Example #1
0
        /// <summary>
        /// Initializes <see cref="_rule"/> from existing windows firewall rule or generating new one if not found. also populates <see cref="_rules"/> with managed rules.
        /// </summary>
        private void initManagedRule()
        {
            for (int _ruleCount = 0; _ruleCount < _settings.MaxRulesCount; ++_ruleCount)
            {
                if (_ruleCount + 1 == _settings.MaxRulesCount)
                {
                    throw new Exception($"Max rules reached. ({_settings.MaxRulesCount})");
                }

                // a counter is appended to the rule name to support more than 1000 records and be able to manage all of them
                var ruleName = $"{_settings.RuleName}_{_ruleCount}";
                var ruleObj  = FirewallHelper.Find(ruleName);
                if (ruleObj == null)
                {
                    // we assume there is no manual modifications on our firewall rules and it is managed only by this application
                    generateRule(_ruleCount);
                    break;
                }

                var rule = new FirewallRule(ruleObj, _settings.IsApplyToRemoteAddresses, _settings.IsApplyToLocalAddresses);
                _rules.Add(rule);

                if (rule.IsAddressCountLimitReached)
                {
                    // generate new rule or find other existing rule where limit is not reached
                    continue;
                }

                // record limit is not reached on this rule
                _rule = rule;
                break;
            }
        }
Example #2
0
        private void clear()
        {
            // iterate through all possible rules and remove them from windows firewall
            for (int _ruleCount = 0; _ruleCount < _settings.MaxRulesCount; ++_ruleCount)
            {
                FirewallHelper.Remove($"{_settings.RuleName}_{_ruleCount}");
            }

            // clear the internal list
            _rules.Clear();
            _rule = null;

            initManagedRule();
        }
Example #3
0
        /// <summary>
        /// initiazlies <see cref="_rule"/> with a newly generated rule based on <paramref name="count"/> and adds it to <see cref="_rules"/>
        /// </summary>
        /// <param name="count"></param>
        private void generateRule(int count)
        {
            // unique rule based on the current count
            var ruleName = $"{_settings.RuleName}_{count}";

            // set the rule properties based on the provided settings
            var rule = FirewallHelper.Generate();

            rule.Name           = ruleName;
            rule.Enabled        = true; // we assume the rule should be enabled by default
            rule.InterfaceTypes = _settings.InterfaceTypes;
            rule.Action         = _settings.Action;
            rule.Direction      = _settings.Direction;
            rule.Protocol       = (int)_settings.Protocol;
            if (!string.IsNullOrWhiteSpace(_settings.RuleDescription))
            {
                rule.Description = _settings.RuleDescription;
            }
            if (!string.IsNullOrWhiteSpace(_settings.ApplicationName))
            {
                rule.ApplicationName = _settings.ApplicationName;
            }
            if (!string.IsNullOrWhiteSpace(_settings.ServiceName))
            {
                rule.serviceName = _settings.ServiceName;
            }
            if (!string.IsNullOrWhiteSpace(_settings.IcmpTypesAndCodes))
            {
                rule.IcmpTypesAndCodes = _settings.IcmpTypesAndCodes;
            }
            if (!string.IsNullOrWhiteSpace(_settings.Grouping))
            {
                rule.Grouping = _settings.Grouping;
            }
            if (_settings.EdgeTraversal != null)
            {
                rule.EdgeTraversal = (bool)_settings.EdgeTraversal;
            }
            if (_settings.Interfaces != null)
            {
                rule.Interfaces = _settings.Interfaces;
            }

            if (_settings.IsApplyToRemoteAddresses)
            {
                // we do not want to apply to any address at first
                rule.RemoteAddresses = "255.255.255.255-255.255.255.255";
            }

            if (_settings.IsApplyToLocalAddresses)
            {
                // we do not want to apply to any address at first
                rule.LocalAddresses = "255.255.255.255-255.255.255.255";
            }

            // specific remote ports can be set only if the protocol is specifically TCP or UDP
            if (_settings.Protocol != NetFwIPProtocols.Any &&
                (!string.IsNullOrWhiteSpace(_settings.RemotePorts) || !string.IsNullOrWhiteSpace(_settings.LocalPorts)))
            {
                rule.RemotePorts = _settings.RemotePorts;
                rule.LocalPorts  = _settings.LocalPorts;
            }

            // add rule to windows firewall
            FirewallHelper.Add(rule);

            // add the rule to our internal managed list
            _rules.Add(new FirewallRule(rule, _settings.IsApplyToRemoteAddresses, _settings.IsApplyToLocalAddresses));
        }