/// <summary>
/// Creates a new port rule for Windows Firewall v1
/// </summary>
/// <param name="name">Name of the rule</param>
/// <param name="port">Port number of the rule</param>
/// <param name="profiles">The profiles that this rule belongs to</param>
/// <param name="typeResolver">The COM+ object resolver</param>
public FirewallLegacyPortRule(string name, ushort port, FirewallProfiles profiles, COMTypeResolver typeResolver)
{
TypeResolver = typeResolver;
if (profiles.HasFlag(FirewallProfiles.Public))
{
throw new FirewallLegacyNotSupportedException(
"Public profile is not supported when working with Windows Firewall Legacy."
);
}
UnderlyingObjects = new Dictionary <FirewallProfiles, INetFwOpenPort[]>();
foreach (var profile in Enum.GetValues(typeof(FirewallProfiles)).OfType <FirewallProfiles>())
{
if (profiles.HasFlag(profile))
{
UnderlyingObjects.Add(
profile,
new[] { typeResolver.CreateInstance <INetFwOpenPort>() }
);
}
}
if (UnderlyingObjects.Count == 0)
{
throw new ArgumentException("At least one profile is required.", nameof(profiles));
}
Name = name;
LocalPort = port;
IsEnable = true;
Scope = FirewallScope.All;
IsEnable = true;
}
/// <summary>
/// Creates a new port rule for Windows Firewall with Advanced Security
/// </summary>
/// <param name="name">Name of the rule</param>
/// <param name="port">Port number of the rule</param>
/// <param name="action">Action that this rule defines</param>
/// <param name="direction">Data direction in which this rule applies to</param>
/// <param name="profiles">The profile that this rule belongs to</param>
/// <param name="typeResolver">The COM+ object resolver</param>
// ReSharper disable once TooManyDependencies
public FirewallWASRuleWin8(
string name,
ushort port,
FirewallAction action,
FirewallDirection direction,
FirewallProfiles profiles,
COMTypeResolver typeResolver
) : base(name, port, action, direction, profiles, typeResolver)
{
}
/// <summary>
/// Creates a new application rule for Windows Firewall with Advanced Security
/// </summary>
/// <param name="name">Name of the rule</param>
/// <param name="filename">Address of the executable file</param>
/// <param name="action">Action that this rule defines</param>
/// <param name="direction">Data direction in which this rule applies to</param>
/// <param name="profiles">The profile that this rule belongs to</param>
/// <param name="typeResolver">The COM+ object resolver</param>
// ReSharper disable once TooManyDependencies
public FirewallWASRuleWin7(
string name,
string filename,
FirewallAction action,
FirewallDirection direction,
FirewallProfiles profiles,
COMTypeResolver typeResolver
) : base(name, filename, action, direction, profiles, typeResolver)
{
}
/// <summary>
/// Creates a new application rule for Windows Firewall with Advanced Security
/// </summary>
/// <param name="name">Name of the rule</param>
/// <param name="filename">Address of the executable file</param>
/// <param name="action">Action that this rule defines</param>
/// <param name="direction">Data direction in which this rule applies to</param>
/// <param name="profiles">The profile that this rule belongs to</param>
/// <param name="typeResolver">The COM+ object resolver</param>
// ReSharper disable once TooManyDependencies
public FirewallWASRule(
string name,
string filename,
FirewallAction action,
FirewallDirection direction,
FirewallProfiles profiles,
COMTypeResolver typeResolver
) : this(name, action, direction, profiles, typeResolver)
{
ApplicationName = filename;
}
/// <summary>
/// Creates a new port rule for Windows Firewall with Advanced Security
/// </summary>
/// <param name="name">Name of the rule</param>
/// <param name="port">Port number of the rule</param>
/// <param name="action">Action that this rule defines</param>
/// <param name="direction">Data direction in which this rule applies to</param>
/// <param name="profiles">The profile that this rule belongs to</param>
/// <param name="typeResolver">The COM+ object resolver</param>
// ReSharper disable once TooManyDependencies
public FirewallWASRule(
string name,
ushort port,
FirewallAction action,
FirewallDirection direction,
FirewallProfiles profiles,
COMTypeResolver typeResolver
) : this(name, action, direction, profiles, typeResolver)
{
Protocol = FirewallProtocol.TCP;
LocalPorts = new[] { port };
}
/// <summary>
/// Creates a new general rule for Windows Firewall with Advanced Security
/// </summary>
/// <param name="name">Name of the rule</param>
/// <param name="action">Action that this rule defines</param>
/// <param name="direction">Data direction in which this rule applies to</param>
/// <param name="profiles">The profile that this rule belongs to</param>
/// <param name="typeResolver">The COM+ object resolver</param>
// ReSharper disable once TooManyDependencies
public FirewallWASRule(
string name,
FirewallAction action,
FirewallDirection direction,
FirewallProfiles profiles,
COMTypeResolver typeResolver
) :
this(typeResolver.CreateInstance <INetFwRule>())
{
Name = name;
Action = action;
Direction = direction;
IsEnable = true;
Profiles = profiles;
}
internal FirewallLegacyPortRule(Dictionary <FirewallProfiles, INetFwOpenPort[]> openPorts, COMTypeResolver typeResolver)
{
TypeResolver = typeResolver;
UnderlyingObjects = openPorts;
}
private static void SetHttpSysFireWallInboundRule(string portNumberString)
{
try // Make sure that we still try and set the firewall rules even if we bomb out trying to get information on the firewall configuration
{
TL.LogMessage("QueryFireWall", string.Format("Firewall version: {0}", FirewallManager.Version.ToString())); // Log the firewall version in use
foreach (IFirewallProfile profile in FirewallManager.Instance.Profiles)
{
TL.LogMessage("QueryFireWall", string.Format("Found current firewall profile {0}, enabled: {1}", profile.Type.ToString(), profile.IsActive));
}
COMTypeResolver cOMTypeResolver = new COMTypeResolver();
IFirewallProductsCollection thirdPartyFirewalls = FirewallManager.GetRegisteredProducts(cOMTypeResolver);
TL.LogMessage("QueryFireWall", string.Format("number of third party firewalls: {0}", thirdPartyFirewalls.Count));
foreach (FirewallProduct firewall in thirdPartyFirewalls)
{
TL.LogMessage("QueryFireWall", $"Found third party firewall: {firewall.Name} - {firewall.FriendlyName}");
//foreach (IFirewallProfile profile in firewall.Profiles)
//{
// TL.LogMessage("QueryFireWall", string.Format("Found third party firewall profile {0}, enabled: {1}", profile.Type.ToString(), profile.IsActive));
//}
}
}
catch (Exception ex)
{
TL.LogMessageCrLf("QueryFireWall", "Exception: " + ex.ToString());
}
TL.BlankLine();
try
{
if ((new WindowsPrincipal(WindowsIdentity.GetCurrent())).IsInRole(WindowsBuiltInRole.Administrator)) // Application is being run with Administrator privilege so go ahead and set the firewall rules
{
TL.LogMessage("SetHttpSysFireWallRule", $"Supplied HTTP.SYS port: {portNumberString}");
if (ushort.TryParse(portNumberString, out ushort portNumber)) // Make sure the supplied port number is a valid value before processing it
{
// Clear up redundant firewall rules left over from previous versions (ASCOM Remote Server - Inbound and Outbound)
IEnumerable <IFirewallRule> queryRedundant = FirewallManager.Instance.Rules.Where(ruleName => ruleName.Name.ToUpperInvariant().StartsWith(REMOTE_SERVER_RULE_NAME_BASE.ToUpperInvariant()));
List <IFirewallRule> queryRedundantCopy = queryRedundant.ToList();
foreach (IFirewallRule existingRule in queryRedundantCopy)
{
TL.LogMessage("SetHttpSysFireWallRule", string.Format("Found redundant rule: {0}", existingRule.Name));
FirewallManager.Instance.Rules.Remove(existingRule); // Delete the rule
TL.LogMessage("SetHttpSysFireWallRule", string.Format("Deleted redundant rule: {0}", existingRule.Name));
}
// Check whether the specified file exists and if so delete it
IEnumerable <IFirewallRule> query = FirewallManager.Instance.Rules.Where(ruleName => ruleName.Name.ToUpperInvariant().Equals(HTTP_DOT_SYS_INBOUND_RULE_NAME.ToUpperInvariant()));
List <IFirewallRule> queryCopy = query.ToList();
foreach (IFirewallRule existingRule in queryCopy)
{
TL.LogMessage("SetHttpSysFireWallRule", string.Format("Found rule: {0}", existingRule.Name));
FirewallManager.Instance.Rules.Remove(existingRule); // Delete the rule
TL.LogMessage("SetHttpSysFireWallRule", string.Format("Deleted rule: {0}", existingRule.Name));
}
SetHttpRule(FirewallProfiles.Private, portNumber);
SetHttpRule(FirewallProfiles.Public, portNumber);
SetHttpRule(FirewallProfiles.Domain, portNumber);
}
else
{
TL.LogMessage("SetHttpSysFireWallRule", $"Supplied port number {portNumberString} is not valid so can't set permission for HTTP.SYS");
Console.WriteLine($"Supplied port number: \"{portNumberString}\" is not valid so can't set permission for HTTP.SYS");
}
}
else
{
TL.LogMessage("SetHttpSysFireWallRule", "Not running as Administrator so unable to set firewall rules.");
Console.WriteLine("Not running as Administrator so unable to set firewall rules.");
}
TL.BlankLine();
}
catch (Exception ex)
{
TL.LogMessageCrLf("SetHttpSysFireWallRule", "Exception: " + ex.ToString());
Console.WriteLine("SetHttpSysFireWallRule threw an exception: " + ex.Message);
}
}
private static void SetLocalServerFireWallOutboundRule(string applicationPath)
{
try // Make sure that we still try and set the firewall rules even if we bomb out trying to get information on the firewall configuration
{
TL.LogMessage("QueryFireWall", string.Format("Firewall version: {0}", FirewallManager.Version.ToString())); // Log the firewall version in use
foreach (IFirewallProfile profile in FirewallManager.Instance.Profiles)
{
TL.LogMessage("QueryFireWall", string.Format("Found current firewall profile {0}, enabled: {1}", profile.Type.ToString(), profile.IsActive));
}
COMTypeResolver cOMTypeResolver = new COMTypeResolver();
IFirewallProductsCollection thirdPartyFirewalls = FirewallManager.GetRegisteredProducts(cOMTypeResolver);
TL.LogMessage("QueryFireWall", string.Format("number of third party firewalls: {0}", thirdPartyFirewalls.Count));
foreach (FirewallProduct firewall in thirdPartyFirewalls)
{
TL.LogMessage("QueryFireWall", $"Found third party firewall: {firewall.Name} - {firewall.FriendlyName}");
//foreach (IFirewallProfile profile in firewall.)
//{
// TL.LogMessage("QueryFireWall", string.Format("Found third party firewall profile {0}, enabled: {1}", profile.Type.ToString(), profile.IsActive));
//}
}
}
catch (Exception ex)
{
TL.LogMessageCrLf("QueryFireWall", "Exception: " + ex.ToString());
}
TL.BlankLine();
try
{
if ((new WindowsPrincipal(WindowsIdentity.GetCurrent())).IsInRole(WindowsBuiltInRole.Administrator)) // Application is being run with Administrator privilege so go ahead and set the firewall rules
{
// Check whether the specified file exists
if (File.Exists(applicationPath)) // The file does exist so process it
{
string applicationPathFull = Path.GetFullPath(applicationPath);
TL.LogMessage("SetFireWallOutboundRule", string.Format("Supplied path: {0}, full path: {1}", applicationPath, applicationPathFull));
// Now clear up previous instances of this rule
IEnumerable <IFirewallRule> query = FirewallManager.Instance.Rules.Where(ruleName => ruleName.Name.ToUpperInvariant().StartsWith(LOCAL_SERVER_OUTBOUND_RULE_NAME.ToUpperInvariant()));
List <IFirewallRule> queryCopy = query.ToList();
foreach (IFirewallRule existingRule in queryCopy)
{
TL.LogMessage("SetFireWallOutboundRule", string.Format("Found rule: {0}", existingRule.Name));
FirewallManager.Instance.Rules.Remove(existingRule); // Delete the rule
TL.LogMessage("SetFireWallOutboundRule", string.Format("Deleted rule: {0}", existingRule.Name));
}
IFirewallRule rule = FirewallManager.Instance.CreateApplicationRule(FirewallManager.Instance.GetProfile(FirewallProfiles.Domain | FirewallProfiles.Private | FirewallProfiles.Public).Type, LOCAL_SERVER_OUTBOUND_RULE_NAME, FirewallAction.Allow, applicationPathFull);
rule.Direction = FirewallDirection.Outbound;
// Add the group name to the outbound rule
if (rule is FirewallWASRule) //Rules.StandardRule)
{
TL.LogMessage("SetHttpSysFireWallRule", "Firewall rule is a standard rule");
((FirewallWASRule)rule).Grouping = GROUP_NAME;
TL.LogMessage("SetHttpSysFireWallRule", $"Group name set to: {GROUP_NAME}");
}
else
{
TL.LogMessage("SetHttpSysFireWallRule", "Firewall rule is not a standard rule");
}
if (rule is FirewallWASRuleWin7)
{
TL.LogMessage("SetHttpSysFireWallRule", "Firewall rule is a WIN7 rule");
((FirewallWASRuleWin7)rule).Grouping = GROUP_NAME;
TL.LogMessage("SetHttpSysFireWallRule", $"Group name set to: {GROUP_NAME}");
}
else
{
TL.LogMessage("SetHttpSysFireWallRule", "Firewall rule is not a WIN7 rule");
}
if (rule is FirewallWASRuleWin8)
{
TL.LogMessage("SetHttpSysFireWallRule", "Firewall rule is a WIN8 rule");
((FirewallWASRuleWin8)rule).Grouping = GROUP_NAME;
TL.LogMessage("SetHttpSysFireWallRule", $"Group name set to: {GROUP_NAME}");
}
else
{
TL.LogMessage("SetHttpSysFireWallRule", "Firewall rule is not a WIN8 rule");
}
TL.LogMessage("SetFireWallOutboundRule", "Successfully created outbound rule");
FirewallManager.Instance.Rules.Add(rule);
TL.LogMessage("SetFireWallOutboundRule", string.Format("Successfully added outbound rule for {0}", applicationPathFull));
}
else
{
TL.LogMessage("SetFireWallOutboundRule", string.Format("The specified file does not exist: {0}", applicationPath));
Console.WriteLine("The specified file does not exist: {0}", applicationPath);
}
}
else
{
TL.LogMessage("SetFireWallOutboundRule", "Not running as Administrator so unable to set firewall rules.");
Console.WriteLine("Not running as Administrator so unable to set firewall rules.");
}
TL.BlankLine();
}
catch (Exception ex)
{
TL.LogMessageCrLf("SetFireWallOutboundRule", "Exception: " + ex.ToString());
Console.WriteLine("SetFireWallOutboundRule threw an exception: " + ex.Message);
}
}
