C# (CSharp) NtApiDotNet.Net.Firewall FirewallConditionGuids Examples

Programming Language: C# (CSharp)

Namespace/Package Name: NtApiDotNet.Net.Firewall

Examples at hotexamples.com: 3

C# (CSharp) NtApiDotNet.Net.Firewall FirewallConditionGuids - 3 examples found. These are the top rated real world C# (CSharp) examples of NtApiDotNet.Net.Firewall.FirewallConditionGuids extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

IsUserId(2)

IsIpAddressCondition(1)

Example #1

Show file

        SafeBuffer IFirewallEnumTemplate <FirewallFilter> .ToTemplateBuffer(DisposableList list)
        {
            FirewallActionType action_type = ActionType;

            switch (action_type)
            {
            case FirewallActionType.Permit:
            case FirewallActionType.Block:
                action_type &= ~FirewallActionType.Terminating;
                break;
            }

            var template = new FWPM_FILTER_ENUM_TEMPLATE0
            {
                layerKey    = LayerKey,
                flags       = Flags,
                providerKey = ProviderKey.HasValue ? list.AddResource(ProviderKey.Value.ToBuffer()).DangerousGetHandle() : IntPtr.Zero,
                actionMask  = action_type
            };

            var valid_conditions = Conditions.Where(c => !FirewallConditionGuids.IsUserId(c.FieldKey));
            int count            = valid_conditions.Count();

            if (count > 0)
            {
                template.numFilterConditions = count;
                template.filterCondition     = list.AddList(valid_conditions.Select(c => c.ToStruct(list))).DangerousGetHandle();
            }

            return(list.AddStructure(template));
        }

Example #2

Show file

        Func <FirewallFilter, bool> IFirewallEnumTemplate <FirewallFilter> .GetFilterFunc(DisposableList list)
        {
            var user_conditions = Conditions.Where(c => FirewallConditionGuids.IsUserId(c.FieldKey));

            if (!user_conditions.Any())
            {
                return(_ => true);
            }

            var rm = list.AddResource(AuthZResourceManager.Create());
            Dictionary <Guid, AuthZContext> contexts = new Dictionary <Guid, AuthZContext>();

            foreach (var condition in user_conditions)
            {
                if (contexts.ContainsKey(condition.FieldKey))
                {
                    continue;
                }
                if (!(condition.Value.ContextValue is FirewallTokenInformation token) || token.UserSid == null)
                {
                    continue;
                }
                contexts.Add(condition.FieldKey, token.CreateContext(rm, list));
            }

            return(f => FilterFunc(contexts, f));
        }

Example #3

Show file

File: FirewallValue.cs Project: blaquee/sandbox-attacksurface-analysis-tools

        private static object SpecializeValue(FirewallDataType type, object value, Guid condition_key)
        {
            if (condition_key == Guid.Empty)
            {
                return(value);
            }

            if (FirewallConditionGuids.IsIpAddressCondition(condition_key))
            {
                if (value is byte[] ba && (ba.Length == 4 || ba.Length == 16))
                {
                    return(new IPAddress(ba));
                }
                else if (value is uint ui)
                {
                    ba = BitConverter.GetBytes(ui);
                    Array.Reverse(ba);
                    return(new IPAddress(ba));
                }
                else if (!(value is FirewallRange) && !(value is FirewallAddressAndMask))
                {
                    System.Diagnostics.Trace.Write($"Invalid IP Address type: {value.GetType().FullName}");
                }
            }