More merging

2022-07-29 17:25:56 +02:00 · 2022-07-29 17:25:56 +02:00 · 8822bc8cc7
commit 8822bc8cc7
parent 0af9c39fa3
9 changed files with 60 additions and 334 deletions
--- a/esp8266example/src/main.cpp
+++ b/esp8266example/src/main.cpp
@ -3,8 +3,8 @@
 #include "theCerts.h"
 #include "ESP8266WiFi.h"
-#include "esp8266/Firewall.hpp"
+#include "Firewall.hpp"
-#include "esp8266/API.hpp"
+#include "API.hpp"
 fw::Firewall *firewall;
 fw::API *firewallApi;
--- a/src/esp8266/Firewall.cpp
+++ b/src/esp8266/Firewall.cpp
@ -1,4 +1,3 @@
 #ifdef ESP8266
 #include "Firewall.hpp"
 namespace fw
@ -180,4 +179,3 @@ namespace fw
        return false;
    }
 }
 #endif
--- a/src/esp8266/Firewall.hpp
+++ b/src/esp8266/Firewall.hpp
@ -1,13 +1,13 @@
-#ifndef ESP8266_FIREWALL_HPP
+#ifndef FIREWALL_HPP
-#define ESP8266_FIREWALL_HPP
+#define FIREWALL_HPP
-#include "../Utils.hpp"
+#include "Utils.hpp"
 #include "Storage.hpp"
 #include "WiFiClient.h"
 #include "lwip/netif.h"
 #include "lwip/pbuf.h"
 #include "lwip/ip4.h"
-#include "lwip/udp.h"
+#include "lwip/prot/udp.h"
 #include "lwip/prot/tcp.h"
 namespace fw
--- a/src/esp8266/Storage.cpp
+++ b/src/esp8266/Storage.cpp
@ -1,45 +1,61 @@
 #ifdef ESP8266
 #include "Storage.hpp"
 namespace fw
 {
    Storage::Storage()
    {
 #ifdef ESP8266
        this->max_rules = 15;
        this->eeprom_amount_of_rules = 0;
        this->eeprom_rules_head = 1;
        this->eeprom_size = this->max_rules * sizeof(firewall_rule_t) + eeprom_rules_head;
        EEPROM.begin(this->eeprom_size);
 #endif
    }
    Storage::~Storage()
    {
    }
 #ifdef ESP8266
    uint16_t Storage::eeprom_rule_position(uint8_t key)
    {
        return eeprom_rules_head + (key - 1) * sizeof(firewall_rule_t);
    }
 #endif
    uint8_t Storage::retrieve_amount_of_rules()
    {
 #ifdef ESP8266
        uint8_t amount_of_rules = EEPROM.read(this->eeprom_amount_of_rules);
        if (amount_of_rules > this->max_rules)
            return 0;
 #else
        this->memory.begin("settings", true);
        const uint8_t amount_of_rules = memory.getUChar("amount_of_rules", 0);
        this->memory.end();
 #endif
        return amount_of_rules;
    }
    void Storage::store_amount_of_rules(const uint8_t new_amount)
    {
 #ifdef ESP8266
        EEPROM.put(this->eeprom_amount_of_rules, new_amount);
        EEPROM.commit();
 #else
        this->memory.begin("settings", false);
        this->memory.putUChar("amount_of_rules", new_amount);
        this->memory.end();
 #endif
    }
    firewall_rule_t *Storage::retrieve_firewall_rule(const uint8_t key)
    {
        firewall_rule_t *rule_ptr = (firewall_rule_t *)malloc(sizeof(firewall_rule_t));
        rule_ptr->key = key;
 #ifdef ESP8266
        uint16_t eeprom_position = eeprom_rule_position(key);
        EEPROM.get(eeprom_position, rule_ptr->ip);
@ -47,6 +63,18 @@ namespace fw
        EEPROM.get(eeprom_position += sizeof(rule_ptr->port_from), rule_ptr->port_to);
        EEPROM.get(eeprom_position += sizeof(rule_ptr->port_to), rule_ptr->protocol);
        EEPROM.get(eeprom_position += sizeof(rule_ptr->protocol), rule_ptr->target);
 #else
        char rulename[10]; // fwRule99\n
        sprintf(rulename, "fwRule%i", key);
        this->memory.begin(rulename, true);
        strncpy(rule_ptr->ip, this->memory.getString(firewall_fields[IP], "0.0.0.0").c_str(), sizeof(rule_ptr->ip));
        rule_ptr->port_from = this->memory.getUShort(firewall_fields[PORT_FROM], 0);
        rule_ptr->port_to = this->memory.getUShort(firewall_fields[PORT_TO], 0);
        rule_ptr->protocol = static_cast<firewall_protocol_t>(this->memory.getUChar(firewall_fields[PROTOCOL], PROTOCOL_ALL));
        rule_ptr->target = static_cast<firewall_target_t>(this->memory.getUChar(firewall_fields[TARGET], TARGET_ACCEPT));
        this->memory.end();
 #endif
        return rule_ptr;
    }
@ -62,6 +90,7 @@ namespace fw
    void Storage::store_firewall_rule(firewall_rule_t *rule_ptr)
    {
 #ifdef ESP8266
        uint16_t eeprom_position = eeprom_rule_position(rule_ptr->key);
        EEPROM.put(eeprom_position, rule_ptr->ip);
@ -71,6 +100,18 @@ namespace fw
        EEPROM.put(eeprom_position += sizeof(rule_ptr->protocol), rule_ptr->target);
        EEPROM.commit();
-    }
+#else
-}
+        char rulename[10]; // fwRule99\n
        sprintf(rulename, "fwRule%i", rule_ptr->key);
        this->memory.begin(rulename, false);
        this->memory.putString(firewall_fields[IP], rule_ptr->ip);
        this->memory.putUShort(firewall_fields[PORT_FROM], rule_ptr->port_from);
        this->memory.putUShort(firewall_fields[PORT_TO], rule_ptr->port_to);
        this->memory.putUChar(firewall_fields[PROTOCOL], rule_ptr->protocol);
        this->memory.putUChar(firewall_fields[TARGET], rule_ptr->target);
        this->memory.end();
 #endif
    }
 }
--- a/src/esp8266/Storage.hpp
+++ b/src/esp8266/Storage.hpp
@ -1,8 +1,12 @@
-#ifndef ESP8266_STORAGE_HPP
+#ifndef STORAGE_HPP
-#define ESP8266_STORAGE_HPP
+#define STORAGE_HPP
 #ifdef ESP8266
 #include "EEPROM.h"
-#include "../Utils.hpp"
+#else
 #include "Preferences.h"
 #endif
 #include "Utils.hpp"
 namespace fw
 {
@ -13,12 +17,16 @@ namespace fw
        ~Storage();
    private:
 #ifdef ESP8266
        uint8_t max_rules;
        uint16_t eeprom_size;
        uint16_t eeprom_amount_of_rules;
        uint16_t eeprom_rules_head;
        uint16_t eeprom_rule_position(uint8_t key);
 #else
        Preferences memory;
 #endif
    protected:
        uint8_t retrieve_amount_of_rules();
--- a/src/esp32/Firewall.cpp
+++ b/src/esp32/Firewall.cpp
@ -1,183 +0,0 @@
 #if !defined(ESP8266)
 #include "Firewall.hpp"
 namespace fw
 {
    Firewall::Firewall()
    {
        this->amount_of_rules = retrieve_amount_of_rules();
        for (uint8_t i = 1; i <= this->amount_of_rules; i++)
        {
            firewall_rule_t *rule_ptr = retrieve_firewall_rule(i);
            this->add_rule_to_firewall(rule_ptr, false);
        }
    }
    Firewall::~Firewall()
    {
    }
    firewall_rule_t *Firewall::get_rule_head()
    {
        return this->rule_head;
    }
    void Firewall::add_rule_to_firewall(firewall_rule_t *rule_ptr, const bool save_in_eeprom)
    {
        store_amount_of_rules(this->amount_of_rules);
        if (save_in_eeprom)
            Storage::store_firewall_rule(rule_ptr);
        if (this->rule_head == NULL)
        {
            this->rule_head = rule_ptr;
            rule_ptr->next = NULL;
            return;
        }
        firewall_rule_t *current_rule;
        current_rule = this->rule_head;
        while (current_rule->next != NULL)
            current_rule = current_rule->next;
        current_rule->next = rule_ptr;
        rule_ptr->next = NULL;
    }
    firewall_rule_t *Firewall::add_rule_to_firewall(String *args)
    {
        firewall_rule_t *rule_ptr = (firewall_rule_t *)malloc(sizeof(firewall_rule_t));
        rule_ptr->key = ++this->amount_of_rules;
        strncpy(rule_ptr->ip, args[IP].c_str(), sizeof(rule_ptr->ip));
        rule_ptr->port_from = args[PORT_FROM].toInt();
        rule_ptr->port_to = args[PORT_TO].toInt();
        rule_ptr->protocol = string_to_protocol(args[PROTOCOL]);
        rule_ptr->target = string_to_target(args[TARGET]);
        add_rule_to_firewall(rule_ptr);
        return rule_ptr;
    }
    firewall_rule_t *Firewall::update_rule_of_firewall(String *args, const uint8_t key)
    {
        firewall_rule_t *rule_ptr = get_rule_from_firewall(key);
        strncpy(rule_ptr->ip, args[IP].c_str(), sizeof(rule_ptr->ip));
        rule_ptr->port_from = args[PORT_FROM].toInt();
        rule_ptr->port_to = args[PORT_TO].toInt();
        rule_ptr->protocol = string_to_protocol(args[PROTOCOL]);
        rule_ptr->target = string_to_target(args[TARGET]);
        Storage::store_firewall_rule(rule_ptr);
        return rule_ptr;
    }
    firewall_rule_t *Firewall::get_rule_from_firewall(const uint8_t key)
    {
        firewall_rule_t *rule_ptr = this->rule_head;
        if (this->rule_head == NULL)
            return NULL;
        while (rule_ptr->key != key)
        {
            if (rule_ptr->next == NULL)
                return NULL;
            else
                rule_ptr = rule_ptr->next;
        }
        return rule_ptr;
    }
    ok_t Firewall::delete_rule_from_firewall(const uint8_t key)
    {
        if (this->rule_head == NULL)
            return NO_ACTION;
        firewall_rule_t *current_rule = this->rule_head;
        firewall_rule_t *previous_rule = NULL;
        firewall_rule_t *temp = NULL;
        while (current_rule->key != key)
        {
            if (current_rule->next == NULL)
                return NO_ACTION;
            else
            {
                previous_rule = current_rule;
                current_rule = current_rule->next;
            }
        }
        if (current_rule == this->rule_head)
        {
            this->rule_head = rule_head->next;
            temp = this->rule_head;
        }
        else
        {
            previous_rule->next = current_rule->next;
            temp = previous_rule->next;
        }
        while (temp != NULL)
        {
            temp->key--;
            temp = temp->next;
        }
        free(current_rule);
        this->amount_of_rules--;
        Storage::store_amount_of_rules(this->amount_of_rules);
        if (this->amount_of_rules != 0)
            Storage::store_all_firewall_rules(rule_head);
        return SUCCESS;
    }
    my_packet_t *Firewall::get_packet_information(struct pbuf *pbuf)
    {
        my_packet_t *packet = (my_packet_t *)malloc(sizeof(my_packet_t));
        const struct ip_hdr *iphdr = (struct ip_hdr *)pbuf->payload;
        u16_t iphdr_hlen = IPH_HL_BYTES(iphdr);
        packet->protocol = (firewall_protocol_t)IPH_PROTO(iphdr);
        sprintf(packet->ip, "%d.%d.%d.%d", ip4_addr1_16_val(iphdr->src), ip4_addr2_16_val(iphdr->src), ip4_addr3_16_val(iphdr->src), ip4_addr4_16_val(iphdr->src));
        if (packet->protocol == PROTOCOL_UDP)
        {
            const struct udp_hdr *udphdr = (const struct udp_hdr *)((const u8_t *)iphdr + iphdr_hlen);
            packet->port = lwip_ntohs(udphdr->dest);
        }
        else if (packet->protocol == PROTOCOL_TCP)
        {
            const struct tcp_hdr *tcphdr = (const struct tcp_hdr *)((const u8_t *)iphdr + iphdr_hlen);
            packet->port = lwip_ntohs(tcphdr->dest);
        }
        return packet;
    }
    bool Firewall::rule_allows_packet(firewall_rule_t *rule_ptr, my_packet_t *packet)
    {
        if (strncmp(rule_ptr->ip, packet->ip, IPV4ADDRESS_LENGTH) == 0)
        {
            if ((rule_ptr->protocol == PROTOCOL_ALL || packet->protocol == rule_ptr->protocol) &&
                is_in_range(packet->port, rule_ptr->port_from, rule_ptr->port_to) &&
                rule_ptr->target == TARGET_ACCEPT)
            {
                free(packet);
                return true;
            }
        }
        return false;
    }
    bool Firewall::is_packet_allowed(struct pbuf *pbuf)
    {
        // no rules -> no action
        if (this->amount_of_rules == 0)
            return true;
        my_packet_t *packet = get_packet_information(pbuf);
        firewall_rule_t *rule_ptr = this->rule_head;
        while (rule_ptr != NULL)
        {
            if (rule_allows_packet(rule_ptr, packet))
                return true;
            rule_ptr = rule_ptr->next;
        }
        free(packet);
        return false;
    }
 }
 #endif
--- a/src/esp32/Firewall.hpp
+++ b/src/esp32/Firewall.hpp
@ -1,39 +0,0 @@
 #ifndef ESP32_FIREWALL_HPP
 #define ESP32_FIREWALL_HPP
 #include "../Utils.hpp"
 #include "Storage.hpp"
 #include "WiFiClient.h"
 #include "lwip/netif.h"
 #include "lwip/pbuf.h"
 #include "lwip/ip4.h"
 #include "lwip/udp.h"
 #include "lwip/tcp.h"
 #include "lwip/prot/tcp.h"
 namespace fw
 {
    class Firewall : public Storage
    {
    public:
        Firewall();
        ~Firewall();
        firewall_rule_t *get_rule_head();
        void add_rule_to_firewall(firewall_rule_t *rule_ptr, const bool save_in_eeprom = true);
        firewall_rule_t *add_rule_to_firewall(String *args);
        firewall_rule_t *update_rule_of_firewall(String *args, const uint8_t key);
        firewall_rule_t *get_rule_from_firewall(const uint8_t key);
        ok_t delete_rule_from_firewall(const uint8_t key);
        bool is_packet_allowed(struct pbuf *pbuf);
    protected:
        bool rule_allows_packet(firewall_rule_t *rule_ptr, my_packet_t *packet);
        my_packet_t *get_packet_information(struct pbuf *pbuf);
        uint8_t amount_of_rules = 0;
        firewall_rule_t *rule_head = NULL;
    };
 }
 #endif
--- a/src/esp32/Storage.cpp
+++ b/src/esp32/Storage.cpp
@ -1,72 +0,0 @@
 #if !defined(ESP8266)
 #include "Storage.hpp"
 namespace fw
 {
    Storage::Storage()
    {
    }
    Storage::~Storage()
    {
    }
    uint8_t Storage::retrieve_amount_of_rules()
    {
        this->memory.begin("settings", true);
        const uint8_t amount_of_rules = memory.getUChar("amount_of_rules", 0);
        this->memory.end();
        return amount_of_rules;
    }
    void Storage::store_amount_of_rules(const uint8_t new_amount)
    {
        this->memory.begin("settings", false);
        this->memory.putUChar("amount_of_rules", new_amount);
        this->memory.end();
    }
    firewall_rule_t *Storage::retrieve_firewall_rule(const uint8_t key)
    {
        firewall_rule_t *rule_ptr = (firewall_rule_t *)malloc(sizeof(firewall_rule_t));
        rule_ptr->key = key;
        char rulename[10]; // fwRule99\n
        sprintf(rulename, "fwRule%i", key);
        this->memory.begin(rulename, true);
        strncpy(rule_ptr->ip, this->memory.getString(firewall_fields[IP], "0.0.0.0").c_str(), sizeof(rule_ptr->ip));
        rule_ptr->port_from = this->memory.getUShort(firewall_fields[PORT_FROM], 0);
        rule_ptr->port_to = this->memory.getUShort(firewall_fields[PORT_TO], 0);
        rule_ptr->protocol = static_cast<firewall_protocol_t>(this->memory.getUChar(firewall_fields[PROTOCOL], PROTOCOL_ALL));
        rule_ptr->target = static_cast<firewall_target_t>(this->memory.getUChar(firewall_fields[TARGET], TARGET_ACCEPT));
        this->memory.end();
        return rule_ptr;
    }
    void Storage::store_all_firewall_rules(firewall_rule_t *rule_head)
    {
        firewall_rule_t *temp = rule_head;
        while (temp != NULL)
        {
            store_firewall_rule(temp);
            temp = temp->next;
        }
    }
    void Storage::store_firewall_rule(firewall_rule_t *rule_ptr)
    {
        char rulename[10]; // fwRule99\n
        sprintf(rulename, "fwRule%i", rule_ptr->key);
        this->memory.begin(rulename, false);
        this->memory.putString(firewall_fields[IP], rule_ptr->ip);
        this->memory.putUShort(firewall_fields[PORT_FROM], rule_ptr->port_from);
        this->memory.putUShort(firewall_fields[PORT_TO], rule_ptr->port_to);
        this->memory.putUChar(firewall_fields[PROTOCOL], rule_ptr->protocol);
        this->memory.putUChar(firewall_fields[TARGET], rule_ptr->target);
        this->memory.end();
    }
 }
 #endif
--- a/src/esp32/Storage.hpp
+++ b/src/esp32/Storage.hpp
@ -1,27 +0,0 @@
 #ifndef ESP32_STORAGE_HPP
 #define ESP32_STORAGE_HPP
 #include "Preferences.h"
 #include "../Utils.hpp"
 namespace fw
 {
    class Storage
    {
    public:
        Storage();
        ~Storage();
    private:
        Preferences memory;
    protected:
        uint8_t retrieve_amount_of_rules();
        void store_amount_of_rules(const uint8_t new_amount);
        firewall_rule_t *retrieve_firewall_rule(const uint8_t key);
        void store_all_firewall_rules(firewall_rule_t *rule_head);
        void store_firewall_rule(firewall_rule_t *rule_ptr);
    };
 }
 #endif