luci-firewall: Add support for negations for ip addresses/nets (#218)
This commit is contained in:
Manuel Munz
parent
5a1e9354b4
commit
bb2d7517eb
5 changed files with 30 additions and 6 deletions
|
|
@ -121,7 +121,7 @@ src_mac.placeholder = translate("any")
|
|||
|
||||
src_ip = s:taboption("advanced", Value, "src_ip", translate("Source IP address"))
|
||||
src_ip.optional = true
|
||||
src_ip.datatype = "ip4addr"
|
||||
src_ip.datatype = "neg_ip4addr"
|
||||
src_ip.placeholder = translate("any")
|
||||
|
||||
sport = s:taboption("advanced", Value, "src_port", translate("Source port"),
|
||||
|
|
|
|||
|
|
@ -106,7 +106,7 @@ icmpt:value("address-mask-reply")
|
|||
|
||||
src_ip = s:taboption("general", Value, "src_ip", translate("Source address"))
|
||||
src_ip.optional = true
|
||||
src_ip.datatype = has_v2 and "ipaddr" or "ip4addr"
|
||||
src_ip.datatype = has_v2 and "neg_ipaddr" or "neg_ip4addr"
|
||||
src_ip.placeholder = translate("any")
|
||||
|
||||
sport = s:taboption("general", Value, "src_port", translate("Source port"))
|
||||
|
|
@ -119,7 +119,7 @@ sport:depends("proto", "tcpudp")
|
|||
|
||||
dest_ip = s:taboption("general", Value, "dest_ip", translate("Destination address"))
|
||||
dest_ip.optional = true
|
||||
dest_ip.datatype = has_v2 and "ipaddr" or "ip4addr"
|
||||
dest_ip.datatype = has_v2 and "neg_ipaddr" or "neg_ip4addr"
|
||||
dest_ip.placeholder = translate("any")
|
||||
|
||||
dport = s:taboption("general", Value, "dest_port", translate("Destination port"))
|
||||
|
|
|
|||
|
|
@ -129,7 +129,7 @@ msrc = s:taboption("advanced", DynamicList, "masq_src",
|
|||
translate("Restrict Masquerading to given source subnets"))
|
||||
|
||||
msrc.optional = true
|
||||
msrc.datatype = "ip4addr"
|
||||
msrc.datatype = "neg_ip4addr"
|
||||
msrc.placeholder = "0.0.0.0/0"
|
||||
msrc:depends("family", "")
|
||||
msrc:depends("family", "ipv4")
|
||||
|
|
@ -138,7 +138,7 @@ mdest = s:taboption("advanced", DynamicList, "masq_dest",
|
|||
translate("Restrict Masquerading to given destination subnets"))
|
||||
|
||||
mdest.optional = true
|
||||
mdest.datatype = "ip4addr"
|
||||
mdest.datatype = "neg_ip4addr"
|
||||
mdest.placeholder = "0.0.0.0/0"
|
||||
mdest:depends("family", "")
|
||||
mdest:depends("family", "ipv4")
|
||||
|
|
|
|||
|
|
@ -42,6 +42,11 @@ var cbi_validators = {
|
|||
return cbi_validators.ip4addr(v) || cbi_validators.ip6addr(v);
|
||||
},
|
||||
|
||||
'neg_ipaddr': function(v)
|
||||
{
|
||||
return cbi_validators.ip4addr(v.replace(/^\s*!/, "")) || cbi_validators.ip6addr(v.replace(/^\s*!/, ""));
|
||||
},
|
||||
|
||||
'ip4addr': function(v)
|
||||
{
|
||||
if( v.match(/^(\d+)\.(\d+)\.(\d+)\.(\d+)(\/(\d+))?$/) )
|
||||
|
|
@ -57,6 +62,11 @@ var cbi_validators = {
|
|||
return false;
|
||||
},
|
||||
|
||||
'neg_ip4addr': function(v)
|
||||
{
|
||||
return cbi_validators.ip4addr(v.replace(/^\s*!/, ""));
|
||||
},
|
||||
|
||||
'ip6addr': function(v)
|
||||
{
|
||||
if( v.match(/^([a-fA-F0-9:.]+)(\/(\d+))?$/) )
|
||||
|
|
|
|||
|
|
@ -17,8 +17,8 @@ local fs = require "nixio.fs"
|
|||
local ip = require "luci.ip"
|
||||
local math = require "math"
|
||||
local util = require "luci.util"
|
||||
local tonumber, type = tonumber, type
|
||||
|
||||
local tonumber = tonumber
|
||||
|
||||
module "luci.cbi.datatypes"
|
||||
|
||||
|
|
@ -66,6 +66,13 @@ function ipaddr(val)
|
|||
return ip4addr(val) or ip6addr(val)
|
||||
end
|
||||
|
||||
function neg_ipaddr(v)
|
||||
if type(v) == "string" then
|
||||
v = v:gsub("^%s*!", "")
|
||||
end
|
||||
return v and ipaddr(v)
|
||||
end
|
||||
|
||||
function ip4addr(val)
|
||||
if val then
|
||||
return ip.IPv4(val) and true or false
|
||||
|
|
@ -74,6 +81,13 @@ function ip4addr(val)
|
|||
return false
|
||||
end
|
||||
|
||||
function neg_ip4addr(v)
|
||||
if type(v) == "string" then
|
||||
v = v:gsub("^%s*!", "")
|
||||
end
|
||||
return v and ip4addr(v)
|
||||
end
|
||||
|
||||
function ip4prefix(val)
|
||||
val = tonumber(val)
|
||||
return ( val and val >= 0 and val <= 32 )
|
||||
|
|
|
|||
Loading…
Reference in a new issue