Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / connectivity / apmanager / refs/heads/int/n/fp2 / . / firewall_manager.cc
blob: 722af0581835a40182c69937788370aab787cebe [file] [log] [blame]
Peter Qiu326b6cf2015-09-02 11:11:42 -0700[diff] [blame]1//
2// Copyright (C) 2015 The Android Open Source Project
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8// http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15//
Peter Qiu1810c012015-02-05 14:35:41 -0800[diff] [blame]16
17#include "apmanager/firewall_manager.h"
18
19#include <base/bind.h>
Alex Vakulenko8d0c31b2015-10-13 09:14:24 -0700[diff] [blame]20#include <brillo/errors/error.h>
Peter Qiu1810c012015-02-05 14:35:41 -0800[diff] [blame]21
Peter Qiube128822015-10-13 13:55:03 -0700[diff] [blame]22#include "apmanager/control_interface.h"
Peter Qiu9b2ecc42015-09-17 14:37:22 -0700[diff] [blame]23
Peter Qiu1810c012015-02-05 14:35:41 -0800[diff] [blame]24using std::string;
25
26namespace apmanager {
27
28namespace {
Peter Qiu1810c012015-02-05 14:35:41 -0800[diff] [blame]29const uint16_t kDhcpServerPort = 67;
Peter Qiu1810c012015-02-05 14:35:41 -0800[diff] [blame]30} // namespace
31
Peter Qiu9b2ecc42015-09-17 14:37:22 -0700[diff] [blame]32FirewallManager::FirewallManager() {}
Peter Qiu1810c012015-02-05 14:35:41 -0800[diff] [blame]33
Peter Qiu9b2ecc42015-09-17 14:37:22 -0700[diff] [blame]34FirewallManager::~FirewallManager() {}
Peter Qiu1810c012015-02-05 14:35:41 -0800[diff] [blame]35
Peter Qiube128822015-10-13 13:55:03 -0700[diff] [blame]36void FirewallManager::Init(ControlInterface* control_interface) {
Peter Qiu9b2ecc42015-09-17 14:37:22 -0700[diff] [blame]37 CHECK(!firewall_proxy_) << "Already started";
Peter Qiube128822015-10-13 13:55:03 -0700[diff] [blame]38 firewall_proxy_ =
39 control_interface->CreateFirewallProxy(
Peter Qiu9b2ecc42015-09-17 14:37:22 -0700[diff] [blame]40 base::Bind(&FirewallManager::OnFirewallServiceAppeared,
41 weak_factory_.GetWeakPtr()),
42 base::Bind(&FirewallManager::OnFirewallServiceVanished,
Peter Qiube128822015-10-13 13:55:03 -0700[diff] [blame]43 weak_factory_.GetWeakPtr()));
Peter Qiu1810c012015-02-05 14:35:41 -0800[diff] [blame]44}
45
Peter Qiu943cf3a2015-02-24 10:59:17 -0800[diff] [blame]46void FirewallManager::RequestDHCPPortAccess(const std::string& interface) {
Peter Qiu9b2ecc42015-09-17 14:37:22 -0700[diff] [blame]47 CHECK(firewall_proxy_) << "Proxy not initialized yet";
Peter Qiu943cf3a2015-02-24 10:59:17 -0800[diff] [blame]48 if (dhcp_access_interfaces_.find(interface) !=
49 dhcp_access_interfaces_.end()) {
50 LOG(ERROR) << "DHCP access already requested for interface: " << interface;
51 return;
52 }
Peter Qiu9b2ecc42015-09-17 14:37:22 -0700[diff] [blame]53 firewall_proxy_->RequestUdpPortAccess(interface, kDhcpServerPort);
Peter Qiu943cf3a2015-02-24 10:59:17 -0800[diff] [blame]54 dhcp_access_interfaces_.insert(interface);
55}
56
57void FirewallManager::ReleaseDHCPPortAccess(const std::string& interface) {
Peter Qiu9b2ecc42015-09-17 14:37:22 -0700[diff] [blame]58 CHECK(firewall_proxy_) << "Proxy not initialized yet";
Peter Qiu943cf3a2015-02-24 10:59:17 -0800[diff] [blame]59 if (dhcp_access_interfaces_.find(interface) ==
60 dhcp_access_interfaces_.end()) {
61 LOG(ERROR) << "DHCP access has not been requested for interface: "
62 << interface;
63 return;
64 }
Peter Qiu9b2ecc42015-09-17 14:37:22 -0700[diff] [blame]65 firewall_proxy_->ReleaseUdpPortAccess(interface, kDhcpServerPort);
Peter Qiu943cf3a2015-02-24 10:59:17 -0800[diff] [blame]66 dhcp_access_interfaces_.erase(interface);
67}
68
Peter Qiu9b2ecc42015-09-17 14:37:22 -0700[diff] [blame]69void FirewallManager::OnFirewallServiceAppeared() {
70 LOG(INFO) << __func__;
Peter Qiu943cf3a2015-02-24 10:59:17 -0800[diff] [blame]71 RequestAllPortsAccess();
Peter Qiu1810c012015-02-05 14:35:41 -0800[diff] [blame]72}
73
Peter Qiu9b2ecc42015-09-17 14:37:22 -0700[diff] [blame]74void FirewallManager::OnFirewallServiceVanished() {
75 // Nothing need to be done.
76 LOG(INFO) << __func__;
Peter Qiu1810c012015-02-05 14:35:41 -0800[diff] [blame]77}
78
Peter Qiu943cf3a2015-02-24 10:59:17 -0800[diff] [blame]79void FirewallManager::RequestAllPortsAccess() {
80 // Request access to DHCP port for all specified interfaces.
81 for (const auto& dhcp_interface : dhcp_access_interfaces_) {
Peter Qiu9b2ecc42015-09-17 14:37:22 -0700[diff] [blame]82 firewall_proxy_->RequestUdpPortAccess(dhcp_interface, kDhcpServerPort);
Peter Qiu943cf3a2015-02-24 10:59:17 -0800[diff] [blame]83 }
Peter Qiu1810c012015-02-05 14:35:41 -0800[diff] [blame]84}
85
Peter Qiu1810c012015-02-05 14:35:41 -0800[diff] [blame]86} // namespace apmanager