6 'require tools.firewall as fwtool';
7 'require tools.widgets as widgets';
9 function fmt(fmt
/*, ...*/) {
10 var repl
= [], wrap
= false;
12 for (var i
= 1; i
< arguments
.length
; i
++) {
13 if (L
.dom
.elem(arguments
[i
])) {
14 switch (arguments
[i
].nodeType
) {
16 repl
.push(arguments
[i
].outerHTML
);
21 repl
.push(arguments
[i
].data
);
26 span
.appendChild(arguments
[i
]);
27 repl
.push(span
.innerHTML
);
36 repl
.push(arguments
[i
]);
40 var rv
= fmt
.format
.apply(fmt
, repl
);
41 return wrap
? E('span', rv
) : rv
;
44 function forward_proto_txt(s
) {
46 fwtool
.fmt_family(uci
.get('firewall', s
, 'family')),
47 fwtool
.fmt_proto(uci
.get('firewall', s
, 'proto'),
48 uci
.get('firewall', s
, 'icmp_type')) || 'TCP+UDP');
51 function forward_src_txt(s
) {
52 var z
= fwtool
.fmt_zone(uci
.get('firewall', s
, 'src'), _('any zone')),
53 a
= fwtool
.fmt_ip(uci
.get('firewall', s
, 'src_ip'), _('any host')),
54 p
= fwtool
.fmt_port(uci
.get('firewall', s
, 'src_port')),
55 m
= fwtool
.fmt_mac(uci
.get('firewall', s
, 'src_mac'));
58 return fmt(_('From %s in %s with source %s and %s'), a
, z
, p
, m
);
60 return fmt(_('From %s in %s with source %s'), a
, z
, p
|| m
);
62 return fmt(_('From %s in %s'), a
, z
);
65 function forward_via_txt(s
) {
66 var a
= fwtool
.fmt_ip(uci
.get('firewall', s
, 'src_dip'), _('any router IP')),
67 p
= fwtool
.fmt_port(uci
.get('firewall', s
, 'src_dport'));
70 return fmt(_('Via %s at %s'), a
, p
);
72 return fmt(_('Via %s'), a
);
75 return L
.view
.extend({
76 callHostHints
: rpc
.declare({
87 render: function(data
) {
91 m
= new form
.Map('firewall', _('Firewall - Port Forwards'),
92 _('Port forwarding allows remote computers on the Internet to connect to a specific computer or service within the private LAN.'));
94 s
= m
.section(form
.GridSection
, 'redirect', _('Port Forwards'));
99 s
.tab('general', _('General Settings'));
100 s
.tab('advanced', _('Advanced Settings'));
102 s
.filter = function(section_id
) {
103 return (uci
.get('firewall', section_id
, 'target') != 'SNAT');
106 s
.sectiontitle = function(section_id
) {
107 return uci
.get('firewall', section_id
, 'name') || _('Unnamed forward');
110 o
= s
.taboption('general', form
.Value
, 'name', _('Name'));
111 o
.placeholder
= _('Unnamed forward');
114 o
= s
.option(form
.DummyValue
, '_match', _('Match'));
116 o
.textvalue = function(s
) {
118 forward_proto_txt(s
), E('br'),
119 forward_src_txt(s
), E('br'),
124 o
= s
.option(form
.ListValue
, '_dest', _('Forward to'));
126 o
.textvalue = function(s
) {
127 var z
= fwtool
.fmt_zone(uci
.get('firewall', s
, 'dest'), _('any zone')),
128 a
= fwtool
.fmt_ip(uci
.get('firewall', s
, 'dest_ip'), _('any host')),
129 p
= fwtool
.fmt_port(uci
.get('firewall', s
, 'dest_port')) ||
130 fwtool
.fmt_port(uci
.get('firewall', s
, 'src_dport'));
133 return fmt(_('%s, %s in %s'), a
, p
, z
);
135 return fmt(_('%s in %s'), a
, z
);
138 o
= s
.option(form
.Flag
, 'enabled', _('Enable'));
140 o
.default = o
.enabled
;
143 o
= s
.taboption('general', form
.Value
, 'proto', _('Protocol'));
145 o
.default = 'tcp udp';
146 o
.value('tcp udp', 'TCP+UDP');
147 o
.value('tcp', 'TCP');
148 o
.value('udp', 'UDP');
149 o
.value('icmp', 'ICMP');
151 o
.cfgvalue = function(/* ... */) {
152 var v
= this.super('cfgvalue', arguments
);
153 return (v
== 'tcpudp') ? 'tcp udp' : v
;
156 o
= s
.taboption('general', widgets
.ZoneSelect
, 'src', _('Source zone'));
162 o
= s
.taboption('advanced', form
.Value
, 'src_mac', _('Source MAC address'),
163 _('Only match incoming traffic from these MACs.'));
166 o
.datatype
= 'neg(macaddr)';
167 o
.placeholder
= E('em', _('any'));
168 L
.sortedKeys(hosts
).forEach(function(mac
) {
169 o
.value(mac
, '%s (%s)'.format(
171 hosts
[mac
].name
|| hosts
[mac
].ipv4
|| hosts
[mac
].ipv6
|| '?'
175 o
= s
.taboption('advanced', form
.Value
, 'src_ip', _('Source IP address'),
176 _('Only match incoming traffic from this IP or range.'));
179 o
.datatype
= 'neg(ipmask4)';
180 o
.placeholder
= E('em', _('any'));
181 L
.sortedKeys(hosts
, 'ipv4', 'addr').forEach(function(mac
) {
182 o
.value(hosts
[mac
].ipv4
, '%s (%s)'.format(
184 hosts
[mac
].name
|| mac
188 o
= s
.taboption('advanced', form
.Value
, 'src_port', _('Source port'),
189 _('Only match incoming traffic originating from the given source port or port range on the client host'));
192 o
.datatype
= 'neg(portrange)';
193 o
.placeholder
= _('any');
194 o
.depends('proto', 'tcp');
195 o
.depends('proto', 'udp');
196 o
.depends('proto', 'tcp udp');
197 o
.depends('proto', 'tcpudp');
199 o
= s
.taboption('advanced', form
.Value
, 'src_dip', _('External IP address'),
200 _('Only match incoming traffic directed at the given IP address.'));
203 o
.datatype
= 'neg(ipmask4)';
204 o
.placeholder
= E('em', _('any'));
205 L
.sortedKeys(hosts
, 'ipv4', 'addr').forEach(function(mac
) {
206 o
.value(hosts
[mac
].ipv4
, '%s (%s)'.format(
208 hosts
[mac
].name
|| mac
212 o
= s
.taboption('general', form
.Value
, 'src_dport', _('External port'),
213 _('Match incoming traffic directed at the given destination port or port range on this host'));
216 o
.datatype
= 'neg(portrange)';
217 o
.depends('proto', 'tcp');
218 o
.depends('proto', 'udp');
219 o
.depends('proto', 'tcp udp');
220 o
.depends('proto', 'tcpudp');
222 o
= s
.taboption('general', widgets
.ZoneSelect
, 'dest', _('Internal zone'));
228 o
= s
.taboption('general', form
.Value
, 'dest_ip', _('Internal IP address'),
229 _('Redirect matched incoming traffic to the specified internal host'));
232 o
.datatype
= 'ipmask4';
233 L
.sortedKeys(hosts
, 'ipv4', 'addr').forEach(function(mac
) {
234 o
.value(hosts
[mac
].ipv4
, '%s (%s)'.format(
236 hosts
[mac
].name
|| mac
240 o
= s
.taboption('general', form
.Value
, 'dest_port', _('Internal port'),
241 _('Redirect matched incoming traffic to the given port on the internal host'));
244 o
.placeholder
= _('any');
245 o
.datatype
= 'portrange';
246 o
.depends('proto', 'tcp');
247 o
.depends('proto', 'udp');
248 o
.depends('proto', 'tcp udp');
249 o
.depends('proto', 'tcpudp');
251 o
= s
.taboption('advanced', form
.Flag
, 'reflection', _('Enable NAT Loopback'));
254 o
.default = o
.enabled
;
256 o
= s
.taboption('advanced', form
.Value
, 'extra', _('Extra arguments'),
257 _('Passes additional arguments to iptables. Use with care!'));