firewall_mngr: Add firewall_mngr package

2026-01-07 23:08:47 +08:00 · 2024-02-20 10:42:59 +05:30
7 changed files with 3041 additions and 0 deletions
--- a/firewall_mngr/Makefile
+++ b/firewall_mngr/Makefile
@@ -0,0 +1,51 @@
+#
+# Copyright (C) 2022-2024 IOPSYS Software Solutions AB
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=firewall_mngr
+PKG_VERSION:=1.0.0
+
+LOCAL_DEV:=1
+ifneq ($(LOCAL_DEV),1)
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/firewall_mngr.git
+PKG_SOURCE_VERSION:=4f429e25c6e7a69c5171186731bc560befa5a660
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
+PKG_MIRROR_HASH:=skip
+endif
+
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=LICENSE
+
+include $(INCLUDE_DIR)/package.mk
+include ../bbfdm/bbfdm.mk
+
+MAKE_PATH:=src
+
+define Package/firewall_mngr
+  SECTION:=utils
+  CATEGORY:=Utilities
+  SUBMENU:=TRx69
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +firewall
+  TITLE:=Package to add Device.Firewall data model support.
+endef
+
+define Package/firewall_mngr/description
+  Package to add Device.Firewall data model support.
+endef
+
+ifeq ($(LOCAL_DEV),1)
+define Build/Prepare
+	$(CP) -rf ./src/* $(PKG_BUILD_DIR)/
+endef
+endif
+
+define Package/firewall_mngr/install
+	$(INSTALL_DIR) $(1)/etc/firewall_mngr
+	$(CP) ./files/* $(1)/
+	$(CP) $(PKG_BUILD_DIR)/src/libfirewall_mngr.so $(1)/etc/firewall_mngr
+endef
+
+$(eval $(call BuildPackage,firewall_mngr))
--- a/firewall_mngr/files/etc/firewall_mngr/input.json
+++ b/firewall_mngr/files/etc/firewall_mngr/input.json
@@ -0,0 +1,15 @@
+{
+	"daemon": {
+		"input": {
+			"type": "DotSo",
+			"name": "/etc/firewall_mngr/libfirewall_mngr.so"
+		},
+		"output": {
+			"type": "UBUS",
+			"name": "bbfdm.firewall.",
+			"parent_dm": "Device.",
+			"object": "Firewall",
+			"root_obj": "bbfdm"
+		}
+	}
+}
--- a/firewall_mngr/files/etc/init.d/firewall_mngr
+++ b/firewall_mngr/files/etc/init.d/firewall_mngr
@@ -0,0 +1,13 @@
+#!/bin/sh /etc/rc.common
+
+START=61
+STOP=01
+
+. /etc/bbfdm/bbfdm_services.sh
+
+USE_PROCD=1
+FIREWALL_MNGR_JSON_INPUT="/etc/firewall_mngr/input.json"
+
+start_service() {
+	bbfdm_add_service "bbfdm.firewall_mngr" "${FIREWALL_MNGR_JSON_INPUT}"
+}
--- a/firewall_mngr/src/Makefile
+++ b/firewall_mngr/src/Makefile
@@ -0,0 +1,17 @@
+LIB = libfirewall_mngr.so
+
+LIB_OBJS = firewall_mngr.o
+
+PROG_CFLAGS = $(CFLAGS) -Wall -Werror -fPIC
+LIB_LDFLAGS = $(LDFLAGS)
+
+%.o: %.c
+	$(CC) $(PROG_CFLAGS) -c -o $@ $<
+
+all: $(LIB)
+
+$(LIB): $(LIB_OBJS)
+	$(CC) $(PROG_CFLAGS) -shared -o $@ $^ $(LIB_LDFLAGS)
+
+clean:
+	rm -f *.o $(LIB)
--- a/firewall_mngr/src/common.c
+++ b/firewall_mngr/src/common.c
@@ -0,0 +1,12 @@
+char *Config[] = {"High", "Low", "Off", "Advanced", "Policy", NULL};
+char *DefaultPolicy[] = {"Drop", "Accept", "Reject", NULL};
+char *TargetChain[] = {"Drop", "Accept", "Reject", "Chain", NULL};
+char *ReverseTargetChain[] = {"Drop", "Accept", "Reject", "Chain", NULL};
+char *Target[] = {"Drop", "Accept", "Reject", "Return", "TargetChain", NULL};
+char *ConnectionState[] = {"INVALID", "NEW", "RELATED", "ESTABLISHED", NULL};
+char *MACAddress[] = {"^$", "^([0-9A-Fa-f][0-9A-Fa-f]:){5}([0-9A-Fa-f][0-9A-Fa-f])$", NULL};
+char *MACAddress[] = {"^$", "^([0-9A-Fa-f][0-9A-Fa-f]:){5}([0-9A-Fa-f][0-9A-Fa-f])$", NULL};
+char *Origin[] = {"User", "System", "Controller", NULL};
+char *IPv4Address[] = {"^$", "^((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])$", NULL};
+char *IPv4Prefix[] = {"^$", "^/(3[0-2]|[012]?[0-9])$", "^((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])/(3[0-2]|[012]?[0-9])$", NULL};
+char *Action[] = {"Drop", "Accept", "Reject", NULL};
--- a/firewall_mngr/src/firewall_mngr.c
+++ b/firewall_mngr/src/firewall_mngr.c
--- a/firewall_mngr/src/firewall_mngr.h
+++ b/firewall_mngr/src/firewall_mngr.h
@@ -0,0 +1,26 @@
+/*
+ * Copyright (C) 2024 iopsys Software Solutions AB
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License version 2.1
+ * as published by the Free Software Foundation
+ *
+ *	Author: Husaam Mehdi <husaam.mehdi@iopsys.eu>
+ */
+
+#ifndef __FIREWALL_MNGR_H
+#define __FIREWALL_MNGR_H
+
+#include <libbbfdm-api/dmcommon.h>
+#include <libbbfdm_api.h>
+
+extern DMOBJ tFirewallObj[];
+extern DMLEAF tFirewallParams[];
+extern DMLEAF tFirewallLevelParams[];
+extern DMOBJ tFirewallChainObj[];
+extern DMLEAF tFirewallChainParams[];
+extern DMLEAF tFirewallChainRuleParams[];
+extern DMLEAF tFirewallDMZParams[];
+extern DMLEAF tFirewallServiceParams[];
+
+#endif //__FIREWALL_MNGR_H