Example #1
0
        public void ReadXml(System.Xml.XmlReader reader)
        {
            while (!reader.IsStartElement("Blockedip"))
            {
                reader.Read();
            }

            reader.ReadStartElement("Blockedip");
            XmlSerializer ipSerialization = new XmlSerializer(typeof(IPAddr));

            Blockedip = (IPAddr)ipSerialization.Deserialize(reader);
            reader.ReadEndElement();

            while (!reader.IsStartElement("DateBlocked"))
            {
                reader.Read();
            }

            reader.ReadStartElement("DateBlocked");
            DateBlocked = (long)new XmlSerializer(typeof(long)).Deserialize(reader);
            reader.ReadEndElement();

            while (!reader.IsStartElement("Reason"))
            {
                reader.Read();
            }

            reader.ReadStartElement("Reason");
            Reason = (string)new XmlSerializer(typeof(string)).Deserialize(reader);
            reader.ReadEndElement();

            reader.ReadEndElement();
        }
Example #2
0
 public void Add(IPAddr ip)
 {
     try
     {
         locker.AcquireWriterLock(new TimeSpan(0, 1, 0));
         try
         {
             if (list.ContainsKey(ip))
             {
                 list[ip] = DateTime.UtcNow.Ticks;
             }
             else
             {
                 list.Add(ip, DateTime.UtcNow.Ticks);
             }
         }
         finally
         {
             locker.ReleaseWriterLock();
         }
     }
     catch (ApplicationException e)
     {
         Logging.LogCenter.Instance.LogException(e);
     }
 }
Example #3
0
        /// <summary>
        /// Generates a report on the selected IP address; pretty much just formats everything found
        /// in its IPObj object
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        private void infoButton_Click(object sender, EventArgs e)
        {
            int    rowIdx = 0;
            string ip     = null;

            fireBwall.Utils.IPObj tmp;

            if (blockedIPList.SelectedRows.Count <= 0)
            {
                ip  = potentialIPBox.SelectedItem.ToString();
                tmp = detector.potentials[IPAddr.Parse(ip)];
            }
            else if (potentialIPBox.SelectedIndex < 0)
            {
                rowIdx = blockedIPList.SelectedCells[0].RowIndex;
                ip     = blockedIPList["IP", rowIdx].Value.ToString();
                tmp    = detector.data.BlockCache[IPAddr.Parse(ip)];
            }
            else
            {
                return;
            }

            // go generate the report
            Report report = new Report();

            report.GenerateReport(tmp);
        }
Example #4
0
            public bool Contains(IPAddr ip, long secondsOld = -1)
            {
                bool contains = false;

                try
                {
                    locker.AcquireReaderLock(new TimeSpan(0, 1, 0));
                    try
                    {
                        if (secondsOld < 0)
                        {
                            contains = list.ContainsKey(ip);
                        }
                        else
                        {
                            contains = (list.ContainsKey(ip) && new DateTime(list[ip]).AddSeconds(secondsOld).CompareTo(DateTime.UtcNow) < 0);
                        }
                    }
                    finally
                    {
                        locker.ReleaseReaderLock();
                    }
                }
                catch (ApplicationException a)
                {
                    Logging.LogCenter.Instance.LogException(a);
                }
                return(contains);
            }
Example #5
0
        public bool InList(string list, IPAddr ip, long secondsOld = -1)
        {
            bool ret = false;

            try
            {
                locker.AcquireReaderLock(new TimeSpan(0, 1, 0));
                try
                {
                    IPList ipl;
                    if (iplists.TryGetValue(list, out ipl))
                    {
                        if (ipl.Contains(ip, secondsOld))
                        {
                            ret = true;
                        }
                    }
                }
                finally
                {
                    locker.ReleaseReaderLock();
                }
            }
            catch (ApplicationException ex)
            {
                Logging.LogCenter.Instance.LogException(ex);
            }
            return(ret);
        }
Example #6
0
 public bool Contains(IPAddr ip, long secondsOld = -1)
 {
     bool contains = false;
     try
     {
         locker.AcquireReaderLock(new TimeSpan(0, 1, 0));
         try
         {
             if (secondsOld < 0)
             {
                 contains = list.ContainsKey(ip);
             }
             else
             {
                 contains = (list.ContainsKey(ip) && new DateTime(list[ip]).AddSeconds(secondsOld).CompareTo(DateTime.UtcNow) < 0);
             }
         }
         finally
         {
             locker.ReleaseReaderLock();
         }
     }
     catch (ApplicationException a)
     {
         Logging.LogCenter.Instance.LogException(a);
     }
     return contains;
 }
Example #7
0
 public ConnectVM()
 {
     Ip            = new IPAddr();
     Ip.Ip         = "192.168.1.102";
     Ip.Port       = "31313";
     BtnConnectCmd = new RelayCommand(new Action <object>(Connect));
     IsEnable      = true;
 }
Example #8
0
        public void IPAddrSerialization()
        {
            XmlSerializer serializer = new XmlSerializer(typeof(IPAddr));
            MemoryStream  ms         = new MemoryStream();
            IPAddr        outAddr    = IPAddr.Parse("192.168.1.1");

            serializer.Serialize(ms, outAddr);
            ms.Position = 0;
            IPAddr inAddr = (IPAddr)serializer.Deserialize(ms);

            Assert.AreEqual("192.168.1.1", inAddr.ToString());
        }
Example #9
0
        /// <summary>
        /// removes the blocked IP address from the table and the block cache
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        private void removeBlockedButton_Click(object sender, EventArgs e)
        {
            if (blockedIPList.SelectedRows.Count < 0)
            {
                return;
            }

            int    rowIdx = blockedIPList.SelectedCells[0].RowIndex;
            string ip     = blockedIPList["IP", rowIdx].Value.ToString();

            // remove it from the block cache
            detector.data.BlockCache.Remove(IPAddr.Parse(ip));
            blockedIPList.Rows.RemoveAt(rowIdx);
        }
Example #10
0
 /// <summary>
 /// Adds a potential IP address 
 /// </summary>
 /// <param name="addr"></param>
 public void addPotential(IPAddr addr)
 {
     if (potentialIPBox.InvokeRequired)
     {
         potentialIPBox.Invoke((MethodInvoker)delegate
         {
             addPotential(addr);
         });
     }
     else
     {
         if (!potentialIPBox.Items.Contains(addr.ToString()))
             this.potentialIPBox.Items.Add(addr.ToString());
     }
 }
Example #11
0
 private void button1_Click_1(object sender, EventArgs e)
 {
     try
     {
         if (listBox1.SelectedItem != null)
         {
             string i  = (string)listBox1.SelectedItem;
             IPAddr ip = IPAddr.Parse(i.Split(' ')[2]);
             cache.Remove(ip);
             saap.UpdateCache(cache);
             cache = saap.GetCache();
             saap_UpdatedArpCache();
         }
     }
     catch { }
 }
Example #12
0
 public void scanAll()
 {
     if (startIP != null && endIP != null)
     {
         IPAddr ipAddr = new IPAddr(startIP);
         while (endIP.larger(ipAddr))
         {
             scanUser(ipAddr);
             ipAddr.increase();
             if (isStopScan)
             {
                 break;
             }
         }
     }
 }
Example #13
0
        /// <summary>
        /// Handles the IP add button
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        private void addButton_Click(object sender, EventArgs e)
        {
            // if the given string is a valid IPv4 addr.
            // IPAddress.TryParse is broken.
            if (regIP.IsMatch(addField.Text))
            {
                IPAddr t = IPAddr.Parse(addField.Text);
                blockcache.Add(new BlockedIP(t, DateTime.UtcNow, "User added"));

                // update the module blockcache and update the table
                UpdateBlockedCache();
                RebuildTable();

                // consume input
                addField.Text = "";
            }
        }
Example #14
0
        /// <summary>
        /// handles the block button action; adds the selected IP address
        /// to the block list
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        private void blockButton_Click(object sender, EventArgs e)
        {
            if (potentialIPBox.SelectedIndex < 0)
            {
                return;
            }

            String ip = potentialIPBox.SelectedItem.ToString();

            // add it to the data block cache
            detector.data.BlockCache.Add(IPAddr.Parse(ip), detector.potentials[IPAddr.Parse(ip)]);
            // remove it from the potential list
            potentialIPBox.Items.Remove(ip);
            detector.potentials.Remove(IPAddr.Parse(ip));
            // add it to the block list
            blockedIPList.Rows.Add(ip);
        }
Example #15
0
        public void Connect(object obj)
        {
            IPAddr ipTemp = obj as IPAddr;

            App.NetCtrl = new NetCtrl(ipTemp.Ip, ipTemp.Port);
            App.NetCtrl.Send("1|1|");
            if (App.NetCtrl.SocketClient.Connected)
            {
                LoginV loginV = new LoginV();
                loginV.Show();
                IsEnable = false;
            }
            else
            {
                MessageBox.Show("连接失败");
            }
        }
Example #16
0
 /// <summary>
 /// Adds a potential IP address
 /// </summary>
 /// <param name="addr"></param>
 public void addPotential(IPAddr addr)
 {
     if (potentialIPBox.InvokeRequired)
     {
         potentialIPBox.Invoke((MethodInvoker) delegate
         {
             addPotential(addr);
         });
     }
     else
     {
         if (!potentialIPBox.Items.Contains(addr.ToString()))
         {
             this.potentialIPBox.Items.Add(addr.ToString());
         }
     }
 }
Example #17
0
        public void ListofIPAddrSerialization()
        {
            XmlSerializer serializer = new XmlSerializer(typeof(List <IPAddr>));
            MemoryStream  ms         = new MemoryStream();
            IPAddr        outAddr    = IPAddr.Parse("192.168.1.1");
            List <IPAddr> list       = new List <IPAddr>();

            list.Add(outAddr);
            list.Add(outAddr);
            list.Add(outAddr);
            serializer.Serialize(ms, list);
            ms.Position = 0;
            List <IPAddr> inAddr = (List <IPAddr>)serializer.Deserialize(ms);

            Assert.AreEqual("192.168.1.1", inAddr[0].ToString());
            Assert.AreEqual("192.168.1.1", inAddr[1].ToString());
            Assert.AreEqual("192.168.1.1", inAddr[2].ToString());
        }
Example #18
0
        public void DictionaryofIPAddrSerialization()
        {
            XmlSerializer serializer = new XmlSerializer(typeof(SerializableDictionary <IPAddr, IPAddr>));
            MemoryStream  ms         = new MemoryStream();
            IPAddr        outAddr    = IPAddr.Parse("192.168.1.1");
            SerializableDictionary <IPAddr, IPAddr> list = new SerializableDictionary <IPAddr, IPAddr>();

            list.Add(outAddr, outAddr);
            serializer.Serialize(ms, list);
            ms.Position = 0;
            SerializableDictionary <IPAddr, IPAddr> inAddr = (SerializableDictionary <IPAddr, IPAddr>)serializer.Deserialize(ms);

            foreach (KeyValuePair <IPAddr, IPAddr> pair in inAddr)
            {
                Assert.AreEqual("192.168.1.1", pair.Key.ToString());
                Assert.AreEqual("192.168.1.1", pair.Value.ToString());
            }
        }
Example #19
0
        public void SerializableDictionaryOfIPAddrSerialization()
        {
            XmlSerializer             serializer = new XmlSerializer(typeof(SerializableList <IPAddr>));
            MemoryStream              ms         = new MemoryStream();
            IPAddr                    outAddr    = IPAddr.Parse("192.168.1.1");
            SerializableList <IPAddr> list       = new SerializableList <IPAddr>();

            list.Add(outAddr);
            list.Add(outAddr);
            serializer.Serialize(ms, list);
            ms.Position = 0;
            SerializableList <IPAddr> inAddr = (SerializableList <IPAddr>)serializer.Deserialize(ms);

            foreach (IPAddr ip in inAddr)
            {
                Assert.AreEqual("192.168.1.1", ip.ToString());
                Assert.AreEqual("192.168.1.1", ip.ToString());
            }
        }
Example #20
0
 public void AddToList(string list, IPAddr ip)
 {
     try
     {
         LockCookie upgrade  = new LockCookie();
         bool       upgraded = false;
         if (locker.IsReaderLockHeld)
         {
             upgrade  = locker.UpgradeToWriterLock(new TimeSpan(0, 1, 0));
             upgraded = true;
         }
         else
         {
             locker.AcquireWriterLock(new TimeSpan(0, 1, 0));
         }
         try
         {
             if (!iplists.ContainsKey(list))
             {
                 iplists[list] = new IPList();
             }
             iplists[list].Add(ip);
         }
         finally
         {
             if (upgraded)
             {
                 locker.DowngradeFromWriterLock(ref upgrade);
             }
             else
             {
                 locker.ReleaseWriterLock();
             }
         }
     }
     catch (ApplicationException a)
     {
         Logging.LogCenter.Instance.LogException(a);
     }
 }
Example #21
0
 public static IPAddr GetLocalIPAddress(INDISFilter adapter)
 {
     IPAddr address = new IPAddr();
     NetworkInterface[] nics = NetworkInterface.GetAllNetworkInterfaces();
     
     foreach (var adapt in nics)
     {
         // if this adapter matches the one we're looking for
         if (adapt.Id.Equals(adapter.GetAdapterInformation().Id))
         {
             foreach(var i in adapt.GetIPProperties().UnicastAddresses)
             {
                 if (i.Address.AddressFamily == System.Net.Sockets.AddressFamily.InterNetwork)
                 {
                     address = new IPAddr(i.Address.GetAddressBytes());
                     return address;
                 }
             }
         }
     }
     return null;
 }
Example #22
0
            /// <summary>
            /// Check if an IP address falls within the given range
            /// </summary>
            /// <param name="addr">address to check</param>
            /// <returns>true/false</returns>
            public bool IsInRange(IPAddr addr)
            {
                byte[] addrBytes = addr.GetAddressBytes();

                bool lBound = true;
                bool uBound = true;

                // iterate over ip bytes in the range
                for (int i = 0; i < this.lowerBytes.Length &&
                     (lBound || uBound); ++i)
                {
                    if ((lBound && addrBytes[i] < lowerBytes[i]) ||
                        (uBound && addrBytes[i] > upperBytes[i]))
                    {
                        return(false);
                    }

                    lBound &= (addrBytes[i] == lowerBytes[i]);
                    uBound &= (addrBytes[i] == upperBytes[i]);
                }
                return(true);
            }
Example #23
0
 public void Remove(IPAddr ip)
 {
     try
     {
         locker.AcquireReaderLock(new TimeSpan(0, 1, 0));
         try
         {
             if (list.ContainsKey(ip))
             {
                 LockCookie lc = new LockCookie();
                 try
                 {
                     lc = locker.UpgradeToWriterLock(new TimeSpan(0, 1, 0));
                     try
                     {
                         list.Remove(ip);
                     }
                     finally
                     {
                         locker.DowngradeFromWriterLock(ref lc);
                     }
                 }
                 catch (ApplicationException e)
                 {
                     Logging.LogCenter.Instance.LogException(e);
                 }
             }
         }
         finally
         {
             locker.ReleaseReaderLock();
         }
     }
     catch (ApplicationException aex)
     {
         Logging.LogCenter.Instance.LogException(aex);
     }
 }
Example #24
0
 public void Remove(IPAddr ip)
 {
     try
     {
         locker.AcquireReaderLock(new TimeSpan(0, 1, 0));
         try
         {
             if (list.ContainsKey(ip))
             {
                 LockCookie lc = new LockCookie();
                 try
                 {
                     lc = locker.UpgradeToWriterLock(new TimeSpan(0, 1, 0));
                     try
                     {
                         list.Remove(ip);
                     }
                     finally
                     {
                         locker.DowngradeFromWriterLock(ref lc);
                     }
                 }
                 catch (ApplicationException e)
                 {
                     Logging.LogCenter.Instance.LogException(e);
                 }
             }
         }
         finally
         {
             locker.ReleaseReaderLock();
         }
     }
     catch (ApplicationException aex)
     {
         Logging.LogCenter.Instance.LogException(aex);
     }
 }
Example #25
0
 public void Add(IPAddr ip)
 {
     try
     {
         locker.AcquireWriterLock(new TimeSpan(0, 1, 0));
         try
         {
             if (list.ContainsKey(ip))
                 list[ip] = DateTime.UtcNow.Ticks;
             else
                 list.Add(ip, DateTime.UtcNow.Ticks);
         }
         finally
         {
             locker.ReleaseWriterLock();
         }
     }
     catch (ApplicationException e)
     {
         Logging.LogCenter.Instance.LogException(e);
     }                   
 }            
Example #26
0
 public static bool TryParse(string ipAddr, out IPAddr addr)
 {
     addr = null;
     if (Regex.IsMatch(ipAddr, @"^((2[0-4]\d|25[0-5]|[01]?\d\d?)\.){3}(2[0-4]\d|25[0-5]|[01]?\d\d?)$"))
     {
         int[] ip = new int[4];
         int index = 0;
         for (int i = 0; i < ipAddr.Length; ++i)
         {
             if (ipAddr[i] == '.')
             {
                 ++index;
             }
             else
             {
                 ip[index] = ip[index] * 10 + ipAddr[i] - '0';
             }
         }
         addr = new IPAddr(ip);
         return true;
     }
     return false;
 }
Example #27
0
 private void scanUser(IPAddr ipAddr)
 {
     string send = "SCAN" + listener.localInfo.Name + "\0" + listener.localInfo.Port;
     IPEndPoint ip = new IPEndPoint(IPAddress.Parse(ipAddr.ToString()), this.port);
     Socket server = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
     byte[] bytes = Encoding.UTF8.GetBytes(send);
     server.SendTo(bytes, ip);
     bytes = new byte[1024];
     IPEndPoint sender = new IPEndPoint(IPAddress.Any, 0);
     EndPoint remote = (EndPoint)sender;
     server.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReceiveTimeout, 1000);
     try
     {
         int recv = server.ReceiveFrom(bytes, ref remote);
         if (recv >= 4)
         {
             UserInfo info = new UserInfo();
             string[] strs = Encoding.UTF8.GetString(bytes, 0, recv).Substring(4).Split(new char[1] { '\0' });
             info.Name = strs[0];
             info.IP = ipAddr.ToString();
             info.Port = this.port;
             lock (listener)
             {
                 listener.addUser(info);
             }
         }
     }
     catch
     {
     }
     server.Close();
 }
Example #28
0
 public bool larger(IPAddr addr)
 {
     for (int i = 0; i < 4; ++i)
     {
         if (this.ip[i] < addr.ip[i])
         {
             return false;
         }
     }
     return true;
 }
Example #29
0
 public IPAddr(IPAddr ipAddr)
 {
     for (int i = 0; i < 4; ++i)
     {
         this.ip[i] = ipAddr.ip[i];
     }
 }
Example #30
0
 /// <summary>
 /// Checks if an IP is local
 /// </summary>
 /// <param name="ip"></param>
 /// <returns></returns>
 private bool isLocalIP(IPAddr ip)
 {
     return(Adapter.GetAdapterInformation().IPv4.Equals(ip) || Adapter.GetAdapterInformation().IPv6.Equals(ip));
 }
Example #31
0
            /// <summary>
            /// Check if an IP address falls within the given range
            /// </summary>
            /// <param name="addr">address to check</param>
            /// <returns>true/false</returns>
            public bool IsInRange(IPAddr addr)
            {
                byte[] addrBytes = addr.GetAddressBytes();

                bool lBound = true;
                bool uBound = true;

                // iterate over ip bytes in the range
                for (int i = 0; i < this.lowerBytes.Length &&
                        (lBound || uBound); ++i)
                {
                    if ((lBound && addrBytes[i] < lowerBytes[i]) ||
                        (uBound && addrBytes[i] > upperBytes[i]))
                    {
                        return false;
                    }

                    lBound &= (addrBytes[i] == lowerBytes[i]);
                    uBound &= (addrBytes[i] == upperBytes[i]);
                }
                return true;
            }
 //Helper get method for IPAddress type
 public string getStringIPAddress()
 {
     return(IPAddr.ToString());
 }
Example #33
0
 // def init
 public BlockedIP()
 {
     this.Blockedip = new IPAddr();
     DateBlocked = DateTime.UtcNow.Ticks;
     Reason = "";
 }
Example #34
0
 public override PacketMainReturnType interiorMain(ref Packet in_packet)
 {
     if (in_packet.GetHighestLayer() == Protocol.ARP)
     {
         ARPPacket arpp = (ARPPacket)in_packet;
         if (arpp.isRequest && arpp.Outbound)
         {
             IPAddr ip = new IPAddr(arpp.ATargetIP.GetAddressBytes());
             if (!requestedIPs.Contains(ip))
             {
                 requestedIPs.Add(ip);
             }
         }
         else if (!arpp.Outbound)
         {
             IPAddr ip = new IPAddr(arpp.ASenderIP.GetAddressBytes());
             if (!arpp.isRequest)
             {
                 if (requestedIPs.Contains(ip))
                 {
                     lock (padlock)
                     {
                         if (data.arpCache.ContainsKey(new IPAddr(arpp.ASenderIP.GetAddressBytes())))
                         {
                             if (!Utility.ByteArrayEq(data.arpCache[new IPAddr(arpp.ASenderIP.GetAddressBytes())].AddressBytes, arpp.ASenderMac))
                             {
                                 PacketMainReturnType pmr = 0;
                                 if (data.RectifyAttacks)
                                 {
                                     pmr = PacketMainReturnType.Edited;
                                 }
                                 else
                                 {
                                     pmr = PacketMainReturnType.Drop;
                                 }
                                 if (data.LogAttacks)
                                 {
                                     LogEvent le = new LogEvent(String.Format(multistring.GetString("Response does not equal cache"), new PhysicalAddress(arpp.ASenderMac).ToString(), arpp.ASenderIP.ToString()), this);
                                     le.PMR = PacketMainReturnType.Log | PacketMainReturnType.Popup;
                                     LogCenter.Instance.LogEvent(le);
                                 }
                                 if (data.RectifyAttacks)
                                 {
                                     arpp.ATargetIP  = arpp.ASenderIP;
                                     arpp.ATargetMac = data.arpCache[new IPAddr(arpp.ATargetIP.GetAddressBytes())].AddressBytes;
                                     arpp.ASenderMac = this.Adapter.GetAdapterInformation().InterfaceInformation.GetPhysicalAddress().GetAddressBytes();
                                     arpp.FromMac    = arpp.ASenderMac;
                                     arpp.ToMac      = arpp.ATargetMac;
                                     arpp.ASenderIP  = Adapter.GetAdapterInformation().IPv4;
                                     arpp.Outbound   = true;
                                     in_packet       = arpp;
                                 }
                                 return(pmr);
                             }
                             else
                             {
                                 requestedIPs.Remove(ip);
                             }
                         }
                         else
                         {
                             data.arpCache[new IPAddr(arpp.ASenderIP.GetAddressBytes())] = new MACAddr(arpp.ASenderMac);
                             if (UpdatedArpCache != null)
                             {
                                 UpdatedArpCache();
                             }
                             requestedIPs.Remove(ip);
                         }
                     }
                 }
                 else
                 {
                     lock (padlock)
                     {
                         if (data.arpCache.ContainsKey(new IPAddr(arpp.ASenderIP.GetAddressBytes())))
                         {
                             if (!Utility.ByteArrayEq(data.arpCache[new IPAddr(arpp.ASenderIP.GetAddressBytes())].AddressBytes, arpp.ASenderMac))
                             {
                                 PacketMainReturnType pmra = 0;
                                 if (data.RectifyAttacks)
                                 {
                                     pmra = PacketMainReturnType.Edited;
                                 }
                                 else
                                 {
                                     pmra = PacketMainReturnType.Drop;
                                 }
                                 if (data.LogAttacks)
                                 {
                                     LogEvent le = new LogEvent(String.Format(multistring.GetString("Response does not equal cache"), new PhysicalAddress(arpp.ASenderMac).ToString(), arpp.ASenderIP.ToString()), this);
                                     le.PMR = PacketMainReturnType.Log | PacketMainReturnType.Popup;
                                     LogCenter.Instance.LogEvent(le);
                                 }
                                 if (data.RectifyAttacks)
                                 {
                                     arpp.ATargetIP  = arpp.ASenderIP;
                                     arpp.ATargetMac = data.arpCache[new IPAddr(arpp.ATargetIP.GetAddressBytes())].AddressBytes;
                                     arpp.ASenderMac = this.Adapter.GetAdapterInformation().InterfaceInformation.GetPhysicalAddress().GetAddressBytes();
                                     arpp.FromMac    = arpp.ASenderMac;
                                     arpp.ToMac      = arpp.ATargetMac;
                                     arpp.ASenderIP  = Adapter.GetAdapterInformation().IPv4;
                                     arpp.Outbound   = true;
                                     in_packet       = arpp;
                                 }
                                 return(pmra);
                             }
                         }
                     }
                     PacketMainReturnType pmr = 0;
                     pmr = PacketMainReturnType.Drop;
                     if (data.LogUnsolic)
                     {
                         LogEvent le2 = new LogEvent(String.Format(multistring.GetString("Unsolicited"), new PhysicalAddress(arpp.ASenderMac).ToString(), arpp.ASenderIP.ToString()), this);
                         le2.PMR = PacketMainReturnType.Log;
                     }
                     return(pmr);
                 }
             }
             else
             {
                 lock (padlock)
                 {
                     if (data.arpCache.ContainsKey(new IPAddr(arpp.ASenderIP.GetAddressBytes())))
                     {
                         if (!Utility.ByteArrayEq(data.arpCache[new IPAddr(arpp.ASenderIP.GetAddressBytes())].AddressBytes, arpp.ASenderMac))
                         {
                             PacketMainReturnType pmr = PacketMainReturnType.Drop;
                             if (data.LogAttacks)
                             {
                                 LogEvent le = new LogEvent(String.Format(multistring.GetString("Response does not equal cache"), new PhysicalAddress(arpp.ASenderMac).ToString(), arpp.ASenderIP.ToString()), this);
                                 le.PMR = PacketMainReturnType.Log | PacketMainReturnType.Popup;
                                 LogCenter.Instance.LogEvent(le);
                             }
                             return(pmr);
                         }
                     }
                 }
             }
             return(0);
         }
         return(0);
     }
     return(0);
 }
Example #35
0
 /// <summary>
 /// Determine whether a given IP address is blocked
 /// 
 /// Note to Drone:  HashSet would make this faster, even more so after IPv6 is connected everywheres
 /// </summary>
 /// <param name="i">IP address to resolve</param>
 /// <returns>bool</returns>
 private bool isIPAllowed(IPAddr i)
 {
     return !data.BlockCache.ContainsKey(i);
 }
Example #36
0
 public IPObj(IPAddr addr)
 {
     this.Address = addr;
     time(DateTime.Now);
 }
Example #37
0
    static async Task FqdnScanAsync(ConsoleService c, string cmdName, string str)
    {
        ConsoleParam[] args =
        {
            new ConsoleParam("[subnets]",  ConsoleService.Prompt, "Subnets: ", ConsoleService.EvalNotEmpty, null),
            new ConsoleParam("servers"),
            new ConsoleParam("threads"),
            new ConsoleParam("interval"),
            new ConsoleParam("try"),
            new ConsoleParam("shuffle"),
            new ConsoleParam("fqdnorder"),
            new ConsoleParam("dest"),
            new ConsoleParam("ports"),
        };

        ConsoleParamValueList vl = c.ParseCommandList(cmdName, str, args);

        string subnets   = vl.DefaultParam.StrValue;
        string servers   = vl["servers"].StrValue;
        int    threads   = vl["threads"].IntValue;
        int    interval  = vl["interval"].IntValue;
        int    numtry    = vl["try"].IntValue;
        bool   shuffle   = vl["shuffle"].StrValue._ToBool(true);
        bool   fqdnorder = vl["fqdnorder"].StrValue._ToBool(true);
        string csv       = vl["dest"].StrValue;
        string portsStr  = vl["ports"].StrValue;

        PortRange portRange = new PortRange(portsStr);

        var serversList = servers._Split(StringSplitOptions.RemoveEmptyEntries, " ", " ", ",", "|");

        if (serversList._IsEmpty())
        {
            serversList = new string[] { "8.8.8.8", "8.8.4.4", "1.1.1.1", "3.3.3.3" };
        }

        List <IPEndPoint> endPointsList = new List <IPEndPoint>();

        serversList._DoForEach(x => endPointsList.Add(new IPEndPoint(x._ToIPAddress() !, 53)));

        using DnsHostNameScanner scan = new DnsHostNameScanner(
                  settings: new DnsHostNameScannerSettings { Interval = interval, NumThreads = threads, NumTry = numtry, PrintStat = true, RandomInterval = true, Shuffle = shuffle, PrintOrderByFqdn = fqdnorder, TcpPorts = portRange.ToArray(), },
                  dnsSettings: new DnsResolverSettings(dnsServersList: endPointsList, flags: DnsResolverFlags.UdpOnly | DnsResolverFlags.RoundRobinServers));

        var list = await scan.PerformAsync(subnets);

        if (csv._IsFilled())
        {
            using var csvWriter = Lfs.WriteCsv <FqdnScanResult>(csv, false, true, writeBom: false, flags: FileFlags.AutoCreateDirectory);

            foreach (var item in list)
            {
                if (item.HostnameList._IsFilled())
                {
                    FqdnScanResult r = new FqdnScanResult();

                    r.IpSortKey   = IPAddr.FromAddress(item.Ip).GetZeroPaddingFullString();
                    r.Ip          = item.Ip.ToString();
                    r.FqdnSortKey = Str.ReverseFqdnStr(item.HostnameList.First()).ToLowerInvariant();
                    r.FqdnList    = item.HostnameList._Combine(" / ");
                    r.TcpPortList = item.TcpPorts.Select(x => x.ToString())._Combine(" / ");

                    csvWriter.WriteData(r);
                }
            }
        }
    }
Example #38
0
 public bool InList(string list, IPAddr ip, long secondsOld = -1)
 {
     bool ret = false;
     try
     {
         locker.AcquireReaderLock(new TimeSpan(0, 1, 0));
         try
         {
             IPList ipl;
             if (iplists.TryGetValue(list, out ipl))
             {
                 if (ipl.Contains(ip, secondsOld))
                     ret = true;
             }
         }
         finally
         {
            locker.ReleaseReaderLock();
         }
     }
     catch (ApplicationException ex)
     {
         Logging.LogCenter.Instance.LogException(ex);
     }
     return ret;
 }
Example #39
0
 // constructor with vars
 public BlockedIP(IPAddr b, DateTime d, string s)
 {
     this.Blockedip = b;
     this.DateBlocked = d.Ticks;
     this.Reason = s;
 }
Example #40
0
 public void AddToList(string list, IPAddr ip)
 {
     try
     {
         LockCookie upgrade = new LockCookie();
         bool upgraded = false;
         if (locker.IsReaderLockHeld)
         {
             upgrade = locker.UpgradeToWriterLock(new TimeSpan(0, 1, 0));
             upgraded = true;
         }
         else
             locker.AcquireWriterLock(new TimeSpan(0, 1, 0));
         try
         {
             if (!iplists.ContainsKey(list))
             {
                 iplists[list] = new IPList();
             }
             iplists[list].Add(ip);
         }
         finally
         {
             if (upgraded)
                 locker.DowngradeFromWriterLock(ref upgrade);
             else
                 locker.ReleaseWriterLock();
         }
     }
     catch (ApplicationException a)
     {
         Logging.LogCenter.Instance.LogException(a);
     }
 }
Example #41
0
        public override PacketMainReturnType interiorMain(ref Packet in_packet)
        {
            PacketMainReturnType pmr;
            LogEvent             le;
            float av = 0;

            if (in_packet.ContainsLayer(Protocol.TCP))
            {
                // if we're in cloaked mode, respond with the SYN ACK
                // More information about this in the GUI code and help string
                if (data.cloaked_mode && ((TCPPacket)in_packet).SYN && !((TCPPacket)in_packet).ACK)
                {
                    TCPPacket from = (TCPPacket)in_packet;

                    EthPacket eth = new EthPacket(60);
                    eth.FromMac = Adapter.GetAdapterInformation().InterfaceInformation.GetPhysicalAddress().GetAddressBytes();
                    eth.ToMac   = from.FromMac;
                    eth.Proto   = new byte[2] {
                        0x08, 0x00
                    };

                    IPPacket ip = new IPPacket(eth);
                    ip.DestIP         = from.SourceIP;
                    ip.SourceIP       = from.DestIP;
                    ip.NextProtocol   = 0x06;
                    ip.TotalLength    = 40;
                    ip.HeaderChecksum = ip.GenerateIPChecksum;

                    TCPPacket tcp = new TCPPacket(ip);
                    tcp.SourcePort     = from.DestPort;
                    tcp.DestPort       = from.SourcePort;
                    tcp.SequenceNumber = (uint)new Random().Next();
                    tcp.AckNumber      = 0;
                    tcp.WindowSize     = 8192;
                    tcp.SYN            = true;
                    tcp.ACK            = true;
                    tcp.Checksum       = tcp.GenerateChecksum;
                    tcp.Outbound       = true;
                    Adapter.SendPacket(tcp);
                }

                try
                {
                    TCPPacket packet = (TCPPacket)in_packet;

                    // if the IP is in the blockcache, then return
                    if (data.BlockCache == null)
                    {
                        data.BlockCache = new SerializableDictionary <IPAddr, IPObj>();
                    }
                    IPAddr source = packet.SourceIP;
                    if (data.BlockCache.ContainsKey(source))
                    {
                        pmr = PacketMainReturnType.Drop;
                        return(pmr);
                    }

                    // checking for TTL allows us to rule out the local network
                    // Don't check for TCP flags because we can make an educated guess that if 100+ of our ports are
                    // fingered with a short window, we're being scanned. this will detect syn, ack, null, xmas, etc. scans.
                    if ((!packet.Outbound) && (packet.TTL < 250) && packet.SYN && !packet.ACK)
                    {
                        IPObj tmp;
                        if (ip_table == null)
                        {
                            ip_table = new Dictionary <IPAddr, IPObj>();
                        }
                        if (ip_table.ContainsKey(source))
                        {
                            tmp = (IPObj)ip_table[source];
                        }
                        else
                        {
                            tmp = new IPObj(source);
                        }

                        // add the port to the ipobj, set the access time, and update the table
                        tmp.addPort(packet.DestPort);
                        //tmp.time(packet.PacketTime);
                        ip_table[source] = tmp;
                        av = tmp.getAverage();

                        // if they've touched more than 100 ports in less than 30 seconds and the average
                        // packet time was less than 2s, something's wrong
                        if (tmp.getTouchedPorts().Count >= 100 && (!tmp.Reported) &&
                            tmp.getAverage() < 2000)
                        {
                            pmr = PacketMainReturnType.Log | PacketMainReturnType.Allow;
                            le  = new LogEvent(String.Format(multistring.GetString("Touched Ports"),
                                                             source.ToString(), tmp.getTouchedPorts().Count, tmp.getAverage()), this);
                            LogCenter.Instance.LogEvent(le);

                            // set the reported status of the IP address
                            ip_table[source].Reported = true;

                            // add the address to the potential list of IPs and to the local SESSION-BASED list
                            if (!data.blockImmediately)
                            {
                                potentials.Add(source, ip_table[source]);
                                detect.addPotential(source);
                            }
                            // else we want to block it immediately
                            else
                            {
                                data.BlockCache.Add(source, ip_table[source]);
                            }

                            return(pmr);
                        }
                    }
                }
                catch (Exception e)
                {
                    LogCenter.Instance.LogException(e);
                    return(PacketMainReturnType.Allow);
                }
            }
            // This will detect UDP knockers.  typically UDP scans are slower, but are combined with SYN scans
            // (-sSU in nmap) so we'll be sure to check for these guys too.
            else if (in_packet.ContainsLayer(Protocol.UDP))
            {
                try
                {
                    UDPPacket packet = (UDPPacket)in_packet;
                    IPAddr    source = packet.SourceIP;
                    // if the source addr is in the block cache, return
                    if (data.BlockCache.ContainsKey(source))
                    {
                        return(PacketMainReturnType.Drop);
                    }

                    if ((!packet.Outbound) && (packet.TTL < 250) &&
                        (!packet.isDNS()))
                    {
                        IPObj tmp;
                        if (ip_table.ContainsKey(source))
                        {
                            tmp = (IPObj)ip_table[source];
                        }
                        else
                        {
                            tmp = new IPObj(source);
                        }

                        tmp.addPort(packet.DestPort);
                        //tmp.time(packet.PacketTime);
                        ip_table[source] = tmp;
                        av = tmp.getAverage();

                        if ((tmp.getTouchedPorts().Count >= 100) && (!tmp.Reported) &&
                            (tmp.getAverage() < 2000))
                        {
                            pmr = PacketMainReturnType.Log | PacketMainReturnType.Allow;
                            le  = new LogEvent(String.Format(multistring.GetString("Touched Ports"),
                                                             source.ToString(), tmp.getTouchedPorts().Count, tmp.getAverage()), this);
                            LogCenter.Instance.LogEvent(le);

                            ip_table[source].Reported = true;

                            if (!data.blockImmediately)
                            {
                                potentials.Add(source, ip_table[source]);
                                detect.addPotential(source);
                            }
                            else
                            {
                                data.BlockCache.Add(source, ip_table[source]);
                            }
                            return(pmr);
                        }
                    }
                }
                catch (Exception e)
                {
                    LogCenter.Instance.LogException(e);
                    return(PacketMainReturnType.Allow);
                }
            }
            return(PacketMainReturnType.Allow);
        }
Example #42
0
 /// <summary>
 /// Checks if an IP is local
 /// </summary>
 /// <param name="ip"></param>
 /// <returns></returns>
 private bool isLocalIP(IPAddr ip)
 {
     return (Adapter.GetAdapterInformation().IPv4.Equals(ip) || Adapter.GetAdapterInformation().IPv6.Equals(ip));
 }
Example #43
0
 // def init
 public BlockedIP()
 {
     this.Blockedip = new IPAddr();
     DateBlocked    = DateTime.UtcNow.Ticks;
     Reason         = "";
 }
Example #44
0
        public void ReadXml(System.Xml.XmlReader reader)
        {
            while (!reader.IsStartElement("Blockedip"))
                reader.Read();

            reader.ReadStartElement("Blockedip");
            XmlSerializer ipSerialization = new XmlSerializer(typeof(IPAddr));
            Blockedip = (IPAddr)ipSerialization.Deserialize(reader);
            reader.ReadEndElement();

            while (!reader.IsStartElement("DateBlocked"))
                reader.Read();

            reader.ReadStartElement("DateBlocked");
            DateBlocked = (long)new XmlSerializer(typeof(long)).Deserialize(reader);
            reader.ReadEndElement();

            while (!reader.IsStartElement("Reason"))
                reader.Read();

            reader.ReadStartElement("Reason");
            Reason = (string)new XmlSerializer(typeof(string)).Deserialize(reader);
            reader.ReadEndElement();

            reader.ReadEndElement();
        }
Example #45
0
 public TCPIPPortRule(PacketStatus ps, IPAddr ip, int port, Direction direction, bool log, bool notify)
 {
     this.ps = ps;
     this.direction = direction;
     this.port = port;
     this.ip = ip;
     this.log = log;
     this.notify = notify;
 }
Example #46
0
 // constructor with vars
 public BlockedIP(IPAddr b, DateTime d, string s)
 {
     this.Blockedip   = b;
     this.DateBlocked = d.Ticks;
     this.Reason      = s;
 }
Example #47
0
 private bool Contains(IPAddr ip)
 {
     return ips.Contains(ip);
 }
Example #48
0
 /// <summary>
 /// Determine whether a given IP address is blocked
 ///
 /// Note to Drone:  HashSet would make this faster, even more so after IPv6 is connected everywheres
 /// </summary>
 /// <param name="i">IP address to resolve</param>
 /// <returns>bool</returns>
 private bool isIPAllowed(IPAddr i)
 {
     return(!data.BlockCache.ContainsKey(i));
 }
Example #49
0
        public override void ReadXml(XmlReader reader)
        {
            XmlSerializer logSerializer = new XmlSerializer(typeof(bool));
            XmlSerializer notifySerializer = new XmlSerializer(typeof(bool));
            XmlSerializer intSerializer = new XmlSerializer(typeof(int));
            XmlSerializer byteSerializer = new XmlSerializer(typeof(IPAddr));

            reader.ReadStartElement("tcpipportrule");

            reader.ReadStartElement("log");
            log = (bool)logSerializer.Deserialize(reader);
            reader.ReadEndElement();

            reader.ReadStartElement("notify");
            notify = (bool)notifySerializer.Deserialize(reader);
            reader.ReadEndElement();

            XmlSerializer dirSerializer = new XmlSerializer(typeof(Direction));
            reader.ReadStartElement("direction");
            direction = (Direction)dirSerializer.Deserialize(reader);
            reader.ReadEndElement();

            XmlSerializer statusSerializer = new XmlSerializer(typeof(PacketStatus));
            reader.ReadStartElement("status");
            ps = (PacketStatus)statusSerializer.Deserialize(reader);
            reader.ReadEndElement();

            reader.ReadStartElement("port");
            port = ((int)intSerializer.Deserialize(reader));
            reader.ReadEndElement();

            reader.ReadStartElement("ip");
            ip = ((IPAddr)byteSerializer.Deserialize(reader));
            reader.ReadEndElement();

            reader.ReadEndElement();
        }
Example #50
0
        static async Task MainAsync()
        {
            Console.Title = "Audio Streamer - PC to Android";

            IPAddress IPAddr;
            bool      UseAdb = false;

            try
            {
                var AdbDevices = Process.Start(new ProcessStartInfo()
                {
                    FileName               = "adb",
                    Arguments              = "devices",
                    UseShellExecute        = false,
                    RedirectStandardOutput = true
                });

                await AdbDevices.StandardOutput.ReadLineAsync();

                UseAdb = !string.IsNullOrWhiteSpace(await AdbDevices.StandardOutput.ReadLineAsync());
            }
            catch (System.ComponentModel.Win32Exception)
            {
            }

            if (UseAdb)
            {
                IPAddr = IPAddress.Loopback;
            }
            else
            {
                Console.Write("IP: ");
                IPAddr = IPAddress.Parse(Console.ReadLine());
            }

            Process.GetCurrentProcess().PriorityClass = ProcessPriorityClass.High;
            using (Capture = new WasapiLoopbackCapture(0, new CSCore.WaveFormat(), ThreadPriority.Highest))
            {
                while (true)
                {
                    var NoSpamDelay = Task.Delay(1000);
                    if (UseAdb)
                    {
                        Process.Start(new ProcessStartInfo()
                        {
                            FileName        = "adb",
                            Arguments       = "forward tcp:1420 tcp:1420",
                            UseShellExecute = false
                        });
                    }

                    using (var Conn = new TcpClient()
                    {
                        NoDelay = true,
                        ReceiveBufferSize = 64,
                        SendBufferSize = 1 << 12    //2^12 = ~4000 so 1000 floats
                    })
                    {
                        try
                        {
                            await Conn.ConnectAsync(IPAddr, ServerPort);

                            Stream = Conn.GetStream();
                            if (Stream.ReadByte() == 1)
                            {
                                Console.WriteLine("Connected to " + IPAddr.ToString());
                                Capture.Initialize();
                                using (Source = new SoundInSource(Capture))
                                {
                                    int SampleRateServer = Source.WaveFormat.SampleRate;
                                    int SampleRateClient = Stream.ReadByte() | Stream.ReadByte() << 8 | Stream.ReadByte() << 16;
                                    if (SampleRateClient != SampleRateServer)
                                    {
                                        Console.WriteLine($"Sample rate mismatch, PC was {SampleRateServer} Hz but client was {SampleRateClient} Hz");
                                        Console.WriteLine("Adjust your PC's sample rate then press any key to try again");
                                        Console.ReadKey();
                                        Console.Clear();
                                    }
                                    else
                                    {
                                        // Start Capturing
                                        Source.DataAvailable += DataAvailable;
                                        Capture.Start();

                                        Console.WriteLine($"Started recording audio at {SampleRateServer} Hz");
                                        Window.SetWindowShown(false);

                                        // Stop Capturing
                                        await(DisconnectWaiter = new TaskCompletionSource <bool>()).Task;
                                        await Task.Run(() => Capture.Stop());

                                        Window.SetWindowShown(true);
                                        Console.WriteLine("Disconnected, stopped recording audio");
                                    }
                                }
                            }
                        }
                        catch { }
                        await NoSpamDelay;
                    }
                }
            }
        }
Example #51
0
 public override PacketMainReturnType interiorMain(ref Packet in_packet)
 {
     if (in_packet.GetHighestLayer() == Protocol.ARP)
     {
         ARPPacket arpp = (ARPPacket)in_packet;
         if (arpp.isRequest && arpp.Outbound)
         {
             IPAddr ip = new IPAddr(arpp.ATargetIP.GetAddressBytes());
             if (!requestedIPs.Contains(ip))
                 requestedIPs.Add(ip);
         }
         else if (!arpp.Outbound)
         {
             IPAddr ip = new IPAddr(arpp.ASenderIP.GetAddressBytes());
             if (!arpp.isRequest)
             {
                 if (requestedIPs.Contains(ip))
                 {
                     lock (padlock)
                     {
                         if (data.arpCache.ContainsKey(new IPAddr(arpp.ASenderIP.GetAddressBytes())))
                         {
                             if (!Utility.ByteArrayEq(data.arpCache[new IPAddr(arpp.ASenderIP.GetAddressBytes())].AddressBytes, arpp.ASenderMac))
                             {
                                 PacketMainReturnType pmr = 0;
                                 if (data.RectifyAttacks)
                                     pmr = PacketMainReturnType.Edited;
                                 else
                                     pmr = PacketMainReturnType.Drop;
                                 if (data.LogAttacks)
                                 {
                                     LogEvent le = new LogEvent(String.Format(multistring.GetString("Response does not equal cache"), new PhysicalAddress(arpp.ASenderMac).ToString(), arpp.ASenderIP.ToString()), this);
                                     le.PMR = PacketMainReturnType.Log | PacketMainReturnType.Popup;
                                     LogCenter.Instance.LogEvent(le);
                                 }
                                 if (data.RectifyAttacks)
                                 {
                                     arpp.ATargetIP = arpp.ASenderIP;
                                     arpp.ATargetMac = data.arpCache[new IPAddr(arpp.ATargetIP.GetAddressBytes())].AddressBytes;
                                     arpp.ASenderMac = this.Adapter.GetAdapterInformation().InterfaceInformation.GetPhysicalAddress().GetAddressBytes();
                                     arpp.FromMac = arpp.ASenderMac;
                                     arpp.ToMac = arpp.ATargetMac;
                                     arpp.ASenderIP = Adapter.GetAdapterInformation().IPv4;
                                     arpp.Outbound = true;
                                     in_packet = arpp;
                                 }
                                 return pmr;
                             }
                             else
                             {
                                 requestedIPs.Remove(ip);
                             }
                         }
                         else
                         {
                             data.arpCache[new IPAddr(arpp.ASenderIP.GetAddressBytes())] = new MACAddr(arpp.ASenderMac);
                             if (UpdatedArpCache != null)
                                 UpdatedArpCache();
                             requestedIPs.Remove(ip);
                         }
                     }
                 }
                 else
                 {
                     lock (padlock)
                     {
                         if (data.arpCache.ContainsKey(new IPAddr(arpp.ASenderIP.GetAddressBytes())))
                         {
                             if (!Utility.ByteArrayEq(data.arpCache[new IPAddr(arpp.ASenderIP.GetAddressBytes())].AddressBytes, arpp.ASenderMac))
                             {
                                 PacketMainReturnType pmra = 0;
                                 if (data.RectifyAttacks)
                                     pmra = PacketMainReturnType.Edited;
                                 else
                                     pmra = PacketMainReturnType.Drop;
                                 if (data.LogAttacks)
                                 {
                                     LogEvent le = new LogEvent(String.Format(multistring.GetString("Response does not equal cache"), new PhysicalAddress(arpp.ASenderMac).ToString(), arpp.ASenderIP.ToString()), this);
                                     le.PMR = PacketMainReturnType.Log | PacketMainReturnType.Popup;
                                     LogCenter.Instance.LogEvent(le);
                                 }
                                 if (data.RectifyAttacks)
                                 {
                                     arpp.ATargetIP = arpp.ASenderIP;
                                     arpp.ATargetMac = data.arpCache[new IPAddr(arpp.ATargetIP.GetAddressBytes())].AddressBytes;
                                     arpp.ASenderMac = this.Adapter.GetAdapterInformation().InterfaceInformation.GetPhysicalAddress().GetAddressBytes();
                                     arpp.FromMac = arpp.ASenderMac;
                                     arpp.ToMac = arpp.ATargetMac;
                                     arpp.ASenderIP = Adapter.GetAdapterInformation().IPv4;
                                     arpp.Outbound = true;
                                     in_packet = arpp;
                                 }
                                 return pmra;
                             }
                         }
                     }
                     PacketMainReturnType pmr = 0;
                     pmr = PacketMainReturnType.Drop;
                     if (data.LogUnsolic)
                     {
                         LogEvent le2 = new LogEvent(String.Format(multistring.GetString("Unsolicited"), new PhysicalAddress(arpp.ASenderMac).ToString(), arpp.ASenderIP.ToString()), this);
                         le2.PMR = PacketMainReturnType.Log;
                     }
                     return pmr;
                 }
             }
             else
             {
                 lock (padlock)
                 {
                     if (data.arpCache.ContainsKey(new IPAddr(arpp.ASenderIP.GetAddressBytes())))
                     {
                         if (!Utility.ByteArrayEq(data.arpCache[new IPAddr(arpp.ASenderIP.GetAddressBytes())].AddressBytes, arpp.ASenderMac))
                         {
                             PacketMainReturnType pmr = PacketMainReturnType.Drop;
                             if (data.LogAttacks)
                             {
                                 LogEvent le = new LogEvent(String.Format(multistring.GetString("Response does not equal cache"), new PhysicalAddress(arpp.ASenderMac).ToString(), arpp.ASenderIP.ToString()), this);
                                 le.PMR = PacketMainReturnType.Log | PacketMainReturnType.Popup;
                                 LogCenter.Instance.LogEvent(le);
                             }
                             return pmr;
                         }
                     }
                 }
             }
             return 0;
         }
         return 0;
     }
     return 0;
 }