1 -- Copyright 2011 Jo-Philipp Wich <jow@openwrt.org>
2 -- Licensed to the public under the Apache License 2.0.
4 local sys = require "luci.sys"
5 local dsp = require "luci.dispatcher"
6 local ft = require "luci.tools.firewall"
13 translate("Firewall - Port Forwards"),
14 translate("This page allows you to change advanced properties of the port \
15 forwarding entry. In most cases there is no need to modify \
18 m.redirect = dsp.build_url("admin/network/firewall/forwards")
20 if m.uci:get("firewall", arg[1]) ~= "redirect" then
21 luci.http.redirect(m.redirect)
24 local name = m:get(arg[1], "name") or m:get(arg[1], "_name")
25 if not name or #name == 0 then
26 name = translate("(Unnamed Entry)")
28 m.title = "%s - %s" %{ translate("Firewall - Port Forwards"), name }
31 s = m:section(NamedSection, arg[1], "redirect", "")
35 ft.opt_enabled(s, Button)
36 ft.opt_name(s, Value, translate("Name"))
39 o = s:option(Value, "proto", translate("Protocol"))
40 o:value("tcp udp", "TCP+UDP")
43 o:value("icmp", "ICMP")
45 function o.cfgvalue(...)
46 local v = Value.cfgvalue(...)
47 if not v or v == "tcpudp" then
54 o = s:option(Value, "src", translate("Source zone"))
57 o.template = "cbi/firewall_zonelist"
60 o = s:option(DynamicList, "src_mac",
61 translate("Source MAC address"),
62 translate("Only match incoming traffic from these MACs."))
64 o.datatype = "neg(macaddr)"
65 o.placeholder = translate("any")
67 luci.sys.net.mac_hints(function(mac, name)
68 o:value(mac, "%s (%s)" %{ mac, name })
72 o = s:option(Value, "src_ip",
73 translate("Source IP address"),
74 translate("Only match incoming traffic from this IP or range."))
76 o.datatype = "neg(ip4addr)"
77 o.placeholder = translate("any")
79 luci.sys.net.ipv4_hints(function(ip, name)
80 o:value(ip, "%s (%s)" %{ ip, name })
84 o = s:option(Value, "src_port",
85 translate("Source port"),
86 translate("Only match incoming traffic originating from the given source port or port range on the client host"))
88 o.datatype = "neg(portrange)"
89 o.placeholder = translate("any")
92 o = s:option(Value, "src_dip",
93 translate("External IP address"),
94 translate("Only match incoming traffic directed at the given IP address."))
96 luci.sys.net.ipv4_hints(function(ip, name)
97 o:value(ip, "%s (%s)" %{ ip, name })
102 o.datatype = "neg(ip4addr)"
103 o.placeholder = translate("any")
106 o = s:option(Value, "src_dport", translate("External port"),
107 translate("Match incoming traffic directed at the given " ..
108 "destination port or port range on this host"))
109 o.datatype = "neg(portrange)"
113 o = s:option(Value, "dest", translate("Internal zone"))
116 o.template = "cbi/firewall_zonelist"
119 o = s:option(Value, "dest_ip", translate("Internal IP address"),
120 translate("Redirect matched incoming traffic to the specified \
122 o.datatype = "ip4addr"
124 luci.sys.net.ipv4_hints(function(ip, name)
125 o:value(ip, "%s (%s)" %{ ip, name })
129 o = s:option(Value, "dest_port",
130 translate("Internal port"),
131 translate("Redirect matched incoming traffic to the given port on \
133 o.placeholder = translate("any")
134 o.datatype = "portrange"
137 o = s:option(Flag, "reflection", translate("Enable NAT Loopback"))
139 o.default = o.enabled
140 o.cfgvalue = function(...)
141 return Flag.cfgvalue(...) or "1"
145 s:option(Value, "extra",
146 translate("Extra arguments"),
147 translate("Passes additional arguments to iptables. Use with care!"))