applications/luci-app-banip/luasrc/model/cbi/banip/overview_tab.lua

   1 -- Copyright 2018 Dirk Brenken (dev@brenken.org)
   2 -- This is free software, licensed under the Apache License, Version 2.0
   3
   4 local fs      = require("nixio.fs")
   5 local uci     = require("luci.model.uci").cursor()
   6 local sys     = require("luci.sys")
   7 local net     = require "luci.model.network".init()
   8 local util    = require("luci.util")
   9 local dump    = util.ubus("network.interface", "dump", {})
  10 local devices = sys.net:devices()
  11
  12 m = Map("banip", translate("banIP"),
  13         translate("Configuration of the banIP package to block ip adresses/subnets via IPSet. ")
  14         .. translatef("For further information "
  15         .. "<a href=\"%s\" target=\"_blank\">"
  16         .. "check the online documentation</a>", "https://github.com/openwrt/packages/blob/master/net/banip/files/README.md"))
  17
  18 -- Main banIP Options
  19
  20 s = m:section(NamedSection, "global", "banip")
  21
  22 o1 = s:option(Flag, "ban_enabled", translate("Enable banIP"))
  23 o1.default = o1.disabled
  24 o1.rmempty = false
  25
  26 o2 = s:option(Flag, "ban_automatic", translate("Automatic WAN Interface Detection"))
  27 o2.default = o2.enabled
  28 o2.rmempty = false
  29
  30 o3 = s:option(MultiValue, "ban_iface", translate("Interface Selection"),
  31         translate("Disable the automatic WAN detection and select your preferred interface(s) manually."))
  32 for _, dev in ipairs(devices) do
  33         if dev ~= "lo" and dev ~= "br-lan" then
  34                 local iface = net:get_interface(dev)
  35                 if iface then
  36                         iface = iface:get_networks() or {}
  37                         for k, v in pairs(iface) do
  38                                 iface[k] = iface[k].sid
  39                                 if iface[k] ~= "lan" then
  40                                         o3:value(iface[k], iface[k].. " (" ..dev.. ")")
  41                                 end
  42                         end
  43                 end
  44         end
  45 end
  46 o3.widget = "checkbox"
  47 o3.default = ban_iface
  48 o3.rmempty = false
  49
  50 o4 = s:option(ListValue, "ban_fetchutil", translate("Download Utility"),
  51         translate("List of supported and fully pre-configured download utilities."))
  52 o4:value("uclient-fetch")
  53 o4:value("wget")
  54 o4:value("curl")
  55 o4:value("aria2c")
  56 o4:value("wget-nossl", "wget-nossl (noSSL)")
  57 o4:value("busybox", "wget-busybox (noSSL)")
  58 o4.default = "uclient-fetch"
  59 o4.rmempty = false
  60
  61 -- Runtime Information
  62
  63 ds = s:option(DummyValue, "_dummy")
  64 ds.template = "banip/runtime"
  65
  66 -- Source Table
  67
  68 bl = m:section(TypedSection, "source", translate("IP Blocklist Sources"))
  69 bl.template = "banip/sourcelist"
  70
  71 ssl = bl:option(DummyValue, "ban_src", translate("SSL req."))
  72 function ssl.cfgvalue(self, section)
  73         local source = self.map:get(section, "ban_src") or self.map:get(section, "ban_src_6")
  74         if source then
  75                 if source:match("https://") then
  76                         return translate("Yes")
  77                 else
  78                         return translate("No")
  79                 end
  80         end
  81         return translate("n/a")
  82 end
  83
  84 name_4 = bl:option(Flag, "ban_src_on", translate("enable IPv4"))
  85 name_4.rmempty = false
  86
  87 name_6 = bl:option(Flag, "ban_src_on_6", translate("enable IPv6"))
  88 name_6.rmempty = false
  89
  90 type = bl:option(ListValue, "ban_src_ruletype", translate("SRC/DST"))
  91 type:value("src")
  92 type:value("dst")
  93 type:value("src+dst")
  94 type.default = "src"
  95 type.rmempty = false
  96
  97 des = bl:option(DummyValue, "ban_src_desc", translate("Description"))
  98
  99 cat = bl:option(DynamicList, "ban_src_cat", translate("ASN/Country"))
 100 cat.datatype = "uciname"
 101 cat.optional = true
 102
 103 -- Extra options
 104
 105 e = m:section(NamedSection, "extra", "banip", translate("Extra Options"),
 106         translate("Options for further tweaking in case the defaults are not suitable for you."))
 107
 108 e1 = e:option(Flag, "ban_debug", translate("Verbose Debug Logging"),
 109         translate("Enable verbose debug logging in case of any processing error."))
 110 e1.default = e1.disabled
 111 e1.rmempty = false
 112
 113 e2 = e:option(Flag, "ban_nice", translate("Low Priority Service"),
 114         translate("Set the nice level to 'low priority' and banIP background processing will take less resources from the system. ")
 115         ..translate("This change requires a manual service stop/re-start to take effect."))
 116 e2.default = e2.disabled
 117 e2.disabled = "0"
 118 e2.enabled = "10"
 119 e2.rmempty = false
 120
 121 e3 = e:option(Value, "ban_maxqueue", translate("Max. Download Queue"),
 122         translate("Size of the download queue to handle downloads &amp; IPset processing in parallel (default '8'). ")
 123         .. translate("For further performance improvements you can raise this value, e.g. '16' or '32' should be safe."))
 124 e3.default = 8
 125 e3.datatype = "range(1,32)"
 126 e3.rmempty = false
 127
 128 e4 = e:option(Value, "ban_triggerdelay", translate("Trigger Delay"),
 129         translate("Additional trigger delay in seconds before banIP processing begins."))
 130 e4.default = 2
 131 e4.datatype = "range(1,60)"
 132 e4.optional = true
 133
 134 e5 = e:option(Value, "ban_fetchparm", translate("Download Options"),
 135         translate("Special options for the selected download utility, e.g. '--timeout=20 --no-check-certificate -O'."))
 136 e5.optional = true
 137
 138 e10 = e:option(Value, "ban_wan_input_chain", translate("WAN Input Chain IPv4"))
 139 e10.default = "input_wan_rule"
 140 e10.datatype = "uciname"
 141 e10.optional = true
 142
 143 e11 = e:option(Value, "ban_wan_forward_chain", translate("WAN Forward Chain IPv4"))
 144 e11.default = "forwarding_wan_rule"
 145 e11.datatype = "uciname"
 146 e11.optional = true
 147
 148 e12 = e:option(Value, "ban_lan_input_chain", translate("LAN Input Chain IPv4"))
 149 e12.default = "input_lan_rule"
 150 e12.datatype = "uciname"
 151 e12.optional = true
 152
 153 e13 = e:option(Value, "ban_lan_forward_chain", translate("LAN Forward Chain IPv4"))
 154 e13.default = "forwarding_lan_rule"
 155 e13.datatype = "uciname"
 156 e13.optional = true
 157
 158 e14 = e:option(ListValue, "ban_target_src", translate("SRC Target IPv4"))
 159 e14:value("REJECT")
 160 e14:value("DROP")
 161 e14.default = "DROP"
 162 e14.optional = true
 163
 164 e15 = e:option(ListValue, "ban_target_dst", translate("DST Target IPv4"))
 165 e15:value("REJECT")
 166 e15:value("DROP")
 167 e15.default = "REJECT"
 168 e15.optional = true
 169
 170 e16 = e:option(Value, "ban_wan_input_chain_6", translate("WAN Input Chain IPv6"))
 171 e16.default = "input_wan_rule"
 172 e16.datatype = "uciname"
 173 e16.optional = true
 174
 175 e17 = e:option(Value, "ban_wan_forward_chain_6", translate("WAN Forward Chain IPv6"))
 176 e17.default = "forwarding_wan_rule"
 177 e17.datatype = "uciname"
 178 e17.optional = true
 179
 180 e18 = e:option(Value, "ban_lan_input_chain_6", translate("LAN Input Chain IPv6"))
 181 e18.default = "input_lan_rule"
 182 e18.datatype = "uciname"
 183 e18.optional = true
 184
 185 e19 = e:option(Value, "ban_lan_forward_chain_6", translate("LAN Forward Chain IPv6"))
 186 e19.default = "forwarding_lan_rule"
 187 e19.datatype = "uciname"
 188 e19.optional = true
 189
 190 e20 = e:option(ListValue, "ban_target_src_6", translate("SRC Target IPv6"))
 191 e20:value("REJECT")
 192 e20:value("DROP")
 193 e20.default = "DROP"
 194 e20.optional = true
 195
 196 e21 = e:option(ListValue, "ban_target_dst_6", translate("DST Target IPv6"))
 197 e21:value("REJECT")
 198 e21:value("DROP")
 199 e21.default = "REJECT"
 200 e21.optional = true
 201
 202 return m