private void AddIpFilterButton_Click(object sender, EventArgs e) { IPTarget ipTarget; Enum.TryParse <IPTarget>(this.targetIpComboBox.SelectedValue.ToString(), out ipTarget); FilterOperators filterOperator; Enum.TryParse <FilterOperators>(this.operationComboBox.SelectedValue.ToString(), out filterOperator); string ipAddress = this.ipAddressTextBox.Text; IPFilter filter = new IPFilter(ipTarget, filterOperator, ipAddress.Trim(), FilterStatus.NotConfirmed); string errorMessage = string.Empty; if (filter.CheckFilter(out errorMessage)) { this._resultIpFilters.Add(filter); this.ipAddressTextBox.Text = string.Empty; } else { MessageBox.Show(errorMessage, "Warning", MessageBoxButtons.OK, MessageBoxIcon.Warning); } }
public void Init(HttpApplication application) { application.BeginRequest += (sender, e) => { var ip = Asp.ClientIP; // IP 黑名单过滤 if (IPFilter.IsBanned(ip)) { IO.Trace("BanIP : " + ip); Logger.Log("BanIP", ip); HttpContext.Current.Request.Abort(); return; } // 访问频率限制(10秒一个周期计算访问次数) if (SiteConfig.Instance.VisitDensity != null) { if (VisitCounter.IsHeavy(ip, "", 10, SiteConfig.Instance.VisitDensity.Value * 10)) { Logger.LogDb("OverFreqency"); IPFilter.Ban(ip, "访问过于频繁被禁", SiteConfig.Instance.BanMinutes); } } }; }
public static bool TryLoadFrom(Stream stream, out IPFilter filter) { if (TryReadHeader(stream)) { if (TryLoadNode(stream, out Node <string> root)) { filter = new IPFilter(root); return(true); } } filter = null; return(false); }
public void IPFilter_Default() { IPFilter filter; filter = new IPFilter(true); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("1.2.3.4"))); filter.Add(new IPFilterItem(false, IPAddress.Parse("4.3.2.1"))); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("1.2.3.4"))); Assert.IsFalse(filter.GrantAccess(IPAddress.Parse("4.3.2.1"))); filter = new IPFilter(false); Assert.IsFalse(filter.GrantAccess(IPAddress.Parse("1.2.3.4"))); filter.Add(new IPFilterItem(true, IPAddress.Parse("4.3.2.1"))); Assert.IsFalse(filter.GrantAccess(IPAddress.Parse("1.2.3.4"))); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("4.3.2.1"))); }
public void IPFilter_Basic() { IPFilter filter; filter = new IPFilter(false); filter.Add(new IPFilterItem(true, IPAddress.Parse("10.0.0.1"))); filter.Add(new IPFilterItem(true, IPAddress.Parse("10.0.0.2"))); filter.Add(new IPFilterItem(true, IPAddress.Parse("10.0.0.3"))); filter.Add(new IPFilterItem(true, IPAddress.Parse("168.172.1.1"))); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("10.0.0.1"))); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("10.0.0.2"))); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("10.0.0.3"))); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("168.172.1.1"))); Assert.IsFalse(filter.GrantAccess(IPAddress.Parse("11.0.0.1"))); Assert.IsFalse(filter.GrantAccess(IPAddress.Parse("12.0.0.2"))); }
public void IPFilter_Parse() { IPFilter filter; filter = IPFilter.Parse(@""); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("1.2.3.4"))); filter = IPFilter.Parse(@"default:grant"); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("1.2.3.4"))); filter = IPFilter.Parse(@"default:deny"); Assert.IsFalse(filter.GrantAccess(IPAddress.Parse("1.2.3.4"))); filter = IPFilter.Parse(" \t default\r\n: grant\r\n,"); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("1.2.3.4"))); filter = IPFilter.Parse(@" default:deny, 1.2.3.4:grant, 10.0.0.0/24:grant, "); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("1.2.3.4"))); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("10.0.0.0"))); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("10.0.0.128"))); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("10.0.0.255"))); Assert.IsFalse(filter.GrantAccess(IPAddress.Parse("4.3.2.1"))); Assert.IsFalse(filter.GrantAccess(IPAddress.Parse("10.0.1.0"))); Assert.IsFalse(filter.GrantAccess(IPAddress.Parse("9.255.255.255"))); filter = IPFilter.Parse(@" default:grant, 1.2.3.4:deny, 10.0.0.0/24:deny, "); Assert.IsFalse(filter.GrantAccess(IPAddress.Parse("1.2.3.4"))); Assert.IsFalse(filter.GrantAccess(IPAddress.Parse("10.0.0.0"))); Assert.IsFalse(filter.GrantAccess(IPAddress.Parse("10.0.0.128"))); Assert.IsFalse(filter.GrantAccess(IPAddress.Parse("10.0.0.255"))); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("4.3.2.1"))); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("10.0.1.0"))); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("9.255.255.255"))); }
public void IPFilter_Subnet() { IPFilter filter; filter = new IPFilter(false); filter.Add(new IPFilterItem(true, IPAddress.Parse("1.2.3.4"), 24)); filter.Add(new IPFilterItem(true, IPAddress.Parse("10.11.12.13"), 16)); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("1.2.3.4"))); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("1.2.3.0"))); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("1.2.3.255"))); Assert.IsFalse(filter.GrantAccess(IPAddress.Parse("1.2.4.0"))); Assert.IsFalse(filter.GrantAccess(IPAddress.Parse("1.2.1.255"))); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("10.11.12.13"))); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("10.11.255.13"))); Assert.IsTrue(filter.GrantAccess(IPAddress.Parse("10.11.0.13"))); Assert.IsFalse(filter.GrantAccess(IPAddress.Parse("10.12.0.0"))); Assert.IsFalse(filter.GrantAccess(IPAddress.Parse("10.10.255.255"))); }
public void Save(byte[] password) { Name = Name.Trim(); if (Name.Length == 0) { throw new ArgumentException("Nazwa komputera musi zawierać co najmniej 1 znak"); } if (Name.Length > 32) { throw new ArgumentException("Nazwa komputera musi być krótsza niż 32 znaki"); } GroupName = GroupName.Trim(); if (GroupName.Length == 0) { throw new ArgumentException("Nazwa grupy musi zawierać co najmniej 1 znak"); } if (GroupName.Length > 32) { throw new ArgumentException("Nazwa grupy musi być krótsza niż 32 znaki"); } if (password.Length < 5) { throw new ArgumentException("Hasło musi zawierać co najmniej 5 znaków"); } IPFilter = IPFilter.Trim(); if (IPFilter.Length == 0) // pominięcie tego pola spowoduje akcpetację wszystkich adresów IP { IPFilter = ".*"; } if (!RegexValidator.IsValidRegex(IPFilter)) { throw new ArgumentException("Akceptowane adresy IP muszą mieć postać wyrażenia regularnego"); } if (Servers == null || Servers.Count == 0) { throw new ArgumentException("Brak podanych serwerów"); } PasswordHash = CalculateSHA256(password, Encoding.UTF8.GetBytes(GroupName)); if (File.Exists(settingsFilePath)) { File.Delete(settingsFilePath); } XmlWriterSettings settings = new XmlWriterSettings(); settings.Indent = true; settings.IndentChars = "\t"; using (XmlWriter writer = XmlWriter.Create("settings.xml", settings)) { writer.WriteStartDocument(); writer.WriteStartElement("Settings"); writer.WriteElementString("Name", Name); writer.WriteElementString("GroupName", GroupName); writer.WriteElementString("Password", PasswordHash); writer.WriteElementString("AllowedIPsRegex", IPFilter); writer.WriteElementString("Startup", Startup.ToString()); writer.WriteEndElement(); writer.WriteEndDocument(); } File.WriteAllLines(serversListFilePath, GetServerStrings(Servers)); }
/// <summary> /// Constructor /// </summary> /// <param name="config">Configurar</param> public SocketListener(ClientSocketConfig config) { _Config = config; _IsServer = config is ListenSocketConfig; _IPFilter = _IsServer ? ((ListenSocketConfig)config).IPFilter : null; }
public static bool TryLoadFrom(string file_name, out IPFilter filter) { using (Stream stream = File.Open(file_name, FileMode.Open, FileAccess.Read, FileShare.ReadWrite)) { return(TryLoadFrom(stream, out filter)); } }
public void AddFilter(IPAddress mask, IPAddress ip) { IPFilter filter = new IPFilter(mask, ip); this.m_Filters.Add(filter); }
private void ReceiveCallback(IAsyncResult ar) { SSUSession session = null; try { EndPoint ep = RemoteEP; var size = MySocket.EndReceiveFrom(ar, ref ep); if (ep.AddressFamily != AddressFamily.InterNetwork && (!SessionLayer.RouterContext.Inst.UseIpV6 || ep.AddressFamily != AddressFamily.InterNetworkV6)) { return; // TODO: Add IPV6 } if (size <= 37) { Logging.LogDebugData($"SSU Recv: {size} bytes [0x{size:X}] from {ep} (hole punch, ignored)"); return; } var sessionendpoint = (IPEndPoint)ep; Logging.LogDebugData($"SSU Recv: {size} bytes [0x{size:X}] from {ep}"); lock ( Sessions ) { if (!Sessions.ContainsKey(sessionendpoint)) { if (IPFilter.IsFiltered(((IPEndPoint)ep).Address)) { Logging.LogTransport($"SSUHost ReceiveCallback: IPAddress {sessionendpoint} is blocked. {size} bytes."); return; } ++IncommingConnectionAttempts; Logging.LogTransport($"SSUHost: incoming connection " + $"from {sessionendpoint} created."); session = new SSUSession( this, Send, (IPEndPoint)ep, MyRouterContext); Sessions[sessionendpoint] = session; Logging.LogTransport($"SSUHost: incoming connection " + $"{session.DebugId} from {sessionendpoint} created."); NeedCpu(session); ConnectionCreated?.Invoke(session); } else { session = Sessions[sessionendpoint]; } } var localbuffer = BufRefLen.Clone(ReceiveBuf, 0, size); #if DEBUG Stopwatch Stopwatch1 = new Stopwatch(); Stopwatch1.Start(); #endif try { session.Receive(localbuffer); } catch (ThreadAbortException taex) { AddFailedSession(session); Logging.Log(taex); } catch (ThreadInterruptedException tiex) { AddFailedSession(session); Logging.Log(tiex); } catch (ChecksumFailureException cfex) { AddFailedSession(session); Logging.Log(cfex); } catch (SignatureCheckFailureException scex) { AddFailedSession(session); Logging.Log(scex); } catch (FailedToConnectException fcex) { AddFailedSession(session); #if LOG_MUCH_TRANSPORT Logging.LogTransport(fcex); #endif if (session != null) { NetDb.Inst.Statistics.FailedToConnect(session.RemoteRouterIdentity.IdentHash); session.RaiseException(fcex); } } #if DEBUG Stopwatch1.Stop(); if (Stopwatch1.ElapsedMilliseconds > SessionCallWarningLevelMilliseconds) { Logging.LogTransport( $"SSUHost ReceiveCallback: WARNING Session {session} used {Stopwatch1.ElapsedMilliseconds}ms cpu."); } #endif } catch (Exception ex) { AddFailedSession(session); Logging.Log(ex); if (session != null && session.RemoteRouterIdentity != null && NetDb.Inst != null) { NetDb.Inst.Statistics.DestinationInformationFaulty(session.RemoteRouterIdentity.IdentHash); session.RaiseException(ex); } } finally { RemoteEP = LocalEP; MySocket.BeginReceiveFrom(ReceiveBuf, 0, ReceiveBuf.Length, SocketFlags.None, ref RemoteEP, new AsyncCallback(ReceiveCallback), MySocket); } }
private void ReceiveCallback(IAsyncResult ar) { SSUSession session = null; try { EndPoint ep = RemoteEP; var size = MySocket.EndReceiveFrom(ar, ref ep); if (ep.AddressFamily != AddressFamily.InterNetwork) { return; // TODO: Add IPV6 } if (size <= 37) { #if LOG_ALL_TRANSPORT DebugUtils.Log(string.Format("SSU Recv: {0} bytes [0x{0:X}] from {1} (hole punch, ignored)", size, ep)); #endif return; } var key = (IPEndPoint)ep; #if LOG_ALL_TRANSPORT DebugUtils.Log(string.Format("SSU Recv: {0} bytes [0x{0:X}] from {1}", size, ep)); #endif lock ( Sessions ) { if (!Sessions.ContainsKey(key)) { if (IPFilter.IsFiltered(((IPEndPoint)ep).Address)) { DebugUtils.LogDebug(() => string.Format("SSUHost ReceiveCallback: IPAddress {0} is blocked. {1} bytes.", key, size)); return; } ++IncommingConnectionAttempts; session = new SSUSession(this, (IPEndPoint)ep, MTUProvider, MyRouterContext); Sessions[key] = session; DebugUtils.LogDebug("SSUHost: incoming connection " + session.DebugId + " from " + key.ToString() + " created."); NeedCpu(session); if (ConnectionCreated != null) { ConnectionCreated(session); } } else { session = Sessions[key]; } } var localbuffer = BufRefLen.Clone(ReceiveBuf, 0, size); #if DEBUG Stopwatch Stopwatch1 = new Stopwatch(); Stopwatch1.Start(); #endif try { session.Receive(localbuffer); } catch (ThreadAbortException taex) { AddFailedSession(session); DebugUtils.Log(taex); } catch (ThreadInterruptedException tiex) { AddFailedSession(session); DebugUtils.Log(tiex); } catch (ChecksumFailureException cfex) { AddFailedSession(session); DebugUtils.Log(cfex); } catch (SignatureCheckFailureException scex) { AddFailedSession(session); DebugUtils.Log(scex); } catch (FailedToConnectException fcex) { AddFailedSession(session); #if LOG_ALL_TRANSPORT DebugUtils.Log(fcex); #endif if (session != null) { NetDb.Inst.Statistics.FailedToConnect(session.RemoteRouterIdentity.IdentHash); session.RaiseException(fcex); } } #if DEBUG Stopwatch1.Stop(); if (Stopwatch1.ElapsedMilliseconds > SessionCallWarningLevelMilliseconds) { DebugUtils.LogDebug(() => string.Format("SSUHost ReceiveCallback: WARNING Session {0} used {1}ms cpu.", session, Stopwatch1.ElapsedMilliseconds)); } #endif } catch (Exception ex) { AddFailedSession(session); DebugUtils.Log(ex); if (session != null && session.RemoteRouterIdentity != null && NetDb.Inst != null) { NetDb.Inst.Statistics.DestinationInformationFaulty(session.RemoteRouterIdentity.IdentHash); session.RaiseException(ex); } } finally { RemoteEP = LocalEP; MySocket.BeginReceiveFrom(ReceiveBuf, 0, ReceiveBuf.Length, SocketFlags.None, ref RemoteEP, new AsyncCallback(ReceiveCallback), MySocket); } }