/// <summary>
/// Create linux firewall configuration snapshot
/// </summary>
/// <returns>List of firewall configuration snapshot event, the list should contain only one element</returns>
protected override List <IEvent> GetEventsImpl()
{
var returnedEvents = new List <IEvent>();
if (!_isIptablesExist)
{
SimpleLogger.Error($"{GetType().Name}: Could not collect iptables rules");
return(returnedEvents);
}
string iptablesSaveOutput = _processUtil.ExecuteBashShellCommand(IpTablesSaveCommand) ?? string.Empty;
string[] filterTable = GetIptablesTableSection(iptablesSaveOutput, FilterTableName) ?? new string[] {};
var snapshot = IptablesChain.GetChainsFromTable(filterTable)
.SelectMany(ParseChainFromTable)
.ToArray();
if (snapshot.Length == 0)
{
//If no rules defined on the machine, send default tables
snapshot = GetDefaultTableRules();
}
returnedEvents.Add(new FirewallConfiguration(Priority, snapshot));
return(returnedEvents);
}
private static List <FirewallRulePayload> ParseChainFromTable(IptablesChain chain)
{
FirewallRulePayload.Directions?direction = null;
if (chain.Name == InputChain)
{
direction = FirewallRulePayload.Directions.In;
}
else if (chain.Name == OutputChain)
{
direction = FirewallRulePayload.Directions.Out;
}
return(chain.Rules.Select(rule => new FirewallRulePayload
{
Priority = rule.Priority,
ChainName = chain.Name,
Action = rule.TargetAction,
Direction = direction,
Enabled = true,
ExtraDetails = rule.Extras,
SourceAddress = GetConcatenatedValues(rule.RuleMatchConditions,
IptableRule.MatchConditions.SourceAddress, IptableRule.MatchConditions.SourceAddressRange),
SourcePort = GetConcatenatedValues(rule.RuleMatchConditions,
IptableRule.MatchConditions.SourcePort, IptableRule.MatchConditions.SourcePortRange),
Protocol = GetValueOrEmptyString(rule.RuleMatchConditions, IptableRule.MatchConditions.Protocol),
DestinationAddress = GetConcatenatedValues(rule.RuleMatchConditions,
IptableRule.MatchConditions.DestinationAddress, IptableRule.MatchConditions.DestinationAddressRange),
DestinationPort = GetConcatenatedValues(rule.RuleMatchConditions,
IptableRule.MatchConditions.DestinationPort, IptableRule.MatchConditions.DestinationPortRange)
}).ToList());
}
/// <summary>
/// Create linux firewall configuration snapshot
/// </summary>
/// <returns>List of firewall configuration snapshot event, the list should contain only one element</returns>
protected override List <IEvent> GetEventsImpl()
{
var returnedEvents = new List <IEvent>();
if (!_isIptablesExist)
{
SimpleLogger.Warning($"{GetType().Name}: Iptables does not exist on this device");
returnedEvents.Add(new FirewallConfiguration(Priority));
return(returnedEvents);
}
string iptablesSaveOutput = _processUtil.ExecuteBashShellCommand(IpTablesSaveCommand);
if (string.IsNullOrEmpty(iptablesSaveOutput))
{
SimpleLogger.Warning(
$"{GetType().Name}: Can't get Iptables data, check permission or iptables is not configured on this machine");
returnedEvents.Add(new FirewallConfiguration(Priority));
return(returnedEvents);
}
string[] filterTable = GetIptablesTableSection(iptablesSaveOutput, FilterTableName);
var snapshot = IptablesChain.GetChainsFromTable(filterTable ?? new string[] {})
.SelectMany(ParseChainFromTable)
.ToArray();
returnedEvents.Add(new FirewallConfiguration(Priority, snapshot));
return(returnedEvents);
}
