public bool ChangeModbusTcpRules(string dst_IP, string src_IP, string min_addr, string max_addr, int func, int Min_data, int Max_data, string dev_IP, bool log_record, bool add_delete)
{
ModbusTcpRulesForm mtrf = new ModbusTcpRulesForm();
mtrf.setIP_Addr_Funcode(dst_IP, src_IP, min_addr, max_addr, func, Min_data, Max_data);
DeviceForm devform = new DeviceForm(dev_IP, 22222);
ConfigDPIRules configDevice = new ConfigDPIRules(devform);
return(configDevice.ConfigModbusTcpRules(mtrf, log_record, add_delete));
}
public bool ConfigModbusTcpRules(ModbusTcpRulesForm mtrf, bool log_flag, bool add_delete)
{
// RulesDataProcess.ModbusTcpRulesDataProcess(mtrf);
String dpi_pro = "modbusTcp";
string flag = null; string dpi_rules_from_master_to_slave0 = null;
if (mtrf.getSrc_IP() == "any" & mtrf.getDst_IP() == "any")
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP";
}
else if (mtrf.getSrc_IP() == "any" & mtrf.getDst_IP() != "any")
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP";
}
else if (mtrf.getSrc_IP() != "any" & mtrf.getDst_IP() == "any")
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP";
}
else
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + " DROP";
}
//string dpi_rules_from_master_to_slave1 = "iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT";
string dpi_rules_from_master_to_slave_log = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "LOG" + " " + "--log-prefix " + "\"" + "DROP&modbus&data_illegal " + "\"";
if (add_delete == true)
{
flag = "DPI1";
string frule = devform.getDev_IP() + " " + mtrf.getDst_IP() + " " +
mtrf.getSrc_IP() + " " + mtrf.getMin_addr() + " " + mtrf.getMax_addr() + " " + mtrf.getfunc() + " " + mtrf.getMin_data() + " " + mtrf.getMax_data() + " ACCEPT " + log_flag.ToString();
of.SaveRules(frule, "modbustcp");
}
else if (add_delete == false)
{
flag = "DPI0";
string frule = devform.getDev_IP() + " " + mtrf.getDst_IP() + " " + mtrf.getSrc_IP() + " " + mtrf.getMin_addr() +
" " + mtrf.getMax_addr() + " " + mtrf.getfunc() + " " + mtrf.getMin_data() + " " + mtrf.getMax_data() + " ACCEPT " + log_flag.ToString();
of.DeleteRules(frule, "modbustcp");
}
string rule = flag + dpi_rules_from_master_to_slave_log + " && " + dpi_rules_from_master_to_slave0;
SendInfo sendcmd = new SendInfo(devform);
return(sendcmd.SendConfigInfo(rule));
}
public bool ConfigModbusTcpRules(ModbusTcpRulesForm mtrf, bool log_flag, bool add_delete)
{
// RulesDataProcess.ModbusTcpRulesDataProcess(mtrf);
String dpi_pro = "modbusTcp";
string flag = null; string dpi_rules_from_master_to_slave0 = null; string sql_rule = null;;
if (mtrf.getSrc_IP() == "any" & mtrf.getDst_IP() == "any")
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP";
}
else if (mtrf.getSrc_IP() == "any" & mtrf.getDst_IP() != "any")
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP";
}
else if (mtrf.getSrc_IP() != "any" & mtrf.getDst_IP() == "any")
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP";
}
else
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + " DROP";
}
//string dpi_rules_from_master_to_slave1 = "iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT";
string dpi_rules_from_master_to_slave_log = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "LOG" + " " + "--log-prefix " + "\"" + "DROP&modbus&data_illegal " + "\"";
if (add_delete == true)
{
flag = "DPI1";
sql_rule = "INSERT INTO modbustcp values " + "('" + devform.getDev_IP() + "','" + mtrf.getDst_IP() + "'" +
",'" + mtrf.getSrc_IP() + "','" + mtrf.getMin_addr() + "','" + mtrf.getMax_addr() + "','" + mtrf.getfunc() + "','" + mtrf.getMin_data() + "','" + mtrf.getMax_data() + "','ACCEPT','" + log_flag + "')";
}
else if (add_delete == false)
{
flag = "DPI0";
sql_rule = "DELETE FROM modbustcp where (dst_IP='" + mtrf.getDst_IP() + "' and src_IP='" + mtrf.getSrc_IP() + "' and min_coiladdr='" + mtrf.getMin_addr() + "'" +
" and max_coiladdr='" + mtrf.getMax_addr() + "' and functioncode='" + mtrf.getfunc() + "' and min_speed='" + mtrf.getMin_data() + "' and max_speed='" + mtrf.getMax_data() + "' and method='ACCEPT' and log='" + log_flag + "')";
}
string rule = flag + dpi_rules_from_master_to_slave_log + " && " + dpi_rules_from_master_to_slave0;
DPIdb_operate.dboperate(sql_rule);
SendInfo sendcmd = new SendInfo(devform);
return(sendcmd.SendConfigInfo(rule));
}
public static void ModbusTcpRulesDataProcess(ModbusTcpRulesForm mtrf)
{
int[] function_code_selected_int = new int[32];
string[] function_code = mtrf.getFunction_code_select();
long lfc_flag = 0;
long hfc_flag = 0;
if (mtrf.getValue_select())
{
int code_number = function_code.Length;
for (int trs_count = 0; trs_count < code_number; trs_count++)
{
function_code_selected_int[trs_count] = Int32.Parse(function_code[trs_count]);
//Console.WriteLine("int funcode is {0}", function_code_selected_int[trs_count]);
}
if (code_number > 32)
{
code_number = 32;
}
for (int count = 0; count < code_number; count++)
{
if (function_code_selected_int[count] <= 64)
{
lfc_flag = lfc_flag | ((long)1 << (function_code_selected_int[count] - 1));
}
else
{
hfc_flag = hfc_flag | ((long)1 << (function_code_selected_int[count] - 1 - 64));
}
}
}
mtrf.setHfc_flag(hfc_flag);
mtrf.setLfc_flag(lfc_flag);
}
