HS-Esslingen/esp-firewall
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
This repository has been archived on 2024-10-30. You can view files and clone it, but cannot push or open issues or pull requests.
esp-firewall/ESPFirewall/lib/Firewall/src/Firewall.cpp

140 lines
4.2 KiB
C++
Raw Normal View History

cleanup Firewall
2022-05-03 20:15:01 +02:00
#include "Firewall.hpp"
namespace fw
{
Firewall::Firewall()
{
this->amount_of_rules = retrieve_settings_value("amount_of_rules");
for (uint8_t i = 1; i <= this->amount_of_rules; i++)
{
firewall_rule_t *rule_ptr = retrieve_firewall_rule(i);
this->add_rule_to_firewall(rule_ptr, false);
}
}
Firewall::~Firewall()
{
}
firewall_rule_t *Firewall::get_rule_head()
{
return this->rule_head;
}
void Firewall::add_rule_to_firewall(firewall_rule_t *rule_ptr, const bool save_in_eeprom)
{
store_settings_value("amount_of_rules", this->amount_of_rules);
if (save_in_eeprom)
Storage::store_firewall_rule(rule_ptr);
if (this->rule_head == NULL)
{
this->rule_head = rule_ptr;
rule_ptr->next = NULL;
return;
}
firewall_rule_t *current_rule;
current_rule = this->rule_head;
while (current_rule->next != NULL)
current_rule = current_rule->next;
current_rule->next = rule_ptr;
rule_ptr->next = NULL;
}
firewall_rule_t *Firewall::add_rule_to_firewall(String source, String destination, String port_from, String port_to, String protocol, String target)
{
firewall_rule_t *rule_ptr = (firewall_rule_t *)malloc(sizeof(firewall_rule_t));
rule_ptr->key = ++this->amount_of_rules;
strncpy(rule_ptr->source, source.c_str(), sizeof(rule_ptr->source));
strncpy(rule_ptr->destination, destination.c_str(), sizeof(rule_ptr->destination));
rule_ptr->port_from = port_from.toInt();
rule_ptr->port_to = port_to.toInt();
rule_ptr->protocol = string_to_protocol(protocol);
rule_ptr->target = string_to_target(target);
add_rule_to_firewall(rule_ptr);
return rule_ptr;
}
firewall_rule_t *Firewall::get_rule_from_firewall(const uint8_t key)
{
firewall_rule_t *rule_ptr = this->rule_head;
if (this->rule_head == NULL)
return NULL;
while (rule_ptr->key != key)
{
if (rule_ptr->next == NULL)
return NULL;
else
rule_ptr = rule_ptr->next;
}
return rule_ptr;
}
ok_t Firewall::delete_rule_from_firewall(const uint8_t key)
{
if (this->rule_head == NULL)
return NO_ACTION;
firewall_rule_t *current_rule = this->rule_head;
firewall_rule_t *previous_rule = NULL;
firewall_rule_t *temp = NULL;
while (current_rule->key != key)
{
if (current_rule->next == NULL)
return NO_ACTION;
else
{
previous_rule = current_rule;
current_rule = current_rule->next;
}
}
if (current_rule == this->rule_head)
{
this->rule_head = rule_head->next;
temp = this->rule_head;
}
else
{
previous_rule->next = current_rule->next;
temp = previous_rule->next;
}
while (temp != NULL)
{
temp->key--;
temp = temp->next;
}
free(current_rule);
this->amount_of_rules--;
Storage::store_settings_value("amount_of_rules", this->amount_of_rules);
if (this->amount_of_rules != 0)
Storage::store_all_firewall_rules(rule_head);
return SUCCESS;
}
basic function to check client
2022-05-03 20:40:42 +02:00
real basic check
2022-05-03 21:00:56 +02:00
bool Firewall::is_included_in_firewall(const char *ip, const uint16_t port)
{
firewall_rule_t *rule_ptr = this->rule_head;
while (rule_ptr != NULL)
{
if (strncmp(ip, rule_ptr->source, IPV4ADDRESS_LENGTH) == 0)
{
if (rule_ptr->port_from <= port && port <= rule_ptr->port_to)
return true;
}
rule_ptr = rule_ptr->next;
}
return false;
}
basic function to check client
2022-05-03 20:40:42 +02:00
bool Firewall::is_client_allowed(WiFiClient client)
{
const char *ip = client.remoteIP().toString().c_str();
const uint16_t port = client.remotePort();
Serial.print(client.remoteIP());
Serial.print(":");
Serial.println(client.remotePort());
return if ip and port are not included in firewall
2022-05-04 09:13:40 +02:00
return !is_included_in_firewall(ip, port);
basic function to check client
2022-05-03 20:40:42 +02:00
}
cleanup Firewall
2022-05-03 20:15:01 +02:00
}
Reference in a new issue Copy permalink