simplify
This commit is contained in:
Florian Hoss
parent
1f2cb6e021
commit
265e0562f8
5 changed files with 55 additions and 62 deletions
|
|
@ -75,17 +75,17 @@ namespace fw
|
|||
this->server->getServer().setRSACert(new BearSSL::X509List(cert), new BearSSL::PrivateKey(key));
|
||||
this->server->getServer().setCache(serverCache);
|
||||
#endif
|
||||
this->server->on("/firewall", HTTP_GET, std::bind(&API::get_firewall_rules_handler, this));
|
||||
this->server->on(UriRegex("/firewall/([0-9]+)"), HTTP_GET, std::bind(&API::get_firewall_rule_handler, this));
|
||||
this->server->on("/firewall", HTTP_POST, std::bind(&API::post_firewall_handler, this));
|
||||
this->server->on(UriRegex("/firewall/([0-9]+)"), HTTP_DELETE, std::bind(&API::delete_firewall_handler, this));
|
||||
this->server->on("/api/firewall/rules", HTTP_GET, std::bind(&API::get_firewall_rules_handler, this));
|
||||
this->server->on(UriRegex("/api/firewall/rules/([0-9]+)"), HTTP_GET, std::bind(&API::get_firewall_rule_handler, this));
|
||||
this->server->on("/api/firewall/rules", HTTP_POST, std::bind(&API::post_firewall_handler, this));
|
||||
this->server->on(UriRegex("/api/firewall/rules/([0-9]+)"), HTTP_DELETE, std::bind(&API::delete_firewall_handler, this));
|
||||
this->server->on("/api", HTTP_GET, std::bind(&API::get_endpoint_list_handler, this));
|
||||
this->server->onNotFound(std::bind(&API::not_found_handler, this));
|
||||
|
||||
add_endpoint_to_list("/firewall", "GET", "Get all Firewall Rules");
|
||||
add_endpoint_to_list("/firewall/1", "GET", "Get Firewall Rule by key");
|
||||
add_endpoint_to_list("/firewall", "POST", "Create Firewall Rule");
|
||||
add_endpoint_to_list("/firewall/1", "DELETE", "Delete Firewall Rule by key");
|
||||
add_endpoint_to_list("/api/firewall/rules", "GET", "Get all Firewall Rules");
|
||||
add_endpoint_to_list("/api/firewall/rules/<key>", "GET", "Get Firewall Rule by key");
|
||||
add_endpoint_to_list("/api/firewall/rules", "POST", "Create Firewall Rule");
|
||||
add_endpoint_to_list("/api/firewall/rules/<key>", "DELETE", "Delete Firewall Rule by key");
|
||||
}
|
||||
|
||||
void API::add_endpoint_to_list(const String uri, const char *method, const char *description)
|
||||
|
|
@ -152,13 +152,12 @@ namespace fw
|
|||
return;
|
||||
if (request_has_all_firewall_parameter())
|
||||
{
|
||||
firewall_rule_t *rule_ptr = firewall->add_rule_to_firewall(
|
||||
this->server->arg("source"),
|
||||
this->server->arg("destination"),
|
||||
this->server->arg("port_from"),
|
||||
this->server->arg("port_to"),
|
||||
this->server->arg("protocol"),
|
||||
this->server->arg("target"));
|
||||
String args[IPV4ADDRESS_LENGTH] = {};
|
||||
for (uint8_t i = 0; i < firewall_fields_amount; i++)
|
||||
{
|
||||
args[i] = this->server->arg(firewall_fields[i]);
|
||||
}
|
||||
firewall_rule_t *rule_ptr = firewall->add_rule_to_firewall(args);
|
||||
this->json_generic_response(this->construct_json_firewall_rule(rule_ptr), 200);
|
||||
}
|
||||
else
|
||||
|
|
@ -228,12 +227,11 @@ namespace fw
|
|||
{
|
||||
String serialized_string = "{";
|
||||
serialized_string += json_new_attribute("key", rule_ptr->key);
|
||||
serialized_string += json_new_attribute("source", rule_ptr->source);
|
||||
serialized_string += json_new_attribute("destination", rule_ptr->destination);
|
||||
serialized_string += json_new_attribute("port_from", rule_ptr->port_from);
|
||||
serialized_string += json_new_attribute("port_to", rule_ptr->port_to);
|
||||
serialized_string += json_new_attribute("protocol", protocol_to_string(rule_ptr->protocol));
|
||||
serialized_string += json_new_attribute("target", target_to_string(rule_ptr->target), true);
|
||||
serialized_string += json_new_attribute(firewall_fields[IP], rule_ptr->ip);
|
||||
serialized_string += json_new_attribute(firewall_fields[PORT_FROM], rule_ptr->port_from);
|
||||
serialized_string += json_new_attribute(firewall_fields[PORT_TO], rule_ptr->port_to);
|
||||
serialized_string += json_new_attribute(firewall_fields[PROTOCOL], protocol_to_string(rule_ptr->protocol));
|
||||
serialized_string += json_new_attribute(firewall_fields[TARGET], target_to_string(rule_ptr->target), true);
|
||||
serialized_string += "}";
|
||||
return serialized_string;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -40,17 +40,16 @@ namespace fw
|
|||
rule_ptr->next = NULL;
|
||||
}
|
||||
|
||||
firewall_rule_t *Firewall::add_rule_to_firewall(String source, String destination, String port_from, String port_to, String protocol, String target)
|
||||
firewall_rule_t *Firewall::add_rule_to_firewall(String *args)
|
||||
{
|
||||
firewall_rule_t *rule_ptr = (firewall_rule_t *)malloc(sizeof(firewall_rule_t));
|
||||
rule_ptr->key = ++this->amount_of_rules;
|
||||
|
||||
strncpy(rule_ptr->source, source.c_str(), sizeof(rule_ptr->source));
|
||||
strncpy(rule_ptr->destination, destination.c_str(), sizeof(rule_ptr->destination));
|
||||
rule_ptr->port_from = port_from.toInt();
|
||||
rule_ptr->port_to = port_to.toInt();
|
||||
rule_ptr->protocol = string_to_protocol(protocol);
|
||||
rule_ptr->target = string_to_target(target);
|
||||
strncpy(rule_ptr->ip, args[IP].c_str(), sizeof(rule_ptr->ip));
|
||||
rule_ptr->port_from = args[PORT_FROM].toInt();
|
||||
rule_ptr->port_to = args[PORT_TO].toInt();
|
||||
rule_ptr->protocol = string_to_protocol(args[PROTOCOL]);
|
||||
rule_ptr->target = string_to_target(args[TARGET]);
|
||||
|
||||
add_rule_to_firewall(rule_ptr);
|
||||
return rule_ptr;
|
||||
|
|
@ -116,7 +115,7 @@ namespace fw
|
|||
firewall_rule_t *rule_ptr = this->rule_head;
|
||||
while (rule_ptr != NULL)
|
||||
{
|
||||
if (strncmp(ip, rule_ptr->source, IPV4ADDRESS_LENGTH) == 0)
|
||||
if (strncmp(ip, rule_ptr->ip, IPV4ADDRESS_LENGTH) == 0)
|
||||
{
|
||||
if (rule_ptr->port_from <= port && port <= rule_ptr->port_to)
|
||||
return true;
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ namespace fw
|
|||
|
||||
firewall_rule_t *get_rule_head();
|
||||
void add_rule_to_firewall(firewall_rule_t *rule_ptr, const bool save_in_eeprom = true);
|
||||
firewall_rule_t *add_rule_to_firewall(String source, String destination, String port_from, String port_to, String protocol, String target);
|
||||
firewall_rule_t *add_rule_to_firewall(String *args);
|
||||
firewall_rule_t *get_rule_from_firewall(const uint8_t key);
|
||||
ok_t delete_rule_from_firewall(const uint8_t key);
|
||||
|
||||
|
|
|
|||
|
|
@ -25,8 +25,7 @@ namespace fw
|
|||
#ifdef ESP8266
|
||||
firewall_rule_t rule;
|
||||
uint8_t total_space_needed = 0;
|
||||
total_space_needed += sizeof(rule.source);
|
||||
total_space_needed += sizeof(rule.destination);
|
||||
total_space_needed += sizeof(rule.ip);
|
||||
total_space_needed += sizeof(rule.port_from);
|
||||
total_space_needed += sizeof(rule.port_to);
|
||||
total_space_needed += sizeof(rule.target);
|
||||
|
|
@ -87,26 +86,20 @@ namespace fw
|
|||
sprintf(rulename, "fwRule%i", key);
|
||||
|
||||
this->memory.begin(rulename, true);
|
||||
strncpy(rule_ptr->source, this->memory.getString("source", "0.0.0.0").c_str(), sizeof(rule_ptr->source));
|
||||
strncpy(rule_ptr->destination, this->memory.getString("destination", "0.0.0.0").c_str(), sizeof(rule_ptr->source));
|
||||
rule_ptr->port_from = this->memory.getUChar("port_from", 0);
|
||||
rule_ptr->port_to = this->memory.getUChar("port_to", 0);
|
||||
rule_ptr->protocol = static_cast<firewall_protocol_t>(this->memory.getUChar("protocol", PROTOCOL_ALL));
|
||||
rule_ptr->target = static_cast<firewall_target_t>(this->memory.getUChar("target", TARGET_REJECT));
|
||||
strncpy(rule_ptr->source, this->memory.getString(firewall_fields[IP], "0.0.0.0").c_str(), sizeof(rule_ptr->source));
|
||||
rule_ptr->port_from = this->memory.getUChar(firewall_fields[PORT_FROM], 0);
|
||||
rule_ptr->port_to = this->memory.getUChar(firewall_fields[PORT_TO], 0);
|
||||
rule_ptr->protocol = static_cast<firewall_protocol_t>(this->memory.getUChar(firewall_fields[PROTOCOL], PROTOCOL_ALL));
|
||||
rule_ptr->target = static_cast<firewall_target_t>(this->memory.getUChar(firewall_fields[TARGET], TARGET_REJECT));
|
||||
this->memory.end();
|
||||
|
||||
#elif defined(ESP8266)
|
||||
uint16_t eespom_position = eeprom_rule_position(key);
|
||||
const char source[IPV4ADDRESS_LENGTH] = "";
|
||||
const char destination[IPV4ADDRESS_LENGTH] = "";
|
||||
|
||||
EEPROM.get(eespom_position, source);
|
||||
strncpy(rule_ptr->source, source, sizeof(rule_ptr->source));
|
||||
eespom_position += sizeof(rule_ptr->source);
|
||||
|
||||
EEPROM.get(eespom_position, destination);
|
||||
strncpy(rule_ptr->destination, destination, sizeof(rule_ptr->destination));
|
||||
eespom_position += sizeof(rule_ptr->destination);
|
||||
strncpy(rule_ptr->ip, source, sizeof(rule_ptr->ip));
|
||||
eespom_position += sizeof(rule_ptr->ip);
|
||||
|
||||
rule_ptr->port_from = EEPROM.read(eespom_position);
|
||||
eespom_position += sizeof(rule_ptr->port_from);
|
||||
|
|
@ -141,21 +134,18 @@ namespace fw
|
|||
sprintf(rulename, "fwRule%i", rule_ptr->key);
|
||||
|
||||
this->memory.begin(rulename, false);
|
||||
this->memory.putString("source", rule_ptr->source);
|
||||
this->memory.putString("destination", rule_ptr->destination);
|
||||
this->memory.putUChar("port_from", rule_ptr->port_from);
|
||||
this->memory.putUChar("port_to", rule_ptr->port_to);
|
||||
this->memory.putUChar("protocol", rule_ptr->protocol);
|
||||
this->memory.putUChar("target", rule_ptr->target);
|
||||
this->memory.putString(firewall_fields[IP], rule_ptr->ip);
|
||||
this->memory.putUChar(firewall_fields[PORT_FROM], rule_ptr->port_from);
|
||||
this->memory.putUChar(firewall_fields[PORT_TO], rule_ptr->port_to);
|
||||
this->memory.putUChar(firewall_fields[PROTOCOL], rule_ptr->protocol);
|
||||
this->memory.putUChar(firewall_fields[TARGET], rule_ptr->target);
|
||||
|
||||
this->memory.end();
|
||||
#elif defined(ESP8266)
|
||||
uint16_t eespom_position = eeprom_rule_position(rule_ptr->key);
|
||||
|
||||
EEPROM.put(eespom_position, rule_ptr->source);
|
||||
eespom_position += sizeof(rule_ptr->source);
|
||||
EEPROM.put(eespom_position, rule_ptr->destination);
|
||||
eespom_position += sizeof(rule_ptr->destination);
|
||||
EEPROM.put(eespom_position, rule_ptr->ip);
|
||||
eespom_position += sizeof(rule_ptr->ip);
|
||||
EEPROM.put(eespom_position, rule_ptr->port_from);
|
||||
eespom_position += sizeof(rule_ptr->port_from);
|
||||
EEPROM.put(eespom_position, rule_ptr->port_to);
|
||||
|
|
|
|||
|
|
@ -37,8 +37,7 @@ namespace fw
|
|||
typedef struct firewall_rules
|
||||
{
|
||||
uint8_t key;
|
||||
char source[IPV4ADDRESS_LENGTH];
|
||||
char destination[IPV4ADDRESS_LENGTH];
|
||||
char ip[IPV4ADDRESS_LENGTH];
|
||||
uint32_t port_from; // port can be max 65565
|
||||
uint32_t port_to; // range of uint16_t: 0 to 65535
|
||||
firewall_protocol_t protocol;
|
||||
|
|
@ -46,15 +45,22 @@ namespace fw
|
|||
struct firewall_rules *next;
|
||||
} firewall_rule_t;
|
||||
|
||||
static const uint8_t firewall_fields_amount = 6;
|
||||
const char firewall_fields[firewall_fields_amount][12] = {
|
||||
"source",
|
||||
"destination",
|
||||
static const uint8_t firewall_fields_amount = 5;
|
||||
const char firewall_fields[firewall_fields_amount][10] = {
|
||||
"ip",
|
||||
"port_from",
|
||||
"port_to",
|
||||
"protocol",
|
||||
"target",
|
||||
};
|
||||
typedef enum firewall_fields : uint8_t
|
||||
{
|
||||
IP,
|
||||
PORT_FROM,
|
||||
PORT_TO,
|
||||
PROTOCOL,
|
||||
TARGET,
|
||||
} firewall_fields_t;
|
||||
|
||||
static const uint8_t CREDENTIALS_LENGTH = 32;
|
||||
typedef struct credentials
|
||||
|
|
@ -65,7 +71,7 @@ namespace fw
|
|||
|
||||
typedef struct api_endpoints
|
||||
{
|
||||
char uri[40];
|
||||
char uri[60];
|
||||
char method[7];
|
||||
char description[30];
|
||||
struct api_endpoints *next;
|
||||
|
|
|
|||
Reference in a new issue