mgrotke/linuxrouter
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
linuxrouter/docker/routlin-dash/app/pages/portforwarding/action.py
Matthew Grotke eed1d295dc Development
2026-05-27 20:56:30 -04:00

207 lines
6.5 KiB
Python
Raw Blame History

import copy
from flask import Blueprint, request, redirect, flash
from auth import require_level
from config_utils import load_config, save_config_with_snapshot, verify_config_hash
import sanitize
import validation as validate
bp = Blueprint('portforwarding', __name__)
VIEW = '/view/view_portforwarding'
_VALID_PROTOS_STR = ', '.join(sorted(validate.VALID_PROTOCOLS))
def _row_index():
try:
return int(request.form.get('row_index', ''))
except (ValueError, TypeError):
return None
def _hash_ok():
if not verify_config_hash(request.form.get('config_hash', '')):
flash('Configuration was modified by another session. Please refresh and try again.', 'error')
return False
return True
def _parse_entry():
description = sanitize.text(request.form.get('description', ''))
protocol = sanitize.filtervalue(request.form.get('protocol', ''), validate.VALID_PROTOCOLS)
dest_port_raw = request.form.get('dest_port', '').strip()
nat_ip_raw = request.form.get('nat_ip', '').strip()
nat_port_raw = request.form.get('nat_port', '').strip()
if not protocol:
flash(f'The configuration has not been saved because the protocol is invalid. '
f'Accepted values: {_VALID_PROTOS_STR}.', 'error')
return None, True
if not dest_port_raw:
flash('The configuration has not been saved because the external port is required.', 'error')
return None, True
dest_port = validate.port(dest_port_raw)
if not dest_port:
flash(f'The configuration has not been saved because "{dest_port_raw}" is not a valid port number (1-65535).', 'error')
return None, True
if not nat_ip_raw:
flash('The configuration has not been saved because the NAT IP address is required.', 'error')
return None, True
nat_ip = validate.ip(nat_ip_raw)
if not nat_ip:
flash(f'The configuration has not been saved because "{nat_ip_raw}" is not a valid IP address.', 'error')
return None, True
if not nat_port_raw:
flash('The configuration has not been saved because the NAT port is required.', 'error')
return None, True
nat_port = validate.port(nat_port_raw)
if not nat_port:
flash(f'The configuration has not been saved because "{nat_port_raw}" is not a valid port number (1-65535).', 'error')
return None, True
return {
'description': description,
'protocol': protocol,
'dest_port': dest_port,
'nat_ip': nat_ip,
'nat_port': nat_port,
'enabled': True,
}, None
@bp.route('/action/add_port_forward', methods=['POST'])
@require_level('administrator')
def add_port_forward():
entry, err = _parse_entry()
if err:
return redirect(VIEW)
if not _hash_ok():
return redirect(VIEW)
cfg = load_config()
cfg.setdefault('port_forwarding', []).append(entry)
errors = validate.validate_config(cfg)
if errors:
for msg in errors:
flash(msg, 'error')
return redirect(VIEW)
key = f'{entry["protocol"]}:{entry["dest_port"]}'
flash(save_config_with_snapshot(
cfg,
path='port_forwarding', key=key, operation='add',
before=None, after=entry,
description=f'Added port forward: {key}{entry["nat_ip"]}:{entry["nat_port"]}',
), 'success')
return redirect(VIEW)
@bp.route('/action/toggle_port_forward', methods=['POST'])
@require_level('administrator')
def toggle_port_forward():
idx = _row_index()
if idx is None:
flash('Invalid request.', 'error')
return redirect(VIEW)
if not _hash_ok():
return redirect(VIEW)
cfg = load_config()
items = cfg.get('port_forwarding', [])
if idx < 0 or idx >= len(items):
flash('Entry not found.', 'error')
return redirect(VIEW)
old_enabled = items[idx].get('enabled', True)
items[idx]['enabled'] = not old_enabled
errors = validate.validate_config(cfg)
if errors:
for msg in errors:
flash(msg, 'error')
return redirect(VIEW)
key = f'{items[idx]["protocol"]}:{items[idx]["dest_port"]}'
action = 'Enabled' if not old_enabled else 'Disabled'
flash(save_config_with_snapshot(
cfg,
path='port_forwarding', key=key, operation='toggle',
before={'enabled': old_enabled}, after={'enabled': not old_enabled},
description=f'{action} port forward: {key}',
), 'success')
return redirect(VIEW)
@bp.route('/action/edit_port_forward', methods=['POST'])
@require_level('administrator')
def edit_port_forward():
idx = _row_index()
if idx is None:
flash('Invalid request.', 'error')
return redirect(VIEW)
entry, err = _parse_entry()
if err:
return redirect(VIEW)
if not _hash_ok():
return redirect(VIEW)
cfg = load_config()
items = cfg.get('port_forwarding', [])
if idx < 0 or idx >= len(items):
flash('Entry not found.', 'error')
return redirect(VIEW)
before = copy.deepcopy(items[idx])
items[idx] = entry
items[idx]['enabled'] = request.form.get('enabled') == 'on'
errors = validate.validate_config(cfg)
if errors:
for msg in errors:
flash(msg, 'error')
return redirect(VIEW)
key = f'{entry["protocol"]}:{entry["dest_port"]}'
flash(save_config_with_snapshot(
cfg,
path='port_forwarding', key=key, operation='edit',
before=before, after=copy.deepcopy(items[idx]),
description=f'Edited port forward: {key}{entry["nat_ip"]}:{entry["nat_port"]}',
), 'success')
return redirect(VIEW)
@bp.route('/action/delete_port_forward', methods=['POST'])
@require_level('administrator')
def delete_port_forward():
idx = _row_index()
if idx is None:
flash('Invalid request.', 'error')
return redirect(VIEW)
if not _hash_ok():
return redirect(VIEW)
cfg = load_config()
items = cfg.get('port_forwarding', [])
if idx < 0 or idx >= len(items):
flash('Entry not found.', 'error')
return redirect(VIEW)
removed = items.pop(idx)
errors = validate.validate_config(cfg)
if errors:
for msg in errors:
flash(msg, 'error')
return redirect(VIEW)
key = f'{removed["protocol"]}:{removed["dest_port"]}'
flash(save_config_with_snapshot(
cfg,
path='port_forwarding', key=key, operation='delete',
before=removed, after=None,
description=f'Deleted port forward: {key}',
), 'success')
return redirect(VIEW)
Reference in a new issue View git blame Copy permalink