8 'require tools.widgets as widgets';
13 function handleAction(ev
) {
15 L
.ui
.showModal(_('Refresh Timer'), [
16 E('p', _('To keep your banIP lists up-to-date, you should setup an automatic update job for these lists.')),
17 E('div', { 'class': 'left', 'style': 'display:flex; flex-direction:column' }, [
18 E('h5', _('Existing job(s)')),
21 'style': 'width: 100% !important; padding: 5px; font-family: monospace',
22 'readonly': 'readonly',
27 E('div', { 'class': 'left', 'style': 'display:flex; flex-direction:column' }, [
28 E('label', { 'class': 'cbi-input-select', 'style': 'padding-top:.5em' }, [
29 E('h5', _('Set a new banIP job')),
30 E('select', { 'class': 'cbi-input-select', 'id': 'timerA' }, [
31 E('option', { 'value': 'start' }, 'Start'),
32 E('option', { 'value': 'reload' }, 'Reload'),
33 E('option', { 'value': 'restart' }, 'Restart'),
34 E('option', { 'value': 'refresh' }, 'Refresh'),
35 E('option', { 'value': 'suspend' }, 'Suspend'),
36 E('option', { 'value': 'resume' }, 'Resume'),
37 E('option', { 'value': 'report gen' }, 'Report'),
38 E('option', { 'value': 'report mail' }, 'Report & Mail')
43 E('label', { 'class': 'cbi-input-text', 'style': 'padding-top:.5em' }, [
44 E('input', { 'class': 'cbi-input-text', 'id': 'timerH', 'maxlength': '2' }, [
47 _('The hours portition (req., range: 0-23)')
49 E('label', { 'class': 'cbi-input-text', 'style': 'padding-top:.5em' }, [
50 E('input', { 'class': 'cbi-input-text', 'id': 'timerM', 'maxlength': '2' }),
52 _('The minutes portion (opt., range: 0-59)')
54 E('label', { 'class': 'cbi-input-text', 'style': 'padding-top:.5em' }, [
55 E('input', { 'class': 'cbi-input-text', 'id': 'timerD', 'maxlength': '13' }),
57 _('The day of the week (opt., values: 1-7 possibly sep. by , or -)')
60 E('div', { 'class': 'left', 'style': 'display:flex; flex-direction:column' }, [
61 E('label', { 'class': 'cbi-input-select', 'style': 'padding-top:.5em' }, [
62 E('h5', _('Remove an existing job')),
63 E('input', { 'class': 'cbi-input-text', 'id': 'lineno', 'maxlength': '2' }, [
66 _('Line number to remove')
69 E('div', { 'class': 'right' }, [
71 'class': 'btn cbi-button',
76 'class': 'btn cbi-button-action',
77 'click': ui
.createHandlerFn(this, function(ev
) {
78 var lineno
= document
.getElementById('lineno').value
;
79 var action
= document
.getElementById('timerA').value
;
80 var hours
= document
.getElementById('timerH').value
;
81 var minutes
= document
.getElementById('timerM').value
|| '0';
82 var days
= document
.getElementById('timerD').value
|| '*';
84 L
.resolveDefault(fs
.exec_direct('/etc/init.d/banip', ['timer', 'add', action
, hours
, minutes
, days
]))
87 ui
.addNotification(null, E('p', _('The Refresh Timer could not been updated.')), 'error');
89 ui
.addNotification(null, E('p', _('The Refresh Timer has been updated.')), 'info');
93 L
.resolveDefault(fs
.exec_direct('/etc/init.d/banip', ['timer', 'remove', lineno
]))
96 ui
.addNotification(null, E('p', _('The Refresh Timer could not been updated.')), 'error');
98 ui
.addNotification(null, E('p', _('The Refresh Timer has been updated.')), 'info');
102 document
.getElementById('timerH').focus();
110 L
.resolveDefault(fs
.exec_direct('/etc/init.d/banip', ['timer', 'list']))
111 .then(function(res
) {
112 document
.getElementById('cronView').value
= res
.trim();
114 document
.getElementById('timerH').focus();
118 if (document
.getElementById('status') && document
.getElementById('status').textContent
.substr(0,6) === 'paused') {
122 fs
.exec_direct('/etc/init.d/banip', [ev
])
128 L
.resolveDefault(fs
.exec_direct('/etc/init.d/banip', ['list']), {}),
129 L
.resolveDefault(fs
.exec_direct('/usr/sbin/iptables', ['-L']), null),
130 L
.resolveDefault(fs
.exec_direct('/usr/sbin/ip6tables', ['-L']), null),
131 L
.resolveDefault(fs
.read_direct('/etc/banip/banip.countries'), ''),
136 render: function(result
) {
139 m
= new form
.Map('banip', 'banIP', _('Configuration of the banIP package to block ip adresses/subnets via IPSet. \
140 For further information <a href="https://github.com/openwrt/packages/blob/master/net/banip/files/README.md" target="_blank" rel="noreferrer noopener" >check the online documentation</a>'));
143 poll runtime information
145 var rt_res
, inf_stat
, inf_ipsets
, inf_sources
, inf_srcarr
, inf_devices
, inf_devarr
, inf_ifaces
, inf_ifarr
, inf_logterms
, inf_logtarr
146 var inf_subnets
, inf_subnarr
, inf_misc
, inf_flags
, inf_run
148 pollData
: poll
.add(function() {
149 return L
.resolveDefault(fs
.read_direct('/tmp/ban_runtime.json'), 'null').then(function(res
) {
150 rt_res
= JSON
.parse(res
);
151 inf_stat
= document
.getElementById('status');
152 if (inf_stat
&& rt_res
) {
153 inf_stat
.textContent
= (rt_res
.status
|| '-') + ' / ' + (rt_res
.version
|| '-');
154 if (rt_res
.status
=== "running") {
155 if (!inf_stat
.classList
.contains("spinning")) {
156 inf_stat
.classList
.add("spinning");
159 if (inf_stat
.classList
.contains("spinning")) {
160 inf_stat
.classList
.remove("spinning");
161 if (document
.getElementById('btn_suspend')) {
162 if (inf_stat
.textContent
.substr(0,6) === 'paused') {
163 document
.querySelector('#btn_suspend').textContent
= 'Resume';
165 if (document
.getElementById('status').textContent
.substr(0,7) === 'enabled') {
166 document
.querySelector('#btn_suspend').textContent
= 'Suspend';
171 } else if (inf_stat
) {
172 inf_stat
.textContent
= '-';
173 if (inf_stat
.classList
.contains("spinning")) {
174 inf_stat
.classList
.remove("spinning");
177 inf_ipsets
= document
.getElementById('ipsets');
178 if (inf_ipsets
&& rt_res
) {
179 inf_ipsets
.textContent
= rt_res
.ipset_info
|| '-';
181 inf_sources
= document
.getElementById('sources');
183 if (inf_sources
&& rt_res
) {
184 for (var i
= 0; i
< rt_res
.active_sources
.length
; i
++) {
185 if (i
< rt_res
.active_sources
.length
-1) {
186 inf_srcarr
+= rt_res
.active_sources
[i
].source
+ ', ';
188 inf_srcarr
+= rt_res
.active_sources
[i
].source
191 inf_sources
.textContent
= inf_srcarr
|| '-';
193 inf_devices
= document
.getElementById('devices');
195 if (inf_devices
&& rt_res
) {
196 for (var i
= 0; i
< rt_res
.active_devs
.length
; i
++) {
197 if (i
< rt_res
.active_devs
.length
-1) {
198 inf_devarr
+= rt_res
.active_devs
[i
].dev
+ ', ';
200 inf_devarr
+= rt_res
.active_devs
[i
].dev
203 inf_devices
.textContent
= inf_devarr
|| '-';
205 inf_ifaces
= document
.getElementById('ifaces');
207 if (inf_ifaces
&& rt_res
) {
208 for (var i
= 0; i
< rt_res
.active_ifaces
.length
; i
++) {
209 if (i
< rt_res
.active_ifaces
.length
-1) {
210 inf_ifarr
+= rt_res
.active_ifaces
[i
].iface
+ ', ';
212 inf_ifarr
+= rt_res
.active_ifaces
[i
].iface
215 inf_ifaces
.textContent
= inf_ifarr
|| '-';
217 inf_logterms
= document
.getElementById('logterms');
219 if (inf_logterms
&& rt_res
) {
220 for (var i
= 0; i
< rt_res
.active_logterms
.length
; i
++) {
221 if (i
< rt_res
.active_logterms
.length
-1) {
222 inf_logtarr
+= rt_res
.active_logterms
[i
].term
+ ', ';
224 inf_logtarr
+= rt_res
.active_logterms
[i
].term
227 inf_logterms
.textContent
= inf_logtarr
|| '-';
229 inf_subnets
= document
.getElementById('subnets');
231 if (inf_subnets
&& rt_res
) {
232 for (var i
= 0; i
< rt_res
.active_subnets
.length
; i
++) {
233 if (i
< rt_res
.active_subnets
.length
-1) {
234 inf_subnarr
+= rt_res
.active_subnets
[i
].subnet
+ ', ';
236 inf_subnarr
+= rt_res
.active_subnets
[i
].subnet
239 inf_subnets
.textContent
= inf_subnarr
|| '-';
241 inf_misc
= document
.getElementById('infos');
242 if (inf_misc
&& rt_res
) {
243 inf_misc
.textContent
= rt_res
.run_infos
|| '-';
245 inf_flags
= document
.getElementById('flags');
246 if (inf_flags
&& rt_res
) {
247 inf_flags
.textContent
= rt_res
.run_flags
|| '-';
249 inf_run
= document
.getElementById('run');
250 if (inf_run
&& rt_res
) {
251 inf_run
.textContent
= rt_res
.last_run
|| '-';
257 runtime information and buttons
259 s
= m
.section(form
.NamedSection
, 'global');
260 s
.render
= L
.bind(function(view
, section_id
) {
261 return E('div', { 'class': 'cbi-section' }, [
262 E('h3', _('Information')),
263 E('div', { 'class': 'cbi-value' }, [
264 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Status / Version')),
265 E('div', { 'class': 'cbi-value-field spinning', 'id': 'status', 'style': 'color:#37c' },'\xa0')
267 E('div', { 'class': 'cbi-value' }, [
268 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('IPSet Information')),
269 E('div', { 'class': 'cbi-value-field', 'id': 'ipsets', 'style': 'color:#37c' },'-')
271 E('div', { 'class': 'cbi-value' }, [
272 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Active Sources')),
273 E('div', { 'class': 'cbi-value-field', 'id': 'sources', 'style': 'color:#37c' },'-')
275 E('div', { 'class': 'cbi-value' }, [
276 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Active Devices')),
277 E('div', { 'class': 'cbi-value-field', 'id': 'devices', 'style': 'color:#37c' },'-')
279 E('div', { 'class': 'cbi-value' }, [
280 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Active Interfaces')),
281 E('div', { 'class': 'cbi-value-field', 'id': 'ifaces', 'style': 'color:#37c' },'-')
283 E('div', { 'class': 'cbi-value' }, [
284 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Active Logterms')),
285 E('div', { 'class': 'cbi-value-field', 'id': 'logterms', 'style': 'color:#37c' },'-')
287 E('div', { 'class': 'cbi-value' }, [
288 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Active Subnets')),
289 E('div', { 'class': 'cbi-value-field', 'id': 'subnets', 'style': 'color:#37c' },'-')
291 E('div', { 'class': 'cbi-value' }, [
292 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Run Information')),
293 E('div', { 'class': 'cbi-value-field', 'id': 'infos', 'style': 'color:#37c' },'-')
295 E('div', { 'class': 'cbi-value' }, [
296 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Run Flags')),
297 E('div', { 'class': 'cbi-value-field', 'id': 'flags', 'style': 'color:#37c' },'-')
299 E('div', { 'class': 'cbi-value' }, [
300 E('label', { 'class': 'cbi-value-title', 'style': 'padding-top:0rem' }, _('Last Run')),
301 E('div', { 'class': 'cbi-value-field', 'id': 'run', 'style': 'color:#37c' },'-')
303 E('div', { class: 'right' }, [
305 'class': 'btn cbi-button cbi-button-apply',
306 'click': ui
.createHandlerFn(this, function() {
307 return handleAction('timer');
309 }, [ _('Refresh Timer...') ]),
312 'class': 'btn cbi-button cbi-button-apply',
314 'click': ui
.createHandlerFn(this, function() {
315 return handleAction('suspend');
317 }, [ _('Suspend') ]),
320 'class': 'btn cbi-button cbi-button-positive',
321 'click': ui
.createHandlerFn(this, function() {
322 return handleAction('refresh');
324 }, [ _('Refresh') ]),
327 'class': 'btn cbi-button cbi-button-negative',
328 'click': ui
.createHandlerFn(this, function() {
329 return handleAction('restart');
338 tabbed config section
340 s
= m
.section(form
.NamedSection
, 'global', 'banip', _('Settings'));
342 s
.tab('general', _('General Settings'));
343 s
.tab('additional', _('Additional Settings'));
344 s
.tab('adv_chain', _('Advanced Chain Settings'));
345 s
.tab('adv_log', _('Advanced Log Settings'));
346 s
.tab('adv_email', _('Advanced E-Mail Settings'));
347 s
.tab('sources', _('Blocklist Sources'));
352 o
= s
.taboption('general', form
.Flag
, 'ban_enabled', _('Enabled'), _('Enable the banIP service.'));
355 o
= s
.taboption('general', widgets
.NetworkSelect
, 'ban_trigger', _('Startup Trigger Interface'), _('List of available network interfaces to trigger the banIP start.'));
356 o
.unspecified
= true;
360 o
= s
.taboption('general', form
.Flag
, 'ban_autodetect', _('Auto Detection'), _('Detect relevant network interfaces, devices, subnets and protocols automatically.'));
363 o
= s
.taboption('general', widgets
.NetworkSelect
, 'ban_ifaces', _('Network Interfaces'), _('Select the relevant network interfaces manually.'));
364 o
.depends('ban_autodetect', '0');
365 o
.unspecified
= true;
371 o
= s
.taboption('general', form
.Flag
, 'ban_proto4_enabled', _('IPv4 Support'), _('Enables IPv4 support in banIP.'));
372 o
.depends('ban_autodetect', '0');
376 o
= s
.taboption('general', form
.Flag
, 'ban_proto6_enabled', _('IPv6 Support'), _('Enables IPv6 support in banIP.'));
377 o
.depends('ban_autodetect', '0');
381 o
= s
.taboption('general', form
.Flag
, 'ban_monitor_enabled', _('Log Monitor'), _('Starts a small log monitor in the background to block suspicious SSH/LuCI login attempts.'));
384 o
= s
.taboption('general', form
.Flag
, 'ban_logsrc_enabled', _('Enable SRC logging'), _('Log suspicious incoming packets - usually dropped.'));
387 o
= s
.taboption('general', form
.Flag
, 'ban_logdst_enabled', _('Enable DST logging'), _('Log suspicious outgoing packets - usually rejected. \
388 Logging such packets may cause an increase in latency due to it requiring additional system resources.'));
391 o
= s
.taboption('general', form
.Flag
, 'ban_whitelistonly', _('Whitelist Only'), _('Restrict the internet access from/to a small number of secure websites/IPs \
392 and block access from/to the rest of the internet.'));
395 o
= s
.taboption('general', form
.Flag
, 'ban_mail_enabled', _('E-Mail Notification'), _('Send banIP related notification e-mails. \
396 This needs the installation and setup of the additional \'msmtp\' package.'));
399 o
= s
.taboption('general', form
.Value
, 'ban_mailreceiver', _('E-Mail Receiver Address'), _('Receiver address for banIP notification e-mails.'));
400 o
.depends('ban_mail_enabled', '1');
401 o
.placeholder
= 'name@example.com';
405 additional settings tab
407 o
= s
.taboption('additional', form
.Flag
, 'ban_debug', _('Verbose Debug Logging'), _('Enable verbose debug logging in case of any processing errors.'));
410 o
= s
.taboption('additional', form
.ListValue
, 'ban_nice', _('Service Priority'), _('The selected priority will be used for banIP background processing. \
411 This change requires a full banIP service restart to take effect.'));
412 o
.value('-20', _('Highest Priority'));
413 o
.value('-10', _('High Priority'));
414 o
.value('0', _('Normal Priority (default)'));
415 o
.value('10', _('Less Priority'));
416 o
.value('19', _('Least Priority'));
420 o
= s
.taboption('additional', form
.Value
, 'ban_triggerdelay', _('Trigger Delay'), _('Additional trigger delay in seconds before banIP processing begins.'));
422 o
.datatype
= 'range(1,120)';
425 o
= s
.taboption('additional', form
.ListValue
, 'ban_maxqueue', _('Download Queue'), _('Size of the download queue for download processing in parallel.'));
435 o
= s
.taboption('additional', form
.Value
, 'ban_tmpbase', _('Base Temp Directory'), _('Base Temp Directory used for all banIP related runtime operations.'));
436 o
.placeholder
= '/tmp';
439 o
= s
.taboption('additional', form
.Value
, 'ban_backupdir', _('Backup Directory'), _('Target directory for compressed source list backups.'));
440 o
.placeholder
= '/tmp/banIP-Backup';
443 o
= s
.taboption('additional', form
.Value
, 'ban_reportdir', _('Report Directory'), _('Target directory for IPSet related report files.'));
444 o
.placeholder
= '/tmp/banIP-Report';
447 o
= s
.taboption('additional', form
.ListValue
, 'ban_fetchutil', _('Download Utility'), _('List of supported and fully pre-configured download utilities.'));
448 o
.value('uclient-fetch');
455 o
= s
.taboption('additional', form
.Flag
, 'ban_fetchinsecure', _('Download Insecure'), _('Don\'t check SSL server certificates during download.'));
459 o
= s
.taboption('additional', form
.Value
, 'ban_fetchparm', _('Download Parameters'), _('Manually override the pre-configured download options for the selected download utility.'))
464 advanced chain settings tab
466 o
= s
.taboption('adv_chain', form
.DummyValue
, '_sub');
468 o
.default = '<em><b>Changes on this tab needs a full banIP service restart to take effect.</b></em>';
470 o
= s
.taboption('adv_chain', form
.ListValue
, 'ban_global_settype', _('Global IPSet Type'), _('Set the global IPset type default, to block incoming (SRC) and/or outgoing (DST) packets.'));
476 o
= s
.taboption('adv_chain', form
.ListValue
, 'ban_target_src', _('SRC Target'), _('Set the firewall target for all SRC related rules.'));
481 o
= s
.taboption('adv_chain', form
.ListValue
, 'ban_target_dst', _('DST Target'), _('Set the firewall target for all DST related rules.'));
486 o
= s
.taboption('adv_chain', form
.DummyValue
, '_sub');
488 o
.default = '<em><b>Individual IPSet Settings</b></em>';
490 o
= s
.taboption('adv_chain', form
.ListValue
, 'ban_maclist_timeout', _('Maclist Timeout'), _('Set the maclist IPSet timeout.'));
491 o
.value('1800', _('30 minutes'));
492 o
.value('3600', _('1 hour'));
493 o
.value('21600', _('6 hours'));
494 o
.value('43200', _('12 hours'));
495 o
.value('86400', _('24 hours'));
499 o
= s
.taboption('adv_chain', form
.ListValue
, 'ban_whitelist_timeout', _('Whitelist Timeout'), _('Set the whitelist IPSet timeout.'));
500 o
.value('1800', _('30 minutes'));
501 o
.value('3600', _('1 hour'));
502 o
.value('21600', _('6 hours'));
503 o
.value('43200', _('12 hours'));
504 o
.value('86400', _('24 hours'));
508 o
= s
.taboption('adv_chain', form
.ListValue
, 'ban_blacklist_timeout', _('Blacklist Timeout'), _('Set the blacklist IPSet timeout.'));
509 o
.value('1800', _('30 minutes'));
510 o
.value('3600', _('1 hour'));
511 o
.value('21600', _('6 hours'));
512 o
.value('43200', _('12 hours'));
513 o
.value('86400', _('24 hours'));
517 var info
, source
, sources
= [];
519 sources
= result
[0].trim().split('\n');
522 o
= s
.taboption('adv_chain', form
.MultiValue
, 'ban_settype_src', _('SRC IPSet Type'), _('Set individual SRC type per IPset to block only incoming packets.'));
523 o
.value('whitelist');
524 o
.value('blacklist');
525 for (var i
= 0; i
< sources
.length
; i
++) {
526 if (sources
[i
].match(/^\s+\+/)) {
527 source
= sources
[i
].match(/^\s+\+\s(\w+)\s/)[1].trim();
534 o
= s
.taboption('adv_chain', form
.MultiValue
, 'ban_settype_dst', _('DST IPSet Type'), _('Set individual DST type per IPset to block only outgoing packets.'));
535 o
.value('whitelist');
536 o
.value('blacklist');
537 for (var i
= 0; i
< sources
.length
; i
++) {
538 if (sources
[i
].match(/^\s+\+/)) {
539 source
= sources
[i
].match(/^\s+\+\s(\w+)\s/)[1].trim();
546 o
= s
.taboption('adv_chain', form
.MultiValue
, 'ban_settype_all', _('SRC+DST IPSet Type'), _('Set individual SRC+DST type per IPset to block incoming and outgoing packets.'));
547 o
.value('whitelist');
548 o
.value('blacklist');
549 for (var i
= 0; i
< sources
.length
; i
++) {
550 if (sources
[i
].match(/^\s+\+/)) {
551 source
= sources
[i
].match(/^\s+\+\s(\w+)\s/)[1].trim();
558 o
= s
.taboption('adv_chain', form
.DummyValue
, '_sub');
560 o
.default = '<em><b>IPv4 Chains</b></em>';
563 prepare iptables data
565 var chain
, result_v4
=[], result_v6
=[];
567 result_v4
= result
[1].trim().split('\n');
568 } else if (result
[2]) {
569 result_v4
= result
[2].trim().split('\n');
573 result_v6
= result
[2].trim().split('\n');
574 } else if (result
[1]) {
575 result_v6
= result
[1].trim().split('\n');
578 o
= s
.taboption('adv_chain', form
.DynamicList
, 'ban_lan_inputchains_4', _('LAN Input'), _('Assign one or more relevant firewall chains to banIP. The default chain used by banIP is \'input_lan_rule\'.'));
579 for (var i
= 0; i
< result_v4
.length
; i
++) {
580 if (result_v4
[i
].match(/^Chain input[\w_]+\s+/)) {
581 chain
= result_v4
[i
].match(/\s+(input[\w_]+)\s+/)[1].trim();
585 o
.datatype
= 'uciname';
589 o
= s
.taboption('adv_chain', form
.DynamicList
, 'ban_lan_forwardchains_4', _('LAN Forward'), _('Assign one or more relevant firewall chains to banIP. The default chain used by banIP is \'forwarding_lan_rule\'.'));
590 for (var i
= 0; i
< result_v4
.length
; i
++) {
591 if (result_v4
[i
].match(/^Chain forwarding[\w_]+\s+/)) {
592 chain
= result_v4
[i
].match(/\s+(forwarding[\w_]+)\s+/)[1].trim();
596 o
.datatype
= 'uciname';
600 o
= s
.taboption('adv_chain', form
.DynamicList
, 'ban_wan_inputchains_4', _('WAN Input'), _('Assign one or more relevant firewall chains to banIP. The default chain used by banIP is \'input_wan_rule\'.'));
601 for (var i
= 0; i
< result_v4
.length
; i
++) {
602 if (result_v4
[i
].match(/^Chain input[\w_]+\s+/)) {
603 chain
= result_v4
[i
].match(/\s+(input[\w_]+)\s+/)[1].trim();
607 o
.datatype
= 'uciname';
611 o
= s
.taboption('adv_chain', form
.DynamicList
, 'ban_wan_forwardchains_4', _('WAN Forward'), _('Assign one or more relevant firewall chains to banIP. The default chain used by banIP is \'forwarding_wan_rule\'.'));
612 for (var i
= 0; i
< result_v4
.length
; i
++) {
613 if (result_v4
[i
].match(/^Chain forwarding[\w_]+\s+/)) {
614 chain
= result_v4
[i
].match(/\s+(forwarding[\w_]+)\s+/)[1].trim();
618 o
.datatype
= 'uciname';
622 o
= s
.taboption('adv_chain', form
.DummyValue
, '_sub');
624 o
.default = '<em><b>IPv6 Chains</b></em>';
626 o
= s
.taboption('adv_chain', form
.DynamicList
, 'ban_lan_inputchains_6', _('LAN Input'), _('Assign one or more relevant firewall chains to banIP. The default chain used by banIP is \'input_lan_rule\'.'));
627 for (var i
= 0; i
< result_v6
.length
; i
++) {
628 if (result_v6
[i
].match(/^Chain input[\w_]+\s+/)) {
629 chain
= result_v6
[i
].match(/\s+(input[\w_]+)\s+/)[1].trim();
633 o
.datatype
= 'uciname';
637 o
= s
.taboption('adv_chain', form
.DynamicList
, 'ban_lan_forwardchains_6', _('LAN Forward'), _('Assign one or more relevant firewall chains to banIP. The default chain used by banIP is \'forwarding_lan_rule\'.'));
638 for (var i
= 0; i
< result_v6
.length
; i
++) {
639 if (result_v6
[i
].match(/^Chain forwarding[\w_]+\s+/)) {
640 chain
= result_v6
[i
].match(/\s+(forwarding[\w_]+)\s+/)[1].trim();
644 o
.datatype
= 'uciname';
648 o
= s
.taboption('adv_chain', form
.DynamicList
, 'ban_wan_inputchains_6', _('WAN Input'), _('Assign one or more relevant firewall chains to banIP. The default chain used by banIP is \'input_wan_rule\'.'));
649 for (var i
= 0; i
< result_v6
.length
; i
++) {
650 if (result_v6
[i
].match(/^Chain input[\w_]+\s+/)) {
651 chain
= result_v6
[i
].match(/\s+(input[\w_]+)\s+/)[1].trim();
655 o
.datatype
= 'uciname';
659 o
= s
.taboption('adv_chain', form
.DynamicList
, 'ban_wan_forwardchains_6', _('WAN Forward'), _('Assign one or more relevant firewall chains to banIP. The default chain used by banIP is \'forwarding_wan_rule\'.'));
660 for (var i
= 0; i
< result_v6
.length
; i
++) {
661 if (result_v6
[i
].match(/^Chain forwarding[\w_]+\s+/)) {
662 chain
= result_v6
[i
].match(/\s+(forwarding[\w_]+)\s+/)[1].trim();
666 o
.datatype
= 'uciname';
671 advanced log settings tab
673 o
= s
.taboption('adv_log', form
.DummyValue
, '_sub');
675 o
.default = '<em><b>Changes on this tab needs a full banIP service restart to take effect.</b></em>';
677 o
= s
.taboption('adv_log', form
.ListValue
, 'ban_loglimit', _('Log Limit'), _('Parse only the last stated number of log entries for suspicious events.'));
684 o
= s
.taboption('adv_log', form
.MultiValue
, 'ban_logterms', _('Log Terms'), _('Limit the log monitor to certain log terms.'));
692 o
= s
.taboption('adv_log', form
.Value
, 'ban_ssh_logcount', _('SSH Log Count'), _('Number of failed ssh login repetitions of the same ip in the log before banning.'));
694 o
.datatype
= 'range(1,10)';
697 o
= s
.taboption('adv_log', form
.Value
, 'ban_luci_logcount', _('LuCI Log Count'), _('Number of failed LuCI login repetitions of the same ip in the log before banning.'));
699 o
.datatype
= 'range(1,10)';
702 o
= s
.taboption('adv_log', form
.Value
, 'ban_nginx_logcount', _('NGINX Log Count'), _('Number of failed nginx requests of the same ip in the log before banning.'));
704 o
.datatype
= 'range(1,20)';
707 o
= s
.taboption('adv_log', form
.Value
, 'ban_logopts_src', _('SRC Log Options'), _('Set special SRC log options, e.g. to set a limit rate.'));
709 o
.unspecified
= true;
710 o
.value('-m limit --limit 2/sec', _('-m limit --limit 2/sec (default)'));
711 o
.value('-m limit --limit 10/sec');
715 o
= s
.taboption('adv_log', form
.Value
, 'ban_logopts_dst', _('DST Log Options'), _('Set special DST log options, e.g. to set a limit rate.'));
717 o
.unspecified
= true;
718 o
.value('-m limit --limit 2/sec', _('-m limit --limit 2/sec (default)'));
719 o
.value('-m limit --limit 10/sec');
724 advanced email settings tab
726 o
= s
.taboption('adv_email', form
.Value
, 'ban_mailsender', _('E-Mail Sender Address'), _('Sender address for banIP notification E-Mails.'));
727 o
.placeholder
= 'no-reply@banIP';
730 o
= s
.taboption('adv_email', form
.Value
, 'ban_mailtopic', _('E-Mail Topic'), _('Topic for banIP notification E-Mails.'));
731 o
.placeholder
= 'banIP notification';
734 o
= s
.taboption('adv_email', form
.Value
, 'ban_mailprofile', _('E-Mail Profile'), _('Profile used by \'msmtp\' for banIP notification E-Mails.'));
735 o
.placeholder
= 'ban_notify';
736 o
.datatype
= 'uciname';
739 o
= s
.taboption('adv_email', form
.MultiValue
, 'ban_mailactions', _('E-Mail Actions'), _('Limit E-Mail trigger to certain banIP actions.'));
747 blocklist sources tab
749 o
= s
.taboption('sources', form
.DummyValue
, '_sub');
751 o
.default = '<em><b>List of supported and fully pre-configured banIP sources.</b></em>';
753 o
= s
.taboption('sources', form
.MultiValue
, 'ban_sources', _('Sources (Info)'));
754 for (var i
= 0; i
< sources
.length
; i
++) {
755 if (sources
[i
].match(/^\s+\+/)) {
756 source
= sources
[i
].match(/^\s+\+\s(\w+)\s/)[1].trim();
757 info
= sources
[i
].slice(35,70).trim();
758 o
.value(source
, source
+ ' (' + info
+ ')');
764 o
= s
.taboption('sources', form
.DummyValue
, '_sub');
766 o
.default = '<em><b>Country Selection</b></em>';
771 var code
, country
, countries
= [];
773 countries
= result
[3].trim().split('\n');
776 o
= s
.taboption('sources', form
.DynamicList
, 'ban_countries', _('Countries'));
777 for (var i
= 0; i
< countries
.length
; i
++) {
778 code
= countries
[i
].match(/^(\w+);/)[1].trim();
779 country
= countries
[i
].match(/^\w+;(.*$)/)[1].trim();
780 o
.value(code
, country
);
785 o
= s
.taboption('sources', form
.DummyValue
, '_sub');
787 o
.default = '<em><b>ASN Selection</b></em>';
789 o
= s
.taboption('sources', form
.DynamicList
, 'ban_asns', _('ASNs'));
790 o
.datatype
= 'uinteger';
794 o
= s
.taboption('sources', form
.DummyValue
, '_sub');
796 o
.default = '<em><b>Local Sources</b></em>';
798 o
= s
.taboption('sources', form
.MultiValue
, 'ban_localsources', _('Local Sources'), _('Limit the selection to certain local sources.'));
800 o
.value('whitelist');
801 o
.value('blacklist');
805 o
= s
.taboption('sources', form
.DynamicList
, 'ban_extrasources', _('Extra Sources'), _('Add additional, non-banIP related IPSets e.g. for reporting and queries.'));
806 o
.datatype
= 'uciname';
810 o
= s
.taboption('sources', form
.Flag
, 'ban_autoblacklist', _('Auto Blacklist'), _('Automatically transfers suspicious IPs from the log to the banIP blacklist during runtime.'));
813 o
= s
.taboption('sources', form
.Flag
, 'ban_autowhitelist', _('Auto Whitelist'), _('Automatically transfers uplink IPs to the banIP whitelist during runtime.'));