public static TestFirewallRule GetServiceFabricDNSRule() { string FirewallGroupName = FabricNodeFirewallRules.WindowsFabricGrouping; string FirewallRuleName = FirewallGroupName + ".Dns.v1"; string FirewallRuleDescription = "Inbound rule for ServiceFabric DNS operations"; int PortNumber = 53; NetFwRule rule = new NetFwRuleClass { Name = FirewallRuleName, Grouping = FirewallGroupName, Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_UDP, Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN, LocalPorts = PortNumber.ToString(), Profiles = (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_ALL, Description = FirewallRuleDescription, LocalAddresses = "*", RemoteAddresses = "*", Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW, Enabled = true, }; TestFirewallRule dnsRule = new TestFirewallRule(rule); return(dnsRule); }
/// <summary> /// Creates firewall rule to allow multi-ip containers /// to communicate with each other. /// </summary> /// <returns></returns> private bool CreateFirewallRule() { DeployerTrace.WriteInfo("Creating firewall rule {0}.", FlatNetworkConstants.FirewallRuleName); INetFwPolicy2 fwPolicy2 = GetFirewallPolicy(); if (fwPolicy2 == null) { DeployerTrace.WriteError("Unable to get firewall policy."); return(false); } bool exists = DoesFirewallRuleExist(fwPolicy2); if (exists) { DeployerTrace.WriteInfo("Firewall rule {0} already exists.", FlatNetworkConstants.FirewallRuleName); return(true); } NetFwRule rule = new NetFwRuleClass { Name = FlatNetworkConstants.FirewallRuleName, Grouping = FlatNetworkConstants.FirewallGroupName, Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_UDP, Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN, LocalPorts = FlatNetworkConstants.PortNumber.ToString(), Profiles = (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_ALL, Description = FlatNetworkConstants.FirewallRuleDescription, Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW, Enabled = true, }; fwPolicy2.Rules.Add(rule); string details = string.Format("Name: {0}, Grouping: {1}, Protocol: {2}, Direction: {3}, LocalPorts: {4}, Profiles: {5}, LocalAddresses: {6}, RemoteAddresses: {7}, Action: {8}, Enabled: {9}", rule.Name, rule.Grouping, rule.Protocol, rule.Direction, rule.LocalPorts, rule.Profiles, rule.LocalAddresses, rule.RemoteAddresses, rule.Action, rule.Enabled); DeployerTrace.WriteInfo("Firewall rule {0} created.\nRule details: {1}.", FlatNetworkConstants.FirewallRuleName, details); return(true); }
internal static void CreateFirewallRule() { DeployerTrace.WriteInfo("Creating firewall rule {0} if required...", FirewallRuleName); #if !DotNetCoreClrLinux INetFwPolicy2 fwPolicy2 = GetFirewallPolicy(); if (fwPolicy2 == null) { string message = StringResources.Warning_FabricDeployer_DockerDnsSetup_ErrorGettingFirewallPolicy1; DeployerTrace.WriteWarning(message); throw new InvalidOperationException(message); } bool exists = DoesFirewallRuleExist(fwPolicy2); if (exists) { DeployerTrace.WriteInfo("Firewall rule {0} already exists", FirewallRuleName); return; } DeployerTrace.WriteInfo("Firewall rule {0} doesn't exist. Creating it...", FirewallRuleName); NetFwRule rule = new NetFwRuleClass { Name = FirewallRuleName, Grouping = FirewallGroupName, Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_UDP, Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN, LocalPorts = PortNumber.ToString(), Profiles = (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_ALL, Description = FirewallRuleDescription, LocalAddresses = "*", RemoteAddresses = "*", Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW, Enabled = true, }; fwPolicy2.Rules.Add(rule); string details = "Name: {0}, Grouping: {1}, Protocol: {2}, Direction: {3}, LocalPorts: {4}, Profiles: {5}, LocalAddresses: {6}, RemoteAddresses: {7}, Action: {8}, Enabled: {9}" .ToFormat(rule.Name, rule.Grouping, rule.Protocol, rule.Direction, rule.LocalPorts, rule.Profiles, rule.LocalAddresses, rule.RemoteAddresses, rule.Action, rule.Enabled); #else Firewall fw = new Firewall(); FirewallRule rule = new FirewallRule() { Name = FirewallRuleName, Ports = PortNumber.ToString(), Protocol = NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_UDP, Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN, Grouping = FirewallGroupName, Profile = NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_ALL }; List <FirewallRule> newRules = new List <FirewallRule>() { rule }; fw.UpdateRules(newRules, false); string details = "Name: {0}, Grouping: {1}, Protocol: {2}, Direction: {3}, Ports: {4}, Profile: {5}" .ToFormat(rule.Name, rule.Grouping, rule.Protocol, rule.Direction, rule.Ports, rule.Profile); #endif DeployerTrace.WriteInfo("Firewall rule {0} created.{1}Rule details: {2}", FirewallRuleName, Environment.NewLine, details); }