linuxrouter/docker/routlin-dash/app/pages/physicalinterfaces/action.py

from pathlib import Path
import copy
import os

from flask import Blueprint, request, redirect, flash
from auth import require_level
from config_utils import load_config, record_group, diff_fields, verify_config_hash, queued_msg, queue_command
import sanitize
import mod_validation as validate

_PAGE = Path(__file__).parent.name

bp = Blueprint(_PAGE, __name__)

_EXCLUDE_PREFIXES = ('lo', 'wg', 'docker', 'br-', 'veth',
                     'tun', 'tap', 'ppp', 'virbr',
                     'podman', 'vnet', 'macvtap', 'fc-')


def _get_system_interfaces():
    try:
        return {
            n for n in os.listdir('/sys/class/net')
            if not n.startswith(_EXCLUDE_PREFIXES)
            and os.path.exists(f'/sys/class/net/{n}/device')
        }
    except Exception:
        return set()


def _valid_interface(name):
    return name in _get_system_interfaces()


@bp.route('/action/physicalinterfaces/physicalinterface_save', methods=['POST'])
@require_level('administrator')
def physicalinterface_save():
    wan = sanitize.interface_name(request.form.get('wan_interface', ''))
    lan = sanitize.interface_name(request.form.get('lan_interface', ''))

    if not wan or not lan:
        flash('Both WAN and LAN interfaces are required.', 'error')
        return redirect(f'/{_PAGE}')

    # WAN and LAN must be distinct physical interfaces
    err = validate.check_wan_lan_unique(wan, lan)
    if err:
        flash(err, 'error')
        return redirect(f'/{_PAGE}')

    if not verify_config_hash(request.form.get('config_hash', '')):
        flash('Configuration was modified by another session. Please refresh and try again.', 'error')
        return redirect(f'/{_PAGE}')

    available = _get_system_interfaces()
    # Interfaces must exist on this system (checked against physical-only interface list)
    for iface in (wan, lan):
        err = validate.check_interface_exists(iface, available)
        if err:
            flash(err, 'error')
            return redirect(f'/{_PAGE}')

    cfg    = load_config()
    before = copy.deepcopy(cfg.get('network_interfaces', {}))
    gen    = cfg.setdefault('network_interfaces', {})
    gen['wan_interface'] = wan
    gen['lan_interface'] = lan
    errors = validate.validate_config(cfg)
    if errors:
        for msg in errors:
            flash(msg, 'error')
        return redirect(f'/{_PAGE}')
    changes = diff_fields(before, cfg['network_interfaces'])
    flash(record_group(cfg, 'network_interfaces', None, None, changes, 'core apply'), 'success')
    return redirect(f'/{_PAGE}')


@bp.route('/action/physicalinterfaces/ifaceconfig_apply', methods=['POST'])
@require_level('administrator')
def ifaceconfig_apply():
    if not verify_config_hash(request.form.get('config_hash', '')):
        flash('Configuration was modified by another session. Please refresh and try again.', 'error')
        return redirect(f'/{_PAGE}')

    iface        = sanitize.interface_name(request.form.get('iface', ''))
    mtu          = request.form.get('mtu', '').strip()
    mac          = sanitize.mac(request.form.get('mac', ''))
    original_mtu = request.form.get('original_mtu', '').strip()
    original_mac = sanitize.mac(request.form.get('original_mac', ''))

    if not iface:
        flash('No interface specified.', 'error')
        return redirect(f'/{_PAGE}')

    if not _valid_interface(iface):
        flash(f"Interface '{iface}' does not exist on this system.", 'error')
        return redirect(f'/{_PAGE}')

    mtu_int = None
    if mtu:
        mtu_int = validate.int_range(mtu, 68, 9000)
        if mtu_int is None:
            flash('MTU must be an integer between 68 and 9000.', 'error')
            return redirect(f'/{_PAGE}')

    mac_raw = request.form.get('mac', '').strip()
    if mac_raw and not mac:
        flash('MAC address must be in the format aa:bb:cc:dd:ee:ff.', 'error')
        return redirect(f'/{_PAGE}')

    if not mtu_int and not mac:
        flash('No changes specified.', 'error')
        return redirect(f'/{_PAGE}')

    queued = False
    if mtu_int and str(mtu_int) != original_mtu:
        queue_command(f'mtu {iface} {mtu_int}')
        queued = True
    if mac and mac != original_mac:
        queue_command(f'mac {iface} {mac}')
        queued = True

    if not queued:
        flash('No changes detected.', 'info')
        return redirect(f'/{_PAGE}')

    flash(queued_msg(action_label='Changes queued'), 'success')
    return redirect(f'/{_PAGE}')
Development 2026-05-27 22:04:04 -04:00			`from pathlib import Path`
Development 2026-05-25 20:46:17 -04:00			`import copy`
UI improvements and input validations 2026-05-20 04:06:50 -04:00			`import os`

			`from flask import Blueprint, request, redirect, flash`
			`from auth import require_level`
Development 2026-05-30 14:57:33 -04:00			`from config_utils import load_config, record_group, diff_fields, verify_config_hash, queued_msg, queue_command`
UI improvements and input validations 2026-05-20 04:06:50 -04:00			`import sanitize`
Development 2026-06-05 01:48:27 -04:00			`import mod_validation as validate`
UI improvements and input validations 2026-05-20 04:06:50 -04:00
Development 2026-05-27 22:04:04 -04:00			`_PAGE = Path(__file__).parent.name`
UI improvements and input validations 2026-05-20 04:06:50 -04:00
Development 2026-05-27 22:04:04 -04:00			`bp = Blueprint(_PAGE, __name__)`
UI improvements and input validations 2026-05-20 04:06:50 -04:00
			`_EXCLUDE_PREFIXES = ('lo', 'wg', 'docker', 'br-', 'veth',`
			`'tun', 'tap', 'ppp', 'virbr',`
			`'podman', 'vnet', 'macvtap', 'fc-')`

Development 2026-05-23 02:01:37 -04:00
			`def _get_system_interfaces():`
UI improvements and input validations 2026-05-20 04:06:50 -04:00			`try:`
Development 2026-05-23 02:01:37 -04:00			`return {`
UI improvements and input validations 2026-05-20 04:06:50 -04:00			`n for n in os.listdir('/sys/class/net')`
			`if not n.startswith(_EXCLUDE_PREFIXES)`
			`and os.path.exists(f'/sys/class/net/{n}/device')`
			`}`
			`except Exception:`
Development 2026-05-23 02:01:37 -04:00			`return set()`


			`def _valid_interface(name):`
			`return name in _get_system_interfaces()`


Development 2026-05-27 22:04:04 -04:00			`@bp.route('/action/physicalinterfaces/physicalinterface_save', methods=['POST'])`
Development 2026-05-23 02:01:37 -04:00			`@require_level('administrator')`
Development 2026-05-27 22:04:04 -04:00			`def physicalinterface_save():`
Development 2026-05-23 02:01:37 -04:00			`wan = sanitize.interface_name(request.form.get('wan_interface', ''))`
			`lan = sanitize.interface_name(request.form.get('lan_interface', ''))`

			`if not wan or not lan:`
			`flash('Both WAN and LAN interfaces are required.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Development 2026-05-23 02:01:37 -04:00
Development 2026-05-31 22:01:59 -04:00			`# WAN and LAN must be distinct physical interfaces`
			`err = validate.check_wan_lan_unique(wan, lan)`
			`if err:`
			`flash(err, 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Development 2026-05-23 02:01:37 -04:00
Development 2026-05-25 19:59:42 -04:00			`if not verify_config_hash(request.form.get('config_hash', '')):`
Development 2026-05-23 02:01:37 -04:00			`flash('Configuration was modified by another session. Please refresh and try again.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Development 2026-05-23 02:01:37 -04:00
			`available = _get_system_interfaces()`
Development 2026-05-31 22:01:59 -04:00			`# Interfaces must exist on this system (checked against physical-only interface list)`
Development 2026-05-23 02:01:37 -04:00			`for iface in (wan, lan):`
Development 2026-05-31 22:01:59 -04:00			`err = validate.check_interface_exists(iface, available)`
			`if err:`
			`flash(err, 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Development 2026-05-23 02:01:37 -04:00
Development 2026-05-25 20:46:17 -04:00			`cfg = load_config()`
			`before = copy.deepcopy(cfg.get('network_interfaces', {}))`
			`gen = cfg.setdefault('network_interfaces', {})`
Development 2026-05-23 02:01:37 -04:00			`gen['wan_interface'] = wan`
			`gen['lan_interface'] = lan`
Development 2026-05-25 19:59:42 -04:00			`errors = validate.validate_config(cfg)`
Development 2026-05-23 02:01:37 -04:00			`if errors:`
			`for msg in errors:`
			`flash(msg, 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Development 2026-05-30 14:57:33 -04:00			`changes = diff_fields(before, cfg['network_interfaces'])`
			`flash(record_group(cfg, 'network_interfaces', None, None, changes, 'core apply'), 'success')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
UI improvements and input validations 2026-05-20 04:06:50 -04:00

Development 2026-05-27 22:04:04 -04:00			`@bp.route('/action/physicalinterfaces/ifaceconfig_apply', methods=['POST'])`
UI improvements and input validations 2026-05-20 04:06:50 -04:00			`@require_level('administrator')`
Development 2026-05-27 22:04:04 -04:00			`def ifaceconfig_apply():`
Development 2026-05-25 19:59:42 -04:00			`if not verify_config_hash(request.form.get('config_hash', '')):`
UI improvements and input validations 2026-05-20 04:06:50 -04:00			`flash('Configuration was modified by another session. Please refresh and try again.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
UI improvements and input validations 2026-05-20 04:06:50 -04:00
			`iface = sanitize.interface_name(request.form.get('iface', ''))`
			`mtu = request.form.get('mtu', '').strip()`
			`mac = sanitize.mac(request.form.get('mac', ''))`
			`original_mtu = request.form.get('original_mtu', '').strip()`
			`original_mac = sanitize.mac(request.form.get('original_mac', ''))`

			`if not iface:`
			`flash('No interface specified.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
UI improvements and input validations 2026-05-20 04:06:50 -04:00
			`if not _valid_interface(iface):`
			`flash(f"Interface '{iface}' does not exist on this system.", 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
UI improvements and input validations 2026-05-20 04:06:50 -04:00
			`mtu_int = None`
			`if mtu:`
Development 2026-05-20 17:10:18 -04:00			`mtu_int = validate.int_range(mtu, 68, 9000)`
			`if mtu_int is None:`
UI improvements and input validations 2026-05-20 04:06:50 -04:00			`flash('MTU must be an integer between 68 and 9000.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
UI improvements and input validations 2026-05-20 04:06:50 -04:00
			`mac_raw = request.form.get('mac', '').strip()`
			`if mac_raw and not mac:`
			`flash('MAC address must be in the format aa:bb:cc:dd:ee:ff.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
UI improvements and input validations 2026-05-20 04:06:50 -04:00
			`if not mtu_int and not mac:`
			`flash('No changes specified.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
UI improvements and input validations 2026-05-20 04:06:50 -04:00
			`queued = False`
			`if mtu_int and str(mtu_int) != original_mtu:`
			`queue_command(f'mtu {iface} {mtu_int}')`
			`queued = True`
			`if mac and mac != original_mac:`
			`queue_command(f'mac {iface} {mac}')`
			`queued = True`

			`if not queued:`
			`flash('No changes detected.', 'info')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
UI improvements and input validations 2026-05-20 04:06:50 -04:00
Development 2026-05-23 04:14:58 -04:00			`flash(queued_msg(action_label='Changes queued'), 'success')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`