• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef SERVICES_EDM_PLUGIN_INCLUDE_IPTABLES_RULE_PLUGIN_H
17 #define SERVICES_EDM_PLUGIN_INCLUDE_IPTABLES_RULE_PLUGIN_H
18 
19 #include <message_parcel.h>
20 
21 #include "iplugin.h"
22 #include "iptables_utils.h"
23 
24 namespace OHOS {
25 namespace EDM {
26 class IptablesRulePlugin : public IPlugin {
27 public:
28     IptablesRulePlugin();
29     ErrCode OnHandlePolicy(std::uint32_t funcCode, MessageParcel &data, MessageParcel &reply, std::string &policyData,
30         bool &isChanged, int32_t userId) override;
31 
OnHandlePolicyDone(std::uint32_t funcCode,const std::string & adminName,bool isGlobalChanged,int32_t userId)32     void OnHandlePolicyDone(std::uint32_t funcCode, const std::string &adminName, bool isGlobalChanged,
33         int32_t userId) override{};
34 
OnAdminRemove(const std::string & adminName,const std::string & policyData,int32_t userId)35     ErrCode OnAdminRemove(const std::string &adminName, const std::string &policyData, int32_t userId) override
36     {
37         return ERR_OK;
38     };
39 
OnAdminRemoveDone(const std::string & adminName,const std::string & currentJsonData,int32_t userId)40     void OnAdminRemoveDone(const std::string &adminName, const std::string &currentJsonData, int32_t userId) override{};
41 
42     ErrCode OnGetPolicy(std::string &policyData, MessageParcel &data, MessageParcel &reply, int32_t userId) override;
43 
44 private:
45     void InitFirewallChain();
46     bool ConvertAddFilterToIptablesCommand(const IPTABLES::AddFilter &addFilter, std::string &Command);
47     ErrCode ExecRemoveFilterIptablesCommand(const IPTABLES::RemoveFilter &removeFilter);
48     ErrCode ExecRemoveFilterBySimpleCommand(const IPTABLES::Direction &direction);
49     ErrCode ExecRemoveFilterByDetailedCommand(const IPTABLES::RemoveFilter &removeFilter);
50     bool ConvertChainCommand(const IPTABLES::Action &action, const IPTABLES::Direction &direction,
51         std::string &Command);
52     void ConvertIpAddressCommand(const std::string &ipAddress, const bool isSourceIp, std::string &Command);
53     void ConvertPortCommand(const std::string &port, const bool isSourcePort, std::string &Command);
54     void ConvertProtocolCommand(const IPTABLES::Protocol &protocol, std::string &Command);
55     bool ConvertActionCommand(const IPTABLES::Action &action, std::string &Command);
56     void ConvertRuleNoCommand(const IPTABLES::AddMethod &method, uint32_t ruleNo, std::string &Command);
57     void ConvertUidCommand(const std::string &uid, std::string &Command);
58     ErrCode AddIptablesFilterRule(MessageParcel &data);
59     ErrCode RemoveIptablesFilterRule(MessageParcel &data);
60 
61     static bool isChainInit_;
62 };
63 } // namespace EDM
64 } // namespace OHOS
65 
66 #endif // SERVICES_EDM_PLUGIN_INCLUDE_IPTABLES_RULE_PLUGIN_H
67