From edacebb3a6830c40bfbc879c10f91361d9b43072 Mon Sep 17 00:00:00 2001 From: Florian Hoss Date: Tue, 3 May 2022 21:00:56 +0200 Subject: [PATCH] real basic check --- ESPFirewall/lib/Firewall/src/Firewall.cpp | 24 ++++++++++++++--------- ESPFirewall/lib/Firewall/src/Firewall.hpp | 1 + 2 files changed, 16 insertions(+), 9 deletions(-) diff --git a/ESPFirewall/lib/Firewall/src/Firewall.cpp b/ESPFirewall/lib/Firewall/src/Firewall.cpp index 3d13968..b8c0536 100644 --- a/ESPFirewall/lib/Firewall/src/Firewall.cpp +++ b/ESPFirewall/lib/Firewall/src/Firewall.cpp @@ -35,9 +35,7 @@ namespace fw firewall_rule_t *current_rule; current_rule = this->rule_head; while (current_rule->next != NULL) - { current_rule = current_rule->next; - } current_rule->next = rule_ptr; rule_ptr->next = NULL; } @@ -62,19 +60,13 @@ namespace fw { firewall_rule_t *rule_ptr = this->rule_head; if (this->rule_head == NULL) - { return NULL; - } while (rule_ptr->key != key) { if (rule_ptr->next == NULL) - { return NULL; - } else - { rule_ptr = rule_ptr->next; - } } return rule_ptr; } @@ -119,12 +111,26 @@ namespace fw return SUCCESS; } + bool Firewall::is_included_in_firewall(const char *ip, const uint16_t port) + { + firewall_rule_t *rule_ptr = this->rule_head; + while (rule_ptr != NULL) + { + if (strncmp(ip, rule_ptr->source, IPV4ADDRESS_LENGTH) == 0) + { + if (rule_ptr->port_from <= port && port <= rule_ptr->port_to) + return true; + } + rule_ptr = rule_ptr->next; + } + return false; + } + bool Firewall::is_client_allowed(WiFiClient client) { const char *ip = client.remoteIP().toString().c_str(); const uint16_t port = client.remotePort(); - Serial.print("Client connected: "); Serial.print(client.remoteIP()); Serial.print(":"); Serial.println(client.remotePort()); diff --git a/ESPFirewall/lib/Firewall/src/Firewall.hpp b/ESPFirewall/lib/Firewall/src/Firewall.hpp index 2427838..59976f6 100644 --- a/ESPFirewall/lib/Firewall/src/Firewall.hpp +++ b/ESPFirewall/lib/Firewall/src/Firewall.hpp @@ -19,6 +19,7 @@ namespace fw firewall_rule_t *get_rule_from_firewall(const uint8_t key); ok_t delete_rule_from_firewall(const uint8_t key); + bool is_included_in_firewall(const char *ip, const uint16_t port); bool is_client_allowed(WiFiClient client); protected: