2 LuCI - Lua Configuration Interface
4 Copyright 2011-2012 Jo-Philipp Wich <xm@subsignal.org>
6 Licensed under the Apache License, Version 2.0 (the "License");
7 you may not use this file except in compliance with the License.
8 You may obtain a copy of the License at
10 http://www.apache.org/licenses/LICENSE-2.0
14 module("luci.tools.firewall", package.seeall)
16 local ut = require "luci.util"
17 local ip = require "luci.ip"
18 local nx = require "nixio"
20 local translate, translatef = luci.i18n.translate, luci.i18n.translatef
22 local function tr(...)
23 return tostring(translate(...))
27 if type(x) == "string" then
28 local v, neg = x:gsub("^ *! *", "")
30 return v, "%s " % tr("not")
41 local l = { tr("MAC"), " " }
42 for m in ut.imatch(x) do
44 l[#l+1] = "<var>%s%s</var>" %{ n, m }
52 return table.concat(l, "")
57 function fmt_port(x, d)
60 local l = { tr("port"), " " }
61 for p in ut.imatch(x) do
63 local a, b = p:match("(%d+)%D+(%d+)")
66 l[#l+1] = "<var>%s%d-%d</var>" %{ n, a, b }
68 l[#l+1] = "<var>%s%d</var>" %{ n, p }
77 return table.concat(l, "")
80 return d and "<var>%s</var>" % d
85 local l = { tr("IP"), " " }
87 for v in ut.imatch(x) do
89 a, m = v:match("(%S+)/(%d+%.%S+)")
91 a = a:match(":") and ip.IPv6(a, m) or ip.IPv4(a, m)
92 if a and (a:is6() and a:prefix() < 128 or a:prefix() < 32) then
94 l[#l+1] = "<var title='%s - %s'>%s%s</var>" %{
100 l[#l+1] = "<var>%s%s</var>" %{
102 a and a:string() or v
112 return table.concat(l, "")
115 return d and "<var>%s</var>" % d
118 function fmt_zone(x, d)
120 return "<var>%s</var>" % tr("any zone")
121 elseif x and #x > 0 then
122 return "<var>%s</var>" % x
124 return "<var>%s</var>" % d
128 function fmt_icmp_type(x)
131 local l = { tr("type"), " " }
132 for v in ut.imatch(x) do
134 l[#l+1] = "<var>%s%s</var>" %{ n, v }
142 return table.concat(l, "")
147 function fmt_proto(x, icmp_types)
151 local t = fmt_icmp_type(icmp_types)
152 for v in ut.imatch(x) do
154 if v == "tcpudp" then
159 elseif v ~= "all" then
160 local p = nx.getproto(v)
163 if (p.proto == 1 or p.proto == 58) and t then
164 l[#l+1] = translatef(
166 n, p.aliases[1] or p.name, t
171 p.aliases[1] or p.name
180 return table.concat(l, "")
185 function fmt_limit(limit, burst)
186 burst = tonumber(burst)
187 if limit and #limit > 0 then
188 local l, u = limit:match("(%d+)/(%w+)")
189 l = tonumber(l or limit)
192 if u:match("^s") then
194 elseif u:match("^m") then
196 elseif u:match("^h") then
198 elseif u:match("^d") then
201 if burst and burst > 0 then
202 return translatef("<var>%d</var> pkts. per <var>%s</var>, \
203 burst <var>%d</var> pkts.", l, u, burst)
205 return translatef("<var>%d</var> pkts. per <var>%s</var>", l, u)
211 function fmt_target(x, dest)
212 if dest and #dest > 0 then
213 if x == "ACCEPT" then
214 return tr("Accept forward")
215 elseif x == "REJECT" then
216 return tr("Refuse forward")
217 elseif x == "NOTRACK" then
218 return tr("Do not track forward")
219 else --if x == "DROP" then
220 return tr("Discard forward")
223 if x == "ACCEPT" then
224 return tr("Accept input")
225 elseif x == "REJECT" then
226 return tr("Refuse input")
227 elseif x == "NOTRACK" then
228 return tr("Do not track input")
229 else --if x == "DROP" then
230 return tr("Discard input")
236 function opt_enabled(s, t, ...)
237 if t == luci.cbi.Button then
238 local o = s:option(t, "__enabled")
239 function o.render(self, section)
240 if self.map:get(section, "enabled") ~= "0" then
241 self.title = tr("Rule is enabled")
242 self.inputtitle = tr("Disable")
243 self.inputstyle = "reset"
245 self.title = tr("Rule is disabled")
246 self.inputtitle = tr("Enable")
247 self.inputstyle = "apply"
249 t.render(self, section)
251 function o.write(self, section, value)
252 if self.map:get(section, "enabled") ~= "0" then
253 self.map:set(section, "enabled", "0")
255 self.map:del(section, "enabled")
260 local o = s:option(t, "enabled", ...)
266 function opt_name(s, t, ...)
267 local o = s:option(t, "name", ...)
269 function o.cfgvalue(self, section)
270 return self.map:get(section, "name") or
271 self.map:get(section, "_name") or "-"
274 function o.write(self, section, value)
276 self.map:set(section, "name", value)
277 self.map:del(section, "_name")
283 function o.remove(self, section)
284 self.map:del(section, "name")
285 self.map:del(section, "_name")