diff options
author | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2013-05-21 16:38:17 +0300 |
---|---|---|
committer | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2013-05-21 16:38:17 +0300 |
commit | 24e76d835856beb9121f2c50aaafab39f7aca9bb (patch) | |
tree | 3e4c8b252ec1c58c8c5b96c595a0a0d6390a9001 /acf/modules | |
parent | 0f66997b445d49799dd5a24f89f5e4be7dbdfc82 (diff) | |
download | acf2-24e76d835856beb9121f2c50aaafab39f7aca9bb.tar.bz2 acf2-24e76d835856beb9121f2c50aaafab39f7aca9bb.tar.xz |
web client: display user-friendly names rather than path names
Diffstat (limited to 'acf/modules')
-rw-r--r-- | acf/modules/awall.lua | 103 | ||||
-rw-r--r-- | acf/modules/generic.lua | 4 | ||||
-rw-r--r-- | acf/modules/net.lua | 18 |
3 files changed, 79 insertions, 46 deletions
diff --git a/acf/modules/awall.lua b/acf/modules/awall.lua index ed6f45d..91b6a84 100644 --- a/acf/modules/awall.lua +++ b/acf/modules/awall.lua @@ -10,8 +10,10 @@ local object = require('acf.object') local Direction = object.class(M.String) -function Direction:init() - object.super(self, Direction):init{choice={'in', 'out'}} +function Direction:init(params) + if not params then params = {} end + params.choice = {'in', 'out'} + object.super(self, Direction):init(params) end @@ -25,21 +27,21 @@ IPSet.family = M.String{required=true, choice={'inet', 'inet6'}} IPSet.range = M.Range{type=M.net.IPv4Address} local Service = M.new() -Service.proto = M.String{required=true} +Service.proto = M.String{required=true, ui_name='Protocol'} Service.port = M.Collection{type=M.Range{type=M.net.Port}} -Service['icmp-type'] = M.String -Service['ct-helper'] = M.String +Service['icmp-type'] = M.String{ui_name='ICMP type'} +Service['ct-helper'] = M.String{ui_name='Connection tracking helper'} -- TODO fw zone local Zone = M.new() -Zone.iface = M.Set{type=M.String} -Zone.addr = M.Set{type=M.String} +Zone.iface = M.Set{type=M.String, ui_name='Interfaces'} +Zone.addr = M.Set{type=M.String, ui_name='Addresses'} Zone['route-back'] = M.Boolean{default=false} local LogClass = M.new() LogClass.mode = M.String{default='log', choice={'log', 'nflog', 'ulog'}} -LogClass.every = M.Integer +LogClass.every = M.Integer{ui_name='Sampling frequency'} LogClass.limit = M.Integer LogClass.prefix = M.String LogClass.probability = M.Number @@ -49,21 +51,27 @@ LogClass.threshold = M.Integer local IPSetReference = M.new() IPSetReference.name = M.Reference{scope='../../../ipset', required=true} -IPSetReference.args = M.Collection{type=Direction, required=true} +IPSetReference.args = M.Collection{ + type=Direction, required=true, ui_name='Arguments' +} local Rule = M.new() -Rule['in'] = M.Collection{type=M.Reference{scope='../../../zone'}} -Rule.out = M.Collection{type=M.Reference{scope='../../../zone'}} -Rule.src = M.Collection{type=M.String} -Rule.dest = M.Collection{type=M.String} -Rule.ipset = IPSetReference -Rule.ipsec = Direction +Rule['in'] = M.Collection{ + type=M.Reference{scope='../../../zone'}, ui_name='Ingess zones' +} +Rule.out = M.Collection{ + type=M.Reference{scope='../../../zone'}, ui_name='Egress zones' +} +Rule.src = M.Collection{type=M.String, ui_name='Sources'} +Rule.dest = M.Collection{type=M.String, ui_name='Destinations'} +Rule.ipset = M.Model{model=IPSetReference, ui_name='IP set'} +Rule.ipsec = Direction{ui_name='Require IPsec'} Rule.service = M.Collection{type=M.Reference{scope='../../../service'}} Rule.action = M.String{choice={'accept'}} local PacketLogRule = M.new(Rule) -PacketLogRule.log = M.Reference{scope='../../log'} +PacketLogRule.log = M.Reference{scope='../../log', ui_name='Log class'} -- TODO no service field local PolicyRule = M.new(PacketLogRule) @@ -77,46 +85,69 @@ Limit.interval = M.Integer Limit.log = M.Reference{scope='../../../log'} local FilterRule = M.new(PolicyRule) -FilterRule['conn-limit'] = Limit -FilterRule['flow-limit'] = Limit -FilterRule.dnat = M.net.IPv4Address -FilterRule['no-track'] = M.Boolean{default=false} -FilterRule.related = M.Collection{type=Rule} +FilterRule['conn-limit'] = M.Model{model=Limit, ui_name='Connection limit'} +FilterRule['flow-limit'] = M.Model{model=Limit, ui_name='Flow limit'} +FilterRule.dnat = M.net.IPv4Address{ui_name='DNAT target'} +FilterRule['no-track'] = M.Boolean{default=false, ui_name='CT bypass'} +FilterRule.related = M.Collection{type=Rule, ui_name='Related packet rules'} local DivertRule = M.new(Rule) -DivertRule['to-port'] = M.Range{type=M.net.Port} +DivertRule['to-port'] = M.Range{type=M.net.Port, ui_name='Target port'} local NATRule = M.new(DivertRule) -NATRule['to-addr'] = M.Range{type=M.net.IPv4Address} +NATRule['to-addr'] = M.Range{type=M.net.IPv4Address, ui_name='Target address'} local MarkRule = M.new(Rule) MarkRule.mark = M.Integer{required=true} local ClampMSSRule = M.new(Rule) -ClampMSSRule.mss = M.Integer +ClampMSSRule.mss = M.Integer{ui_name='MSS'} local AWall = M.new() -- TODO differentiate lists? AWall.service = M.Collection{type=M.Collection{type=Service}} AWall.zone = M.Collection{type=Zone} -AWall.log = M.Collection{type=LogClass} -AWall.policy = M.Collection{type=PolicyRule} -AWall['packet-log'] = M.Collection{type=PacketLogRule} +AWall.log = M.Collection{ + type=LogClass, ui_name='Log classes', ui_member='Log class' +} +AWall.policy = M.Collection{ + type=PolicyRule, ui_name='Policies', ui_member='Policy' +} +AWall['packet-log'] = M.Collection{ + type=PacketLogRule, ui_name='Logging', ui_member='Logging rule' +} AWall.filter = M.Collection{type=FilterRule} -AWall.dnat = M.Collection{type=NATRule} -AWall.snat = M.Collection{type=NATRule} -AWall.mark = M.Collection{type=MarkRule} -AWall['route-track'] = M.Collection{type=MarkRule} -AWall.tproxy = M.Collection{type=DivertRule} -AWall['clamp-mss'] = M.Collection{type=ClampMSSRule} -AWall['no-track'] = M.Collection{type=Rule} -AWall.ipset = M.Collection{type=IPSet} +AWall.dnat = M.Collection{type=NATRule, ui_name='DNAT', ui_member='DNAT rule'} +AWall.snat = M.Collection{type=NATRule, ui_name='SNAT', ui_member='SNAT rule'} +AWall.mark = M.Collection{ + type=MarkRule, ui_name='Packet marking', ui_member='Packet marking rule' +} +AWall['route-track'] = M.Collection{ + type=MarkRule, ui_name='Route tracking', ui_member='Route tracking rule' +} +AWall.tproxy = M.Collection{ + type=DivertRule, + ui_name='Transparent proxy', + ui_member='Transparent proxy rule' +} +AWall['clamp-mss'] = M.Collection{ + type=ClampMSSRule, ui_name='MSS clamping', ui_member='MSS clamping rule' +} +AWall['no-track'] = M.Collection{ + type=Rule, ui_name='CT bypass', ui_member='Connection tracking bypass rule' +} +AWall.ipset = M.Collection{ + type=IPSet, ui_name='IP sets', ui_member='IP set' +} M.register( 'awall', AWall, - '/json'..require('posix').getcwd()..'/config/awall.json' + { + addr='/json'..require('posix').getcwd()..'/config/awall.json', + ui_name='Alpine Wall' + } ) M.permission.defaults('/awall') diff --git a/acf/modules/generic.lua b/acf/modules/generic.lua index c8abb9b..d12f96b 100644 --- a/acf/modules/generic.lua +++ b/acf/modules/generic.lua @@ -9,8 +9,8 @@ module(..., package.seeall) local M = require('acf.model') -M.register('proc', M.Mixed, '/files/proc') +M.register('proc', M.Mixed, {addr='/files/proc', ui_name='/proc'}) M.permission.defaults('/proc') -M.register('augeas', M.Mixed, '/augeas') +M.register('augeas', M.Mixed, {addr='/augeas'}) M.permission.defaults('/augeas') diff --git a/acf/modules/net.lua b/acf/modules/net.lua index 447c876..c21e4e7 100644 --- a/acf/modules/net.lua +++ b/acf/modules/net.lua @@ -8,18 +8,20 @@ module(..., package.seeall) local M = require('acf.model') local Host = M.new() -Host.ipaddr = M.net.IPAddress -Host.canonical = M.String -Host.alias = M.Collection{type=M.String} +Host.address = M.net.IPAddress{addr='ipaddr'} +Host.canonical = M.String{ui_name='Canonical name'} +Host.alias = M.Collection{type=M.String, ui_name='Aliases', ui_member='Alias'} local Resolv = M.new() -Resolv.nameserver = M.Collection{type=M.net.IPAddress} -Resolv['search-domain'] = M.Collection{type=M.String, addr='search/domain'} +Resolv.servers = M.Collection{type=M.net.IPAddress, addr='nameserver'} +Resolv['search-domains'] = M.Collection{type=M.String, addr='search/domain'} local Net = M.new() -Net.hostname = M.String{addr='/augeas/etc/hostname/hostname'} +Net['host-name'] = M.String{addr='/augeas/etc/hostname/hostname'} Net.hosts = M.Collection{type=Host, addr='/augeas/etc/hosts'} -Net.resolv = M.Model{model=Resolv, addr='/augeas/etc/resolv.conf'} +Net.resolver = M.Model{ + model=Resolv, addr='/augeas/etc/resolv.conf', ui_name='DNS resolver' +} -M.register('net', Net) +M.register('net', Net, {ui_name='Network'}) M.permission.defaults('/net') |