#!/usr/bin/lua --[[ Part of AREDN -- Used for creating Amateur Radio Emergency Data Networks Copyright (C) 2021 Tim Wilkinson Original Perl Copyright (C) 2020 - Darryl Quinn See Contributors file for additional contributors This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 3 of the License. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . Additional Terms: Additional use restrictions exist on the AREDN(TM) trademark and logo. See AREDNLicense.txt for more info. Attributions to the AREDN Project must be retained in the source code. If importing this code into a new or existing project attribution to the AREDN project must be added to the source code. You must not misrepresent the origin of the material contained within. Modified versions must be modified to attribute to the original source and be marked in reasonable ways as differentiate it from the original version --]] require("nixio") require("aredn.hardware") require("aredn.http") require("aredn.utils") aredn.html = require("aredn.html") require("uci") aredn.info = require("aredn.info") local html = aredn.html local urlprefix local target = "unknown" local arch = "unknown" function defaultPackageRepos(repo) if not urlprefix then urlprefix = "http://downloads.arednmesh.org" local release = "unknown" for line in io.lines("/etc/openwrt_release") do local m = line:match("DISTRIB_RELEASE='(.*)'") if m then release = m end m = line:match("DISTRIB_TARGET='(.*)'") if m then target = m end m = line:match("DISTRIB_ARCH='(.*)'") if m then arch = m end end local a, b = release:match("^(%d+)%.(%d+)%.") if a and b then urlprefix = urlprefix .. "/releases/" .. a .. "/" .. b .. "/" .. release else -- nightly urlprefix = urlprefix .. "/snapshots" end end if repo:match("aredn_core") then return urlprefix .. "/targets/" .. target .. "/packages" else return urlprefix .. "/packages/" .. arch .. "/" .. repo end end local settings = { { category = "Link Quality Settings", key = "aredn.@lqm[0].enable", type = "boolean", desc = "Enable Link Quality Management

aredn.@lqm[0].enable", default = "1", postcallback = "lqm_defaults()", needreboot = true }, { category = "Link Quality Settings", key = "aredn.@lqm[0].margin_snr", type = "string", desc = "SNR Margin in dB above Min SNR a signal must reach to be re-activated

aredn.@lqm[0].margin_snr", default = "1", condition = "lqm_enabled()" }, { category = "Link Quality Settings", key = "aredn.@lqm[0].min_distance", type = "string", desc = "Min Distance in meters beyond which a neighbor RF link is allowed

aredn.@lqm[0].min_distance", default = "0", condition = "lqm_enabled()" }, { category = "Link Quality Settings", key = "aredn.@lqm[0].auto_distance", type = "string", desc = "Default Distance in meters to use when actual distance cannot be calculated

aredn.@lqm[0].auto_distance", default = "0", condition = "lqm_enabled()" }, { category = "Link Quality Settings", key = "aredn.@lqm[0].margin_quality", type = "string", desc = "Quality Margin percentage increase before neighbor can be re-activated

aredn.@lqm[0].margin_quality", default = "1", condition = "lqm_enabled()" }, { category = "Link Quality Settings", key = "aredn.@lqm[0].ping_penalty", type = "string", desc = "Ping Penalty quality percentage to add when neighbor cannot be pinged

aredn.@lqm[0].ping_penalty", default = "5", condition = "lqm_enabled()" }, { category = "Link Quality Settings", key = "aredn.@lqm[0].rts_threshold", type = "string", desc = "RTS Threshold in bytes before using RTS/CTS when hidden nodes are detected

aredn.@lqm[0].rts_threshold", default = "1", condition = "lqm_enabled()" }, { category = "Link Quality Settings", key = "aredn.@lqm[0].mtu", type = "string", desc = "Maximum packet size in bytes sent over WiFi (256 to 1500)

aredn.@lqm[0].mtu", default = "1500", postcallback = "changeMTU()", needreboot = true }, { category = "Link Quality Settings", key = "aredn.@lqm[0].user_blocks", type = "string", desc = "User Blocked comma-separated list of blocked MACs

aredn.@lqm[0].user_blocks", default = "", condition = "lqm_enabled()" }, { category = "Link Quality Settings", key = "aredn.@lqm[0].user_allows", type = "string", desc = "User Allowed comma-separated list of always allowed MACs

aredn.@lqm[0].user_allows", default = "", condition = "lqm_enabled()" }, { category = "WAN Settings", key = "aredn.@wan[0].olsrd_gw", type = "boolean", desc = "Allow other MESH nodes to use my WAN - not recommended and OFF by default

aredn.@wan[0].olsrd_gw", default = "0", postcallback = "changeWANGW()", needreboot = true }, { category = "WAN Settings", key = "aredn.@wan[0].lan_dhcp_route", type = "boolean", desc = "Allow my LAN devices to access my WAN - ON by default

aredn.@wan[0].lan_dhcp_route", default = "1", postcallback = "changeWANGW()", needreboot = true }, { category = "WAN Settings", key = "aredn.@wan[0].lan_dhcp_defaultroute", type = "boolean", desc = "Provide default route to LAN devices even when WAN access is disabled

aredn.@wan[0].lan_dhcp_defaultroute", default = "0", postcallback = "changeWANGW()", needreboot = true }, { category = "WAN Settings", key = "aredn.wan.vlanid", type = "string", desc = "WAN VLAN Number - must be an integer in the range [1,4094]

aredn.wan.vlanid", default = "", condition = "supportsVLANChange()", current = "currentWANVLAN()", postcallback = "changeWANVLAN()", needreboot = true }, { category = "WAN Settings", key = "aredn.@wan[0].web_access", type = "boolean", desc = "Enable web access to the node from the WAN interface

aredn.@wan[0].web_access", default = "0", needreboot = true }, { category = "WAN Settings", key = "aredn.@wan[0].ssh_access", type = "boolean", desc = "Enable SSH access to the node from the WAN interface

aredn.@wan[0].ssh_access", default = "0", needreboot = true }, { category = "Power Options", key = "aredn.@poe[0].passthrough", type = "boolean", desc = "PoE Passthrough specifies whether PoE power should be enabled (Not all devices have PoE passthrough ports)

aredn.@poe[0].passthrough", default = "0", condition = "hasPOE()", postcallback = "setPOEOutput()" }, { category = "Power Options", key = "aredn.@usb[0].passthrough", type = "boolean", desc = "USB Power Passthrough specifies whether USB power should be enabled (Not all devices have USB powered ports)

aredn.@usb[0].passthrough", default = "1", postcallback = "setUSBOutput()", condition = "hasUSB()" }, { category = "Tunnel Options", key = "aredn.@tunnel[0].maxclients", type = "string", desc = "Tunnel Maxclients specifies the maximum number of tunnel clients this node can serve; must be an integer in the range [0,100].

aredn.@tunnel[0].maxclients", default = "10", precallback = "restrictTunnelLimitToValidRange()", postcallback = "adjustTunnelInterfaceCount()" }, { category = "Tunnel Options", key = "aredn.@tunnel[0].maxservers", type = "string", desc = "Tunnel Maxservers specifies the maximum number of tunnel servers to which this node can connect; must be an integer in the range [0,100].

aredn.@tunnel[0].maxservers", default = "10", precallback = "restrictTunnelLimitToValidRange()", postcallback = "adjustTunnelInterfaceCount()" }, { category = "Tunnel Options", key = "aredn.@tunnel[0].wanonly", type = "boolean", desc = "WAN-Only Tunnel prevents tunnel traffic from being routed over the Mesh network itself

aredn.@tunnel[0].wanonly", default = "1", needreboot= true }, { category = "Memory Settings", key = "aredn.@meshstatus[0].lowmem", type = "string", desc = "Low Memory Threshold in KB when the Mesh Status page will be truncated

aredn.@meshstatus[0].lowmem", default = "10000" }, { category = "Memory Settings", key = "aredn.@meshstatus[0].lowroutes", type = "string", desc = "Low Memory Max Routes is the maximum number of routes shown on the Mesh Status page when low memory is detected

aredn.@meshstatus[0].lowroutes", default = "1000" }, { category = "Network Tools", key = "aredn.olsr.restart", type = "none", desc = "OLSR Restart will restart OLSR when executed; wait up to 2 or 3 minutes to receive response

aredn.olsr.restart", default = "0", postcallback = "olsr_restart()" }, { category = "Network Tools", key = "aredn.@iperf[0].enable", type = "boolean", desc = "IPERF Enable allows the included iperf3 client/server

aredn.@iperf[0].enable", default = "1" }, { category = "Map Paths", key = "aredn.@map[0].maptiles", type = "string", desc = "Map Tiles URL

aredn.@map[0].maptiles", default = "http://stamen-tiles-{s}.a.ssl.fastly.net/terrain/{z}/{x}/{y}.jpg" }, { category = "Map Paths", key = "aredn.@map[0].leafletcss", type = "string", desc = "Leaflet.css URL

aredn.@map[0].leafletcss", default = "http://unpkg.com/leaflet@0.7.7/dist/leaflet.css" }, { category = "Map Paths", key = "aredn.@map[0].leafletjs", type = "string", desc = "Leaflet.js URL

aredn.@map[0].leafletjs", default = "http://unpkg.com/leaflet@0.7.7/dist/leaflet.js" }, { category = "Firmware", key = "aredn.@downloads[0].firmwarepath", type = "string", desc = "Firmware Download URL

aredn.@downloads[0].firmwarepath", default = "http://downloads.arednmesh.org/firmware" }, { category = "Firmware", key = "aredn.@downloads[0].pkgs_core", type = "string", desc = "Core Packages Download URL

aredn.@downloads[0].pkgs_core", default = defaultPackageRepos('aredn_core'), postcallback = "writePackageRepo('core')" }, { category = "Firmware", key = "aredn.@downloads[0].pkgs_base", type = "string", desc = "Base Packages URL

aredn.@downloads[0].pkgs_base", default = defaultPackageRepos('base'), postcallback = "writePackageRepo('base')" }, { category = "Firmware", key = "aredn.@downloads[0].pkgs_arednpackages", type = "string", desc = "AREDN Packages URL

aredn.@downloads[0].pkgs_arednpackages", default = defaultPackageRepos('arednpackages'), postcallback = "writePackageRepo('arednpackages')" }, { category = "Firmware", key = "aredn.@downloads[0].pkgs_luci", type = "string", desc = "Luci Packages URL

aredn.@downloads[0].pkgs_luci", default = defaultPackageRepos('luci'), postcallback = "writePackageRepo('luci')" }, { category = "Firmware", key = "aredn.@downloads[0].pkgs_packages", type = "string", desc = "Package Download URL for packages not included in the other sections

aredn.@downloads[0].pkgs_packages", default = defaultPackageRepos('packages'), postcallback = "writePackageRepo('packages')" }, { category = "Firmware", key = "aredn.@downloads[0].pkgs_routing", type = "string", desc = "Routing Packages URL

aredn.@downloads[0].pkgs_routing", default = defaultPackageRepos('routing'), postcallback = "writePackageRepo('routing')" }, { category = "Firmware", key = "aredn.@downloads[0].pkgs_telephony", type = "string", desc = "Telephony Packages URL

aredn.@downloads[0].pkgs_telephony", default = defaultPackageRepos('telephony'), postcallback = "writePackageRepo('telephony')" }, { category = "Firmware", key = "aredn.@downloads[0].pkgs_freifunk", type = "string", desc = "Freifunk Packages URL

aredn.@downloads[0].pkgs_freifunk", default = defaultPackageRepos('freifunk'), postcallback = "writePackageRepo('freifunk')" }, { category = "Firmware", key = "aredn.firmware.dangerous_upgrade", type = "boolean", desc = "Dangerous Upgrade Disables all safety checks usually applied when upgrading firmware

aredn.firmware.dangerous_upgrade", default = "0", current = "current_force_upgrade()", postcallback = "update_force_upgrade()" }, { category = "AREDN Alert Settings", key = "aredn.aam.refresh", type = "none", desc = "Alert Message Refresh - Execute to pull any AREDN Alert messages

aredn.aam.refresh", default = "0", postcallback = "aam_refresh()" }, { category = "AREDN Alert Settings", key = "aredn.@alerts[0].localpath", type = "string", desc = "Alert Message Local URL - location from which local AREDN Alerts can be downloaded

aredn.@alerts[0].localpath", default = "" }, { category = "AREDN Alert Settings", key = "aredn.@alerts[0].pollrate", type = "string", desc = "Alert Message Pollrate - how many hours to wait between polling for new AREDN Alerts

aredn.@alerts[0].pollrate", default = "12", needreboot = true }, { category = "AREDN Alert Settings", key = "aredn.aam.purge", type = "none", desc = "Alert Message Purge - execute to immediately delete all alerts from this node

aredn.aam.purge", default = "", postcallback = "alert_purge()" } } local msgs = {} -- -- helpers -- function msg(m) msgs[#msgs + 1] = m end -- uci cursor local cursora = uci.cursor() local cursorb = uci.cursor("/etc/config.mesh") function cursor_set(a, b, c, d) if not cursora:get(a, b) and b:match("@(.+)%[0%]") then cursora:add(a, b:match("@(.+)%[0%]")) end cursora:set(a, b, c, d) if not cursorb:get(a, b) and b:match("@(.+)%[0%]") then cursorb:add(a, b:match("@(.+)%[0%]")) end cursorb:set(a, b, c, d) cursora:commit(a) cursorb:commit(a) end function cursor_add(a, b, c) cursora:set(a, b, c) cursorb:set(a, b, c) cursora:commit(a) cursorb:commit(a) end function cursor_delete(a, b) cursora:delete(a, b) cursorb:delete(a, b) cursora:commit(a) cursorb:commit(a) end function cursor_get(a, b, c) return cursora:get(a, b, c) end function reboot() local node = aredn.info.get_nvram("node") if node == "" then node = "Node" end local lanip, _, lanmask = aredn.hardware.get_interface_ip4(aredn.hardware.get_iface_name("lan")) local browser = os.getenv("REMOTE_ADDR") local browser6 = browser:match("::ffff:([%d%.]+)") if browser6 then browser = browser6 end local fromlan = false local subnet_change = false if lanip then fromlan = validate_same_subnet(browser, lanip, lanmask) if fromlan then lanmask = ip_to_decimal(lanmask) local cfgip = cursor_get("network", "lan", "ipaddr") local cfgmask = ip_to_decimal(cursor_get("network", "lan", "netmask")) if lanmask ~= cfgmask or nixio.bit.band(ip_to_decimal(lanip), lanmask) ~= nixio.bit.band(ip_to_decimal(cfgip), cfgmask) then subnet_change = true end end end http_header() if fromlan and subnet_change then html.header(node .. " rebooting", true) html.print("
") html.print("

" .. node .. " is rebooting


") html.print("

The LAN subnet has changed. You will need to acquire a new DHCP lease
") html.print("and reset any name service caches you may be using.


") html.print("

When the node reboots you get your new DHCP lease and reconnect with
") html.print("http://localnode.local.mesh:8080/
or
") html.print("http://" .. node .. ".local.mesh:8080/

") else html.header(node .. " rebooting", false) html.print("") html.print("
") html.print("

" .. node .. " is rebooting


") html.print("

Your browser should return to this node in 60 seconds.

") html.print("If something goes astray you can try to connect with

") html.print("http://localnode.local.mesh:8080/
") if node ~= "Node" then html.print("or
http://" .. node .. ".local.mesh:8080/

") end end html.print("
") http_footer() os.execute("reboot >/dev/null 2>&1") os.exit() end -- conditionals function hasPOE() return aredn.hardware.has_poe() end function hasUSB() return aredn.hardware.has_usb() end function supportsVLANChange() -- If we support advanced networking, we dont provide this option here local board = aredn.hardware.get_board_type() if board == "mikrotik,hap-ac2" or board == "mikrotik,hap-ac3" then return false end local stat = nixio.fs.stat("/etc/aredn_include/swconfig") -- We always support VLAN changing on devices without switches if not (stat and stat.size > 0) then return true end -- We also support VLAN changing on hAP, A750 and AR150 as WAN is on it's own ethernet port local type = aredn.hardware.get_type() if type == "rb-952ui-5ac2nd" or type == "routerboard-952ui-5ac2nd" or type == "gl-ar750" then return true end -- Otherwise return false end -- callbacks local newval local key function setPOEOutput() if not newval then newval = 0 end os.execute("/usr/local/bin/poe_passthrough " .. newval) end function setUSBOutput() if not newval then newval = 0 end os.execute("/usr/local/bin/usb_passthrough " .. newval) end function olsr_restart() os.execute("/etc/init.d/olsrd restart") end function aam_refresh() os.execute("/usr/local/bin/aredn_message.sh") end function alert_purge() os.remove("/tmp/aredn_message") os.remove("/tmp/local_message") end function lqm_enabled() return cursor_get("aredn", "@lqm[0]", "enable") == "1" end function lqm_defaults() cursor_set("aredn", "@lqm[0]", "min_snr", "15") cursor_set("aredn", "@lqm[0]", "margin_snr", "1") cursor_set("aredn", "@lqm[0]", "min_distance", "0") cursor_set("aredn", "@lqm[0]", "auto_distance", "0") cursor_set("aredn", "@lqm[0]", "max_distance", "80467") cursor_set("aredn", "@lqm[0]", "min_quality", "50") cursor_set("aredn", "@lqm[0]", "ping_penalty", "5") cursor_set("aredn", "@lqm[0]", "margin_quality", "1") end function current_force_upgrade() return nixio.fs.stat("/tmp/force-upgrade-this-is-dangerous") and 1 or 0 end function update_force_upgrade() if not newval or newval ~= "1" then nixio.fs.remove("/tmp/force-upgrade-this-is-dangerous") else io.open("/tmp/force-upgrade-this-is-dangerous", "w+"):close() end end function writePackageRepo(repo) local uciurl = cursor_get("aredn", "@downloads[0]", "pkgs_" .. repo) local disturl = capture("grep aredn_" .. repo .. " /etc/opkg/distfeeds.conf | cut -d' ' -f3") if uciurl and disturl ~= "" then os.execute("sed -i 's|" .. disturl:chomp() .. "|" .. uciurl:chomp() .. "|g' /etc/opkg/distfeeds.conf") end end function restrictTunnelLimitToValidRange() newval = tonumber(newval) if not newval then msg(key .. " must be an interger in the range [0,100]") newval = 0 elseif newval < 0 then msg("Lower limit of " .. key .. " is 0") newval = 0 elseif newval > 100 then msg("Upper limit of " .. key .. " is 100") newval = 100 end end function addTunnelInterface(file, tunnum) local section = "tun" .. tunnum cursor_add(file, section, "interface") cursor_set(file, section, "ifname", section) cursor_set(file, section, "proto", "none") end function deleteTunnelInterface(file, tunnum) local section = "tun" .. tunnum cursor_delete(file, section) end function adjustTunnelInterfaceCount() local tunnel_if_count = 0 cursora:foreach('network_tun', 'interface', function(s) tunnel_if_count = tunnel_if_count + 1 end) local maxclients = cursor_get("aredn", "@tunnel[0]", "maxclients") if not maxclients then maxclients = 10 end local maxservers = cursor_get("aredn", "@tunnel[0]", "maxservers") if not maxservers then maxservers = 10 end local needed_if_count = maxclients + maxservers if tunnel_if_count ~= needed_if_count then for i = tunnel_if_count,needed_if_count-1 do local tunnum = 50 + i addTunnelInterface("network_tun", tunnum) addTunnelInterface("network", tunnum) end for i = tunnel_if_count-1,needed_if_count,-1 do local tunnum = 50 + i deleteTunnelInterface("network_tun", tunnum) deleteTunnelInterface("network", tunnum) end -- can't clone network because it contains macros; re-edit it instead os.execute("sed -i -e '$r /etc/config.mesh/network_tun' -e '/interface.*tun',$d' /etc/config.mesh/network") end end function currentWANVLAN() for line in io.lines("/etc/config.mesh/_setup") do local vlan = line:match("^wan_intf = %w+%.(%d+)") if vlan then return vlan end end local vlan = aredn.hardware.get_board_network_ifname("wan"):match("^%w+%.(%d+)") if vlan then return vlan end return "" end function changeWANVLAN() local lines = {} for line in io.lines("/etc/config.mesh/_setup") do if not line:match("^wan_intf = ") then lines[#lines + 1] = line end end if newval ~= "" then local wan_intf = "" for dev in aredn.hardware.get_board_network_ifname("wan"):gmatch("%S+") do wan_intf = wan_intf .. " " .. dev:match("^([^%.]+)") .. "." .. newval end if wan_intf ~= "" then lines[#lines + 1] = "wan_intf =" .. wan_intf end end local f = io.open("/etc/config.mesh/_setup", "w") if f then for _, line in ipairs(lines) do f:write(line .. "\n") end f:close() end os.execute("/usr/local/bin/node-setup -a mesh") end function changeWANGW() os.execute("/usr/local/bin/node-setup -a mesh") end function changeMTU() os.execute("/usr/local/bin/node-setup -a mesh") end -- read_postdata local parms = {} if os.getenv("REQUEST_METHOD") == "POST" then require('luci.http') local request = luci.http.Request(nixio.getenv(), function() local v = io.read(1024) if not v then io.close() end return v end ) parms = request:formvalue() end if parms.button_firstboot then os.execute("firstboot -y") end if parms.button_firstboot or parms.button_reboot then reboot() end local node = aredn.info.get_nvram("node") for i, setting in ipairs(settings) do if parms["button_save_" .. i] then newval = parms["newval_" .. i] if not newval then newval = "" else newval = newval:gsub("^%s+", ""):gsub("%s+$", "") end if setting.type == "boolean" then if newval == "1" or newval == "true" then newval = "1" else newval = "0" end end key = setting.key if setting.precallback then loadstring(setting.precallback)() end local a, b, c = setting.key:match("(.+)%.(.+)%.(.*)") cursor_set(a, b, c, newval) msg("Changed " .. key) if setting.postcallback then loadstring(setting.postcallback)() end if setting.needreboot then io.open("/tmp/reboot-required", "w"):close() end break end end -- generate the page http_header() html.header(node .. " Advanced Configuration", false) html.print([[ ]]) html.print("
") html.alert_banner(); html.print("
") -- navbar html.navbar_admin("advancedconfig") -- help link and buttons table html.print("
") html.print("Help") html.print("    ") html.print("    ") html.print("
") html.print("
") html.print("WARNING: Changing advanced settings can be harmful to the stability, security, and performance of this node and potentially the entire mesh network.
You should only continue if you are sure of what you are doing.
") -- messages table html.print("") if nixio.fs.stat("/tmp/reboot-required") then html.print("") end for _, m in ipairs(msgs) do html.print("") end html.print("

Reboot is required for changes to take effect

" .. m .. "

") -- advanced configuration settings table html.print([[ ]]) -- settings html.print("") local prior_category = "" for i, setting in ipairs(settings) do if not setting.condition or loadstring("return " .. setting.condition)() then local sval if setting.current then sval = loadstring("return " .. setting.current)() else local a, b, c = setting.key:match("(.+)%.(.+)%.(.*)") sval = cursor_get(a, b, c) end sval = sval and tostring(sval) or "" if setting.category ~= prior_category then html.print([[]]) prior_category = setting.category end html.print("") html.print("") if setting.type ~= "none" then html.print("") end end html.print("
Setting Value Actions
]] .. setting.category .. [[
" .. setting.desc .. "") if setting.type == "string" then html.print("") elseif setting.type == "boolean" then if sval == "" then sval = setting.default end if sval == "1" then html.print("OFFON") else html.print("OFFON") end elseif setting.type == "none" then html.print("Click EXECUTE button to trigger this action") end html.print("
") else html.print("
") end if setting.type == "string" then html.print("") elseif setting.type == "boolean" then html.print("") end html.print("
") html.footer() html.print("") http_footer()