HS-Esslingen/esp-firewall
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
This repository has been archived on 2024-10-30. You can view files and clone it, but cannot push or open issues or pull requests.
esp-firewall/ESPFirewall/lib/Firewall/docs/api/api.tex
Florian Hoss 4f2608e34e More docu
2022-07-19 11:51:23 +02:00

70 lines
No EOL
2.1 KiB
TeX
Raw Blame History

\section{API} \label{api}
Managing the firewall rules can be done over a rest api. Available routes are following and can be retrieved by visiting the API (e.g. \verb|https://10.93.0.224:8080/api|) of the device.
\lstset{style=json}
\begin{lstlisting}
[
{
"endpoint": "https://10.93.0.224:8080/api/firewall/rules",
"description": "Get all Firewall Rules",
"method": "GET"
},
{
"endpoint": "https://10.93.0.224:8080/api/firewall/rules/<key>",
"description": "Get Firewall Rule by key",
"method": "GET"
},
{
"endpoint": "https://10.93.0.224:8080/api/firewall/rules",
"description": "Create Firewall Rule",
"method": "POST"
},
{
"endpoint": "https://10.93.0.224:8080/api/firewall/rules/<key>",
"description": "Delete Firewall Rule by key",
"method": "DELETE"
}
]
\end{lstlisting}
\subsection{Create firewall rule}
To create a firewall rule with a POST request, query parameter for each field are required:
\verb|?ip=10.93.0.211&port_from=22&port_to=80&protocol=TCP&target=REJECT|
The response will be the created rule with its parameter.
\lstset{style=json}
\begin{lstlisting}
{
"key": "1",
"ip": "10.93.0.211",
"port_from": "22",
"port_to": "80",
"protocol": "TCP",
"target": "REJECT"
}
\end{lstlisting}
Available protocols are \verb|TCP, UDP & ALL|
Available targets are \verb|REJECT, ACCEPT & DROP|
\newpage
\subsection{Authentication}
To authenticate the API uses basic auth. Communication is therefor encrypted to protect the process from eavesdropping. Setting the username and password is done via the constructor of the api class. To create the api class to setup the firewall rules a firewall class instance is needed.
\lstset{style=c++}
\begin{lstlisting}
#include "Firewall.hpp"
#include "API.hpp"
firewall = new fw::Firewall();
firewallApi = new fw::API(firewall, cert, key, username, password);
\end{lstlisting}
After this all endpoints shown in section \ref{api} will be protected.
Reference in a new issue View git blame Copy permalink