"
msgstr ""
-msgid "How long should travelmate wait for a successful wlan interface reload"
+msgid "How long should travelmate wait for a successful wlan interface reload."
msgstr ""
-msgid "How many times should travelmate try to connect to an Uplink"
+msgid "How many times should travelmate try to connect to an Uplink."
msgstr ""
msgid "Input file not found, please check your configuration."
msgid "Rescan"
msgstr ""
-msgid "Restrict travelmate to a dedicated radio, e.g. 'radio0'"
+msgid "Restrict travelmate to a dedicated radio, e.g. 'radio0'."
msgstr ""
msgid "Runtime information"
"messages only."
msgstr ""
-msgid "Timeout in seconds between retries in 'automatic' mode"
+msgid "Timeout in seconds between retries in 'automatic' mode."
+msgstr ""
+
+msgid "To disable this feature set it to '0' which means unlimited retries."
msgstr ""
msgid "Travelmate"
o.optional = true
o.datatype = "uinteger"
-local s = m:section(NamedSection, "px5g", "cert", translate("uHTTPd Self-signed Certificate Parameters"))
+local s = m:section(TypedSection, "cert", translate("uHTTPd Self-signed Certificate Parameters"))
+
+s.template = "cbi/tsection"
+s.anonymous = true
o = s:option(Value, "days", translate("Valid for # of Days"))
o.default = 730
o.datatype = "uinteger"
o = s:option(Value, "bits", translate("Length of key in bits"))
-o.default = 1024
+o.default = 2048
o.datatype = "min(1024)"
o = s:option(Value, "commonname", translate("Server Hostname"), translate("a.k.a CommonName"))
o.default = "Unknown"
o = s:option(Value, "location", translate("Location"))
-o.default = "Somewhere"
+o.default = "Unknown"
return m
return false;
},
- 'ipmask': function()
+ 'ip4prefix': function()
{
- return cbi_validators.ipmask4.apply(this) ||
- cbi_validators.ipmask6.apply(this);
+ return !isNaN(this) && this >= 0 && this <= 32;
},
- 'ipmask4': function()
+ 'ip6prefix': function()
{
- var ip = this, mask = 32;
+ return !isNaN(this) && this >= 0 && this <= 128;
+ },
- if (ip.match(/^(\S+)\/(\S+)$/))
+ 'cidr': function()
+ {
+ return cbi_validators.cidr4.apply(this) ||
+ cbi_validators.cidr6.apply(this);
+ },
+
+ 'cidr4': function()
+ {
+ if (this.match(/^(\S+)\/(\S+)$/))
{
ip = RegExp.$1;
mask = RegExp.$2;
+ return cbi_validators.ip4addr.apply(ip) &&
+ cbi_validators.ip4prefix.apply(mask);
}
+ return false;
+ },
- if (!isNaN(mask) && (mask < 0 || mask > 32))
- return false;
-
- if (isNaN(mask) && !cbi_validators.ip4addr.apply(mask))
- return false;
-
- return cbi_validators.ip4addr.apply(ip);
+ 'cidr6': function()
+ {
+ if (this.match(/^(\S+)\/(\S+)$/))
+ {
+ ip = RegExp.$1;
+ mask = RegExp.$2;
+ return cbi_validators.ip6addr.apply(ip) &&
+ cbi_validators.ip6prefix.apply(mask);
+ }
+ return false;
},
- 'ipmask6': function()
+ 'ipnet4': function()
{
- var ip = this, mask = 128;
+ if (this.match(/^(\S+)\/(\S+)$/))
+ {
+ ip = RegExp.$1;
+ net = RegExp.$2;
+ return cbi_validators.ip4addr.apply(ip) &&
+ cbi_validators.ip4addr.apply(net);
+ }
+ return false;
+ },
- if (ip.match(/^(\S+)\/(\S+)$/))
+ 'ipnet6': function()
+ {
+ if (this.match(/^(\S+)\/(\S+)$/))
{
ip = RegExp.$1;
- mask = RegExp.$2;
+ net = RegExp.$2;
+ return cbi_validators.ip6addr.apply(ip) &&
+ cbi_validators.ip6addr.apply(net);
}
+ return false;
+ },
- if (!isNaN(mask) && (mask < 0 || mask > 128))
- return false;
+ 'ipmask': function()
+ {
+ return cbi_validators.ipmask4.apply(this) ||
+ cbi_validators.ipmask6.apply(this);
+ },
- if (isNaN(mask) && !cbi_validators.ip6addr.apply(mask))
- return false;
+ 'ipmask4': function()
+ {
+ return cbi_validators.cidr4.apply(this) ||
+ cbi_validators.ipnet4.apply(this) ||
+ cbi_validators.ip4addr.apply(this);
+ },
- return cbi_validators.ip6addr.apply(ip);
+ 'ipmask6': function()
+ {
+ return cbi_validators.cidr6.apply(this) ||
+ cbi_validators.ipnet6.apply(this) ||
+ cbi_validators.ip6addr.apply(this);
},
'port': function()
return ( val and val >= 0 and val <= 128 )
end
-function ipmask(val)
- return ipmask4(val) or ipmask6(val)
+function cidr4(val)
+ local ip, mask = val:match("^([^/]+)/([^/]+)$")
+
+ return ip4addr(ip) and ip4prefix(mask)
end
-function ipmask4(val)
+function cidr6(val)
local ip, mask = val:match("^([^/]+)/([^/]+)$")
- local bits = tonumber(mask)
- if bits and (bits < 0 or bits > 32) then
- return false
- end
+ return ip6addr(ip) and ip6prefix(mask)
+end
- if not bits and mask and not ip4addr(mask) then
- return false
- end
+function ipnet4(val)
+ local ip, mask = val:match("^([^/]+)/([^/]+)$")
- return ip4addr(ip or val)
+ return ip4addr(ip) and ip4addr(mask)
end
-function ipmask6(val)
+function ipnet6(val)
local ip, mask = val:match("^([^/]+)/([^/]+)$")
- local bits = tonumber(mask)
- if bits and (bits < 0 or bits > 128) then
- return false
- end
+ return ip6addr(ip) and ip6addr(mask)
+end
- if not bits and mask and not ip6addr(mask) then
- return false
- end
+function ipmask(val)
+ return ipmask4(val) or ipmask6(val)
+end
+
+function ipmask4(val)
+ return cidr4(val) or ipnet4(val) or ip4addr(val)
+end
- return ip6addr(ip or val)
+function ipmask6(val)
+ return cidr6(val) or ipnet6(val) or ip6addr(val)
end
function ip6hostid(val)
projects / project / luci.git / commitdiff