{ "client_requirement": "client_is_viewer+", "items": [ { "type": "header_page_title", "items": [ { "type": "h1", "text": "Network Layout" }, { "type": "p", "text": "Network segments managed by systemd-networkd, dnsmasq, nftables, and freeradius." } ] }, { "type": "raw_html", "html": "" }, { "type": "info_bar", "variant": "info", "text": "For a basic flat network with no VLAN segmentation, only use VLAN 1 and delete the others." }, { "type": "table", "datasource": "config:vlans", "empty_message": "No VLANs configured.", "columns": [ { "label": "VLAN ID", "field": "vlan_id", "class": "col-mono col-narrow" }, { "label": "Name", "field": "name", "class": "col-narrow" }, { "label": "Interface", "field": "interface", "class": "col-mono col-narrow" }, { "label": "Subnet", "field": "subnet", "class": "col-mono col-narrow" }, { "label": "Mask", "field": "subnet_mask", "class": "col-mono col-narrow" }, { "label": "Self Ident(s)", "field": "server_identity_ips", "render": "tag_list" }, { "label": "Blocklists", "field": "use_blocklists", "render": "tag_list" }, { "label": "Default", "field": "radius_default", "class": "col-narrow", "render": "badge_yes_no", "render_options": { "title_true": "RADIUS Default", "title_false": "Not RADIUS Default" } }, { "label": "mDNS", "field": "mdns_reflection", "class": "col-narrow", "render": "badge_yes_no", "render_options": { "title_true": "mDNS Reflection Enabled", "title_false": "mDNS Reflection Disabled" } }, { "label": "Recorded", "field": "dnsmasq_log_queries", "class": "col-narrow", "render": "badge_yes_no", "render_options": { "title_true": "DNS Queries Recorded", "title_false": "DNS Queries Not Recorded" } }, { "label": "Restricted", "field": "restricted_vlan", "class": "col-narrow", "render": "badge_vlan_restriction" } ], "row_actions": [ { "client_requirement": "client_is_administrator+", "method": "js_edit", "target": "add-form", "text": "Edit", "class": "btn-ghost btn-sm" }, { "client_requirement": "client_is_administrator+", "action": "/action/networklayout/vlans_delete", "method": "post", "text": "Delete", "class": "btn-danger btn-sm", "disable_if": { "field": "vlan_id", "value": 1 } } ] }, { "type": "card", "id": "add-form", "label": "Add VLAN", "client_requirement": "client_is_administrator+", "items": [ { "type": "form", "action": "/action/networklayout/vlans_addedit", "method": "post", "items": [ { "type": "hidden", "name": "row_index", "value": "" }, { "type": "field_row", "cols": 4, "items": [ { "type": "field", "label": "VLAN ID", "name": "vlan_id", "input_type": "number", "min": 1, "max": 4094, "validate": "VALIDATION_RANGE_INT", "existing_ids": "%EXISTING_VLAN_IDS_JSON%", "hint": "Unique integer 1-4094. Sets the 802.1Q tag and interface name." }, { "type": "field", "label": "VLAN Name", "name": "name", "input_type": "text", "validate": "VALIDATION_DASH_NAME", "existing_ids": "%EXISTING_VLAN_NAMES_JSON%", "hint": "Lowercase letters, digits, hyphens. E.g. iot" }, { "type": "subnet_row", "label": "VLAN Subnet", "subnet_name": "subnet", "prefix_name": "subnet_mask", "subnet_placeholder": "e.g. 192.168.x.0", "prefix_value": "24" }, { "type": "field", "label": "VLAN Type", "name": "is_vpn", "input_type": "checkbox", "checkbox_label": "Is VPN", "hint": "Check if this VLAN uses a WireGuard interface (e.g. wg0, wg1, etc)." } ] }, { "type": "hr" }, { "type": "record_editor", "label": "Router's identities on this VLAN", "name": "server_identities", "empty_message": "No identities added.", "fields": [ { "label": "IP Address", "name": "ip", "validate": "VALIDATION_IPV4_FORMAT|VALIDATION_ADDRESS", "attrs": { "data-dep-subnet": "[name='subnet']", "data-dep-mask": ".subnet-prefix-input" }, "placeholder": "x.x.x.x", "required": true }, { "label": "Description", "name": "description", "placeholder": "Optional label" }, { "label": "Hostname", "name": "hostname", "validate": "VALIDATION_NETWORK_NAME", "placeholder": "Optional" } ] }, { "type": "hr" }, { "type": "field_row", "cols": 4, "items": [ { "type": "readonly_select", "label": "Gateway", "name": "gateway", "hint": "Gateway advertised to clients via DHCP." }, { "type": "overridable_textarea", "label": "DNS Server(s)", "name": "dns_servers", "override_name": "dns_servers_override", "validate": "VALIDATION_IPV4_FORMAT|VALIDATION_ADDRESS", "hint": "DNS server(s) advertised to clients via DHCP." }, { "type": "overridable_textarea", "label": "NTP Server(s)", "name": "ntp_servers", "override_name": "ntp_servers_override", "validate": "VALIDATION_IPV4_FORMAT", "hint": "NTP server(s) advertised to clients via DHCP." }, { "type": "field", "label": "Domain", "name": "dhcp_domain", "input_type": "text", "validate": "VALIDATION_NETWORK_NAME", "value": "lan", "hint": "Local domain name advertised to clients via DHCP (e.g. lan, home.arpa, corp). Avoid \"local\" per RFC 6762." } ] }, { "type": "hr" }, { "type": "field_row", "cols": 3, "items": [ { "type": "field", "label": "DHCP Dynamic Pool Start", "name": "dhcp_pool_start", "input_type": "text", "validate": "VALIDATION_IPV4_FORMAT|VALIDATION_ADDRESS", "attrs": { "data-dep-subnet": "[name='subnet']", "data-dep-mask": ".subnet-prefix-input" } }, { "type": "field", "label": "DHCP Dynamic Pool End", "name": "dhcp_pool_end", "input_type": "text", "validate": "VALIDATION_IPV4_FORMAT|VALIDATION_ADDRESS", "attrs": { "data-dep-subnet": "[name='subnet']", "data-dep-mask": ".subnet-prefix-input" } }, { "type": "field_row", "cols": 2, "items": [ { "type": "field", "label": "Lease Time", "name": "dhcp_lease_time", "input_type": "number", "min": 1, "value": "48" }, { "type": "field", "label": "Unit", "name": "dhcp_lease_unit", "input_type": "select", "value": "hours", "options": [ {"value": "minutes", "label": "Minutes"}, {"value": "hours", "label": "Hours"}, {"value": "days", "label": "Days"} ] } ] } ] }, { "type": "hr" }, { "type": "field", "label": "Blocklists", "name": "use_blocklists", "input_type": "checkbox_group", "options": "%BLOCKLIST_NAME_OPTIONS%", "hint": "Note: Selected lists will be merged and de-duplicated prior to use." }, { "type": "hr" }, { "type": "field", "label": "RADIUS Default", "name": "radius_default", "input_type": "checkbox", "hint": "Clients without a DHCP reservation will be placed into this VLAN. Note: current default is %RADIUS_DEFAULT_VLAN%." }, { "type": "field", "label": "mDNS Reflection", "name": "mdns_reflection", "input_type": "checkbox", "hint": "Reflect mDNS traffic to/from this VLAN via avahi-daemon. Not supported VPN VLANs." }, { "type": "field", "label": "Record DNS Queries", "name": "dnsmasq_log_queries", "input_type": "checkbox", "hint": "Log every DNS query. High volume - enable for debugging only." }, { "type": "field", "label": "Restricted VLAN", "name": "restricted_vlan", "input_type": "select", "options": "%RESTRICTED_VLAN_OPTIONS%", "hint": "Quarantined VLAN devices are blocked from communicating with the Internet and may only be reached by Inter-VLAN-Exception rules. Captive Portal VLAN devices are redirected to an authentication page until they complete a login or accept terms." }, { "type": "button_row", "items": [ { "type": "button_primary", "text": "Add VLAN", "class": "add-vlan-btn", "disabled": true }, { "type": "button_cancel", "text": "Cancel" } ] } ] } ] } ] }