From 43a4481e103d764d6f656f2ed1f5c57f8580858e Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Wed, 18 Dec 2019 21:57:01 +0100 Subject: [PATCH] luci-mod-status: replace iptables controller actions with cgi-io calls Signed-off-by: Jo-Philipp Wich --- .../root/usr/share/rpcd/acl.d/luci-base.json | 4 +++- .../resources/view/status/iptables.js | 8 ++++--- .../luasrc/controller/admin/status.lua | 21 ------------------- .../share/luci/menu.d/luci-mod-status.json | 8 ------- 4 files changed, 8 insertions(+), 33 deletions(-) diff --git a/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json b/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json index 298b5ed33..a7d3edaf2 100644 --- a/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json +++ b/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json @@ -48,7 +48,9 @@ "/usr/bin/traceroute *": [ "exec" ], "/usr/bin/traceroute6 *": [ "exec" ], "/usr/bin/nslookup *": [ "exec" ], - "/usr/libexec/luci-peeraddr": [ "exec" ] + "/usr/libexec/luci-peeraddr": [ "exec" ], + "/usr/sbin/iptables --line-numbers -w -nvxL -t *": [ "exec" ], + "/usr/sbin/ip6tables --line-numbers -w -nvxL -t *": [ "exec" ] }, "ubus": { "file": [ "list", "read", "stat" ], diff --git a/modules/luci-mod-status/htdocs/luci-static/resources/view/status/iptables.js b/modules/luci-mod-status/htdocs/luci-static/resources/view/status/iptables.js index eaeba578f..966cd560c 100644 --- a/modules/luci-mod-status/htdocs/luci-static/resources/view/status/iptables.js +++ b/modules/luci-mod-status/htdocs/luci-static/resources/view/status/iptables.js @@ -246,8 +246,10 @@ function parse_output(table, s) } table_names.forEach(function(table) { - L.poll(5, L.url('admin/status/iptables_dump', current_mode, table.toLowerCase()), null, - function (xhr) { - parse_output(table, xhr.responseText); + L.Poll.add(function() { + var cmd = (current_mode == 6) ? '/usr/sbin/ip6tables' : '/usr/sbin/iptables'; + return L.fs.exec_direct(cmd, [ '--line-numbers', '-w', '-nvxL', '-t', table.toLowerCase() ]).then(function(output) { + parse_output(table, output); }); + }, 5); }); diff --git a/modules/luci-mod-status/luasrc/controller/admin/status.lua b/modules/luci-mod-status/luasrc/controller/admin/status.lua index 2684bdf71..e84f88d64 100644 --- a/modules/luci-mod-status/luasrc/controller/admin/status.lua +++ b/modules/luci-mod-status/luasrc/controller/admin/status.lua @@ -14,27 +14,6 @@ function action_dmesg() luci.template.render("admin_status/dmesg", {dmesg=dmesg}) end -function dump_iptables(family, table) - local prefix = (family == "6") and "ip6" or "ip" - local ok, lines = pcall(io.lines, "/proc/net/%s_tables_names" % prefix) - if ok and lines then - local s - for s in lines do - if s == table then - luci.http.prepare_content("text/plain") - luci.sys.process.exec({ - "/usr/sbin/%stables" % prefix, "-w", "-t", table, - "--line-numbers", "-nxvL" - }, luci.http.write) - return - end - end - end - - luci.http.status(404, "No such table") - luci.http.prepare_content("text/plain") -end - function action_iptables() if luci.http.formvalue("zero") then if luci.http.formvalue("family") == "6" then diff --git a/modules/luci-mod-status/root/usr/share/luci/menu.d/luci-mod-status.json b/modules/luci-mod-status/root/usr/share/luci/menu.d/luci-mod-status.json index 03f7dce3b..53d4b1736 100644 --- a/modules/luci-mod-status/root/usr/share/luci/menu.d/luci-mod-status.json +++ b/modules/luci-mod-status/root/usr/share/luci/menu.d/luci-mod-status.json @@ -17,14 +17,6 @@ } }, - "admin/status/iptables_dump/*": { - "action": { - "type": "call", - "module": "luci.controller.admin.status", - "function": "dump_iptables" - } - }, - "admin/status/iptables_action/*": { "action": { "type": "call", -- 2.25.1