apache · duduita · Nov 7, 2022 · pkarashchenko · Nov 7, 2022 · pkarashchenko
diff --git a/netutils/iptlite/Kconfig b/netutils/iptlite/Kconfig
@@ -0,0 +1,36 @@
+#############################################################################
+#
+# netutils/iptlite/Kconfig
+# iptlite networking application
+#
+#############################################################################
+
+# For a description of the syntax of this configuration file,
+# see the file kconfig-language.txt in the NuttX tools repository.
+#
+
+config NETUTILS_IPTLITE
+	bool "iptlite packet filter"
+	default n
+	depends on NET_TCP
+	---help---
+		Enable the iptlite packet filter
+
+if NETUTILS_IPTLITE
+
+config NETUTILS_IPTLITE_PROGNAME
+	string "Program name"
+	default "iptlite"
+	---help---
+		This is the name of the program that will be used when the NSH ELF
+		program is installed.
+
+config NETUTILS_IPTLITE_PRIORITY
+	int "iptlite task priority"
+	default 100
+
+config NETUTILS_IPTLITE_STACKSIZE
+	int "iptlite stack size"
+	default DEFAULT_TASK_STACKSIZE
+
+endif
diff --git a/netutils/iptlite/Make.defs b/netutils/iptlite/Make.defs
@@ -0,0 +1,10 @@
+############################################################################
+#
+# netutils/iptlite/Make.defs
+# iptlite sample networking application
+#
+############################################################################
+
+ifneq ($(CONFIG_NETUTILS_IPTLITE),)
+CONFIGURED_APPS += $(APPDIR)/netutils/iptlite
+endif
diff --git a/netutils/iptlite/Makefile b/netutils/iptlite/Makefile
@@ -0,0 +1,18 @@
+############################################################################
+#
+# netutils/iptlite/Makefile
+# iptlite networking application
+#
+############################################################################
+
+include $(APPDIR)/Make.defs
+
+# built-in application info
+
+MODULE    = $(CONFIG_NETUTILS_IPTLITE)
+PROGNAME  = $(CONFIG_NETUTILS_IPTLITE_PROGNAME)
+PRIORITY  = $(CONFIG_NETUTILS_IPTLITE_PRIORITY)
+STACKSIZE = $(CONFIG_NETUTILS_IPTLITE_STACKSIZE)
+MAINSRC = iptlite_main.c
+
+include $(APPDIR)/Application.mk
diff --git a/netutils/iptlite/iptlite_main.c b/netutils/iptlite/iptlite_main.c
@@ -0,0 +1,94 @@
+/****************************************************************************
+ * apps/netutils/iptlite/iptlite_main.c
+ * iptlite networking application
+ ****************************************************************************/
+
+/****************************************************************************
+ * Included Files
+ ****************************************************************************/
+
+#include "../../../nuttx/net/devif/devif.h"
+#include <nuttx/config.h>
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <stdbool.h>
+
+/****************************************************************************
+ * Private Functions
+ ****************************************************************************/
+
+void listall_rules(void)
+{
+  int rules_counter = nflite_get_rules_counter();
+  char** table = nflite_listall();
-  char** table = nflite_listall();
+  FAR char** table = nflite_listall();
-  char** table = nflite_listall();
+  FAR char** table = nflite_listall();
+
+  printf("%3s %10s %16s %16s %9s %9s\n", \
+  "ID", "RULE", "SRC IPADDR", "DEST IPADDR", "SRC PORT", "DEST PORT");
+
+  for (int i = 0; i < rules_counter; i++)
+    {
+      for (int j = 0; j < RULE_INFO_MAX_SIZE; j++)
+        {
+          printf("%c", table[i][j]);
+        }
+
+      printf("\n");
+    }
+}
+
+void add_rule(int rule, char * srcip, char * destip, char * srcprt, \
+char * destprt)
-void add_rule(int rule, char * srcip, char * destip, char * srcprt, \
-char * destprt)
+void add_rule(int rule, FAR char *srcip, FAR char *destip, FAR char *srcprt, 
+              FAR char *destprt)
-void add_rule(int rule, char * srcip, char * destip, char * srcprt, \
-char * destprt)
+void add_rule(int rule, FAR char *srcip, FAR char *destip, FAR char *srcprt, 
+              FAR char *destprt)
+{
+  in_addr_t srcipaddr, destipaddr;
+  in_port_t srcport, destport;
-  in_addr_t srcipaddr, destipaddr;
-  in_port_t srcport, destport;
+  in_addr_t srcipaddr;
+  in_addr_t destipaddr;
+  in_port_t srcport;
+  in_port_t destport;
-  in_addr_t srcipaddr, destipaddr;
-  in_port_t srcport, destport;
+  in_addr_t srcipaddr;
+  in_addr_t destipaddr;
+  in_port_t srcport;
+  in_port_t destport;
+  bool rule_added;
+
+  inet_pton(AF_INET, srcip, &srcipaddr);
+  inet_pton(AF_INET, destip, &destipaddr);
+  srcport = htons(strtoul(srcprt, NULL, 10));
+  destport = htons(strtoul(destprt, NULL, 10));
+
+  rule_added = nflite_addrule(
+    rule, srcipaddr, destipaddr, srcport, destport);
+
+  printf("rule_added? %s\n", rule_added ? "true" : "false");
+}
+
+/****************************************************************************
+ * iptlite_main
+ ****************************************************************************/
+
+int main(int argc, FAR char *argv[])
+{
+  int rule;
+
+  if (argc < 2)
+    {
+      printf("Not enough arguments!\n");
+      return -1;
+    }
+
+  if (strcmp(argv[1], "DROP") == 0 && argc == 6)
+    {
+      rule = 0;
+      add_rule(rule, argv[2], argv[3], argv[4], argv[5]);
+    }
+  else if (strcmp(argv[1], "FLUSHALL") == 0 && argc == 2)
+    {
+      rule = 1;
+      nflite_flushall();
+    }
+  else if (strcmp(argv[1], "LISTALL") == 0 && argc == 2)
+    {
+      rule = 2;
+      listall_rules();
+    }
+  else
+    {
+      printf("Invalid command! Verify command pattern.\n");
+      return -1;
+    }
+
+  return 0;
+}