RuhNetConsulting
/
iptables-api
mirror of https://github.com/palner/iptables-api
1
0
Fork 0
Code Issues 0 Projects 0 Releases 5 Wiki Activity
Browse Source

go/iptables-api.go: add push/clean up methods 

* address issue #2
* clean up methods with a switch of r.Method
* add PUT method for push function

README.md: document push function (issue #2)

iptables-api/iptables-api-arm

* rebuild based on current iptables-api.go
test-string v0.1.0
Fred Posner 4 years ago
parent
46aa086db2
commit
780474acca
No known key found for this signature in database GPG Key ID: ABAD515F42AE1A40
4 changed files with 67 additions and 45 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +55
    -0
      README.md
  2. +12
    -45
      go/iptables-api.go
  3. BIN
      iptables-api
  4. BIN
      iptables-api-arm

+ 55
- 0
README.md View File

@ -149,6 +149,13 @@ Remove an IP from iptables. iptables or ip6tables will be chosen based on the IP
* **Auth**: None * **Auth**: None
* **RESPONSE**: 200/4xx/5xx * **RESPONSE**: 200/4xx/5xx
or
* **URL**: `/`
* **METHOD**: `DELETE`
* **Auth**: None
* **RESPONSE**: 200/4xx/5xx
#### Remove/Unblock Success Examples #### Remove/Unblock Success Examples
* GET `/removeip/1.2.3.4` * GET `/removeip/1.2.3.4`
@ -195,6 +202,54 @@ Remove an IP from iptables. iptables or ip6tables will be chosen based on the IP
{"error":"ipaddress is missing. "} {"error":"ipaddress is missing. "}
``` ```
### Push IP
Add an IP to the top of iptables. iptables or ip6tables will be chosen based on the IP.
* **URL**: `/puship/[ipaddress]`
* **METHOD**: `GET`
* **Auth**: None
* **RESPONSE**: 200/4xx/5xx
or
* **URL**: `/`
* **METHOD**: `PUT`
* **Auth**: None
* **RESPONSE**: 200/4xx/5xx
#### Push Success Examples
* GET `/puship/1.2.3.4`
* RESPONSE `200 OK`
```json
{"success":"added"}
```
* PUT `/` with `{"ipaddress":"1.2.3.4"}`
* RESPONSE `200 OK`
```json
{"success":"added"}
```
#### Push Error Examples
* GET `/puship/1.2.3`
* RESPONSE `400 Bad Request`
```json
{"error":"ip already exists"}
```
* GET `/puship/2001:db8:3333:4444:5555:6666:8888`
* RESPONSE `400 Bad Request`
```json
{"error":"only valid ip addresses supported"}
```
### Flush APIBANLOCAL chain ### Flush APIBANLOCAL chain
Flushes the iptables and ip6tables APIBANLOCAL chain. Flushes the iptables and ip6tables APIBANLOCAL chain.


+ 12
- 45
go/iptables-api.go View File

@ -76,8 +76,7 @@ func main() {
router.HandleFunc("/puship/{ipaddress}", pushIPAddress).Methods("GET") router.HandleFunc("/puship/{ipaddress}", pushIPAddress).Methods("GET")
router.HandleFunc("/removeip/{ipaddress}", removeIPAddress).Methods("GET") router.HandleFunc("/removeip/{ipaddress}", removeIPAddress).Methods("GET")
router.HandleFunc("/unblockip/{ipaddress}", removeIPAddress).Methods("GET") router.HandleFunc("/unblockip/{ipaddress}", removeIPAddress).Methods("GET")
router.HandleFunc("/", rAddIPAddress).Methods("POST")
router.HandleFunc("/", rRemoveIPAddress).Methods("DELETE")
router.HandleFunc("/", rHandleIPAddress).Methods("DELETE", "POST", "PUT")
http.ListenAndServe("0.0.0.0:"+APIport, router) http.ListenAndServe("0.0.0.0:"+APIport, router)
} }
@ -322,50 +321,18 @@ func flushChain(w http.ResponseWriter, r *http.Request) {
io.WriteString(w, "{\"result\":\""+flushResult+"\"}\n") io.WriteString(w, "{\"result\":\""+flushResult+"\"}\n")
} }
func rAddIPAddress(w http.ResponseWriter, r *http.Request) {
log.Println("processing rAddIPAddress")
// parse body
body, err := ioutil.ReadAll(r.Body)
if err != nil {
log.Println("bodyErr ", err.Error())
http.Error(w, "{\"error\":\"unable to read body\"}", http.StatusBadRequest)
return
func rHandleIPAddress(w http.ResponseWriter, r *http.Request) {
log.Println("processing rHandleIPAddress", r.Method)
var handleType string
switch r.Method {
case "DELETE":
handleType = "delete"
case "PUT":
handleType = "push"
case "POST":
handleType = "add"
} }
log.Println("body received ->", string(body))
keyVal := pgparse.ParseBody(body)
keyVal = pgparse.LowerKeys(keyVal)
log.Println("body (lowercase):", keyVal)
// check for required fields
requiredfields := []string{"ipaddress"}
_, err = pgparse.CheckFields(keyVal, requiredfields)
if err != nil {
log.Println("errors occured:", err)
http.Error(w, "{\"error\":\""+err.Error()+"\"}", http.StatusBadRequest)
return
}
ipType, err := checkIPAddressv4(keyVal["ipaddress"])
if err != nil {
log.Println(keyVal["ipaddress"], "is not a valid ip address")
http.Error(w, "{\"error\":\"only valid ip addresses supported\"}", http.StatusBadRequest)
return
}
status, err := iptableHandle(ipType, "add", keyVal["ipaddress"])
if err != nil {
http.Error(w, "{\"error\":\""+err.Error()+"\"}", http.StatusBadRequest)
} else {
io.WriteString(w, "{\"success\":\""+status+"\"}\n")
}
}
func rRemoveIPAddress(w http.ResponseWriter, r *http.Request) {
log.Println("processing rRemoveIPAddress")
// parse body // parse body
body, err := ioutil.ReadAll(r.Body) body, err := ioutil.ReadAll(r.Body)
if err != nil { if err != nil {
@ -396,7 +363,7 @@ func rRemoveIPAddress(w http.ResponseWriter, r *http.Request) {
return return
} }
status, err := iptableHandle(ipType, "delete", keyVal["ipaddress"])
status, err := iptableHandle(ipType, handleType, keyVal["ipaddress"])
if err != nil { if err != nil {
http.Error(w, "{\"error\":\""+err.Error()+"\"}", http.StatusBadRequest) http.Error(w, "{\"error\":\""+err.Error()+"\"}", http.StatusBadRequest)
} else { } else {


BIN
iptables-api View File


BIN
iptables-api-arm View File


Write Preview
Loading…
Cancel
Save