public IEnumerable <string> EnumerateAllowedIPAddresses()
{
string tempFile = IPBanOS.GetTempFileName();
try
{
RunProcess("ipset", true, $"save > \"{tempFile}\"");
bool inAllow = true;
foreach (string line in File.ReadLines(tempFile))
{
string[] pieces = line.Split(' ');
if (pieces.Length > 1 && pieces[0].Equals("create", StringComparison.OrdinalIgnoreCase))
{
inAllow = (pieces[1].Equals(AllowRuleName));
}
else if (inAllow && pieces.Length > 2 && pieces[0] == "add")
{
yield return(pieces[2]);
}
}
}
finally
{
IPBanExtensionMethods.FileDeleteWithRetry(tempFile);
}
}
private void RemoveAllTablesAndSets()
{
if (!IsIPV4)
{
return;
}
try
{
string dir = AppDomain.CurrentDomain.BaseDirectory;
foreach (string setFile in Directory.GetFiles(dir, "*.set")
.Union(Directory.GetFiles(dir, "*.tbl")
.Union(Directory.GetFiles(dir, "*.set6"))
.Union(Directory.GetFiles(dir, "*.tbl6"))))
{
IPBanExtensionMethods.FileDeleteWithRetry(setFile);
}
RunProcess(IpTablesProcess, true, "-F");
RunProcess(ip6TablesProcess, true, "-F");
RunProcess("ipset", true, "destroy");
}
catch
{
}
}
public IEnumerable <IPAddressRange> EnumerateIPAddresses(string ruleNamePrefix = null)
{
string tempFile = IPBanOS.GetTempFileName();
try
{
string prefix = RulePrefix + (ruleNamePrefix ?? string.Empty);
RunProcess("ipset", true, $"save > \"{tempFile}\"");
bool inSet = false;
foreach (string line in File.ReadLines(tempFile))
{
string[] pieces = line.Split(' ');
if (pieces.Length > 1 && pieces[0].Equals("create", StringComparison.OrdinalIgnoreCase))
{
inSet = (pieces[1].StartsWith(prefix, StringComparison.OrdinalIgnoreCase));
}
else if (inSet && pieces.Length > 2 && pieces[0] == "add")
{
yield return(IPAddressRange.Parse(pieces[2]));
}
}
}
finally
{
IPBanExtensionMethods.FileDeleteWithRetry(tempFile);
}
}
/// <summary>
/// Update - if the text file path exists, all ip addresses from each line will be banned
/// </summary>
public async Task Update()
{
try
{
if (File.Exists(textFilePath))
{
string[] lines = (await File.ReadAllLinesAsync(textFilePath)).Where(l => IPAddress.TryParse(l, out _)).ToArray();
IPBanLog.Warn("Queueing {0} ip addresses to ban from {1} file", lines.Length, textFilePath);
List <IPAddressLogEvent> bans = new List <IPAddressLogEvent>();
foreach (string[] pieces in lines.Select(l => l.Split(',')))
{
if (pieces.Length < 1)
{
continue;
}
string ipAddress = pieces[0];
string source = (pieces.Length < 2 ? "Block" : pieces[1]);
bans.Add(new IPAddressLogEvent(ipAddress, string.Empty, source, 1, IPAddressEventType.Blocked));
}
service.AddIPAddressLogEvents(bans);
IPBanExtensionMethods.FileDeleteWithRetry(textFilePath);
}
}
catch (Exception ex)
{
IPBanLog.Error(ex);
}
}
/// <summary>
/// Dispose of all resources, does not delete the database file
/// </summary>
public void Dispose()
{
GC.Collect();
GC.WaitForPendingFinalizers();
if (autoDelete)
{
IPBanExtensionMethods.FileDeleteWithRetry(dbPath);
}
}
/// <summary>
/// Create a test IPBanService
/// </summary>
/// <param name="directory">Root directory</param>
/// <param name="configFileName">Config file name</param>
/// <param name="defaultBannedIPAddressHandlerUrl">Url for banned ip handling or null to not handle banned ip</param>
/// <param name="configFileModifier">Change config file (param are file text, returns new file text)</param>
/// <returns>Service</returns>
public static T CreateAndStartIPBanTestService <T>(string directory = null, string configFileName = null, string defaultBannedIPAddressHandlerUrl = null,
Func <string, string> configFileModifier = null) where T : IPBanService
{
DefaultHttpRequestMaker.DisableLiveRequests = true;
// cleanup any db, set or tbl files
foreach (string file in Directory.GetFiles(AppDomain.CurrentDomain.BaseDirectory, "*.set")
.Union(Directory.GetFiles(AppDomain.CurrentDomain.BaseDirectory, "*.tbl"))
.Union(Directory.GetFiles(AppDomain.CurrentDomain.BaseDirectory, "*.set6"))
.Union(Directory.GetFiles(AppDomain.CurrentDomain.BaseDirectory, "*.tbl6"))
.Union(Directory.GetFiles(AppDomain.CurrentDomain.BaseDirectory, "*.sqlite*"))
.Union(Directory.GetFiles(AppDomain.CurrentDomain.BaseDirectory, "*journal*")))
{
IPBanExtensionMethods.FileDeleteWithRetry(file, 1000);
}
if (string.IsNullOrWhiteSpace(directory))
{
directory = Path.GetDirectoryName(IPBanAssembly.Location);
}
if (string.IsNullOrWhiteSpace(configFileName))
{
configFileName = IPBanService.ConfigFileName;
}
string configFilePath = Path.Combine(directory, configFileName);
string configFileText = File.ReadAllText(configFilePath);
configFilePath += ".tmp";
if (configFileModifier != null)
{
configFileText = configFileModifier(configFileText);
}
IPBanExtensionMethods.FileWriteAllTextWithRetry(configFilePath, configFileText);
T service = IPBanService.CreateService <T>() as T;
service.ExternalIPAddressLookup = LocalMachineExternalIPAddressLookupTest.Instance;
service.ConfigFilePath = configFilePath;
service.MultiThreaded = false;
service.ManualCycle = true;
if (defaultBannedIPAddressHandlerUrl is null)
{
service.BannedIPAddressHandler = service;
}
else
{
service.BannedIPAddressHandler = new DefaultBannedIPAddressHandler {
BaseUrl = defaultBannedIPAddressHandlerUrl
};
}
service.Version = "1.1.1.1";
service.StartAsync().Sync();
service.DB.Truncate(true);
service.Firewall.Truncate();
return(service);
}
private void RunScript(string scriptFileName)
{
ProcessStartInfo info = new ProcessStartInfo
{
FileName = "netsh",
Arguments = "exec \"" + scriptFileName + "\"",
CreateNoWindow = true,
WindowStyle = ProcessWindowStyle.Hidden,
UseShellExecute = true
};
Process p = Process.Start(info);
p.WaitForExit();
IPBanExtensionMethods.FileDeleteWithRetry(scriptFileName);
}
/// <summary>
/// Update - if the text file path exists, all ip addresses from each line will be unbanned
/// </summary>
public async Task Update()
{
try
{
if (File.Exists(textFilePath))
{
string[] lines = (await File.ReadAllLinesAsync(textFilePath)).Where(l => IPAddress.TryParse(l, out _)).ToArray();
IPBanLog.Warn("Queueing {0} ip addresses to unban from {1} file", lines.Length, textFilePath);
UnblockIPAddresses(lines);
IPBanExtensionMethods.FileDeleteWithRetry(textFilePath);
}
}
catch (Exception ex)
{
IPBanLog.Error(ex);
}
}
// deleteRule will drop the rule and matching set before creating the rule and set, use this is you don't care to update the rule and set in place
protected bool UpdateRuleDelta(string ruleName, string action, IEnumerable <IPBanFirewallIPAddressDelta> deltas, string hashType,
int maxCount, bool deleteRule, IEnumerable <PortRange> allowPorts, CancellationToken cancelToken)
{
string ipFileTemp = IPBanOS.GetTempFileName();
try
{
// add and remove the appropriate ip addresses from the set
using (StreamWriter writer = File.CreateText(ipFileTemp))
{
if (cancelToken.IsCancellationRequested)
{
throw new OperationCanceledException(cancelToken);
}
writer.WriteLine($"create {ruleName} hash:{hashType} family {INetFamily} hashsize {hashSize} maxelem {maxCount} -exist");
foreach (IPBanFirewallIPAddressDelta delta in deltas)
{
if (cancelToken.IsCancellationRequested)
{
throw new OperationCanceledException(cancelToken);
}
if (IPAddressRange.TryParse(delta.IPAddress, out IPAddressRange range) &&
range.Begin.AddressFamily == addressFamily && range.End.AddressFamily == addressFamily)
{
try
{
if (delta.Added)
{
if (range.Begin.Equals(range.End))
{
writer.WriteLine($"add {ruleName} {range.Begin} -exist");
}
else
{
writer.WriteLine($"add {ruleName} {range.ToCidrString()} -exist");
}
}
else
{
if (range.Begin.Equals(range.End))
{
writer.WriteLine($"del {ruleName} {range.Begin} -exist");
}
else
{
writer.WriteLine($"del {ruleName} {range.ToCidrString()} -exist");
}
}
}
catch
{
// ignore invalid cidr ranges
}
}
}
}
if (cancelToken.IsCancellationRequested)
{
throw new OperationCanceledException(cancelToken);
}
else
{
// restore the deltas into the existing set
bool result = (RunProcess("ipset", true, $"restore < \"{ipFileTemp}\"") == 0);
CreateOrUpdateRule(ruleName, action, hashType, maxCount, allowPorts, cancelToken);
return(result);
}
}
finally
{
IPBanExtensionMethods.FileDeleteWithRetry(ipFileTemp);
}
}
static IPBanOS()
{
try
{
tempFolder = Path.GetTempPath();
if (string.IsNullOrWhiteSpace(tempFolder))
{
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
tempFolder = "c:\\temp";
}
else
{
tempFolder = "/tmp";
}
}
Directory.CreateDirectory(tempFolder);
// start off with built in version info, this is not as detailed or nice as we like,
// so we try some other ways to get more detailed information
Version = Environment.OSVersion.VersionString;
Description = RuntimeInformation.OSDescription;
// attempt to get detailed version info
if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux))
{
isLinux = true;
string tempFile = IPBanOS.GetTempFileName();
Process.Start("/bin/bash", "-c \"cat /etc/*release* > " + tempFile + "\"").WaitForExit();
System.Threading.Tasks.Task.Delay(100); // wait a small bit for file to really be closed
string versionText = File.ReadAllText(tempFile).Trim();
IPBanExtensionMethods.FileDeleteWithRetry(tempFile);
if (string.IsNullOrWhiteSpace(versionText))
{
IPBanLog.Error(new IOException("Unable to load os version from /etc/*release* ..."));
}
else
{
Name = IPBanOS.Linux;
FriendlyName = ExtractRegex(versionText, "^(Id|Distrib_Id)=(?<value>.*?)$", string.Empty);
if (FriendlyName.Length != 0)
{
string codeName = ExtractRegex(versionText, "^(Name|Distrib_CodeName)=(?<value>.+)$", string.Empty);
if (codeName.Length != 0)
{
FriendlyName += " - " + codeName;
}
Version = ExtractRegex(versionText, "^Version_Id=(?<value>.+)$", Version);
}
}
}
else if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
isWindows = true;
processVerb = "runas";
Name = IPBanOS.Windows;
string tempFile = IPBanOS.GetTempFileName();
// .net core WMI has a strange bug where WMI will not initialize on some systems
// since this is the only place where WMI is used, we can just work-around it
// with the wmic executable, which exists (as of 2018) on all supported Windows.
StartProcessAndWait("cmd", "/C wmic path Win32_OperatingSystem get Caption,Version /format:table > \"" + tempFile + "\"");
if (File.Exists(tempFile))
{
// try up to 10 times to read the file
for (int i = 0; i < 10; i++)
{
try
{
string[] lines = File.ReadAllLines(tempFile);
IPBanExtensionMethods.FileDeleteWithRetry(tempFile);
if (lines.Length > 1)
{
int versionIndex = lines[0].IndexOf("Version");
if (versionIndex >= 0)
{
FriendlyName = lines[1].Substring(0, versionIndex - 1).Trim();
Version = lines[1].Substring(versionIndex).Trim();
break;
}
}
throw new IOException("Invalid file generated from wmic");
}
catch (Exception ex)
{
if (i < 9)
{
System.Threading.Tasks.Task.Delay(200).Wait();
}
else
{
IPBanLog.Error(ex, "Unable to load os version using wmic, trying wmi api...");
// last resort, try wmi api
LoadVersionFromWmiApi();
}
}
}
}
else
{
// last resort, try wmi api
LoadVersionFromWmiApi();
}
}
else if (RuntimeInformation.IsOSPlatform(OSPlatform.OSX))
{
// TODO: Implement better for MAC
Name = IPBanOS.Mac;
FriendlyName = "OSX";
}
else
{
Name = IPBanOS.Unknown;
FriendlyName = "Unknown";
}
}
catch (Exception ex)
{
IPBanLog.Error("Error determining platform info", ex);
}
}
