private void LoadFirewall(IPBanConfig oldConfig)
{
IIPBanFirewall existing = Firewall;
Firewall = FirewallCreator.CreateFirewall(Config, Firewall);
if (existing != Firewall)
{
AddUpdater(Firewall);
Logger.Warn("Loaded firewall type {0}", Firewall.GetType());
if (existing != null)
{
RemoveUpdater(existing);
// transfer banned ip to new firewall
Firewall.BlockIPAddresses(null, ipDB.EnumerateBannedIPAddresses()).Sync();
}
}
if (oldConfig is null)
{
// clear out all previous custom rules
foreach (string rule in Firewall.GetRuleNames(Firewall.RulePrefix + "EXTRA_").ToArray())
{
Firewall.DeleteRule(rule);
}
}
else
{
// check for updated / new / removed block rules
List <string> deleteList = new List <string>(oldConfig.ExtraRules.Select(r => r.Name));
// cleanup rules that are no longer in the config
foreach (string newRule in Config.ExtraRules.Select(r => r.Name))
{
deleteList.Remove(newRule);
}
foreach (string rule in deleteList)
{
foreach (string ruleName in Firewall.GetRuleNames(rule).ToArray())
{
Firewall.DeleteRule(ruleName);
}
}
}
// ensure firewall is cleared out if needed - will only execute once
UpdateBannedIPAddressesOnStart();
// ensure windows event viewer is setup if needed - will only execute once
SetupWindowsEventViewer();
// add/update global rules
Firewall.AllowIPAddresses("GlobalWhitelist", Config.Whitelist);
Firewall.BlockIPAddresses("GlobalBlacklist", Config.BlackList);
// add/update user specified rules
foreach (IPBanFirewallRule rule in Config.ExtraRules)
{
if (rule.Block)
{
Firewall.BlockIPAddresses(rule.Name, rule.IPAddressRanges, rule.AllowPortRanges);
}
else
{
Firewall.AllowIPAddresses(rule.Name, rule.IPAddressRanges, rule.AllowPortRanges);
}
}
}
