OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of mihak »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - mihak

Pages: [1] 2 3 ... 5
1
General Discussion / Adding CSP (Content Security Policy) to a page?
« on: May 24, 2021, 08:57:24 am »
I would like to add a CSP policy to one Volt page in the view, allowing js code on that page to reach out and grab a specific 3rd-party API on the internet. Without defining CSP in either http header or in the <meta> tag in the <head> of the page, XMLhttprequest() refuses to execute.


Any suggestions how to do that? I tried to modify the controller for that view - with no success...

2
Zenarmor (Sensei) / Re: Error in configd communication
« on: May 23, 2021, 12:32:46 am »
It seems like a timeout when Python code in Configd_ctl waits for something...
What OPN version, what plugins, when was the last reboot of the FW... We need more info to help you triage.

3
Development and Code Review / Re: What do you think of a pure black template gui for opnsense?
« on: May 23, 2021, 12:24:47 am »
You can check how I added a bright/dark theme switcher to a Solarized theme (published in community repo by Mimugmail)


My 5 cents here:
- every theme should detect the theming preference of the OS
- every theme should have bright/dark variants and have a simple switching mechanism


Solarized theme is using couple of tricks (jquery injections and css variables) but it is better than any OS-ignorant and static (single-mode) theme.


(why do I care? I work in a glass sunroom; the daylight is crazy-bright, the night is... very dark. I prefer all my apps and web sites to honor my OS theme switching at the evening and morning)

4
Development and Code Review / calling configdpRun from API controller with more than one parameter
« on: May 20, 2021, 08:47:07 pm »
I hit a curious obstacle and before I implement a workaround, I wanted to check here if I am missing something.


1. I have a fully functioning configd action defined as:

[get]
command:/usr/local/bin/python3 <path>/script.py
parameters: %s %s
type:script_output

I can call that action with configctl <service> get parm1 parm2 - and it will grab both parameters as expected


2. I have an API controller defined that calls the configd action:

class OnlineController extends ApiControllerBase
{
    public function getAction($id='', $verb='')
    {
        return (new Backend())->configdpRun("<service> get", $id, $verb);
    }
}


Except I cannot pass the second parameter to configdpRun; passing only one parameter works, passing two parameters makes API controller to throw a GUID error instead executing the configd action.


Is this a known limitation? The line above works fine if I pass a single (compounded) parameter like this:
return (new Backend())->configdpRun("<service> get", $id.' '.$verb); - and then split it within my Python code.


But before I do that, I thought I ask here - am I doing something wrong?

5
Development and Code Review / Re: rendering of navbar through default.volt
« on: April 21, 2021, 08:56:27 pm »
oh wow, and we need to maintain consistency between both fbegin.inc and default.volt?
If I would add a theme toggle (dark/light) there, how should I implement it to persist upgrades?



6
Development and Code Review / rendering of navbar through default.volt
« on: April 21, 2021, 07:51:57 pm »
Help me understand how does the rendering of navbar header work...


- I created a <span> entry as a last <li> item within <header> of mvc/app/views/layouts/default.volt:

<li><span class="navbar-text" id="theme_toggle">toggle</span></li>


This <span> appears very inconsistently - it is visible on some pages (License, Reporting, Firewall) but missing on others (Dashboard, System, Interfaces). You can see the screenshots of the top right corner on the License page and on the dashboard below - one has a "toggle" addition, the other one doesn't...


Perhaps default.volt is not the right place to add modifications to the Navbar?


Rendered with a toggle: https://i.imgur.com/gqS6zZ3.png
Rendered without it: https://i.imgur.com/EAKEUwk.png






7
General Discussion / Re: Can we install Speedtest CLI on OPNsense ?
« on: April 19, 2021, 10:24:25 pm »
Ummm... The speedtest plugin is mine... :-)
It installs either Ookla or Ports CLI version if you have none on the router already.


M

8
Development and Code Review / Re: pkg management - handling non-repo dependencies
« on: March 22, 2021, 11:06:03 pm »
Ummm - this chaining of pkg statements is not working. When running the script above either as a +PRE_INSTALL or +POST_INSTALL, I get:


pkg: Cannot get an exclusive lock on a database, it is locked by another process


Any other ideas? :-)

9
Development and Code Review / Re: pkg management - handling non-repo dependencies
« on: March 22, 2021, 09:03:53 pm »
like this?

if [ ! -f /usr/local/bin/speedtest ];
  then sudo pkg add "https://bintray.com/ookla/download/download_file?file_path=ookla-speedtest-1.0.0-freebsd>
fi
pkg info libidn2 > nul
if [ $? != 0 ]; then sudo pkg install -y libidn2; fi

10
Development and Code Review / pkg management - handling non-repo dependencies
« on: March 22, 2021, 12:52:37 am »
I am tidying-up the speedtest plugin that I cobbled together in the last few weeks (https://github.com/mihakralj/opnsense-speedtest)


During the development, I included the copy of binary for speedtest directly in the .txz - but now it is time to remove it from the package and declare an external dependency. The problem is that Ookla's speedtest is not part of any repo (that I know), so their installation guideline is asking for a direct pkg add installation command.


Having a PLUGIN_DEPENDS statement in the Makefile will stop the installation of the plugin if speedtest is not installed prior, but it would prefer a more streamlined method where some +PRE_INSTALL (if it exists) would run the required pkg add command for a 3rd-party package that is not found in any of linked repos.


11
Development and Code Review / Reading from (and writing to) /conf/config.xml
« on: March 21, 2021, 06:43:53 pm »
I saw several methods used across front-end and backend packages how configuration is read and written to config.xml


Is there (documented?) reviewed and recommended approach for all devs how to read from and write to config.xml? On front-end I would appreciate guidance on php and js patterns for read/write, on the backend at least a read/write pattern for shell scripting and Python.


Or is the recommended approach to use API and CLI exclusively and not ever even think about config.xml directly?




12
General Discussion / Re: Modify config.xml at build time
« on: March 19, 2021, 06:53:54 pm »
You would like to write to config.xml from... Where? Are you building a new back-end logic (in usr/local/opnsense/scripts), or just changing the behavior of the front-end? Did you change the model in  mvc/app/models/OPNsense/Wireguard/Server.xml yet?


Tell us more so we can help you better... :-)

13
General Discussion / Multiple IP leases on one network port - how?
« on: March 18, 2021, 09:08:28 pm »
My ISP started to allow two public IP assignments per connection and I can run two separate devices connected (via ethernet switch) to ISP's CAT6 cable, getting two independent public IPs through DHCP. One of them is OPNsense box, but I'd like to eliminate the switch and get both public IPs assigned to OPNsense.


How could I get two interfaces with separate DHCP-assigned IP addresses that are both attached to the same physical network port? Virtual IP allows only static IP assignment, no DHCP.


I am already using a custom MAC address on the WAN port - is there an option (that I cannot see) to add a second (virtual?) MAC to the adapter that would allow a second DHCP lease and a second interface?




14
Development and Code Review / Re: Creating CSV - permissions
« on: March 18, 2021, 02:29:45 am »
to close the thread (and for future reference for budding devs):
- create a new DownloadController.php in mvc/app/controllers/OPNsense/<plugin>/Api
- the downloadable file is then available at /api/<plugin>/download/csv




namespace OPNsense\Speedtest\Api;
use OPNsense\Base\ApiControllerBase;


class DownloadController extends ApiControllerBase
{
    const DATA_CSV = '/usr/local/opnsense/scripts/OPNsense/<plugin>/filename.csv';


    public function csvAction()
    {
        $this->response->setStatusCode(200, "OK");
        $this->response->setContentType('text/csv', 'UTF-8');
        $this->response->setHeader("Content-Disposition", "attachment; filename=\"filename.csv\"");
        $data = file_get_contents(self::DATA_CSV);
        $this->response->setContent($data);
    }


    public function afterExecuteRoute($dispatcher)
    {
        $this->response->send();
    }
}

15
Development and Code Review / Creating CSV - permissions
« on: March 08, 2021, 12:22:59 am »
I would like to create and append data to a .CSV from a Python backend script; I'd also like to allow users to download the CSV.


Where should I place the CSV file on OPNSenese so my Python code (under default access rights) can write to it?
Also, how do I modiy controller (and view?) of my plugin so I can generate a downloadable link to CSV?


I achieved what I wanted on my dev instance of OPNSenese by manually chmod-ing write permissions to a folder within /usr/local/opnsense - but that is not a viable secure option. 😊


For the context: an hourly task runs speedtest and writes (appends) timestamp, latency, ul and dl speeds into a csv file. The csv file is then used to calculate aveages on the dashboard and to be downloadable for further analysis.

Pages: [1] 2 3 ... 5
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2