fix(firewall): remove blanket TCP allow for unpaid clientsfeature/tollgate-core-v2

The sandbox_mint_access=true default allowed ALL TCP forwarding from unpaid clients, completely bypassing the firewall. Fix: - Remove the blanket TCP allow when sandbox_mint_access is set - Only allow traffic to AP IP on specific ports (80, 2121, 4869, mining) - Allow ICMP to AP IP for diagnostics - Default sandbox_mint_access to false - Add port 4869 (local relay) to allowed sandbox ports Verified on Board B: unpaid clients blocked from internet, local services (portal, API, relay) still accessible.
author: Your Name <you@example.com> 2026-05-29 00:28:27 +0530
committer: Your Name <you@example.com> 2026-05-29 00:28:27 +0530
commit: 57bcd53b14e1f795aa94b079c463d41ba8c02e94 (patch)
tree: c7097430ecf961846c58931b897a63937f6cc1e1
parent: 5e603764266568084eaae9ec0e0b130e7f233402 (diff)
2 files changed, 6 insertions, 8 deletions
diff --git a/components/tollgate_core/src/tollgate_core_firewall.c b/components/tollgate_core/src/tollgate_core_firewall.c
index 4f12923..5dbdc7a 100644
--- a/components/tollgate_core/src/tollgate_core_firewall.c
+++ b/components/tollgate_core/src/tollgate_core_firewall.c
@@ -18,7 +18,6 @@
 static const char *TAG = "tg_core_fw";
 static esp_ip4_addr_t s_ap_ip;
 static uint16_t s_mining_port = 3333;
-static bool s_sandbox_mint_access = false;
 typedef struct {
    uint32_t ip;
@@ -81,7 +80,7 @@ void tollgate_core_fw_set_sandbox_ports(uint16_t mining_port)
 void tollgate_core_fw_set_sandbox_mint_access(bool enabled)
 {
-    s_sandbox_mint_access = enabled;
+    (void)enabled;
 }
 static bool is_sandbox_allowed(struct pbuf *p)
@@ -98,17 +97,16 @@ static bool is_sandbox_allowed(struct pbuf *p)
                struct tcp_hdr *tcphdr = (struct tcp_hdr *)((uint8_t *)p->payload + IP_HLEN);
                dst_port = lwip_ntohs(tcphdr->dest);
            }
-            if (dst_port == 80 || dst_port == 2121 || dst_port == s_mining_port) {
+            if (dst_port == 80 || dst_port == 2121 || dst_port == 4869 || dst_port == s_mining_port) {
                return true;
            }
        }
        if (iphdr->_proto == IP_PROTO_UDP) {
            return true;
        }
-    }
+        if (iphdr->_proto == 1) {
+            return true;
-    if (s_sandbox_mint_access && iphdr->_proto == IP_PROTO_TCP) {
+        }
-        return true;
    }
    return false;
diff --git a/main/config.c b/main/config.c
index 2edb6da..d2c40d6 100644
--- a/main/config.c
+++ b/main/config.c
@@ -45,7 +45,7 @@ esp_err_t tollgate_config_init(void)
    g_config.mining_payout_mode = MINING_PAYOUT_AUTO;
    g_config.stratum_port = 3333;
    g_config.mining_port = 3334;
-    g_config.mining_sandbox_mint_access = true;
+    g_config.mining_sandbox_mint_access = false;
    g_config.market_enabled = true;
    g_config.market_scan_interval_s = 30;
    g_config.client_auto_switch = false;
author	Your Name <you@example.com>	2026-05-29 00:28:27 +0530
committer	Your Name <you@example.com>	2026-05-29 00:28:27 +0530
commit	57bcd53b14e1f795aa94b079c463d41ba8c02e94 (patch)
tree	c7097430ecf961846c58931b897a63937f6cc1e1
parent	5e603764266568084eaae9ec0e0b130e7f233402 (diff)

diff --git a/components/tollgate_core/src/tollgate_core_firewall.c b/components/tollgate_core/src/tollgate_core_firewall.c index 4f12923..5dbdc7a 100644 --- a/components/tollgate_core/src/tollgate_core_firewall.c +++ b/components/tollgate_core/src/tollgate_core_firewall.c
@@ -18,7 +18,6 @@
18	static const char *TAG = "tg_core_fw";	18	static const char *TAG = "tg_core_fw";
19	static esp_ip4_addr_t s_ap_ip;	19	static esp_ip4_addr_t s_ap_ip;
20	static uint16_t s_mining_port = 3333;	20	static uint16_t s_mining_port = 3333;
21	static bool s_sandbox_mint_access = false;
22		21
23	typedef struct {	22	typedef struct {
24	uint32_t ip;	23	uint32_t ip;
@@ -81,7 +80,7 @@ void tollgate_core_fw_set_sandbox_ports(uint16_t mining_port)
81		80
82	void tollgate_core_fw_set_sandbox_mint_access(bool enabled)	81	void tollgate_core_fw_set_sandbox_mint_access(bool enabled)
83	{	82	{
84	s_sandbox_mint_access = enabled;	83	(void)enabled;
85	}	84	}
86		85
87	static bool is_sandbox_allowed(struct pbuf *p)	86	static bool is_sandbox_allowed(struct pbuf *p)
@@ -98,17 +97,16 @@ static bool is_sandbox_allowed(struct pbuf *p)
98	struct tcp_hdr tcphdr = (struct tcp_hdr )((uint8_t *)p->payload + IP_HLEN);	97	struct tcp_hdr tcphdr = (struct tcp_hdr )((uint8_t *)p->payload + IP_HLEN);
99	dst_port = lwip_ntohs(tcphdr->dest);	98	dst_port = lwip_ntohs(tcphdr->dest);
100	}	99	}
101	if (dst_port == 80 \|\| dst_port == 2121 \|\| dst_port == s_mining_port) {	100	if (dst_port == 80 \|\| dst_port == 2121 \|\| dst_port == 4869 \|\| dst_port == s_mining_port) {
102	return true;	101	return true;
103	}	102	}
104	}	103	}
105	if (iphdr->_proto == IP_PROTO_UDP) {	104	if (iphdr->_proto == IP_PROTO_UDP) {
106	return true;	105	return true;
107	}	106	}
108	}	107	if (iphdr->_proto == 1) {
109		108	return true;
110	if (s_sandbox_mint_access && iphdr->_proto == IP_PROTO_TCP) {	109	}
111	return true;
112	}	110	}
113		111
114	return false;	112	return false;


diff --git a/main/config.c b/main/config.c index 2edb6da..d2c40d6 100644 --- a/main/config.c +++ b/main/config.c
@@ -45,7 +45,7 @@ esp_err_t tollgate_config_init(void)
45	g_config.mining_payout_mode = MINING_PAYOUT_AUTO;	45	g_config.mining_payout_mode = MINING_PAYOUT_AUTO;
46	g_config.stratum_port = 3333;	46	g_config.stratum_port = 3333;
47	g_config.mining_port = 3334;	47	g_config.mining_port = 3334;
48	g_config.mining_sandbox_mint_access = true;	48	g_config.mining_sandbox_mint_access = false;
49	g_config.market_enabled = true;	49	g_config.market_enabled = true;
50	g_config.market_scan_interval_s = 30;	50	g_config.market_scan_interval_s = 30;
51	g_config.client_auto_switch = false;	51	g_config.client_auto_switch = false;