From 0ab8119bf2eaec81c4825e365eb2e7f55a5a261a Mon Sep 17 00:00:00 2001 From: Steven Barth Date: Fri, 16 Jan 2009 20:29:47 +0000 Subject: [PATCH] Merge r4050 r4049 r4046 r4039 r4026 --- applications/luci-fw/luasrc/i18n/luci-fw.de.lua | 7 ++++--- applications/luci-fw/luasrc/i18n/luci-fw.de.xml | 4 +++- applications/luci-fw/luasrc/i18n/luci-fw.en.lua | 7 ++++--- applications/luci-fw/luasrc/i18n/luci-fw.en.xml | 4 +++- applications/luci-fw/luasrc/i18n/luci-fw.fr.lua | 2 ++ applications/luci-fw/luasrc/i18n/luci-fw.fr.xml | 2 ++ applications/luci-fw/luasrc/i18n/luci-fw.pt-br.lua | 2 ++ applications/luci-fw/luasrc/i18n/luci-fw.pt-br.xml | 2 ++ .../luci-fw/luasrc/model/cbi/luci_fw/zones.lua | 8 +++++++- .../luci-fw/root/lib/uci/schema/default/firewall | 12 ++++++++++++ contrib/package/olsrd-luci/Makefile | 6 ++++-- libs/cbi/luasrc/view/cbi/tblsection.htm | 12 ++++++++++-- 12 files changed, 55 insertions(+), 13 deletions(-) diff --git a/applications/luci-fw/luasrc/i18n/luci-fw.de.lua b/applications/luci-fw/luasrc/i18n/luci-fw.de.lua index 17651d42cc..443ba153ea 100644 --- a/applications/luci-fw/luasrc/i18n/luci-fw.de.lua +++ b/applications/luci-fw/luasrc/i18n/luci-fw.de.lua @@ -11,8 +11,9 @@ firewall_rule_desc = 'Mit erweiterten Regeln kann die Firewall an die eigenen Be fw_fw1 = 'Die Firewall erstellt Netzwerkzonen über bestimmte Netzwerkschnittstellen um den Netzverkehr zu trennen.' fw_src = 'Quelle' fw_dest = 'Ziel' -fw_mtufix = 'MSS-Korrektur' fw_traffic = 'Verkehrskontrolle' +fw_mtufix = 'MSS-Korrektur' +fw_dropinvalid = 'Ungültig Pakete verwerfen' firewall_rule_src = 'Eingangszone' firewall_rule_dest = 'Ausgangszone' firewall_rule_srcip = 'Quelladresse' @@ -34,7 +35,7 @@ firewall_redirect_destport = 'Interner Port (optional)' firewall_redirect_destport_desc = 'Port od. Erster-Letzter Port' firewall_redirect_srcip = 'Quelladresse' firewall_redirect_srcmac = 'Quell-MAC-Adresse' -fw_forwarding1 = 'An dieser Stelle kann festgelegt zwischen welchen Zonen Netzverkehr hin und her fließen kann. Es werden nur neue Verbindungen betrachtet. Pakete, die zu bereits bestehenden Verbindungen gehören werden automatisch akzeptiert. Bei gelegentlich auftretenden Verbindungsproblemen kann eine MSS-Korrektur helfen, ansonsten sollte dies aus Performancegründen deaktiviert bleiben.' +fw_forwarding1 = 'An dieser Stelle kann festgelegt zwischen welchen Zonen Netzverkehr hin und her fließen kann. Es werden nur neue Verbindungen betrachtet. Pakete, die zu bereits bestehenden Verbindungen gehören werden automatisch akzeptiert. Bei gelegentlich auftretenden Verbindungsproblemen kann eine MSS-Korrektur helfen, ansonsten sollte dies aus Performancegründen deaktiviert bleiben.' firewall_forwarding_src = 'Eingang' firewall_forwarding_dest = 'Ausgang' firewall_defaults = 'Grundeinstellungen' @@ -52,4 +53,4 @@ firewall_zone_forward = 'Weitergeleiteter Verkehr' firewall_zone_forward_desc = 'Standardaktion' firewall_zone_masq = 'MASQ' firewall_zone_network = 'Netzwerke' -firewall_zone_network_desc = 'verbundene Netzwerke' \ No newline at end of file +firewall_zone_network_desc = 'verbundene Netzwerke' diff --git a/applications/luci-fw/luasrc/i18n/luci-fw.de.xml b/applications/luci-fw/luasrc/i18n/luci-fw.de.xml index 3825bb4ae9..fe7ad77821 100644 --- a/applications/luci-fw/luasrc/i18n/luci-fw.de.xml +++ b/applications/luci-fw/luasrc/i18n/luci-fw.de.xml @@ -16,6 +16,8 @@ Quelle Ziel Verkehrskontrolle +MSS-Korrektur +Ungültig Pakete verwerfen Eingangszone Ausgangszone Quelladresse @@ -40,7 +42,7 @@ Quell-MAC-Adresse -An dieser Stelle kann festgelegt zwischen welchen Zonen Netzverkehr hin und her fließen kann. Es werden nur neue Verbindungen betrachtet. Pakete, die zu bereits bestehenden Verbindungen gehören werden automatisch akzeptiert. +An dieser Stelle kann festgelegt zwischen welchen Zonen Netzverkehr hin und her fließen kann. Es werden nur neue Verbindungen betrachtet. Pakete, die zu bereits bestehenden Verbindungen gehören werden automatisch akzeptiert. Bei gelegentlich auftretenden Verbindungsproblemen kann eine MSS-Korrektur helfen, ansonsten sollte dies aus Performancegründen deaktiviert bleiben. Eingang Ausgang diff --git a/applications/luci-fw/luasrc/i18n/luci-fw.en.lua b/applications/luci-fw/luasrc/i18n/luci-fw.en.lua index 24eeee8c3b..e490507e8e 100644 --- a/applications/luci-fw/luasrc/i18n/luci-fw.en.lua +++ b/applications/luci-fw/luasrc/i18n/luci-fw.en.lua @@ -8,7 +8,7 @@ fw_zones = 'Zones' fw_custfwd = 'Custom forwarding' fw_fw1 = 'The firewall creates zones over your network interfaces to control network traffic flow.' firewall_rule = 'Advanced Rules' -firewall_rule_desc = 'Advanced rules let you customize the firewall to your needs. Only new connections will be matched. Packets belonging to already open connections are automatically allowed to pass the firewall.' +firewall_rule_desc = 'Advanced rules let you customize the firewall to your needs. Only new connections will be matched. Packets belonging to already open connections are automatically allowed to pass the firewall. If you experience occasional connection problems try enabling MSS-Correction otherwise disable it for performance reasons.' firewall_rule_src = 'Input Zone' firewall_rule_dest = 'Output Zone' firewall_rule_srcip = 'Source address' @@ -22,8 +22,9 @@ fw_reject = 'reject' fw_drop = 'drop' fw_src = 'Source' fw_dest = 'Destination' -fw_mtufix = 'MSS-Correction' fw_traffic = 'Traffic Control' +fw_mtufix = 'MSS-Correction' +fw_dropinvalid = 'Drop invalid packets' fw_portfw1 = 'Port forwarding allows to provide network services in the internal network to an external network.' firewall_redirect_src_desc = 'External Zone' firewall_redirect_srcdport = 'External port' @@ -34,7 +35,7 @@ firewall_redirect_destip = 'Internal address' firewall_redirect_destip_desc = 'IP-Address' firewall_redirect_destport = 'Internal port (optional)' firewall_redirect_destport_desc = 'port or range as first-last' -fw_forwarding1 = 'Here you can specify which network traffic is allowed to flow between network zones. Only new connections will be matched. Packets belonging to already open connections are automatically allowed to pass the firewall. If you experience occasional connection problems try enabling MSS-Correction otherwise disable it for performance resons.' +fw_forwarding1 = 'Here you can specify which network traffic is allowed to flow between network zones. Only new connections will be matched. Packets belonging to already open connections are automatically allowed to pass the firewall.' firewall_forwarding_src = 'Input' firewall_forwarding_dest = 'Output' firewall_defaults = 'Defaults' diff --git a/applications/luci-fw/luasrc/i18n/luci-fw.en.xml b/applications/luci-fw/luasrc/i18n/luci-fw.en.xml index 1da35bc239..0420565c3a 100644 --- a/applications/luci-fw/luasrc/i18n/luci-fw.en.xml +++ b/applications/luci-fw/luasrc/i18n/luci-fw.en.xml @@ -12,7 +12,7 @@ Custom forwarding The firewall creates zones over your network interfaces to control network traffic flow. Advanced Rules -Advanced rules let you customize the firewall to your needs. Only new connections will be matched. Packets belonging to already open connections are automatically allowed to pass the firewall. +Advanced rules let you customize the firewall to your needs. Only new connections will be matched. Packets belonging to already open connections are automatically allowed to pass the firewall. If you experience occasional connection problems try enabling MSS-Correction otherwise disable it for performance reasons. Input Zone Output Zone Source address @@ -27,6 +27,8 @@ Source Destination Traffic Control +MSS-Correction +Drop invalid packets Port forwarding allows to provide network services in the internal network to an external network. External Zone diff --git a/applications/luci-fw/luasrc/i18n/luci-fw.fr.lua b/applications/luci-fw/luasrc/i18n/luci-fw.fr.lua index 0480773604..a3b11e8a7c 100644 --- a/applications/luci-fw/luasrc/i18n/luci-fw.fr.lua +++ b/applications/luci-fw/luasrc/i18n/luci-fw.fr.lua @@ -23,6 +23,8 @@ fw_drop = 'ignorer (drop)' fw_src = 'Source' fw_dest = 'Destination' fw_traffic = 'Contrôle de Trafic' +fw_mtufix = 'MSS-Correction' +fw_dropinvalid = 'Drop incorrect packets' fw_portfw1 = 'La redirection de port vous permet d'exposer des services réseaux de votre réseau local au réseau externe.' firewall_redirect_src_desc = 'Zone externe' firewall_redirect_srcdport = 'Port externe' diff --git a/applications/luci-fw/luasrc/i18n/luci-fw.fr.xml b/applications/luci-fw/luasrc/i18n/luci-fw.fr.xml index 7b86a8cabb..d007ccb237 100644 --- a/applications/luci-fw/luasrc/i18n/luci-fw.fr.xml +++ b/applications/luci-fw/luasrc/i18n/luci-fw.fr.xml @@ -27,6 +27,8 @@ Source Destination Contrôle de Trafic +MSS-Correction +Drop incorrect packets La redirection de port vous permet d'exposer des services réseaux de votre réseau local au réseau externe. Zone externe diff --git a/applications/luci-fw/luasrc/i18n/luci-fw.pt-br.lua b/applications/luci-fw/luasrc/i18n/luci-fw.pt-br.lua index dc65599dda..3b38dc50f9 100644 --- a/applications/luci-fw/luasrc/i18n/luci-fw.pt-br.lua +++ b/applications/luci-fw/luasrc/i18n/luci-fw.pt-br.lua @@ -23,6 +23,8 @@ fw_drop = 'dropar' fw_src = 'Origem' fw_dest = 'Destino' fw_traffic = 'Controle de Tráfego' +fw_mtufix = 'MSS-Correction' +fw_dropinvalid = 'Drop invalid packets' fw_portfw1 = 'O redirecionamento de portas permite prover serviços de rede na rede interna para uma rede externa.' firewall_redirect_src_desc = 'Zona Externa' firewall_redirect_srcdport = 'Porta Externa' diff --git a/applications/luci-fw/luasrc/i18n/luci-fw.pt-br.xml b/applications/luci-fw/luasrc/i18n/luci-fw.pt-br.xml index 10dca8a907..1ca68779ea 100644 --- a/applications/luci-fw/luasrc/i18n/luci-fw.pt-br.xml +++ b/applications/luci-fw/luasrc/i18n/luci-fw.pt-br.xml @@ -27,6 +27,8 @@ Origem Destino Controle de Tráfego +MSS-Correction +Drop invalid packets O redirecionamento de portas permite prover serviços de rede na rede interna para uma rede externa. Zona Externa diff --git a/applications/luci-fw/luasrc/model/cbi/luci_fw/zones.lua b/applications/luci-fw/luasrc/model/cbi/luci_fw/zones.lua index 38f95136d0..81a0f65cf7 100644 --- a/applications/luci-fw/luasrc/model/cbi/luci_fw/zones.lua +++ b/applications/luci-fw/luasrc/model/cbi/luci_fw/zones.lua @@ -19,6 +19,12 @@ s.anonymous = true s:option(Flag, "syn_flood") +local di = s:option(Flag, "drop_invalid", translate("fw_dropinvalid")) +di.rmempty = false +function di.cfgvalue(...) + return AbstractValue.cfgvalue(...) or "1" +end + p = {} p[1] = s:option(ListValue, "input") p[2] = s:option(ListValue, "output") @@ -56,7 +62,7 @@ net = s:option(MultiValue, "network") net.widget = "select" net.rmempty = true luci.tools.webadmin.cbi_add_networks(net) - + function net.cfgvalue(self, section) local value = MultiValue.cfgvalue(self, section) return value or name:cfgvalue(section) diff --git a/applications/luci-fw/root/lib/uci/schema/default/firewall b/applications/luci-fw/root/lib/uci/schema/default/firewall index 3c2de46219..35ff0565cc 100644 --- a/applications/luci-fw/root/lib/uci/schema/default/firewall +++ b/applications/luci-fw/root/lib/uci/schema/default/firewall @@ -78,6 +78,12 @@ config variable option section 'firewall.defaults' option datatype 'boolean' +config variable + option name 'drop_invalid' + option title 'Do not drop packages with state invalid' + option section 'firewall.defaults' + option datatype 'boolean' + config section @@ -99,6 +105,12 @@ config variable option valueof 'firewall.zone.name' option required true +config variable + option name 'mtu_fix' + option title 'Fixup MTU of outgoing packages' + option section 'firewall.forwarding' + option datatype 'boolean' + config section diff --git a/contrib/package/olsrd-luci/Makefile b/contrib/package/olsrd-luci/Makefile index 9928c546e4..aaaeb516d4 100644 --- a/contrib/package/olsrd-luci/Makefile +++ b/contrib/package/olsrd-luci/Makefile @@ -18,12 +18,14 @@ PKG_RELEASE:=1 #PKG_SOURCE:=$(PKG_HGREV).tar.gz #PKG_SOURCE_URL:=http://gredler.at/hg/olsrd-0.5.6/archive #PKG_MD5SUM:=95af2d8d6075f74d379b752fb8dda3de -#PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_BASENAME)-0-5-6-$(PKG_HGREV) +#PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_HGREV) +#PKG_UNPACK=$(HOST_TAR) -C $(PKG_BUILD_DIR) --strip-components=1 -xzf $(DL_DIR)/$(PKG_SOURCE) PKG_SOURCE:=$(PKG_BASENAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=http://www.olsr.org/releases/0.5 PKG_MD5SUM:=0935688fa0fb5b0e073fe53ec654c5b2 -PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_BASENAME)-$(PKG_VERSION) +PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) +PKG_UNPACK=$(HOST_TAR) -C $(PKG_BUILD_DIR) --strip-components=1 -xjf $(DL_DIR)/$(PKG_SOURCE) include $(INCLUDE_DIR)/package.mk diff --git a/libs/cbi/luasrc/view/cbi/tblsection.htm b/libs/cbi/luasrc/view/cbi/tblsection.htm index 898645a72b..029ad661cc 100644 --- a/libs/cbi/luasrc/view/cbi/tblsection.htm +++ b/libs/cbi/luasrc/view/cbi/tblsection.htm @@ -31,7 +31,11 @@ end <%- if not self.anonymous then -%> - + <%- if self.sectionhead then -%> + + <%- else -%> + + <%- end -%> <%- end -%> <%- for i, k in pairs(self.children) do if not k.optional then -%> <%- if not self.anonymous then -%> - + <%- if self.sectiondesc then -%> + + <%- else -%> + + <%- end -%> <%- end -%> <%- for i, k in pairs(self.children) do if not k.optional then -%> -- 2.30.2
 <%=self.sectionhead%>  @@ -45,7 +49,11 @@ end
<%=self.sectiondesc%><%=k.description%>