mirror/bbfdm
1
0
Fork 0
mirror of https://dev.iopsys.eu/bbf/bbfdm.git synced 2026-03-02 23:53:49 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

firewall: add SourceAllInterfaces and DestAllInterfaces parameters

Browse source
This commit is contained in:
Sukru Senli 2020-07-28 10:39:25 +02:00 committed by Amin Ben Ramdhane
parent c113f8a8a0
commit 28bf165bfe
1 changed files with 88 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

88
dmtree/tr181/firewall.c
View file

@ -361,6 +361,14 @@ static int get_rule_source_interface(char *refparam, struct dmctx *ctx, void *da
return 0;
}
static int get_rule_source_all_interfaces(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
{
char *v;
dmuci_get_value_by_section_string((struct uci_section *)data, "src", &v);
*value = (*v == '*') ? "1" : "0";
return 0;
}
static int get_rule_dest_interface(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
{
struct uci_list *v = NULL;
@ -391,6 +399,14 @@ static int get_rule_dest_interface(char *refparam, struct dmctx *ctx, void *data
return 0;
}
static int get_rule_dest_all_interfaces(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
{
char *v;
dmuci_get_value_by_section_string((struct uci_section *)data, "dest", &v);
*value = (*v == '*') ? "1" : "0";
return 0;
}
/*#Device.Firewall.Chain.{i}.Rule.{i}.IPVersion!UCI:firewall/rule,@i-1/family*/
static int get_rule_i_p_version(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
{
@ -931,6 +947,41 @@ static int set_rule_source_interface(char *refparam, struct dmctx *ctx, void *da
return 0;
}
static int set_rule_source_all_interfaces(char *refparam, struct dmctx *ctx, void *data, char *instance, char *value, int action)
{
struct uci_section *dmmap_section = NULL;
char *src;
bool b;
switch (action) {
case VALUECHECK:
if (dm_validate_boolean(value))
return FAULT_9007;
break;
case VALUESET:
get_dmmap_section_of_config_section("dmmap_firewall", "rule", section_name((struct uci_section *)data), &dmmap_section);
string_to_bool(value, &b);
if (b) {
// Get the current 'src' option
dmuci_get_value_by_section_string((struct uci_section *)data, "src", &src);
// Save 'src' option in the associated dmmap rule section
dmuci_set_value_by_section(dmmap_section, "src", src);
// Set the current 'src' option
dmuci_set_value_by_section((struct uci_section *)data, "src", "*");
} else {
// Get 'src' option from the associated dmmap rule section
dmuci_get_value_by_section_string(dmmap_section, "src", &src);
// Set the current 'src' option
dmuci_set_value_by_section((struct uci_section *)data, "src", src);
}
break;
}
return 0;
}
static int set_rule_dest_interface(char *refparam, struct dmctx *ctx, void *data, char *instance, char *value, int action)
{
char *iface = NULL, *zone, *net;
@ -962,6 +1013,41 @@ static int set_rule_dest_interface(char *refparam, struct dmctx *ctx, void *data
}
break;
}
return 0;
}
static int set_rule_dest_all_interfaces(char *refparam, struct dmctx *ctx, void *data, char *instance, char *value, int action)
{
struct uci_section *dmmap_section = NULL;
char *dest;
bool b;
switch (action) {
case VALUECHECK:
if (dm_validate_boolean(value))
return FAULT_9007;
break;
case VALUESET:
get_dmmap_section_of_config_section("dmmap_firewall", "rule", section_name((struct uci_section *)data), &dmmap_section);
string_to_bool(value, &b);
if (b) {
// Get the current 'dest' option
dmuci_get_value_by_section_string((struct uci_section *)data, "dest", &dest);
// Save 'dest' option in the associated dmmap rule section
dmuci_set_value_by_section(dmmap_section, "dest", dest);
// Set the current 'dest' option
dmuci_set_value_by_section((struct uci_section *)data, "dest", "*");
} else {
// Get 'dest' option from the associated dmmap rule section
dmuci_get_value_by_section_string(dmmap_section, "dest", &dest);
// Set the current 'dest' option
dmuci_set_value_by_section((struct uci_section *)data, "dest", dest);
}
break;
}
return 0;
}
@ -1346,7 +1432,9 @@ DMLEAF tFirewallChainRuleParams[] = {
{"Target", &DMWRITE, DMT_STRING, get_rule_target, set_rule_target, BBFDM_BOTH},
//{"TargetChain", &DMWRITE, DMT_STRING, get_rule_target_chain, set_rule_target_chain, BBFDM_BOTH},
{"SourceInterface", &DMWRITE, DMT_STRING, get_rule_source_interface, set_rule_source_interface, BBFDM_BOTH},
{"SourceAllInterfaces", &DMWRITE, DMT_BOOL, get_rule_source_all_interfaces, set_rule_source_all_interfaces, BBFDM_BOTH},
{"DestInterface", &DMWRITE, DMT_STRING, get_rule_dest_interface, set_rule_dest_interface, BBFDM_BOTH},
{"DestAllInterfaces", &DMWRITE, DMT_BOOL, get_rule_dest_all_interfaces, set_rule_dest_all_interfaces, BBFDM_BOTH},
{"IPVersion", &DMWRITE, DMT_INT, get_rule_i_p_version, set_rule_i_p_version, BBFDM_BOTH},
{"DestIP", &DMWRITE, DMT_STRING, get_rule_dest_ip, set_rule_dest_ip, BBFDM_BOTH},
{"DestMask", &DMWRITE, DMT_STRING, get_rule_dest_mask, set_rule_dest_mask, BBFDM_BOTH},