/***************************************************************************************
File:			firewall.c

Date:			7.10.2002

Version:		0.1

Author:			Jari Lahti (jari@violasystems.com)

Description:	This file implements simple IP filtering firewall

Version Info:	9.10.2002 - First version (Jari Lahti)

***************************************************************************************/

#include "opentcp.h"


UINT8 firewall_init = 0;


struct
{
	UINT32 	f_netmask;
	UINT32	f_netip;

} Firewall;



/********************************************************************************
Function:		init_firewall

Parameters:		UINT32 mask - netmask, that is used to strip out network part
				UINT32 allowip - IP address of allowed network

Return val:		INT8 - 	(>=0) OK
						(-1) Error

Date:			9.10.2002

Desc:			This function should be called before the Firewall application
				is used to set the operating parameters of it
*********************************************************************************/

INT8 init_firewall (UINT32 mask, UINT32 allowip)
{
	Firewall.f_netmask = mask;
	Firewall.f_netip = allowip;

	firewall_init = 1;

	return(1);

}

/********************************************************************************
Function:		firewall_check

Parameters:		UINT32 ip - IP address to be checked against rules

Return val:		UINT8 - (0) IP address not allowed
						(1) IP address allowed

Date:			9.10.2002

Desc:			Checks given IP against firewall rules
*********************************************************************************/

UINT8 firewall_check (UINT32 ip)
{
	UINT32 netpart_ip;
	UINT32 netpart_rule;

	if(firewall_init == 0)		/* Firewall not in use	*/
		return(1);

	/* Simple stupido detection	*/

	if(ip == 0)
		return(0);

	/* Get network parts	*/

	netpart_ip = ip & Firewall.f_netmask;
	netpart_rule = Firewall.f_netip & Firewall.f_netmask;

	/* Compare				*/

	if( netpart_rule == netpart_ip )
		return(1);

	/* Not OK	*/

	return(0);

}

/* EOF	*/