From d7d71590bc1b03d801a437abf9ab1ef445c071f7 Mon Sep 17 00:00:00 2001 From: Christian Korber Date: Thu, 16 Oct 2025 13:35:34 +0200 Subject: [PATCH 1/2] luci-base: parse for mac range This commit is a preparation to add the possibility to block or accept a range of MAC addresses int they syntax of: ''' 00:11:22:00:00:00-00:11:22:ff:ff:ff ''' The commit depends on the PR openwrt/firewall4#74 being merged first. Signed-off-by: Christian Korber --- .../luci-static/resources/validation.js | 29 +++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/modules/luci-base/htdocs/luci-static/resources/validation.js b/modules/luci-base/htdocs/luci-static/resources/validation.js index d3208c9b792d..8148f050db10 100644 --- a/modules/luci-base/htdocs/luci-static/resources/validation.js +++ b/modules/luci-base/htdocs/luci-static/resources/validation.js @@ -386,6 +386,35 @@ const ValidatorFactory = baseclass.extend({ multicast ? _('valid multicast MAC address') : _('valid MAC address')); }, + macrange(multicast) { + const m = this.value.match(/^((?:[a-fA-F0-9]{2}:){5}[a-fA-F0-9]{2})\-((?:[a-fA-F0-9]{2}:){5}[a-fA-F0-9]{2})$/); + let valid, mac1, mac2; + + let tonumber = (mac) => { + const n = mac.replace(/[^a-fA-F0-9]/g, '').toUpperCase(); + return BigInt('0x' + n); + }; + + if (m == null) + return this.assert(false, multicast ? _('valid multicast MAC address range') : _('valid MAC address range')); + + if (m[1]) { + mac1 = tonumber(m[1]); + valid = this.apply('macaddr', m[1], [multicast]); + if (!valid) + return this.assert(false, multicast ? _('valid multicast MAC address') : _('valid MAC address')); + } + + if (m[2]) { + mac2 = tonumber(m[2]); + valid = this.apply('macaddr', m[2], [multicast]); + if (!valid) + return this.assert(false, multicast ? _('valid multicast MAC address') : _('valid MAC address')); + } + + return this.assert(mac1 < mac2, multicast ? _('valid multicast MAC address range') : _('valid MAC address range')); + }, + host(ipv4only) { return this.assert(this.apply('hostname') || this.apply(ipv4only == 1 ? 'ip4addr' : 'ipaddr', null, ['nomask']), _('valid hostname or IP address')); From 4a5a74ae217b9e20b3580402566001d3746c3d1c Mon Sep 17 00:00:00 2001 From: Christian Korber Date: Thu, 16 Oct 2025 13:37:00 +0200 Subject: [PATCH 2/2] luci-app-firewall: enable to handle mac ranges This commit adds the feature to handle mac ranges to `luci-app-firewall` Signed-off-by: Christian Korber --- .../htdocs/luci-static/resources/tools/firewall.js | 4 ++-- .../htdocs/luci-static/resources/view/firewall/rules.js | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/applications/luci-app-firewall/htdocs/luci-static/resources/tools/firewall.js b/applications/luci-app-firewall/htdocs/luci-static/resources/tools/firewall.js index f9d7dc611c8d..e21f463494d2 100644 --- a/applications/luci-app-firewall/htdocs/luci-static/resources/tools/firewall.js +++ b/applications/luci-app-firewall/htdocs/luci-static/resources/tools/firewall.js @@ -517,8 +517,8 @@ return baseclass.extend({ var o = s.taboption(tab, this.CBIDynamicMultiValueList, name, label, description); o.modalonly = true; - o.datatype = 'list(macaddr)'; - o.placeholder = _('-- add MAC --'); + o.datatype = 'list(neg(or(macaddr,macrange)))'; + o.placeholder = _('-- add MAC or MAC range --'); L.sortedKeys(hosts).forEach(function(mac) { o.value(mac, E([], [ mac, ' (', E('strong', {}, [ diff --git a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js index 95b91b54459a..460438a47edc 100644 --- a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js +++ b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js @@ -378,7 +378,8 @@ return view.extend({ o.modalonly = true; o.rmempty = true; - fwtool.addMACOption(s, 'advanced', 'src_mac', _('Source MAC address'), null, hosts); + fwtool.addMACOption(s, 'advanced', 'src_mac', _('Source MAC address (range)'), + _('Enter a MAC address or a range'), hosts); fwtool.addIPOption(s, 'general', 'src_ip', _('Source address'), null, '', hosts, true); o = s.taboption('general', form.Value, 'src_port', _('Source port'));