From: Jonathan Bennett Date: Wed, 10 Jun 2015 14:31:53 +0000 (-0500) Subject: Luci-app-fwknopd:add a couple config options to the interface X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=refs%2Fpull%2F409%2Fhead;p=oweals%2Fluci.git Luci-app-fwknopd:add a couple config options to the interface Minor tweaks to uci-defaults refresh translation files Signed-off-by: Jonathan Bennett --- diff --git a/applications/luci-app-fwknopd/luasrc/model/cbi/fwknopd.lua b/applications/luci-app-fwknopd/luasrc/model/cbi/fwknopd.lua index 84a1a23d8..096724f73 100644 --- a/applications/luci-app-fwknopd/luasrc/model/cbi/fwknopd.lua +++ b/applications/luci-app-fwknopd/luasrc/model/cbi/fwknopd.lua @@ -46,6 +46,8 @@ s = m:section(TypedSection, "config", translate("fwknopd.conf config options")) s.anonymous=true s.dynamic=true s:option(Value, "MAX_SPA_PACKET_AGE", "MAX_SPA_PACKET_AGE", translate("Maximum age in seconds that an SPA packet will be accepted. defaults to 120 seconds")) +s:option(Value, "PCAP_INTF", "PCAP_INTF", translate("Specify the ethernet interface on which fwknopd will sniff packets.")) +s:option(Value, "ENABLE_IPT_FORWARDING", "ENABLE_IPT_FORWARDING", translate("Allow SPA clients to request access to services through an iptables firewall instead of just to it.")) s:option(DummyValue, "note2", translate("Enter custom fwknopd.conf variables below:")) return m diff --git a/applications/luci-app-fwknopd/po/en/en.po b/applications/luci-app-fwknopd/po/en/en.po deleted file mode 100644 index 1abc6a8f9..000000000 --- a/applications/luci-app-fwknopd/po/en/en.po +++ /dev/null @@ -1,103 +0,0 @@ -msgid "" -msgstr "" -"Content-Type: text/plain; charset=UTF-8\n" -"Project-Id-Version: PACKAGE VERSION\n" -"PO-Revision-Date: 2015-05-12 21:03-0500\n" -"Last-Translator: Jonathan Bennett \n" -"Language-Team: English\n" -"Language: en\n" -"MIME-Version: 1.0\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -msgid "Base 64 key" -msgstr "Base 64 key" - -msgid "" -"Define a set of ports and protocols (tcp or udp) that will be opened if a " -"valid knock sequence is seen. If this entry is not set, fwknopd will attempt " -"to honor any proto/port request specified in the SPA data (unless of it " -"matches any “RESTRICT_PORTS” entries). Multiple entries are comma-separated." -msgstr "" -"Define a set of ports and protocols (tcp or udp) that will be opened if a " -"valid knock sequence is seen. If this entry is not set, fwknopd will attempt " -"to honor any proto/port request specified in the SPA data (unless of it " -"matches any “RESTRICT_PORTS” entries). Multiple entries are comma-separated." - -msgid "" -"Define the length of time access will be granted by fwknopd through the " -"firewall after a valid knock sequence from a source IP address. If " -"“FW_ACCESS_TIMEOUT” is not set then the default timeout of 30 seconds will " -"automatically be set." -msgstr "" -"Define the length of time access will be granted by fwknopd through the " -"firewall after a valid knock sequence from a source IP address. If " -"“FW_ACCESS_TIMEOUT” is not set then the default timeout of 30 seconds will " -"automatically be set." - -msgid "" -"Define the symmetric key used for decrypting an incoming SPA packet that is " -"encrypted by the fwknop client with Rijndael." -msgstr "" -"Define the symmetric key used for decrypting an incoming SPA packet that is " -"encrypted by the fwknop client with Rijndael." - -msgid "Enable Uci/Luci control" -msgstr "Enable Uci/Luci control" - -msgid "Enable config overwrite" -msgstr "Enable config overwrite" - -msgid "Enter custom access.conf variables below:" -msgstr "Enter custom access.conf variables below:" - -msgid "Enter custom fwknopd.conf variables below:" -msgstr "Enter custom fwknopd.conf variables below:" - -msgid "Firewall Knock Daemon" -msgstr "Firewall Knock Daemon" - -msgid "Firewall Knock Operator" -msgstr "Firewall Knock Operator" - -msgid "" -"Force all SPA packets to contain a real IP address within the encrypted " -"data. This makes it impossible to use the -s command line argument on the " -"fwknop client command line, so either -R has to be used to automatically " -"resolve the external address (if the client behind a NAT) or the client must " -"know the external IP and set it via the -a argument." -msgstr "" -"Force all SPA packets to contain a real IP address within the encrypted " -"data. This makes it impossible to use the -s command line argument on the " -"fwknop client command line, so either -R has to be used to automatically " -"resolve the external address (if the client behind a NAT) or the client must " -"know the external IP and set it via the -a argument." - -msgid "" -"Maximum age in seconds that an SPA packet will be accepted. defaults to 120 " -"seconds" -msgstr "" -"Maximum age in seconds that an SPA packet will be accepted. defaults to 120 " -"seconds" - -msgid "Normal Key" -msgstr "Normal Key" - -msgid "The base64 hmac key" -msgstr "The base64 hmac key" - -msgid "Use ANY for any source ip" -msgstr "Use ANY for any source ip" - -msgid "" -"When unchecked, the config files in /etc/fwknopd will be used as is, " -"ignoring any settings here." -msgstr "" -"When unchecked, the config files in /etc/fwknopd will be used as is, " -"ignoring any settings here." - -msgid "access.conf stanzas" -msgstr "access.conf stanzas" - -msgid "fwknopd.conf config options" -msgstr "fwknopd.conf config options" diff --git a/applications/luci-app-fwknopd/po/en/fwknopd.po b/applications/luci-app-fwknopd/po/en/fwknopd.po new file mode 100644 index 000000000..d75c99d52 --- /dev/null +++ b/applications/luci-app-fwknopd/po/en/fwknopd.po @@ -0,0 +1,113 @@ +msgid "" +msgstr "" +"Content-Type: text/plain; charset=UTF-8\n" +"Project-Id-Version: PACKAGE VERSION\n" +"PO-Revision-Date: 2015-05-12 21:03-0500\n" +"Last-Translator: Jonathan Bennett \n" +"Language-Team: English\n" +"Language: en\n" +"MIME-Version: 1.0\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +msgid "" +"Allow SPA clients to request access to services through an iptables firewall " +"instead of just to it." +msgstr "" +"Allow SPA clients to request access to services through an iptables firewall " +"instead of just to it." + +msgid "Base 64 key" +msgstr "Base 64 key" + +msgid "" +"Define a set of ports and protocols (tcp or udp) that will be opened if a " +"valid knock sequence is seen. If this entry is not set, fwknopd will attempt " +"to honor any proto/port request specified in the SPA data (unless of it " +"matches any “RESTRICT_PORTS” entries). Multiple entries are comma-separated." +msgstr "" +"Define a set of ports and protocols (tcp or udp) that will be opened if a " +"valid knock sequence is seen. If this entry is not set, fwknopd will attempt " +"to honor any proto/port request specified in the SPA data (unless of it " +"matches any “RESTRICT_PORTS” entries). Multiple entries are comma-separated." + +msgid "" +"Define the length of time access will be granted by fwknopd through the " +"firewall after a valid knock sequence from a source IP address. If " +"“FW_ACCESS_TIMEOUT” is not set then the default timeout of 30 seconds will " +"automatically be set." +msgstr "" +"Define the length of time access will be granted by fwknopd through the " +"firewall after a valid knock sequence from a source IP address. If " +"“FW_ACCESS_TIMEOUT” is not set then the default timeout of 30 seconds will " +"automatically be set." + +msgid "" +"Define the symmetric key used for decrypting an incoming SPA packet that is " +"encrypted by the fwknop client with Rijndael." +msgstr "" +"Define the symmetric key used for decrypting an incoming SPA packet that is " +"encrypted by the fwknop client with Rijndael." + +msgid "Enable Uci/Luci control" +msgstr "Enable Uci/Luci control" + +msgid "Enable config overwrite" +msgstr "Enable config overwrite" + +msgid "Enter custom access.conf variables below:" +msgstr "Enter custom access.conf variables below:" + +msgid "Enter custom fwknopd.conf variables below:" +msgstr "Enter custom fwknopd.conf variables below:" + +msgid "Firewall Knock Daemon" +msgstr "Firewall Knock Daemon" + +msgid "Firewall Knock Operator" +msgstr "Firewall Knock Operator" + +msgid "" +"Force all SPA packets to contain a real IP address within the encrypted " +"data. This makes it impossible to use the -s command line argument on the " +"fwknop client command line, so either -R has to be used to automatically " +"resolve the external address (if the client behind a NAT) or the client must " +"know the external IP and set it via the -a argument." +msgstr "" +"Force all SPA packets to contain a real IP address within the encrypted " +"data. This makes it impossible to use the -s command line argument on the " +"fwknop client command line, so either -R has to be used to automatically " +"resolve the external address (if the client behind a NAT) or the client must " +"know the external IP and set it via the -a argument." + +msgid "" +"Maximum age in seconds that an SPA packet will be accepted. defaults to 120 " +"seconds" +msgstr "" +"Maximum age in seconds that an SPA packet will be accepted. defaults to 120 " +"seconds" + +msgid "Normal Key" +msgstr "Normal Key" + +msgid "Specify the ethernet interface on which fwknopd will sniff packets." +msgstr "Specify the ethernet interface on which fwknopd will sniff packets." + +msgid "The base64 hmac key" +msgstr "The base64 hmac key" + +msgid "Use ANY for any source ip" +msgstr "Use ANY for any source ip" + +msgid "" +"When unchecked, the config files in /etc/fwknopd will be used as is, " +"ignoring any settings here." +msgstr "" +"When unchecked, the config files in /etc/fwknopd will be used as is, " +"ignoring any settings here." + +msgid "access.conf stanzas" +msgstr "access.conf stanzas" + +msgid "fwknopd.conf config options" +msgstr "fwknopd.conf config options" diff --git a/applications/luci-app-fwknopd/po/templates/fwknopd.pot b/applications/luci-app-fwknopd/po/templates/fwknopd.pot index ec1550462..4fb616f25 100644 --- a/applications/luci-app-fwknopd/po/templates/fwknopd.pot +++ b/applications/luci-app-fwknopd/po/templates/fwknopd.pot @@ -1,6 +1,11 @@ msgid "" msgstr "Content-Type: text/plain; charset=UTF-8" +msgid "" +"Allow SPA clients to request access to services through an iptables firewall " +"instead of just to it." +msgstr "" + msgid "Base 64 key" msgstr "" @@ -57,6 +62,9 @@ msgstr "" msgid "Normal Key" msgstr "" +msgid "Specify the ethernet interface on which fwknopd will sniff packets." +msgstr "" + msgid "The base64 hmac key" msgstr "" diff --git a/applications/luci-app-fwknopd/root/etc/uci-defaults/luci-fwknopd b/applications/luci-app-fwknopd/root/etc/uci-defaults/luci-fwknopd index 689bedcd1..01b85de25 100644 --- a/applications/luci-app-fwknopd/root/etc/uci-defaults/luci-fwknopd +++ b/applications/luci-app-fwknopd/root/etc/uci-defaults/luci-fwknopd @@ -1,6 +1,7 @@ #!/bin/sh #-- Copyright 2015 Jonathan Bennett #-- Licensed to the public under the GNU General Public License v2. +. /lib/functions/network.sh uci batch <