#include "Firewall.hpp" namespace fw { Firewall::Firewall() { this->amount_of_rules = retrieve_settings_value("amount_of_rules"); for (uint8_t i = 1; i <= this->amount_of_rules; i++) { firewall_rule_t *rule_ptr = retrieve_firewall_rule(i); this->add_rule_to_firewall(rule_ptr, false); } } Firewall::~Firewall() { } firewall_rule_t *Firewall::get_rule_head() { return this->rule_head; } void Firewall::add_rule_to_firewall(firewall_rule_t *rule_ptr, const bool save_in_eeprom) { store_settings_value("amount_of_rules", this->amount_of_rules); if (save_in_eeprom) Storage::store_firewall_rule(rule_ptr); if (this->rule_head == NULL) { this->rule_head = rule_ptr; rule_ptr->next = NULL; return; } firewall_rule_t *current_rule; current_rule = this->rule_head; while (current_rule->next != NULL) current_rule = current_rule->next; current_rule->next = rule_ptr; rule_ptr->next = NULL; } firewall_rule_t *Firewall::add_rule_to_firewall(String source, String destination, String port_from, String port_to, String protocol, String target) { firewall_rule_t *rule_ptr = (firewall_rule_t *)malloc(sizeof(firewall_rule_t)); rule_ptr->key = ++this->amount_of_rules; strncpy(rule_ptr->source, source.c_str(), sizeof(rule_ptr->source)); strncpy(rule_ptr->destination, destination.c_str(), sizeof(rule_ptr->destination)); rule_ptr->port_from = port_from.toInt(); rule_ptr->port_to = port_to.toInt(); rule_ptr->protocol = string_to_protocol(protocol); rule_ptr->target = string_to_target(target); add_rule_to_firewall(rule_ptr); return rule_ptr; } firewall_rule_t *Firewall::get_rule_from_firewall(const uint8_t key) { firewall_rule_t *rule_ptr = this->rule_head; if (this->rule_head == NULL) return NULL; while (rule_ptr->key != key) { if (rule_ptr->next == NULL) return NULL; else rule_ptr = rule_ptr->next; } return rule_ptr; } ok_t Firewall::delete_rule_from_firewall(const uint8_t key) { if (this->rule_head == NULL) return NO_ACTION; firewall_rule_t *current_rule = this->rule_head; firewall_rule_t *previous_rule = NULL; firewall_rule_t *temp = NULL; while (current_rule->key != key) { if (current_rule->next == NULL) return NO_ACTION; else { previous_rule = current_rule; current_rule = current_rule->next; } } if (current_rule == this->rule_head) { this->rule_head = rule_head->next; temp = this->rule_head; } else { previous_rule->next = current_rule->next; temp = previous_rule->next; } while (temp != NULL) { temp->key--; temp = temp->next; } free(current_rule); this->amount_of_rules--; Storage::store_settings_value("amount_of_rules", this->amount_of_rules); if (this->amount_of_rules != 0) Storage::store_all_firewall_rules(rule_head); return SUCCESS; } bool Firewall::is_included_in_firewall(const char *ip, const uint16_t port) { firewall_rule_t *rule_ptr = this->rule_head; while (rule_ptr != NULL) { if (strncmp(ip, rule_ptr->source, IPV4ADDRESS_LENGTH) == 0) { if (rule_ptr->port_from <= port && port <= rule_ptr->port_to) return true; } rule_ptr = rule_ptr->next; } return false; } bool Firewall::is_client_allowed(WiFiClient client) { const char *ip = client.remoteIP().toString().c_str(); const uint16_t port = client.remotePort(); Serial.print(client.remoteIP()); Serial.print(":"); Serial.println(client.remotePort()); return !is_included_in_firewall(ip, port); } }