projects / project / luci.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
luci-app-banip: sync with banIP 0.8.2
[project/luci.git] / applications / luci-app-banip / htdocs / luci-static / resources / view / banip / overview.js
1 'use strict';
2 'require view';
3 'require poll';
4 'require fs';
5 'require ui';
6 'require uci';
7 'require form';
8 'require tools.widgets as widgets';
9
10 /*
11 button handling
12 */
13 function handleAction(ev) {
14 fs.exec_direct('/etc/init.d/banip', [ev])
15 }
16
17 return view.extend({
18 load: function () {
19 return Promise.all([
20 L.resolveDefault(fs.read_direct('/etc/banip/banip.feeds'), ''),
21 L.resolveDefault(fs.read_direct('/etc/banip/banip.countries'), ''),
22 uci.load('banip')
23 ]);
24 },
25
26 render: function (result) {
27 var m, s, o;
28
29 m = new form.Map('banip', 'banIP', _('Configuration of the banIP package to ban incoming and outgoing ip addresses/subnets via sets in nftables. \
30 For further information <a href="https://github.com/openwrt/packages/blob/master/net/banip/files/README.md" target="_blank" rel="noreferrer noopener" >check the online documentation</a>'));
31
32 /*
33 poll runtime information
34 */
35 var rt_res, inf_stat, inf_version, inf_elements, inf_feeds, inf_feedarray, inf_devices, inf_devicearray, inf_interfaces, inf_interfacearray
36 var inf_subnets, inf_subnetarray, inf_infos, inf_flags, inf_run, inf_system
37
38 pollData: poll.add(function () {
39 return L.resolveDefault(fs.read_direct('/var/run/banip_runtime.json'), 'null').then(function (res) {
40 rt_res = JSON.parse(res);
41 inf_stat = document.getElementById('status');
42 if (inf_stat && rt_res) {
43 L.resolveDefault(fs.exec_direct('/etc/init.d/banip', ['status', 'update'])).then(function (update_res) {
44 inf_stat.textContent = (rt_res.status + ' (' + update_res.trim() + ')' || '-');
45 });
46 if (rt_res.status === "processing") {
47 if (!inf_stat.classList.contains("spinning")) {
48 inf_stat.classList.add("spinning");
49 }
50 } else {
51 if (inf_stat.classList.contains("spinning")) {
52 inf_stat.classList.remove("spinning");
53 }
54 }
55 } else if (inf_stat) {
56 inf_stat.textContent = '-';
57 if (inf_stat.classList.contains("spinning")) {
58 inf_stat.classList.remove("spinning");
59 }
60 }
61 inf_version = document.getElementById('version');
62 if (inf_version && rt_res) {
63 inf_version.textContent = rt_res.version || '-';
64 }
65 inf_elements = document.getElementById('elements');
66 if (inf_elements && rt_res) {
67 inf_elements.textContent = rt_res.element_count || '-';
68 }
69 inf_feeds = document.getElementById('feeds');
70 inf_feedarray = [];
71 if (inf_feeds && rt_res) {
72 for (var i = 0; i < rt_res.active_feeds.length; i++) {
73 if (i < rt_res.active_feeds.length - 1) {
74 inf_feedarray += rt_res.active_feeds[i].feed + ', ';
75 } else {
76 inf_feedarray += rt_res.active_feeds[i].feed
77 }
78 }
79 inf_feeds.textContent = inf_feedarray || '-';
80 }
81 inf_devices = document.getElementById('devices');
82 inf_devicearray = [];
83 if (inf_devices && rt_res) {
84 for (var i = 0; i < rt_res.active_devices.length; i++) {
85 if (i < rt_res.active_devices.length - 1) {
86 inf_devicearray += rt_res.active_devices[i].device + ', ';
87 } else {
88 inf_devicearray += rt_res.active_devices[i].device
89 }
90 }
91 inf_devices.textContent = inf_devicearray || '-';
92 }
93 inf_interfaces = document.getElementById('interfaces');
94 inf_interfacearray = [];
95 if (inf_interfaces && rt_res) {
96 for (var i = 0; i < rt_res.active_interfaces.length; i++) {
97 if (i < rt_res.active_interfaces.length - 1) {
98 inf_interfacearray += rt_res.active_interfaces[i].interface + ', ';
99 } else {
100 inf_interfacearray += rt_res.active_interfaces[i].interface
101 }
102 }
103 inf_interfaces.textContent = inf_interfacearray || '-';
104 }
105 inf_subnets = document.getElementById('subnets');
106 inf_subnetarray = [];
107 if (inf_subnets && rt_res) {
108 for (var i = 0; i < rt_res.active_subnets.length; i++) {
109 if (i < rt_res.active_subnets.length - 1) {
110 inf_subnetarray += rt_res.active_subnets[i].subnet + ', ';
111 } else {
112 inf_subnetarray += rt_res.active_subnets[i].subnet
113 }
114 }
115 inf_subnets.textContent = inf_subnetarray || '-';
116 }
117 inf_infos = document.getElementById('infos');
118 if (inf_infos && rt_res) {
119 inf_infos.textContent = rt_res.run_info || '-';
120 }
121 inf_flags = document.getElementById('flags');
122 if (inf_flags && rt_res) {
123 inf_flags.textContent = rt_res.run_flags || '-';
124 }
125 inf_run = document.getElementById('run');
126 if (inf_run && rt_res) {
127 inf_run.textContent = rt_res.last_run || '-';
128 }
129 inf_system = document.getElementById('system');
130 if (inf_system && rt_res) {
131 inf_system.textContent = rt_res.system_info || '-';
132 }
133 });
134 }, 1);
135
136 /*
137 runtime information and buttons
138 */
139 s = m.section(form.NamedSection, 'global');
140 s.render = L.bind(function (view, section_id) {
141 return E('div', { 'class': 'cbi-section' }, [
142 E('h3', _('Information')),
143 E('div', { 'class': 'cbi-value' }, [
144 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Status')),
145 E('div', { 'class': 'cbi-value-field spinning', 'id': 'status', 'style': 'color:#37c' }, '\xa0')
146 ]),
147 E('div', { 'class': 'cbi-value' }, [
148 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Version')),
149 E('div', { 'class': 'cbi-value-field', 'id': 'version', 'style': 'color:#37c' }, '-')
150 ]),
151 E('div', { 'class': 'cbi-value' }, [
152 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Element Count')),
153 E('div', { 'class': 'cbi-value-field', 'id': 'elements', 'style': 'color:#37c' }, '-')
154 ]),
155 E('div', { 'class': 'cbi-value' }, [
156 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Active Feeds')),
157 E('div', { 'class': 'cbi-value-field', 'id': 'feeds', 'style': 'color:#37c' }, '-')
158 ]),
159 E('div', { 'class': 'cbi-value' }, [
160 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Active Devices')),
161 E('div', { 'class': 'cbi-value-field', 'id': 'devices', 'style': 'color:#37c' }, '-')
162 ]),
163 E('div', { 'class': 'cbi-value' }, [
164 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Active Interfaces')),
165 E('div', { 'class': 'cbi-value-field', 'id': 'interfaces', 'style': 'color:#37c' }, '-')
166 ]),
167 E('div', { 'class': 'cbi-value' }, [
168 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Active Subnets')),
169 E('div', { 'class': 'cbi-value-field', 'id': 'subnets', 'style': 'color:#37c' }, '-')
170 ]),
171 E('div', { 'class': 'cbi-value' }, [
172 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Run Information')),
173 E('div', { 'class': 'cbi-value-field', 'id': 'infos', 'style': 'color:#37c' }, '-')
174 ]),
175 E('div', { 'class': 'cbi-value' }, [
176 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Run Flags')),
177 E('div', { 'class': 'cbi-value-field', 'id': 'flags', 'style': 'color:#37c' }, '-')
178 ]),
179 E('div', { 'class': 'cbi-value' }, [
180 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Last Run')),
181 E('div', { 'class': 'cbi-value-field', 'id': 'run', 'style': 'color:#37c' }, '-')
182 ]),
183 E('div', { 'class': 'cbi-value' }, [
184 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('System Information')),
185 E('div', { 'class': 'cbi-value-field', 'id': 'system', 'style': 'color:#37c' }, '-')
186 ]),
187 E('div', { class: 'right' }, [
188 E('button', {
189 'class': 'btn cbi-button cbi-button-negative',
190 'click': ui.createHandlerFn(this, function () {
191 return handleAction('stop');
192 })
193 }, [_('Stop')]),
194 '\xa0\xa0\xa0',
195 E('button', {
196 'class': 'btn cbi-button cbi-button-positive',
197 'click': ui.createHandlerFn(this, function () {
198 return handleAction('reload');
199 })
200 }, [_('Reload')]),
201 '\xa0\xa0\xa0',
202 E('button', {
203 'class': 'btn cbi-button cbi-button-positive',
204 'click': ui.createHandlerFn(this, function () {
205 return handleAction('restart');
206 })
207 }, [_('Restart')])
208 ])
209 ]);
210 }, o, this);
211 this.pollData;
212
213 /*
214 tabbed config section
215 */
216 s = m.section(form.NamedSection, 'global', 'banip', _('Settings'));
217 s.addremove = false;
218 s.tab('general', _('General Settings'));
219 s.tab('advanced', _('Advanced Settings'));
220 s.tab('adv_chain', _('Chain/Set Settings'));
221 s.tab('adv_log', _('Log Settings'));
222 s.tab('adv_email', _('E-Mail Settings'));
223 s.tab('feeds', _('Blocklist Feeds'));
224
225 /*
226 general settings tab
227 */
228 o = s.taboption('general', form.Flag, 'ban_enabled', _('Enabled'), _('Enable the banIP service.'));
229 o.rmempty = false;
230
231 o = s.taboption('general', form.Flag, 'ban_debug', _('Verbose Debug Logging'), _('Enable verbose debug logging in case of processing errors.'));
232 o.rmempty = false;
233
234 o = s.taboption('general', form.Flag, 'ban_autodetect', _('Auto Detection'), _('Detect relevant network devices, interfaces, subnets, protocols and utilities automatically.'));
235 o.rmempty = false;
236
237 o = s.taboption('general', form.Flag, 'ban_protov4', _('IPv4 Support'), _('Enables IPv4 support.'));
238 o.depends('ban_autodetect', '0');
239 o.optional = true;
240 o.retain = true;
241
242 o = s.taboption('general', form.Flag, 'ban_protov6', _('IPv6 Support'), _('Enables IPv6 support.'));
243 o.depends('ban_autodetect', '0');
244 o.optional = true;
245 o.retain = true;
246
247 o = s.taboption('general', widgets.DeviceSelect, 'ban_dev', _('Network Devices'), _('Select the WAN network device(s).'));
248 o.depends('ban_autodetect', '0');
249 o.unspecified = true;
250 o.multiple = true;
251 o.nocreate = true;
252 o.optional = true;
253 o.retain = true;
254
255 o = s.taboption('general', widgets.NetworkSelect, 'ban_ifv4', _('Network Interfaces'), _('Select the logical WAN IPv4 network interface(s).'));
256 o.depends('ban_autodetect', '0');
257 o.unspecified = true;
258 o.multiple = true;
259 o.nocreate = true;
260 o.optional = true;
261 o.retain = true;
262
263 o = s.taboption('general', widgets.NetworkSelect, 'ban_ifv6', _('Network Interfaces'), _('Select the logical WAN IPv6 network interface(s).'));
264 o.depends('ban_autodetect', '0');
265 o.unspecified = true;
266 o.multiple = true;
267 o.nocreate = true;
268 o.optional = true;
269 o.retain = true;
270
271 o = s.taboption('general', form.ListValue, 'ban_fetchcmd', _('Download Utility'), _('Select one of the pre-configured download utilities.'));
272 o.depends('ban_autodetect', '0');
273 o.value('uclient-fetch');
274 o.value('wget');
275 o.value('curl');
276 o.value('aria2c');
277 o.optional = true;
278 o.retain = true;
279
280 o = s.taboption('general', form.Value, 'ban_fetchparm', _('Download Parameters'), _('Override the pre-configured download options for the selected download utility.'))
281 o.depends('ban_autodetect', '0');
282 o.optional = true;
283 o.retain = true;
284
285 o = s.taboption('general', widgets.NetworkSelect, 'ban_trigger', _('Startup Trigger Interface'), _('List of available network interfaces to trigger the banIP start.'));
286 o.unspecified = true;
287 o.multiple = true;
288 o.nocreate = true;
289 o.rmempty = true;
290
291 o = s.taboption('general', form.Value, 'ban_triggerdelay', _('Trigger Delay'), _('Additional trigger delay in seconds before banIP processing actually starts.'));
292 o.placeholder = '10';
293 o.datatype = 'range(1,300)';
294 o.rmempty = true;
295
296 o = s.taboption('general', form.Flag, 'ban_deduplicate', _('Deduplicate IPs'), _('Deduplicate IP addresses across all active sets and and tidy up the local blocklist.'));
297 o.default = 1
298 o.rmempty = false;
299
300 o = s.taboption('general', form.Flag, 'ban_loginput', _('Log WAN-Input'), _('Log suspicious incoming WAN packets (dropped).'));
301 o.default = 1
302 o.rmempty = false;
303
304 o = s.taboption('general', form.Flag, 'ban_logforwardwan', _('Log WAN-Forward'), _('Log suspicious forwarded WAN packets (dropped).'));
305 o.default = 1
306 o.rmempty = false;
307
308 o = s.taboption('general', form.Flag, 'ban_logforwardlan', _('Log LAN-Forward'), _('Log suspicious forwarded LAN packets (rejected).'));
309 o.rmempty = false;
310
311 /*
312 additional settings tab
313 */
314 o = s.taboption('advanced', form.DummyValue, '_sub');
315 o.rawhtml = true;
316 o.default = '<em><b>Changes on this tab needs a banIP service restart to take effect.</b></em>';
317
318 o = s.taboption('advanced', form.ListValue, 'ban_nicelimit', _('Nice Level'), _('The selected priority will be used for banIP background processing.'));
319 o.value('-20', _('Highest Priority'));
320 o.value('-10', _('High Priority'));
321 o.value('0', _('Normal Priority (default)'));
322 o.value('10', _('Less Priority'));
323 o.value('19', _('Least Priority'));
324 o.optional = true;
325 o.rmempty = true;
326
327 o = s.taboption('advanced', form.ListValue, 'ban_filelimit', _('Max Open Files'), _('Increase the maximal number of open files, e.g. to handle the amount of temporary split files while loading the sets.'));
328 o.value('512', _('512'));
329 o.value('1024', _('1024 (default)'));
330 o.value('2048', _('2048'));
331 o.value('4096', _('4096'));
332 o.optional = true;
333 o.rmempty = true;
334
335 o = s.taboption('advanced', form.ListValue, 'ban_cores', _('CPU Cores'), _('Limit the cpu cores used by banIP to save RAM.'));
336 o.value('1');
337 o.value('2');
338 o.value('4');
339 o.value('8');
340 o.value('16');
341 o.optional = true;
342 o.rmempty = true;
343
344 o = s.taboption('advanced', form.ListValue, 'ban_splitsize', _('Set Split Size'), _('Split external set loading after every n members to save RAM.'));
345 o.value('256');
346 o.value('512');
347 o.value('1024');
348 o.value('2048');
349 o.value('4096');
350 o.optional = true;
351 o.rmempty = true;
352
353 o = s.taboption('advanced', form.Value, 'ban_basedir', _('Base Directory'), _('Base working directory while banIP processing.'));
354 o.placeholder = '/tmp';
355 o.rmempty = true;
356
357 o = s.taboption('advanced', form.Value, 'ban_backupdir', _('Backup Directory'), _('Target directory for compressed source list backups.'));
358 o.placeholder = '/tmp/banIP-backup';
359 o.rmempty = true;
360
361 o = s.taboption('advanced', form.Value, 'ban_reportdir', _('Report Directory'), _('Target directory for IPSet related report files.'));
362 o.placeholder = '/tmp/banIP-report';
363 o.rmempty = true;
364
365 o = s.taboption('advanced', form.Flag, 'ban_reportelements', _('Report Elements'), _('List Set elements in the report, disable this to speed up the report significantly.'));
366 o.default = 1
367 o.optional = true;
368
369 o = s.taboption('advanced', form.Flag, 'ban_fetchinsecure', _('Download Insecure'), _('Don\'t check SSL server certificates during download.'));
370 o.rmempty = true;
371
372 /*
373 advanced chain/set settings tab
374 */
375 o = s.taboption('adv_chain', form.DummyValue, '_sub');
376 o.rawhtml = true;
377 o.default = '<em><b>Changes on this tab needs a banIP service restart to take effect.</b></em>';
378
379 o = s.taboption('adv_chain', form.ListValue, 'ban_nftpriority', _('Chain Priority'), _('Set the nft chain priority within the banIP table. Please note: lower values means higher priority.'));
380 o.value('0', _('0'));
381 o.value('-100', _('-100'));
382 o.value('-200', _('-200 (default)'));
383 o.value('-300', _('-300'));
384 o.value('-400', _('-400'));
385 o.optional = true;
386 o.rmempty = true;
387
388 if (result[0]) {
389 var feed, feeds;
390 feeds = JSON.parse(result[0]);
391
392 o = s.taboption('adv_chain', form.MultiValue, 'ban_blockinput', _('WAN-Input Chain'), _('Limit certain feeds to the WAN-Input chain.'));
393 for (var i = 0; i < Object.keys(feeds).length; i++) {
394 feed = Object.keys(feeds)[i].trim();
395 o.value(feed);
396 }
397 o.optional = true;
398 o.rmempty = true;
399
400 o = s.taboption('adv_chain', form.MultiValue, 'ban_blockforwardwan', _('WAN-Forward Chain'), _('Limit certain feeds to the WAN-Forward chain.'));
401 for (var i = 0; i < Object.keys(feeds).length; i++) {
402 feed = Object.keys(feeds)[i].trim();
403 o.value(feed);
404 }
405 o.optional = true;
406 o.rmempty = true;
407
408 o = s.taboption('adv_chain', form.MultiValue, 'ban_blockforwardlan', _('LAN-Forward Chain'), _('Limit certain feeds to the LAN-Forward chain.'));
409 for (var i = 0; i < Object.keys(feeds).length; i++) {
410 feed = Object.keys(feeds)[i].trim();
411 o.value(feed);
412 }
413 o.optional = true;
414 o.rmempty = true;
415 }
416
417 o = s.taboption('adv_chain', form.ListValue, 'ban_nftexpiry', _('Blocklist Expiry'), _('Expiry time for auto added blocklist set members.'));
418 o.value('10s');
419 o.value('1m');
420 o.value('5m');
421 o.value('1h');
422 o.value('2h');
423 o.optional = true;
424 o.rmempty = true;
425
426 /*
427 advanced log settings tab
428 */
429 o = s.taboption('adv_log', form.DummyValue, '_sub');
430 o.rawhtml = true;
431 o.default = '<em><b>Changes on this tab needs a banIP service restart to take effect.</b></em>';
432
433 o = s.taboption('adv_log', form.ListValue, 'ban_loglimit', _('Log Limit'), _('Parse only the last stated number of log entries for suspicious events.'));
434 o.value('50', _('50'));
435 o.value('100', _('100 (default)'));
436 o.value('250', _('250'));
437 o.value('500', _('500'));
438 o.value('1000', _('1000'));
439 o.optional = true;
440 o.rmempty = true;
441
442 o = s.taboption('adv_log', form.Value, 'ban_logcount', _('Log Count'), _('Number of failed login attempts of the same IP in the log before blocking.'));
443 o.placeholder = '1';
444 o.datatype = 'range(1,10)';
445 o.rmempty = true;
446
447 o = s.taboption('adv_log', form.DynamicList, 'ban_logterm', _('Log Terms'), _('The default log terms / regular expressions are filtering suspicious ssh, LuCI, nginx and asterisk traffic.'));
448 o.optional = true;
449 o.rmempty = true;
450
451 /*
452 advanced email settings tab
453 */
454 o = s.taboption('adv_email', form.DummyValue, '_sub');
455 o.rawhtml = true;
456 o.default = '<em><b>To enable email notifications, set up the \'msmtp\' package and specify a vaild E-Mail receiver address.</b></em>';
457
458 o = s.taboption('adv_email', form.Value, 'ban_mailreceiver', _('E-Mail Receiver Address'), _('Receiver address for banIP notification E-Mails, this information is required to enable E-Mail functionality.'));
459 o.placeholder = 'name@example.com';
460 o.rmempty = true;
461
462 o = s.taboption('adv_email', form.Value, 'ban_mailsender', _('E-Mail Sender Address'), _('Sender address for banIP notification E-Mails.'));
463 o.placeholder = 'no-reply@banIP';
464 o.rmempty = true;
465
466 o = s.taboption('adv_email', form.Value, 'ban_mailtopic', _('E-Mail Topic'), _('Topic for banIP notification E-Mails.'));
467 o.placeholder = 'banIP notification';
468 o.rmempty = true;
469
470 o = s.taboption('adv_email', form.Value, 'ban_mailprofile', _('E-Mail Profile'), _('Profile used by \'msmtp\' for banIP notification E-Mails.'));
471 o.placeholder = 'ban_notify';
472 o.datatype = 'uciname';
473 o.rmempty = true;
474
475 /*
476 blocklist feeds tab
477 */
478 o = s.taboption('feeds', form.DummyValue, '_sub');
479 o.rawhtml = true;
480 o.default = '<em><b>List of supported and fully pre-configured banIP feeds.</b></em>';
481
482 if (result[0]) {
483 var focus, feed, feeds;
484 feeds = JSON.parse(result[0]);
485
486 o = s.taboption('feeds', form.MultiValue, 'ban_feed', _('Feed Selection'));
487 for (var i = 0; i < Object.keys(feeds).length; i++) {
488 feed = Object.keys(feeds)[i].trim();
489 focus = feeds[feed].focus.trim();
490 o.value(feed, feed + ' (' + focus + ')');
491 }
492 o.optional = true;
493 o.rmempty = true;
494 }
495
496 /*
497 prepare country data
498 */
499 var code, country, countries = [];
500 if (result[1]) {
501 countries = result[1].trim().split('\n');
502
503 o = s.taboption('feeds', form.MultiValue, 'ban_country', _('Countries'));
504 for (var i = 0; i < countries.length; i++) {
505 code = countries[i].match(/^(\w+);/)[1].trim();
506 country = countries[i].match(/^\w+;(.*$)/)[1].trim();
507 o.value(code, country);
508 }
509 o.optional = true;
510 o.rmempty = true;
511 }
512
513 o = s.taboption('feeds', form.DynamicList, 'ban_asn', _('ASNs'));
514 o.datatype = 'uinteger';
515 o.optional = true;
516 o.rmempty = true;
517
518 o = s.taboption('feeds', form.Flag, 'ban_autoallowlist', _('Auto Allowlist'), _('Automatically transfers uplink IPs to the banIP allowlist.'));
519 o.default = 1
520 o.rmempty = false;
521
522 o = s.taboption('feeds', form.Flag, 'ban_autoblocklist', _('Auto Blocklist'), _('Automatically transfers suspicious IPs to the banIP blocklist.'));
523 o.default = 1
524 o.rmempty = false;
525
526 o = s.taboption('feeds', form.Flag, 'ban_allowlistonly', _('Allowlist Only'), _('Restrict the internet access from/to a small number of secure IPs.'));
527 o.rmempty = false;
528
529 return m.render();
530 },
531 handleReset: null
532 });
Lua Configuration Interface (mirror)