Add firewall rule checker diagnostic tool

NHAS · May 8, 2024 · cdbdbec · cdbdbec
1 parent 1251a49
commit cdbdbec
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 14 deletions.
diff --git a/ui/diagnostics.go b/ui/diagnostics.go
@@ -191,12 +191,12 @@ func firewallCheckTest(w http.ResponseWriter, r *http.Request) {
 
 	var inputErrors []error
 	address := r.FormValue("address")
-	if net.IP(address) == nil {
-		inputErrors = append(inputErrors, fmt.Errorf("%s not an ip address"))
+	if net.ParseIP(address) == nil {
+		inputErrors = append(inputErrors, fmt.Errorf("device (%s) not an ip address", address))
 	}
 
 	target := r.FormValue("target")
-	targetIP := net.IP(target)
+	targetIP := net.ParseIP(target)
 	if targetIP == nil {
 		addresses, err := net.LookupIP(target)
 		if err != nil {
@@ -211,9 +211,13 @@ func firewallCheckTest(w http.ResponseWriter, r *http.Request) {
 	}
 
 	proto := r.FormValue("protocol")
-	port, err := strconv.Atoi(r.FormValue("port"))
-	if err != nil {
-		inputErrors = append(inputErrors, fmt.Errorf("could not parse port: %s", err))
+	port := 0
+	if r.FormValue("port") != "" {
+		var err error
+		port, err = strconv.Atoi(r.FormValue("port"))
+		if err != nil {
+			inputErrors = append(inputErrors, fmt.Errorf("could not parse port: %s", err))
+		}
 	}
 
 	var decision string
@@ -223,12 +227,12 @@ func firewallCheckTest(w http.ResponseWriter, r *http.Request) {
 			decision = err.Error()
 		} else {
 
-			isAuthed := " (unauthorised)"
+			isAuthed := "(unauthorised)"
 			if router.IsAuthed(address) {
-				isAuthed = " (authorised)"
+				isAuthed = "(authorised)"
 			}
 
-			displayProto := fmt.Sprintf("%d:%s", port, proto)
+			displayProto := fmt.Sprintf("%d/%s", port, proto)
 			if proto == "icmp" {
 				displayProto = proto
 			}
@@ -242,6 +246,7 @@ func firewallCheckTest(w http.ResponseWriter, r *http.Request) {
 	d := struct {
 		Page
 		Address   string
+		Target    string
 		Port      int
 		Decision  string
 		Protocols []struct {
@@ -262,6 +267,7 @@ func firewallCheckTest(w http.ResponseWriter, r *http.Request) {
 		Decision: decision,
 		Address:  address,
 		Port:     port,
+		Target:   target,
 	}
 
 	d.Protocols = []struct {

diff --git a/ui/templates/diagnostics/route_checker.html b/ui/templates/diagnostics/route_checker.html
@@ -11,7 +11,7 @@ <h1 class="m-0 text-gray-900">Firewall Decision</h6>
     <div class="card-body">
         <div class="row">
             <div class="col">
-                <form class="form-inline" action="/diag/route_test" method="POST">
+                <form class="form" action="/diag/check" method="POST">
                     {{ csrfToken }}
 
                     <div class="form-row">
@@ -27,12 +27,12 @@ <h1 class="m-0 text-gray-900">Firewall Decision</h6>
                         </div>
                     </div>
                     <div class="form-row">
-                        <div class="form-group col-md-2">
+                        <div class="form-group col-md">
                             <label for="port">Port</label>
-                            <input type="number" class="form-control" id="port" name="port" placeholder="80"
-                                value="{{.Port}}">
+                            <input type="number" class="form-control" id="port" name="port" value="{{.Port}}">
                         </div>
-                        <div class="form-group col-md-2">
+                        <div class="form-group col-md">
+                            <label for="protocol">Protocol</label>
                             <select class="custom-select" name="protocol">
                                 {{range .Protocols}}
                                 <option {{if .Selected}}selected{{end}} value="{{.Val}}">{{.Name}}</option>