Difuse/luci
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge r4225-r4229, r4232, r4234 and r4244

Browse source
This commit is contained in:
Jo-Philipp Wich 2009-02-17 17:59:02 +00:00
parent eae5ea40f6
commit 8208d68ff4
10 changed files with 502 additions and 128 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
applications/luci-statistics/root/etc/init.d/luci_statistics
View file

@ -18,14 +18,17 @@ start() {
ln -s ${imagepath:-/tmp/rrdimg}/ /www/rrdimg
fi
### flush LuCI index cache
test -f /var/luci-indexcache && rm /var/luci-indexcache
### flush LuCI index cache
test -f /var/luci-indexcache && rm /var/luci-indexcache
### workaround broken permissions on /tmp
chmod 1777 /tmp
}
restart() {
### regenerate config / prepare environment
start
### regenerate config / prepare environment
start
### restart collectd
/etc/init.d/collectd restart
### restart collectd
/etc/init.d/collectd restart
}

6
contrib/package/luci/Makefile
View file

@ -403,7 +403,11 @@ endef
define Package/luci-app-statistics
$(call Package/luci/webtemplate)
DEPENDS+=+luci-admin-full +PACKAGE_luci-app-statistics:collectd \
+PACKAGE_luci-app-statistics:collectd-mod-rrdtool1 +PACKAGE_luci-app-statistics:rrdtool1
+PACKAGE_luci-app-statistics:rrdtool1 \
+PACKAGE_luci-app-statistics:collectd-mod-rrdtool1 \
+PACKAGE_luci-app-statistics:collectd-mod-wireless \
+PACKAGE_luci-app-statistics:collectd-mod-interfaces \
+PACKAGE_luci-app-statistics:collectd-mod-load
TITLE:=LuCI Statistics Application
endef

65
i18n/english/luasrc/i18n/admin-core.en.lua
View file

@ -41,6 +41,65 @@ a_s_flash = 'Flash Firmware'
a_s_i_system1 = 'Change settings related to the system itself, its identification, installed hard- and software, authentication or mount points.'
a_s_i_system2 = 'These settings define the base of your system.'
a_s_i_system3 = 'Pay attention as any misconfiguration here may prevent your device from booting or may lock yourself out of it.'
a_s_if = 'Interfaces'
a_s_if_bridge = 'Bridge'
a_s_if_bridge_id = 'ID'
a_s_if_bridge_port = 'Bridge Port'
a_s_if_bridge_stp = 'STP'
a_s_if_device = 'Device'
a_s_if_ethbridge = 'Ethernet Bridge'
a_s_if_ethdev = 'Ethernet Adapter'
a_s_if_ethswitch = 'Ethernet Switch'
a_s_if_interface = 'Interface'
a_s_if_ipconfig = 'IP Configuration'
a_s_if_ipconfig_alias = 'Alias'
a_s_if_ipconfig_dhcp = 'DHCP assigned'
a_s_if_ipconfig_ipv6 = 'IPv6'
a_s_if_ipconfig_none = 'Not configured'
a_s_if_ipconfig_primary = 'Primary'
a_s_if_iwchannel = 'Channel'
a_s_if_iwmode = 'Mode'
a_s_if_iwmode_adhoc = 'Ad-Hoc'
a_s_if_iwmode_ahdemo = 'Pseudo Ad-Hoc'
a_s_if_iwmode_ap = 'Master'
a_s_if_iwmode_apwds = 'Master + WDS'
a_s_if_iwmode_sta = 'Client'
a_s_if_iwmode_stawds = 'Client + WDS'
a_s_if_iwmode_wds = 'WDS'
a_s_if_iwssid = 'SSID'
a_s_if_mac = 'MAC'
a_s_if_pkts = 'Pkts.'
a_s_if_status = 'Interface Status'
a_s_if_transfer = 'Transfer'
a_s_if_transfer_rx = 'RX'
a_s_if_transfer_tx = 'TX'
a_s_if_type = 'Type'
a_s_if_vlan = 'VLAN'
a_s_if_vlanports = 'Ports'
a_s_if_wifidev = 'Wireless Adapter'
a_s_ipt = 'Firewall'
a_s_ipt_actions = 'Actions'
a_s_ipt_bytes = 'Traffic'
a_s_ipt_chain = 'Chain'
a_s_ipt_destination = 'Destination'
a_s_ipt_flags = 'Flags'
a_s_ipt_inputif = 'In'
a_s_ipt_nochains = 'No chains in this table'
a_s_ipt_norules = 'No Rules in this chain'
a_s_ipt_options = 'Options'
a_s_ipt_outputif = 'Out'
a_s_ipt_packets = 'Packets'
a_s_ipt_pkts = 'Pkts.'
a_s_ipt_policy = 'Policy'
a_s_ipt_prot = 'Prot.'
a_s_ipt_references = 'References'
a_s_ipt_reset = 'Reset Counters'
a_s_ipt_restart = 'Restart Firewall'
a_s_ipt_rulenum = '#'
a_s_ipt_source = 'Source'
a_s_ipt_status = 'Firewall Status'
a_s_ipt_table = 'Table'
a_s_ipt_target = 'Target'
a_s_packages_do = 'Perform Actions'
a_s_packages_install = 'Install'
a_s_packages_installurl = 'Download and install package'
@ -224,7 +283,6 @@ network_interface_service = 'Service type'
network_interface_maxwait = 'Setup wait time'
network_interface_maxwait_desc = 'Seconds to wait for the modem to become ready before attempting to connect'
network_interface_encaps = 'PPPoA Encapsulation'
a_n_r_routes1 = 'Routes specify over which interface and gateway a certain host or network can be reached.'
a_n_routes_static = 'Static Routes'
a_n_routes_static4 = 'Static IPv4 Routes'
@ -324,6 +382,5 @@ hostnames = 'Hostnames'
hostnames_entries = 'Host entries'
hostnames_hostname = 'Hostname'
hostnames_address = 'IP address'
luci_components = "LuCI Components"
m_n_mssfix = "Clamp Segment Size"
m_n_mssfix_desc = "Fixes problems with unreachable websites, submitting forms or other unexpected behaviour for some ISPs."
m_n_mssfix = 'Clamp Segment Size'
m_n_mssfix_desc = 'Fixes problems with unreachable websites, submitting forms or other unexpected behaviour for some ISPs.'

65
i18n/english/luasrc/i18n/admin-core.en.xml
View file

@ -15,7 +15,7 @@
<i18n:msg xml:id="a_i_i_admin2"><abbr title="Lua Configuration Interface">LuCI</abbr> is a free, flexible, and user friendly graphical interface for configuring OpenWrt Kamikaze.</i18n:msg>
<i18n:msg xml:id="a_i_i_admin3">On the following pages you can adjust all important settings of your router.</i18n:msg>
<i18n:msg xml:id="a_i_i_admin4">Notice: In <abbr title="Lua Configuration Interface">LuCI</abbr> changes have to be confirmed by clicking Changes - Save &amp; Apply before being applied.</i18n:msg>
<i18n:msg xml:id="a_i_i_admin5">As we are always want to improve this interface we are looking forward to your feedback and suggestions.</i18n:msg>
<i18n:msg xml:id="a_i_i_admin5">As we always want to improve this interface we are looking forward to your feedback and suggestions.</i18n:msg>
<i18n:msg xml:id="a_i_i_admin6">And now have fun with your router!</i18n:msg>
<i18n:msg xml:id="a_i_i_team">The <abbr title="Lua Configuration Interface">LuCI</abbr> Team</i18n:msg>
<i18n:msg xml:id="a_i_luci1">Here you can customize the settings and the functionality of <abbr title="Lua Configuration Interface">LuCI</abbr>.</i18n:msg>
@ -45,6 +45,65 @@
<i18n:msg xml:id="a_s_i_system1">Change settings related to the system itself, its identification, installed hard- and software, authentication or mount points.</i18n:msg>
<i18n:msg xml:id="a_s_i_system2">These settings define the base of your system.</i18n:msg>
<i18n:msg xml:id="a_s_i_system3">Pay attention as any misconfiguration here may prevent your device from booting or may lock yourself out of it.</i18n:msg>
<i18n:msg xml:id="a_s_if">Interfaces</i18n:msg>
<i18n:msg xml:id="a_s_if_bridge">Bridge</i18n:msg>
<i18n:msg xml:id="a_s_if_bridge_id">ID</i18n:msg>
<i18n:msg xml:id="a_s_if_bridge_port">Bridge Port</i18n:msg>
<i18n:msg xml:id="a_s_if_bridge_stp">STP</i18n:msg>
<i18n:msg xml:id="a_s_if_device">Device</i18n:msg>
<i18n:msg xml:id="a_s_if_ethbridge">Ethernet Bridge</i18n:msg>
<i18n:msg xml:id="a_s_if_ethdev">Ethernet Adapter</i18n:msg>
<i18n:msg xml:id="a_s_if_ethswitch">Ethernet Switch</i18n:msg>
<i18n:msg xml:id="a_s_if_interface">Interface</i18n:msg>
<i18n:msg xml:id="a_s_if_ipconfig">IP Configuration</i18n:msg>
<i18n:msg xml:id="a_s_if_ipconfig_alias">Alias</i18n:msg>
<i18n:msg xml:id="a_s_if_ipconfig_dhcp">DHCP assigned</i18n:msg>
<i18n:msg xml:id="a_s_if_ipconfig_ipv6">IPv6</i18n:msg>
<i18n:msg xml:id="a_s_if_ipconfig_none">Not configured</i18n:msg>
<i18n:msg xml:id="a_s_if_ipconfig_primary">Primary</i18n:msg>
<i18n:msg xml:id="a_s_if_iwchannel">Channel</i18n:msg>
<i18n:msg xml:id="a_s_if_iwmode">Mode</i18n:msg>
<i18n:msg xml:id="a_s_if_iwmode_adhoc">Ad-Hoc</i18n:msg>
<i18n:msg xml:id="a_s_if_iwmode_ahdemo">Pseudo Ad-Hoc</i18n:msg>
<i18n:msg xml:id="a_s_if_iwmode_ap">Master</i18n:msg>
<i18n:msg xml:id="a_s_if_iwmode_apwds">Master + WDS</i18n:msg>
<i18n:msg xml:id="a_s_if_iwmode_sta">Client</i18n:msg>
<i18n:msg xml:id="a_s_if_iwmode_stawds">Client + WDS</i18n:msg>
<i18n:msg xml:id="a_s_if_iwmode_wds">WDS</i18n:msg>
<i18n:msg xml:id="a_s_if_iwssid">SSID</i18n:msg>
<i18n:msg xml:id="a_s_if_mac">MAC</i18n:msg>
<i18n:msg xml:id="a_s_if_pkts">Pkts.</i18n:msg>
<i18n:msg xml:id="a_s_if_status">Interface Status</i18n:msg>
<i18n:msg xml:id="a_s_if_transfer">Transfer</i18n:msg>
<i18n:msg xml:id="a_s_if_transfer_rx">RX</i18n:msg>
<i18n:msg xml:id="a_s_if_transfer_tx">TX</i18n:msg>
<i18n:msg xml:id="a_s_if_type">Type</i18n:msg>
<i18n:msg xml:id="a_s_if_vlan">VLAN</i18n:msg>
<i18n:msg xml:id="a_s_if_vlanports">Ports</i18n:msg>
<i18n:msg xml:id="a_s_if_wifidev">Wireless Adapter</i18n:msg>
<i18n:msg xml:id="a_s_ipt">Firewall</i18n:msg>
<i18n:msg xml:id="a_s_ipt_actions">Actions</i18n:msg>
<i18n:msg xml:id="a_s_ipt_bytes">Traffic</i18n:msg>
<i18n:msg xml:id="a_s_ipt_chain">Chain</i18n:msg>
<i18n:msg xml:id="a_s_ipt_destination">Destination</i18n:msg>
<i18n:msg xml:id="a_s_ipt_flags">Flags</i18n:msg>
<i18n:msg xml:id="a_s_ipt_inputif">In</i18n:msg>
<i18n:msg xml:id="a_s_ipt_nochains">No chains in this table</i18n:msg>
<i18n:msg xml:id="a_s_ipt_norules">No Rules in this chain</i18n:msg>
<i18n:msg xml:id="a_s_ipt_options">Options</i18n:msg>
<i18n:msg xml:id="a_s_ipt_outputif">Out</i18n:msg>
<i18n:msg xml:id="a_s_ipt_packets">Packets</i18n:msg>
<i18n:msg xml:id="a_s_ipt_pkts">Pkts.</i18n:msg>
<i18n:msg xml:id="a_s_ipt_policy">Policy</i18n:msg>
<i18n:msg xml:id="a_s_ipt_prot">Prot.</i18n:msg>
<i18n:msg xml:id="a_s_ipt_references">References</i18n:msg>
<i18n:msg xml:id="a_s_ipt_reset">Reset Counters</i18n:msg>
<i18n:msg xml:id="a_s_ipt_restart">Restart Firewall</i18n:msg>
<i18n:msg xml:id="a_s_ipt_rulenum">#</i18n:msg>
<i18n:msg xml:id="a_s_ipt_source">Source</i18n:msg>
<i18n:msg xml:id="a_s_ipt_status">Firewall Status</i18n:msg>
<i18n:msg xml:id="a_s_ipt_table">Table</i18n:msg>
<i18n:msg xml:id="a_s_ipt_target">Target</i18n:msg>
<i18n:msg xml:id="a_s_packages_do">Perform Actions</i18n:msg>
<i18n:msg xml:id="a_s_packages_install">Install</i18n:msg>
<i18n:msg xml:id="a_s_packages_installurl">Download and install package</i18n:msg>
@ -100,6 +159,10 @@
<i18n:msg xml:id="a_srv_http_authrealm1">The realm which will be displayed at the authentication prompt for protected pages.</i18n:msg>
<i18n:msg xml:id="a_srv_http_config1">defaults to <code>/etc/httpd.conf</code></i18n:msg>
<i18n:msg xml:id="a_srv_http_root">Document root</i18n:msg>
<i18n:msg xml:id="a_srv_http_keepalive">Enable Keep-Alive</i18n:msg>
<i18n:msg xml:id="a_srv_http_timeout">Connection timeout</i18n:msg>
<i18n:msg xml:id="a_srv_http_path">Plugin path</i18n:msg>
<i18n:msg xml:id="a_srv_lucittpd">A lightweight HTTP/1.1 webserver written in C and Lua designed to serve LuCI</i18n:msg>
<i18n:msg xml:id="a_srv_dropbear1">Dropbear offers <abbr title="Secure Shell">SSH</abbr> network shell access and an integrated <abbr title="Secure Copy">SCP</abbr> server</i18n:msg>
<i18n:msg xml:id="a_srv_d_pwauth">Password authentication</i18n:msg>
<i18n:msg xml:id="a_srv_d_pwauth1">Allow <abbr title="Secure Shell">SSH</abbr> password authentication</i18n:msg>

2
i18n/english/luasrc/i18n/wifi.en.xml
View file

@ -37,7 +37,7 @@
<i18n:msg xml:id="wifi_xr">XR Support</i18n:msg>
<i18n:msg xml:id="wifi_ar">AR Support</i18n:msg>
<i18n:msg xml:id="wifi_nosbeacon">Disable HW-Beacon timer</i18n:msg>
<i18n:msg xml:id="wifi_noprobereq">Don not send probe responses</i18n:msg>
<i18n:msg xml:id="wifi_noprobereq">Do not send probe responses</i18n:msg>
<i18n:msg xml:id="wifi_wpareq">WPA-Encryption requires wpa_supplicant (for client mode) or hostapd (for AP and ad-hoc mode) to be installed.</i18n:msg>

298
libs/sys/luasrc/sys/iptparser.lua
View file

@ -1,7 +1,8 @@
--[[
LuCI - Iptables parser and query library
Copyright 2008 Jo-Philipp Wich <freifunk@wwsnet.net>
Iptables parser and query library
(c) 2008-2009 Jo-Philipp Wich <xm@leipzig.freifunk.net>
(c) 2008-2009 Steven Barth <steven@midlink.org>
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -9,146 +10,181 @@ You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
$Id$
]]--
module("luci.sys.iptparser", package.seeall)
require("luci.util")
local luci = {}
luci.util = require "luci.util"
luci.sys = require "luci.sys"
luci.ip = require "luci.ip"
local tonumber, ipairs = tonumber, ipairs
--- LuCI iptables parser and query library
-- @cstyle instance
module("luci.sys.iptparser")
--- Create a new iptables parser object.
-- @class function
-- @name IptParser
-- @return IptParser instance
IptParser = luci.util.class()
--[[
IptParser.__init__( ... )
The class constructor, initializes the internal lookup table.
]]--
function IptParser.__init__( self, ... )
self._rules = { }
self._chain = nil
self._rules = { }
self._chains = { }
self:_parse_rules()
end
--[[
IptParser.find( args )
Find all firewall rules that match the given criteria. Expects a table with search criteria as only argument.
If args is nil or an empty table then all rules will be returned.
The following keys in the args table are recognized:
- table Match rules that are located within the given table
- chain Match rules that are located within the given chain
- target Match rules with the given target
- protocol Match rules that match the given protocol, rules with protocol "all" are always matched
- source Match rules with the given source, rules with source "0.0.0.0/0" are always matched
- destination Match rules with the given destination, rules with destination "0.0.0.0/0" are always matched
- inputif Match rules with the given input interface, rules with input interface "*" (=all) are always matched
- outputif Match rules with the given output interface, rules with output interface "*" (=all) are always matched
- flags Match rules that match the given flags, current supported values are "-f" (--fragment) and "!f" (! --fragment)
- options Match rules containing all given options
The return value is a list of tables representing the matched rules.
Each rule table contains the following fields:
- index The index number of the rule
- table The table where the rule is located, can be one of "filter", "nat" or "mangle"
- chain The chain where the rule is located, e.g. "INPUT" or "postrouting_wan"
- target The rule target, e.g. "REJECT" or "DROP"
- protocol The matching protocols, e.g. "all" or "tcp"
- flags Special rule options ("--", "-f" or "!f")
- inputif Input interface of the rule, e.g. "eth0.0" or "*" for all interfaces
- outputif Output interface of the rule, e.g. "eth0.0" or "*" for all interfaces
- source The source ip range, e.g. "0.0.0.0/0"
- destination The destination ip range, e.g. "0.0.0.0/0"
- options A list of specific options of the rule, e.g. { "reject-with", "tcp-reset" }
- packets The number of packets matched by the rule
- bytes The number of total bytes matched by the rule
Example:
ip = luci.sys.iptparser.IptParser()
result = ip.find( {
target="REJECT",
protocol="tcp",
options={ "reject-with", "tcp-reset" }
} )
This will match all rules with target "-j REJECT", protocol "-p tcp" (or "-p all") and the option "--reject-with tcp-reset".
]]--
--- Find all firewall rules that match the given criteria. Expects a table with
-- search criteria as only argument. If args is nil or an empty table then all
-- rules will be returned.
--
-- The following keys in the args table are recognized:
-- <ul>
-- <li> table - Match rules that are located within the given table
-- <li> chain - Match rules that are located within the given chain
-- <li> target - Match rules with the given target
-- <li> protocol - Match rules that match the given protocol, rules with
-- protocol "all" are always matched
-- <li> source - Match rules with the given source, rules with source
-- "0.0.0.0/0" are always matched
-- <li> destination - Match rules with the given destination, rules with
-- destination "0.0.0.0/0" are always matched
-- <li> inputif - Match rules with the given input interface, rules
-- with input interface "*" (=all) are always matched
-- <li> outputif - Match rules with the given output interface, rules
-- with output interface "*" (=all) are always matched
-- <li> flags - Match rules that match the given flags, current
-- supported values are "-f" (--fragment)
-- and "!f" (! --fragment)
-- <li> options - Match rules containing all given options
-- </ul>
-- The return value is a list of tables representing the matched rules.
-- Each rule table contains the following fields:
-- <ul>
-- <li> index - The index number of the rule
-- <li> table - The table where the rule is located, can be one
-- of "filter", "nat" or "mangle"
-- <li> chain - The chain where the rule is located, e.g. "INPUT"
-- or "postrouting_wan"
-- <li> target - The rule target, e.g. "REJECT" or "DROP"
-- <li> protocol The matching protocols, e.g. "all" or "tcp"
-- <li> flags - Special rule options ("--", "-f" or "!f")
-- <li> inputif - Input interface of the rule, e.g. "eth0.0"
-- or "*" for all interfaces
-- <li> outputif - Output interface of the rule,e.g. "eth0.0"
-- or "*" for all interfaces
-- <li> source - The source ip range, e.g. "0.0.0.0/0"
-- <li> destination - The destination ip range, e.g. "0.0.0.0/0"
-- <li> options - A list of specific options of the rule,
-- e.g. { "reject-with", "tcp-reset" }
-- <li> packets - The number of packets matched by the rule
-- <li> bytes - The number of total bytes matched by the rule
-- </ul>
-- Example:
-- <pre>
-- ip = luci.sys.iptparser.IptParser()
-- result = ip.find( {
-- target="REJECT",
-- protocol="tcp",
-- options={ "reject-with", "tcp-reset" }
-- } )
-- </pre>
-- This will match all rules with target "-j REJECT",
-- protocol "-p tcp" (or "-p all")
-- and the option "--reject-with tcp-reset".
-- @params args Table containing the search arguments (optional)
-- @return Table of matching rule tables
function IptParser.find( self, args )
local args = args or { }
local rv = { }
args.source = args.source and luci.ip.IPv4(args.source)
args.destination = args.destination and luci.ip.IPv4(args.destination)
for i, rule in ipairs(self._rules) do
local match = true
-- match table
if not ( not args.table or args.table == rule.table ) then
if not ( not args.table or args.table:lower() == rule.table ) then
match = false
end
-- match chain
if not ( match == true and ( not args.chain or args.chain == rule.chain ) ) then
if not ( match == true and (
not args.chain or args.chain == rule.chain
) ) then
match = false
end
-- match target
if not ( match == true and ( not args.target or args.target == rule.target ) ) then
if not ( match == true and (
not args.target or args.target:upper() == rule.target
) ) then
match = false
end
-- match protocol
if not ( match == true and ( not args.protocol or rule.protocol == "all" or args.protocol == rule.protocol ) ) then
match = false
end
-- match source (XXX: implement ipcalc stuff so that 192.168.1.0/24 matches 0.0.0.0/0 etc.)
if not ( match == true and ( not args.source or rule.source == "0.0.0.0/0" or rule.source == args.source ) ) then
if not ( match == true and (
not args.protocol or rule.protocol == "all" or
args.protocol:lower() == rule.protocol
) ) then
match = false
end
-- match destination (XXX: implement ipcalc stuff so that 192.168.1.0/24 matches 0.0.0.0/0 etc.)
if not ( match == true and ( not args.destination or rule.destination == "0.0.0.0/0" or rule.destination == args.destination ) ) then
-- match source
if not ( match == true and (
not args.source or rule.source == "0.0.0.0/0" or
luci.ip.IPv4(rule.source):contains(args.source)
) ) then
match = false
end
-- match destination
if not ( match == true and (
not args.destination or rule.destination == "0.0.0.0/0" or
luci.ip.IPv4(rule.destination):contains(args.destination)
) ) then
match = false
end
-- match input interface
if not ( match == true and ( not args.inputif or rule.inputif == "*" or args.inputif == rule.inputif ) ) then
if not ( match == true and (
not args.inputif or rule.inputif == "*" or
args.inputif == rule.inputif
) ) then
match = false
end
-- match output interface
if not ( match == true and ( not args.outputif or rule.outputif == "*" or args.outputif == rule.outputif ) ) then
if not ( match == true and (
not args.outputif or rule.outputif == "*" or
args.outputif == rule.outputif
) ) then
match = false
end
-- match flags (the "opt" column)
if not ( match == true and ( not args.flags or rule.flags == args.flags ) ) then
if not ( match == true and (
not args.flags or rule.flags == args.flags
) ) then
match = false
end
-- match specific options
if not ( match == true and ( not args.options or self:_match_options( rule.options, args.options ) ) ) then
if not ( match == true and (
not args.options or
self:_match_options( rule.options, args.options )
) ) then
match = false
end
-- insert match
if match == true then
table.insert( rv, rule )
rv[#rv+1] = rule
end
end
@ -156,12 +192,9 @@ function IptParser.find( self, args )
end
--[[
IptParser.resync()
Rebuild the internal lookup table, for example when rules have changed through external commands.
]]--
--- Rebuild the internal lookup table, for example when rules have changed
-- through external commands.
-- @return nothing
function IptParser.resync( self )
self._rules = { }
self._chain = nil
@ -169,21 +202,76 @@ function IptParser.resync( self )
end
--[[
IptParser._parse_rules()
--- Find the names of all chains within the given table name.
-- @param table String containing the table name
-- @return Table of chain names in the order they occur.
function IptParser.chains( self, table )
local lookup = { }
local chains = { }
for _, r in ipairs(self:find({table=table})) do
if not lookup[r.chain] then
lookup[r.chain] = true
chains[#chains+1] = r.chain
end
end
return chains
end
[internal] Parse iptables output from all tables.
]]--
--- Return the given firewall chain within the given table name.
-- @param table String containing the table name
-- @param chain String containing the chain name
-- @return Table containing the fields "policy", "packets", "bytes"
-- and "rules". The "rules" field is a table of rule tables.
function IptParser.chain( self, table, chain )
return self._chains[table:lower()] and self._chains[table:lower()][chain]
end
--- Test whether the given target points to a custom chain.
-- @param target String containing the target action
-- @return Boolean indicating whether target is a custom chain.
function IptParser.is_custom_target( self, target )
for _, r in ipairs(self._rules) do
if r.chain == target then
return true
end
end
return false
end
-- [internal] Parse iptables output from all tables.
function IptParser._parse_rules( self )
for i, tbl in ipairs({ "filter", "nat", "mangle" }) do
self._chains[tbl] = { }
for i, rule in ipairs(luci.util.execl("iptables -t " .. tbl .. " --line-numbers -nxvL")) do
if rule:find( "Chain " ) == 1 then
self._chain = rule:gsub("Chain ([^%s]*) .*", "%1")
local crefs
local cname, cpol, cpkt, cbytes = rule:match(
"Chain ([^%s]*) %(policy (%w+) " ..
"(%d+) packets, (%d+) bytes%)"
)
if not cname then
cname, crefs = rule:match(
"Chain ([^%s]*) %((%d+) references%)"
)
end
self._chain = cname
self._chains[tbl][cname] = {
policy = cpol,
packets = tonumber(cpkt or 0),
bytes = tonumber(cbytes or 0),
references = tonumber(crefs or 0),
rules = { }
}
else
if rule:find("%d") == 1 then
@ -205,11 +293,15 @@ function IptParser._parse_rules( self )
rule_details["destination"] = rule_parts[10]
rule_details["options"] = { }
for i = 11, #rule_parts - 1 do
for i = 11, #rule_parts - 1 do
rule_details["options"][i-10] = rule_parts[i]
end
table.insert( self._rules, rule_details )
self._rules[#self._rules+1] = rule_details
self._chains[tbl][self._chain].rules[
#self._chains[tbl][self._chain].rules + 1
] = rule_details
end
end
end
@ -219,12 +311,8 @@ function IptParser._parse_rules( self )
end
--[[
IptParser._match_options( optlist1, optlist2 )
[internal] Return true if optlist1 contains all elements of optlist2. Return false in all other cases.
]]--
-- [internal] Return true if optlist1 contains all elements of optlist 2.
-- Return false in all other cases.
function IptParser._match_options( self, o1, o2 )
-- construct a hashtable of first options list to speed up lookups

16
libs/web/luasrc/dispatcher.lua
View file

@ -74,12 +74,14 @@ end
-- @param message Custom error message (optional)#
-- @return false
function error500(message)
luci.http.status(500, "Internal Server Error")
require("luci.template")
if not luci.util.copcall(luci.template.render, "error500", {message=message}) then
luci.http.prepare_content("text/plain")
luci.http.write(message)
if not context.template_header_sent then
luci.http.status(500, "Internal Server Error")
else
require("luci.template")
if not luci.util.copcall(luci.template.render, "error500", {message=message}) then
luci.http.prepare_content("text/plain")
luci.http.write(message)
end
end
return false
end
@ -589,7 +591,7 @@ end
local function _call(self, ...)
if #self.argv > 0 then
if #self.argv > 0 then
return getfenv()[self.name](unpack(self.argv), ...)
else
return getfenv()[self.name](...)

8
modules/admin-core/luasrc/view/header.htm
View file

@ -12,4 +12,10 @@ You may obtain a copy of the License at
$Id$
-%>
<% include("themes/" .. theme .. "/header") %>
<%
if not luci.dispatcher.context.template_header_sent then
include("themes/" .. theme .. "/header")
luci.dispatcher.context.template_header_sent = true
end
%>

23
modules/admin-full/luasrc/controller/admin/status.lua
View file

@ -18,8 +18,11 @@ function index()
local i18n = luci.i18n.translate
entry({"admin", "status"}, template("admin_status/index"), i18n("status", "Status"), 20).index = true
entry({"admin", "status", "syslog"}, call("action_syslog"), i18n("syslog", "Systemprotokoll"), 1)
entry({"admin", "status", "dmesg"}, call("action_dmesg"), i18n("dmesg", "Kernelprotokoll"), 2)
entry({"admin", "status", "interfaces"}, template("admin_status/interfaces"), i18n("interfaces", "Interfaces"), 1)
entry({"admin", "status", "iptables"}, call("action_iptables"), i18n("a_s_ipt", "Firewall"), 2)
entry({"admin", "status", "syslog"}, call("action_syslog"), i18n("syslog", "System Log"), 3)
entry({"admin", "status", "dmesg"}, call("action_dmesg"), i18n("dmesg", "Kernel Log"), 4)
end
function action_syslog()
@ -31,3 +34,19 @@ function action_dmesg()
local dmesg = luci.sys.dmesg()
luci.template.render("admin_status/dmesg", {dmesg=dmesg})
end
function action_iptables()
if luci.http.formvalue("zero") == "1" then
luci.util.exec("iptables -Z")
luci.http.redirect(
luci.dispatcher.build_url("admin", "status", "iptables")
)
elseif luci.http.formvalue("restart") == "1" then
luci.util.exec("/etc/init.d/firewall restart")
luci.http.redirect(
luci.dispatcher.build_url("admin", "status", "iptables")
)
else
luci.template.render("admin_status/iptables")
end
end

132
modules/admin-full/luasrc/view/admin_status/iptables.htm Normal file
View file

@ -0,0 +1,132 @@
<%#
LuCI - Lua Configuration Interface
Copyright 2008-2009 Steven Barth <steven@midlink.org>
Copyright 2008-2009 Jo-Philipp Wich <xm@leipzig.freifunk.net>
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
$Id$
-%>
<%-
require "luci.sys.iptparser"
require "luci.tools.webadmin"
local ipt = luci.sys.iptparser.IptParser()
local wba = luci.tools.webadmin
local rowcnt = 1
function rowstyle()
rowcnt = rowcnt + 1
return (rowcnt % 2) + 1
end
function link_target(t,c)
if ipt:is_custom_target(c) then
return '<a href="#rule_%s_%s">%s</a>' %{ t:lower(), c, c }
end
return c
end
function link_iface(i)
local net = wba.iface_get_network(i)
if net and i ~= "lo" then
return '<a href="%s">%s</a>' %{
luci.dispatcher.build_url("admin", "network", "network", net), i
}
end
return i
end
-%>
<%+header%>
<h2><a id="content" name="content"><%:a_s_ipt_status Firewall Status%></a></h2>
<form method="post" action="<%=REQUEST_URI%>">
<div class="cbi-map">
<fieldset class="cbi-section">
<h3><%:a_s_ipt_actions Actions%></h3>
<ul>
<li><a href="<%=REQUEST_URI%>?zero=1"><%:a_s_ipt_reset Reset Counters%></a></li>
<li><a href="<%=REQUEST_URI%>?restart=1"><%:a_s_ipt_restart Restart Firewall%></a></li>
</ul>
<br /><br />
<% for _, tbl in ipairs({"Filter", "NAT", "Mangle"}) do chaincnt = 0 %>
<h3><%:a_s_ipt_table Table%>: <%=tbl%></h3>
<table class="cbi-section-table" style="font-size:90%">
<% for _, chain in ipairs(ipt:chains(tbl)) do
rowcnt = 0
chaincnt = chaincnt + 1
chaininfo = ipt:chain(tbl, chain)
%>
<tr class="cbi-section-table-titles cbi-rowstyle-<%=rowstyle()%>">
<th class="cbi-section-table-cell" style="text-align:left" colspan="11">
<br /><a name="rule_<%=tbl:lower()%>_<%=chain%>"></a>
<%:a_s_ipt_chain Chain%> <em><%=chain%></em>
(<%- if chaininfo.policy then -%>
<%:a_s_ipt_policy Policy%>: <em><%=chaininfo.policy%></em>, <%:a_s_ipt_packets Packets%>: <%=chaininfo.packets%>, <%:a_s_ipt_bytes Traffic%>: <%=wba.byte_format(chaininfo.bytes)-%>
<%- else -%>
<%:a_s_ipt_references References%>: <%=chaininfo.references-%>
<%- end -%>)
</th>
</tr>
<tr class="cbi-section-table-descr">
<th class="cbi-section-table-cell"><%:a_s_ipt_rulenum Rule #%></th>
<th class="cbi-section-table-cell"><%:a_s_ipt_packets Pkts.%></th>
<th class="cbi-section-table-cell"><%:a_s_ipt_bytes Traffic%></th>
<th class="cbi-section-table-cell"><%:a_s_ipt_target Target%></th>
<th class="cbi-section-table-cell"><%:a_s_ipt_proto Prot.%></th>
<th class="cbi-section-table-cell"><%:a_s_ipt_flags Flags%></th>
<th class="cbi-section-table-cell"><%:a_s_ipt_inputif In%></th>
<th class="cbi-section-table-cell"><%:a_s_ipt_outputif Out%></th>
<th class="cbi-section-table-cell"><%:a_s_ipt_source Source%></th>
<th class="cbi-section-table-cell"><%:a_s_ipt_destination Destination%></th>
<th class="cbi-section-table-cell"><%:a_s_ipt_options Options%></th>
</tr>
<% for _, rule in ipairs(ipt:find({table=tbl, chain=chain})) do %>
<tr class="cbi-section-table-row cbi-rowstyle-<%=rowstyle()%>">
<td><%=rule.index%></td>
<td><%=rule.packets%></td>
<td><%=wba.byte_format(rule.bytes)%></td>
<td><%=link_target(tbl, rule.target)%></td>
<td><%=rule.protocol%></td>
<td><%=rule.flags%></td>
<td><%=link_iface(rule.inputif)%></td>
<td><%=link_iface(rule.outputif)%></td>
<td><%=rule.source%></td>
<td><%=rule.destination%></td>
<td><small><%=#rule.options > 0 and table.concat(rule.options, " ") or "-"%></small></td>
</tr>
<% end %>
<% if rowcnt == 1 then %>
<tr class="cbi-section-table-titles cbi-rowstyle-<%=rowstyle()%>">
<td colspan="11"><em><%:a_s_ipt_norules No rules in this chain%></em></td>
</tr>
<% end %>
<% end %>
<% if chaincnt == 0 then %>
<tr class="cbi-section-table-titles cbi-rowstyle-<%=rowstyle()%>">
<td colspan="11"><em><%:a_s_ipt_nochains No chains in this table%></em></td>
</tr>
<% end %>
</table>
<br /><br />
<% end %>
</fieldset>
</div>
</form>
<%+footer%>