From 50722058cfed28572f9597e7225431d3c1d1c561 Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Wed, 18 Dec 2019 21:32:48 +0100 Subject: [PATCH] luci-mod-network: replace controller address check action with cgi-io script Signed-off-by: Jo-Philipp Wich (backported from commit 3a657b8ab585f6e0fef5c9128dc84c5a008a6969) --- .../root/usr/share/rpcd/acl.d/luci-base.json | 3 +- .../resources/view/network/interfaces.js | 4 +- .../luasrc/controller/admin/network.lua | 66 ------------------- .../root/usr/libexec/luci-peeraddr | 46 +++++++++++++ 4 files changed, 50 insertions(+), 69 deletions(-) create mode 100755 modules/luci-mod-network/root/usr/libexec/luci-peeraddr diff --git a/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json b/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json index 248e7f87fc..298b5ed336 100644 --- a/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json +++ b/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json @@ -47,7 +47,8 @@ "/usr/bin/ping6 *": [ "exec" ], "/usr/bin/traceroute *": [ "exec" ], "/usr/bin/traceroute6 *": [ "exec" ], - "/usr/bin/nslookup *": [ "exec" ] + "/usr/bin/nslookup *": [ "exec" ], + "/usr/libexec/luci-peeraddr": [ "exec" ] }, "ubus": { "file": [ "list", "read", "stat" ], diff --git a/modules/luci-mod-network/htdocs/luci-static/resources/view/network/interfaces.js b/modules/luci-mod-network/htdocs/luci-static/resources/view/network/interfaces.js index 9ca7773fe1..280356efba 100644 --- a/modules/luci-mod-network/htdocs/luci-static/resources/view/network/interfaces.js +++ b/modules/luci-mod-network/htdocs/luci-static/resources/view/network/interfaces.js @@ -160,8 +160,8 @@ function iface_updown(up, id, ev, force) { btns[1].disabled = true; if (!up) { - L.Request.get(L.url('admin/network/remote_addr')).then(function(res) { - var info = res.json(); + L.resolveDefault(fs.exec_direct('/usr/libexec/luci-peeraddr')).then(function(res) { + var info = null; try { info = JSON.parse(res); } catch(e) {} if (L.isObject(info) && Array.isArray(info.inbound_interfaces) && diff --git a/modules/luci-mod-network/luasrc/controller/admin/network.lua b/modules/luci-mod-network/luasrc/controller/admin/network.lua index 72d355b6a7..b34ec4f48b 100644 --- a/modules/luci-mod-network/luasrc/controller/admin/network.lua +++ b/modules/luci-mod-network/luasrc/controller/admin/network.lua @@ -15,9 +15,6 @@ function index() page.uci_depends = { wireless = { ["@wifi-device[0]"] = "wifi-device" } } page.leaf = true - page = entry({"admin", "network", "remote_addr"}, call("remote_addr"), nil) - page.leaf = true - page = entry({"admin", "network", "network"}, view("network/interfaces"), _("Interfaces"), 10) page.leaf = true page.subindex = true @@ -45,66 +42,3 @@ function index() page.order = 60 -- end end - -local function addr2dev(addr, src) - local ip = require "luci.ip" - local route = ip.route(addr, src) - if not src and route and route.src then - route = ip.route(addr, route.src:string()) - end - return route and route.dev -end - -function remote_addr() - local uci = require "luci.model.uci" - local peer = luci.http.getenv("REMOTE_ADDR") - local serv = luci.http.getenv("SERVER_ADDR") - local device = addr2dev(peer, serv) - local ifaces = luci.util.ubus("network.interface", "dump") - local indevs = {} - local inifs = {} - - local result = { - remote_addr = peer, - server_addr = serv, - inbound_devices = {}, - inbound_interfaces = {} - } - - if type(ifaces) == "table" and type(ifaces.interface) == "table" then - for _, iface in ipairs(ifaces.interface) do - if type(iface) == "table" then - if iface.device == device or iface.l3_device == device then - inifs[iface.interface] = true - indevs[device] = true - end - - local peeraddr = uci:get("network", iface.interface, "peeraddr") - for _, ai in ipairs(peeraddr and nixio.getaddrinfo(peeraddr) or {}) do - local peerdev = addr2dev(ai.address) - if peerdev then - for _, iface in ipairs(ifaces.interface) do - if type(iface) == "table" and - (iface.device == peerdev or iface.l3_device == peerdev) - then - inifs[iface.interface] = true - indevs[peerdev] = true - end - end - end - end - end - end - end - - for k in pairs(inifs) do - result.inbound_interfaces[#result.inbound_interfaces + 1] = k - end - - for k in pairs(indevs) do - result.inbound_devices[#result.inbound_devices + 1] = k - end - - luci.http.prepare_content("application/json") - luci.http.write_json(result) -end diff --git a/modules/luci-mod-network/root/usr/libexec/luci-peeraddr b/modules/luci-mod-network/root/usr/libexec/luci-peeraddr new file mode 100755 index 0000000000..84a0158fd5 --- /dev/null +++ b/modules/luci-mod-network/root/usr/libexec/luci-peeraddr @@ -0,0 +1,46 @@ +#!/bin/sh + +NL=" +" + +function ifaces_by_device() { + ubus call network.interface dump 2>/dev/null | \ + jsonfilter -e "@.interface[@.device='$1' || @.l3_device='$1'].interface" +} + +function device_by_addr() { + set -- $(ip route get "$1" ${2:+from "$2"} 2>/dev/null) + echo "$5" +} + +for inbound_device in $(device_by_addr "$REMOTE_ADDR" "$SERVER_ADDR"); do + inbound_devices="$inbound_device" + inbound_interfaces="" + + for iface in $(ifaces_by_device "$inbound_device"); do + inbound_interfaces="${inbound_interfaces:+$inbound_interfaces$NL}$iface" + + for peeraddr in $(uci get "network.$iface.peeraddr"); do + for ipaddr in $(resolveip -t 1 "$peeraddr" 2>/dev/null); do + for peerdev in $(device_by_addr "$ipaddr"); do + for iface in $(ifaces_by_device "$peerdev"); do + inbound_devices="${inbound_devices:+$inbound_devices$NL}$peerdev" + inbound_interfaces="${inbound_interfaces:+$inbound_interfaces$NL}$iface" + done + done + done + done + done +done + +inbound_devices="$(echo "$inbound_devices" | sort -u | sed ':a;N;$!ba;s/\n/", "/g')" +inbound_interfaces="$(echo "$inbound_interfaces" | sort -u | sed ':a;N;$!ba;s/\n/", "/g')" + +cat <