diff --git a/routing_templates/forms.py b/routing_templates/forms.py
new file mode 100644
index 0000000..e5f5d21
--- /dev/null
+++ b/routing_templates/forms.py
@@ -0,0 +1,70 @@
+from crispy_forms.helper import FormHelper
+from crispy_forms.layout import Column, HTML, Layout, Row, Submit
+from django import forms
+from django.utils.translation import gettext_lazy as _
+
+from .models import RoutingTemplate
+
+
+class RoutingTemplateForm(forms.ModelForm):
+ class Meta:
+ model = RoutingTemplate
+ fields = [
+ 'name',
+ 'wireguard_instance',
+ 'default_template',
+ 'route_type',
+ 'custom_routes',
+ 'allow_peer_custom_routes',
+ ]
+
+ def __init__(self, *args, **kwargs):
+ self.user = kwargs.pop('user', None)
+ super().__init__(*args, **kwargs)
+
+ self.fields['name'].label = _("Name")
+ self.fields['wireguard_instance'].label = _("WireGuard Instance")
+ self.fields['default_template'].label = _("Default Template")
+ self.fields['route_type'].label = _("Route Type")
+ self.fields['custom_routes'].label = _("Custom Routes")
+ self.fields['allow_peer_custom_routes'].label = _("Allow Peer Custom Routes")
+
+ back_label = _("Back")
+ delete_label = _("Delete")
+
+ self.helper = FormHelper()
+ self.helper.form_method = 'post'
+
+ if self.instance.pk:
+ delete_html = f"{delete_label}"
+ else:
+ delete_html = ''
+
+ self.helper.layout = Layout(
+ Row(
+ Column('name', css_class='form-group col-md-6 mb-0'),
+ Column('wireguard_instance', css_class='form-group col-md-6 mb-0'),
+ css_class='form-row'
+ ),
+ Row(
+ Column('route_type', css_class='form-group col-md-12 mb-0'),
+ css_class='form-row'
+ ),
+ Row(
+ Column('custom_routes', css_class='form-group col-md-12 mb-0'),
+ css_class='form-row'
+ ),
+ Row(
+ Column('default_template', css_class='form-group col-md-6 mb-0'),
+ Column('allow_peer_custom_routes', css_class='form-group col-md-6 mb-0'),
+ css_class='form-row'
+ ),
+ Row(
+ Column(
+ Submit('submit', _('Save'), css_class='btn btn-success'),
+ HTML(f' {back_label} '),
+ HTML(delete_html),
+ css_class='col-md-12'),
+ css_class='form-row'
+ )
+ )
diff --git a/routing_templates/migrations/0002_routingtemplate_enforce_route_policy.py b/routing_templates/migrations/0002_routingtemplate_enforce_route_policy.py
new file mode 100644
index 0000000..a28ebde
--- /dev/null
+++ b/routing_templates/migrations/0002_routingtemplate_enforce_route_policy.py
@@ -0,0 +1,18 @@
+# Generated by Django 5.2.9 on 2026-01-16 17:21
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+ dependencies = [
+ ('routing_templates', '0001_initial'),
+ ]
+
+ operations = [
+ migrations.AddField(
+ model_name='routingtemplate',
+ name='enforce_route_policy',
+ field=models.BooleanField(default=False),
+ ),
+ ]
diff --git a/routing_templates/models.py b/routing_templates/models.py
index e88ebec..aeabe76 100644
--- a/routing_templates/models.py
+++ b/routing_templates/models.py
@@ -22,6 +22,7 @@ class RoutingTemplate(models.Model):
custom_routes = models.TextField(blank=True, null=True, help_text=_('One route per line in CIDR notation.'))
allow_peer_custom_routes = models.BooleanField(default=False)
+ enforce_route_policy = models.BooleanField(default=False)
uuid = models.UUIDField(default=uuid.uuid4, editable=False, unique=True)
created = models.DateTimeField(auto_now_add=True)
diff --git a/routing_templates/views.py b/routing_templates/views.py
index 60f00ef..052c31d 100644
--- a/routing_templates/views.py
+++ b/routing_templates/views.py
@@ -1 +1,88 @@
-# Create your views here.
+from django.contrib import messages
+from django.contrib.auth.decorators import login_required
+from django.shortcuts import get_object_or_404, redirect, render
+from django.utils.translation import gettext_lazy as _
+
+from user_manager.models import UserAcl
+from .forms import RoutingTemplateForm
+from .models import RoutingTemplate
+
+
+@login_required
+def view_routing_template_list(request):
+ if not UserAcl.objects.filter(user=request.user).filter(user_level__gte=50).exists():
+ return render(request, 'access_denied.html', {'page_title': 'Access Denied'})
+
+ page_title = _('Routing Templates')
+ routing_templates = RoutingTemplate.objects.all().order_by('name')
+ context = {'page_title': page_title, 'routing_templates': routing_templates}
+ return render(request, 'routing_templates/list.html', context)
+
+
+@login_required
+def view_manage_routing_template(request):
+ if not UserAcl.objects.filter(user=request.user).filter(user_level__gte=50).exists():
+ return render(request, 'access_denied.html', {'page_title': 'Access Denied'})
+
+ routing_template = None
+ if 'uuid' in request.GET:
+ routing_template = get_object_or_404(RoutingTemplate, uuid=request.GET['uuid'])
+ form = RoutingTemplateForm(instance=routing_template, user=request.user)
+ page_title = _('Edit Routing Template: ') + routing_template.name
+
+ if request.GET.get('action') == 'delete':
+ template_name = routing_template.name
+ if request.GET.get('confirmation') == 'delete':
+ routing_template.delete()
+ messages.success(request, _('Routing Template deleted|Routing Template deleted: ') + template_name)
+ return redirect('/routing-templates/list/')
+ else:
+ messages.warning(request, _('Routing Template not deleted|Invalid confirmation.'))
+ return redirect('/routing-templates/list/')
+ else:
+ form = RoutingTemplateForm(user=request.user)
+ page_title = _('Add Routing Template')
+
+ if request.method == 'POST':
+ if routing_template:
+ form = RoutingTemplateForm(request.POST, instance=routing_template, user=request.user)
+ else:
+ form = RoutingTemplateForm(request.POST, user=request.user)
+
+ if form.is_valid():
+ form.save()
+ return redirect('/routing-templates/list/')
+
+ form_description = {
+ 'size': '',
+ 'content': _('''
+ Routing Templates
+ Define routing configurations that can be applied to peers.
+
+ Default Template
+ If checked, this template will be the default for the selected WireGuard instance. Only one default template is allowed per instance.
+
+ Route Type
+ Select the type of routes to push to the client.
+
+ - Default Route (0.0.0.0/0): Redirects all traffic through the VPN.
+ - Routes from Peers on same Interface: Pushes routes for other peers on the same WireGuard interface.
+ - Routes from All Peers: Pushes routes for all peers across all interfaces.
+ - Custom Routes: Allows you to specify custom CIDR ranges.
+
+
+ Custom Routes
+ Enter custom routes in CIDR notation, one per line (e.g., 192.168.1.0/24).
+
+ Allow Peer Custom Routes
+ If checked, allows specific peers to add their own custom routes on top of this template.
+ ''')
+ }
+
+ context = {
+ 'page_title': page_title,
+ 'form': form,
+ 'instance': routing_template,
+ 'form_description': form_description
+ }
+ return render(request, 'generic_form.html', context)
diff --git a/templates/base.html b/templates/base.html
index f73f748..7fb3b75 100644
--- a/templates/base.html
+++ b/templates/base.html
@@ -146,6 +146,16 @@
+
+
+
+
+ {% trans 'Routing Templates' %}
+
+
+
+
diff --git a/templates/routing_templates/list.html b/templates/routing_templates/list.html
new file mode 100644
index 0000000..b2c773a
--- /dev/null
+++ b/templates/routing_templates/list.html
@@ -0,0 +1,42 @@
+{% extends "base.html" %}
+{% load i18n %}
+
+{% block content %}
+
+
+
+ | {% trans 'Name' %} |
+ {% trans 'WireGuard Instance' %} |
+ {% trans 'Route Type' %} |
+ {% trans 'Default' %} |
+ {% trans 'Updated' %} |
+ |
+
+
+
+ {% for template in routing_templates %}
+
+ | {{ template.name }} |
+ {{ template.wireguard_instance }} |
+ {{ template.get_route_type_display }} |
+
+ {% if template.default_template %}
+
+ {% endif %}
+ |
+ {{ template.updated|date:"SHORT_DATE_FORMAT" }} |
+
+
+ |
+
+ {% endfor %}
+
+
+
+
+
+{% endblock %}
diff --git a/wireguard_webadmin/urls.py b/wireguard_webadmin/urls.py
index f747569..ff78b70 100644
--- a/wireguard_webadmin/urls.py
+++ b/wireguard_webadmin/urls.py
@@ -31,6 +31,7 @@ from firewall.views import manage_firewall_rule, manage_redirect_rule, view_fire
view_firewall_rule_list, view_generate_iptables_script, view_manage_firewall_settings, view_redirect_rule_list, \
view_reset_firewall
from intl_tools.views import view_change_language
+from routing_templates.views import view_manage_routing_template, view_routing_template_list
from user_manager.views import view_manage_user, view_peer_group_list, view_peer_group_manage, view_user_list
from vpn_invite.views import view_email_settings, view_vpn_invite_list, view_vpn_invite_settings
from vpn_invite_public.views import view_public_vpn_invite
@@ -99,5 +100,7 @@ urlpatterns = [
path('cluster/', cluster_main, name='cluster_main'),
path('cluster/worker/manage/', worker_manage, name='worker_manage'),
path('cluster/settings/', cluster_settings, name='cluster_settings'),
+ path('routing-templates/list/', view_routing_template_list, name='routing_template_list'),
+ path('routing-templates/manage/', view_manage_routing_template, name='manage_routing_template'),
path('change_language/', view_change_language, name='change_language'),
]