luci-app-firewall: recognize egress rules in rule overview

Along with 74be6f397
("treewide: switch firewall zone, network and iface lists to dropdown code"),
this change allows luci-app-firewall to recognize OUTPUT rules.

Fixes #1457.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/applications/luci-app-firewall/luasrc/model/cbi/firewall/rules.lua b/applications/luci-app-firewall/luasrc/model/cbi/firewall/rules.lua
index c533491977c05bd0f13f5f01dccdf9f02e2cdd0a..22dec5ee6bf86ebaa8c712ff71dd8643034a1135 100644 (file)
--- a/applications/luci-app-firewall/luasrc/model/cbi/firewall/rules.lua
+++ b/applications/luci-app-firewall/luasrc/model/cbi/firewall/rules.lua
@@ -89,17 +89,31 @@ local function rule_proto_txt(self, s)
 end
 
 local function rule_src_txt(self, s)
-       local z = ft.fmt_zone(self.map:get(s, "src"), translate("any zone"))
-       local a = ft.fmt_ip(self.map:get(s, "src_ip"), translate("any host"))
+       local z = ft.fmt_zone(self.map:get(s, "src"))
        local p = ft.fmt_port(self.map:get(s, "src_port"))
        local m = ft.fmt_mac(self.map:get(s, "src_mac"))
 
-       if p and m then
-               return translatef("From %s in %s with source %s and %s", a, z, p, m)
-       elseif p or m then
-               return translatef("From %s in %s with source %s", a, z, p or m)
+       -- Forward/Input
+       if z and #z > 0 then
+               local a = ft.fmt_ip(self.map:get(s, "src_ip"), translate("any host"))
+               if p and m then
+                       return translatef("From %s in %s with source %s and %s", a, z, p, m)
+               elseif p or m then
+                       return translatef("From %s in %s with source %s", a, z, p or m)
+               else
+                       return translatef("From %s in %s", a, z)
+               end
+
+       -- Output
        else
-               return translatef("From %s in %s", a, z)
+               local a = ft.fmt_ip(self.map:get(s, "src_ip"), translate("any router IP"))
+               if p and m then
+                       return translatef("From %s on <var>this device</var> with source %s and %s", a, p, m)
+               elseif p or m then
+                       return translatef("From %s on <var>this device</var> with source %s", a, p or m)
+               else
+                       return translatef("From %s on <var>this device</var>", a)
+               end
        end
 end
 
@@ -158,7 +172,7 @@ target = s:option(DummyValue, "target", translate("Action"))
 target.rawhtml = true
 target.width   = "20%"
 function target.cfgvalue(self, s)
-       local t = ft.fmt_target(self.map:get(s, "target"), self.map:get(s, "dest"))
+       local t = ft.fmt_target(self.map:get(s, "target"), self.map:get(s, "src"), self.map:get(s, "dest"))
        local l = ft.fmt_limit(self.map:get(s, "limit"),
                self.map:get(s, "limit_burst"))
 

diff --git a/applications/luci-app-firewall/luasrc/tools/firewall.lua b/applications/luci-app-firewall/luasrc/tools/firewall.lua
index 2d89bfa2a6e6792f1f47215531568853d1ff27b4..055342bfb376af4bba8c373653cf7c64ca96953c 100644 (file)
--- a/applications/luci-app-firewall/luasrc/tools/firewall.lua
+++ b/applications/luci-app-firewall/luasrc/tools/firewall.lua
@@ -198,8 +198,18 @@ function fmt_limit(limit, burst)
        end
 end
 
-function fmt_target(x, dest)
-       if dest and #dest > 0 then
+function fmt_target(x, src, dest)
+       if not src or #src == 0 then
+               if x == "ACCEPT" then
+                       return _("Accept output")
+               elseif x == "REJECT" then
+                       return _("Refuse output")
+               elseif x == "NOTRACK" then
+                       return _("Do not track output")
+               else --if x == "DROP" then
+                       return _("Discard output")
+               end
+       elseif dest and #dest > 0 then
                if x == "ACCEPT" then
                        return _("Accept forward")
                elseif x == "REJECT" then