mirror of https://github.com/openwrt/luci.git
luci-app-firewall: initial firewall4 compatibility
Initial changes required for firewall4 compatibility: * depend on uc-firewall instead of firewall * detect installed version of firewall and hide incompatible features Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Reviewed-by: Jo-Philipp Wich <jo@mein.io>pull/5633/head
parent
dc0ed9ca93
commit
48599d8d1d
|
@ -7,7 +7,7 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
LUCI_TITLE:=Firewall and Portforwarding application
|
||||
LUCI_DEPENDS:=+firewall
|
||||
LUCI_DEPENDS:=+uci-firewall
|
||||
|
||||
PKG_LICENSE:=Apache-2.0
|
||||
|
||||
|
|
|
@ -281,10 +281,12 @@ return view.extend({
|
|||
fwtool.addLimitOption(s);
|
||||
fwtool.addLimitBurstOption(s);
|
||||
|
||||
o = s.taboption('advanced', form.Value, 'extra', _('Extra arguments'),
|
||||
_('Passes additional arguments to iptables. Use with care!'));
|
||||
o.modalonly = true;
|
||||
o.rmempty = true;
|
||||
if (!L.hasSystemFeature('firewall4')) {
|
||||
o = s.taboption('advanced', form.Value, 'extra', _('Extra arguments'),
|
||||
_('Passes additional arguments to iptables. Use with care!'));
|
||||
o.modalonly = true;
|
||||
o.rmempty = true;
|
||||
}
|
||||
|
||||
return m.render();
|
||||
}
|
||||
|
|
|
@ -432,9 +432,11 @@ return view.extend({
|
|||
fwtool.addLimitOption(s);
|
||||
fwtool.addLimitBurstOption(s);
|
||||
|
||||
o = s.taboption('advanced', form.Value, 'extra', _('Extra arguments'),
|
||||
_('Passes additional arguments to iptables. Use with care!'));
|
||||
o.modalonly = true;
|
||||
if (!L.hasSystemFeature('firewall4')) {
|
||||
o = s.taboption('advanced', form.Value, 'extra', _('Extra arguments'),
|
||||
_('Passes additional arguments to iptables. Use with care!'));
|
||||
o.modalonly = true;
|
||||
}
|
||||
|
||||
o = s.taboption('timed', form.MultiValue, 'weekdays', _('Week Days'));
|
||||
o.modalonly = true;
|
||||
|
|
|
@ -245,10 +245,12 @@ return view.extend({
|
|||
fwtool.addLimitOption(s);
|
||||
fwtool.addLimitBurstOption(s);
|
||||
|
||||
o = s.taboption('advanced', form.Value, 'extra', _('Extra arguments'),
|
||||
_('Passes additional arguments to iptables. Use with care!'));
|
||||
o.modalonly = true;
|
||||
o.rmempty = true;
|
||||
if (!L.hasSystemFeature('firewall4')) {
|
||||
o = s.taboption('advanced', form.Value, 'extra', _('Extra arguments'),
|
||||
_('Passes additional arguments to iptables. Use with care!'));
|
||||
o.modalonly = true;
|
||||
o.rmempty = true;
|
||||
}
|
||||
|
||||
o = s.taboption('timed', form.MultiValue, 'weekdays', _('Week Days'));
|
||||
o.modalonly = true;
|
||||
|
|
|
@ -269,32 +269,34 @@ return view.extend({
|
|||
o.placeholder = '10/minute';
|
||||
o.modalonly = true;
|
||||
|
||||
o = s.taboption('extra', form.DummyValue, '_extrainfo');
|
||||
o.rawhtml = true;
|
||||
o.modalonly = true;
|
||||
o.cfgvalue = function(section_id) {
|
||||
return _('Passing raw iptables arguments to source and destination traffic classification rules allows to match packets based on other criteria than interfaces or subnets. These options should be used with extreme care as invalid values could render the firewall ruleset broken, completely exposing all services.');
|
||||
};
|
||||
if (!L.hasSystemFeature('firewall4')) {
|
||||
o = s.taboption('extra', form.DummyValue, '_extrainfo');
|
||||
o.rawhtml = true;
|
||||
o.modalonly = true;
|
||||
o.cfgvalue = function(section_id) {
|
||||
return _('Passing raw iptables arguments to source and destination traffic classification rules allows to match packets based on other criteria than interfaces or subnets. These options should be used with extreme care as invalid values could render the firewall ruleset broken, completely exposing all services.');
|
||||
};
|
||||
|
||||
o = s.taboption('extra', form.Value, 'extra_src', _('Extra source arguments'), _('Additional raw <em>iptables</em> arguments to classify zone source traffic, e.g. <code>-p tcp --sport 443</code> to only match inbound HTTPS traffic.'));
|
||||
o.modalonly = true;
|
||||
o.cfgvalue = function(section_id) {
|
||||
return uci.get('firewall', section_id, 'extra_src') || uci.get('firewall', section_id, 'extra');
|
||||
};
|
||||
o.write = function(section_id, value) {
|
||||
uci.unset('firewall', section_id, 'extra');
|
||||
uci.set('firewall', section_id, 'extra_src', value);
|
||||
};
|
||||
o = s.taboption('extra', form.Value, 'extra_src', _('Extra source arguments'), _('Additional raw <em>iptables</em> arguments to classify zone source traffic, e.g. <code>-p tcp --sport 443</code> to only match inbound HTTPS traffic.'));
|
||||
o.modalonly = true;
|
||||
o.cfgvalue = function(section_id) {
|
||||
return uci.get('firewall', section_id, 'extra_src') || uci.get('firewall', section_id, 'extra');
|
||||
};
|
||||
o.write = function(section_id, value) {
|
||||
uci.unset('firewall', section_id, 'extra');
|
||||
uci.set('firewall', section_id, 'extra_src', value);
|
||||
};
|
||||
|
||||
o = s.taboption('extra', form.Value, 'extra_dest', _('Extra destination arguments'), _('Additional raw <em>iptables</em> arguments to classify zone destination traffic, e.g. <code>-p tcp --dport 443</code> to only match outbound HTTPS traffic.'));
|
||||
o.modalonly = true;
|
||||
o.cfgvalue = function(section_id) {
|
||||
return uci.get('firewall', section_id, 'extra_dest') || uci.get('firewall', section_id, 'extra_src') || uci.get('firewall', section_id, 'extra');
|
||||
};
|
||||
o.write = function(section_id, value) {
|
||||
uci.unset('firewall', section_id, 'extra');
|
||||
uci.set('firewall', section_id, 'extra_dest', value);
|
||||
};
|
||||
o = s.taboption('extra', form.Value, 'extra_dest', _('Extra destination arguments'), _('Additional raw <em>iptables</em> arguments to classify zone destination traffic, e.g. <code>-p tcp --dport 443</code> to only match outbound HTTPS traffic.'));
|
||||
o.modalonly = true;
|
||||
o.cfgvalue = function(section_id) {
|
||||
return uci.get('firewall', section_id, 'extra_dest') || uci.get('firewall', section_id, 'extra_src') || uci.get('firewall', section_id, 'extra');
|
||||
};
|
||||
o.write = function(section_id, value) {
|
||||
uci.unset('firewall', section_id, 'extra');
|
||||
uci.set('firewall', section_id, 'extra_dest', value);
|
||||
};
|
||||
}
|
||||
|
||||
o = s.taboption('general', form.DummyValue, '_forwardinfo');
|
||||
o.rawhtml = true;
|
||||
|
|
|
@ -56,6 +56,9 @@
|
|||
"action": {
|
||||
"type": "view",
|
||||
"path": "firewall/custom"
|
||||
},
|
||||
"depends": {
|
||||
"fs": { "/usr/share/fw3/helpers.conf": "file" }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -207,6 +207,7 @@ local methods = {
|
|||
local ok, fd
|
||||
|
||||
rv.firewall = fs.access("/sbin/fw3")
|
||||
rv.firewall4 = fs.access("/sbin/fw4")
|
||||
rv.opkg = fs.access("/bin/opkg")
|
||||
rv.offloading = fs.access("/sys/module/xt_FLOWOFFLOAD/refcnt")
|
||||
rv.br2684ctl = fs.access("/usr/sbin/br2684ctl")
|
||||
|
|
Loading…
Reference in New Issue