diff --git a/README.md b/README.md index d192612..9e34fe8 100644 --- a/README.md +++ b/README.md @@ -149,6 +149,13 @@ Remove an IP from iptables. iptables or ip6tables will be chosen based on the IP * **Auth**: None * **RESPONSE**: 200/4xx/5xx +or + +* **URL**: `/` +* **METHOD**: `DELETE` +* **Auth**: None +* **RESPONSE**: 200/4xx/5xx + #### Remove/Unblock Success Examples * GET `/removeip/1.2.3.4` @@ -195,6 +202,54 @@ Remove an IP from iptables. iptables or ip6tables will be chosen based on the IP {"error":"ipaddress is missing. "} ``` +### Push IP + +Add an IP to the top of iptables. iptables or ip6tables will be chosen based on the IP. + +* **URL**: `/puship/[ipaddress]` +* **METHOD**: `GET` +* **Auth**: None +* **RESPONSE**: 200/4xx/5xx + +or + +* **URL**: `/` +* **METHOD**: `PUT` +* **Auth**: None +* **RESPONSE**: 200/4xx/5xx + +#### Push Success Examples + +* GET `/puship/1.2.3.4` +* RESPONSE `200 OK` + +```json +{"success":"added"} +``` + +* PUT `/` with `{"ipaddress":"1.2.3.4"}` +* RESPONSE `200 OK` + +```json +{"success":"added"} +``` + +#### Push Error Examples + +* GET `/puship/1.2.3` +* RESPONSE `400 Bad Request` + +```json +{"error":"ip already exists"} +``` + +* GET `/puship/2001:db8:3333:4444:5555:6666:8888` +* RESPONSE `400 Bad Request` + +```json +{"error":"only valid ip addresses supported"} +``` + ### Flush APIBANLOCAL chain Flushes the iptables and ip6tables APIBANLOCAL chain. diff --git a/go/iptables-api.go b/go/iptables-api.go index 7958fdb..14d688a 100644 --- a/go/iptables-api.go +++ b/go/iptables-api.go @@ -76,8 +76,7 @@ func main() { router.HandleFunc("/puship/{ipaddress}", pushIPAddress).Methods("GET") router.HandleFunc("/removeip/{ipaddress}", removeIPAddress).Methods("GET") router.HandleFunc("/unblockip/{ipaddress}", removeIPAddress).Methods("GET") - router.HandleFunc("/", rAddIPAddress).Methods("POST") - router.HandleFunc("/", rRemoveIPAddress).Methods("DELETE") + router.HandleFunc("/", rHandleIPAddress).Methods("DELETE", "POST", "PUT") http.ListenAndServe("0.0.0.0:"+APIport, router) } @@ -322,50 +321,18 @@ func flushChain(w http.ResponseWriter, r *http.Request) { io.WriteString(w, "{\"result\":\""+flushResult+"\"}\n") } -func rAddIPAddress(w http.ResponseWriter, r *http.Request) { - log.Println("processing rAddIPAddress") - - // parse body - body, err := ioutil.ReadAll(r.Body) - if err != nil { - log.Println("bodyErr ", err.Error()) - http.Error(w, "{\"error\":\"unable to read body\"}", http.StatusBadRequest) - return +func rHandleIPAddress(w http.ResponseWriter, r *http.Request) { + log.Println("processing rHandleIPAddress", r.Method) + var handleType string + switch r.Method { + case "DELETE": + handleType = "delete" + case "PUT": + handleType = "push" + case "POST": + handleType = "add" } - log.Println("body received ->", string(body)) - keyVal := pgparse.ParseBody(body) - keyVal = pgparse.LowerKeys(keyVal) - log.Println("body (lowercase):", keyVal) - - // check for required fields - requiredfields := []string{"ipaddress"} - _, err = pgparse.CheckFields(keyVal, requiredfields) - - if err != nil { - log.Println("errors occured:", err) - http.Error(w, "{\"error\":\""+err.Error()+"\"}", http.StatusBadRequest) - return - } - - ipType, err := checkIPAddressv4(keyVal["ipaddress"]) - if err != nil { - log.Println(keyVal["ipaddress"], "is not a valid ip address") - http.Error(w, "{\"error\":\"only valid ip addresses supported\"}", http.StatusBadRequest) - return - } - - status, err := iptableHandle(ipType, "add", keyVal["ipaddress"]) - if err != nil { - http.Error(w, "{\"error\":\""+err.Error()+"\"}", http.StatusBadRequest) - } else { - io.WriteString(w, "{\"success\":\""+status+"\"}\n") - } -} - -func rRemoveIPAddress(w http.ResponseWriter, r *http.Request) { - log.Println("processing rRemoveIPAddress") - // parse body body, err := ioutil.ReadAll(r.Body) if err != nil { @@ -396,7 +363,7 @@ func rRemoveIPAddress(w http.ResponseWriter, r *http.Request) { return } - status, err := iptableHandle(ipType, "delete", keyVal["ipaddress"]) + status, err := iptableHandle(ipType, handleType, keyVal["ipaddress"]) if err != nil { http.Error(w, "{\"error\":\""+err.Error()+"\"}", http.StatusBadRequest) } else { diff --git a/iptables-api b/iptables-api index 22b6cd2..88da0e7 100755 Binary files a/iptables-api and b/iptables-api differ diff --git a/iptables-api-arm b/iptables-api-arm index 4f72bd2..8e9af59 100755 Binary files a/iptables-api-arm and b/iptables-api-arm differ