public void EnableLeakProtection(string serverIp)
{
PermitOpenVpnServerAddress(serverIp);
if (LeakProtectionEnabled)
{
return;
}
try
{
_logger.Info("Firewall: Blocking internet");
var tapInterface = _networkInterfaces.Interface(_config.OpenVpn.TapAdapterDescription);
PermitPrivateNetwork(2);
PermitDhcp(4);
PermitTrafficFromNetworkInterface(tapInterface.Id, 4);
PermitFromApp(4);
PermitFromService(4);
PermitFromUpdateService(4);
BlockAllIpv4Network(1);
BlockAllIpv6Network(1);
BlockDns(3);
LeakProtectionEnabled = true;
_logger.Info("Firewall: Internet blocked");
}
catch (NetworkFilterException ex)
{
_logger.Error(ex);
}
}
private Guid?GetTapGuid()
{
var tapInterface = _networkInterfaces.Interface(_tapAdapterDescription);
var parseResult = Guid.TryParse(tapInterface.Id, out var guid);
if (!parseResult)
{
return(null);
}
return(guid);
}
private void AddDefaultGateway()
{
try
{
var localInterfaceIp = NetworkUtil.GetBestInterfaceIp(_tapAdapterId).ToString();
var tapInterface = _networkInterfaces.Interface(_tapAdapterDescription);
var parseResult = Guid.TryParse(tapInterface.Id, out var guid);
if (!parseResult)
{
return;
}
NetworkUtil.DeleteDefaultGatewayForIface(guid, localInterfaceIp);
NetworkUtil.AddDefaultGatewayForIface(guid, localInterfaceIp);
}
catch (NetworkUtilException e)
{
_logger.Error("Add default TAP gateway failed. Error code: " + e.Code);
}
}
public void EnableLeakProtection(FirewallParams firewallParams)
{
PermitOpenVpnServerAddress(firewallParams.ServerIp);
if (firewallParams.DnsLeakOnly == _lastParams.DnsLeakOnly && LeakProtectionEnabled)
{
return;
}
try
{
_logger.Info("Firewall: Blocking internet");
var tapInterface = _networkInterfaces.Interface(_config.OpenVpn.TapAdapterDescription);
EnableDnsLeakProtection(tapInterface.Id);
if (firewallParams.DnsLeakOnly)
{
DisableBaseProtection();
}
else
{
EnableBaseLeakProtection(tapInterface.Id);
}
LeakProtectionEnabled = true;
_logger.Info("Firewall: Internet blocked");
}
catch (NetworkFilterException ex)
{
_logger.Error(ex);
}
_lastParams = firewallParams;
}
