Add firewall rule checking

firewall-rules/checkFirewall.c

@@ -0,0 +1,73 @@
+#include <stdlib.h>
+#include <stdio.h>
+#include "parser.c"
+
+#define TRUE 1
+#define FALSE 0
+
+int check_rules(struct Rule** rules, size_t num_rules, struct IP* ip, Port* port) {
+    for (size_t i = 0; i < num_rules; i += 1) {
+        struct Rule* r = rules[i];
+
+        int ip_matches = FALSE;
+        int port_matches = FALSE;
+
+        if ((r->ip.end != NULL && compare_ip(ip, &r->ip.start) > -1 && compare_ip(ip, r->ip.end) < 1) || compare_ip(ip, &r->ip.start) == 0) {
+            ip_matches = TRUE;
+        }
+
+        if ((r->port.end != NULL && akpa_numcmp(*port, r->port.start) > -1 && akpa_numcmp(*port, *r->port.end) < 1) || akpa_numcmp(*port, r->port.start) == 0) {
+            port_matches = TRUE;
+        }
+
+        if (ip_matches == TRUE && port_matches == TRUE) {
+            return TRUE;
+        }
+    }
+
+    return FALSE;
+}
+
+int main(int argc, char* argv[]) {
+    if (argc < 4) {
+        fprintf(stderr, "Usage: %s FILENAME IP_ADDR PORT\n", argv[0]);
+        return 1;
+    }
+
+    size_t num_parsed_rules;
+    struct Rule** parsed_rules = parse_file(argv[1], &num_parsed_rules);
+
+    if (parsed_rules == NULL) {
+        return 1;
+    }
+
+    struct IP* ip = (struct IP*) malloc(sizeof(struct IP));
+    if (parse_ip(argv[2], ip) == NULL) {
+        fprintf(stderr, "Failed to parse IP\n");
+        return 1;
+    }
+
+    Port* port = (Port*) malloc(sizeof(Port));
+    if (parse_port(argv[3], port) == NULL) {
+        fprintf(stderr, "Failed to parse port\n");
+        return 1;
+    }
+
+    printf("Packet from ");
+    print_ip(ip);
+    printf(" and port %d ", *port);
+    if (check_rules(parsed_rules, num_parsed_rules, ip, port)) {
+        printf("accepted\n");
+    } else {
+        printf("rejected\n");
+    }
+
+    for (int i = 0; i < num_parsed_rules; i += 1) {
+        free_rule(parsed_rules[i]);
+    }
+
+    free(ip);
+    free(port);
+
+    return 0;
+}