public static bool MatchEndpoint(string Addresses, string Ports, IPAddress Address, UInt16 Port, NetworkMonitor.AdapterInfo NicInfo = null) { if (!FirewallRule.IsEmptyOrStar(Ports) && !MatchPort(Port, Ports)) { return(false); } if (Address != null && !FirewallRule.IsEmptyOrStar(Addresses) && !MatchAddress(Address, Addresses, NicInfo)) { return(false); } return(true); }
public void EvaluateRules(ProgramSet progSet, bool StrictTest = false) { String InetRanges = FirewallRule.AddrKeywordIntErnet; if (UwpFunc.IsWindows7OrLower) { InetRanges = GetSpecialNet(InetRanges); } progSet.config.CurAccess = ProgramConfig.AccessLevels.Unconfigured; SortedDictionary <ProgramID, RuleStat> RuleStats = new SortedDictionary <ProgramID, RuleStat>(); int enabledCound = 0; foreach (Program prog in progSet.Programs.Values) { RuleStat Stat = new RuleStat(); foreach (FirewallRule rule in prog.Rules.Values) { if (!rule.Enabled) { continue; } enabledCound++; if (!FirewallRule.IsEmptyOrStar(rule.LocalAddresses)) { continue; } if (!FirewallRule.IsEmptyOrStar(rule.LocalPorts) || !FirewallRule.IsEmptyOrStar(rule.RemotePorts)) { continue; } if (rule.IcmpTypesAndCodes != null && rule.IcmpTypesAndCodes.Length > 0) { continue; } bool AllProts = (rule.Protocol == (int)NetFunc.KnownProtocols.Any); bool InetProts = AllProts || (rule.Protocol == (int)FirewallRule.KnownProtocols.TCP) || (rule.Protocol == (int)FirewallRule.KnownProtocols.UDP); if (!InetProts) { continue; } //if (rule.Profile != (int)FirewallRule.Profiles.All && (rule.Profile != ((int)FirewallRule.Profiles.Public | (int)FirewallRule.Profiles.Private | (int)FirewallRule.Profiles.Domain))) // continue; if (rule.Interface != (int)FirewallRule.Interfaces.All) { continue; } if (FirewallRule.IsEmptyOrStar(rule.RemoteAddresses)) { if (rule.Action == FirewallRule.Actions.Allow && InetProts) { Stat.AllowAll.Add(rule.Profile, rule.Direction); } else if (rule.Action == FirewallRule.Actions.Block && AllProts) { Stat.BlockAll.Add(rule.Profile, rule.Direction); } } else if (rule.RemoteAddresses == InetRanges) { if (rule.Action == FirewallRule.Actions.Block && AllProts) { Stat.BlockInet.Add(rule.Profile, rule.Direction); } } else if (rule.RemoteAddresses == FirewallRule.AddrKeywordLocalSubnet) { if (rule.Action == FirewallRule.Actions.Allow && InetProts) { Stat.AllowLan.Add(rule.Profile, rule.Direction); } } } RuleStats.Add(prog.ID, Stat); } if (RuleStats.Count == 0 || enabledCound == 0) { return; } RuleStat MergedStat = RuleStats.Values.First(); for (int i = 1; i < RuleStats.Count; i++) { RuleStat Stat = RuleStats.Values.ElementAt(i); MergedStat.AllowAll.Merge(Stat.AllowAll); MergedStat.BlockAll.Merge(Stat.BlockAll); MergedStat.AllowLan.Merge(Stat.AllowLan); MergedStat.BlockInet.Merge(Stat.BlockInet); } if (MergedStat.BlockAll.IsOutbound(IgnoreDomain) && (!StrictTest || MergedStat.BlockAll.IsInbound(IgnoreDomain))) { progSet.config.CurAccess = ProgramConfig.AccessLevels.BlockAccess; } //else if (MergedStat.AllowAll.IsOutbound(SkipDomain) && (!StrictTest || MergedStat.AllowAll.IsInbound(SkipDomain))) else if (MergedStat.AllowAll.IsOutbound(IgnoreDomain) && MergedStat.AllowAll.IsInbound(IgnoreDomain)) { progSet.config.CurAccess = ProgramConfig.AccessLevels.FullAccess; } else if (MergedStat.AllowLan.IsOutbound(IgnoreDomain) && (!StrictTest || (MergedStat.AllowLan.IsInbound(IgnoreDomain) && MergedStat.AllowLan.IsInbound(IgnoreDomain)))) { progSet.config.CurAccess = ProgramConfig.AccessLevels.LocalOnly; } else if (MergedStat.AllowAll.IsOutbound(IgnoreDomain)) { progSet.config.CurAccess = ProgramConfig.AccessLevels.OutBoundAccess; } else if (MergedStat.AllowAll.IsInbound(IgnoreDomain)) { progSet.config.CurAccess = ProgramConfig.AccessLevels.InBoundAccess; } else if (enabledCound > 0) { progSet.config.CurAccess = ProgramConfig.AccessLevels.CustomConfig; } }