Adding Rules and Redirects

This commit is contained in:
Philippe Caseiro 2018-11-07 11:50:59 +01:00
parent a36ecb2f68
commit 3409ab1960
4 changed files with 336 additions and 0 deletions

92
uci_firewall_redirect.go Normal file
View File

@ -0,0 +1,92 @@
package owrt
import (
"fmt"
)
// UCIFirewallRedirect is the description of an Wireless interface (cf Openwrt doc) on top of an Wireless Device
type UCIFirewallRedirect struct {
Name string
Index int
Src string
Dest string
Target string
Proto string
SrcDIP string
SrcDPort string
DestIP string
DestPort string
}
// NewUCIFirewallRedirect builds a new UCIFirewallRedirect instance
func NewUCIFirewallRedirect() *UCIFirewallRedirect {
return &UCIFirewallRedirect{}
}
// Create add a new firewall rule in UCI Configuration
func (rd *UCIFirewallRedirect) Create(uci *UCI) *Action {
var confPrefix string
confPrefix = fmt.Sprintf("firewall.@redirect[%d]", rd.Index)
conf := make(map[string][]string)
conf["name"] = append(conf["name"], fmt.Sprintf("%s.name", confPrefix), rd.Name)
conf["src"] = append(conf["src"], fmt.Sprintf("%s.src", confPrefix), rd.Src)
conf["target"] = append(conf["target"], fmt.Sprintf("%s.target", confPrefix), rd.Target)
conf["proto"] = append(conf["proto"], fmt.Sprintf("%s.proto", confPrefix), rd.Proto)
conf["src_dip"] = append(conf["src_dip"], fmt.Sprintf("%s.src_dip", confPrefix), rd.SrcDIP)
conf["src_dport"] = append(conf["src_dport"], fmt.Sprintf("%s.src_dport", confPrefix), rd.SrcDPort)
conf["dest_ip"] = append(conf["dest_ip"], fmt.Sprintf("%s.dest_ip", confPrefix), rd.DestIP)
conf["dest_port"] = append(conf["dest_port"], fmt.Sprintf("%s.dest_port", confPrefix), rd.DestPort)
uci.Add("firewall", "redirect")
for _, value := range conf {
if value[1] != "" {
result := uci.Set(value[0], value[1])
if result.ReturnCode != 0 {
return result
}
}
}
return &Action{
CommandResult: &CommandResult{
Stdout: "",
Stderr: "",
ReturnCode: 0,
},
}
}
// Save commit and relaod configuration (writes it to files !)
func (rd *UCIFirewallRedirect) Save(uci *UCI) *Action {
commitRes := uci.Commit()
if commitRes.ReturnCode != 0 {
return commitRes
}
reload := uci.Reload()
return reload
}
// Delete remove wifi interface from UCI Configuration
func (rd *UCIFirewallRedirect) Delete(uci *UCI) *Action {
toDelete := fmt.Sprintf("firewall.@redirect[%d]", rd.Index)
del := uci.Delete(toDelete)
if del.ReturnCode != 0 {
return del
}
return uci.Commit()
}
// Update add a new entry for wifi interface in UCI Configuration
func (rd *UCIFirewallRedirect) Update(uci *UCI) *Action {
rd.Delete(uci)
create := rd.Create(uci)
if create.ReturnCode != 0 {
return create
}
return uci.Commit()
}

View File

@ -0,0 +1,83 @@
package owrt
import (
"testing"
)
const (
redirectName = "Test"
redirectIndex = -1
redirectSrc = "10.10.10.10/24"
redirectTarget = "ACCEPT"
redirectProto = "tcp"
redirectSrcDIP = "1.1.1.1"
redirectSrcDPort = "333"
redirectDestIP = "10.10.10.10"
redirectDestPort = "22"
)
func TestFWRedirectCreate(t *testing.T) {
exec := createMockExecutor("", "", 0)
uci := NewUCIWithExecutor(exec)
redirect := NewUCIFirewallRedirect()
redirect.Name = redirectName
redirect.Index = redirectIndex
redirect.Src = redirectSrc
redirect.Target = redirectTarget
redirect.Proto = redirectProto
redirect.SrcDIP = redirectSrcDIP
redirect.SrcDPort = redirectSrcDPort
redirect.DestIP = redirectDestIP
redirect.DestPort = redirectDestPort
if redirect.Create(uci).ReturnCode != 0 {
t.Fatalf("UCIFirewallRedirect.Create() failed !")
}
}
func TestFWRedirectUpdate(t *testing.T) {
exec := createMockExecutor("", "", 0)
uci := NewUCIWithExecutor(exec)
redirect := NewUCIFirewallRedirect()
redirect.Name = redirectName
redirect.Index = redirectIndex
redirect.Src = redirectSrc
redirect.Target = redirectTarget
redirect.Proto = redirectProto
redirect.SrcDIP = redirectSrcDIP
redirect.SrcDPort = redirectSrcDPort
redirect.DestIP = redirectDestIP
redirect.DestPort = redirectDestPort
if redirect.Create(uci).ReturnCode != 0 {
t.Fatalf("UCIFirewallRedirect.Create() failed !")
}
redirect.Name = "Tutu"
if redirect.Update(uci).ReturnCode != 0 {
t.Fatalf("UCIFirewallRedirect.Update() failed !")
}
}
func TestFWRedirectDelete(t *testing.T) {
exec := createMockExecutor("", "", 0)
uci := NewUCIWithExecutor(exec)
redirect := NewUCIFirewallRedirect()
redirect.Name = redirectName
redirect.Index = redirectIndex
redirect.Src = redirectSrc
redirect.Target = redirectTarget
redirect.Proto = redirectProto
redirect.SrcDIP = redirectSrcDIP
redirect.SrcDPort = redirectSrcDPort
redirect.DestIP = redirectDestIP
redirect.DestPort = redirectDestPort
if redirect.Delete(uci).ReturnCode != 0 {
t.Fatalf("UCIWirelessInterface.Delete() failed !")
}
}

86
uci_firewall_rules.go Normal file
View File

@ -0,0 +1,86 @@
package owrt
import (
"fmt"
)
// UCIFirewallRule is the description of an Wireless interface (cf Openwrt doc) on top of an Wireless Device
type UCIFirewallRule struct {
Name string
Index int
Src string
Target string
Proto string
DestPort string
SourcePort string
}
// NewUCIFirewallRule builds a new UCIFirewallRule instance
func NewUCIFirewallRule() *UCIFirewallRule {
return &UCIFirewallRule{}
}
// Create add a new firewall rule in UCI Configuration
func (fw *UCIFirewallRule) Create(uci *UCI) *Action {
var confPrefix string
confPrefix = fmt.Sprintf("firewall.@rule[%d]", fw.Index)
conf := make(map[string][]string)
conf["name"] = append(conf["network"], fmt.Sprintf("%s.name", confPrefix), fw.Name)
conf["src"] = append(conf["src"], fmt.Sprintf("%s.src", confPrefix), fw.Src)
conf["target"] = append(conf["target"], fmt.Sprintf("%s.target", confPrefix), fw.Target)
conf["proto"] = append(conf["proto"], fmt.Sprintf("%s.proto", confPrefix), fw.Proto)
conf["dest_port"] = append(conf["dest_port"], fmt.Sprintf("%s.dest_port", confPrefix), fw.DestPort)
conf["src_port"] = append(conf["src_port"], fmt.Sprintf("%s.src_port", confPrefix), fw.SourcePort)
uci.Add("firewall", "rule")
for _, value := range conf {
if value[1] != "" {
result := uci.Set(value[0], value[1])
if result.ReturnCode != 0 {
return result
}
}
}
return &Action{
CommandResult: &CommandResult{
Stdout: "",
Stderr: "",
ReturnCode: 0,
},
}
}
// Save commit and relaod configuration (writes it to files !)
func (fw *UCIFirewallRule) Save(uci *UCI) *Action {
commitRes := uci.Commit()
if commitRes.ReturnCode != 0 {
return commitRes
}
reload := uci.Reload()
return reload
}
// Delete remove wifi interface from UCI Configuration
func (fw *UCIFirewallRule) Delete(uci *UCI) *Action {
toDelete := fmt.Sprintf("firewall.@rule[%d]", fw.Index)
del := uci.Delete(toDelete)
if del.ReturnCode != 0 {
return del
}
return uci.Commit()
}
// Update add a new entry for wifi interface in UCI Configuration
func (fw *UCIFirewallRule) Update(uci *UCI) *Action {
fw.Delete(uci)
create := fw.Create(uci)
if create.ReturnCode != 0 {
return create
}
return uci.Commit()
}

View File

@ -0,0 +1,75 @@
package owrt
import (
"testing"
)
const (
ruleName = "Test"
ruleIndex = -1
ruleSrc = "10.10.10.10/24"
ruleTarget = "ACCEPT"
ruleProto = "tcp"
ruleDestPort = "80"
ruleSourcePort = "8080"
)
func TestFWRuleCreate(t *testing.T) {
exec := createMockExecutor("", "", 0)
uci := NewUCIWithExecutor(exec)
rule := NewUCIFirewallRule()
rule.Name = ruleName
rule.Index = ruleIndex
rule.Src = ruleSrc
rule.Target = ruleTarget
rule.Proto = ruleProto
rule.DestPort = ruleDestPort
rule.SourcePort = ruleSourcePort
if rule.Create(uci).ReturnCode != 0 {
t.Fatalf("UCIFirewallRule.Create() failed !")
}
}
func TestFWRuleUpdate(t *testing.T) {
exec := createMockExecutor("", "", 0)
uci := NewUCIWithExecutor(exec)
rule := NewUCIFirewallRule()
rule.Name = ruleName
rule.Index = ruleIndex
rule.Src = ruleSrc
rule.Target = ruleTarget
rule.Proto = ruleProto
rule.DestPort = ruleDestPort
rule.SourcePort = ruleSourcePort
if rule.Create(uci).ReturnCode != 0 {
t.Fatalf("UCIFirewallRule.Create() failed !")
}
rule.Name = "Tutu"
if rule.Update(uci).ReturnCode != 0 {
t.Fatalf("UCIFirewallRule.Update() failed !")
}
}
func TestFWRuleDelete(t *testing.T) {
exec := createMockExecutor("", "", 0)
uci := NewUCIWithExecutor(exec)
rule := NewUCIFirewallRule()
rule.Name = ruleName
rule.Index = ruleIndex
rule.Src = ruleSrc
rule.Target = ruleTarget
rule.Proto = ruleProto
rule.DestPort = ruleDestPort
rule.SourcePort = ruleSourcePort
if rule.Delete(uci).ReturnCode != 0 {
t.Fatalf("UCIWirelessInterface.Delete() failed !")
}
}