applications/luci-app-firewall/luasrc/model/cbi/firewall/forward-details.lua

   1 --[[
   2 LuCI - Lua Configuration Interface
   3
   4 Copyright 2011 Jo-Philipp Wich <xm@subsignal.org>
   5
   6 Licensed under the Apache License, Version 2.0 (the "License");
   7 you may not use this file except in compliance with the License.
   8 You may obtain a copy of the License at
   9
  10         http://www.apache.org/licenses/LICENSE-2.0
  11
  12 $Id$
  13 ]]--
  14
  15 local sys = require "luci.sys"
  16 local dsp = require "luci.dispatcher"
  17 local ft  = require "luci.tools.firewall"
  18
  19 local m, s, o
  20
  21 arg[1] = arg[1] or ""
  22
  23 m = Map("firewall",
  24         translate("Firewall - Port Forwards"),
  25         translate("This page allows you to change advanced properties of the port \
  26                    forwarding entry. In most cases there is no need to modify \
  27                            those settings."))
  28
  29 m.redirect = dsp.build_url("admin/network/firewall/forwards")
  30
  31 if m.uci:get("firewall", arg[1]) ~= "redirect" then
  32         luci.http.redirect(m.redirect)
  33         return
  34 else
  35         local name = m:get(arg[1], "name") or m:get(arg[1], "_name")
  36         if not name or #name == 0 then
  37                 name = translate("(Unnamed Entry)")
  38         end
  39         m.title = "%s - %s" %{ translate("Firewall - Port Forwards"), name }
  40 end
  41
  42 s = m:section(NamedSection, arg[1], "redirect", "")
  43 s.anonymous = true
  44 s.addremove = false
  45
  46 ft.opt_enabled(s, Button)
  47 ft.opt_name(s, Value, translate("Name"))
  48
  49
  50 o = s:option(Value, "proto", translate("Protocol"))
  51 o:value("tcp udp", "TCP+UDP")
  52 o:value("tcp", "TCP")
  53 o:value("udp", "UDP")
  54 o:value("icmp", "ICMP")
  55
  56 function o.cfgvalue(...)
  57         local v = Value.cfgvalue(...)
  58         if not v or v == "tcpudp" then
  59                 return "tcp udp"
  60         end
  61         return v
  62 end
  63
  64
  65 o = s:option(Value, "src", translate("Source zone"))
  66 o.nocreate = true
  67 o.default = "wan"
  68 o.template = "cbi/firewall_zonelist"
  69
  70
  71 o = s:option(DynamicList, "src_mac",
  72         translate("Source MAC address"),
  73         translate("Only match incoming traffic from these MACs."))
  74 o.rmempty = true
  75 o.datatype = "neg(macaddr)"
  76 o.placeholder = translate("any")
  77
  78 luci.sys.net.mac_hints(function(mac, name)
  79         o:value(mac, "%s (%s)" %{ mac, name })
  80 end)
  81
  82
  83 o = s:option(Value, "src_ip",
  84         translate("Source IP address"),
  85         translate("Only match incoming traffic from this IP or range."))
  86 o.rmempty = true
  87 o.datatype = "neg(ip4addr)"
  88 o.placeholder = translate("any")
  89
  90 luci.sys.net.ipv4_hints(function(ip, name)
  91         o:value(ip, "%s (%s)" %{ ip, name })
  92 end)
  93
  94
  95 o = s:option(Value, "src_port",
  96         translate("Source port"),
  97         translate("Only match incoming traffic originating from the given source port or port range on the client host"))
  98 o.rmempty = true
  99 o.datatype = "neg(portrange)"
 100 o.placeholder = translate("any")
 101
 102
 103 o = s:option(Value, "src_dip",
 104         translate("External IP address"),
 105         translate("Only match incoming traffic directed at the given IP address."))
 106
 107 luci.sys.net.ipv4_hints(function(ip, name)
 108         o:value(ip, "%s (%s)" %{ ip, name })
 109 end)
 110
 111
 112 o.rmempty = true
 113 o.datatype = "neg(ip4addr)"
 114 o.placeholder = translate("any")
 115
 116
 117 o = s:option(Value, "src_dport", translate("External port"),
 118         translate("Match incoming traffic directed at the given " ..
 119                 "destination port or port range on this host"))
 120 o.datatype = "neg(portrange)"
 121
 122
 123
 124 o = s:option(Value, "dest", translate("Internal zone"))
 125 o.nocreate = true
 126 o.default = "lan"
 127 o.template = "cbi/firewall_zonelist"
 128
 129
 130 o = s:option(Value, "dest_ip", translate("Internal IP address"),
 131         translate("Redirect matched incoming traffic to the specified \
 132                 internal host"))
 133 o.datatype = "ip4addr"
 134
 135 luci.sys.net.ipv4_hints(function(ip, name)
 136         o:value(ip, "%s (%s)" %{ ip, name })
 137 end)
 138
 139
 140 o = s:option(Value, "dest_port",
 141         translate("Internal port"),
 142         translate("Redirect matched incoming traffic to the given port on \
 143                 the internal host"))
 144 o.placeholder = translate("any")
 145 o.datatype = "portrange"
 146
 147
 148 o = s:option(Flag, "reflection", translate("Enable NAT Loopback"))
 149 o.rmempty = true
 150 o.default = o.enabled
 151 o.cfgvalue = function(...)
 152         return Flag.cfgvalue(...) or "1"
 153 end
 154
 155
 156 s:option(Value, "extra",
 157         translate("Extra arguments"),
 158         translate("Passes additional arguments to iptables. Use with care!"))
 159
 160
 161 return m