-
Notifications
You must be signed in to change notification settings - Fork 555
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add iptlite packet filter app #1399
base: master
Are you sure you want to change the base?
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
############################################################################# | ||
# | ||
# netutils/iptlite/Kconfig | ||
# iptlite networking application | ||
# | ||
############################################################################# | ||
|
||
# For a description of the syntax of this configuration file, | ||
# see the file kconfig-language.txt in the NuttX tools repository. | ||
# | ||
|
||
config NETUTILS_IPTLITE | ||
bool "iptlite packet filter" | ||
default n | ||
depends on NET_TCP | ||
---help--- | ||
Enable the iptlite packet filter | ||
|
||
if NETUTILS_IPTLITE | ||
|
||
config NETUTILS_IPTLITE_PROGNAME | ||
string "Program name" | ||
default "iptlite" | ||
---help--- | ||
This is the name of the program that will be used when the NSH ELF | ||
program is installed. | ||
|
||
config NETUTILS_IPTLITE_PRIORITY | ||
int "iptlite task priority" | ||
default 100 | ||
|
||
config NETUTILS_IPTLITE_STACKSIZE | ||
int "iptlite stack size" | ||
default DEFAULT_TASK_STACKSIZE | ||
|
||
endif |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
############################################################################ | ||
# | ||
# netutils/iptlite/Make.defs | ||
# iptlite sample networking application | ||
# | ||
############################################################################ | ||
|
||
ifneq ($(CONFIG_NETUTILS_IPTLITE),) | ||
CONFIGURED_APPS += $(APPDIR)/netutils/iptlite | ||
endif |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
############################################################################ | ||
# | ||
# netutils/iptlite/Makefile | ||
# iptlite networking application | ||
# | ||
############################################################################ | ||
|
||
include $(APPDIR)/Make.defs | ||
|
||
# built-in application info | ||
|
||
MODULE = $(CONFIG_NETUTILS_IPTLITE) | ||
PROGNAME = $(CONFIG_NETUTILS_IPTLITE_PROGNAME) | ||
PRIORITY = $(CONFIG_NETUTILS_IPTLITE_PRIORITY) | ||
STACKSIZE = $(CONFIG_NETUTILS_IPTLITE_STACKSIZE) | ||
MAINSRC = iptlite_main.c | ||
|
||
include $(APPDIR)/Application.mk |
Original file line number | Diff line number | Diff line change | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
@@ -0,0 +1,94 @@ | ||||||||||||||
/**************************************************************************** | ||||||||||||||
* apps/netutils/iptlite/iptlite_main.c | ||||||||||||||
* iptlite networking application | ||||||||||||||
****************************************************************************/ | ||||||||||||||
|
||||||||||||||
/**************************************************************************** | ||||||||||||||
* Included Files | ||||||||||||||
****************************************************************************/ | ||||||||||||||
|
||||||||||||||
#include "../../../nuttx/net/devif/devif.h" | ||||||||||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Can we somehow overcome this? |
||||||||||||||
#include <nuttx/config.h> | ||||||||||||||
|
||||||||||||||
#include <stdlib.h> | ||||||||||||||
#include <stdio.h> | ||||||||||||||
#include <stdbool.h> | ||||||||||||||
|
||||||||||||||
/**************************************************************************** | ||||||||||||||
* Private Functions | ||||||||||||||
****************************************************************************/ | ||||||||||||||
|
||||||||||||||
void listall_rules(void) | ||||||||||||||
{ | ||||||||||||||
int rules_counter = nflite_get_rules_counter(); | ||||||||||||||
char** table = nflite_listall(); | ||||||||||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Suggested change
|
||||||||||||||
|
||||||||||||||
printf("%3s %10s %16s %16s %9s %9s\n", \ | ||||||||||||||
"ID", "RULE", "SRC IPADDR", "DEST IPADDR", "SRC PORT", "DEST PORT"); | ||||||||||||||
|
||||||||||||||
for (int i = 0; i < rules_counter; i++) | ||||||||||||||
{ | ||||||||||||||
for (int j = 0; j < RULE_INFO_MAX_SIZE; j++) | ||||||||||||||
{ | ||||||||||||||
printf("%c", table[i][j]); | ||||||||||||||
} | ||||||||||||||
|
||||||||||||||
printf("\n"); | ||||||||||||||
} | ||||||||||||||
} | ||||||||||||||
|
||||||||||||||
void add_rule(int rule, char * srcip, char * destip, char * srcprt, \ | ||||||||||||||
char * destprt) | ||||||||||||||
Comment on lines
+40
to
+41
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Suggested change
|
||||||||||||||
{ | ||||||||||||||
in_addr_t srcipaddr, destipaddr; | ||||||||||||||
in_port_t srcport, destport; | ||||||||||||||
Comment on lines
+43
to
+44
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Suggested change
|
||||||||||||||
bool rule_added; | ||||||||||||||
|
||||||||||||||
inet_pton(AF_INET, srcip, &srcipaddr); | ||||||||||||||
inet_pton(AF_INET, destip, &destipaddr); | ||||||||||||||
srcport = htons(strtoul(srcprt, NULL, 10)); | ||||||||||||||
destport = htons(strtoul(destprt, NULL, 10)); | ||||||||||||||
|
||||||||||||||
rule_added = nflite_addrule( | ||||||||||||||
rule, srcipaddr, destipaddr, srcport, destport); | ||||||||||||||
|
||||||||||||||
printf("rule_added? %s\n", rule_added ? "true" : "false"); | ||||||||||||||
} | ||||||||||||||
|
||||||||||||||
/**************************************************************************** | ||||||||||||||
* iptlite_main | ||||||||||||||
****************************************************************************/ | ||||||||||||||
|
||||||||||||||
int main(int argc, FAR char *argv[]) | ||||||||||||||
{ | ||||||||||||||
int rule; | ||||||||||||||
|
||||||||||||||
if (argc < 2) | ||||||||||||||
{ | ||||||||||||||
printf("Not enough arguments!\n"); | ||||||||||||||
return -1; | ||||||||||||||
} | ||||||||||||||
|
||||||||||||||
if (strcmp(argv[1], "DROP") == 0 && argc == 6) | ||||||||||||||
{ | ||||||||||||||
rule = 0; | ||||||||||||||
add_rule(rule, argv[2], argv[3], argv[4], argv[5]); | ||||||||||||||
} | ||||||||||||||
else if (strcmp(argv[1], "FLUSHALL") == 0 && argc == 2) | ||||||||||||||
{ | ||||||||||||||
rule = 1; | ||||||||||||||
nflite_flushall(); | ||||||||||||||
} | ||||||||||||||
else if (strcmp(argv[1], "LISTALL") == 0 && argc == 2) | ||||||||||||||
{ | ||||||||||||||
rule = 2; | ||||||||||||||
listall_rules(); | ||||||||||||||
} | ||||||||||||||
else | ||||||||||||||
{ | ||||||||||||||
printf("Invalid command! Verify command pattern.\n"); | ||||||||||||||
return -1; | ||||||||||||||
} | ||||||||||||||
|
||||||||||||||
return 0; | ||||||||||||||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
license header is missing