HS-Esslingen/esp-firewall
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

adding port to firewall rule

Browse source
This commit is contained in:
Florian Hoss 2022-05-02 20:20:29 +02:00
parent bbebb4060e
commit 84991434ec
6 changed files with 121 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

6
ESPFirewall/lib/Firewall/src/API.cpp
View file

@ -157,6 +157,8 @@ namespace fw
firewall_rule_t *rule_ptr = add_rule_to_firewall( firewall_rule_t *rule_ptr = add_rule_to_firewall(
this->server->arg("source"), this->server->arg("source"),
this->server->arg("destination"), this->server->arg("destination"),
this->server->arg("port_from"),
this->server->arg("port_to"),
this->server->arg("protocol"), this->server->arg("protocol"),
this->server->arg("target")); this->server->arg("target"));
this->json_generic_response(this->construct_json_firewall_rule(rule_ptr), 200); this->json_generic_response(this->construct_json_firewall_rule(rule_ptr), 200);
@ -188,6 +190,8 @@ namespace fw
return this->server->hasArg("source") || return this->server->hasArg("source") ||
this->server->hasArg("destination") || this->server->hasArg("destination") ||
this->server->hasArg("protocol") || this->server->hasArg("protocol") ||
this->server->hasArg("port_from") ||
this->server->hasArg("port_to") ||
this->server->hasArg("target"); this->server->hasArg("target");
} }
} }
@ -228,6 +232,8 @@ namespace fw
serialized_string += json_new_attribute("key", rule_ptr->key); serialized_string += json_new_attribute("key", rule_ptr->key);
serialized_string += json_new_attribute("source", rule_ptr->source); serialized_string += json_new_attribute("source", rule_ptr->source);
serialized_string += json_new_attribute("destination", rule_ptr->destination); serialized_string += json_new_attribute("destination", rule_ptr->destination);
serialized_string += json_new_attribute("port_from", rule_ptr->destination);
serialized_string += json_new_attribute("port_to", rule_ptr->destination);
serialized_string += json_new_attribute("protocol", protocol_to_string(rule_ptr->protocol)); serialized_string += json_new_attribute("protocol", protocol_to_string(rule_ptr->protocol));
serialized_string += json_new_attribute("target", target_to_string(rule_ptr->target), true); serialized_string += json_new_attribute("target", target_to_string(rule_ptr->target), true);
serialized_string += "}"; serialized_string += "}";

13
ESPFirewall/lib/Firewall/src/API.hpp
View file

@ -14,14 +14,6 @@
namespace fw namespace fw
{ {
typedef struct api_endpoints
{
char uri[40];
char method[7];
char description[30];
struct api_endpoints *next;
} api_endpoint_t;
class API : public Rules class API : public Rules
{ {
private: private:
@ -62,6 +54,11 @@ namespace fw
uint16_t server_port; uint16_t server_port;
void handle_client(); void handle_client();
String get_url_base(); String get_url_base();
String protocol_to_string(firewall_protocol_t &protocol);
firewall_protocol_t string_to_protocol(String &protocol);
String target_to_string(firewall_target_t &target);
firewall_target_t string_to_target(String &target);
String response_code_to_string(const uint16_t response_code);
public: public:
API(const char *cert, const char *key, const char *username, const char *password, const String ip, const uint16_t port); API(const char *cert, const char *key, const char *username, const char *password, const String ip, const uint16_t port);

11
ESPFirewall/lib/Firewall/src/Rules.cpp
View file

@ -38,14 +38,21 @@ namespace fw
rule_ptr->next = NULL; rule_ptr->next = NULL;
} }
firewall_rule_t *Rules::add_rule_to_firewall(String source, String destination, String protocol, String target) firewall_rule_t *Rules::add_rule_to_firewall(
String source,
String destination,
String port_from,
String port_to,
String protocol,
String target)
{ {
firewall_rule_t *rule_ptr = (firewall_rule_t *)malloc(sizeof(firewall_rule_t)); firewall_rule_t *rule_ptr = (firewall_rule_t *)malloc(sizeof(firewall_rule_t));
rule_ptr->key = ++amount_of_rules; rule_ptr->key = ++amount_of_rules;
strncpy(rule_ptr->source, source.c_str(), sizeof(rule_ptr->source)); strncpy(rule_ptr->source, source.c_str(), sizeof(rule_ptr->source));
strncpy(rule_ptr->destination, destination.c_str(), sizeof(rule_ptr->destination)); strncpy(rule_ptr->destination, destination.c_str(), sizeof(rule_ptr->destination));
rule_ptr->port_from = port_from.toInt();
rule_ptr->port_to = port_to.toInt();
rule_ptr->protocol = string_to_protocol(protocol); rule_ptr->protocol = string_to_protocol(protocol);
rule_ptr->target = string_to_target(target); rule_ptr->target = string_to_target(target);

2
ESPFirewall/lib/Firewall/src/Rules.hpp
View file

@ -13,7 +13,7 @@ namespace fw
firewall_rule_t *rule_head = NULL; firewall_rule_t *rule_head = NULL;
void add_rule_to_firewall(firewall_rule_t *); void add_rule_to_firewall(firewall_rule_t *);
firewall_rule_t *add_rule_to_firewall(String source, String destination, String protocol, String target); firewall_rule_t *add_rule_to_firewall(String, String, String, String, String, String);
firewall_rule_t *get_rule_from_firewall(uint8_t); firewall_rule_t *get_rule_from_firewall(uint8_t);
ok_t delete_rule_from_firewall(uint8_t); ok_t delete_rule_from_firewall(uint8_t);

82
ESPFirewall/lib/Firewall/src/Utils.cpp
View file

@ -52,16 +52,88 @@ namespace fw
{ {
switch (response_code) switch (response_code)
{ {
case 100:
return F("Continue");
case 101:
return F("Switching Protocols");
case 200: case 200:
return "success"; return F("OK");
case 201:
return F("Created");
case 202:
return F("Accepted");
case 203:
return F("Non-Authoritative Information");
case 204:
return F("No Content");
case 205:
return F("Reset Content");
case 206:
return F("Partial Content");
case 300:
return F("Multiple Choices");
case 301:
return F("Moved Permanently");
case 302:
return F("Found");
case 303:
return F("See Other");
case 304:
return F("Not Modified");
case 305:
return F("Use Proxy");
case 307:
return F("Temporary Redirect");
case 400:
return F("Bad Request");
case 401:
return F("Unauthorized");
case 402:
return F("Payment Required");
case 403: case 403:
return "unauthorized"; return F("Forbidden");
case 404: case 404:
return "not found"; return F("Not Found");
case 405:
return F("Method Not Allowed");
case 406:
return F("Not Acceptable");
case 407:
return F("Proxy Authentication Required");
case 408:
return F("Request Time-out");
case 409:
return F("Conflict");
case 410:
return F("Gone");
case 411:
return F("Length Required");
case 412:
return F("Precondition Failed");
case 413:
return F("Request Entity Too Large");
case 414:
return F("Request-URI Too Large");
case 415:
return F("Unsupported Media Type");
case 416:
return F("Requested range not satisfiable");
case 417:
return F("Expectation Failed");
case 500: case 500:
return "server error"; return F("Internal Server Error");
case 501:
return F("Not Implemented");
case 502:
return F("Bad Gateway");
case 503:
return F("Service Unavailable");
case 504:
return F("Gateway Time-out");
case 505:
return F("HTTP Version not supported");
default: default:
return "unknown error"; return F("");
} }
} }

26
ESPFirewall/lib/Firewall/src/Utils.hpp
View file

@ -6,9 +6,6 @@
namespace fw namespace fw
{ {
static const uint8_t IPV4ADDRESS_LENGTH = 16;
static const uint8_t CREDENTIALS_LENGTH = 32;
typedef enum firewall_targets : uint8_t typedef enum firewall_targets : uint8_t
{ {
TARGET_REJECT = 0, TARGET_REJECT = 0,
@ -36,22 +33,45 @@ namespace fw
DENIED = 1, DENIED = 1,
} auth_t; } auth_t;
static const uint8_t IPV4ADDRESS_LENGTH = 16;
typedef struct firewall_rules typedef struct firewall_rules
{ {
uint8_t key; uint8_t key;
char source[IPV4ADDRESS_LENGTH]; char source[IPV4ADDRESS_LENGTH];
char destination[IPV4ADDRESS_LENGTH]; char destination[IPV4ADDRESS_LENGTH];
uint16_t port_from; // port is max 65565
uint16_t port_to;
firewall_protocol_t protocol; firewall_protocol_t protocol;
firewall_target_t target; firewall_target_t target;
struct firewall_rules *next; struct firewall_rules *next;
} firewall_rule_t; } firewall_rule_t;
const byte numChars = 12;
const char firewall_fields[][numChars] = {
"key",
"source",
"destination",
"port_from",
"port_to",
"protocol",
"target",
};
static const uint8_t CREDENTIALS_LENGTH = 32;
typedef struct credentials typedef struct credentials
{ {
char password[CREDENTIALS_LENGTH]; char password[CREDENTIALS_LENGTH];
char username[CREDENTIALS_LENGTH]; char username[CREDENTIALS_LENGTH];
} credential_t; } credential_t;
typedef struct api_endpoints
{
char uri[40];
char method[7];
char description[30];
struct api_endpoints *next;
} api_endpoint_t;
String protocol_to_string(firewall_protocol_t &protocol); String protocol_to_string(firewall_protocol_t &protocol);
firewall_protocol_t string_to_protocol(String &protocol); firewall_protocol_t string_to_protocol(String &protocol);
String target_to_string(firewall_target_t &target); String target_to_string(firewall_target_t &target);