adding port to firewall rule
This commit is contained in:
Florian Hoss
parent
bbebb4060e
commit
84991434ec
6 changed files with 121 additions and 19 deletions
|
|
@ -157,6 +157,8 @@ namespace fw
|
|||
firewall_rule_t *rule_ptr = add_rule_to_firewall(
|
||||
this->server->arg("source"),
|
||||
this->server->arg("destination"),
|
||||
this->server->arg("port_from"),
|
||||
this->server->arg("port_to"),
|
||||
this->server->arg("protocol"),
|
||||
this->server->arg("target"));
|
||||
this->json_generic_response(this->construct_json_firewall_rule(rule_ptr), 200);
|
||||
|
|
@ -188,6 +190,8 @@ namespace fw
|
|||
return this->server->hasArg("source") ||
|
||||
this->server->hasArg("destination") ||
|
||||
this->server->hasArg("protocol") ||
|
||||
this->server->hasArg("port_from") ||
|
||||
this->server->hasArg("port_to") ||
|
||||
this->server->hasArg("target");
|
||||
}
|
||||
}
|
||||
|
|
@ -228,6 +232,8 @@ namespace fw
|
|||
serialized_string += json_new_attribute("key", rule_ptr->key);
|
||||
serialized_string += json_new_attribute("source", rule_ptr->source);
|
||||
serialized_string += json_new_attribute("destination", rule_ptr->destination);
|
||||
serialized_string += json_new_attribute("port_from", rule_ptr->destination);
|
||||
serialized_string += json_new_attribute("port_to", rule_ptr->destination);
|
||||
serialized_string += json_new_attribute("protocol", protocol_to_string(rule_ptr->protocol));
|
||||
serialized_string += json_new_attribute("target", target_to_string(rule_ptr->target), true);
|
||||
serialized_string += "}";
|
||||
|
|
|
|||
|
|
@ -14,14 +14,6 @@
|
|||
|
||||
namespace fw
|
||||
{
|
||||
typedef struct api_endpoints
|
||||
{
|
||||
char uri[40];
|
||||
char method[7];
|
||||
char description[30];
|
||||
struct api_endpoints *next;
|
||||
} api_endpoint_t;
|
||||
|
||||
class API : public Rules
|
||||
{
|
||||
private:
|
||||
|
|
@ -62,6 +54,11 @@ namespace fw
|
|||
uint16_t server_port;
|
||||
void handle_client();
|
||||
String get_url_base();
|
||||
String protocol_to_string(firewall_protocol_t &protocol);
|
||||
firewall_protocol_t string_to_protocol(String &protocol);
|
||||
String target_to_string(firewall_target_t &target);
|
||||
firewall_target_t string_to_target(String &target);
|
||||
String response_code_to_string(const uint16_t response_code);
|
||||
|
||||
public:
|
||||
API(const char *cert, const char *key, const char *username, const char *password, const String ip, const uint16_t port);
|
||||
|
|
|
|||
|
|
@ -38,14 +38,21 @@ namespace fw
|
|||
rule_ptr->next = NULL;
|
||||
}
|
||||
|
||||
firewall_rule_t *Rules::add_rule_to_firewall(String source, String destination, String protocol, String target)
|
||||
firewall_rule_t *Rules::add_rule_to_firewall(
|
||||
String source,
|
||||
String destination,
|
||||
String port_from,
|
||||
String port_to,
|
||||
String protocol,
|
||||
String target)
|
||||
{
|
||||
firewall_rule_t *rule_ptr = (firewall_rule_t *)malloc(sizeof(firewall_rule_t));
|
||||
rule_ptr->key = ++amount_of_rules;
|
||||
|
||||
strncpy(rule_ptr->source, source.c_str(), sizeof(rule_ptr->source));
|
||||
strncpy(rule_ptr->destination, destination.c_str(), sizeof(rule_ptr->destination));
|
||||
|
||||
rule_ptr->port_from = port_from.toInt();
|
||||
rule_ptr->port_to = port_to.toInt();
|
||||
rule_ptr->protocol = string_to_protocol(protocol);
|
||||
rule_ptr->target = string_to_target(target);
|
||||
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ namespace fw
|
|||
firewall_rule_t *rule_head = NULL;
|
||||
|
||||
void add_rule_to_firewall(firewall_rule_t *);
|
||||
firewall_rule_t *add_rule_to_firewall(String source, String destination, String protocol, String target);
|
||||
firewall_rule_t *add_rule_to_firewall(String, String, String, String, String, String);
|
||||
firewall_rule_t *get_rule_from_firewall(uint8_t);
|
||||
ok_t delete_rule_from_firewall(uint8_t);
|
||||
|
||||
|
|
|
|||
|
|
@ -52,16 +52,88 @@ namespace fw
|
|||
{
|
||||
switch (response_code)
|
||||
{
|
||||
case 100:
|
||||
return F("Continue");
|
||||
case 101:
|
||||
return F("Switching Protocols");
|
||||
case 200:
|
||||
return "success";
|
||||
return F("OK");
|
||||
case 201:
|
||||
return F("Created");
|
||||
case 202:
|
||||
return F("Accepted");
|
||||
case 203:
|
||||
return F("Non-Authoritative Information");
|
||||
case 204:
|
||||
return F("No Content");
|
||||
case 205:
|
||||
return F("Reset Content");
|
||||
case 206:
|
||||
return F("Partial Content");
|
||||
case 300:
|
||||
return F("Multiple Choices");
|
||||
case 301:
|
||||
return F("Moved Permanently");
|
||||
case 302:
|
||||
return F("Found");
|
||||
case 303:
|
||||
return F("See Other");
|
||||
case 304:
|
||||
return F("Not Modified");
|
||||
case 305:
|
||||
return F("Use Proxy");
|
||||
case 307:
|
||||
return F("Temporary Redirect");
|
||||
case 400:
|
||||
return F("Bad Request");
|
||||
case 401:
|
||||
return F("Unauthorized");
|
||||
case 402:
|
||||
return F("Payment Required");
|
||||
case 403:
|
||||
return "unauthorized";
|
||||
return F("Forbidden");
|
||||
case 404:
|
||||
return "not found";
|
||||
return F("Not Found");
|
||||
case 405:
|
||||
return F("Method Not Allowed");
|
||||
case 406:
|
||||
return F("Not Acceptable");
|
||||
case 407:
|
||||
return F("Proxy Authentication Required");
|
||||
case 408:
|
||||
return F("Request Time-out");
|
||||
case 409:
|
||||
return F("Conflict");
|
||||
case 410:
|
||||
return F("Gone");
|
||||
case 411:
|
||||
return F("Length Required");
|
||||
case 412:
|
||||
return F("Precondition Failed");
|
||||
case 413:
|
||||
return F("Request Entity Too Large");
|
||||
case 414:
|
||||
return F("Request-URI Too Large");
|
||||
case 415:
|
||||
return F("Unsupported Media Type");
|
||||
case 416:
|
||||
return F("Requested range not satisfiable");
|
||||
case 417:
|
||||
return F("Expectation Failed");
|
||||
case 500:
|
||||
return "server error";
|
||||
return F("Internal Server Error");
|
||||
case 501:
|
||||
return F("Not Implemented");
|
||||
case 502:
|
||||
return F("Bad Gateway");
|
||||
case 503:
|
||||
return F("Service Unavailable");
|
||||
case 504:
|
||||
return F("Gateway Time-out");
|
||||
case 505:
|
||||
return F("HTTP Version not supported");
|
||||
default:
|
||||
return "unknown error";
|
||||
return F("");
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -6,9 +6,6 @@
|
|||
|
||||
namespace fw
|
||||
{
|
||||
static const uint8_t IPV4ADDRESS_LENGTH = 16;
|
||||
static const uint8_t CREDENTIALS_LENGTH = 32;
|
||||
|
||||
typedef enum firewall_targets : uint8_t
|
||||
{
|
||||
TARGET_REJECT = 0,
|
||||
|
|
@ -36,22 +33,45 @@ namespace fw
|
|||
DENIED = 1,
|
||||
} auth_t;
|
||||
|
||||
static const uint8_t IPV4ADDRESS_LENGTH = 16;
|
||||
typedef struct firewall_rules
|
||||
{
|
||||
uint8_t key;
|
||||
char source[IPV4ADDRESS_LENGTH];
|
||||
char destination[IPV4ADDRESS_LENGTH];
|
||||
uint16_t port_from; // port is max 65565
|
||||
uint16_t port_to;
|
||||
firewall_protocol_t protocol;
|
||||
firewall_target_t target;
|
||||
struct firewall_rules *next;
|
||||
} firewall_rule_t;
|
||||
|
||||
const byte numChars = 12;
|
||||
const char firewall_fields[][numChars] = {
|
||||
"key",
|
||||
"source",
|
||||
"destination",
|
||||
"port_from",
|
||||
"port_to",
|
||||
"protocol",
|
||||
"target",
|
||||
};
|
||||
|
||||
static const uint8_t CREDENTIALS_LENGTH = 32;
|
||||
typedef struct credentials
|
||||
{
|
||||
char password[CREDENTIALS_LENGTH];
|
||||
char username[CREDENTIALS_LENGTH];
|
||||
} credential_t;
|
||||
|
||||
typedef struct api_endpoints
|
||||
{
|
||||
char uri[40];
|
||||
char method[7];
|
||||
char description[30];
|
||||
struct api_endpoints *next;
|
||||
} api_endpoint_t;
|
||||
|
||||
String protocol_to_string(firewall_protocol_t &protocol);
|
||||
firewall_protocol_t string_to_protocol(String &protocol);
|
||||
String target_to_string(firewall_target_t &target);
|
||||
|
|
|
|||
Reference in a new issue