-
Notifications
You must be signed in to change notification settings - Fork 71
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WIP: Add support for firewall configuration to the OpenWrt backend #116
Conversation
57c7613
to
e8c8a36
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@okraits could you add some tests for this please?
That should help me better understand how this would work.
At some points some basic docs will be needed too, but we can think about those later.
Sure, I will add tests when I think I have finished the converter. |
df64ad6
to
be0b972
Compare
@nemesisdesign I did quite some tests now of the firewall configuration with openwisp-controller and openwisp-config. With my recent bugfixes for openwisp-config this looks good. But if I run the nosetests then they fail because of the config defined in |
The error is that you passed an array instead of an object as the rules for the firewall
Changing the schema from index 7b165f2..75aad1c 100644
--- a/netjsonconfig/backends/openwrt/schema.py
+++ b/netjsonconfig/backends/openwrt/schema.py
@@ -474,7 +474,7 @@ schema = merge_config(default_schema, {
}
},
"firewall": {
- "type": "object",
+ "type": "array",
"title": "Firewall",
"additionalProperties": True,
"propertyOrder": 11, The test fails but does not raise a validation error
|
3fd3fab
to
8811da6
Compare
dd91ea6
to
a7a8b9c
Compare
May I ask what the status of this is? Trying to find a sane way to configure a openwrt access point and |
@steffenmllr The implementation is done for now, but the tests need to be fixed/finished. |
@okraits Interested to know if you have any plans to pick this up? If not, would you be able to share what you think remains to be done? A quick scan over the commits and I see a few tests. I might have some time available to help move this forward, any guidance would be appreciated. |
@jonathanunderwood first steps in the right direction are to fix the conflicts with the current master and ensure the build passes, do you think you can do that? If yes I can prepare a branch where we can work together on getting this finished. @okraits have you been using this solution in your application? |
This is included in our application but I'm not sure if there is a case where we're doing firewall configuration right now. But afaik it's mostly the tests which need to be fixed/finished to complete this PR. |
Yup, no problem. I'll look at this next week when I am on leave. |
@jonathanunderwood here: https://github.com/openwisp/netjsonconfig/tree/openwrt-firewall you should have write access to that branch, please keep the authorship of @okraits intact 👍 thanks in advance |
This PR adds support for the firewall configuration to the OpenWRT backend:
https://openwrt.org/docs/guide-user/firewall/firewall_configuration
Todos: