6 'require tools.widgets as widgets';
7 'require shadowsocks-libev as ss';
9 var conf = 'shadowsocks-libev';
11 function src_dst_option(s /*, ... */) {
12 var o = s.taboption.apply(s, L.varargs(arguments, 1));
13 o.datatype = 'or(ipaddr,cidr)';
19 L.resolveDefault(fs.stat('/usr/share/ss-rules'), null),
20 uci.load(conf).then(function() {
21 if (!uci.get_first(conf, 'ss_rules')) {
22 uci.set(conf, uci.add(conf, 'ss_rules', 'ss_rules'), 'disabled', '1');
27 render: function(stats) {
30 m = new form.Map(conf, _('Redir Rules'),
31 _('On this page you can configure how traffics are to be \
32 forwarded to ss-redir instances. \
33 If enabled, packets will first have their src ip addresses checked \
34 against <em>Src ip/net bypass</em>, <em>Src ip/net forward</em>, \
35 <em>Src ip/net checkdst</em> and if none matches <em>Src default</em> \
36 will give the default action to be taken. \
37 If the prior check results in action <em>checkdst</em>, packets will continue \
38 to have their dst addresses checked.'));
40 s = m.section(form.NamedSection, 'ss_rules', 'ss_rules');
41 s.tab('general', _('General Settings'));
42 s.tab('src', _('Source Settings'));
43 s.tab('dst', _('Destination Settings'));
45 s.taboption('general', form.Flag, 'disabled', _('Disable'));
47 ss.option_install_package(s, 'general');
50 o = s.taboption('general', form.ListValue, 'redir_tcp',
51 _('ss-redir for TCP'));
52 ss.values_redir(o, 'tcp');
53 o = s.taboption('general', form.ListValue, 'redir_udp',
54 _('ss-redir for UDP'));
55 ss.values_redir(o, 'udp');
57 o = s.taboption('general', form.ListValue, 'local_default',
58 _('Local-out default'),
59 _('Default action for locally generated TCP packets'));
61 o = s.taboption('general', widgets.DeviceSelect, 'ifnames',
62 _('Ingress interfaces'),
63 _('Only apply rules on packets from these network interfaces'));
67 s.taboption('general', form.Value, 'nft_tcp_extra',
68 _('Extra tcp expression'),
69 _('Extra nftables expression for matching tcp traffics, e.g. "tcp dport { 80, 443 }"'));
70 s.taboption('general', form.Value, 'nft_udp_extra',
71 _('Extra udp expression'),
72 _('Extra nftables expression for matching udp traffics, e.g. "udp dport { 53 }"'));
74 src_dst_option(s, 'src', form.DynamicList, 'src_ips_bypass',
75 _('Src ip/net bypass'),
76 _('Bypass ss-redir for packets with src address in this list'));
77 src_dst_option(s, 'src', form.DynamicList, 'src_ips_forward',
78 _('Src ip/net forward'),
79 _('Forward through ss-redir for packets with src address in this list'));
80 src_dst_option(s, 'src', form.DynamicList, 'src_ips_checkdst',
81 _('Src ip/net checkdst'),
82 _('Continue to have dst address checked for packets with src address in this list'));
83 o = s.taboption('src', form.ListValue, 'src_default',
85 _('Default action for packets whose src address do not match any of the src ip/net list'));
88 src_dst_option(s, 'dst', form.DynamicList, 'dst_ips_bypass',
89 _('Dst ip/net bypass'),
90 _('Bypass ss-redir for packets with dst address in this list'));
91 src_dst_option(s, 'dst', form.DynamicList, 'dst_ips_forward',
92 _('Dst ip/net forward'),
93 _('Forward through ss-redir for packets with dst address in this list'));
95 var dir = '/etc/shadowsocks-libev';
96 o = s.taboption('dst', form.FileUpload, 'dst_ips_bypass_file',
97 _('Dst ip/net bypass file'),
98 _('File containing ip/net for the purposes as with <em>Dst ip/net bypass</em>'));
99 o.root_directory = dir;
100 o = s.taboption('dst', form.FileUpload, 'dst_ips_forward_file',
101 _('Dst ip/net forward file'),
102 _('File containing ip/net for the purposes as with <em>Dst ip/net forward</em>'));
103 o.root_directory = dir;
104 o = s.taboption('dst', form.ListValue, 'dst_default',
106 _('Default action for packets whose dst address do not match any of the dst ip list'));
107 ss.values_actions(o);
git.99rst.org / openwrt-luci.git / blob