applications/luci-app-mwan3/luasrc/model/cbi/mwan/ruleconfig.lua

   1 -- Copyright 2014 Aedan Renner <chipdankly@gmail.com>
   2 -- Copyright 2018 Florian Eckert <fe@dev.tdt.de>
   3 -- Licensed to the public under the GNU General Public License v2.
   4
   5 local dsp = require "luci.dispatcher"
   6 local util   = require("luci.util")
   7
   8 local m, s, o
   9
  10 arg[1] = arg[1] or ""
  11
  12 local ipsets = util.split(util.trim(util.exec("ipset -n -L 2>/dev/null | grep -v mwan3_ | sort")), "\n", nil, true) or {}
  13
  14 m = Map("mwan3", translatef("MWAN Rule Configuration - %s", arg[1]))
  15 m.redirect = dsp.build_url("admin", "network", "mwan", "rule")
  16
  17 s = m:section(NamedSection, arg[1], "rule", "")
  18 s.addremove = false
  19 s.dynamic = false
  20
  21 o = s:option(ListValue, "family", translate("Internet Protocol"))
  22 o.default = ""
  23 o:value("", translate("IPv4 and IPv6"))
  24 o:value("ipv4", translate("only IPv4"))
  25 o:value("ipv6", translate("only IPv6"))
  26
  27 o = s:option(Value, "src_ip", translate("Source address"),
  28         translate("Supports CIDR notation (eg \"192.168.100.0/24\") without quotes"))
  29 o.datatype = ipaddr
  30
  31 o = s:option(Value, "src_port", translate("Source port"),
  32         translate("May be entered as a single or multiple port(s) (eg \"22\" or \"80,443\") or as a portrange (eg \"1024:2048\") without quotes"))
  33
  34 o = s:option(Value, "dest_ip", translate("Destination address"),
  35         translate("Supports CIDR notation (eg \"192.168.100.0/24\") without quotes"))
  36 o.datatype = ipaddr
  37
  38 o = s:option(Value, "dest_port", translate("Destination port"),
  39         translate("May be entered as a single or multiple port(s) (eg \"22\" or \"80,443\") or as a portrange (eg \"1024:2048\") without quotes"))
  40
  41 o = s:option(Value, "proto", translate("Protocol"),
  42         translate("View the content of /etc/protocols for protocol description"))
  43 o.default = "all"
  44 o.rmempty = false
  45 o:value("all")
  46 o:value("tcp")
  47 o:value("udp")
  48 o:value("icmp")
  49 o:value("esp")
  50
  51 o = s:option(ListValue, "sticky", translate("Sticky"),
  52         translate("Traffic from the same source IP address that previously matched this rule within the sticky timeout period will use the same WAN interface"))
  53 o.default = "0"
  54 o:value("1", translate("Yes"))
  55 o:value("0", translate("No"))
  56
  57 o = s:option(Value, "timeout", translate("Sticky timeout"),
  58         translate("Seconds. Acceptable values: 1-1000000. Defaults to 600 if not set"))
  59 o.datatype = "range(1, 1000000)"
  60
  61 o = s:option(Value, "ipset", translate("IPset"),
  62         translate("Name of IPset rule. Requires IPset rule in /etc/dnsmasq.conf (eg \"ipset=/youtube.com/youtube\")"))
  63 o:value("", translate("-- Please choose --"))
  64 for _, z in ipairs(ipsets) do
  65         o:value(z)
  66 end
  67
  68 o = s:option(Flag, "logging", translate("Logging"),
  69         translate("Enables firewall rule logging (global mwan3 logging must also be enabled)"))
  70
  71 o = s:option(Value, "use_policy", translate("Policy assigned"))
  72 m.uci:foreach("mwan3", "policy",
  73         function(s)
  74                 o:value(s['.name'], s['.name'])
  75         end
  76 )
  77 o:value("unreachable", translate("unreachable (reject)"))
  78 o:value("blackhole", translate("blackhole (drop)"))
  79 o:value("default", translate("default (use main routing table)"))
  80
  81 return m