-
-
Notifications
You must be signed in to change notification settings - Fork 74
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[WIP] Openwrt firewall #162
base: master
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jonathanunderwood thanks for getting this started, I'm having a hard time locating the real changes due to the noise, see my comment below.
7c2a086
to
ee3528c
Compare
40d0115
to
8e4f186
Compare
This commit adds a firewall rule UCI parser to the OpenWRT backend. This commit includes: - Fixing test_default.py to use the new parser - New tests in test_firewall.py
8e4f186
to
29957e3
Compare
@nemesisdesign How do you recommend dealing with a UCI parameter that can either be a string or a list? One such example is the
At present, in the schema, this parameter is specified as a |
2e8f244
to
a8117e6
Compare
For now, I have gone with this approach. |
a8117e6
to
6d09ae8
Compare
Yes that should work! |
925c367
to
33cae29
Compare
This commit: - Adds a schema for redirects - Adds a renderer and parser for redirects - Adds initial tests for redirects
33cae29
to
a9cb284
Compare
Treat these parameters as an array, and drop support for negating the values with a "!" in JSON as it is unneeded.
0c70308
to
dae2fb9
Compare
This change enables parsing of the "!" character for monthdays and weekdays paraemters of a firewall redirect object when present in UCI configuration. This change does not add support for negation in NetJSON config.
dae2fb9
to
3dd9f67
Compare
@nemesisdesign any idea what's going on with the test execution - travis/coveralls seems to have been waiting forever? |
@jonathanunderwood travis CI does not offer free plans for open source anymore and they're not renewing our OSS credits, we're moving to all the repositories of OpenWISP to Github actions #178, but it's taking time to do it for all the modules. You can run tests locally for now, when it's ready for review or need feedback let us know. |
The defaults section can be empty, so when parsing UCI to netjson it is necessary to remove the defaults section if it is empty.
312e575
to
f15cf3c
Compare
53d407c
to
f0225e9
Compare
f0225e9
to
3b51afe
Compare
This removes the remnants of an attempt to manage older firewall configurations from before the firewall schema was introduced. However, this handling was incomplete and flawed, and so this code is pointless.
Is there any intention to carry on this branch? |
@nemesisdesign I find this feature very useful and I want to contribute. If it is ok I can spend some of my free time on to carry on this work. |
@ValerioBob Sadly I ran out of time to work on this back in 2021. There's actually not that much left to do, so please feel free to dig in and add commits. I'll try and find some time to come back to it in the coming weeks as well. |
@jonathanunderwood Hi! It would be awesome! Rn I don't have so much time but I will in some weeks. |
This builds on #116 to complete the work needed. The parser and renderers are largely incomplete, and there aren't really any tests of note. So, breaking the work down:
name
andenabled
fields to forwardingValidationError
tests are includedname
andenabled
fields which are testedNote: this reference document is the source of truth for OpenWRT firewall configuration parameters.