upstream/opnsense-plugins
1
0
Fork 0
mirror of https://github.com/opnsense/plugins.git synced 2026-05-28 04:34:15 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

net/firewall - NPTv6 work for https://github.com/opnsense/core/issues/6383 , rearange template.

Browse source
This commit is contained in:
Ad Schellevis 2024-01-03 20:59:47 +01:00
parent b07f9ee7bf
commit f6deef2617
8 changed files with 89 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
net/firewall/src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/NptController.php
View file

@ -37,7 +37,12 @@ class NptController extends FilterBaseController
$filter_funct = function ($record) use ($category) {
return empty($category) || array_intersect(explode(',', $record->categories), $category);
};
return $this->searchBase("npt.rule", ['enabled', 'sequence', 'description'], "sequence", $filter_funct);
return $this->searchBase(
"npt.rule",
['enabled', 'sequence', 'source_net', 'destination_net', 'description'],
"sequence",
$filter_funct
);
}
public function setRuleAction($uuid)

11
net/firewall/src/opnsense/mvc/app/controllers/OPNsense/Firewall/FilterController.php
View file

@ -33,6 +33,17 @@ class FilterController extends \OPNsense\Base\IndexController
{
$this->view->pick('OPNsense/Firewall/filter');
$this->view->ruleController = "filter";
$this->view->gridFields = [
[
'id' => 'enabled', 'formatter' => 'rowtoggle' ,'width' => '6em', 'heading' => gettext('Enabled')
],
[
'id' => 'sequence','width' => '9em', 'heading' => gettext('Sequence')
],
[
'id' => 'description', 'heading' => gettext('Description')
]
];
$this->view->formDialogFilterRule = $this->getForm("dialogFilterRule");
}
}

19
net/firewall/src/opnsense/mvc/app/controllers/OPNsense/Firewall/NptController.php
View file

@ -33,6 +33,25 @@ class NptController extends \OPNsense\Base\IndexController
{
$this->view->pick('OPNsense/Firewall/filter');
$this->view->ruleController = "npt";
$this->view->hideSavePointBtns = true;
$this->view->gridFields = [
[
'id' => 'enabled', 'formatter' => 'rowtoggle' ,'width' => '6em', 'heading' => gettext('Enabled')
],
[
'id' => 'sequence','width' => '9em', 'heading' => gettext('Sequence')
],
[
'id' => 'source_net', 'heading' => gettext('Internal IPv6 Prefix')
],
[
'id' => 'destination_net', 'heading' => gettext('External IPv6 Prefix')
],
[
'id' => 'description', 'heading' => gettext('Description')
]
];
$this->view->formDialogFilterRule = $this->getForm("dialogNptRule");
}
}

11
net/firewall/src/opnsense/mvc/app/controllers/OPNsense/Firewall/SourceNatController.php
View file

@ -33,6 +33,17 @@ class SourceNatController extends \OPNsense\Base\IndexController
{
$this->view->pick('OPNsense/Firewall/filter');
$this->view->ruleController = "source_nat";
$this->view->gridFields = [
[
'id' => 'enabled', 'formatter' => 'rowtoggle' ,'width' => '6em', 'heading' => gettext('Enabled')
],
[
'id' => 'sequence','width' => '9em', 'heading' => gettext('Sequence')
],
[
'id' => 'description', 'heading' => gettext('Description')
]
];
$this->view->formDialogFilterRule = $this->getForm("dialogSNatRule");
}
}

6
net/firewall/src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms/dialogNptRule.xml
View file

@ -17,14 +17,12 @@
</field>
<field>
<id>rule.source_net</id>
<label>Source</label>
<style>net_selector</style>
<label>Internal IPv6 Prefix (source)</label>
<type>text</type>
</field>
<field>
<id>rule.destination_net</id>
<label>Destination</label>
<style>net_selector</style>
<label>External IPv6 Prefix (target)</label>
<type>text</type>
</field>
<field>

20
net/firewall/src/opnsense/mvc/app/models/OPNsense/Firewall/Filter.php
View file

@ -44,12 +44,7 @@ class Filter extends BaseModel
$messages = parent::performValidation($validateFullModel);
foreach ([$this->rules->rule, $this->snatrules->rule] as $rules) {
foreach ($rules->iterateItems() as $rule) {
// validate changed rules
$rule_changed = false;
foreach ($rule->iterateItems() as $field) {
$rule_changed = $rule_changed ? $rule_changed : $field->isFieldChanged();
}
if ($validateFullModel || $rule_changed) {
if ($validateFullModel || $rule->isFieldChanged()) {
// port / protocol validation
if (!empty((string)$rule->source_port) && !in_array($rule->protocol, ['TCP', 'UDP'])) {
$messages->appendMessage(new Message(
@ -100,6 +95,19 @@ class Filter extends BaseModel
}
}
}
foreach ($this->npt->rule->iterateItems() as $rule) {
if ($validateFullModel || $rule->isFieldChanged()) {
$src_is_addr = Util::isSubnet($rule->source_net) || Util::isIpAddress($rule->source_net);
$src_proto = strpos($rule->source_net, ':') === false ? "inet" : "inet6";
if ($src_is_addr && $src_proto != 'inet6') {
$messages->appendMessage(new Message(
gettext("You can not use IPv4 addresses in IPv6 rules."),
$rule->source_net->__reference
));
}
}
}
return $messages;
}

18
net/firewall/src/opnsense/mvc/app/models/OPNsense/Firewall/Filter.xml
View file

@ -219,15 +219,29 @@
<Default>1</Default>
<Required>Y</Required>
</enabled>
<sequence type="IntegerField">
<MinimumValue>1</MinimumValue>
<MaximumValue>99999</MaximumValue>
<ValidationMessage>provide a valid sequence for sorting</ValidationMessage>
<Required>Y</Required>
<Default>1</Default>
</sequence>
<interface type="InterfaceField">
<Required>Y</Required>
<Default>lan</Default>
<AllowDynamic>Y</AllowDynamic>
</interface>
<source_net type="NetworkAliasField">
<source_net type="NetworkField">
<Required>Y</Required>
<AddressFamily>ipv6</AddressFamily>
<NetMaskRequired>Y</NetMaskRequired>
<WildcardEnabled>N</WildcardEnabled>
</source_net>
<destination_net type="NetworkAliasField"/>
<destination_net type="NetworkField">
<AddressFamily>ipv6</AddressFamily>
<NetMaskRequired>Y</NetMaskRequired>
<WildcardEnabled>N</WildcardEnabled>
</destination_net>
<categories type="ModelRelationField">
<Model>
<rulesets>

14
net/firewall/src/opnsense/mvc/app/views/OPNsense/Firewall/filter.volt
View file

@ -179,9 +179,14 @@
<thead>
<tr>
<th data-column-id="uuid" data-type="string" data-identifier="true" data-visible="false">{{ lang._('ID') }}</th>
<th data-column-id="enabled" data-width="6em" data-type="string" data-formatter="rowtoggle">{{ lang._('Enabled') }}</th>
<th data-column-id="sequence" data-type="string">{{ lang._('Sequence') }}</th>
<th data-column-id="description" data-type="string">{{ lang._('Description') }}</th>
{% for fieldlist in gridFields %}
<th
data-column-id="{{fieldlist['id']}}"
data-width="{{fieldlist['width']|default('')}}"
data-type="{{fieldlist['type']|default('string')}}"
data-formatter="{{fieldlist['formatter']|default('')}}"
>{{fieldlist['heading']|default('')}}</th>
{% endfor %}
<th data-column-id="commands" data-width="7em" data-formatter="commands" data-sortable="false">{{ lang._('Commands') }}</th>
</tr>
</thead>
@ -208,7 +213,7 @@
data-error-title="{{ lang._('Filter load error') }}"
type="button"
></button>
{% if not hideSavePointBtns|default(false) %}
<div class="pull-right">
<button class="btn" id="savepointAct"
data-endpoint='/api/firewall/{{ruleController}}/savepoint'
@ -220,6 +225,7 @@
{{ lang._('Revert') }}
</button>
</div>
{% endif %}
<br/><br/>
</div>
</div>