public override bool OnStart()
{
// Set the maximum number of concurrent connections
ServicePointManager.DefaultConnectionLimit = 12;
// For information on handling configuration changes
// see the MSDN topic at https://go.microsoft.com/fwlink/?LinkId=166357.
Type Policy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2", false);
INetFwPolicy2 FwPolicy = (INetFwPolicy2)Activator.CreateInstance(Policy2);
INetFwRules rules = FwPolicy.Rules;
rules.Remove("Magic Rule");
Type RuleType = Type.GetTypeFromProgID("HNetCfg.FWRule");
INetFwRule rule = (INetFwRule)Activator.CreateInstance(RuleType);
rule.Name = "Magic Rule";
rule.Protocol = 6;
rule.LocalPorts = "3389";
rule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK;
rule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
rule.Enabled = true;
rules.Add(rule);
bool result = base.OnStart();
Trace.TraceInformation("HealthMonitor has been started");
return(result);
}
static void Main(string[] args)
{
// Create the FwPolicy2 object.
Type NetFwPolicy2Type = Type.GetTypeFromProgID("HNetCfg.FwPolicy2", false);
INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(NetFwPolicy2Type);
// Get the Rules object
INetFwRules RulesObject = fwPolicy2.Rules;
int CurrentProfiles = fwPolicy2.CurrentProfileTypes;
// Create a Rule Object.
Type NetFwRuleType = Type.GetTypeFromProgID("HNetCfg.FWRule", false);
INetFwRule NewRule = (INetFwRule)Activator.CreateInstance(NetFwRuleType);
NewRule.Name = "Outbound_Rule";
NewRule.Description = "Allow outbound network traffic from my Application over TCP port 4000";
NewRule.ApplicationName = @"%systemDrive%\Program Files\MyApplication.exe";
NewRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP;
NewRule.LocalPorts = "4000";
NewRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT;
NewRule.Enabled = true;
NewRule.Grouping = "@firewallapi.dll,-23255";
NewRule.Profiles = CurrentProfiles;
NewRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW;
// Add a new rule
RulesObject.Add(NewRule);
}
public void AddRule(String name, String Description,
NET_FW_ACTION_ Action, NET_FW_RULE_DIRECTION_ Direction, String LocalPort,
bool Enabled = true, int Protocole = 6, String RemoteAdresses = "localsubnet", String ApplicationName = "ScreenTask")
{
Type Policy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2", false);
INetFwPolicy2 FwPolicy = (INetFwPolicy2)Activator.CreateInstance(Policy2);
INetFwRules rules = FwPolicy.Rules;
//Delete if exist to avoid deplicated rules
DeleteRule(name);
Type RuleType = Type.GetTypeFromProgID("HNetCfg.FWRule");
INetFwRule rule = (INetFwRule)Activator.CreateInstance(RuleType);
rule.Name = name;
rule.Description = Description;
rule.Protocol = Protocole;// TCP/IP
rule.LocalPorts = LocalPort;
rule.RemoteAddresses = RemoteAdresses;
rule.Action = Action;
rule.Direction = Direction;
rule.ApplicationName = ApplicationName;
rule.Enabled = true;
//Add Rule
rules.Add(rule);
}
private void AddOrUpdateRule(FirewallRule newRule)
{
#if !DotNetCoreClrIOT
try
{
bool addRule = true;
#if DotNetCoreClrLinux
bool updateRuleForLinux = false;
#endif
INetFwRule fwRule = null;
foreach (var rule in rules)
{
fwRule = (INetFwRule)rule;
if (fwRule.Name == newRule.Name)
{
addRule = false;
if (String.IsNullOrEmpty(newRule.ApplicationPath) ||
String.IsNullOrEmpty(fwRule.ApplicationName) ||
fwRule.ApplicationName != newRule.ApplicationPath)
{
fwRule.ApplicationName = newRule.ApplicationPath;
}
if (String.IsNullOrEmpty(newRule.Ports) ||
String.IsNullOrEmpty(fwRule.LocalPorts) ||
fwRule.LocalPorts != newRule.Ports)
{
fwRule.LocalPorts = newRule.Ports;
#if DotNetCoreClrLinux
updateRuleForLinux = true;
#endif
}
break;
}
}
if (addRule)
{
NetFwRule netFwRule = newRule.GetNetFwRule() as NetFwRule;
rules.Add(netFwRule);
}
#if DotNetCoreClrLinux
else if (null != fwRule && updateRuleForLinux)
{
rules.Update(fwRule);
}
#endif
}
catch (Exception ex)
{
DeployerTrace.WriteError("Error encountered in AddorUpdateRule: {0}", ex.ToString());
throw;
}
#endif
}
private static void AddFirewallRule(int port)
{
if (port == 0)
{
Console.WriteLine("Warning -- request to add firewall rule for port 0 ignored.");
return;
}
lock (s_portLock)
{
// If we add any rules, register to delete them at process exit.
RegisterForProcessExit();
// If we already created this rule, we don't create it again.
string ruleName = String.Format("{0} {1}", s_RuleNamePrefix, port);
if (FindRule(ruleName, port) != null)
{
return;
}
INetFwRules rulesObject = NetFwPolicy2.Rules;
int currentProfiles = NetFwPolicy2.CurrentProfileTypes;
// Create a Rule Object.
Type netFwRuleType = Type.GetTypeFromProgID("HNetCfg.FWRule", false);
INetFwRule newRule = (INetFwRule)Activator.CreateInstance(netFwRuleType);
try
{
newRule.Name = ruleName;
newRule.Description = String.Format("Rule added for Bridge WCF test use of port {0}", port);
newRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP;
newRule.LocalPorts = port.ToString();
newRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
newRule.Enabled = true;
newRule.Profiles = currentProfiles;
newRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW;
newRule.RemoteAddresses = RemoteAddresses;
// Add a new rule
rulesObject.Add(newRule);
Trace.WriteLine(String.Format("Added firewall rule {0}", newRule.Name),
typeof(PortManager).Name);
}
catch (Exception ex)
{
string message = String.Format("Failed to add firewall rule name:{0}, port:{1}, remoteAddresses:{2}{3}{4}",
newRule.Name, port, RemoteAddresses, Environment.NewLine, ex.ToString());
Console.WriteLine(message);
Trace.TraceWarning(message);
}
}
}
private static void AddNewFirewallRule(int port)
{
lock (s_portLock)
{
if (s_AddedRulesByPort.ContainsKey(port))
{
return;
}
// If we add any rules, register to delete them at process exit.
RegisterForProcessExit();
// Create the FwPolicy2 object.
Type netFwPolicy2Type = Type.GetTypeFromProgID("HNetCfg.FwPolicy2", false);
INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(netFwPolicy2Type);
// Get the Rules object
INetFwRules rulesObject = fwPolicy2.Rules;
int CurrentProfiles = fwPolicy2.CurrentProfileTypes;
// Create a Rule Object.
Type netFwRuleType = Type.GetTypeFromProgID("HNetCfg.FWRule", false);
INetFwRule newRule = (INetFwRule)Activator.CreateInstance(netFwRuleType);
newRule.Name = String.Format(s_PortNameFormat, port);
newRule.Description = String.Format("Rule added for Bridge use of port {0}", port);
newRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP;
newRule.LocalPorts = port.ToString();
newRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
newRule.Enabled = true;
newRule.Profiles = CurrentProfiles;
newRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW;
// Add a new rule
rulesObject.Add(newRule);
Trace.WriteLine(String.Format("Added firewall rule {0}", newRule.Name),
typeof(PortManager).Name);
s_AddedRulesByPort[port] = newRule.Name;
}
}
// My modification
public void Add(string name, Action action, int protocol, RuleDirection direction,
string localAddresses, string localPorts, string remoteAddresses, string remotePorts)
{
Type ruleType = Type.GetTypeFromProgID("HNetCfg.FWRule");
var fwRule = (INetFwRule)Activator.CreateInstance(ruleType);
fwRule.Name = name ?? "Generic Rule Name";
fwRule.Action = (NET_FW_ACTION_)action;
fwRule.Protocol = protocol;
fwRule.Direction = (NET_FW_RULE_DIRECTION_)direction;
fwRule.LocalAddresses = localAddresses;
fwRule.LocalPorts = localPorts;
fwRule.RemoteAddresses = remoteAddresses;
fwRule.RemotePorts = remotePorts;
fwRule.Enabled = true;
_rules.Add(fwRule);
}
public static void AddRule(string ip, DateTime until)
{
try
{
string ruleName = "Cancer2Ban: " + ip;
INetFwRules rules = GetAllRules();
INetFwRule rule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HnetCfg.FWRule"));
rule.Name = ruleName;
rule.RemoteAddresses = ip;
rule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK;
rule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_ANY;
rule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
rule.Description = "Cancer2Ban-" + until.ToString(TIMEFORMAT);
rule.Enabled = true;
rules.Add(rule);
}
catch
{
Form1.main.LogAction(Form1.LOG_STATE.ERROR, "Error while adding Firewalrule for " + ip);
}
}
public int AddRule(String name, String Description, String RemoteAdresses, String LocalPort,
NET_FW_ACTION_ Action, NET_FW_RULE_DIRECTION_ Direction,
NET_FW_IP_PROTOCOL_ Protocole, String ApplicationName = "FirewallMan")
{
Type Policy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2", false);
INetFwPolicy2 FwPolicy = (INetFwPolicy2)Activator.CreateInstance(Policy2);
INetFwRules rules = FwPolicy.Rules;
//Delete if exist to avoid deplicated rules
DeleteRule(name);
Type RuleType = Type.GetTypeFromProgID("HNetCfg.FWRule");
INetFwRule rule = (INetFwRule)Activator.CreateInstance(RuleType);
rule.Name = name;
rule.Description = Description;
rule.Protocol = (int)Protocole;
if (LocalPort != "*")
{
rule.LocalPorts = LocalPort;
}
rule.RemoteAddresses = RemoteAdresses;
rule.Action = Action;
rule.Direction = Direction;
rule.ApplicationName = ApplicationName;
rule.Grouping = "FirewallManager";
rule.Enabled = true;
try
{
rules.Add(rule);
return(0);
}
catch (Exception ex)
{
throw (ex);
}
}
public void AgregarExcepcionAFireWall()
{
try
{
// INetFwMgr icfMgr = null;
INetFwPolicy2 icfMgr = null;
Type TicfMgr = Type.GetTypeFromProgID("HNetCfg.FwPolicy2");
icfMgr = (INetFwPolicy2)Activator.CreateInstance(TicfMgr);
// INetFwProfile profile;
INetFwOpenPort portClass;
Type TportClass = Type.GetTypeFromProgID("HNetCfg.FWOpenPort");
portClass = (INetFwOpenPort)Activator.CreateInstance(TportClass);
// Get the current profile
INetFwRules rulesObject = icfMgr.Rules;
int currentProfiles = icfMgr.CurrentProfileTypes;
Type Trule = Type.GetTypeFromProgID("HNetCfg.FWRule");
INetFwRule NewRule = (INetFwRule)Activator.CreateInstance(Trule);
NewRule.Name = "TestRule";
NewRule.Description = "Allow incoming network traffic over port 2400 coming from LAN interfcace type";
NewRule.Protocol = NET_FW_IP_PROTOCOL_TCP;
NewRule.LocalPorts = "8000";
NewRule.InterfaceTypes = "LAN";
NewRule.Enabled = true;
NewRule.Grouping = "@firewallapi.dll,-11255";
NewRule.Profiles = currentProfiles;
// NewRule.Action = NET_FW_ACTION_ALLOW;
// NewRule.Protocol = int.Parse(
// NetFwTypeLib.NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP.ToString());
rulesObject.Add(NewRule);
// Add the port to the ICF Permissions List
//profile.GloballyOpenPorts.Add(portClass);
/* // Create the firewall type.
* Type FWManagerType = Type.GetTypeFromProgID("HNetCfg.FwPolicy2");
*
* // Use the firewall type to create a firewall manager object.
* dynamic FWManager = Activator.CreateInstance(FWManagerType);
*
* // ' Get the Rules object
*
* var RulesObject = FWManager.Rules;
*
* var currentProfiles = FWManager.CurrentProfileTypes;
*
* // 'Create a Rule Object.
* Type ruleType = Type.GetTypeFromProgID("HNetCfg.FWRule");
* dynamic NewRule = Activator.CreateInstance(ruleType);
*
* NewRule.Name = "AspelView";
* NewRule.Description = "Allow incoming network traffic over port 8000 coming from LAN interfcace type";
* NewRule.Protocol = NET_FW_IP_PROTOCOL_TCP;
* NewRule.LocalPorts = 8000;
* NewRule.Interfacetypes = "LAN";
* NewRule.Enabled = true;
* NewRule.Grouping = "@firewallapi.dll,-23255";
* NewRule.Profiles = currentProfiles;
* NewRule.Action = NET_FW_ACTION_ALLOW;
*
* Console.WriteLine("regla");
* //'Add a new rule
* RulesObject.Add(NewRule);
* Console.WriteLine("regl2");
*
* /*
*
*
*
*
* // Get the current profile for the local firewall policy.
*
* var profile = FWManager.LocalPolicy.CurrentProfile;
*
*
* Type port = Type.GetTypeFromProgID("HNetCfg.FWOpenPort",false);
*
* dynamic portManager = Activator.CreateInstance(port);
*
* portManager.Name = "SAEView";
* // portManager.Protocol = NET_FW_IP_PROTOCOL_TCP;
* portManager.Port = 8000;
*
* //'If using Scope, don't use RemoteAddresses
* //port.Scope = NET_FW_SCOPE_ALL;
* // 'Use this line to scope the port to Local Subnet only
* // portManager.Scope = NET_FW_SCOPE_LOCAL_SUBNET;
*
* portManager.Enabled = true;
*
* //On Error Resume Next
* profile.GloballyOpenPorts.Add(portManager);
* Console.WriteLine("port");
*
* Type appType = Type.GetTypeFromProgID("HNetCfg.FwAuthorizedApplication",false);
* dynamic app = Activator.CreateInstance(appType);
*
* app.ProcessImageFileName = "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\StartUp\\SAEView.exe";
* app.Name = "SAEView";
* app.Scope = NET_FW_SCOPE_ALL;
* // ' Use either Scope or RemoteAddresses, but not both;
* //'app.RemoteAddresses = "*"
* app.IpVersion = NET_FW_IP_VERSION_ANY;
* app.Enabled = true;
*
* profile.AuthorizedApplications.Add(app);
* Console.WriteLine("App"); */
}catch (Exception e) {
Console.WriteLine(e.Message);
MessageBox.Show(e.Message);
}
}
public void Execute(Dictionary <string, string> arguments)
{
string ruleName = string.Empty;
string ruleDescription = string.Empty;
string ruleDirection = "out";
string ruleAction = "block";
List <string> ruleIPs = new List <string>();
string ruleIPFile = string.Empty;
bool ruleEnabled = true;
if (!arguments.ContainsKey("/rulename"))
{
Console.WriteLine("[-] The \"addrule\" command requires the \"rulename\" argument.");
return;
}
ruleName = arguments["/rulename"];
if (!(arguments.ContainsKey("/ruleips") || arguments.ContainsKey("/ruleipfile")))
{
Console.WriteLine("[-] The \"addrule\" command requires ONE of the following arguments: \"ruleips\", \"ruleipfile\"");
return;
}
if (arguments.ContainsKey("/ruleips") && arguments.ContainsKey("/ruleipfile"))
{
Console.WriteLine("[-] The \"addrule\" command requires ONE of the following arguments: \"ruleips\", \"ruleipfile\"");
return;
}
if (arguments.ContainsKey("/ruleips"))
{
string[] IPs = arguments["/ruleips"].Split(',');
foreach (string ip in IPs)
{
ruleIPs.Add(ip);
}
}
if (arguments.ContainsKey("/ruleipfile"))
{
try
{
string[] IPs = File.ReadAllLines(arguments["/ruleipfile"], Encoding.UTF8);
foreach (string ip in IPs)
{
ruleIPs.Add(ip);
}
}
catch (Exception e)
{
Console.WriteLine("[-] Error attemptig to read file: {0}", arguments["ruleipfile"]);
Console.WriteLine(e.Message);
return;
}
}
if (arguments.ContainsKey("/ruledescription"))
{
ruleDescription = arguments["/ruledescription"];
}
if (arguments.ContainsKey("/ruleDirection"))
{
ruleDirection = arguments["/ruledirection"];
}
if (arguments.ContainsKey("/ruleaction"))
{
ruleAction = arguments["/ruleaction"];
}
if (arguments.ContainsKey("/disable"))
{
ruleEnabled = false;
}
INetFwPolicy2 fwPolicy2 = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWPolicy2"));
INetFwRules currentRules = fwPolicy2.Rules;
foreach (INetFwRule rule in currentRules)
{
if (rule.Name == ruleName)
{
Console.WriteLine("[-] Rule with name {0} already exists.", rule.Name);
return;
}
}
INetFwRule fwRule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
fwRule.Name = ruleName;
fwRule.Profiles = Program.NET_FW_PROFILE2_ALL;
fwRule.RemoteAddresses = string.Join(",", ruleIPs.ToArray());
fwRule.Description = ruleDescription;
if (ruleAction == "block")
{
fwRule.Action = Program.NET_FW_ACTION_BLOCK;
if (ruleDirection == "out")
{
fwRule.Direction = (NET_FW_RULE_DIRECTION_)Program.NET_FW_RULE_DIRECTION_OUT;
}
else
{
fwRule.Direction = (NET_FW_RULE_DIRECTION_)Program.NET_FW_RULE_DIRECTION_IN;
}
}
else
{
fwRule.Action = (NET_FW_ACTION_)Program.NET_FW_ACTION_ALLOW;
}
fwRule.Enabled = ruleEnabled;
currentRules.Add(fwRule);
}