FWDeviceForm, FWclient C# (CSharp) Code-Beispiele

Beispiel #1

0

Datei anzeigen

        public bool ConfigSNAT(FWDeviceForm fw_dev, string EthName, string devIP, string EthIP, bool add_delete)
        {
            string flag = ""; string configEth_bridge = ""; string configInfo = ""; string configEth_IP = ""; string sql_rule = "";
            string rule = "iptables -t nat -A POSTROUTING -s " + devIP + " -o br0 -j SNAT --to-source " + fw_dev.getDev_IP();

            if (add_delete)
            {
                flag             = "NAT1";
                configEth_bridge = "brctl delif br0 " + EthName;//先将网口从网桥上删除
                configEth_IP     = "ifconfig " + EthName + " " + EthIP + " netmask 255.255.255.0" + " up";
                configInfo       = flag + configEth_bridge + " && " + configEth_IP + " && " + rule;
                sql_rule         = "INSERT INTO SNAT values " + "('" + fw_dev.getDev_IP() + "','" + devIP + "','" + EthName + "','" + EthIP + "','" + fw_dev.getDev_IP() + "')";
            }
            else if (!add_delete)
            {
                flag             = "NAT0";
                configEth_bridge = "brctl addif br0 " + EthName;
                configEth_IP     = "ifconfig " + EthName + " " + "0.0.0.0 up";
                configInfo       = flag + configEth_IP + " && " + configEth_bridge + " && " + rule;
                sql_rule         = "DELETE FROM SNAT where (fwIP='" + fw_dev.getDev_IP() + "' and origin_devIP='" + devIP + "'" +
                                   " and EthName='" + EthName + "' and EthIP='" + EthIP + "' and NATIP='" + fw_dev.getDev_IP() + "')";
            }

            fw_dev.setDev_port(22222);
            NATdb_operate.dboperate(sql_rule);

            SendInfo sendcmd = new SendInfo(fw_dev);

            return(sendcmd.SendConfigInfo(configInfo));
        }

Beispiel #2

0

Datei anzeigen

Datei: ConfigureNAT.cs Projekt: 113-firewall/firewall

        public bool ConfigSNAT(FWDeviceForm fw_dev, string EthName, string devIP, string EthIP, bool add_delete)
        {
            string flag = ""; string configEth_bridge = ""; string configInfo = ""; string configEth_IP = "";
            string rule = "iptables -t nat -A POSTROUTING -s " + devIP + " -o br0 -j SNAT --to-source " + fw_dev.getDev_IP();

            if (add_delete)
            {
                flag             = "$";
                configEth_bridge = "brctl delif br0 " + EthName;//先将网口从网桥上删除
                configEth_IP     = "ifconfig " + EthName + " " + EthIP + " netmask 255.255.255.0" + " up";
                configInfo       = flag + configEth_bridge + " & " + configEth_IP + " & " + rule;
            }
            if (!add_delete)
            {
                flag             = "#";
                configEth_bridge = "brctl addif br0 " + EthName;
                configEth_IP     = "ifconfig " + EthName + " " + "0.0.0.0 up";
                configInfo       = flag + configEth_IP + " & " + configEth_bridge + " & " + rule;
            }

            fw_dev.setDev_port(22222);
            SendInfo sendcmd = new SendInfo(fw_dev);

            if (sendcmd.SendConfigInfo(configInfo))
            {
                return(true);
            }

            else
            {
                return(false);
            }
        }

Beispiel #3

0

Datei anzeigen

Datei: NoIPConfig.cs Projekt: YuLearnGit/workplace

        bool INoIPConfig.NoipConfig(FWDeviceForm fw_dev)
        {
            string cmd = "ifconfig br0 down && ifconfig br0 0.0.0.0 up";

            fw_dev.setDev_port(22222);

            /*
             *本身就无IP的防火墙不能配置为无IP模式
             */
            if (fw_dev.getDev_IP() == "0.0.0.0")
            {
                return(false);
            }

            SendInfo sendcmd = new SendInfo(fw_dev);

            if (sendcmd.SendConfigInfo(cmd))
            {
                fw_dev.setDev_IP("0.0.0.0");
                return(true);
            }
            else
            {
                return(false);
            }
        }

Beispiel #4

0

Datei anzeigen

        public bool ClearNATRules(FWDeviceForm fw_dev)
        {
            string rule = "iptables -t nat -F";

            fw_dev.setDev_port(22222);
            SendInfo sendcmd = new SendInfo(fw_dev);

            return(sendcmd.SendConfigInfo(rule));
        }

Beispiel #5

0

Datei anzeigen

Datei: DevicesCheck.cs Projekt: 113-firewall/firewall

        /* 监听扫描返回数据包端口 */
        public void listenCheckResult()
        {
            while (true)
            {
                byte[] content = listener.Receive(ref groupEP);
                confirm = Encoding.Default.GetString(content);
                if ((confirm.IndexOf("firedeviceConfirm")) != -1)
                {
#if debug
                    Console.WriteLine("捕获到返回信息！！！");
#endif
                    string[] sArray_IP_MAC = confirm.Split('&');
                    string   fw_IP         = sArray_IP_MAC[0];               //防火墙IP
                    string   dev_mac       = sArray_IP_MAC[1];               //受保护设备MAC
                    string   fw_mac        = sArray_IP_MAC[2];               //防火墙MAC
                    string   dev_IP        = sArray_IP_MAC[4];               //受保护设备IP

                    if (fw_IP != "0.0.0.0" && (fwMAC_list.Contains(fw_mac))) //如果已经存在
                    {
                        foreach (FWDeviceForm fwdev in fw_list)
                        {
                            if (fwdev.getDev_MAC() == fw_mac)
                            {
                                if (!fwdev.getProtecDevIP_list().Contains(dev_IP))
                                {
                                    ProtecDeviceForm protecDev = new ProtecDeviceForm(dev_IP, dev_mac);
                                    fwdev.addProtecDev(protecDev);
                                    fwdev.addProtecDevIP(dev_IP);
                                }
                            }
                        }
                    }
                    else
                    {
                        FWDeviceForm fw_dev = new FWDeviceForm(fw_IP, 22222, fw_mac);
                        fw_dev.addProtecDev(new ProtecDeviceForm(dev_IP, dev_mac));
                        fw_dev.addProtecDevIP(dev_IP);
                        fwMAC_list.Add(fw_mac);
                        fw_list.Add(fw_dev);
                    }
#if debug
                    Console.WriteLine("保存设备信息！！！");
#endif
                }
                else
                {
                    Console.WriteLine("未扫描到设备");
                }
            }
        }

Beispiel #6

0

Datei anzeigen

        public bool ConfigDNAT(FWDeviceForm fw_dev, string Original_DIP, string Original_dport, string Map_IP, string Map_port, bool add_delete)
        {
            string flag = ""; string pre_rule = "";//string post_rule = "";
            string sql_rule = "";

            if (Original_dport != "any" & Map_port != "any")
            {
                pre_rule = "iptables -t nat -A PREROUTING -d" + " " + Original_DIP + " " + "-p tcp --dport " + Original_dport
                           + " -j DNAT --to-destination " + Map_IP + ":" + Map_port;
                //post_rule = "iptables -t nat -A POSTROUTING -d"+" "+Map_IP+" "+"-p tcp --dport "+Map_port
                //    +" -j SNAT --to "+Original_DIP+":"+Original_dport;
            }
            if (Original_dport != "any" & Map_port == "any")
            {
                pre_rule = "iptables -t nat -A PREROUTING -d" + " " + Original_DIP + " " + "-p tcp --dport " + Original_dport
                           + " -j DNAT --to-destination " + Map_IP;
            }
            if (Original_dport == "any" & Map_port != "any")
            {
                pre_rule = "iptables -t nat -A PREROUTING -d" + " " + Original_DIP + " " + "-p tcp " + " -j DNAT --to-destination " + Map_IP + ":" + Map_port;
            }
            if (Original_dport == "any" & Map_port == "any")
            {
                pre_rule = "iptables -t nat -A PREROUTING -d" + " " + Original_DIP + " " + "-p tcp " + " -j DNAT --to-destination " + Map_IP;
            }

            if (add_delete)
            {
                flag     = "NAT1";
                sql_rule = "INSERT INTO dnat values " + "('" + fw_dev.getDev_IP() + "','" + Original_DIP + "','" + Original_dport + "','" + Map_IP + "','" + Map_port + "')";
            }
            else if (!add_delete)
            {
                flag     = "NAT0";
                sql_rule = "DELETE FROM DNAT where " + "(fwIP='" + fw_dev.getDev_IP() + "' and origin_dstIP='" + Original_DIP + "'" +
                           " and origin_dport='" + Original_dport + "' and map_IP='" + Map_IP + "' and map_port='" + Map_port + "')";
            }
            string configrule = flag + pre_rule;

            fw_dev.setDev_port(22222);
            SendInfo sendcmd = new SendInfo(fw_dev);

            NATdb_operate.dboperate(sql_rule);
            return(sendcmd.SendConfigInfo(configrule));
        }

Beispiel #7

0

Datei anzeigen

        public bool ConfigDNAT(FWDeviceForm fw_dev, string Original_DIP, string Original_dport, string Map_IP, string Map_port, bool add_delete)
        {
            string flag = ""; string pre_rule = "";//string post_rule = "";

            if (Original_dport != "any" & Map_port != "any")
            {
                pre_rule = "iptables -t nat -A PREROUTING -d" + " " + Original_DIP + " " + "-p tcp --dport " + Original_dport
                           + " -j DNAT --to-destination " + Map_IP + ":" + Map_port;
                //post_rule = "iptables -t nat -A POSTROUTING -d"+" "+Map_IP+" "+"-p tcp --dport "+Map_port
                //    +" -j SNAT --to "+Original_DIP+":"+Original_dport;
            }
            if (Original_dport != "any" & Map_port == "any")
            {
                pre_rule = "iptables -t nat -A PREROUTING -d" + " " + Original_DIP + " " + "-p tcp --dport " + Original_dport
                           + " -j DNAT --to-destination " + Map_IP;
            }
            if (Original_dport == "any" & Map_port != "any")
            {
                pre_rule = "iptables -t nat -A PREROUTING -d" + " " + Original_DIP + " " + "-p tcp " + " -j DNAT --to-destination " + Map_IP + ":" + Map_port;
            }
            if (Original_dport == "any" & Map_port == "any")
            {
                pre_rule = "iptables -t nat -A PREROUTING -d" + " " + Original_DIP + " " + "-p tcp " + " -j DNAT --to-destination " + Map_IP;
            }

            if (add_delete)
            {
                flag = "NAT1";
                string rfule = fw_dev.getDev_IP() + " " + Original_DIP + " " + Original_dport + " " + Map_IP + " " + Map_port;
                of.SaveRules(rfule, "dnat");
            }
            else if (!add_delete)
            {
                flag = "NAT0";
                string rfule = fw_dev.getDev_IP() + " " + Original_DIP + " " + Original_dport + " " + Map_IP + " " + Map_port;
                of.DeleteRules(rfule, "dnat");
            }
            string configrule = flag + pre_rule;

            fw_dev.setDev_port(22222);
            SendInfo sendcmd = new SendInfo(fw_dev);

            return(sendcmd.SendConfigInfo(configrule));
        }

Beispiel #8

0

Datei anzeigen

        static void Main(string[] args)
        {
            //IAPCRulesManage apc = new APCRulesManage();
            //apc.ApplicationProtocolControl("172.16.10.1", "http", true);
            //IARPProtect arp = new ARPProtect();
            //arp.configARPRules("172.16.10.1", "172.16.10.2", "172.16.10.254", false);
            //ICNCRulesManage cnc = new CNCRulesManage();
            //cnc.DelCNCRules("172.16.10.1", true, 52, "172.16.10.2", "172.16.10.3", "502", "205");
            DeviceForm   dev = new DeviceForm("172.16.10.1", 502);
            FWDeviceForm fw  = new FWDeviceForm("172.16.10.2", 22222, "ff:ff:ff:ff:ff:ff");
            //IConfigRules dpi = new ConfigDPIRules(dev);
            //ModbusTcpRulesForm modbus = new ModbusTcpRulesForm();
            //OPCRulesForm opc = new OPCRulesForm();
            //DNP3RulesForm dnp = new DNP3RulesForm();
            ////dpi.ConfigModbusTcpRules(modbus,true,false);
            ////dpi.ConfigOPCRules(opc,true,false);
            //dpi.ConfigDNP3Rules(dnp,true,false);
            IConfigureNAT nat = new ConfigureNAT();
            //nat.ConfigSNAT(fw,"eth0","192.168.10.3","172.16.10.3",false);
            //nat.ConfigDNAT(fw,"192.16.10.1","55","172.16.10.1","55",false);
            IConfigWhiteLists whl = new ConfigWhiteLists();
            //whl.ChangeWhiteLists("172.16.10.1", "172.16.10.2", "172.16.10.254","205","502",true,false);
            IPRTRulesManage prt = new PRTRulesManage();
            //prt.DefaultRouteConfig("172.16.10.1",false,"eth0","172.16.10.254");
            //prt.HostRouteConfig("172.16.10.1",false,"172.16.10.2","eth0","172.16.10.254");
            //prt.NetRouteConfig("172.16.10.1", false, "172.16.10.2", "255.255.255.0","eth0", "172.16.10.254");
            ISTDRulesManage std = new STDRulesManage();

            std.DelSTDRules("172.16.10.1", true, "tcp", "172.16.10.2", "172.16.10.3", "22222", "33333");
            //            IDevicesCheck devConfirm = new DevicesCheck();
            //            List<FWDeviceForm> fws = devConfirm.CheckDevices("172.16.10.9", "172.16.10.10");

            //            Console.WriteLine("打印扫描结果 :");
            //            IReceiveLog log = new ReceiveLog();
            //            log.Save_DisplayLog(true);
            //            foreach (FWDeviceForm fw in fws)
            //            {
            //                string fwip = fw.getDev_IP();
            //                string fwmac = fw.getDev_MAC();
            //                List<ProtecDeviceForm> protecDev_list = fw.getProtecDev_list();

            //                Console.WriteLine("防火墙设备IP : {0} 防火墙设备MAC : {1}", fwip, fwmac);

            //                Console.WriteLine("关联的受保护设备 :");

            //                if (fwip != "0.0.0.0")
            //                {

            //                    foreach (var item in protecDev_list)
            //                    {
            //                        string dev_type = item.getDev_type();
            //                        Console.WriteLine("IP {0}   MAC {1} 设备制造商 {2}", item.getDev_IP(), item.getDev_MAC(), dev_type);

            //                    }
            //                }
            //                else Console.WriteLine("防火墙为无IP模式");
            //            }

            //            //IARPProtect tes = new ARPProtect();
            //            //tes.configARPRules("172.16.10.9", "172.16.10.254", "08:57:00:e5:87:a7", true);

#if debug
            Console.ReadLine();
#endif
        }

C# (CSharp) FWclient FWDeviceForm Beispiele