157 lines
4.8 KiB
HTML
157 lines
4.8 KiB
HTML
|
<%#
|
||
|
|
Copyright 2008-2009 Steven Barth <steven@midlink.org>
|
||
|
|
Copyright 2008-2015 Jo-Philipp Wich <jow@openwrt.org>
|
||
|
|
Licensed to the public under the Apache License 2.0.
|
||
|
|
-%>
|
||
|
|
|
||
|
|
<%-
|
||
|
|
|
||
|
|
require "luci.sys.iptparser"
|
||
|
|
local wba = require "luci.tools.webadmin"
|
||
|
|
local fs = require "nixio.fs"
|
||
|
|
local io = require "io"
|
||
|
|
|
||
|
|
local has_ip6tables = fs.access("/usr/sbin/ip6tables")
|
||
|
|
local mode = 4
|
||
|
|
|
||
|
|
if has_ip6tables then
|
||
|
|
mode = luci.dispatcher.context.requestpath
|
||
|
|
mode = tonumber(mode[#mode] ~= "iptables" and mode[#mode]) or 4
|
||
|
|
end
|
||
|
|
|
||
|
|
local ipt = luci.sys.iptparser.IptParser(mode)
|
||
|
|
|
||
|
|
local rowcnt = 1
|
||
|
|
function rowstyle()
|
||
|
|
rowcnt = rowcnt + 1
|
||
|
|
return (rowcnt % 2) + 1
|
||
|
|
end
|
||
|
|
|
||
|
|
function link_target(t,c)
|
||
|
|
if ipt:is_custom_target(c) then
|
||
|
|
return '<a href="#rule_%s_%s">%s</a>' %{ t:lower(), c, c }
|
||
|
|
end
|
||
|
|
return c
|
||
|
|
end
|
||
|
|
|
||
|
|
function link_iface(i)
|
||
|
|
local net = wba.iface_get_network(i)
|
||
|
|
if net and i ~= "lo" then
|
||
|
|
return '<a href="%s">%s</a>' %{
|
||
|
|
url("admin/network/network", net), i
|
||
|
|
}
|
||
|
|
|
||
|
|
end
|
||
|
|
return i
|
||
|
|
end
|
||
|
|
|
||
|
|
local tables = { "Filter", "NAT", "Mangle", "Raw" }
|
||
|
|
if mode == 6 then
|
||
|
|
tables = { "Filter", "Mangle", "Raw" }
|
||
|
|
local ok, lines = pcall(io.lines, "/proc/net/ip6_tables_names")
|
||
|
|
if ok and lines then
|
||
|
|
local line
|
||
|
|
for line in lines do
|
||
|
|
if line == "nat" then
|
||
|
|
tables = { "Filter", "NAT", "Mangle", "Raw" }
|
||
|
|
end
|
||
|
|
end
|
||
|
|
end
|
||
|
|
end
|
||
|
|
-%>
|
||
|
|
|
||
|
|
<%+header%>
|
||
|
|
|
||
|
|
<style type="text/css">
|
||
|
|
span:target {
|
||
|
|
color: blue;
|
||
|
|
text-decoration: underline;
|
||
|
|
}
|
||
|
|
</style>
|
||
|
|
|
||
|
|
<h2 name="content"><%:Firewall Status%></h2>
|
||
|
|
<br />
|
||
|
|
|
||
|
|
<% if has_ip6tables then %>
|
||
|
|
<ul class="cbi-tabmenu">
|
||
|
|
<li class="cbi-tab<%= mode ~= 4 and "-disabled" %>"><a href="<%=url("admin/status/iptables/4")%>"><%:IPv4 Firewall%></a></li>
|
||
|
|
<li class="cbi-tab<%= mode ~= 6 and "-disabled" %>"><a href="<%=url("admin/status/iptables/6")%>"><%:IPv6 Firewall%></a></li>
|
||
|
|
</ul>
|
||
|
|
<% end %>
|
||
|
|
|
||
|
|
<div class="cbi-map" style="position: relative">
|
||
|
|
|
||
|
|
<form method="post" action="<%=url("admin/status/iptables_action")%>" style="position: absolute; right: 0">
|
||
|
|
<input type="hidden" name="token" value="<%=token%>" />
|
||
|
|
<input type="hidden" name="family" value="<%=mode%>" />
|
||
|
|
<input type="submit" class="cbi-button" name="zero" value="<%:Reset Counters%>" />
|
||
|
|
<input type="submit" class="cbi-button" name="restart" value="<%:Restart Firewall%>" />
|
||
|
|
</form>
|
||
|
|
|
||
|
|
<fieldset class="cbi-section">
|
||
|
|
|
||
|
|
<% for _, tbl in ipairs(tables) do chaincnt = 0 %>
|
||
|
|
<h3><%:Table%>: <%=tbl%></h3>
|
||
|
|
<table class="cbi-section-table" style="font-size:90%">
|
||
|
|
<% for _, chain in ipairs(ipt:chains(tbl)) do
|
||
|
|
rowcnt = 0
|
||
|
|
chaincnt = chaincnt + 1
|
||
|
|
chaininfo = ipt:chain(tbl, chain)
|
||
|
|
%>
|
||
|
|
<tr class="cbi-section-table-titles cbi-rowstyle-<%=rowstyle()%>">
|
||
|
|
<th class="cbi-section-table-cell" style="text-align:left" colspan="11">
|
||
|
|
<br /><span id="rule_<%=tbl:lower()%>_<%=chain%>">
|
||
|
|
<%:Chain%> <em><%=chain%></em>
|
||
|
|
(<%- if chaininfo.policy then -%>
|
||
|
|
<%:Policy%>: <em><%=chaininfo.policy%></em>, <%:Packets%>: <%=chaininfo.packets%>, <%:Traffic%>: <%=wba.byte_format(chaininfo.bytes)-%>
|
||
|
|
<%- else -%>
|
||
|
|
<%:References%>: <%=chaininfo.references-%>
|
||
|
|
<%- end -%>)</span>
|
||
|
|
</th>
|
||
|
|
</tr>
|
||
|
|
<tr class="cbi-section-table-descr">
|
||
|
|
<th class="cbi-section-table-cell"><%:Pkts.%></th>
|
||
|
|
<th class="cbi-section-table-cell"><%:Traffic%></th>
|
||
|
|
<th class="cbi-section-table-cell"><%:Target%></th>
|
||
|
|
<th class="cbi-section-table-cell"><%:Prot.%></th>
|
||
|
|
<th class="cbi-section-table-cell"><%:In%></th>
|
||
|
|
<th class="cbi-section-table-cell"><%:Out%></th>
|
||
|
|
<th class="cbi-section-table-cell"><%:Source%></th>
|
||
|
|
<th class="cbi-section-table-cell"><%:Destination%></th>
|
||
|
|
<th class="cbi-section-table-cell" style="width:30%"><%:Options%></th>
|
||
|
|
</tr>
|
||
|
|
|
||
|
|
<% for _, rule in ipairs(ipt:find({table=tbl, chain=chain})) do %>
|
||
|
|
<tr class="cbi-section-table-row cbi-rowstyle-<%=rowstyle()%>">
|
||
|
|
<td><%=rule.packets%></td>
|
||
|
|
<td style="white-space: nowrap"><%=wba.byte_format(rule.bytes)%></td>
|
||
|
|
<td><%=rule.target and link_target(tbl, rule.target) or "-"%></td>
|
||
|
|
<td><%=rule.protocol%></td>
|
||
|
|
<td><%=link_iface(rule.inputif)%></td>
|
||
|
|
<td><%=link_iface(rule.outputif)%></td>
|
||
|
|
<td><%=rule.source%></td>
|
||
|
|
<td><%=rule.destination%></td>
|
||
|
|
<td style="width:30%"><small><%=#rule.options > 0 and luci.util.pcdata(table.concat(rule.options, " ")) or "-"%></small></td>
|
||
|
|
</tr>
|
||
|
|
<% end %>
|
||
|
|
|
||
|
|
<% if rowcnt == 1 then %>
|
||
|
|
<tr class="cbi-section-table-titles cbi-rowstyle-<%=rowstyle()%>">
|
||
|
|
<td colspan="9"><em><%:No rules in this chain%></em></td>
|
||
|
|
</tr>
|
||
|
|
<% end %>
|
||
|
|
<% end %>
|
||
|
|
|
||
|
|
<% if chaincnt == 0 then %>
|
||
|
|
<tr class="cbi-section-table-titles cbi-rowstyle-<%=rowstyle()%>">
|
||
|
|
<td colspan="9"><em><%:No chains in this table%></em></td>
|
||
|
|
</tr>
|
||
|
|
<% end %>
|
||
|
|
</table>
|
||
|
|
<br /><br />
|
||
|
|
<% end %>
|
||
|
|
</fieldset>
|
||
|
|
</div>
|
||
|
|
|
||
|
|
<%+footer%>
|