diff --git a/package/gargoyle/files/www/access.sh b/package/gargoyle/files/www/access.sh index ecb0171b28..1a7ca836be 100755 --- a/package/gargoyle/files/www/access.sh +++ b/package/gargoyle/files/www/access.sh @@ -31,6 +31,13 @@ if [ -e /etc/dropbear/authorized_keys ] ; then cat /etc/dropbear/authorized_keys | awk -F' ' ' $0 ~ /./ {print "authorizedKeyMap[\""$NF"\"]=\""$0"\";"}' fi + + echo "const REMOTE_ADDR = \"$REMOTE_ADDR\";"; + echo "const SERVER_ADDR = \"$SERVER_ADDR\";"; + + echo "const HTTPS = \"$HTTPS\";"; + echo "const HTTP_HOST = \"$HTTP_HOST\";"; + echo "const SERVER_PORT = \"$SERVER_PORT\";"; %> //--> @@ -66,12 +73,16 @@ + + +
@@ -80,22 +91,27 @@
- +
+
+
+ +
@@ -108,6 +124,17 @@
+
+ + + + +
+ + + +
+
@@ -145,6 +172,8 @@
+
+
@@ -171,7 +200,8 @@
-
+
+
@@ -179,7 +209,7 @@
-
+
@@ -199,6 +229,7 @@
+ <%~ MoreInfo %> - <%~ MoreInfo %>
diff --git a/package/gargoyle/files/www/js/access.js b/package/gargoyle/files/www/js/access.js index 52abd39be4..f140a6bd8b 100644 --- a/package/gargoyle/files/www/js/access.js +++ b/package/gargoyle/files/www/js/access.js @@ -12,26 +12,24 @@ var stopRedirect = false; function saveChanges() { - errorList = proofreadAll(); + var errorList = proofreadAll(); if(errorList.length > 0) { - errorString = errorList.join("\n") + "\n\n" + UI.ErrChanges; - alert(errorString); + alert(errorList.join("\n") + "\n\n" + UI.ErrChanges); } else { setControlsEnabled(false, true); - restartFirewall = true; - restartDropbear = false; - restartUhttpd = true; + + var uciCompare = uciOriginal.clone(); + + var oldLocalHttpPort = getHttpPort(uciOriginal); + var oldLocalHttpsPort = getHttpsPort(uciOriginal); //remove all old firewall remote_accept sections that redirected to ssh or http server var dropbearSections = uciOriginal.getAllSections("dropbear"); var oldLocalSshPort = uciOriginal.get("dropbear", dropbearSections[0], "Port"); - var oldLocalHttpsPort = getHttpsPort(uciOriginal); - var oldLocalHttpPort = getHttpPort(uciOriginal); - var firewallSectionCommands = []; var remoteAcceptSections = uciOriginal.getAllSectionsOfType("firewall", "remote_accept"); while(remoteAcceptSections.length > 0) @@ -40,15 +38,16 @@ function saveChanges() var localPort = uciOriginal.get("firewall", lastSection, "local_port"); if(localPort == oldLocalSshPort || localPort == oldLocalHttpsPort || localPort == oldLocalHttpPort) { - uciOriginal.removeSection("firewall", lastSection); + uciCompare.removeSection("firewall", lastSection); firewallSectionCommands.push("uci del firewall." + lastSection); } } - var uci = uciOriginal.clone(); + var uci = uciCompare.clone(); // add updated remote accepts + var restartFirewall = false; var addAccept = function(local,remote) { var id = "ra_" + local + "_" + remote; @@ -59,21 +58,41 @@ function saveChanges() uci.set("firewall", id, "zone", "wan"); firewallSectionCommands.push("uci set firewall." + id + "=remote_accept"); }; + var localHttpPort = document.getElementById("local_http_port").value; + var remoteHttpPort = document.getElementById("remote_http_port").value; + if(document.getElementById("remote_http_port_container").style.display != "none") + { + addAccept(localHttpPort, remoteHttpPort); + } + else + { + remoteHttpPort = ""; + } + if(oldRemoteHttpPort != remoteHttpPort) { restartFirewall = true; } + var localHttpsPort = document.getElementById("local_https_port").value; + var remoteHttpsPort = document.getElementById("remote_https_port").value; if(document.getElementById("remote_https_port_container").style.display != "none") { - addAccept( document.getElementById("local_https_port").value, document.getElementById("remote_https_port").value); + addAccept(localHttpsPort, remoteHttpsPort); } - if(document.getElementById("remote_http_port_container").style.display != "none") + else { - addAccept( document.getElementById("local_http_port").value, document.getElementById("remote_http_port").value); + remoteHttpsPort = ""; } + if(oldRemoteHttpsPort != remoteHttpsPort) { restartFirewall = true; } + var localSshPort = document.getElementById("local_ssh_port").value; + var remoteSshPort = document.getElementById("remote_ssh_port").value; if(!document.getElementById("remote_ssh_port").disabled) { - addAccept( document.getElementById("local_ssh_port").value, document.getElementById("remote_ssh_port").value); + addAccept(localSshPort, remoteSshPort); } + else + { + remoteSshPort = ""; + } + if(oldRemoteSshPort != remoteSshPort) { restartFirewall = true; } //recreate dropbear config section if anonymous-- anonymous uci section can cause problems saving - var newLocalSshPort = document.getElementById("local_ssh_port").value; var remoteAttempts = document.getElementById("remote_ssh_attempts").disabled ? "" : getSelectedValue("remote_ssh_attempts"); var uciPreCommands = []; @@ -87,25 +106,23 @@ function saveChanges() } uciPreCommands.push("uci set dropbear.global=dropbear"); uciPreCommands.push("uci set dropbear.global.PasswordAuth='" + sshPwdEnabled + "'"); - uciPreCommands.push("uci set dropbear.global.Port=" + newLocalSshPort); + uciPreCommands.push("uci set dropbear.global.Port=" + localSshPort); if(remoteAttempts != "") { uciPreCommands.push("uci set dropbear.global.max_remote_attempts='" + remoteAttempts + "'" ); } uciPreCommands.push("uci commit"); } else { //update dropbear uci configuration - uci.set("dropbear", "global", "Port", newLocalSshPort); + uci.set("dropbear", "global", "Port", localSshPort); if(remoteAttempts != "") { uci.set("dropbear", "global", "max_remote_attempts", remoteAttempts ); } uci.set("dropbear", "global", "PasswordAuth", sshPwdEnabled); } //only restart dropbear if we need to - restartDropbear = (oldLocalSshPort != document.getElementById("local_ssh_port").value) || - (oldSshPwdEnabled != sshPwdEnabled ); - + var restartDropbear = oldLocalSshPort != localSshPort || oldSshPwdEnabled != sshPwdEnabled; - authorizedKeys = new Array(); + var authorizedKeys = new Array(); for (var key in authorizedKeyMap) { if (authorizedKeyMap.hasOwnProperty(key)) @@ -116,6 +133,16 @@ function saveChanges() var sshKeysCommands = ["rm /etc/dropbear/authorized_keys"]; sshKeysCommands.push("echo '" + authorizedKeys.join("\n") + "' >> /etc/dropbear/authorized_keys"); + //set RFC 1918 filter enabled/disabled + var disableRfc1918Filter = document.getElementById("disable_rfc1918_filter").checked; + if(getSelectedValue("remote_web_protocol") != "disabled") + { + uci.set("uhttpd", "main", "rfc1918_filter", disableRfc1918Filter ? "0" : "1"); + } + else + { + uci.set("uhttpd", "main", "rfc1918_filter", "1"); + } //set web password enabled/disabled if(document.getElementById("disable_web_password").checked) @@ -133,7 +160,7 @@ function saveChanges() //set local web protocols localWebProtocol = getSelectedValue("local_web_protocol"); - if(localWebProtocol == "https" || localWebProtocol == "both") + if(localWebProtocol == "https" || localWebProtocol == "redirect" || localWebProtocol == "both") { uci.set("uhttpd", "main", "listen_https", [ "0.0.0.0:" + document.getElementById("local_https_port").value ] ); } @@ -141,7 +168,7 @@ function saveChanges() { uci.set("uhttpd", "main", "listen_https", [ ] ); } - if(localWebProtocol == "http" || localWebProtocol == "both") + if(localWebProtocol == "http" || localWebProtocol == "redirect" || localWebProtocol == "both") { uci.set("uhttpd", "main", "listen_http", [ "0.0.0.0:" + document.getElementById("local_http_port").value ] ); } @@ -149,11 +176,15 @@ function saveChanges() { uci.set("uhttpd", "main", "listen_http", [ ] ); } + uci.set("uhttpd", "main", "redirect_https", localWebProtocol == "redirect" ? "1" : "0"); + + var restartUhttpd = oldLocalWebProtocol != localWebProtocol || oldDisableRfc1918Filter != disableRfc1918Filter || + oldLocalHttpPort != localHttpPort || oldLocalHttpsPort != localHttpsPort; // replace the default https private-key and certificate if https is required remoteWebProtocol = getSelectedValue("remote_web_protocol"); var httpsCommands = new Array(); - if(opensslInstalled && (localWebProtocol == "https" || localWebProtocol == "both" || remoteWebProtocol == "https")) + if(opensslInstalled && (localWebProtocol == "https" || localWebProtocol == "redirect" || localWebProtocol == "both" || remoteWebProtocol == "https")) { is_default_key = uhttpd_key_md5.localeCompare("023ef078ceccc023ca7c2b521a6682fe") == 0; is_default_crt = uhttpd_crt_md5.localeCompare("932613eda838a7d1df15f659abadb094") == 0; @@ -179,59 +210,71 @@ function saveChanges() restartDropbear = true; } - commands = passwordCommands + "\n"; + // Treat client's view as default target. + var targetProt = clientProt; + var targetHost = clientHost; + var targetPort = clientPort; + // Only try to be smart when client sees what server sees, + // otherwise there's a reverse proxy between the two. + if(directView) + { + // Either local or remote protocol. + var accessProt = document.getElementById(accessArea + "_web_protocol").value; + // When there is either HTTP or HTTPS, use the available one. + if(accessProt != "redirect" && accessProt != "both") + { + targetProt = accessProt; + } + // Avoid CORS error the next time we save changes. + var anticipateRedirect = accessProt == "redirect" && clientProt == "http"; + // Port of either local or remote target protocol. + targetPort = document.getElementById(accessArea + "_" + targetProt + "_port").value; + // Redirect on demand. + needRedirect = clientProt != targetProt || clientPort != targetPort || anticipateRedirect; + } + else + { + // Redirect or in this case refresh still happens on exceptional timeout. + needRedirect = false; + } + // Path with leading slash. + var targetPath = uciOriginal.get("gargoyle", "global", "bin_root").replace(/^./, "") + "/" + uciOriginal.get("gargoyle", "scripts", "system_access"); + // Hide default ports for browsers which don't. + var targetHref = targetProt + "://" + targetHost + (targetPort == 80 || targetPort == 443 ? "" : ":" + targetPort) + targetPath; + // No magic here. + doRedirect = function() { window.location.href = targetHref; }; + + var commands = passwordCommands + "\n"; commands += httpsCommands.join("\n") + "\n"; commands += firewallSectionCommands.join("\n") + "\n"; commands += uciPreCommands.join("\n") + "\n"; - commands += uci.getScriptCommands(uciOriginal) + "\n"; + commands += uci.getScriptCommands(uciCompare) + "\n"; commands += sshKeysCommands.join("\n") + "\n"; commands += restartFirewall ? "sh /usr/lib/gargoyle/restart_firewall.sh ;\n" : ""; commands += restartDropbear ? "/etc/init.d/dropbear restart\n" : ""; commands += restartUhttpd ? "killall uhttpd\n/etc/init.d/uhttpd restart\n" : ""; //document.getElementById("output").value = commands; - stopRedirect = false; + // Exceptional timeout. + run_commands = setTimeout(doRedirect, 120000); var param = getParameterDefinition("commands", commands) + "&" + getParameterDefinition("hash", document.cookie.replace(/^.*hash=/,"").replace(/[\t ;]+.*$/, "")); - var stateChangeFunction = function(req) { if(req.readyState == 4) { - setControlsEnabled(true); - stopRedirect=true; + clearTimeout(run_commands); + uciOriginal = uci.clone(); + resetData(); + // Restarting uhttpd takes roughly 333 ms when idle. + setTimeout(function() { needRedirect ? doRedirect() : setControlsEnabled(true); }, restartUhttpd ? 1000: 0); } } runAjax("POST", "utility/run_commands.sh", param, stateChangeFunction); - - //we're going to assume user is connecting locally, - //redirect for remote connections can get fubar, - //but there isn't a good way around that without - //a lot of ugly code - // - //I figure 9 out of 10 times this is going to be run - //locally. If you're editing this remotely you're - //just ASKING for trouble (i.e. you could easily get - //shut out) - doRedirect= function() - { - if(!stopRedirect) - { - currentProtocol = location.href.match(/^https:/) ? "https" : "http"; - otherProtocol = currentProtocol == "https" ? "http" : "https"; - destinationProtocol = localWebProtocol == "both" || localWebProtocol == currentProtocol ? currentProtocol : otherProtocol; - destinationPort = document.getElementById("local_" + destinationProtocol + "_port").value; - accessPage = uciOriginal.get("gargoyle", "global", "bin_root") + "/" + uciOriginal.get("gargoyle", "scripts", "system_access"); - window.location= destinationProtocol + "://" + currentLanIp + ":" + destinationPort + "/" + accessPage; - } - } - setTimeout( "doRedirect()", 15000); } } function proofreadAll() { - - controlIds=['local_https_port', 'local_http_port', 'local_ssh_port', 'remote_https_port', 'remote_http_port', 'remote_ssh_port']; validatePort = function(text){ return validateNumericRange(text,1,65535); }; labelIds = []; functions = []; @@ -306,46 +349,69 @@ function proofreadAll() function resetData() { + // Global variables are used in saveChanges(). + + // What client (browser) sees. + clientProt = window.location.protocol.slice(0, -1); + clientHost = window.location.hostname; + clientPort = window.location.port == "" ? (clientProt == "http" ? 80 : 443) : window.location.port; + // What server (uhttpd) sees. + serverProt = HTTPS == "on" ? "https" : "http"; + serverHost = HTTP_HOST == "" ? SERVER_ADDR : HTTP_HOST; + serverPort = SERVER_PORT; + + // Whether client sees what server sees. + directView = clientProt == serverProt && clientHost == serverHost && clientPort == serverPort; + + // Whether web interface is accessed locally or remotely. + accessArea = SERVER_ADDR == currentWanIp ? "remote" : "local"; + + controlIds = ['local_https_port', 'local_http_port', 'local_ssh_port', 'remote_https_port', 'remote_http_port', 'remote_ssh_port']; + resetProofreadFields(controlIds); + document.getElementById("disable_web_password").checked = uciOriginal.get("gargoyle", "global", "require_web_password") == "0" ? true : false; setSelectedValue("session_length", uciOriginal.get("gargoyle", "global", "session_timeout")); - httpsPort = getHttpsPort() - httpPort = getHttpPort() + localHttpsPort = getHttpsPort(); + localHttpPort = getHttpPort(); + + var oldRedirectHttps = uciOriginal.get("uhttpd", "main", "redirect_https") == "1" ? true : false; - localProtocol = "" - localProtocol = localProtocol + ( httpsPort != "" ? "https" : "" ); - localProtocol = localProtocol + ( httpPort != "" ? "http" : "" ); - localProtocol = localProtocol == "httpshttp" ? "both" : localProtocol; + oldDisableRfc1918Filter = uciOriginal.get("uhttpd", "main", "rfc1918_filter") == "0" ? true : false; + document.getElementById("disable_rfc1918_filter").checked = oldDisableRfc1918Filter; - setSelectedValue("local_web_protocol", localProtocol); + oldLocalWebProtocol = ""; + oldLocalWebProtocol = oldLocalWebProtocol + ( localHttpsPort != "" ? "https" : "" ); + oldLocalWebProtocol = oldLocalWebProtocol + ( localHttpPort != "" ? "http" : "" ); + oldLocalWebProtocol = oldLocalWebProtocol == "httpshttp" ? (oldRedirectHttps ? "redirect" : "both") : oldLocalWebProtocol; + setSelectedValue("local_web_protocol", oldLocalWebProtocol); - if(localProtocol == "https" || localProtocol == "both") + if(oldLocalWebProtocol == "https" || oldLocalWebProtocol == "redirect" || oldLocalWebProtocol == "both") { - document.getElementById("local_https_port").value = httpsPort; + document.getElementById("local_https_port").value = localHttpsPort; } - if(localProtocol == "http" || localProtocol == "both") + if(oldLocalWebProtocol == "http" || oldLocalWebProtocol == "redirect" || oldLocalWebProtocol == "both") { - document.getElementById("local_http_port").value = httpPort; + document.getElementById("local_http_port").value = localHttpPort; } var dropbearSections = uciOriginal.getAllSections("dropbear"); - var sshPort = uciOriginal.get("dropbear", dropbearSections[0], "Port"); + var localSshPort = uciOriginal.get("dropbear", dropbearSections[0], "Port"); var connectionAttempts=uciOriginal.get("dropbear", dropbearSections[0], "max_remote_attempts"); connectionAttempts = connectionAttempts == "" ? 10 : connectionAttempts; setSelectedValue("remote_ssh_attempts", connectionAttempts); - document.getElementById("local_ssh_port").value = sshPort; + document.getElementById("local_ssh_port").value = localSshPort; - - var remoteHttpsPort = ""; - var remoteHttpPort = ""; - var remoteSshPort = ""; + oldRemoteHttpsPort = ""; + oldRemoteHttpPort = ""; + oldRemoteSshPort = ""; var remoteAcceptSections = uciOriginal.getAllSectionsOfType("firewall", "remote_accept") var acceptIndex=0; for(acceptIndex=0; acceptIndex < remoteAcceptSections.length; acceptIndex++) @@ -358,17 +424,17 @@ function resetData() if((zone == "wan" || zone == "") && (proto == "tcp" || proto == "")) { remotePort = remotePort == "" ? localPort : remotePort; - if(localPort == httpsPort) + if(localPort == localHttpsPort) { - remoteHttpsPort = remotePort; + oldRemoteHttpsPort = remotePort; } - else if(localPort == httpPort) + else if(localPort == localHttpPort) { - remoteHttpPort = remotePort; + oldRemoteHttpPort = remotePort; } - else if(localPort == sshPort) + else if(localPort == localSshPort) { - remoteSshPort = remotePort; + oldRemoteSshPort = remotePort; } } } @@ -380,19 +446,18 @@ function resetData() document.getElementById('public_key_file').addEventListener('change', readKeyFile, false); allOptionValueHash=getRemoteOptionValueHash(); - setSelectElementOptions("remote_web_protocol", ["both", "https", "http", "disabled"], allOptionValueHash); + setSelectElementOptions("remote_web_protocol", ["http", "both", "redirect", "https", "disabled"], allOptionValueHash); if(!isBridge(uciOriginal)) { - - if(remoteHttpsPort != "" && remoteHttpPort != "") + if(oldRemoteHttpsPort != "" && oldRemoteHttpPort != "") { - setSelectedValue("remote_web_protocol", "both"); + setSelectedValue("remote_web_protocol", oldRedirectHttps ? "redirect" : "both"); } - else if(remoteHttpsPort != "") + else if(oldRemoteHttpsPort != "") { setSelectedValue("remote_web_protocol", "https"); } - else if(remoteHttpPort != "") + else if(oldRemoteHttpPort != "") { setSelectedValue("remote_web_protocol", "http"); } @@ -400,11 +465,11 @@ function resetData() { setSelectedValue("remote_web_protocol", "disabled"); } - document.getElementById("remote_https_port").value = remoteHttpsPort; - document.getElementById("remote_http_port").value = remoteHttpPort; - document.getElementById("remote_ssh_port").value = remoteSshPort; + document.getElementById("remote_https_port").value = oldRemoteHttpsPort; + document.getElementById("remote_http_port").value = oldRemoteHttpPort; + document.getElementById("remote_ssh_port").value = oldRemoteSshPort; - if(remoteSshPort != "") + if(oldRemoteSshPort != "") { document.getElementById("remote_ssh_enabled").checked = true; } @@ -417,7 +482,7 @@ function resetData() { setSelectedValue("remote_web_protocol", "disabled"); document.getElementById("remote_ssh_enabled").checked = false; - var hideIds = [ "remote_web_protocol_container", "remote_web_ports_container", "remote_ssh_enabled_container", "remote_ssh_port_container" ]; + var hideIds = ["remote_web_divider", "remote_web_protocol_container", "remote_web_ports_container", "remote_ssh_enabled_container", "remote_ssh_port_container" ]; var hi; for(hi=0; hi < hideIds.length; hi++) { @@ -440,6 +505,8 @@ function resetData() + //initialize help settings + initializeDescriptionVisibility(uciOriginal, "ssh_help"); //enable/disable proper fields updateVisibility(); @@ -449,52 +516,85 @@ function resetData() function updateVisibility() { - localWebProtocol = getSelectedValue("local_web_protocol"); - localHttpsElement = document.getElementById("local_https_port"); - localHttpElement = document.getElementById("local_http_port"); - allOptionValueHash=getRemoteOptionValueHash(); + var localWebProtocol = getSelectedValue("local_web_protocol"); + var localHttpsElement = document.getElementById("local_https_port"); + var localHttpElement = document.getElementById("local_http_port"); + var allOptionValueHash = getRemoteOptionValueHash(); + // Preselects the next more secure remote web protocol when the old + // selection is no longer available with the new local web protocol. + // Available web protocols are offered in ascending order regarding + // security as in ["http", "both", "redirect", "https", "disabled"]. if(localWebProtocol == "both") { localHttpsElement.value = localHttpsElement.value == "" ? 443 : localHttpsElement.value; localHttpElement.value = localHttpElement.value == "" ? 80 : localHttpElement.value; - setSelectElementOptions("remote_web_protocol", ["both", "https", "http", "disabled"], allOptionValueHash); + var oldSelection = getSelectedValue("remote_web_protocol"); + setSelectElementOptions("remote_web_protocol", ["http", "both", /* "redirect", */ "https", "disabled"], allOptionValueHash); + if(oldSelection == "redirect") + { + setSelectedValue("remote_web_protocol", "https"); + } + } + else if(localWebProtocol == "redirect") + { + localHttpsElement.value = localHttpsElement.value == "" ? 443 : localHttpsElement.value; + localHttpElement.value = localHttpElement.value == "" ? 80 : localHttpElement.value; + var oldSelection = getSelectedValue("remote_web_protocol"); + setSelectElementOptions("remote_web_protocol", [/* "http", "both", */ "redirect", "https", "disabled"], allOptionValueHash); + if(oldSelection == "http" || oldSelection == "both") + { + setSelectedValue("remote_web_protocol", "redirect"); + } } else if(localWebProtocol == "https") { localHttpsElement.value = localHttpsElement.value == "" ? 443 : localHttpsElement.value; localHttpElement.value = ""; - oldSelection = getSelectedValue("remote_web_protocol"); - setSelectElementOptions("remote_web_protocol", ["https", "disabled"], allOptionValueHash); - if(oldSelection == "http") + var oldSelection = getSelectedValue("remote_web_protocol"); + setSelectElementOptions("remote_web_protocol", [/* "http", "both", "redirect", */ "https", "disabled"], allOptionValueHash); + if(oldSelection != "disabled") { - setSelectedValue("remote_web_protocol", "disabled"); + setSelectedValue("remote_web_protocol", "https"); } } else { localHttpsElement.value = ""; localHttpElement.value = localHttpElement.value == "" ? 80 : localHttpElement.value; - oldSelection = getSelectedValue("remote_web_protocol"); - setSelectElementOptions("remote_web_protocol", ["http", "disabled"], allOptionValueHash); - if(oldSelection == "https") + var oldSelection = getSelectedValue("remote_web_protocol"); + setSelectElementOptions("remote_web_protocol", ["http", /* "both", "redirect", "https" */ "disabled"], allOptionValueHash); + if(oldSelection != "http") { setSelectedValue("remote_web_protocol", "disabled"); } } - - - remoteWebProtocol = getSelectedValue("remote_web_protocol"); - remoteHttpsElement = document.getElementById("remote_https_port"); - remoteHttpElement = document.getElementById("remote_http_port"); + var remoteWebProtocol = getSelectedValue("remote_web_protocol"); + var remoteHttpsElement = document.getElementById("remote_https_port"); + var remoteHttpElement = document.getElementById("remote_http_port"); + setElementReadOnly(remoteHttpsElement, false); if(remoteWebProtocol == "both") { remoteHttpsElement.value = remoteHttpsElement.value == "" ? localHttpsElement.value : remoteHttpsElement.value; remoteHttpElement.value = remoteHttpElement.value == "" ? localHttpElement.value : remoteHttpElement.value; } + else if(remoteWebProtocol == "redirect") + { + setElementReadOnly(remoteHttpsElement, true); + remoteHttpsElement.value = localHttpsElement.value; + remoteHttpElement.value = remoteHttpElement.value == "" ? localHttpElement.value : remoteHttpElement.value; + } else if(remoteWebProtocol == "https") { - remoteHttpsElement.value = remoteHttpsElement.value == "" ? localHttpsElement.value : remoteHttpsElement.value; + if(localWebProtocol == "redirect") + { + setElementReadOnly(remoteHttpsElement, true); + remoteHttpsElement.value = localHttpsElement.value; + } + else + { + remoteHttpsElement.value = remoteHttpsElement.value == "" ? localHttpsElement.value : remoteHttpsElement.value; + } remoteHttpElement.value = ""; } else if(remoteWebProtocol == "http") @@ -508,14 +608,66 @@ function updateVisibility() remoteHttpElement.value = ""; } - ids= ["local_https_port", "local_http_port", "remote_https_port", "remote_http_port"]; - visIds=[]; - vis = []; + // RFC 1918 filter checkbox. + var disableRfc1918Filter = document.getElementById("disable_rfc1918_filter").checked; + // Either local or remote web protocol. + var accessWebProtocol = getSelectedValue(accessArea + "_web_protocol"); + // Warn when about to lock out by disabling remote web access. + var protocolLockout = accessArea == "remote" && remoteWebProtocol == "disabled"; + // Warn when about to lock out by enabling RFC 1918 filter again. + var rfc1918FilterLockout = accessArea == "remote" && remoteWebProtocol != "disabled" && !disableRfc1918Filter && ipInPrivate(REMOTE_ADDR) && !ipInPrivate(SERVER_ADDR); + // Warn when about to lock out on unfit protocol change if uhttpd is used as a reverse proxy's backend. + var reverseProxyLockout = !directView && accessWebProtocol != "disabled" && accessWebProtocol != "both" && accessWebProtocol.replace("redirect", "https") != serverProt; + // Reset warning container for either local or remote web protocol. + var accessWebProtocolLockoutContainer = document.getElementById(accessArea + "_web_protocol_lockout_container"); + accessWebProtocolLockoutContainer.style.display = "none"; + accessWebProtocolLockoutContainer.innerHTML = ""; + // Reset warning container for RFC 1918 filter checkbox. + var rfc1918FilterLockoutContainer = document.getElementById("rfc1918_filter_lockout_container"); + rfc1918FilterLockoutContainer.style.display = "none"; + rfc1918FilterLockoutContainer.innerHTML = ""; + var lockoutTemplate = + '' + + '

' + accessStr.LockoutWarning + '

' + + '' + + '

' + accessStr.AccessChain + ':

' + + '

' + + ''; + if(protocolLockout || reverseProxyLockout || rfc1918FilterLockout) + { + var lockoutContainer = rfc1918FilterLockout ? rfc1918FilterLockoutContainer : accessWebProtocolLockoutContainer; + lockoutContainer.innerHTML = lockoutTemplate; + + // Help avoid lockout with reverse proxy. + document.getElementById("reverse_proxy_smooth").style.display = reverseProxyLockout ? "block" : "none"; + document.getElementById("reverse_proxy_switch").innerText = allOptionValueHash[serverProt == "http" ? "https" : "http"]; + document.getElementById("reverse_proxy_select").innerText = allOptionValueHash[accessWebProtocol]; + + // Web access trace of domains and/or IP addresses from client, possibly over reverse proxy, to server. + var lastOccurrence = function(value, index, self) { return value && self.lastIndexOf(value) === index; }; + var webAccessChain = [window.location.hostname, REMOTE_ADDR, HTTP_HOST, SERVER_ADDR].filter(lastOccurrence); + document.getElementById("access_chain").innerText = webAccessChain.join(" ➔ "); + + lockoutContainer.style.display = "block"; + } + + var ids= ["local_https_port", "local_http_port", "remote_https_port", "remote_http_port"]; + var visIds=[]; + var vis = []; for(idIndex = 0; idIndex < ids.length; idIndex++) { visIds.push(ids[idIndex] + "_container"); vis.push( document.getElementById(ids[idIndex]).value != "" ? true : false ); } + visIds.push("disable_rfc1918_filter_container"); + vis.push(remoteWebProtocol != "disabled"); setVisibility(visIds, vis); var dropbearSections = uciOriginal.getAllSections("dropbear"); @@ -528,11 +680,11 @@ function updateVisibility() function setSelectElementOptions(selectId, enabledOptionValues, possibleOptionValueToTextHash) { - originalSelection = getSelectedValue(selectId); + var originalSelection = getSelectedValue(selectId); removeAllOptionsFromSelectElement(document.getElementById(selectId)); for(addIndex=0; addIndex < enabledOptionValues.length; addIndex++) { - optionValue = enabledOptionValues[addIndex]; + var optionValue = enabledOptionValues[addIndex]; addOptionToSelectElement(selectId, possibleOptionValueToTextHash[optionValue], optionValue); } setSelectedValue(selectId, originalSelection); @@ -543,10 +695,11 @@ function setSelectElementOptions(selectId, enabledOptionValues, possibleOptionVa function getRemoteOptionValueHash() { - allOptionValueHash=new Array(); - allOptionValueHash["both"] = "HTTPS & HTTP"; - allOptionValueHash["https"] = "HTTPS"; + var allOptionValueHash = new Array(); allOptionValueHash["http"] = "HTTP"; + allOptionValueHash["both"] = "HTTP & HTTPS"; + allOptionValueHash["redirect"] = "HTTP ➔ HTTPS"; + allOptionValueHash["https"] = "HTTPS"; allOptionValueHash["disabled"] = UI.disabled; return allOptionValueHash; } @@ -555,7 +708,7 @@ function getRemoteOptionValueHash() function resetAuthorizedKeysTable() { - keysTableData = new Array(); + var keysTableData = new Array(); for (var keyName in authorizedKeyMap) { if (authorizedKeyMap.hasOwnProperty(keyName)) @@ -577,8 +730,8 @@ function resetAuthorizedKeysTable() } } - keysTable=createTable(['',''], keysTableData, "authorized_keys_table", true, false, removeKey ); - tableContainer = document.getElementById('authorized_keys_table_container'); + var keysTable = createTable(['',''], keysTableData, "authorized_keys_table", true, false, removeKey); + var tableContainer = document.getElementById('authorized_keys_table_container'); if(tableContainer.firstChild != null) { tableContainer.removeChild(tableContainer.firstChild); @@ -607,7 +760,7 @@ function addKey() } keyName = keyName.replace(/^[\r\n\t ]+/g, ""); keyName = keyName.replace(/[\r\n\t ]+$/g, ""); - keyName = keyName.replace(/[\r\n\t ]+/g, "_") + keyName = keyName.replace(/[\r\n\t ]+/g, "_"); if(splitKey.length < 2 || keyName.length == 0) { alert(accessStr.SSHInvalidKey); diff --git a/package/gargoyle/files/www/js/common.js b/package/gargoyle/files/www/js/common.js index 82e493bb58..226ef235ef 100644 --- a/package/gargoyle/files/www/js/common.js +++ b/package/gargoyle/files/www/js/common.js @@ -784,6 +784,7 @@ function setDescriptionVisibility(descriptionId, defaultDisplay, displayText, hi if(ref.firstChild.data == displayText) { txt.style.display=defaultDisplay; + txt.scrollIntoView(false); ref.firstChild.data = hideText; command = command + "1\n"; } @@ -809,13 +810,20 @@ function initializeDescriptionVisibility(testUci, descriptionId, defaultDisplay, var descLinkText = displayText; var descDisplay = "none"; - if(testUci.get("gargoyle", "help", descriptionId) == "1") + var help = testUci.get("gargoyle", "help", descriptionId); + if(help == "1") { - descLinkText = hideText + descLinkText = hideText; descDisplay = defaultDisplay; } - document.getElementById(descriptionId + "_ref").firstChild.data = descLinkText; - document.getElementById(descriptionId + "_txt").style.display = descDisplay; + // don't try to re-initialize after we've already removed the help section + if(help) + { + document.getElementById(descriptionId + "_ref").firstChild.data = descLinkText; + document.getElementById(descriptionId + "_txt").style.display = descDisplay; + // necessary, or we overwrite the help settings when we save changes + testUci.removeSection("gargoyle", "help"); + } } @@ -872,6 +880,27 @@ function rangeInSubnet(mask, ip, start, end) return false; } +function parseIp(ip) +{ + var ip = ip.split("."); + return ((((((+ip[0])*256)+(+ip[1]))*256)+(+ip[2]))*256)+(+ip[3]); +} +function ipInRange(ip, start, end) +{ + var ip = parseIp(ip); + return parseIp(start) <= ip && ip <= parseIp(end); +} +function ipInClassA(ip) { return ipInRange(ip, "0.0.0.0", "127.255.255.255"); } +function ipInClassB(ip) { return ipInRange(ip, "128.0.0.0", "191.255.255.255"); } +function ipInClassC(ip) { return ipInRange(ip, "192.0.0.0", "223.255.255.255"); } +function ipInClassD(ip) { return ipInRange(ip, "224.0.0.0", "239.255.255.255"); } +function ipInClassE(ip) { return ipInRange(ip, "240.0.0.0", "255.255.255.255"); } +function ipInPrivateClassA(ip) { return ipInRange(ip, "10.0.0.0", "10.255.255.255"); } +function ipInPrivateClassB(ip) { return ipInRange(ip, "172.16.0.0", "172.31.255.255"); } +function ipInPrivateClassC(ip) { return ipInRange(ip, "192.168.0.0", "192.168.255.255"); } +function ipInPrivate(ip) { return ipInPrivateClassA(ip) || ipInPrivateClassB(ip) || ipInPrivateClassC(ip); } +function ipInLinkLocal(ip) { return ipInRange(ip, "169.254.0.0", "169.254.255.255"); } +function ipInLocalhost(ip) { return ipInRange(ip, "127.0.0.0", "127.255.255.255"); } function proofreadFields(inputIds, labelIds, functions, validReturnCodes, visibilityIds, fieldDocument ) { @@ -914,6 +943,13 @@ function proofreadFields(inputIds, labelIds, functions, validReturnCodes, visibi } return errorArray; } +function resetProofreadFields(inputIds) +{ + for (var i = 0; i < inputIds.length; i++) + { + resetProofreadText(document.getElementById(inputIds[i])); + } +} function parseBytes(bytes, units, abbr, dDgt) { @@ -998,7 +1034,7 @@ function setElementEnabled(element, enabled, defaultValue) element.disabled=false; if(element.type == "text" || element.type == "textarea") { - element.style.color="#000000"; + element.style.color=""; element.className="form-control" ; } else if(element.type == "select-one" || element.type == "select-multiple" || element.type == "select" ) @@ -1035,7 +1071,24 @@ function setElementEnabled(element, enabled, defaultValue) } } +function setElementReadOnly(element, readOnly) +{ + if(readOnly) + { + element.disabled = false; + } + element.readOnly = readOnly; +} +function updateReadOnlyAssociate(associate, element) +{ + var associate = document.getElementById(associate); + if(associate.readOnly && !associate.disabled) + { + associate.value = element.value; + associate.style.color = element.style.color; + } +} function getSelectedValue(selectId, controlDocument) { @@ -1994,7 +2047,10 @@ function proofreadText(input, proofFunction, validReturnCode) input.style.color = (proofFunction(input.value) == validReturnCode) ? "" : "red"; } } - +function resetProofreadText(input) +{ + input.style.color = ""; +} function getEmbeddedSvgWindow(embeddedId, controlDocument) { diff --git a/package/gargoyle/files/www/js/port_forwarding.js b/package/gargoyle/files/www/js/port_forwarding.js index 70f6df9236..0b77f0b4b4 100644 --- a/package/gargoyle/files/www/js/port_forwarding.js +++ b/package/gargoyle/files/www/js/port_forwarding.js @@ -569,7 +569,6 @@ function resetData() setUpnpEnabled(); initializeDescriptionVisibility(uciOriginal, "upnp_help"); - uciOriginal.removeSection("gargoyle", "help"); //necessary, or we over-write the help settings when we save if (upnpdEnabled) { diff --git a/package/gargoyle/files/www/port_forwarding.sh b/package/gargoyle/files/www/port_forwarding.sh index 45bacf175a..19dcc19b70 100755 --- a/package/gargoyle/files/www/port_forwarding.sh +++ b/package/gargoyle/files/www/port_forwarding.sh @@ -118,7 +118,7 @@
- <%~ Hide %> + <%~ Hide %> <%~ UPHelp %>
diff --git a/package/gargoyle/files/www/themes/Gargoyle/common.css b/package/gargoyle/files/www/themes/Gargoyle/common.css index a8df1bd4ac..72b97d212b 100644 --- a/package/gargoyle/files/www/themes/Gargoyle/common.css +++ b/package/gargoyle/files/www/themes/Gargoyle/common.css @@ -192,6 +192,11 @@ input.text_disabled, select.select_disabled { color: #aaa } +input.form-control[readonly] +{ + background-color: transparent; + border-style: dashed +} #bottom_button_container { margin: 10px 0 0 10px diff --git a/package/plugin-gargoyle-i18n-Czech-CS/files/www/i18n/Czech-CS/access.js b/package/plugin-gargoyle-i18n-Czech-CS/files/www/i18n/Czech-CS/access.js index 49123feb13..61d7f0b1c3 100644 --- a/package/plugin-gargoyle-i18n-Czech-CS/files/www/i18n/Czech-CS/access.js +++ b/package/plugin-gargoyle-i18n-Czech-CS/files/www/i18n/Czech-CS/access.js @@ -10,7 +10,14 @@ accessStr.Local_S_Port="Lokální HTTPS Port"; accessStr.RemoteWebAccess="Vzdálený Web Admin přístup"; accessStr.RemotePort="Vzdálený HTTP Port"; accessStr.Remote_S_Port="Vzdálený HTTPS Port"; +accessStr.LockoutWarning="UPOZORNĚNÍ: Chystáte se zamknout!"; +accessStr.ReverseProxySmooth="Pro hladký přechod"; +accessStr.ReverseProxySelect="Vyberte"; +accessStr.ReverseProxySaveCh="a uložte změny"; +accessStr.ReverseProxySwitch="Přepněte předcházející protokol proxy na"; +accessStr.AccessChain="Váš přístupový řetězec"; accessStr.Session="Délka relace Web Login"; +accessStr.DisableRFC1918Filter="Povolit přístup ze soukromé IP adresy (RFC 1918) na veřejnou IP adresu"; accessStr.DisablePassword="Zakázat ochranu heslem pro web rozhraní"; accessStr.warning="Nedoporučuje se!"; accessStr.SSHAccess="SSH přístup"; diff --git a/package/plugin-gargoyle-i18n-English-EN/files/www/i18n/English-EN/access.js b/package/plugin-gargoyle-i18n-English-EN/files/www/i18n/English-EN/access.js index 6ce61278b5..078993a6db 100644 --- a/package/plugin-gargoyle-i18n-English-EN/files/www/i18n/English-EN/access.js +++ b/package/plugin-gargoyle-i18n-English-EN/files/www/i18n/English-EN/access.js @@ -10,7 +10,14 @@ accessStr.Local_S_Port="Local HTTPS Port"; accessStr.RemoteWebAccess="Remote Web Admin Access"; accessStr.RemotePort="Remote HTTP Port"; accessStr.Remote_S_Port="Remote HTTPS Port"; +accessStr.LockoutWarning="CAUTION: You are about to lock yourself out!"; +accessStr.ReverseProxySmooth="For a smooth transition"; +accessStr.ReverseProxySelect="Select"; +accessStr.ReverseProxySaveCh="and save changes"; +accessStr.ReverseProxySwitch="Switch your reverse proxy's upstream protocol to"; +accessStr.AccessChain="Your access chain"; accessStr.Session="Web Login Session Length"; +accessStr.DisableRFC1918Filter="Enable access from private (RFC 1918) to public IP address"; accessStr.DisablePassword="Disable password protection of web interface"; accessStr.warning="Not Recommended!"; accessStr.SSHAccess="SSH Access"; @@ -23,7 +30,7 @@ accessStr.Unlimited="Unlimited Attempts"; accessStr.ChangePass="Change Administrator Password"; accessStr.NewPass="New Password"; accessStr.ConfirmPass="Confirm Password"; -accessStr.SSHEnablePwd="Enable password authentication for ssh access"; +accessStr.SSHEnablePwd="Enable password authentication for SSH access"; accessStr.SSHKeys="Authorized Keys"; accessStr.SSHExistKey="Upload SSH public-key"; accessStr.SSHName="SSH Key Name"; diff --git a/package/plugin-gargoyle-i18n-French-FR/files/www/i18n/French-FR/access.js b/package/plugin-gargoyle-i18n-French-FR/files/www/i18n/French-FR/access.js index 777ff52c15..6bfadb91bc 100644 --- a/package/plugin-gargoyle-i18n-French-FR/files/www/i18n/French-FR/access.js +++ b/package/plugin-gargoyle-i18n-French-FR/files/www/i18n/French-FR/access.js @@ -10,7 +10,14 @@ accessStr.Local_S_Port="Port HTTPS local"; accessStr.RemoteWebAccess="Accès distant a l'interface web"; accessStr.RemotePort="Port HTTP distant"; accessStr.Remote_S_Port="Port HTTPS distant"; +accessStr.LockoutWarning="ATTENTION: Vous êtes sur le point de vous enfermer!"; +accessStr.ReverseProxySmooth="Pour une transition en douceur"; +accessStr.ReverseProxySelect="Sélectionnez"; +accessStr.ReverseProxySaveCh="et enregistrez les modifications"; +accessStr.ReverseProxySwitch="Basculez le protocole amont de votre proxy inverse sur"; +accessStr.AccessChain="Votre chaîne d'accès"; accessStr.Session="Durée de la session d'administration"; +accessStr.DisableRFC1918Filter="Activer l'accès des IP privées (RFC 1918) à l'IP publique"; accessStr.DisablePassword="Désactiver la protection par mot de passe de l'interface web"; accessStr.warning="Non recommandé!"; accessStr.SSHAccess="Accès SSH"; diff --git a/package/plugin-gargoyle-i18n-German-DE/files/www/i18n/German-DE/access.js b/package/plugin-gargoyle-i18n-German-DE/files/www/i18n/German-DE/access.js index 28217deaf7..350b45f543 100644 --- a/package/plugin-gargoyle-i18n-German-DE/files/www/i18n/German-DE/access.js +++ b/package/plugin-gargoyle-i18n-German-DE/files/www/i18n/German-DE/access.js @@ -10,7 +10,14 @@ accessStr.Local_S_Port="Lokaler HTTPS Port"; accessStr.RemoteWebAccess="Web Admin Zugriff aus dem Internet"; accessStr.RemotePort="HTTP Port"; accessStr.Remote_S_Port="HTTPS Port"; +accessStr.LockoutWarning="VORSICHT: Sie sind dabei, sich auszusperren!"; +accessStr.ReverseProxySmooth="Für einen reibungslosen Übergang"; +accessStr.ReverseProxySelect="Wählen Sie"; +accessStr.ReverseProxySaveCh="aus und speichern Sie die Änderungen"; +accessStr.ReverseProxySwitch="Wechseln Sie das Upstream-Protokoll Ihres Reverse-Proxys zu"; +accessStr.AccessChain="Ihre Zugriffskette"; accessStr.Session="Login Sitzungsdauer"; +accessStr.DisableRFC1918Filter="Zugriff von privater (RFC 1918) zu öffentlicher IP-Adresse aktivieren"; accessStr.DisablePassword="Passwortschutz der Webschnittstelle deaktivieren"; accessStr.warning="nicht empfohlen!"; accessStr.SSHAccess="SSH Zugriff"; diff --git a/package/plugin-gargoyle-i18n-Norwegian-NO/files/www/i18n/Norwegian-NO/access.js b/package/plugin-gargoyle-i18n-Norwegian-NO/files/www/i18n/Norwegian-NO/access.js index c7ce2e5812..36a4251174 100644 --- a/package/plugin-gargoyle-i18n-Norwegian-NO/files/www/i18n/Norwegian-NO/access.js +++ b/package/plugin-gargoyle-i18n-Norwegian-NO/files/www/i18n/Norwegian-NO/access.js @@ -1,5 +1,5 @@ /* - * UTF-8 (with BOM) English-EN text strings for access.sh html elements + * UTF-8 (with BOM) Norwegian-NO text strings for access.sh html elements */ accessStr.mAccess="Ruter Tilgang"; @@ -10,7 +10,14 @@ accessStr.Local_S_Port="Lokal HTTPS Port"; accessStr.RemoteWebAccess="Ekstern Web Admin Tilgang"; accessStr.RemotePort="Ekstern HTTP Port"; accessStr.Remote_S_Port="Ekstern HTTPS Port"; +accessStr.LockoutWarning="FORSIKTIG: Du er i ferd med å låse deg ut!"; +accessStr.ReverseProxySmooth="For en jevn overgang"; +accessStr.ReverseProxySelect="Velg"; +accessStr.ReverseProxySaveCh="og lagre endringer"; +accessStr.ReverseProxySwitch="Bytt omvendt proxy's oppstrømsprotokoll til"; +accessStr.AccessChain="Din tilgangskjede"; accessStr.Session="Web Innloggingstid"; +accessStr.DisableRFC1918Filter="Aktiver tilgang fra privat IP-adresse (RFC 1918) til offentlig IP-adresse"; accessStr.DisablePassword="Deaktivere Passordbeskyttelse av Webgrensesnitt"; accessStr.warning="Anbefales Ikke!"; accessStr.SSHAccess="SSH Tilgang"; diff --git a/package/plugin-gargoyle-i18n-Polish-PL/files/www/i18n/Polish-PL/access.js b/package/plugin-gargoyle-i18n-Polish-PL/files/www/i18n/Polish-PL/access.js index de9bf76d41..0031f19cbd 100644 --- a/package/plugin-gargoyle-i18n-Polish-PL/files/www/i18n/Polish-PL/access.js +++ b/package/plugin-gargoyle-i18n-Polish-PL/files/www/i18n/Polish-PL/access.js @@ -10,7 +10,14 @@ accessStr.Local_S_Port="Lokalny port HTTPS"; accessStr.RemoteWebAccess="Zdalny dostęp"; accessStr.RemotePort="Zdalny port HTTP"; accessStr.Remote_S_Port="Zdalny port HTTPS"; +accessStr.LockoutWarning="UWAGA: Zaraz się zamkniesz!"; +accessStr.ReverseProxySmooth="Dla płynnego przejścia"; +accessStr.ReverseProxySelect="Wybierz"; +accessStr.ReverseProxySaveCh="i zapisz zmiany"; +accessStr.ReverseProxySwitch="Zmień protokół wysyłania zwrotnego proxy na"; +accessStr.AccessChain="Twój łańcuch dostępu"; accessStr.Session="Czas trwania sesji"; +accessStr.DisableRFC1918Filter="Włącz dostęp z prywatnego adresu IP (RFC 1918) do publicznego adresu IP"; accessStr.DisablePassword="Wyłącz hasło dostępu do panelu"; accessStr.warning="niepolecane!"; accessStr.SSHAccess="Dostęp do SSH"; diff --git a/package/plugin-gargoyle-i18n-Portuguese-BR/files/www/i18n/Portuguese-BR/access.js b/package/plugin-gargoyle-i18n-Portuguese-BR/files/www/i18n/Portuguese-BR/access.js index c4ec01da0c..436ff9c658 100644 --- a/package/plugin-gargoyle-i18n-Portuguese-BR/files/www/i18n/Portuguese-BR/access.js +++ b/package/plugin-gargoyle-i18n-Portuguese-BR/files/www/i18n/Portuguese-BR/access.js @@ -10,7 +10,14 @@ accessStr.Local_S_Port="Porta Local HTTPS"; accessStr.RemoteWebAccess="Acesso Remoto HTTP/HTTPS"; accessStr.RemotePort="Porta Remota HTTP"; accessStr.Remote_S_Port="Porta Remota HTTPS"; +accessStr.LockoutWarning="CUIDADO: Você está prestes a se trancar!"; +accessStr.ReverseProxySmooth="Para uma transição suave"; +accessStr.ReverseProxySelect="Selecione"; +accessStr.ReverseProxySaveCh="e salve as alterações"; +accessStr.ReverseProxySwitch="Alterne o protocolo upstream do seu proxy reverso para"; +accessStr.AccessChain="Sua cadeia de acesso"; accessStr.Session="Tempo de Sessão"; +accessStr.DisableRFC1918Filter="Habilitar o acesso do endereço IP privado (RFC 1918) ao endereço IP público"; accessStr.DisablePassword="Desabilitar senha de acesso da interface web"; accessStr.warning="não recomendado"; accessStr.SSHAccess="Acesso via SSH"; diff --git a/package/plugin-gargoyle-i18n-Russian-RU/files/www/i18n/Russian-RU/access.js b/package/plugin-gargoyle-i18n-Russian-RU/files/www/i18n/Russian-RU/access.js index 1215155506..26d4825a6e 100644 --- a/package/plugin-gargoyle-i18n-Russian-RU/files/www/i18n/Russian-RU/access.js +++ b/package/plugin-gargoyle-i18n-Russian-RU/files/www/i18n/Russian-RU/access.js @@ -10,7 +10,14 @@ accessStr.Local_S_Port="Локальный порт HTTPS"; accessStr.RemoteWebAccess="Удалённый доступ к администрированию"; accessStr.RemotePort="Удалённый порт HTTP"; accessStr.Remote_S_Port="Удалённый порт HTTPS"; +accessStr.LockoutWarning="ВНИМАНИЕ: Вы собираетесь заблокировать себя!"; +accessStr.ReverseProxySmooth="Для плавного перехода"; +accessStr.ReverseProxySelect="Выберите"; +accessStr.ReverseProxySaveCh="и сохраните изменения"; +accessStr.ReverseProxySwitch="Переключите обратный протокол обратного прокси на"; +accessStr.AccessChain="Ваша цепочка доступа"; accessStr.Session="Длительность сеанса веб-сесии"; +accessStr.DisableRFC1918Filter="Разрешить доступ с частного IP-адреса (RFC 1918) к общему IP-адресу"; accessStr.DisablePassword="Отключить парольную защиту доступа к веб-интерфейсу"; accessStr.warning="Не рекомендуется!"; accessStr.SSHAccess="SSH доступ"; @@ -23,7 +30,7 @@ accessStr.Unlimited="Неограниченые"; accessStr.ChangePass="Изменить пароль администратора"; accessStr.NewPass="Новый пароль"; accessStr.ConfirmPass="Подтвердите пароль"; -accessStr.SSHEnablePwd="Включить доступ по паролю через ssh"; +accessStr.SSHEnablePwd="Включить доступ по паролю через SSH"; accessStr.SSHKeys="Авторизированные ключи"; accessStr.SSHExistKey="Загрузить публичный SSH-ключ"; accessStr.SSHName="Название SSH-ключа"; diff --git a/package/plugin-gargoyle-i18n-SimplifiedChinese-ZH-CN/files/www/i18n/SimplifiedChinese-ZH-CN/access.js b/package/plugin-gargoyle-i18n-SimplifiedChinese-ZH-CN/files/www/i18n/SimplifiedChinese-ZH-CN/access.js index 259c9a0009..cc2de0cd13 100644 --- a/package/plugin-gargoyle-i18n-SimplifiedChinese-ZH-CN/files/www/i18n/SimplifiedChinese-ZH-CN/access.js +++ b/package/plugin-gargoyle-i18n-SimplifiedChinese-ZH-CN/files/www/i18n/SimplifiedChinese-ZH-CN/access.js @@ -10,7 +10,14 @@ accessStr.Local_S_Port="内网HTTPS端口"; accessStr.RemoteWebAccess="外网Web管理访问"; accessStr.RemotePort="外网HTTP端口"; accessStr.Remote_S_Port="外网HTTPS端口"; +accessStr.LockoutWarning="注意:您将自己锁定在外!"; +accessStr.ReverseProxySmooth="平稳过渡"; +accessStr.ReverseProxySelect="选择"; +accessStr.ReverseProxySaveCh="并保存更改"; +accessStr.ReverseProxySwitch="将反向代理的上游协议切换为"; +accessStr.AccessChain="您的访问链"; accessStr.Session="Web登录会话时长"; +accessStr.DisableRFC1918Filter="启用从私有IP地址(RFC 1918)到公共IP地址的访问" accessStr.DisablePassword="禁用Web界面密码保护"; accessStr.warning="不推荐!"; accessStr.SSHAccess="SSH访问"; diff --git a/package/plugin-gargoyle-i18n-Slovak-SK/files/www/i18n/Slovak-SK/access.js b/package/plugin-gargoyle-i18n-Slovak-SK/files/www/i18n/Slovak-SK/access.js index 0c92d52399..4b3ec2c87c 100644 --- a/package/plugin-gargoyle-i18n-Slovak-SK/files/www/i18n/Slovak-SK/access.js +++ b/package/plugin-gargoyle-i18n-Slovak-SK/files/www/i18n/Slovak-SK/access.js @@ -10,7 +10,14 @@ accessStr.Local_S_Port="Lokálny HTTPS Port"; accessStr.RemoteWebAccess="Vzdialený Web Admin prístup"; accessStr.RemotePort="Vzdialený HTTP Port"; accessStr.Remote_S_Port="Vzdialený HTTPS Port"; +accessStr.LockoutWarning="UPOZORNENIE: Chystáte sa uzamknúť!"; +accessStr.ReverseProxySmooth="Pre hladký prechod"; +accessStr.ReverseProxySelect="Vyberte"; +accessStr.ReverseProxySaveCh="a uložte zmeny"; +accessStr.ReverseProxySwitch="Prepnite upstream protokol proti smeru proxy na"; +accessStr.AccessChain="Váš prístupový reťazec"; accessStr.Session="Dĺžka relácie Web Login"; +accessStr.DisableRFC1918Filter="Povoliť prístup zo súkromnej adresy IP (RFC 1918) na verejnú adresu IP"; accessStr.DisablePassword="Zakázať ochranu heslom pre web rozhranie"; accessStr.warning="Neodporúča sa!"; accessStr.SSHAccess="SSH prístup"; @@ -23,7 +30,7 @@ accessStr.Unlimited="Neobmedzené pokusy"; accessStr.ChangePass="Zmena admin hesla"; accessStr.NewPass="Nové heslo"; accessStr.ConfirmPass="Potvrdiť heslo"; -accessStr.SSHEnablePwd="Povoliť overovanie heslom pre ssh prístup"; +accessStr.SSHEnablePwd="Povoliť overovanie heslom pre SSH prístup"; accessStr.SSHKeys="Autorizované kľúče"; accessStr.SSHExistKey="Nahrať verejný SSH kľúč"; accessStr.SSHName="Názov SSH kľúča";