diff --git a/SourceCode/arduino/lib/Firewall/esp32Eeprom.cpp b/SourceCode/arduino/lib/Firewall/esp32Eeprom.cpp index 51c99ee..5e6ae6f 100644 --- a/SourceCode/arduino/lib/Firewall/esp32Eeprom.cpp +++ b/SourceCode/arduino/lib/Firewall/esp32Eeprom.cpp @@ -1,11 +1,26 @@ #include "esp32Eeprom.hpp" -esp32Eeprom::esp32Eeprom(const uint16_t eeprom_size) +namespace firewall { - this->eeprom_size = eeprom_size; - EEPROM.begin(this->eeprom_size); -} + Storage::Storage(const uint16_t eeprom_size) + { + this->eeprom_size = eeprom_size; + EEPROM.begin(this->eeprom_size); + set_amount_of_firewall_rules(EEPROM.read(this->settings_head)); + log_i("Amount of Rules: %i", get_amount_of_firewall_rules()); + } -esp32Eeprom::~esp32Eeprom() -{ + Storage::~Storage() + { + } + + uint8_t Storage::get_amount_of_firewall_rules() + { + return this->amount_of_rules; + } + + void Storage::set_amount_of_firewall_rules(const uint8_t new_amount) + { + this->amount_of_rules = new_amount; + } } diff --git a/SourceCode/arduino/lib/Firewall/esp32Eeprom.hpp b/SourceCode/arduino/lib/Firewall/esp32Eeprom.hpp index 17ed859..e8d04f7 100644 --- a/SourceCode/arduino/lib/Firewall/esp32Eeprom.hpp +++ b/SourceCode/arduino/lib/Firewall/esp32Eeprom.hpp @@ -2,15 +2,30 @@ #define ESP32_EEPROM_HPP #include "EEPROM.h" +#include "FirewallTypes.h" -class esp32Eeprom +namespace firewall { -private: - uint16_t eeprom_size; + class Storage + { + private: + uint16_t eeprom_size; + uint16_t settings_start = 0; + uint16_t settings_head = settings_start; + uint16_t rules_start = 1000; + uint16_t rules_head = rules_start; + uint16_t certificate_start = 3000; + uint16_t certificate_head = certificate_start; -public: - esp32Eeprom(const uint16_t); - ~esp32Eeprom(); -}; + protected: + uint8_t amount_of_rules; + uint8_t get_amount_of_firewall_rules(); + void set_amount_of_firewall_rules(const uint8_t); + + public: + Storage(const uint16_t = 4000); + ~Storage(); + }; +} #endif diff --git a/SourceCode/arduino/lib/Firewall/esp32Firewall.cpp b/SourceCode/arduino/lib/Firewall/esp32Firewall.cpp index 6793a9d..9d18430 100644 --- a/SourceCode/arduino/lib/Firewall/esp32Firewall.cpp +++ b/SourceCode/arduino/lib/Firewall/esp32Firewall.cpp @@ -1,208 +1,211 @@ #include "esp32Firewall.hpp" -esp32Firewall::esp32Firewall() +namespace firewall { - this->setup_eeprom(); -} - -esp32Firewall::~esp32Firewall() -{ -} - -String esp32Firewall::protocol_to_string(firewall_protocol_t &protocol) -{ - switch (protocol) + esp32Firewall::esp32Firewall() { - case FW_TCP: - return "TCP"; - case FW_UDP: - return "UDP"; - default: - return "ALL"; + this->setup_eeprom(); } -} -firewall_protocol_t esp32Firewall::string_to_protocol(std::string &protocol) -{ - if (protocol.compare("TCP") == 0) - return FW_TCP; - else if (protocol.compare("UDP") == 0) - return FW_UDP; - else - return FW_ALL; -} - -String esp32Firewall::target_to_string(firewall_target_t &target) -{ - switch (target) + esp32Firewall::~esp32Firewall() { - case FW_REJECT: - return "REJECT"; - case FW_DROP: - return "DROP"; - default: - return "ACCEPT"; } -} -firewall_target_t esp32Firewall::string_to_target(std::string &target) -{ - if (target.compare("REJECT") == 0) - return FW_REJECT; - else if (target.compare("DROP") == 0) - return FW_DROP; - else - return FW_ACCEPT; -} - -void esp32Firewall::setup_eeprom() -{ - EEPROM.begin(this->eeprom_size); - this->amount_of_rules = EEPROM.read(this->eeprom_settings_head); - uint8_t security_number = EEPROM.read(this->eeprom_settings_head + 1); - if (this->amount_of_rules > 50 || security_number != this->security_number) + String esp32Firewall::protocol_to_string(firewall_protocol_t &protocol) + { + switch (protocol) + { + case FW_TCP: + return "TCP"; + case FW_UDP: + return "UDP"; + default: + return "ALL"; + } + } + + firewall_protocol_t esp32Firewall::string_to_protocol(std::string &protocol) + { + if (protocol.compare("TCP") == 0) + return FW_TCP; + else if (protocol.compare("UDP") == 0) + return FW_UDP; + else + return FW_ALL; + } + + String esp32Firewall::target_to_string(firewall_target_t &target) + { + switch (target) + { + case FW_REJECT: + return "REJECT"; + case FW_DROP: + return "DROP"; + default: + return "ACCEPT"; + } + } + + firewall_target_t esp32Firewall::string_to_target(std::string &target) + { + if (target.compare("REJECT") == 0) + return FW_REJECT; + else if (target.compare("DROP") == 0) + return FW_DROP; + else + return FW_ACCEPT; + } + + void esp32Firewall::setup_eeprom() + { + EEPROM.begin(this->eeprom_size); + this->amount_of_rules = EEPROM.read(this->eeprom_settings_head); + uint8_t security_number = EEPROM.read(this->eeprom_settings_head + 1); + if (this->amount_of_rules > 50 || security_number != this->security_number) + { + this->amount_of_rules = 0; + EEPROM.write(this->eeprom_settings_head, this->amount_of_rules); + EEPROM.write(this->eeprom_settings_head + 1, this->security_number); + EEPROM.commit(); + } + log_i("Amount of existing Rules %i", this->amount_of_rules); + this->eeprom_read_firewall_rules(); + } + + void esp32Firewall::eeprom_write_firewall_rule(firewall_rule_t *rule_ptr) { - this->amount_of_rules = 0; EEPROM.write(this->eeprom_settings_head, this->amount_of_rules); - EEPROM.write(this->eeprom_settings_head + 1, this->security_number); + EEPROM.writeString(this->eeprom_rules_head, rule_ptr->source); + this->eeprom_rules_head += IPV4ADDRESS_LENGTH; + EEPROM.writeString(this->eeprom_rules_head, rule_ptr->destination); + this->eeprom_rules_head += IPV4ADDRESS_LENGTH; + EEPROM.write(this->eeprom_rules_head, rule_ptr->protocol); + this->eeprom_rules_head += sizeof(firewall_protocol_t); + EEPROM.write(this->eeprom_rules_head, rule_ptr->target); + this->eeprom_rules_head += sizeof(firewall_target_t); EEPROM.commit(); } - log_i("Amount of existing Rules %i", this->amount_of_rules); - this->eeprom_read_firewall_rules(); -} -void esp32Firewall::eeprom_write_firewall_rule(firewall_rule_t *rule_ptr) -{ - EEPROM.write(this->eeprom_settings_head, this->amount_of_rules); - EEPROM.writeString(this->eeprom_rules_head, rule_ptr->source); - this->eeprom_rules_head += IPV4ADDRESS_LENGTH; - EEPROM.writeString(this->eeprom_rules_head, rule_ptr->destination); - this->eeprom_rules_head += IPV4ADDRESS_LENGTH; - EEPROM.write(this->eeprom_rules_head, rule_ptr->protocol); - this->eeprom_rules_head += sizeof(firewall_protocol_t); - EEPROM.write(this->eeprom_rules_head, rule_ptr->target); - this->eeprom_rules_head += sizeof(firewall_target_t); - EEPROM.commit(); -} - -void esp32Firewall::eeprom_write_firewall_rules() -{ - this->eeprom_rules_head = eeprom_start_firewall_rules; - firewall_rule_t *rule_ptr = this->head; - while (rule_ptr != NULL) + void esp32Firewall::eeprom_write_firewall_rules() { - this->eeprom_write_firewall_rule(rule_ptr); - rule_ptr = rule_ptr->next; - } -} - -void esp32Firewall::eeprom_read_firewall_rule(uint8_t &eeprom_address, uint8_t &rule_nr) -{ - firewall_rule_t *rule_ptr = (firewall_rule_t *)malloc(sizeof(firewall_rule_t)); - rule_ptr->key = rule_nr; - strcpy(rule_ptr->source, EEPROM.readString(eeprom_address).c_str()); - eeprom_address += IPV4ADDRESS_LENGTH; - strcpy(rule_ptr->destination, EEPROM.readString(eeprom_address).c_str()); - eeprom_address += IPV4ADDRESS_LENGTH; - rule_ptr->protocol = static_cast(EEPROM.read(eeprom_address)); - eeprom_address += sizeof(firewall_protocol_t); - rule_ptr->target = static_cast(EEPROM.read(eeprom_address)); - eeprom_address += sizeof(firewall_target_t); - add_rule_to_firewall(rule_ptr); - log_i("%s, %s, %s, %s", - rule_ptr->source, - rule_ptr->destination, - protocol_to_string(rule_ptr->protocol), - target_to_string(rule_ptr->target)); -} - -void esp32Firewall::eeprom_read_firewall_rules() -{ - uint8_t eeprom_address = eeprom_start_firewall_rules; - for (uint8_t i = 1; i <= this->amount_of_rules; i++) - { - eeprom_read_firewall_rule(eeprom_address, i); - } -} - -void esp32Firewall::add_rule_to_firewall(firewall_rule_t *rule_ptr) -{ - firewall_rule_t *temp; - if (this->head == NULL) - { - this->head = rule_ptr; - rule_ptr->next = NULL; - return; - } - temp = this->head; - while (temp->next != NULL) - { - temp = temp->next; - } - temp->next = rule_ptr; - rule_ptr->next = NULL; - return; -} - -firewall_rule_t *esp32Firewall::get_rule_from_firewall(uint8_t key) -{ - firewall_rule_t *rule_ptr = this->head; - if (this->head == NULL) - { - return NULL; - } - while (rule_ptr->key != key) - { - if (rule_ptr->next == NULL) - { - return NULL; - } - else + this->eeprom_rules_head = eeprom_start_firewall_rules; + firewall_rule_t *rule_ptr = this->head; + while (rule_ptr != NULL) { + this->eeprom_write_firewall_rule(rule_ptr); rule_ptr = rule_ptr->next; } } - return rule_ptr; -} -bool esp32Firewall::delete_rule_from_firewall(uint8_t key) -{ - if (this->head == NULL) + void esp32Firewall::eeprom_read_firewall_rule(uint8_t &eeprom_address, uint8_t &rule_nr) { - return false; + firewall_rule_t *rule_ptr = (firewall_rule_t *)malloc(sizeof(firewall_rule_t)); + rule_ptr->key = rule_nr; + strcpy(rule_ptr->source, EEPROM.readString(eeprom_address).c_str()); + eeprom_address += IPV4ADDRESS_LENGTH; + strcpy(rule_ptr->destination, EEPROM.readString(eeprom_address).c_str()); + eeprom_address += IPV4ADDRESS_LENGTH; + rule_ptr->protocol = static_cast(EEPROM.read(eeprom_address)); + eeprom_address += sizeof(firewall_protocol_t); + rule_ptr->target = static_cast(EEPROM.read(eeprom_address)); + eeprom_address += sizeof(firewall_target_t); + add_rule_to_firewall(rule_ptr); + log_i("%s, %s, %s, %s", + rule_ptr->source, + rule_ptr->destination, + protocol_to_string(rule_ptr->protocol), + target_to_string(rule_ptr->target)); } - firewall_rule_t *current_rule_ptr = this->head; - firewall_rule_t *previous_rule_ptr = NULL; - firewall_rule_t *temp = NULL; - while (current_rule_ptr->key != key) + + void esp32Firewall::eeprom_read_firewall_rules() { - if (current_rule_ptr->next == NULL) + uint8_t eeprom_address = eeprom_start_firewall_rules; + for (uint8_t i = 1; i <= this->amount_of_rules; i++) + { + eeprom_read_firewall_rule(eeprom_address, i); + } + } + + void esp32Firewall::add_rule_to_firewall(firewall_rule_t *rule_ptr) + { + firewall_rule_t *temp; + if (this->head == NULL) + { + this->head = rule_ptr; + rule_ptr->next = NULL; + return; + } + temp = this->head; + while (temp->next != NULL) + { + temp = temp->next; + } + temp->next = rule_ptr; + rule_ptr->next = NULL; + return; + } + + firewall_rule_t *esp32Firewall::get_rule_from_firewall(uint8_t key) + { + firewall_rule_t *rule_ptr = this->head; + if (this->head == NULL) + { + return NULL; + } + while (rule_ptr->key != key) + { + if (rule_ptr->next == NULL) + { + return NULL; + } + else + { + rule_ptr = rule_ptr->next; + } + } + return rule_ptr; + } + + bool esp32Firewall::delete_rule_from_firewall(uint8_t key) + { + if (this->head == NULL) { return false; } + firewall_rule_t *current_rule_ptr = this->head; + firewall_rule_t *previous_rule_ptr = NULL; + firewall_rule_t *temp = NULL; + while (current_rule_ptr->key != key) + { + if (current_rule_ptr->next == NULL) + { + return false; + } + else + { + previous_rule_ptr = current_rule_ptr; + current_rule_ptr = current_rule_ptr->next; + } + } + if (current_rule_ptr == this->head) + { + this->head = head->next; + temp = this->head; + } else { - previous_rule_ptr = current_rule_ptr; - current_rule_ptr = current_rule_ptr->next; + previous_rule_ptr->next = current_rule_ptr->next; + temp = previous_rule_ptr->next; } + while (temp != NULL) + { + temp->key--; + temp = temp->next; + } + free(current_rule_ptr); + this->amount_of_rules--; + this->eeprom_write_firewall_rules(); + return true; } - if (current_rule_ptr == this->head) - { - this->head = head->next; - temp = this->head; - } - else - { - previous_rule_ptr->next = current_rule_ptr->next; - temp = previous_rule_ptr->next; - } - while (temp != NULL) - { - temp->key--; - temp = temp->next; - } - free(current_rule_ptr); - this->amount_of_rules--; - this->eeprom_write_firewall_rules(); - return true; } diff --git a/SourceCode/arduino/lib/Firewall/esp32Firewall.hpp b/SourceCode/arduino/lib/Firewall/esp32Firewall.hpp index a9c6b39..62db928 100644 --- a/SourceCode/arduino/lib/Firewall/esp32Firewall.hpp +++ b/SourceCode/arduino/lib/Firewall/esp32Firewall.hpp @@ -6,37 +6,40 @@ #define eeprom_start_firewall_rules 4 -class esp32Firewall +namespace firewall { -private: - uint16_t eeprom_size = 512; - uint8_t security_number = 93; - int eeprom_settings_head = 0; - int eeprom_rules_head = eeprom_start_firewall_rules; + class esp32Firewall + { + private: + uint16_t eeprom_size = 512; + uint8_t security_number = 93; + int eeprom_settings_head = 0; + int eeprom_rules_head = eeprom_start_firewall_rules; - void setup_eeprom(); - void eeprom_write_firewall_rules(); - void eeprom_read_firewall_rule(uint8_t &, uint8_t &); - void eeprom_read_firewall_rules(); + void setup_eeprom(); + void eeprom_write_firewall_rules(); + void eeprom_read_firewall_rule(uint8_t &, uint8_t &); + void eeprom_read_firewall_rules(); -protected: - uint8_t amount_of_rules = 0; - struct firewall_rule *head = NULL; + protected: + uint8_t amount_of_rules = 0; + struct firewall_rule *head = NULL; - void add_rule_to_firewall(firewall_rule_t *); - firewall_rule_t *get_rule_from_firewall(uint8_t); - bool delete_rule_from_firewall(uint8_t); + void add_rule_to_firewall(firewall_rule_t *); + firewall_rule_t *get_rule_from_firewall(uint8_t); + bool delete_rule_from_firewall(uint8_t); - void eeprom_write_firewall_rule(firewall_rule_t *); + void eeprom_write_firewall_rule(firewall_rule_t *); - String protocol_to_string(firewall_protocol_t &); - firewall_protocol_t string_to_protocol(std::string &); - String target_to_string(firewall_target_t &); - firewall_target_t string_to_target(std::string &); + String protocol_to_string(firewall_protocol_t &); + firewall_protocol_t string_to_protocol(std::string &); + String target_to_string(firewall_target_t &); + firewall_target_t string_to_target(std::string &); -public: - esp32Firewall(); - ~esp32Firewall(); -}; + public: + esp32Firewall(); + ~esp32Firewall(); + }; +} #endif diff --git a/SourceCode/arduino/lib/Firewall/esp32FirewallAPI.cpp b/SourceCode/arduino/lib/Firewall/esp32FirewallAPI.cpp index c5275ff..dfdf615 100644 --- a/SourceCode/arduino/lib/Firewall/esp32FirewallAPI.cpp +++ b/SourceCode/arduino/lib/Firewall/esp32FirewallAPI.cpp @@ -1,197 +1,200 @@ #include "esp32FirewallAPI.hpp" -esp32FirewallApi::esp32FirewallApi(const uint16_t port) +namespace firewall { - this->setup_certificate(); - this->server = new HTTPSServer(this->certificate, port, 5); - this->setup_routing(); - log_i("Starting server..."); - this->server->start(); - if (this->server->isRunning()) + esp32FirewallApi::esp32FirewallApi(const uint16_t port) { - log_i("Server ready."); + this->setup_certificate(); + this->server = new HTTPSServer(this->certificate, port, 5); + this->setup_routing(); + log_i("Starting server..."); + this->server->start(); + if (this->server->isRunning()) + { + log_i("Server ready."); + } } -} -esp32FirewallApi::~esp32FirewallApi() -{ -} - -void esp32FirewallApi::handle_clients() -{ - this->server->loop(); -} - -void esp32FirewallApi::setup_certificate() -{ - log_i("Creating the certificate..."); - this->certificate = new SSLCert(); - int createCertResult = createSelfSignedCert( - *this->certificate, - KEYSIZE_2048, - "CN=myesp32.local,O=Firewall,C=DE", - "20220101000000", - "20320101000000"); - if (createCertResult != 0) + esp32FirewallApi::~esp32FirewallApi() { - log_e("Cerating certificate failed. Error Code = 0x%02X, check SSLCert.hpp for details", createCertResult); - while (true) - delay(500); } - log_i("Creating the certificate was successful"); -} -void esp32FirewallApi::setup_routing() -{ - ResourceNode *get_firewall_rule = new ResourceNode("/api/v1/firewall/*", "GET", std::bind(&esp32FirewallApi::get_firewall_rule_handler, this, std::placeholders::_1, std::placeholders::_2)); - ResourceNode *get_firewall_rules = new ResourceNode("/api/v1/firewall", "GET", std::bind(&esp32FirewallApi::get_firewall_rules_handler, this, std::placeholders::_1, std::placeholders::_2)); - ResourceNode *post_firewall = new ResourceNode("/api/v1/firewall", "POST", std::bind(&esp32FirewallApi::post_firewall_handler, this, std::placeholders::_1, std::placeholders::_2)); - ResourceNode *delete_firewall = new ResourceNode("/api/v1/firewall/*", "DELETE", std::bind(&esp32FirewallApi::delete_firewall_handler, this, std::placeholders::_1, std::placeholders::_2)); - ResourceNode *restart_device = new ResourceNode("/api/v1/device/restart", "GET", std::bind(&esp32FirewallApi::restart_device_handler, this, std::placeholders::_1, std::placeholders::_2)); - ResourceNode *not_found = new ResourceNode("", "GET", std::bind(&esp32FirewallApi::not_found_handler, this, std::placeholders::_1, std::placeholders::_2)); - this->server->registerNode(get_firewall_rule); - this->server->registerNode(get_firewall_rules); - this->server->registerNode(post_firewall); - this->server->registerNode(delete_firewall); - this->server->registerNode(restart_device); - this->server->setDefaultNode(not_found); -} - -void esp32FirewallApi::restart_device_handler(HTTPRequest *request, HTTPResponse *response) -{ - this->json_message_response(response, "restarting device in 2 sec", 200); - sleep(2000); - esp_restart(); -} - -void esp32FirewallApi::not_found_handler(HTTPRequest *request, HTTPResponse *response) -{ - this->json_message_response(response, "not found", 404); -} - -void esp32FirewallApi::get_firewall_rule_handler(HTTPRequest *request, HTTPResponse *response) -{ - ResourceParameters *params = request->getParams(); - int rule_number = atoi(params->getPathParameter(0).c_str()); - firewall_rule_t *rule_ptr = this->get_rule_from_firewall(rule_number); - if (rule_ptr == NULL) + void esp32FirewallApi::handle_clients() { - this->json_message_response(response, "rule not found", 404); + this->server->loop(); } - else + + void esp32FirewallApi::setup_certificate() + { + log_i("Creating the certificate..."); + this->certificate = new SSLCert(); + int createCertResult = createSelfSignedCert( + *this->certificate, + KEYSIZE_2048, + "CN=myesp32.local,O=Firewall,C=DE", + "20220101000000", + "20320101000000"); + if (createCertResult != 0) + { + log_e("Cerating certificate failed. Error Code = 0x%02X, check SSLCert.hpp for details", createCertResult); + while (true) + delay(500); + } + log_i("Creating the certificate was successful"); + } + + void esp32FirewallApi::setup_routing() + { + ResourceNode *get_firewall_rule = new ResourceNode("/api/v1/firewall/*", "GET", std::bind(&esp32FirewallApi::get_firewall_rule_handler, this, std::placeholders::_1, std::placeholders::_2)); + ResourceNode *get_firewall_rules = new ResourceNode("/api/v1/firewall", "GET", std::bind(&esp32FirewallApi::get_firewall_rules_handler, this, std::placeholders::_1, std::placeholders::_2)); + ResourceNode *post_firewall = new ResourceNode("/api/v1/firewall", "POST", std::bind(&esp32FirewallApi::post_firewall_handler, this, std::placeholders::_1, std::placeholders::_2)); + ResourceNode *delete_firewall = new ResourceNode("/api/v1/firewall/*", "DELETE", std::bind(&esp32FirewallApi::delete_firewall_handler, this, std::placeholders::_1, std::placeholders::_2)); + ResourceNode *restart_device = new ResourceNode("/api/v1/device/restart", "GET", std::bind(&esp32FirewallApi::restart_device_handler, this, std::placeholders::_1, std::placeholders::_2)); + ResourceNode *not_found = new ResourceNode("", "GET", std::bind(&esp32FirewallApi::not_found_handler, this, std::placeholders::_1, std::placeholders::_2)); + this->server->registerNode(get_firewall_rule); + this->server->registerNode(get_firewall_rules); + this->server->registerNode(post_firewall); + this->server->registerNode(delete_firewall); + this->server->registerNode(restart_device); + this->server->setDefaultNode(not_found); + } + + void esp32FirewallApi::restart_device_handler(HTTPRequest *request, HTTPResponse *response) + { + this->json_message_response(response, "restarting device in 2 sec", 200); + sleep(2000); + esp_restart(); + } + + void esp32FirewallApi::not_found_handler(HTTPRequest *request, HTTPResponse *response) + { + this->json_message_response(response, "not found", 404); + } + + void esp32FirewallApi::get_firewall_rule_handler(HTTPRequest *request, HTTPResponse *response) + { + ResourceParameters *params = request->getParams(); + int rule_number = atoi(params->getPathParameter(0).c_str()); + firewall_rule_t *rule_ptr = this->get_rule_from_firewall(rule_number); + if (rule_ptr == NULL) + { + this->json_message_response(response, "rule not found", 404); + } + else + { + response->setHeader("Content-Type", "application/json"); + response->setStatusCode(200); + response->print(this->construct_json_firewall_rule(rule_ptr)); + } + } + + void esp32FirewallApi::get_firewall_rules_handler(HTTPRequest *request, HTTPResponse *response) + { + this->json_generic_response(response, this->construct_json_firewall(), 200); + } + + bool esp32FirewallApi::request_has_firewall_parameter(ResourceParameters *params) + { + return params->isQueryParameterSet("source") || params->isQueryParameterSet("destination") || params->isQueryParameterSet("protocol") || params->isQueryParameterSet("target"); + } + + void esp32FirewallApi::post_firewall_handler(HTTPRequest *request, HTTPResponse *response) + { + ResourceParameters *params = request->getParams(); + if (request_has_firewall_parameter(params)) + { + firewall_rule_t *rule_ptr = (firewall_rule_t *)malloc(sizeof(firewall_rule_t)); + rule_ptr->key = ++amount_of_rules; + + // carefully copying c-string that is shorter then the destination char-array length + std::string source; + params->getQueryParameter("source", source); + strcpy(rule_ptr->source, source.length() <= IPV4ADDRESS_LENGTH ? source.c_str() : ""); + std::string destination; + params->getQueryParameter("destination", destination); + strcpy(rule_ptr->destination, destination.length() <= IPV4ADDRESS_LENGTH ? destination.c_str() : ""); + + std::string protocol; + params->getQueryParameter("protocol", protocol); + rule_ptr->protocol = string_to_protocol(protocol); + std::string target; + params->getQueryParameter("target", target); + rule_ptr->target = string_to_target(target); + + this->add_rule_to_firewall(rule_ptr); + this->eeprom_write_firewall_rule(rule_ptr); + this->json_generic_response(response, this->construct_json_firewall_rule(rule_ptr), 200); + } + else + { + this->json_message_response(response, "not enough parameter", 400); + } + } + + void esp32FirewallApi::delete_firewall_handler(HTTPRequest *request, HTTPResponse *response) + { + ResourceParameters *params = request->getParams(); + int rule_number = atoi(params->getPathParameter(0).c_str()); + if (this->delete_rule_from_firewall(rule_number)) + { + this->json_message_response(response, "firewall rule deleted", 200); + } + else + { + this->json_message_response(response, "cannot delete firewall rule", 500); + } + } + + void esp32FirewallApi::json_generic_response(HTTPResponse *response, String serialized, const uint16_t response_code) { response->setHeader("Content-Type", "application/json"); - response->setStatusCode(200); - response->print(this->construct_json_firewall_rule(rule_ptr)); + response->setStatusCode(response_code); + response->println(serialized); } -} -void esp32FirewallApi::get_firewall_rules_handler(HTTPRequest *request, HTTPResponse *response) -{ - this->json_generic_response(response, this->construct_json_firewall(), 200); -} - -bool esp32FirewallApi::request_has_firewall_parameter(ResourceParameters *params) -{ - return params->isQueryParameterSet("source") || params->isQueryParameterSet("destination") || params->isQueryParameterSet("protocol") || params->isQueryParameterSet("target"); -} - -void esp32FirewallApi::post_firewall_handler(HTTPRequest *request, HTTPResponse *response) -{ - ResourceParameters *params = request->getParams(); - if (request_has_firewall_parameter(params)) + void esp32FirewallApi::json_message_response(HTTPResponse *response, String message, const uint16_t response_code) { - firewall_rule_t *rule_ptr = (firewall_rule_t *)malloc(sizeof(firewall_rule_t)); - rule_ptr->key = ++amount_of_rules; - - // carefully copying c-string that is shorter then the destination char-array length - std::string source; - params->getQueryParameter("source", source); - strcpy(rule_ptr->source, source.length() <= IPV4ADDRESS_LENGTH ? source.c_str() : ""); - std::string destination; - params->getQueryParameter("destination", destination); - strcpy(rule_ptr->destination, destination.length() <= IPV4ADDRESS_LENGTH ? destination.c_str() : ""); - - std::string protocol; - params->getQueryParameter("protocol", protocol); - rule_ptr->protocol = string_to_protocol(protocol); - std::string target; - params->getQueryParameter("target", target); - rule_ptr->target = string_to_target(target); - - this->add_rule_to_firewall(rule_ptr); - this->eeprom_write_firewall_rule(rule_ptr); - this->json_generic_response(response, this->construct_json_firewall_rule(rule_ptr), 200); + response->setHeader("Content-Type", "application/json"); + response->setStatusCode(response_code); + StaticJsonDocument<96> json; + String serialized; + json["message"] = message; + serializeJson(json, serialized); + response->println(serialized); } - else + + String esp32FirewallApi::construct_json_firewall_rule(firewall_rule_t *rule_ptr) { - this->json_message_response(response, "not enough parameter", 400); + StaticJsonDocument<256> doc; + doc["key"] = rule_ptr->key; + doc["source"] = rule_ptr->source; + doc["destination"] = rule_ptr->destination; + doc["protocol"] = protocol_to_string(rule_ptr->protocol); + doc["target"] = target_to_string(rule_ptr->target); + String response; + serializeJson(doc, response); + return response; } -} -void esp32FirewallApi::delete_firewall_handler(HTTPRequest *request, HTTPResponse *response) -{ - ResourceParameters *params = request->getParams(); - int rule_number = atoi(params->getPathParameter(0).c_str()); - if (this->delete_rule_from_firewall(rule_number)) + String esp32FirewallApi::construct_json_firewall() { - this->json_message_response(response, "firewall rule deleted", 200); - } - else - { - this->json_message_response(response, "cannot delete firewall rule", 500); + firewall_rule_t *rule_ptr = this->head; + // Size for approx. 12 Rules + StaticJsonDocument<2048> doc; + String response; + doc["amount_of_rules"] = this->amount_of_rules; + JsonArray rules = doc.createNestedArray("rules"); + while (rule_ptr != NULL) + { + JsonObject rule = rules.createNestedObject(); + rule["key"] = rule_ptr->key; + rule["source"] = rule_ptr->source; + rule["destination"] = rule_ptr->destination; + rule["protocol"] = protocol_to_string(rule_ptr->protocol); + rule["target"] = target_to_string(rule_ptr->target); + rule_ptr = rule_ptr->next; + } + serializeJson(doc, response); + return response; } } - -void esp32FirewallApi::json_generic_response(HTTPResponse *response, String serialized, const uint16_t response_code) -{ - response->setHeader("Content-Type", "application/json"); - response->setStatusCode(response_code); - response->println(serialized); -} - -void esp32FirewallApi::json_message_response(HTTPResponse *response, String message, const uint16_t response_code) -{ - response->setHeader("Content-Type", "application/json"); - response->setStatusCode(response_code); - StaticJsonDocument<96> json; - String serialized; - json["message"] = message; - serializeJson(json, serialized); - response->println(serialized); -} - -String esp32FirewallApi::construct_json_firewall_rule(firewall_rule_t *rule_ptr) -{ - StaticJsonDocument<256> doc; - doc["key"] = rule_ptr->key; - doc["source"] = rule_ptr->source; - doc["destination"] = rule_ptr->destination; - doc["protocol"] = protocol_to_string(rule_ptr->protocol); - doc["target"] = target_to_string(rule_ptr->target); - String response; - serializeJson(doc, response); - return response; -} - -String esp32FirewallApi::construct_json_firewall() -{ - firewall_rule_t *rule_ptr = this->head; - // Size for approx. 12 Rules - StaticJsonDocument<2048> doc; - String response; - doc["amount_of_rules"] = this->amount_of_rules; - JsonArray rules = doc.createNestedArray("rules"); - while (rule_ptr != NULL) - { - JsonObject rule = rules.createNestedObject(); - rule["key"] = rule_ptr->key; - rule["source"] = rule_ptr->source; - rule["destination"] = rule_ptr->destination; - rule["protocol"] = protocol_to_string(rule_ptr->protocol); - rule["target"] = target_to_string(rule_ptr->target); - rule_ptr = rule_ptr->next; - } - serializeJson(doc, response); - return response; -} \ No newline at end of file diff --git a/SourceCode/arduino/lib/Firewall/esp32FirewallAPI.hpp b/SourceCode/arduino/lib/Firewall/esp32FirewallAPI.hpp index 238ab57..86ebaf7 100644 --- a/SourceCode/arduino/lib/Firewall/esp32FirewallAPI.hpp +++ b/SourceCode/arduino/lib/Firewall/esp32FirewallAPI.hpp @@ -11,31 +11,34 @@ using namespace httpsserver; -class esp32FirewallApi : public esp32Firewall +namespace firewall { -private: - HTTPSServer *server; - SSLCert *certificate; + class esp32FirewallApi : public esp32Firewall + { + private: + HTTPSServer *server; + SSLCert *certificate; - void setup_certificate(); - void setup_routing(); - void get_firewall_rule_handler(HTTPRequest *, HTTPResponse *); - void get_firewall_rules_handler(HTTPRequest *, HTTPResponse *); - bool request_has_firewall_parameter(ResourceParameters *); - void post_firewall_handler(HTTPRequest *, HTTPResponse *); - void delete_firewall_handler(HTTPRequest *, HTTPResponse *); - void restart_device_handler(HTTPRequest *, HTTPResponse *); - void not_found_handler(HTTPRequest *, HTTPResponse *); + void setup_certificate(); + void setup_routing(); + void get_firewall_rule_handler(HTTPRequest *, HTTPResponse *); + void get_firewall_rules_handler(HTTPRequest *, HTTPResponse *); + bool request_has_firewall_parameter(ResourceParameters *); + void post_firewall_handler(HTTPRequest *, HTTPResponse *); + void delete_firewall_handler(HTTPRequest *, HTTPResponse *); + void restart_device_handler(HTTPRequest *, HTTPResponse *); + void not_found_handler(HTTPRequest *, HTTPResponse *); - void json_generic_response(HTTPResponse *, String, const uint16_t); - void json_message_response(HTTPResponse *, String, const uint16_t); - String construct_json_firewall_rule(firewall_rule_t *); - String construct_json_firewall(); + void json_generic_response(HTTPResponse *, String, const uint16_t); + void json_message_response(HTTPResponse *, String, const uint16_t); + String construct_json_firewall_rule(firewall_rule_t *); + String construct_json_firewall(); -public: - esp32FirewallApi(const uint16_t = 8080); - ~esp32FirewallApi(); - void handle_clients(); -}; + public: + esp32FirewallApi(const uint16_t = 8080); + ~esp32FirewallApi(); + void handle_clients(); + }; +} #endif diff --git a/SourceCode/arduino/src/main.cpp b/SourceCode/arduino/src/main.cpp index def7ff8..77707cd 100644 --- a/SourceCode/arduino/src/main.cpp +++ b/SourceCode/arduino/src/main.cpp @@ -1,10 +1,11 @@ #include "theSecrets.h" #include "WiFi.h" -#include "esp32Firewall.hpp" #include "esp32FirewallAPI.hpp" +#include "esp32Eeprom.hpp" -esp32FirewallApi *firewall_api; +firewall::esp32FirewallApi *firewall_api; +firewall::Storage *storage; void setup_wifi() { @@ -24,10 +25,11 @@ void setup_wifi() void setup() { setup_wifi(); - firewall_api = new esp32FirewallApi; + // firewall_api = new esp32FirewallApi; + storage = new firewall::Storage; } void loop() { - firewall_api->handle_clients(); + // firewall_api->handle_clients(); } \ No newline at end of file