public bool DefaultRouteConfig(string devIP, bool add_del_flag, string Iface, string gateway)
{
this.devform.setDev_IP(devIP);
if (devform.getDev_IP() == "0.0.0.0")
{
return(false);
}
string rule = string.Empty;
if (add_del_flag)
{
rule = "PRT1route add default ";
string frule = devIP + " default-route " + Iface + " " + gateway;
of.SaveRules(frule, "prt");
}
else
{
rule = "PRT0route del default ";
string frule = devIP + " default-route " + Iface + " " + gateway;
of.DeleteRules(frule, "prt");
}
if (Iface != "")
{
rule = rule + " dev " + Iface;
}
if (gateway != "")
{
rule = rule + " gw " + gateway;
}
SendInfo sendcmd = new SendInfo(devform);
return(sendcmd.SendConfigInfo(rule));
}
public bool ConfigSNAT(FWDeviceForm fw_dev, string EthName, string devIP, string EthIP, bool add_delete)
{
string flag = ""; string configEth_bridge = ""; string configInfo = ""; string configEth_IP = "";
string rule = "iptables -t nat -A POSTROUTING -s " + devIP + " -o br0 -j SNAT --to-source " + fw_dev.getDev_IP();
if (add_delete)
{
flag = "NAT1";
configEth_bridge = "brctl delif br0 " + EthName;//先将网口从网桥上删除
configEth_IP = "ifconfig " + EthName + " " + EthIP + " netmask 255.255.255.0" + " up";
configInfo = flag + configEth_bridge + " && " + configEth_IP + " && " + rule;
string frule = fw_dev.getDev_IP() + " " + devIP + " " + EthName + " " + EthIP + " " + fw_dev.getDev_IP();
of.SaveRules(frule, "snat");
}
else if (!add_delete)
{
flag = "NAT0";
configEth_bridge = "brctl addif br0 " + EthName;
configEth_IP = "ifconfig " + EthName + " " + "0.0.0.0 up";
configInfo = flag + configEth_IP + " && " + configEth_bridge + " && " + rule;
string frule = fw_dev.getDev_IP() + " " + devIP + " " + EthName + " " + EthIP + " " + fw_dev.getDev_IP();
of.DeleteRules(frule, "snat");
}
fw_dev.setDev_port(22222);
SendInfo sendcmd = new SendInfo(fw_dev);
return(sendcmd.SendConfigInfo(configInfo));
}
public bool ChangeWhiteLists(string dev_IP, string dst_IP, string src_IP, string dst_port, string src_port, bool log_record, bool add_delete)
{
this.devform.setDev_IP(dev_IP);
WhiteLists lists = new WhiteLists();
lists.setIPAndPort(dst_IP, src_IP, dst_port, src_port);
string flag = null;
string whiteList_from_client_to_server0 = "iptables -A FORWARD -p tcp -s " + lists.getsrc_IP() + " -d " + lists.getdst_IP() + " --sport " + lists.getsrc_port()
+ " --dport " + lists.getdst_port() + " -j ACCEPT ";
// string whiteList_from_client_to_server1 = "iptables -A FORWARD -p tcp -d" + wl.getSrc_IP() + "--sport" + wl.getPort();
if (add_delete)
{
flag = "WHL1";
string frule = dev_IP + " " + dst_IP + " " + src_IP + " " + dst_port + " " + src_port;
of.SaveRules(frule, "whl");
}
else
{
flag = "WHL0";
string frule = dev_IP + " " + dst_IP + " " + src_IP + " " + dst_port + " " + src_port;
of.DeleteRules(frule, "whl");
}
string changewl = flag + whiteList_from_client_to_server0;
//DeviceForm devform = new DeviceForm(dev_IP, 22222);
SendInfo sendcmd = new SendInfo(devform);
return(sendcmd.SendConfigInfo(changewl));
}
public bool configARPRules(string dev_IP, string gateIP, string gateMAC, bool addDelete)
{
this.devform.setDev_IP(dev_IP);
string arpRules = null;
string rule0 = "arptables -A INPUT -i br0 --src-mac ! " + gateMAC + " -j DROP";
string rule1 = "arptables -A INPUT -i br0 --src-ip " + gateIP + " --src-mac ! " + gateMAC + " -j DROP";
string rule2 = "arptables -A OUTPUT --destination-mac ff:ff:ff:ff:ff:ff -j ACCEPT";
FileOperation of = new FileOperation("C:\\CMP\\Config");
if (addDelete)
{
arpRules = "ARP1" + rule0 + " && " + rule1 + " && " + rule2;
string frule = dev_IP + " " + gateIP + " " + gateMAC;
of.SaveRules(frule, "arp");
}
else if (!addDelete)
{
arpRules = "ARP0" + rule0 + " && " + rule1 + " && " + rule2;
string frule = dev_IP + " " + gateIP + " " + gateMAC;
of.DeleteRules(frule, "arp");
}
SendInfo send = new SendInfo(devform);
return(send.SendConfigInfo(arpRules));
}
public bool ConfigModbusTcpRules(ModbusTcpRulesForm mtrf, bool log_flag, bool add_delete)
{
// RulesDataProcess.ModbusTcpRulesDataProcess(mtrf);
String dpi_pro = "modbusTcp";
string flag = null; string dpi_rules_from_master_to_slave0 = null;
if (mtrf.getSrc_IP() == "any" & mtrf.getDst_IP() == "any")
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP";
}
else if (mtrf.getSrc_IP() == "any" & mtrf.getDst_IP() != "any")
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP";
}
else if (mtrf.getSrc_IP() != "any" & mtrf.getDst_IP() == "any")
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP";
}
else
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + " DROP";
}
//string dpi_rules_from_master_to_slave1 = "iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT";
string dpi_rules_from_master_to_slave_log = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "LOG" + " " + "--log-prefix " + "\"" + "DROP&modbus&data_illegal " + "\"";
if (add_delete == true)
{
flag = "DPI1";
string frule = devform.getDev_IP() + " " + mtrf.getDst_IP() + " " +
mtrf.getSrc_IP() + " " + mtrf.getMin_addr() + " " + mtrf.getMax_addr() + " " + mtrf.getfunc() + " " + mtrf.getMin_data() + " " + mtrf.getMax_data() + " ACCEPT " + log_flag.ToString();
of.SaveRules(frule, "modbustcp");
}
else if (add_delete == false)
{
flag = "DPI0";
string frule = devform.getDev_IP() + " " + mtrf.getDst_IP() + " " + mtrf.getSrc_IP() + " " + mtrf.getMin_addr() +
" " + mtrf.getMax_addr() + " " + mtrf.getfunc() + " " + mtrf.getMin_data() + " " + mtrf.getMax_data() + " ACCEPT " + log_flag.ToString();
of.DeleteRules(frule, "modbustcp");
}
string rule = flag + dpi_rules_from_master_to_slave_log + " && " + dpi_rules_from_master_to_slave0;
SendInfo sendcmd = new SendInfo(devform);
return(sendcmd.SendConfigInfo(rule));
}
static void Main(string[] args)
{
string str = "C:\\CMP\\Config";
FileOperation op = new FileOperation(str);
//op.SearchRules("modbustcp.config");
//string rules = "DPI test Rule";
op.SaveRules("3333", "modbustcp.config");
// IDevicesCheck devConfirm = new DevicesCheck();
// List<FWDeviceForm> fws = devConfirm.CheckDevices("172.16.10.9", "172.16.10.10");
// Console.WriteLine("打印扫描结果 :");
// IReceiveLog log = new ReceiveLog();
// log.Save_DisplayLog(true);
// foreach (FWDeviceForm fw in fws)
// {
// string fwip = fw.getDev_IP();
// string fwmac = fw.getDev_MAC();
// List<ProtecDeviceForm> protecDev_list = fw.getProtecDev_list();
// Console.WriteLine("防火墙设备IP : {0} 防火墙设备MAC : {1}", fwip, fwmac);
// Console.WriteLine("关联的受保护设备 :");
// if (fwip != "0.0.0.0")
// {
// foreach (var item in protecDev_list)
// {
// string dev_type = item.getDev_type();
// Console.WriteLine("IP {0} MAC {1} 设备制造商 {2}", item.getDev_IP(), item.getDev_MAC(), dev_type);
// }
// }
// else Console.WriteLine("防火墙为无IP模式");
// }
// //IARPProtect tes = new ARPProtect();
// //tes.configARPRules("172.16.10.9", "172.16.10.254", "08:57:00:e5:87:a7", true);
#if debug
Console.ReadLine();
#endif
}
public bool AddCNCRules(string devIP, bool log_flag, int connlimit, string srcIP, string dstIP, string sport, string dport)
{
this.devform.setDev_IP(devIP);
if (devform.getDev_IP() == "0.0.0.0")
{
return(false);
}
string rule1 = "iptables -A FORWARD -p tcp --syn";
if (srcIP != "")
{
rule1 = rule1 + " -s " + srcIP;
}
if (sport != "")
{
rule1 = rule1 + " --sport " + sport;
}
if (dstIP != "")
{
rule1 = rule1 + " -d " + dstIP;
}
if (dport != "")
{
rule1 = rule1 + " --dport " + dport;
}
rule1 = rule1 + " -m connlimit --connlimit-above " + Convert.ToString(connlimit);
string rule = "CNC1" + rule1 + " -j DROP";
if (log_flag)
{
rule = rule + " && " + rule1 + " -j LOG";
}
string frule = devIP + " " + log_flag.ToString() + " " + connlimit + " " + srcIP + " " + dstIP + " " + sport + " " + dport;
fo.SaveRules(frule, "cnc");
SendInfo sendcmd = new SendInfo(devform);
return(sendcmd.SendConfigInfo(rule));
}
public bool AddSTDRules(string devIP, bool log_flag, string protocol, string srcIP, string dstIP, string sport, string dport)
{
this.devform.setDev_IP(devIP);
if (devform.getDev_IP() == "0.0.0.0")
{
return(false);
}
string rule1 = "iptables -A FORWARD -p " + protocol;
if (srcIP != "")
{
rule1 = rule1 + " -s " + srcIP;
}
if (sport != "")
{
rule1 = rule1 + " --sport " + sport;
}
if (dstIP != "")
{
rule1 = rule1 + " -d " + dstIP;
}
if (dport != "")
{
rule1 = rule1 + " --dport " + dport;
}
string rule = "STD1" + rule1 + " -m state --state NEW -j ACCEPT";
if (log_flag)
{
rule = rule + " && " + rule1 + " -m state --state NEW -j LOG";
}
string frule = devIP + " " + protocol + " " + srcIP + " " + dstIP + " " + sport + " " + dport + " " + log_flag.ToString();
of.SaveRules(frule, "std");
SendInfo sendcmd = new SendInfo(devform);
return(sendcmd.SendConfigInfo(rule));
}