"/usr/bin/ping6 *": [ "exec" ],
"/usr/bin/traceroute *": [ "exec" ],
"/usr/bin/traceroute6 *": [ "exec" ],
- "/usr/bin/nslookup *": [ "exec" ]
+ "/usr/bin/nslookup *": [ "exec" ],
+ "/usr/libexec/luci-peeraddr": [ "exec" ]
},
"ubus": {
"file": [ "list", "read", "stat" ],
page.uci_depends = { wireless = { ["@wifi-device[0]"] = "wifi-device" } }
page.leaf = true
- page = entry({"admin", "network", "remote_addr"}, call("remote_addr"), nil)
- page.leaf = true
-
page = entry({"admin", "network", "network"}, view("network/interfaces"), _("Interfaces"), 10)
page.leaf = true
page.subindex = true
page.order = 60
-- end
end
-
-local function addr2dev(addr, src)
- local ip = require "luci.ip"
- local route = ip.route(addr, src)
- if not src and route and route.src then
- route = ip.route(addr, route.src:string())
- end
- return route and route.dev
-end
-
-function remote_addr()
- local uci = require "luci.model.uci"
- local peer = luci.http.getenv("REMOTE_ADDR")
- local serv = luci.http.getenv("SERVER_ADDR")
- local device = addr2dev(peer, serv)
- local ifaces = luci.util.ubus("network.interface", "dump")
- local indevs = {}
- local inifs = {}
-
- local result = {
- remote_addr = peer,
- server_addr = serv,
- inbound_devices = {},
- inbound_interfaces = {}
- }
-
- if type(ifaces) == "table" and type(ifaces.interface) == "table" then
- for _, iface in ipairs(ifaces.interface) do
- if type(iface) == "table" then
- if iface.device == device or iface.l3_device == device then
- inifs[iface.interface] = true
- indevs[device] = true
- end
-
- local peeraddr = uci:get("network", iface.interface, "peeraddr")
- for _, ai in ipairs(peeraddr and nixio.getaddrinfo(peeraddr) or {}) do
- local peerdev = addr2dev(ai.address)
- if peerdev then
- for _, iface in ipairs(ifaces.interface) do
- if type(iface) == "table" and
- (iface.device == peerdev or iface.l3_device == peerdev)
- then
- inifs[iface.interface] = true
- indevs[peerdev] = true
- end
- end
- end
- end
- end
- end
- end
-
- for k in pairs(inifs) do
- result.inbound_interfaces[#result.inbound_interfaces + 1] = k
- end
-
- for k in pairs(indevs) do
- result.inbound_devices[#result.inbound_devices + 1] = k
- end
-
- luci.http.prepare_content("application/json")
- luci.http.write_json(result)
-end
--- /dev/null
+#!/bin/sh
+
+NL="
+"
+
+function ifaces_by_device() {
+ ubus call network.interface dump 2>/dev/null | \
+ jsonfilter -e "@.interface[@.device='$1' || @.l3_device='$1'].interface"
+}
+
+function device_by_addr() {
+ set -- $(ip route get "$1" ${2:+from "$2"} 2>/dev/null)
+ echo "$5"
+}
+
+for inbound_device in $(device_by_addr "$REMOTE_ADDR" "$SERVER_ADDR"); do
+ inbound_devices="$inbound_device"
+ inbound_interfaces=""
+
+ for iface in $(ifaces_by_device "$inbound_device"); do
+ inbound_interfaces="${inbound_interfaces:+$inbound_interfaces$NL}$iface"
+
+ for peeraddr in $(uci get "network.$iface.peeraddr"); do
+ for ipaddr in $(resolveip -t 1 "$peeraddr" 2>/dev/null); do
+ for peerdev in $(device_by_addr "$ipaddr"); do
+ for iface in $(ifaces_by_device "$peerdev"); do
+ inbound_devices="${inbound_devices:+$inbound_devices$NL}$peerdev"
+ inbound_interfaces="${inbound_interfaces:+$inbound_interfaces$NL}$iface"
+ done
+ done
+ done
+ done
+ done
+done
+
+inbound_devices="$(echo "$inbound_devices" | sort -u | sed ':a;N;$!ba;s/\n/", "/g')"
+inbound_interfaces="$(echo "$inbound_interfaces" | sort -u | sed ':a;N;$!ba;s/\n/", "/g')"
+
+cat <<JSON
+{
+ "remote_addr": "$REMOTE_ADDR",
+ "server_addr": "$SERVER_ADDR",
+ "inbound_devices": [ ${inbound_devices:+\"$inbound_devices\"} ],
+ "inbound_interfaces": [ ${inbound_interfaces:+\"$inbound_interfaces\"} ]
+}
+JSON
projects / project / luci.git / commitdiff