From 582398c5bb6d2705d7c9a0ea6ae3bd04019ebd3a Mon Sep 17 00:00:00 2001 From: Tommaso Bailetti Date: Wed, 24 Jul 2024 17:51:33 +0200 Subject: [PATCH 1/4] ns-api(mwan): updated mwan docs Signed-off-by: Tommaso Bailetti --- packages/ns-api/README.md | 36 ++++++++++++++++++++++-------------- 1 file changed, 22 insertions(+), 14 deletions(-) diff --git a/packages/ns-api/README.md b/packages/ns-api/README.md index 8d43a25f9..42eeb4330 100644 --- a/packages/ns-api/README.md +++ b/packages/ns-api/README.md @@ -6134,23 +6134,27 @@ Example response: ```json { - "values": [ - { - "label": "Default Rule", - "name": "ns_default_rule", - "policy": { - "label": "Default", - "name": "ns_default" - }, - "protocol": "all", - "source_address": "1.1.1.1/30", - "destination_address": "10.0.0.1/20", - "sticky": false - } - ] + "values": [ + { + "label": "Default Rule", + "name": "ns_default_rule", + "policy": { + "label": "Default", + "name": "ns_default" + }, + "protocol": "all", + "source_address": "1.1.1.1/30", + "destination_address": "10.0.0.1/20", + "sticky": false + } + ] } ``` +Beware, additional field `ns_src` and `ns_dst` with a `id` representing the firewall object might be present in the +response, they are the object replacement of `source_address` and `destination_address` respectively, consider them with +higher priority over the other fields. + Note: field `protocol`, `source_address` and `destination_address` can be missing from the response, in that case consider them to be set as `any`. @@ -6171,6 +6175,8 @@ Parameters: - `destination_address`: destination address to be used, can be a single IP, a CIDR or empty for `any` - `destination_port`: destination port to be used, can be a single port, a range or empty for `any` - `sticky`: Allow traffic from the same source IP address within the timeout limit to use same wan interface as prior session (Boolean default false) +- `ns_src`: source address object id, will override `source_address` +- `ns_dst`: destination address object id, will override `destination_address` Example response: @@ -6236,6 +6242,8 @@ Parameters: - `destination_address`: destination address to be used, can be a single IP, a CIDR or empty for `any` - `destination_port`: destination port to be used, can be a single port, a range or empty for `any` - `sticky`: Allow traffic from the same source IP address within the timeout limit to use same wan interface as prior session (Boolean default false) +- `ns_src`: source address object id, will override `source_address` +- `ns_dst`: destination address object id, will override `destination_address` Example response: From 896bce6222f6228e7e55d7af0c6853d87d19672e Mon Sep 17 00:00:00 2001 From: Tommaso Bailetti Date: Wed, 24 Jul 2024 17:51:51 +0200 Subject: [PATCH 2/4] ns-api(mwan): allowing not present addresses Signed-off-by: Tommaso Bailetti --- packages/ns-api/files/ns.mwan | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/packages/ns-api/files/ns.mwan b/packages/ns-api/files/ns.mwan index 475811ee7..95c526b3a 100755 --- a/packages/ns-api/files/ns.mwan +++ b/packages/ns-api/files/ns.mwan @@ -98,9 +98,9 @@ elif cmd == 'call': data['name'], data['policy'], data['protocol'], - data['source_address'], + data.get('source_address'), data['source_port'], - data['destination_address'], + data.get('destination_address'), data['destination_port'], data['sticky'], data.get('ns_src'), @@ -123,9 +123,9 @@ elif cmd == 'call': data['policy'], data['label'], data['protocol'], - data['source_address'], + data.get('source_address'), data['source_port'], - data['destination_address'], + data.get('destination_address'), data['destination_port'], data['sticky'], data.get('ns_src'), From 667747139094107f88d25a2bc856c59fbf4ba57b Mon Sep 17 00:00:00 2001 From: Tommaso Bailetti Date: Mon, 29 Jul 2024 15:54:14 +0200 Subject: [PATCH 3/4] ns-api(objects): use new library function to list domains Signed-off-by: Tommaso Bailetti --- packages/ns-api/files/ns.objects | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/ns-api/files/ns.objects b/packages/ns-api/files/ns.objects index 2c3ea021e..6e94a979c 100755 --- a/packages/ns-api/files/ns.objects +++ b/packages/ns-api/files/ns.objects @@ -54,7 +54,7 @@ elif cmd == 'call': e_uci = EUci() try: if action == 'list-domain-sets': - print(json.dumps({'values': objects.list_domain_sets(e_uci)})) + print(json.dumps({'values': objects.list_objects(e_uci, include_host_sets=False, expand=True)})) elif action == 'list-hosts': print(json.dumps({'values': objects.list_objects(e_uci, include_domain_sets=False, expand=True)})) else: From 18fedbdf94d3e8b8bf534cb2801f791241f400fe Mon Sep 17 00:00:00 2001 From: Tommaso Bailetti Date: Tue, 30 Jul 2024 09:37:44 +0200 Subject: [PATCH 4/4] python3-nethsec: version bump Signed-off-by: Tommaso Bailetti --- packages/python3-nethsec/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/python3-nethsec/Makefile b/packages/python3-nethsec/Makefile index 98ddcc9a6..c2fe78cb2 100644 --- a/packages/python3-nethsec/Makefile +++ b/packages/python3-nethsec/Makefile @@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=python3-nethsec -PKG_VERSION:=0.0.70 +PKG_VERSION:=0.0.71 PKG_RELEASE:=1 PKG_MAINTAINER:=Giacomo Sanchietti