2019-06-13 13:23:26 +00:00
'use strict' ;
'require ui' ;
'require rpc' ;
'require uci' ;
'require form' ;
'require tools.firewall as fwtool' ;
'require tools.widgets as widgets' ;
function fmt ( fmt /*, ...*/ ) {
var repl = [ ] , wrap = false ;
for ( var i = 1 ; i < arguments . length ; i ++ ) {
if ( L . dom . elem ( arguments [ i ] ) ) {
switch ( arguments [ i ] . nodeType ) {
case 1 :
repl . push ( arguments [ i ] . outerHTML ) ;
wrap = true ;
break ;
case 3 :
repl . push ( arguments [ i ] . data ) ;
break ;
case 11 :
var span = E ( 'span' ) ;
span . appendChild ( arguments [ i ] ) ;
repl . push ( span . innerHTML ) ;
wrap = true ;
break ;
default :
repl . push ( '' ) ;
else {
repl . push ( arguments [ i ] ) ;
var rv = fmt . format . apply ( fmt , repl ) ;
return wrap ? E ( 'span' , rv ) : rv ;
function forward _proto _txt ( s ) {
2019-07-17 16:19:45 +00:00
return fmt ( '%s-%s' ,
fwtool . fmt _family ( uci . get ( 'firewall' , s , 'family' ) ) ,
2019-06-13 13:23:26 +00:00
fwtool . fmt _proto ( uci . get ( 'firewall' , s , 'proto' ) ,
uci . get ( 'firewall' , s , 'icmp_type' ) ) || 'TCP+UDP' ) ;
function rule _src _txt ( s ) {
var z = fwtool . fmt _zone ( uci . get ( 'firewall' , s , 'src' ) ) ,
p = fwtool . fmt _port ( uci . get ( 'firewall' , s , 'src_port' ) ) ,
m = fwtool . fmt _mac ( uci . get ( 'firewall' , s , 'src_mac' ) ) ;
// Forward/Input
if ( z ) {
var a = fwtool . fmt _ip ( uci . get ( 'firewall' , s , 'src_ip' ) , _ ( 'any host' ) ) ;
if ( p && m )
return fmt ( _ ( 'From %s in %s with source %s and %s' ) , a , z , p , m ) ;
else if ( p || m )
return fmt ( _ ( 'From %s in %s with source %s' ) , a , z , p || m ) ;
return fmt ( _ ( 'From %s in %s' ) , a , z ) ;
// Output
else {
var a = fwtool . fmt _ip ( uci . get ( 'firewall' , s , 'src_ip' ) , _ ( 'any router IP' ) ) ;
if ( p && m )
return fmt ( _ ( 'From %s on <var>this device</var> with source %s and %s' ) , a , p , m ) ;
else if ( p || m )
return fmt ( _ ( 'From %s on <var>this device</var> with source %s' ) , a , p || m ) ;
return fmt ( _ ( 'From %s on <var>this device</var>' ) , a ) ;
function rule _dest _txt ( s ) {
var z = fwtool . fmt _zone ( uci . get ( 'firewall' , s , 'dest' ) ) ,
p = fwtool . fmt _port ( uci . get ( 'firewall' , s , 'dest_port' ) ) ;
// Forward
if ( z ) {
var a = fwtool . fmt _ip ( uci . get ( 'firewall' , s , 'dest_ip' ) , _ ( 'any host' ) ) ;
if ( p )
return fmt ( _ ( 'To %s, %s in %s' ) , a , p , z ) ;
return fmt ( _ ( 'To %s in %s' ) , a , z ) ;
// Input
else {
var a = fwtool . fmt _ip ( uci . get ( 'firewall' , s , 'dest_ip' ) , _ ( 'any router IP' ) ) ;
if ( p )
return fmt ( _ ( 'To %s at %s on <var>this device</var>' ) , a , p ) ;
return fmt ( _ ( 'To %s on <var>this device</var>' ) , a ) ;
function rule _target _txt ( s ) {
var t = fwtool . fmt _target ( uci . get ( 'firewall' , s , 'target' ) , uci . get ( 'firewall' , s , 'src' ) , uci . get ( 'firewall' , s , 'dest' ) ) ,
l = fwtool . fmt _limit ( uci . get ( 'firewall' , s , 'limit' ) , uci . get ( 'firewall' , s , 'limit_burst' ) ) ;
if ( l )
return fmt ( _ ( '<var>%s</var> and limit to %s' ) , t , l ) ;
return fmt ( '<var>%s</var>' , t ) ;
2019-12-30 13:50:43 +00:00
function update _ip _hints ( map , section _id , family , hosts ) {
var elem _src _ip = map . lookupOption ( 'src_ip' , section _id ) [ 0 ] . getUIElement ( section _id ) ,
elem _dst _ip = map . lookupOption ( 'dest_ip' , section _id ) [ 0 ] . getUIElement ( section _id ) ,
choice _values = [ ] , choice _labels = { } ;
elem _src _ip . clearChoices ( ) ;
elem _dst _ip . clearChoices ( ) ;
if ( ! family || family == 'ipv4' ) {
L . sortedKeys ( hosts , 'ipv4' , 'addr' ) . forEach ( function ( mac ) {
var val = hosts [ mac ] . ipv4 ,
txt = '%s (<strong>%s</strong>)' . format ( val , hosts [ mac ] . name || mac ) ;
choice _values . push ( val ) ;
choice _labels [ val ] = txt ;
} ) ;
if ( ! family || family == 'ipv6' ) {
L . sortedKeys ( hosts , 'ipv6' , 'addr' ) . forEach ( function ( mac ) {
var val = hosts [ mac ] . ipv6 ,
txt = '%s (<strong>%s</strong>)' . format ( val , hosts [ mac ] . name || mac ) ;
choice _values . push ( val ) ;
choice _labels [ val ] = txt ;
} ) ;
elem _src _ip . addChoices ( choice _values , choice _labels ) ;
elem _dst _ip . addChoices ( choice _values , choice _labels ) ;
2019-06-13 13:23:26 +00:00
return L . view . extend ( {
callHostHints : rpc . declare ( {
2019-10-31 13:37:07 +00:00
object : 'luci-rpc' ,
2019-08-14 15:07:55 +00:00
method : 'getHostHints' ,
expect : { '' : { } }
2019-06-13 13:23:26 +00:00
} ) ,
2020-01-16 15:12:38 +00:00
callConntrackHelpers : rpc . declare ( {
object : 'luci' ,
method : 'getConntrackHelpers' ,
expect : { result : [ ] }
} ) ,
2019-06-13 13:23:26 +00:00
load : function ( ) {
2020-01-16 15:12:38 +00:00
return Promise . all ( [
this . callHostHints ( ) ,
this . callConntrackHelpers ( )
] ) ;
2019-06-13 13:23:26 +00:00
} ,
2020-01-16 15:12:38 +00:00
render : function ( data ) {
var hosts = data [ 0 ] ,
ctHelpers = data [ 1 ] ,
m , s , o ;
2019-06-13 13:23:26 +00:00
m = new form . Map ( 'firewall' , _ ( 'Firewall - Traffic Rules' ) ,
_ ( 'Traffic rules define policies for packets traveling between different zones, for example to reject traffic between certain hosts or to open WAN ports on the router.' ) ) ;
s = m . section ( form . GridSection , 'rule' , _ ( 'Traffic Rules' ) ) ;
s . addremove = true ;
s . anonymous = true ;
s . sortable = true ;
s . tab ( 'general' , _ ( 'General Settings' ) ) ;
s . tab ( 'advanced' , _ ( 'Advanced Settings' ) ) ;
s . tab ( 'timed' , _ ( 'Time Restrictions' ) ) ;
s . filter = function ( section _id ) {
return ( uci . get ( 'firewall' , section _id , 'target' ) != 'SNAT' ) ;
} ;
s . sectiontitle = function ( section _id ) {
return uci . get ( 'firewall' , section _id , 'name' ) || _ ( 'Unnamed rule' ) ;
} ;
2019-07-21 09:12:13 +00:00
s . handleAdd = function ( ev ) {
var config _name = this . uciconfig || this . map . config ,
section _id = uci . add ( config _name , this . sectiontype ) ,
opt1 , opt2 ;
for ( var i = 0 ; i < this . children . length ; i ++ )
if ( this . children [ i ] . option == 'src' )
opt1 = this . children [ i ] ;
else if ( this . children [ i ] . option == 'dest' )
opt2 = this . children [ i ] ;
opt1 . default = 'wan' ;
opt2 . default = 'lan' ;
this . addedSection = section _id ;
this . renderMoreOptionsModal ( section _id ) ;
delete opt1 . default ;
delete opt2 . default ;
} ;
2019-06-13 13:23:26 +00:00
o = s . taboption ( 'general' , form . Value , 'name' , _ ( 'Name' ) ) ;
o . placeholder = _ ( 'Unnamed rule' ) ;
o . modalonly = true ;
o = s . option ( form . DummyValue , '_match' , _ ( 'Match' ) ) ;
o . modalonly = false ;
o . textvalue = function ( s ) {
return E ( 'small' , [
forward _proto _txt ( s ) , E ( 'br' ) ,
rule _src _txt ( s ) , E ( 'br' ) ,
rule _dest _txt ( s )
] ) ;
} ;
o = s . option ( form . ListValue , '_target' , _ ( 'Action' ) ) ;
o . modalonly = false ;
o . textvalue = function ( s ) {
return rule _target _txt ( s ) ;
} ;
o = s . option ( form . Flag , 'enabled' , _ ( 'Enable' ) ) ;
o . modalonly = false ;
o . default = o . enabled ;
o . editable = true ;
2020-01-16 14:29:54 +00:00
o = s . taboption ( 'advanced' , form . ListValue , 'direction' , _ ( 'Match device' ) ) ;
o . modalonly = true ;
o . value ( '' , _ ( 'unspecified' ) ) ;
o . value ( 'in' , _ ( 'Inbound device' ) ) ;
o . value ( 'out' , _ ( 'Outbound device' ) ) ;
o . cfgvalue = function ( section _id ) {
var val = uci . get ( 'firewall' , section _id , 'direction' ) ;
switch ( val ) {
case 'in' :
case 'ingress' :
return 'in' ;
case 'out' :
case 'egress' :
return 'out' ;
return null ;
} ;
o = s . taboption ( 'advanced' , widgets . DeviceSelect , 'device' , _ ( 'Device name' ) ,
_ ( 'Specifies whether to tie this traffic rule to a specific inbound or outbound network device.' ) ) ;
o . modalonly = true ;
o . noaliases = true ;
o . rmempty = false ;
o . depends ( 'direction' , 'in' ) ;
o . depends ( 'direction' , 'out' ) ;
2019-06-13 13:23:26 +00:00
o = s . taboption ( 'advanced' , form . ListValue , 'family' , _ ( 'Restrict to address family' ) ) ;
o . modalonly = true ;
o . rmempty = true ;
o . value ( '' , _ ( 'IPv4 and IPv6' ) ) ;
o . value ( 'ipv4' , _ ( 'IPv4 only' ) ) ;
o . value ( 'ipv6' , _ ( 'IPv6 only' ) ) ;
2019-12-30 13:50:43 +00:00
o . validate = function ( section _id , value ) {
update _ip _hints ( this . map , section _id , value , hosts ) ;
return true ;
} ;
2019-06-13 13:23:26 +00:00
o = s . taboption ( 'general' , form . Value , 'proto' , _ ( 'Protocol' ) ) ;
o . modalonly = true ;
o . default = 'tcp udp' ;
o . value ( 'all' , _ ( 'Any' ) ) ;
o . value ( 'tcp udp' , 'TCP+UDP' ) ;
o . value ( 'tcp' , 'TCP' ) ;
o . value ( 'udp' , 'UDP' ) ;
o . value ( 'icmp' , 'ICMP' ) ;
o . cfgvalue = function ( /* ... */ ) {
var v = this . super ( 'cfgvalue' , arguments ) ;
return ( v == 'tcpudp' ) ? 'tcp udp' : v ;
} ;
o = s . taboption ( 'advanced' , form . MultiValue , 'icmp_type' , _ ( 'Match ICMP type' ) ) ;
o . modalonly = true ;
o . multiple = true ;
o . custom = true ;
o . cast = 'table' ;
o . placeholder = _ ( 'any' ) ;
o . value ( '' , 'any' ) ;
2019-08-11 06:13:15 +00:00
o . value ( 'address-mask-reply' ) ;
o . value ( 'address-mask-request' ) ;
o . value ( 'communication-prohibited' ) ;
2019-06-13 13:23:26 +00:00
o . value ( 'destination-unreachable' ) ;
2019-08-11 06:13:15 +00:00
o . value ( 'echo-reply' ) ;
o . value ( 'echo-request' ) ;
2019-06-13 13:23:26 +00:00
o . value ( 'fragmentation-needed' ) ;
2019-08-11 06:13:15 +00:00
o . value ( 'host-precedence-violation' ) ;
o . value ( 'host-prohibited' ) ;
o . value ( 'host-redirect' ) ;
2019-06-13 13:23:26 +00:00
o . value ( 'host-unknown' ) ;
2019-08-11 06:13:15 +00:00
o . value ( 'host-unreachable' ) ;
o . value ( 'ip-header-bad' ) ;
o . value ( 'neighbour-advertisement' ) ;
o . value ( 'neighbour-solicitation' ) ;
2019-06-13 13:23:26 +00:00
o . value ( 'network-prohibited' ) ;
2019-08-11 06:13:15 +00:00
o . value ( 'network-redirect' ) ;
o . value ( 'network-unknown' ) ;
o . value ( 'network-unreachable' ) ;
o . value ( 'parameter-problem' ) ;
o . value ( 'port-unreachable' ) ;
2019-06-13 13:23:26 +00:00
o . value ( 'precedence-cutoff' ) ;
2019-08-11 06:13:15 +00:00
o . value ( 'protocol-unreachable' ) ;
2019-06-13 13:23:26 +00:00
o . value ( 'redirect' ) ;
2019-08-11 06:13:15 +00:00
o . value ( 'required-option-missing' ) ;
2019-06-13 13:23:26 +00:00
o . value ( 'router-advertisement' ) ;
o . value ( 'router-solicitation' ) ;
2019-08-11 06:13:15 +00:00
o . value ( 'source-quench' ) ;
o . value ( 'source-route-failed' ) ;
2019-06-13 13:23:26 +00:00
o . value ( 'time-exceeded' ) ;
o . value ( 'timestamp-reply' ) ;
2019-08-11 06:13:15 +00:00
o . value ( 'timestamp-request' ) ;
o . value ( 'TOS-host-redirect' ) ;
o . value ( 'TOS-host-unreachable' ) ;
o . value ( 'TOS-network-redirect' ) ;
o . value ( 'TOS-network-unreachable' ) ;
o . value ( 'ttl-zero-during-reassembly' ) ;
o . value ( 'ttl-zero-during-transit' ) ;
2019-06-13 13:23:26 +00:00
o . depends ( 'proto' , 'icmp' ) ;
o = s . taboption ( 'general' , widgets . ZoneSelect , 'src' , _ ( 'Source zone' ) ) ;
o . modalonly = true ;
o . nocreate = true ;
o . allowany = true ;
o . allowlocal = 'src' ;
o = s . taboption ( 'advanced' , form . Value , 'src_mac' , _ ( 'Source MAC address' ) ) ;
o . modalonly = true ;
o . datatype = 'list(macaddr)' ;
o . placeholder = _ ( 'any' ) ;
2019-07-07 18:11:35 +00:00
L . sortedKeys ( hosts ) . forEach ( function ( mac ) {
2019-06-13 13:23:26 +00:00
o . value ( mac , '%s (%s)' . format (
mac ,
hosts [ mac ] . name || hosts [ mac ] . ipv4 || hosts [ mac ] . ipv6 || '?'
) ) ;
} ) ;
o = s . taboption ( 'general' , form . Value , 'src_ip' , _ ( 'Source address' ) ) ;
o . modalonly = true ;
o . datatype = 'list(neg(ipmask))' ;
o . placeholder = _ ( 'any' ) ;
2019-12-30 13:50:43 +00:00
o . transformChoices = function ( ) { return { } } ; /* force combobox rendering */
2019-06-13 13:23:26 +00:00
o = s . taboption ( 'general' , form . Value , 'src_port' , _ ( 'Source port' ) ) ;
o . modalonly = true ;
o . datatype = 'list(neg(portrange))' ;
o . placeholder = _ ( 'any' ) ;
o . depends ( 'proto' , 'tcp' ) ;
o . depends ( 'proto' , 'udp' ) ;
o . depends ( 'proto' , 'tcp udp' ) ;
o . depends ( 'proto' , 'tcpudp' ) ;
2019-07-21 09:12:13 +00:00
o = s . taboption ( 'general' , widgets . ZoneSelect , 'dest' , _ ( 'Destination zone' ) ) ;
2019-06-13 13:23:26 +00:00
o . modalonly = true ;
o . nocreate = true ;
o . allowany = true ;
o . allowlocal = true ;
o = s . taboption ( 'general' , form . Value , 'dest_ip' , _ ( 'Destination address' ) ) ;
o . modalonly = true ;
o . datatype = 'list(neg(ipmask))' ;
o . placeholder = _ ( 'any' ) ;
2019-12-30 13:50:43 +00:00
o . transformChoices = function ( ) { return { } } ; /* force combobox rendering */
2019-06-13 13:23:26 +00:00
o = s . taboption ( 'general' , form . Value , 'dest_port' , _ ( 'Destination port' ) ) ;
o . modalonly = true ;
o . datatype = 'list(neg(portrange))' ;
o . placeholder = _ ( 'any' ) ;
o . depends ( 'proto' , 'tcp' ) ;
o . depends ( 'proto' , 'udp' ) ;
o . depends ( 'proto' , 'tcp udp' ) ;
o . depends ( 'proto' , 'tcpudp' ) ;
o = s . taboption ( 'general' , form . ListValue , 'target' , _ ( 'Action' ) ) ;
o . modalonly = true ;
o . default = 'ACCEPT' ;
o . value ( 'DROP' , _ ( 'drop' ) ) ;
o . value ( 'ACCEPT' , _ ( 'accept' ) ) ;
o . value ( 'REJECT' , _ ( 'reject' ) ) ;
o . value ( 'NOTRACK' , _ ( "don't track" ) ) ;
2020-01-16 15:12:38 +00:00
o . value ( 'HELPER' , _ ( 'assign conntrack helper' ) ) ;
2020-01-16 19:34:34 +00:00
o . value ( 'MARK_SET' , _ ( 'apply firewall mark' ) ) ;
o . value ( 'MARK_XOR' , _ ( 'XOR firewall mark' ) ) ;
2020-01-16 20:00:46 +00:00
o . value ( 'DSCP' , _ ( 'DSCP classification' ) ) ;
2020-01-16 19:34:34 +00:00
o . cfgvalue = function ( section _id ) {
var t = uci . get ( 'firewall' , section _id , 'target' ) ,
m = uci . get ( 'firewall' , section _id , 'set_mark' ) ;
if ( t == 'MARK' )
return m ? 'MARK_SET' : 'MARK_XOR' ;
return t ;
} ;
o . write = function ( section _id , value ) {
return this . super ( 'write' , [ section _id , ( value == 'MARK_SET' || value == 'MARK_XOR' ) ? 'MARK' : value ] ) ;
} ;
o = s . taboption ( 'general' , form . Value , 'set_mark' , _ ( 'Set mark' ) , _ ( 'Set the given mark value on established connections. Format is value[/mask]. If a mask is specified then only those bits set in the mask are modified.' ) ) ;
o . modalonly = true ;
o . rmempty = false ;
o . depends ( 'target' , 'MARK_SET' ) ;
o . validate = function ( section _id , value ) {
var m = String ( value ) . match ( /^(0x[0-9a-f]{1,8}|[0-9]{1,10})(?:\/(0x[0-9a-f]{1,8}|[0-9]{1,10}))?$/i ) ;
if ( ! m || + m [ 1 ] > 0xffffffff || ( m [ 2 ] != null && + m [ 2 ] > 0xffffffff ) )
return _ ( 'Expecting: %s' ) . format ( _ ( 'valid firewall mark' ) ) ;
return true ;
} ;
o = s . taboption ( 'general' , form . Value , 'set_xmark' , _ ( 'XOR mark' ) , _ ( 'Apply a bitwise XOR of the given value and the existing mark value on established connections. Format is value[/mask]. If a mask is specified then those bits set in the mask are zeroed out.' ) ) ;
o . modalonly = true ;
o . rmempty = false ;
o . depends ( 'target' , 'MARK_XOR' ) ;
o . validate = function ( section _id , value ) {
var m = String ( value ) . match ( /^(0x[0-9a-f]{1,8}|[0-9]{1,10})(?:\/(0x[0-9a-f]{1,8}|[0-9]{1,10}))?$/i ) ;
if ( ! m || + m [ 1 ] > 0xffffffff || ( m [ 2 ] != null && + m [ 2 ] > 0xffffffff ) )
return _ ( 'Expecting: %s' ) . format ( _ ( 'valid firewall mark' ) ) ;
return true ;
} ;
2020-01-16 15:12:38 +00:00
2020-01-16 20:00:46 +00:00
o = s . taboption ( 'general' , form . Value , 'set_dhcp' , _ ( 'DSCP mark' ) , _ ( 'Apply the given DSCP class or value to established connections.' ) ) ;
o . modalonly = true ;
o . rmempty = false ;
o . depends ( 'target' , 'DSCP' ) ;
o . value ( 'CS0' ) ;
o . value ( 'CS1' ) ;
o . value ( 'CS2' ) ;
o . value ( 'CS3' ) ;
o . value ( 'CS4' ) ;
o . value ( 'CS5' ) ;
o . value ( 'CS6' ) ;
o . value ( 'CS7' ) ;
o . value ( 'BE' ) ;
o . value ( 'AF11' ) ;
o . value ( 'AF12' ) ;
o . value ( 'AF13' ) ;
o . value ( 'AF21' ) ;
o . value ( 'AF22' ) ;
o . value ( 'AF23' ) ;
o . value ( 'AF31' ) ;
o . value ( 'AF32' ) ;
o . value ( 'AF33' ) ;
o . value ( 'AF41' ) ;
o . value ( 'AF42' ) ;
o . value ( 'AF43' ) ;
o . value ( 'EF' ) ;
o . validate = function ( section _id , value ) {
if ( value == '' )
return _ ( 'DSCP mark required' ) ;
var m = String ( value ) . match ( /^(?:CS[0-7]|BE|AF[1234][123]|EF|(0x[0-9a-f]{1,2}|[0-9]{1,2}))$/ ) ;
if ( ! m || ( m [ 1 ] != null && + m [ 1 ] > 0x3f ) )
return _ ( 'Invalid DSCP mark' ) ;
return true ;
} ;
2020-01-16 15:12:38 +00:00
o = s . taboption ( 'general' , form . ListValue , 'set_helper' , _ ( 'Tracking helper' ) , _ ( 'Assign the specified connection tracking helper to matched traffic.' ) ) ;
o . modalonly = true ;
o . placeholder = _ ( 'any' ) ;
o . depends ( 'target' , 'HELPER' ) ;
for ( var i = 0 ; i < ctHelpers . length ; i ++ )
o . value ( ctHelpers [ i ] . name , '%s (%s)' . format ( ctHelpers [ i ] . description , ctHelpers [ i ] . name . toUpperCase ( ) ) ) ;
o = s . taboption ( 'advanced' , form . Value , 'helper' , _ ( 'Match helper' ) , _ ( 'Match traffic using the specified connection tracking helper.' ) ) ;
o . modalonly = true ;
o . placeholder = _ ( 'any' ) ;
for ( var i = 0 ; i < ctHelpers . length ; i ++ )
o . value ( ctHelpers [ i ] . name , '%s (%s)' . format ( ctHelpers [ i ] . description , ctHelpers [ i ] . name . toUpperCase ( ) ) ) ;
o . validate = function ( section _id , value ) {
if ( value == '' || value == null )
return true ;
value = value . replace ( /^!\s*/ , '' ) ;
for ( var i = 0 ; i < ctHelpers . length ; i ++ )
if ( value == ctHelpers [ i ] . name )
return true ;
return _ ( 'Unknown or not installed conntrack helper "%s"' ) . format ( value ) ;
} ;
2019-06-13 13:23:26 +00:00
2020-01-16 19:34:34 +00:00
o = s . taboption ( 'advanced' , form . Value , 'mark' , _ ( 'Match mark' ) ,
_ ( 'Matches a specific firewall mark or a range of different marks.' ) ) ;
o . modalonly = true ;
o . rmempty = true ;
o . validate = function ( section _id , value ) {
if ( value == '' )
return true ;
var m = String ( value ) . match ( /^(?:!\s*)?(0x[0-9a-f]{1,8}|[0-9]{1,10})(?:\/(0x[0-9a-f]{1,8}|[0-9]{1,10}))?$/i ) ;
if ( ! m || + m [ 1 ] > 0xffffffff || ( m [ 2 ] != null && + m [ 2 ] > 0xffffffff ) )
return _ ( 'Expecting: %s' ) . format ( _ ( 'valid firewall mark' ) ) ;
return true ;
} ;
2020-01-16 20:00:46 +00:00
o = s . taboption ( 'advanced' , form . Value , 'dscp' , _ ( 'Match DSCP' ) ,
_ ( 'Matches traffic carrying the specified DSCP marking.' ) ) ;
o . modalonly = true ;
o . rmempty = true ;
o . placeholder = _ ( 'any' ) ;
o . value ( 'CS0' ) ;
o . value ( 'CS1' ) ;
o . value ( 'CS2' ) ;
o . value ( 'CS3' ) ;
o . value ( 'CS4' ) ;
o . value ( 'CS5' ) ;
o . value ( 'CS6' ) ;
o . value ( 'CS7' ) ;
o . value ( 'BE' ) ;
o . value ( 'AF11' ) ;
o . value ( 'AF12' ) ;
o . value ( 'AF13' ) ;
o . value ( 'AF21' ) ;
o . value ( 'AF22' ) ;
o . value ( 'AF23' ) ;
o . value ( 'AF31' ) ;
o . value ( 'AF32' ) ;
o . value ( 'AF33' ) ;
o . value ( 'AF41' ) ;
o . value ( 'AF42' ) ;
o . value ( 'AF43' ) ;
o . value ( 'EF' ) ;
o . validate = function ( section _id , value ) {
if ( value == '' )
return true ;
value = String ( value ) . replace ( /^!\s*/ , '' ) ;
var m = value . match ( /^(?:CS[0-7]|BE|AF[1234][123]|EF|(0x[0-9a-f]{1,2}|[0-9]{1,2}))$/ ) ;
if ( ! m || + m [ 1 ] > 0xffffffff || ( m [ 2 ] != null && + m [ 2 ] > 0xffffffff ) )
return _ ( 'Invalid DSCP mark' ) ;
return true ;
} ;
2020-01-16 20:36:39 +00:00
o = s . taboption ( 'advanced' , form . Value , 'limit' , _ ( 'Limit matching' ) ,
_ ( 'Limits traffic matching to the specified rate.' ) ) ;
o . modalonly = true ;
o . rmempty = true ;
o . placeholder = _ ( 'unlimited' ) ;
o . value ( '10/second' ) ;
o . value ( '60/minute' ) ;
o . value ( '3/hour' ) ;
o . value ( '500/day' ) ;
o . validate = function ( section _id , value ) {
if ( value == '' )
return true ;
var m = String ( value ) . toLowerCase ( ) . match ( /^(?:0x[0-9a-f]{1,8}|[0-9]{1,10})\/([a-z]+)$/ ) ,
u = [ 'second' , 'minute' , 'hour' , 'day' ] ,
i = 0 ;
if ( m )
for ( i = 0 ; i < u . length ; i ++ )
if ( u [ i ] . indexOf ( m [ 1 ] ) == 0 )
break ;
if ( ! m || i >= u . length )
return _ ( 'Invalid limit value' ) ;
return true ;
} ;
o = s . taboption ( 'advanced' , form . Value , 'limit_burst' , _ ( 'Limit burst' ) ,
_ ( 'Maximum initial number of packets to match: this number gets recharged by one every time the limit specified above is not reached, up to this number.' ) ) ;
o . modalonly = true ;
o . rmempty = true ;
o . placeholder = '5' ;
o . datatype = 'uinteger' ;
o . depends ( { limit : null , '!reverse' : true } ) ;
2019-06-13 13:23:26 +00:00
o = s . taboption ( 'advanced' , form . Value , 'extra' , _ ( 'Extra arguments' ) ,
_ ( 'Passes additional arguments to iptables. Use with care!' ) ) ;
o . modalonly = true ;
o = s . taboption ( 'timed' , form . MultiValue , 'weekdays' , _ ( 'Week Days' ) ) ;
o . modalonly = true ;
o . multiple = true ;
o . display = 5 ;
o . placeholder = _ ( 'Any day' ) ;
o . value ( 'Sun' , _ ( 'Sunday' ) ) ;
o . value ( 'Mon' , _ ( 'Monday' ) ) ;
o . value ( 'Tue' , _ ( 'Tuesday' ) ) ;
o . value ( 'Wed' , _ ( 'Wednesday' ) ) ;
o . value ( 'Thu' , _ ( 'Thursday' ) ) ;
o . value ( 'Fri' , _ ( 'Friday' ) ) ;
o . value ( 'Sat' , _ ( 'Saturday' ) ) ;
2019-12-29 23:08:17 +00:00
o . write = function ( section _id , value ) {
return this . super ( 'write' , [ section _id , L . toArray ( value ) . join ( ' ' ) ] ) ;
} ;
2019-06-13 13:23:26 +00:00
o = s . taboption ( 'timed' , form . MultiValue , 'monthdays' , _ ( 'Month Days' ) ) ;
o . modalonly = true ;
o . multiple = true ;
o . display _size = 15 ;
o . placeholder = _ ( 'Any day' ) ;
2019-12-29 23:08:17 +00:00
o . write = function ( section _id , value ) {
return this . super ( 'write' , [ section _id , L . toArray ( value ) . join ( ' ' ) ] ) ;
} ;
2019-06-13 13:23:26 +00:00
for ( var i = 1 ; i <= 31 ; i ++ )
o . value ( i ) ;
o = s . taboption ( 'timed' , form . Value , 'start_time' , _ ( 'Start Time (hh.mm.ss)' ) ) ;
o . modalonly = true ;
o . datatype = 'timehhmmss' ;
o = s . taboption ( 'timed' , form . Value , 'stop_time' , _ ( 'Stop Time (hh.mm.ss)' ) ) ;
o . modalonly = true ;
o . datatype = 'timehhmmss' ;
o = s . taboption ( 'timed' , form . Value , 'start_date' , _ ( 'Start Date (yyyy-mm-dd)' ) ) ;
o . modalonly = true ;
o . datatype = 'dateyyyymmdd' ;
o = s . taboption ( 'timed' , form . Value , 'stop_date' , _ ( 'Stop Date (yyyy-mm-dd)' ) ) ;
o . modalonly = true ;
o . datatype = 'dateyyyymmdd' ;
o = s . taboption ( 'timed' , form . Flag , 'utc_time' , _ ( 'Time in UTC' ) ) ;
o . modalonly = true ;
o . default = o . disabled ;
2019-07-21 09:12:13 +00:00
return m . render ( ) ;
2019-06-13 13:23:26 +00:00
} ) ;