Beispiel #1
0
        /// <summary>
        /// Create linux firewall configuration snapshot
        /// </summary>
        /// <returns>List of firewall configuration snapshot event, the list should contain only one element</returns>
        protected override List <IEvent> GetEventsImpl()
        {
            var returnedEvents = new List <IEvent>();

            if (!_isIptablesExist)
            {
                SimpleLogger.Error($"{GetType().Name}: Could not collect iptables rules");
                return(returnedEvents);
            }

            string iptablesSaveOutput = _processUtil.ExecuteBashShellCommand(IpTablesSaveCommand) ?? string.Empty;

            string[] filterTable = GetIptablesTableSection(iptablesSaveOutput, FilterTableName) ?? new string[] {};

            var snapshot = IptablesChain.GetChainsFromTable(filterTable)
                           .SelectMany(ParseChainFromTable)
                           .ToArray();

            if (snapshot.Length == 0)
            {
                //If no rules defined on the machine, send default tables
                snapshot = GetDefaultTableRules();
            }

            returnedEvents.Add(new FirewallConfiguration(Priority, snapshot));
            return(returnedEvents);
        }
Beispiel #2
0
        /// <summary>
        /// Create linux firewall configuration snapshot
        /// </summary>
        /// <returns>List of firewall configuration snapshot event, the list should contain only one element</returns>
        protected override List <IEvent> GetEventsImpl()
        {
            var returnedEvents = new List <IEvent>();

            if (!_isIptablesExist)
            {
                SimpleLogger.Warning($"{GetType().Name}: Iptables does not exist on this device");
                returnedEvents.Add(new FirewallConfiguration(Priority));
                return(returnedEvents);
            }

            string iptablesSaveOutput = _processUtil.ExecuteBashShellCommand(IpTablesSaveCommand);

            if (string.IsNullOrEmpty(iptablesSaveOutput))
            {
                SimpleLogger.Warning(
                    $"{GetType().Name}: Can't get Iptables data, check permission or iptables is not configured on this machine");
                returnedEvents.Add(new FirewallConfiguration(Priority));
                return(returnedEvents);
            }

            string[] filterTable = GetIptablesTableSection(iptablesSaveOutput, FilterTableName);

            var snapshot = IptablesChain.GetChainsFromTable(filterTable ?? new string[] {})
                           .SelectMany(ParseChainFromTable)
                           .ToArray();

            returnedEvents.Add(new FirewallConfiguration(Priority, snapshot));
            return(returnedEvents);
        }