Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/openwrt/luci.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStijn Tintel <stijn@linux-ipv6.be>2021-11-04 05:01:43 +0300
committerStijn Tintel <stijn@linux-ipv6.be>2022-01-06 16:03:57 +0300
commit48599d8d1dbb1f9f2777d74c2a873aa9c873b7eb (patch)
treeaab4307320af4e7bc1dd33974e12fa6c308e6e1b
parentdc0ed9ca93c842d48613003e6f47b66c373e7148 (diff)
luci-app-firewall: initial firewall4 compatibility
Initial changes required for firewall4 compatibility: * depend on uc-firewall instead of firewall * detect installed version of firewall and hide incompatible features Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Reviewed-by: Jo-Philipp Wich <jo@mein.io>
Diffstat
-rw-r--r--applications/luci-app-firewall/Makefile2
-rw-r--r--applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/forwards.js10
-rw-r--r--applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js8
-rw-r--r--applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/snats.js10
-rw-r--r--applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/zones.js54
-rw-r--r--applications/luci-app-firewall/root/usr/share/luci/menu.d/luci-app-firewall.json3
-rwxr-xr-xmodules/luci-base/root/usr/libexec/rpcd/luci1
7 files changed, 50 insertions, 38 deletions
diff --git a/applications/luci-app-firewall/Makefile b/applications/luci-app-firewall/Makefile
index 4fa85f2d5b..2e219d0096 100644
--- a/applications/luci-app-firewall/Makefile
+++ b/applications/luci-app-firewall/Makefile
@@ -7,7 +7,7 @@
include $(TOPDIR)/rules.mk
LUCI_TITLE:=Firewall and Portforwarding application
-LUCI_DEPENDS:=+firewall
+LUCI_DEPENDS:=+uci-firewall
PKG_LICENSE:=Apache-2.0
diff --git a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/forwards.js b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/forwards.js
index 16fae25f42..19274dfd3b 100644
--- a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/forwards.js
+++ b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/forwards.js
@@ -281,10 +281,12 @@ return view.extend({
fwtool.addLimitOption(s);
fwtool.addLimitBurstOption(s);
- o = s.taboption('advanced', form.Value, 'extra', _('Extra arguments'),
- _('Passes additional arguments to iptables. Use with care!'));
- o.modalonly = true;
- o.rmempty = true;
+ if (!L.hasSystemFeature('firewall4')) {
+ o = s.taboption('advanced', form.Value, 'extra', _('Extra arguments'),
+ _('Passes additional arguments to iptables. Use with care!'));
+ o.modalonly = true;
+ o.rmempty = true;
+ }
return m.render();
}
diff --git a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js
index 7f073e99cd..2afb438969 100644
--- a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js
+++ b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js
@@ -432,9 +432,11 @@ return view.extend({
fwtool.addLimitOption(s);
fwtool.addLimitBurstOption(s);
- o = s.taboption('advanced', form.Value, 'extra', _('Extra arguments'),
- _('Passes additional arguments to iptables. Use with care!'));
- o.modalonly = true;
+ if (!L.hasSystemFeature('firewall4')) {
+ o = s.taboption('advanced', form.Value, 'extra', _('Extra arguments'),
+ _('Passes additional arguments to iptables. Use with care!'));
+ o.modalonly = true;
+ }
o = s.taboption('timed', form.MultiValue, 'weekdays', _('Week Days'));
o.modalonly = true;
diff --git a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/snats.js b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/snats.js
index d021397976..e8c90a7574 100644
--- a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/snats.js
+++ b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/snats.js
@@ -245,10 +245,12 @@ return view.extend({
fwtool.addLimitOption(s);
fwtool.addLimitBurstOption(s);
- o = s.taboption('advanced', form.Value, 'extra', _('Extra arguments'),
- _('Passes additional arguments to iptables. Use with care!'));
- o.modalonly = true;
- o.rmempty = true;
+ if (!L.hasSystemFeature('firewall4')) {
+ o = s.taboption('advanced', form.Value, 'extra', _('Extra arguments'),
+ _('Passes additional arguments to iptables. Use with care!'));
+ o.modalonly = true;
+ o.rmempty = true;
+ }
o = s.taboption('timed', form.MultiValue, 'weekdays', _('Week Days'));
o.modalonly = true;
diff --git a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/zones.js b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/zones.js
index f9d84bfb67..58cd2a7c1e 100644
--- a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/zones.js
+++ b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/zones.js
@@ -269,32 +269,34 @@ return view.extend({
o.placeholder = '10/minute';
o.modalonly = true;
- o = s.taboption('extra', form.DummyValue, '_extrainfo');
- o.rawhtml = true;
- o.modalonly = true;
- o.cfgvalue = function(section_id) {
- return _('Passing raw iptables arguments to source and destination traffic classification rules allows to match packets based on other criteria than interfaces or subnets. These options should be used with extreme care as invalid values could render the firewall ruleset broken, completely exposing all services.');
- };
-
- o = s.taboption('extra', form.Value, 'extra_src', _('Extra source arguments'), _('Additional raw <em>iptables</em> arguments to classify zone source traffic, e.g. <code>-p tcp --sport 443</code> to only match inbound HTTPS traffic.'));
- o.modalonly = true;
- o.cfgvalue = function(section_id) {
- return uci.get('firewall', section_id, 'extra_src') || uci.get('firewall', section_id, 'extra');
- };
- o.write = function(section_id, value) {
- uci.unset('firewall', section_id, 'extra');
- uci.set('firewall', section_id, 'extra_src', value);
- };
-
- o = s.taboption('extra', form.Value, 'extra_dest', _('Extra destination arguments'), _('Additional raw <em>iptables</em> arguments to classify zone destination traffic, e.g. <code>-p tcp --dport 443</code> to only match outbound HTTPS traffic.'));
- o.modalonly = true;
- o.cfgvalue = function(section_id) {
- return uci.get('firewall', section_id, 'extra_dest') || uci.get('firewall', section_id, 'extra_src') || uci.get('firewall', section_id, 'extra');
- };
- o.write = function(section_id, value) {
- uci.unset('firewall', section_id, 'extra');
- uci.set('firewall', section_id, 'extra_dest', value);
- };
+ if (!L.hasSystemFeature('firewall4')) {
+ o = s.taboption('extra', form.DummyValue, '_extrainfo');
+ o.rawhtml = true;
+ o.modalonly = true;
+ o.cfgvalue = function(section_id) {
+ return _('Passing raw iptables arguments to source and destination traffic classification rules allows to match packets based on other criteria than interfaces or subnets. These options should be used with extreme care as invalid values could render the firewall ruleset broken, completely exposing all services.');
+ };
+
+ o = s.taboption('extra', form.Value, 'extra_src', _('Extra source arguments'), _('Additional raw <em>iptables</em> arguments to classify zone source traffic, e.g. <code>-p tcp --sport 443</code> to only match inbound HTTPS traffic.'));
+ o.modalonly = true;
+ o.cfgvalue = function(section_id) {
+ return uci.get('firewall', section_id, 'extra_src') || uci.get('firewall', section_id, 'extra');
+ };
+ o.write = function(section_id, value) {
+ uci.unset('firewall', section_id, 'extra');
+ uci.set('firewall', section_id, 'extra_src', value);
+ };
+
+ o = s.taboption('extra', form.Value, 'extra_dest', _('Extra destination arguments'), _('Additional raw <em>iptables</em> arguments to classify zone destination traffic, e.g. <code>-p tcp --dport 443</code> to only match outbound HTTPS traffic.'));
+ o.modalonly = true;
+ o.cfgvalue = function(section_id) {
+ return uci.get('firewall', section_id, 'extra_dest') || uci.get('firewall', section_id, 'extra_src') || uci.get('firewall', section_id, 'extra');
+ };
+ o.write = function(section_id, value) {
+ uci.unset('firewall', section_id, 'extra');
+ uci.set('firewall', section_id, 'extra_dest', value);
+ };
+ }
o = s.taboption('general', form.DummyValue, '_forwardinfo');
o.rawhtml = true;
diff --git a/applications/luci-app-firewall/root/usr/share/luci/menu.d/luci-app-firewall.json b/applications/luci-app-firewall/root/usr/share/luci/menu.d/luci-app-firewall.json
index f8a3553a7b..8fd1e9cae2 100644
--- a/applications/luci-app-firewall/root/usr/share/luci/menu.d/luci-app-firewall.json
+++ b/applications/luci-app-firewall/root/usr/share/luci/menu.d/luci-app-firewall.json
@@ -56,6 +56,9 @@
"action": {
"type": "view",
"path": "firewall/custom"
+ },
+ "depends": {
+ "fs": { "/usr/share/fw3/helpers.conf": "file" }
}
}
}
diff --git a/modules/luci-base/root/usr/libexec/rpcd/luci b/modules/luci-base/root/usr/libexec/rpcd/luci
index 19cdb0ad39..fbfc3c7a59 100755
--- a/modules/luci-base/root/usr/libexec/rpcd/luci
+++ b/modules/luci-base/root/usr/libexec/rpcd/luci
@@ -207,6 +207,7 @@ local methods = {
local ok, fd
rv.firewall = fs.access("/sbin/fw3")
+ rv.firewall4 = fs.access("/sbin/fw4")
rv.opkg = fs.access("/bin/opkg")
rv.offloading = fs.access("/sys/module/xt_FLOWOFFLOAD/refcnt")
rv.br2684ctl = fs.access("/usr/sbin/br2684ctl")
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-20 21:24:53 +0300