luci-app-upnp: update ACL options, migrate section

- Ignorable and cloneable ACL entries, always translated `Action`
- Improve UI with direct editability, clearer help wording, and rename
  to `Access Control List`
- Note that the ACL is now rejected by default, with no preset and
  accept extra ports. Add (ignored) ACL template entries on migration
- Migrate ACL entries to the new section name `acl_entry`
- The following ACL UCI options been added or changed, and the previous
  options are migrated on updating:

acl_entry UCI options       | Change                     | Previous name
----------------------------|----------------------------|--------------
action                      | New/updated values     (1) |
int_port                    | Remove colon separator (2) | int_ports
ext_port                    | Remove colon separator (2) | ext_ports
descr_filter                | New option             (3) |

1. Allow ignore, and update action option to use the nftables terms
   (allow/deny -> accept/reject). To avoid adding inverted actions when
   changing via LuCI, ensure any missing are set, as LuCI and UCI had
   not matching action defaults. Missing actions are now ignored/logged
2. Ensure that the hyphen (-) is only used as a port range separator by
   migration, as the colon (:) is not valid in LuCI
3. Add missing UCI option to set a regular expression to check for a
   UPnP IGD IPv4 port map description, and fix the current collision
   with the comment field which was not noticed due to a daemon bug
   https://redirect.github.com/openwrt/packages/pull/24495
   https://redirect.github.com/miniupnp/miniupnp/pull/853

- Refactoring by adding a more universal usable `is_port_or_range`
  function instead of `upnpd_get_port_range` and check if it has a valid
  range, and removes a shellcheck warning
- Rename `conf_rule_add` function to `upnpd_add_acl_entry`

(to merge with prior)

Signed-off-by: Self-Hosting-Group <selfhostinggroup-git+openwrt@shost.ing>

Author: Self-Hosting-Group

applications/luci-app-upnp/htdocs/luci-static/resources/view/upnp/upnp.js

@@ -336,11 +336,14 @@ return view.extend({
 		o.editable = true;
 		o.retain = true;
 
-		s = m.section(form.GridSection, 'perm_rule', _('Service Access Control List'),
-			_('ACL specify which client addresses and ports can be mapped, IPv6 always allowed.'));
+		s = m.section(form.GridSection, 'acl_entry', '<h5>' + _('Access Control List') + '</h5>',
+			_('The access control list (ACL) specifies which IP addresses and ports can be mapped.') + ' ' +
+			_('ACL entries are checked in order and rejected by default, with no preset. (should be part of extra tab)'));
 		s.anonymous = true;
 		s.addremove = true;
+		s.cloneable = true;
 		s.sortable = true;
+		s.modaltitle = _('UPnP IGD & PCP') + ' - ' + _('Edit ACL Entry');
 		// Preferably: ACL part of extra tab with depends for section as immediately, and network section part of service setup tab. Nice to have: Add button (+input) calls function and opens modal pre-filled
 		let acl_used = false;
 		for (let ifnr = 0; uci.get('upnpd', `@internal_network[${ifnr}]`, 'interface'); ifnr++) {
@@ -351,23 +354,38 @@ return view.extend({
 		}
 		s.disable = !acl_used;
 
-		s.option(form.Value, 'comment', _('Comment'));
+		o = s.option(form.Value, 'comment', _('Comment'));
+		o.default = _('unspecified');
 
 		o = s.option(form.Value, 'int_addr', _('IP address'));
 		o.datatype = 'ip4addr';
-		o.placeholder = '0.0.0.0/0';
+		o.default = '0.0.0.0/0';
+		o.editable = true;
+		o.retain = true;
 
-		o = s.option(form.Value, 'int_ports', _('Port'));
+		o = s.option(form.Value, 'int_port', _('Port'));
 		o.datatype = 'portrange';
-		o.placeholder = '1-65535';
+		o.placeholder = '1-65535 (' + _('any port') + ')';
+		o.editable = true;
+		o.retain = true;
 
-		o = s.option(form.Value, 'ext_ports', _('External port'));
+		o = s.option(form.Value, 'ext_port', _('External port'));
 		o.datatype = 'portrange';
-		o.placeholder = '1-65535';
+		o.placeholder = '1-65535 (' + _('any port') + ')';
+		o.editable = true;
+		o.retain = true;
+
+		o = s.option(form.Value, 'descr_filter', _('Description filter'),
+			_('A regular expression to check for a UPnP IGD IPv4 port map description'));
+		o.placeholder = '^.*$ (' + _('any description') + ')';
+		o.modalonly = true;
 
 		o = s.option(form.ListValue, 'action', _('Action'));
-		o.value('allow', _('Allow'));
-		o.value('deny', _('Deny'));
+		o.value('accept', _('Accept'));
+		o.value('reject', _('Reject'));
+		o.value('ignore', _('Ignore'));
+		o.editable = true;
+		o.retain = true;
 
 		return m.render().then(L.bind(function(m, nodes) {
 			if (uci.get('upnpd', 'settings', 'enabled') != '0') {