HS-Esslingen/esp-firewall
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Major cleanup, looking at it after break

Browse source
This commit is contained in:
Florian Hoss 2022-06-12 13:40:58 +02:00
parent 6461b71799
commit f757b06235
8 changed files with 55 additions and 203 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
ESPFirewall/lib/Firewall/library.json
View file

@ -1,11 +0,0 @@
{
"name": "firewall",
"license": "MIT",
"version": "0.0.1",
"frameworks": "arduino",
"platforms": ["espressif32"],
"dependencies": {
"bblanchon/ArduinoJson": "^6.19.4",
"external-repo": "https://github.com/fhessel/esp32_https_server/pull/91"
}
}

31
ESPFirewall/lib/Firewall/src/API.cpp
View file

@ -123,7 +123,7 @@ namespace fw
void API::get_endpoint_list_handler() void API::get_endpoint_list_handler()
{ {
this->json_generic_response(this->construct_json_api(), 200); this->json_array_response(this->construct_json_api(), 200);
} }
void API::get_firewall_rule_handler() void API::get_firewall_rule_handler()
@ -143,7 +143,7 @@ namespace fw
{ {
if (this->check_auth() == DENIED) if (this->check_auth() == DENIED)
return; return;
this->json_generic_response(this->construct_json_firewall(), 200); this->json_array_response(this->construct_json_firewall(), 200);
} }
void API::post_firewall_handler() void API::post_firewall_handler()
@ -158,7 +158,7 @@ namespace fw
args[i] = this->server->arg(firewall_fields[i]); args[i] = this->server->arg(firewall_fields[i]);
} }
firewall_rule_t *rule_ptr = firewall->add_rule_to_firewall(args); firewall_rule_t *rule_ptr = firewall->add_rule_to_firewall(args);
this->json_generic_response(this->construct_json_firewall_rule(rule_ptr), 200); this->json_generic_response(this->construct_json_firewall_rule(rule_ptr), 201);
} }
else else
{ {
@ -186,7 +186,7 @@ namespace fw
{ {
for (uint8_t i = 0; i < firewall_fields_amount; i++) for (uint8_t i = 0; i < firewall_fields_amount; i++)
{ {
if (!this->server->hasArg(firewall_fields[i])) if (i != KEY && !this->server->hasArg(firewall_fields[i]))
return false; return false;
} }
return true; return true;
@ -209,24 +209,26 @@ namespace fw
void API::json_generic_response(String serialized_string, const uint16_t response_code) void API::json_generic_response(String serialized_string, const uint16_t response_code)
{ {
this->server->send( this->server->send(response_code, json_response_type, serialized_string);
response_code, }
"application/json; charset=utf-8",
construct_json_begin(response_code) + "\"result\": [" + serialized_string + "]}"); void API::json_array_response(String serialized_string, const uint16_t response_code)
{
this->server->send(response_code, json_response_type, "[" + serialized_string + "]");
} }
void API::json_message_response(String message, const uint16_t response_code) void API::json_message_response(String message, const uint16_t response_code)
{ {
String serialized_string = construct_json_begin(response_code); String serialized_string = "{";
serialized_string += json_new_attribute("message", message, true); serialized_string += json_new_attribute("message", message, true);
serialized_string += "}"; serialized_string += "}";
this->server->send(response_code, "application/json; charset=utf-8", serialized_string); this->server->send(response_code, json_response_type, serialized_string);
} }
String API::construct_json_firewall_rule(firewall_rule_t *rule_ptr) String API::construct_json_firewall_rule(firewall_rule_t *rule_ptr)
{ {
String serialized_string = "{"; String serialized_string = "{";
serialized_string += json_new_attribute("key", rule_ptr->key); serialized_string += json_new_attribute(firewall_fields[KEY], rule_ptr->key);
serialized_string += json_new_attribute(firewall_fields[IP], rule_ptr->ip); serialized_string += json_new_attribute(firewall_fields[IP], rule_ptr->ip);
serialized_string += json_new_attribute(firewall_fields[PORT_FROM], rule_ptr->port_from); serialized_string += json_new_attribute(firewall_fields[PORT_FROM], rule_ptr->port_from);
serialized_string += json_new_attribute(firewall_fields[PORT_TO], rule_ptr->port_to); serialized_string += json_new_attribute(firewall_fields[PORT_TO], rule_ptr->port_to);
@ -273,11 +275,4 @@ namespace fw
} }
return serialized_string; return serialized_string;
} }
String API::construct_json_begin(const uint16_t response_code)
{
String serialized_string = "{";
serialized_string += json_new_attribute("status", response_code_to_string(response_code));
return serialized_string;
}
} }

3
ESPFirewall/lib/Firewall/src/API.hpp
View file

@ -32,6 +32,7 @@ namespace fw
api_endpoint_t *endpoint_head = NULL; api_endpoint_t *endpoint_head = NULL;
String api_ip = "0.0.0.0"; String api_ip = "0.0.0.0";
uint16_t api_port; uint16_t api_port;
String json_response_type = "application/json; charset=utf-8";
String get_url_base(); String get_url_base();
ok_t setup_auth(const char *username, const char *password); ok_t setup_auth(const char *username, const char *password);
@ -50,13 +51,13 @@ namespace fw
String json_new_attribute(String key, String value, bool last = false); String json_new_attribute(String key, String value, bool last = false);
String json_new_attribute(String key, uint32_t value, bool last = false); String json_new_attribute(String key, uint32_t value, bool last = false);
void json_generic_response(String serialized_string, const uint16_t response_code); void json_generic_response(String serialized_string, const uint16_t response_code);
void json_array_response(String serialized_string, const uint16_t response_code);
void json_message_response(String message, const uint16_t response_code); void json_message_response(String message, const uint16_t response_code);
String construct_json_firewall_rule(firewall_rule_t *rule_ptr); String construct_json_firewall_rule(firewall_rule_t *rule_ptr);
String construct_json_firewall(); String construct_json_firewall();
String construct_json_api_endpoint(api_endpoint_t *api_ptr); String construct_json_api_endpoint(api_endpoint_t *api_ptr);
String construct_json_api(); String construct_json_api();
String construct_json_begin(const uint16_t response_code);
}; };
} }

6
ESPFirewall/lib/Firewall/src/Firewall.cpp
View file

@ -4,7 +4,7 @@ namespace fw
{ {
Firewall::Firewall() Firewall::Firewall()
{ {
this->amount_of_rules = retrieve_settings_value("amount_of_rules"); this->amount_of_rules = retrieve_amount_of_rules();
for (uint8_t i = 1; i <= this->amount_of_rules; i++) for (uint8_t i = 1; i <= this->amount_of_rules; i++)
{ {
firewall_rule_t *rule_ptr = retrieve_firewall_rule(i); firewall_rule_t *rule_ptr = retrieve_firewall_rule(i);
@ -23,7 +23,7 @@ namespace fw
void Firewall::add_rule_to_firewall(firewall_rule_t *rule_ptr, const bool save_in_eeprom) void Firewall::add_rule_to_firewall(firewall_rule_t *rule_ptr, const bool save_in_eeprom)
{ {
store_settings_value("amount_of_rules", this->amount_of_rules); store_amount_of_rules(this->amount_of_rules);
if (save_in_eeprom) if (save_in_eeprom)
Storage::store_firewall_rule(rule_ptr); Storage::store_firewall_rule(rule_ptr);
if (this->rule_head == NULL) if (this->rule_head == NULL)
@ -104,7 +104,7 @@ namespace fw
} }
free(current_rule); free(current_rule);
this->amount_of_rules--; this->amount_of_rules--;
Storage::store_settings_value("amount_of_rules", this->amount_of_rules); Storage::store_amount_of_rules(this->amount_of_rules);
if (this->amount_of_rules != 0) if (this->amount_of_rules != 0)
Storage::store_all_firewall_rules(rule_head); Storage::store_all_firewall_rules(rule_head);
return SUCCESS; return SUCCESS;

87
ESPFirewall/lib/Firewall/src/Storage.cpp
View file

@ -4,25 +4,17 @@ namespace fw
{ {
Storage::Storage() Storage::Storage()
{ {
#ifdef ESP32 #if defined(ESP8266)
#elif defined(ESP8266) this->max_rules = 15;
this->setup_eeprom(); this->eeprom_amount_of_rules = 0;
this->eeprom_rules_head = 1;
this->eeprom_size = this->max_rules * sizeof(firewall_rule_t) + eeprom_rules_head;
EEPROM.begin(this->eeprom_size);
#endif #endif
} }
Storage::~Storage() Storage::~Storage()
{ {
#ifdef ESP32
#elif defined(ESP8266)
#endif
}
void Storage::setup_eeprom()
{
#ifdef ESP32
#elif defined(ESP8266)
EEPROM.begin(this->eeprom_size);
#endif
} }
uint16_t Storage::eeprom_rule_position(uint8_t key) uint16_t Storage::eeprom_rule_position(uint8_t key)
@ -30,49 +22,36 @@ namespace fw
#ifdef ESP32 #ifdef ESP32
return 0; return 0;
#elif defined(ESP8266) #elif defined(ESP8266)
uint8_t total_space_needed = sizeof(firewall_rule_t); return eeprom_rules_head + (key - 1) * sizeof(firewall_rule_t);
// key will be in range 1-255, but we need 1 less for multiplication to work
return eeprom_rules_head + (key - 1) * total_space_needed;
#endif #endif
} }
uint8_t Storage::retrieve_settings_value(const char *key) uint8_t Storage::retrieve_amount_of_rules()
{ {
#ifdef ESP32 #ifdef ESP32
uint8_t value;
this->memory.begin("settings", true); this->memory.begin("settings", true);
value = memory.getUChar(key, 0); const uint8_t value = memory.getUChar("amount_of_rules", 0);
this->memory.end(); this->memory.end();
return value; return value;
#elif defined(ESP8266) #elif defined(ESP8266)
if (strncmp(amount, key, sizeof(amount)) == 0) const uint8_t amount_of_rules = EEPROM.read(this->eeprom_amount_of_rules);
{
uint8_t security_number = EEPROM.read(this->eeprom_settings_head);
uint8_t amount_of_rules = EEPROM.read(this->eeprom_amout_of_rules_head);
if (amount_of_rules > 50 || security_number != this->security_number) if (amount_of_rules > this->max_rules)
return 0; return 0;
return amount_of_rules; return amount_of_rules;
}
return 0;
#endif #endif
} }
void Storage::store_settings_value(const char *key, const uint8_t new_amount) void Storage::store_amount_of_rules(const uint8_t new_amount)
{ {
#ifdef ESP32 #ifdef ESP32
this->memory.begin("settings", false); this->memory.begin("settings", false);
this->memory.putUChar(key, new_amount); this->memory.putUChar("amount_of_rules", new_amount);
this->memory.end(); this->memory.end();
#elif defined(ESP8266) #elif defined(ESP8266)
if (strncmp("amount_of_rules", key, 16) == 0) EEPROM.put(this->eeprom_amount_of_rules, new_amount);
{ EEPROM.commit();
EEPROM.write(this->eeprom_settings_head, this->security_number);
EEPROM.write(this->eeprom_amout_of_rules_head, new_amount);
EEPROM.commit();
}
#endif #endif
} }
@ -94,22 +73,12 @@ namespace fw
#elif defined(ESP8266) #elif defined(ESP8266)
uint16_t eespom_position = eeprom_rule_position(key); uint16_t eespom_position = eeprom_rule_position(key);
const char source[IPV4ADDRESS_LENGTH] = "";
EEPROM.get(eespom_position, source); EEPROM.get(eespom_position, rule_ptr->ip);
strncpy(rule_ptr->ip, source, sizeof(rule_ptr->ip)); EEPROM.get(eespom_position += sizeof(rule_ptr->ip), rule_ptr->port_from);
eespom_position += sizeof(rule_ptr->ip); EEPROM.get(eespom_position += sizeof(rule_ptr->port_from), rule_ptr->port_to);
EEPROM.get(eespom_position += sizeof(rule_ptr->port_to), rule_ptr->protocol);
rule_ptr->port_from = EEPROM.read(eespom_position); EEPROM.get(eespom_position += sizeof(rule_ptr->protocol), rule_ptr->target);
eespom_position += sizeof(rule_ptr->port_from);
rule_ptr->port_to = EEPROM.read(eespom_position);
eespom_position += sizeof(rule_ptr->port_to);
rule_ptr->protocol = static_cast<firewall_protocol_t>(EEPROM.read(eespom_position));
eespom_position += sizeof(rule_ptr->protocol);
rule_ptr->target = static_cast<firewall_target_t>(EEPROM.read(eespom_position));
#endif #endif
return rule_ptr; return rule_ptr;
} }
@ -144,14 +113,10 @@ namespace fw
uint16_t eespom_position = eeprom_rule_position(rule_ptr->key); uint16_t eespom_position = eeprom_rule_position(rule_ptr->key);
EEPROM.put(eespom_position, rule_ptr->ip); EEPROM.put(eespom_position, rule_ptr->ip);
eespom_position += sizeof(rule_ptr->ip); EEPROM.put(eespom_position += sizeof(rule_ptr->ip), rule_ptr->port_from);
EEPROM.put(eespom_position, rule_ptr->port_from); EEPROM.put(eespom_position += sizeof(rule_ptr->port_from), rule_ptr->port_to);
eespom_position += sizeof(rule_ptr->port_from); EEPROM.put(eespom_position += sizeof(rule_ptr->port_to), rule_ptr->protocol);
EEPROM.put(eespom_position, rule_ptr->port_to); EEPROM.put(eespom_position += sizeof(rule_ptr->protocol), rule_ptr->target);
eespom_position += sizeof(rule_ptr->port_to);
EEPROM.put(eespom_position, rule_ptr->protocol);
eespom_position += sizeof(rule_ptr->protocol);
EEPROM.put(eespom_position, rule_ptr->target);
EEPROM.commit(); EEPROM.commit();
#endif #endif

20
ESPFirewall/lib/Firewall/src/Storage.hpp
View file

@ -21,21 +21,17 @@ namespace fw
#ifdef ESP32 #ifdef ESP32
Preferences memory; Preferences memory;
#elif defined(ESP8266) #elif defined(ESP8266)
// Space for 15 Rules plus 10 byte for settings uint8_t max_rules;
const uint16_t eeprom_size = 15 * sizeof(firewall_rule_t) + 10; uint16_t eeprom_size;
// Ramdon security number to check if settings have been written by this uint16_t eeprom_amount_of_rules;
const uint8_t security_number = 93; uint16_t eeprom_rules_head;
const uint16_t eeprom_settings_head = 0;
const uint16_t eeprom_amout_of_rules_head = eeprom_settings_head + 1;
const uint16_t eeprom_rules_head = 10;
const char *amount = "amount_of_rules";
#endif
void setup_eeprom();
uint16_t eeprom_rule_position(uint8_t key); uint16_t eeprom_rule_position(uint8_t key);
#endif
protected: protected:
uint8_t retrieve_settings_value(const char *key); uint8_t retrieve_amount_of_rules();
void store_settings_value(const char *key, const uint8_t new_amount); void store_amount_of_rules(const uint8_t new_amount);
firewall_rule_t *retrieve_firewall_rule(const uint8_t key); firewall_rule_t *retrieve_firewall_rule(const uint8_t key);
void store_all_firewall_rules(firewall_rule_t *rule_head); void store_all_firewall_rules(firewall_rule_t *rule_head);
void store_firewall_rule(firewall_rule_t *rule_ptr); void store_firewall_rule(firewall_rule_t *rule_ptr);

89
ESPFirewall/lib/Firewall/src/Utils.cpp
View file

@ -48,95 +48,6 @@ namespace fw
return TARGET_ACCEPT; return TARGET_ACCEPT;
} }
String response_code_to_string(const uint16_t response_code)
{
switch (response_code)
{
case 100:
return F("Continue");
case 101:
return F("Switching Protocols");
case 200:
return F("OK");
case 201:
return F("Created");
case 202:
return F("Accepted");
case 203:
return F("Non-Authoritative Information");
case 204:
return F("No Content");
case 205:
return F("Reset Content");
case 206:
return F("Partial Content");
case 300:
return F("Multiple Choices");
case 301:
return F("Moved Permanently");
case 302:
return F("Found");
case 303:
return F("See Other");
case 304:
return F("Not Modified");
case 305:
return F("Use Proxy");
case 307:
return F("Temporary Redirect");
case 400:
return F("Bad Request");
case 401:
return F("Unauthorized");
case 402:
return F("Payment Required");
case 403:
return F("Forbidden");
case 404:
return F("Not Found");
case 405:
return F("Method Not Allowed");
case 406:
return F("Not Acceptable");
case 407:
return F("Proxy Authentication Required");
case 408:
return F("Request Time-out");
case 409:
return F("Conflict");
case 410:
return F("Gone");
case 411:
return F("Length Required");
case 412:
return F("Precondition Failed");
case 413:
return F("Request Entity Too Large");
case 414:
return F("Request-URI Too Large");
case 415:
return F("Unsupported Media Type");
case 416:
return F("Requested range not satisfiable");
case 417:
return F("Expectation Failed");
case 500:
return F("Internal Server Error");
case 501:
return F("Not Implemented");
case 502:
return F("Bad Gateway");
case 503:
return F("Service Unavailable");
case 504:
return F("Gateway Time-out");
case 505:
return F("HTTP Version not supported");
default:
return F("");
}
}
void endless_loop() void endless_loop()
{ {
Serial.printf("Something went wrong. Running endless loop until fixed..."); Serial.printf("Something went wrong. Running endless loop until fixed...");

11
ESPFirewall/lib/Firewall/src/Utils.hpp
View file

@ -45,16 +45,11 @@ namespace fw
struct firewall_rules *next; struct firewall_rules *next;
} firewall_rule_t; } firewall_rule_t;
static const uint8_t firewall_fields_amount = 5; static const uint8_t firewall_fields_amount = 6;
const char firewall_fields[firewall_fields_amount][10] = { const char firewall_fields[firewall_fields_amount][10] = {"key", "ip", "port_from", "port_to", "protocol", "target"};
"ip",
"port_from",
"port_to",
"protocol",
"target",
};
typedef enum firewall_fields : uint8_t typedef enum firewall_fields : uint8_t
{ {
KEY,
IP, IP,
PORT_FROM, PORT_FROM,
PORT_TO, PORT_TO,