2nft consists of three parts. The user facing part is a Angular application. The Angular app communicates with a server running a small HTTP API. The couple of methods implemented are described in the API section.
If you are not familiar with JavaScript, the server component here is a
Node.js application. The server has three dependencies Express,
body-parser and nodeman. Express is the main framework used to
develop the server and body-parser basically extends it so that we can handle
incoming requests by parsing the .body. nodemon is just a local dependency
meant for local development. The exact versions are available in the
package.json.
The server consists of five GET and one POST methods.
- POST
/translate- runsiptables-translate <input>returns new rules and hash which can be used for downloading the file. - GET
/download/:hash- sends the file if it exists or redirects to/help. - GET
/version- returns iptables revision from git output. - GET
/app_version- returns version from package.json. - GET
/help- returnsiptables-translate --helpoutput. - GET
/werbinich- returnswhoamioutput.
As you might have guessed, the third part is forwarding all the rules to iptables-translate. The server uses a child process to execute commands with the POSTed values. Some input sanitizing is applied to prevent the user from abusing the system.