Initial changes required for firewall4 compatibility:
* depend on uc-firewall instead of firewall
* detect installed version of firewall and hide incompatible features
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Reviewed-by: Jo-Philipp Wich <jo@mein.io>
Rework some further code instances to fall back to the legacy ipv4/ipv6
properties if needed.
Fixes: c7b7b42cd3 ("treewide: Update JS using luci-rpc getHostHints")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Update frontend JS code which uses luci-rpc getHostHints to support the new
response format which removes the `ipv4` and `ipv6` host hint string fields
and replaces them with `ipaddrs` and `ip6addrs` weighted string list fields.
Signed-off-by: Niels Widger <niels@qacafe.com>
[rework code to be forwards/backwards compatible, fix some Network.Hosts
methods, fix IP choice ordering, change commit subject, rewrap commit
message]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Store multiple space separated custom address values as separate uci
list items in the configuration.
Fixes: #4822
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Before the change, the options '*' and 'any' in the drop down were not
recognized as valid options, when loaded from the uci. With this change,
the options '*' and 'any' are mapped to 'all' and saved as such. This
change is especially important if the proto option is changed manually
to '*' or 'any' in shell and then further configured via LuCI.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
The "Match ICMP type" drop-down menu was missing this ICMPv6 type. According to RFC 4890 section 4.3.1 it is essential for communications and must not be dropped. This patch allows for doing this through LuCI.
Signed-off-by: Robby K <robbyke@gmail.com>
Drop obsolete extra logic which treats the zone name as covered network
name in case the network list is unset. This behaviour applied to the
pre-fw3 uci firewall, but is not supported since fw3 anymore.
Ref: https://forum.openwrt.org/t/luci-zone-creation-bug/55921
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Use a simple custom format string DSL to assemble the rule description
texts in the overview page.
Also move common code for shared, complex cbi options to the firewall
tool class.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The underlying fw3 program currently only does IPv4 port forwards while
LuCI incorrectly reports IPv4 + IPv6 for each forward. Adjust the text
accordingly to fix this.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
When a `config zone` section lacks an `option network` or `list network`
setting, its contained interface list defaults to the name of the zone,
e.g. a zone named `foo` will implicitely contain the network `foo` unless
a deviating or empty `option network` is specified.
Adjust the zones.js model accordingly to reflect that implicit default.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
