HS-Esslingen/esp-firewall
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

More docu

Browse source
This commit is contained in:
Florian Hoss 2022-07-19 11:51:23 +02:00
parent c6c6ef4677
commit 4f2608e34e
2 changed files with 102 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

70
ESPFirewall/lib/Firewall/docs/api/api.tex Normal file
View file

@ -0,0 +1,70 @@
\section{API} \label{api}
Managing the firewall rules can be done over a rest api. Available routes are following and can be retrieved by visiting the API (e.g. \verb|https://10.93.0.224:8080/api|) of the device.
\lstset{style=json}
\begin{lstlisting}
[
{
"endpoint": "https://10.93.0.224:8080/api/firewall/rules",
"description": "Get all Firewall Rules",
"method": "GET"
},
{
"endpoint": "https://10.93.0.224:8080/api/firewall/rules/<key>",
"description": "Get Firewall Rule by key",
"method": "GET"
},
{
"endpoint": "https://10.93.0.224:8080/api/firewall/rules",
"description": "Create Firewall Rule",
"method": "POST"
},
{
"endpoint": "https://10.93.0.224:8080/api/firewall/rules/<key>",
"description": "Delete Firewall Rule by key",
"method": "DELETE"
}
]
\end{lstlisting}
\subsection{Create firewall rule}
To create a firewall rule with a POST request, query parameter for each field are required:
\verb|?ip=10.93.0.211&port_from=22&port_to=80&protocol=TCP&target=REJECT|
The response will be the created rule with its parameter.
\lstset{style=json}
\begin{lstlisting}
{
"key": "1",
"ip": "10.93.0.211",
"port_from": "22",
"port_to": "80",
"protocol": "TCP",
"target": "REJECT"
}
\end{lstlisting}
Available protocols are \verb|TCP, UDP & ALL|
Available targets are \verb|REJECT, ACCEPT & DROP|
\newpage
\subsection{Authentication}
To authenticate the API uses basic auth. Communication is therefor encrypted to protect the process from eavesdropping. Setting the username and password is done via the constructor of the api class. To create the api class to setup the firewall rules a firewall class instance is needed.
\lstset{style=c++}
\begin{lstlisting}
#include "Firewall.hpp"
#include "API.hpp"
firewall = new fw::Firewall();
firewallApi = new fw::API(firewall, cert, key, username, password);
\end{lstlisting}
After this all endpoints shown in section \ref{api} will be protected.

33
ESPFirewall/lib/Firewall/docs/main.tex
View file

@ -29,13 +29,43 @@
\lstdefinestyle{c++}{ \lstdefinestyle{c++}{
language=C++, language=C++,
directivestyle={\color{codepurple}}, directivestyle={\color{codepurple}},
emph={firewall_rule_t,uint8_t}, emph={firewall_rule_t,uint8_t,fw,Firewall,API},
emphstyle={\color{codegreen}}, emphstyle={\color{codegreen}},
} }
\lstdefinestyle{platform-io}{ \lstdefinestyle{platform-io}{
emph={platformio,esp32,esp8266,arduino}, emph={platformio,esp32,esp8266,arduino},
emphstyle={\color{codegreen}}, emphstyle={\color{codegreen}},
} }
\definecolor{delim}{RGB}{20,105,176}
\definecolor{numb}{RGB}{106, 109, 32}
\definecolor{string}{rgb}{0.64,0.08,0.08}
\lstdefinestyle{json}{
rulecolor=\color{black},
showspaces=false,
showtabs=false,
breaklines=true,
postbreak=\raisebox{0ex}[0ex][0ex]{\ensuremath{\color{gray}\hookrightarrow\space}},
breakatwhitespace=true,
basicstyle=\ttfamily\small,
upquote=true,
morestring=[b]",
stringstyle=\color{string},
literate=
*{0}{{{\color{numb}0}}}{1}
{1}{{{\color{numb}1}}}{1}
{2}{{{\color{numb}2}}}{1}
{3}{{{\color{numb}3}}}{1}
{4}{{{\color{numb}4}}}{1}
{5}{{{\color{numb}5}}}{1}
{6}{{{\color{numb}6}}}{1}
{7}{{{\color{numb}7}}}{1}
{8}{{{\color{numb}8}}}{1}
{9}{{{\color{numb}9}}}{1}
{\{}{{{\color{delim}{\{}}}}{1}
{\}}{{{\color{delim}{\}}}}}{1}
{[}{{{\color{delim}{[}}}}{1}
{]}{{{\color{delim}{]}}}}{1},
}
\setuptoc{toc}{totoc} \setuptoc{toc}{totoc}
@ -89,6 +119,7 @@
\listoffigures \listoffigures
\include{firststeps/firststeps} \include{firststeps/firststeps}
\include{storage/storage} \include{storage/storage}
\include{api/api}
\printbibliography[title=Bibliography] \printbibliography[title=Bibliography]