diff --git a/ESPFirewall/lib/Firewall/src/API.cpp b/ESPFirewall/lib/Firewall/src/API.cpp index 75b9dcd..e01a6ed 100644 --- a/ESPFirewall/lib/Firewall/src/API.cpp +++ b/ESPFirewall/lib/Firewall/src/API.cpp @@ -75,17 +75,17 @@ namespace fw this->server->getServer().setRSACert(new BearSSL::X509List(cert), new BearSSL::PrivateKey(key)); this->server->getServer().setCache(serverCache); #endif - this->server->on("/firewall", HTTP_GET, std::bind(&API::get_firewall_rules_handler, this)); - this->server->on(UriRegex("/firewall/([0-9]+)"), HTTP_GET, std::bind(&API::get_firewall_rule_handler, this)); - this->server->on("/firewall", HTTP_POST, std::bind(&API::post_firewall_handler, this)); - this->server->on(UriRegex("/firewall/([0-9]+)"), HTTP_DELETE, std::bind(&API::delete_firewall_handler, this)); + this->server->on("/api/firewall/rules", HTTP_GET, std::bind(&API::get_firewall_rules_handler, this)); + this->server->on(UriRegex("/api/firewall/rules/([0-9]+)"), HTTP_GET, std::bind(&API::get_firewall_rule_handler, this)); + this->server->on("/api/firewall/rules", HTTP_POST, std::bind(&API::post_firewall_handler, this)); + this->server->on(UriRegex("/api/firewall/rules/([0-9]+)"), HTTP_DELETE, std::bind(&API::delete_firewall_handler, this)); this->server->on("/api", HTTP_GET, std::bind(&API::get_endpoint_list_handler, this)); this->server->onNotFound(std::bind(&API::not_found_handler, this)); - add_endpoint_to_list("/firewall", "GET", "Get all Firewall Rules"); - add_endpoint_to_list("/firewall/1", "GET", "Get Firewall Rule by key"); - add_endpoint_to_list("/firewall", "POST", "Create Firewall Rule"); - add_endpoint_to_list("/firewall/1", "DELETE", "Delete Firewall Rule by key"); + add_endpoint_to_list("/api/firewall/rules", "GET", "Get all Firewall Rules"); + add_endpoint_to_list("/api/firewall/rules/", "GET", "Get Firewall Rule by key"); + add_endpoint_to_list("/api/firewall/rules", "POST", "Create Firewall Rule"); + add_endpoint_to_list("/api/firewall/rules/", "DELETE", "Delete Firewall Rule by key"); } void API::add_endpoint_to_list(const String uri, const char *method, const char *description) @@ -152,13 +152,12 @@ namespace fw return; if (request_has_all_firewall_parameter()) { - firewall_rule_t *rule_ptr = firewall->add_rule_to_firewall( - this->server->arg("source"), - this->server->arg("destination"), - this->server->arg("port_from"), - this->server->arg("port_to"), - this->server->arg("protocol"), - this->server->arg("target")); + String args[IPV4ADDRESS_LENGTH] = {}; + for (uint8_t i = 0; i < firewall_fields_amount; i++) + { + args[i] = this->server->arg(firewall_fields[i]); + } + firewall_rule_t *rule_ptr = firewall->add_rule_to_firewall(args); this->json_generic_response(this->construct_json_firewall_rule(rule_ptr), 200); } else @@ -228,12 +227,11 @@ namespace fw { String serialized_string = "{"; serialized_string += json_new_attribute("key", rule_ptr->key); - serialized_string += json_new_attribute("source", rule_ptr->source); - serialized_string += json_new_attribute("destination", rule_ptr->destination); - serialized_string += json_new_attribute("port_from", rule_ptr->port_from); - serialized_string += json_new_attribute("port_to", rule_ptr->port_to); - serialized_string += json_new_attribute("protocol", protocol_to_string(rule_ptr->protocol)); - serialized_string += json_new_attribute("target", target_to_string(rule_ptr->target), true); + serialized_string += json_new_attribute(firewall_fields[IP], rule_ptr->ip); + serialized_string += json_new_attribute(firewall_fields[PORT_FROM], rule_ptr->port_from); + serialized_string += json_new_attribute(firewall_fields[PORT_TO], rule_ptr->port_to); + serialized_string += json_new_attribute(firewall_fields[PROTOCOL], protocol_to_string(rule_ptr->protocol)); + serialized_string += json_new_attribute(firewall_fields[TARGET], target_to_string(rule_ptr->target), true); serialized_string += "}"; return serialized_string; } diff --git a/ESPFirewall/lib/Firewall/src/Firewall.cpp b/ESPFirewall/lib/Firewall/src/Firewall.cpp index 5925cbe..7bcb501 100644 --- a/ESPFirewall/lib/Firewall/src/Firewall.cpp +++ b/ESPFirewall/lib/Firewall/src/Firewall.cpp @@ -40,17 +40,16 @@ namespace fw rule_ptr->next = NULL; } - firewall_rule_t *Firewall::add_rule_to_firewall(String source, String destination, String port_from, String port_to, String protocol, String target) + firewall_rule_t *Firewall::add_rule_to_firewall(String *args) { firewall_rule_t *rule_ptr = (firewall_rule_t *)malloc(sizeof(firewall_rule_t)); rule_ptr->key = ++this->amount_of_rules; - strncpy(rule_ptr->source, source.c_str(), sizeof(rule_ptr->source)); - strncpy(rule_ptr->destination, destination.c_str(), sizeof(rule_ptr->destination)); - rule_ptr->port_from = port_from.toInt(); - rule_ptr->port_to = port_to.toInt(); - rule_ptr->protocol = string_to_protocol(protocol); - rule_ptr->target = string_to_target(target); + strncpy(rule_ptr->ip, args[IP].c_str(), sizeof(rule_ptr->ip)); + rule_ptr->port_from = args[PORT_FROM].toInt(); + rule_ptr->port_to = args[PORT_TO].toInt(); + rule_ptr->protocol = string_to_protocol(args[PROTOCOL]); + rule_ptr->target = string_to_target(args[TARGET]); add_rule_to_firewall(rule_ptr); return rule_ptr; @@ -116,7 +115,7 @@ namespace fw firewall_rule_t *rule_ptr = this->rule_head; while (rule_ptr != NULL) { - if (strncmp(ip, rule_ptr->source, IPV4ADDRESS_LENGTH) == 0) + if (strncmp(ip, rule_ptr->ip, IPV4ADDRESS_LENGTH) == 0) { if (rule_ptr->port_from <= port && port <= rule_ptr->port_to) return true; diff --git a/ESPFirewall/lib/Firewall/src/Firewall.hpp b/ESPFirewall/lib/Firewall/src/Firewall.hpp index 59976f6..eeb6b9c 100644 --- a/ESPFirewall/lib/Firewall/src/Firewall.hpp +++ b/ESPFirewall/lib/Firewall/src/Firewall.hpp @@ -15,7 +15,7 @@ namespace fw firewall_rule_t *get_rule_head(); void add_rule_to_firewall(firewall_rule_t *rule_ptr, const bool save_in_eeprom = true); - firewall_rule_t *add_rule_to_firewall(String source, String destination, String port_from, String port_to, String protocol, String target); + firewall_rule_t *add_rule_to_firewall(String *args); firewall_rule_t *get_rule_from_firewall(const uint8_t key); ok_t delete_rule_from_firewall(const uint8_t key); diff --git a/ESPFirewall/lib/Firewall/src/Storage.cpp b/ESPFirewall/lib/Firewall/src/Storage.cpp index f4e56c2..5b7acc0 100644 --- a/ESPFirewall/lib/Firewall/src/Storage.cpp +++ b/ESPFirewall/lib/Firewall/src/Storage.cpp @@ -25,8 +25,7 @@ namespace fw #ifdef ESP8266 firewall_rule_t rule; uint8_t total_space_needed = 0; - total_space_needed += sizeof(rule.source); - total_space_needed += sizeof(rule.destination); + total_space_needed += sizeof(rule.ip); total_space_needed += sizeof(rule.port_from); total_space_needed += sizeof(rule.port_to); total_space_needed += sizeof(rule.target); @@ -87,26 +86,20 @@ namespace fw sprintf(rulename, "fwRule%i", key); this->memory.begin(rulename, true); - strncpy(rule_ptr->source, this->memory.getString("source", "0.0.0.0").c_str(), sizeof(rule_ptr->source)); - strncpy(rule_ptr->destination, this->memory.getString("destination", "0.0.0.0").c_str(), sizeof(rule_ptr->source)); - rule_ptr->port_from = this->memory.getUChar("port_from", 0); - rule_ptr->port_to = this->memory.getUChar("port_to", 0); - rule_ptr->protocol = static_cast(this->memory.getUChar("protocol", PROTOCOL_ALL)); - rule_ptr->target = static_cast(this->memory.getUChar("target", TARGET_REJECT)); + strncpy(rule_ptr->source, this->memory.getString(firewall_fields[IP], "0.0.0.0").c_str(), sizeof(rule_ptr->source)); + rule_ptr->port_from = this->memory.getUChar(firewall_fields[PORT_FROM], 0); + rule_ptr->port_to = this->memory.getUChar(firewall_fields[PORT_TO], 0); + rule_ptr->protocol = static_cast(this->memory.getUChar(firewall_fields[PROTOCOL], PROTOCOL_ALL)); + rule_ptr->target = static_cast(this->memory.getUChar(firewall_fields[TARGET], TARGET_REJECT)); this->memory.end(); #elif defined(ESP8266) uint16_t eespom_position = eeprom_rule_position(key); const char source[IPV4ADDRESS_LENGTH] = ""; - const char destination[IPV4ADDRESS_LENGTH] = ""; EEPROM.get(eespom_position, source); - strncpy(rule_ptr->source, source, sizeof(rule_ptr->source)); - eespom_position += sizeof(rule_ptr->source); - - EEPROM.get(eespom_position, destination); - strncpy(rule_ptr->destination, destination, sizeof(rule_ptr->destination)); - eespom_position += sizeof(rule_ptr->destination); + strncpy(rule_ptr->ip, source, sizeof(rule_ptr->ip)); + eespom_position += sizeof(rule_ptr->ip); rule_ptr->port_from = EEPROM.read(eespom_position); eespom_position += sizeof(rule_ptr->port_from); @@ -141,21 +134,18 @@ namespace fw sprintf(rulename, "fwRule%i", rule_ptr->key); this->memory.begin(rulename, false); - this->memory.putString("source", rule_ptr->source); - this->memory.putString("destination", rule_ptr->destination); - this->memory.putUChar("port_from", rule_ptr->port_from); - this->memory.putUChar("port_to", rule_ptr->port_to); - this->memory.putUChar("protocol", rule_ptr->protocol); - this->memory.putUChar("target", rule_ptr->target); + this->memory.putString(firewall_fields[IP], rule_ptr->ip); + this->memory.putUChar(firewall_fields[PORT_FROM], rule_ptr->port_from); + this->memory.putUChar(firewall_fields[PORT_TO], rule_ptr->port_to); + this->memory.putUChar(firewall_fields[PROTOCOL], rule_ptr->protocol); + this->memory.putUChar(firewall_fields[TARGET], rule_ptr->target); this->memory.end(); #elif defined(ESP8266) uint16_t eespom_position = eeprom_rule_position(rule_ptr->key); - EEPROM.put(eespom_position, rule_ptr->source); - eespom_position += sizeof(rule_ptr->source); - EEPROM.put(eespom_position, rule_ptr->destination); - eespom_position += sizeof(rule_ptr->destination); + EEPROM.put(eespom_position, rule_ptr->ip); + eespom_position += sizeof(rule_ptr->ip); EEPROM.put(eespom_position, rule_ptr->port_from); eespom_position += sizeof(rule_ptr->port_from); EEPROM.put(eespom_position, rule_ptr->port_to); diff --git a/ESPFirewall/lib/Firewall/src/Utils.hpp b/ESPFirewall/lib/Firewall/src/Utils.hpp index ec19025..b7f1426 100644 --- a/ESPFirewall/lib/Firewall/src/Utils.hpp +++ b/ESPFirewall/lib/Firewall/src/Utils.hpp @@ -37,8 +37,7 @@ namespace fw typedef struct firewall_rules { uint8_t key; - char source[IPV4ADDRESS_LENGTH]; - char destination[IPV4ADDRESS_LENGTH]; + char ip[IPV4ADDRESS_LENGTH]; uint32_t port_from; // port can be max 65565 uint32_t port_to; // range of uint16_t: 0 to 65535 firewall_protocol_t protocol; @@ -46,15 +45,22 @@ namespace fw struct firewall_rules *next; } firewall_rule_t; - static const uint8_t firewall_fields_amount = 6; - const char firewall_fields[firewall_fields_amount][12] = { - "source", - "destination", + static const uint8_t firewall_fields_amount = 5; + const char firewall_fields[firewall_fields_amount][10] = { + "ip", "port_from", "port_to", "protocol", "target", }; + typedef enum firewall_fields : uint8_t + { + IP, + PORT_FROM, + PORT_TO, + PROTOCOL, + TARGET, + } firewall_fields_t; static const uint8_t CREDENTIALS_LENGTH = 32; typedef struct credentials @@ -65,7 +71,7 @@ namespace fw typedef struct api_endpoints { - char uri[40]; + char uri[60]; char method[7]; char description[30]; struct api_endpoints *next;