Home Explore Help
Sign In
RISCI_ATOM
/
libreCMC-next
forked from libreCMC/libreCMC
1
0
Fork 0
Files
Tree: 43b024b724
Branches Tags
libreCMC-next
/
package
/
luci
/
applications
/
luci-app-shadowsocks-libev
/
luasrc
/
model
/
cbi
/
shadowsocks-libev
/
rules.lua

rules.lua 4.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109 
  1. -- Copyright 2017 Yousong Zhou <yszhou4tech@gmail.com>
    2. 

  2. -- Licensed to the public under the Apache License 2.0.
    3. 

  3. 

  4. local ss = require("luci.model.shadowsocks-libev")
    5. 

  5. 

  6. local m, s, o
    7. 

  7. 

  8. m = Map("shadowsocks-libev",
    9. 

  9. 	translate("Redir Rules"),
    10. 

  10. 	translate("On this page you can configure how traffics are to be \
    11. 

  11. 		forwarded to ss-redir instances. \
    12. 

  12. 		If enabled, packets will first have their src ip addresses checked \
    13. 

  13. 		against <em>Src ip/net bypass</em>, <em>Src ip/net forward</em>, \
    14. 

  14. 		<em>Src ip/net checkdst</em> and if none matches <em>Src default</em> \
    15. 

  15. 		will give the default action to be taken. \
    16. 

  16. 		If the prior check results in action <em>checkdst</em>, packets will continue \
    17. 

  17. 		to have their dst addresses checked."))
    18. 

  18. 

  19. local sdata = m:get('ss_rules')
    20. 

  20. if not sdata then
    21. 

  21. 	m:set('ss_rules', nil, 'ss_rules')
    22. 

  22. 	m:set('ss_rules', 'disabled', "1")
    23. 

  23. end
    24. 

  24. 

  25. function src_dst_option(s, ...)
    26. 

  26. 	local o = s:taboption(...)
    27. 

  27. 	o.datatype = "or(ip4addr,cidr4)"
    28. 

  28. end
    29. 

  29. 

  30. s = m:section(NamedSection, "ss_rules", "ss_rules")
    31. 

  31. s:tab("general", translate("General Settings"))
    32. 

  32. s:tab("src", translate("Source Settings"))
    33. 

  33. s:tab("dst", translate("Destination Settings"))
    34. 

  34. 

  35. s:taboption('general', Flag, "disabled", translate("Disable"))
    36. 

  36. ss.option_install_package(s, 'general')
    37. 

  37. 

  38. o = s:taboption('general', ListValue, "redir_tcp",
    39. 

  39. 	translate("ss-redir for TCP"))
    40. 

  40. ss.values_redir(o, 'tcp')
    41. 

  41. o = s:taboption('general', ListValue, "redir_udp",
    42. 

  42. 	translate("ss-redir for UDP"))
    43. 

  43. ss.values_redir(o, 'udp')
    44. 

  44. 

  45. o = s:taboption('general', ListValue, "local_default",
    46. 

  46. 	translate("Local-out default"),
    47. 

  47. 	translate("Default action for locally generated TCP packets"))
    48. 

  48. ss.values_actions(o)
    49. 

  49. o = s:taboption('general', DynamicList, "ifnames",
    50. 

  50. 	translate("Ingress interfaces"),
    51. 

  51. 	translate("Only apply rules on packets from these network interfaces"))
    52. 

  52. ss.values_ifnames(o)
    53. 

  53. s:taboption('general', Value, "ipt_args",
    54. 

  54. 	translate("Extra arguments"),
    55. 

  55. 	translate("Passes additional arguments to iptables. Use with care!"))
    56. 

  56. 

  57. src_dst_option(s, 'src', DynamicList, "src_ips_bypass",
    58. 

  58. 	translate("Src ip/net bypass"),
    59. 

  59. 	translate("Bypass ss-redir for packets with src address in this list"))
    60. 

  60. src_dst_option(s, 'src', DynamicList, "src_ips_forward",
    61. 

  61. 	translate("Src ip/net forward"),
    62. 

  62. 	translate("Forward through ss-redir for packets with src address in this list"))
    63. 

  63. src_dst_option(s, 'src', DynamicList, "src_ips_checkdst",
    64. 

  64. 	translate("Src ip/net checkdst"),
    65. 

  65. 	translate("Continue to have dst address checked for packets with src address in this list"))
    66. 

  66. o = s:taboption('src', ListValue, "src_default",
    67. 

  67. 	translate("Src default"),
    68. 

  68. 	translate("Default action for packets whose src address do not match any of the src ip/net list"))
    69. 

  69. ss.values_actions(o)
    70. 

  70. 

  71. src_dst_option(s, 'dst', DynamicList, "dst_ips_bypass",
    72. 

  72. 	translate("Dst ip/net bypass"),
    73. 

  73. 	translate("Bypass ss-redir for packets with dst address in this list"))
    74. 

  74. src_dst_option(s, 'dst', DynamicList, "dst_ips_forward",
    75. 

  75. 	translate("Dst ip/net forward"),
    76. 

  76. 	translate("Forward through ss-redir for packets with dst address in this list"))
    77. 

  77. 

  78. o = s:taboption('dst', FileBrowser, "dst_ips_bypass_file",
    79. 

  79. 	translate("Dst ip/net bypass file"),
    80. 

  80. 	translate("File containing ip/net for the purposes as with <em>Dst ip/net bypass</em>"))
    81. 

  81. o.datatype = "file"
    82. 

  82. s:taboption('dst', FileBrowser, "dst_ips_forward_file",
    83. 

  83. 	translate("Dst ip/net forward file"),
    84. 

  84. 	translate("File containing ip/net for the purposes as with <em>Dst ip/net forward</em>"))
    85. 

  85. o.datatype = "file"
    86. 

  86. o = s:taboption('dst', ListValue, "dst_default",
    87. 

  87. 	translate("Dst default"),
    88. 

  88. 	translate("Default action for packets whose dst address do not match any of the dst ip list"))
    89. 

  89. ss.values_actions(o)
    90. 

  90. 

  91. local installed = os.execute("iptables -m recent -h &>/dev/null") == 0
    92. 

  92. if installed then
    93. 

  93. 	o = s:taboption('dst', Flag, "dst_forward_recentrst")
    94. 

  94. else
    95. 

  95. 	m:set('ss_rules', 'dst_forward_recentrst', "0")
    96. 

  96. 	o = s:taboption("dst", Button, "_install")
    97. 

  97. 	o.inputtitle = translate("Install package iptables-mod-conntrack-extra")
    98. 

  98. 	o.inputstyle = "apply"
    99. 

  99. 	o.write = function()
    100. 

  100. 		return luci.http.redirect(
    101. 

  101. 			luci.dispatcher.build_url("admin/system/packages") ..
    102. 

  102. 			"?submit=1&install=iptables-mod-conntrack-extra"
    103. 

  103. 		)
    104. 

  104. 	end
    105. 

  105. end
    106. 

  106. o.title = translate("Forward recentrst")
    107. 

  107. o.description = translate("Forward those packets whose dst have recently sent to us multiple tcp-rst")
    108. 

  108. 

  109. return m
    110.