Example #1
0
 private void CreateChains(IpTablesDetails config, RuleBuilder rb)
 {
     foreach (var c in config.Chains)
     {
         if (c.IsDynamic)
         {
             rb.DefineDynamicChain(c.Dynamic);
         }
         foreach (var v in c.Versions)
         {
             var rules = _ruleSets[v];
             var chains = rules.Chains;
             foreach (var t in c.Tables)
             {
                 if (c.IsDynamic)
                 {
                     rb.Dcr.RegisterDynamicChain(c.Dynamic, t, c.Name, v);
                 }
                 else if (!chains.HasChain(c.Name, t))
                 {
                     chains.AddChain(c.Name, t, _iptables);
                 }
             }
         }
     }
 }
Example #2
0
        private void CreateSets(IpTablesDetails config, RuleBuilder rb)
        {
            foreach (var set in config.Sets)
            {
                var ipset = new IpSetSet(IpSetTypeHelper.StringToType(set.Type), set.Name, 0, set.Family, _iptables, IpSetSyncMode.SetAndEntries);
                String[] resolved = set.Entries.ToArray();

                if (ipset.Type == IpSetType.HashIp)
                {
                    List<IAsyncResult> tasks = new List<IAsyncResult>();
                    for (int index = 0; index < resolved.Length; index++)
                    {
                        var entry = resolved[index];

                        String entryIp = rb.Format(entry);
                        IPAddress ip;
                        if (!IPAddress.TryParse(entryIp, out ip))
                        {
                            var asyncResult = Dns.BeginGetHostAddresses(entryIp, (a) =>
                            {
                                var ips = Dns.EndGetHostAddresses(a);
                                if (ips.Length == 0)
                                {
                                    throw new Exception("Unable to resolve: " + entryIp);
                                }
                                String entryIp2 = ips.First().ToString();
                                resolved[(int) a.AsyncState] = entryIp2;
                            }, index);
                            tasks.Add(asyncResult);
                        }
                    }

                    if (tasks.Any()) { 
                        WaitHandle.WaitAll(tasks.Select((a) => a.AsyncWaitHandle).ToArray());
                    }
                }

                //Check Uniqueness
                HashSet<IpSetEntry> ipsetEntries = new HashSet<IpSetEntry>();

                for (int index = 0; index < resolved.Length; index++)
                {
                    var entry = resolved[index];
                    String entryIp = rb.Format(entry);
                    var setEntry = IpSetEntry.ParseFromParts(ipset, entryIp);
                    if (ipsetEntries.Add(setEntry))
                    {
                        ipset.Entries.Add(setEntry);
                    }
                }
                _sets.AddSet(ipset);
            }

            //Add new sets (dont delete!)
            _sets.Sync((a) => false);
        }
Example #3
0
 public void InitFromModel(Dictionary<String, EnvironmentDetails> environment, IpTablesDetails config)
 {
     var rb = InitEnvironment(environment);
     CreateChains(config, rb);
     CreateSets(config, rb);
     CreateRules(config, rb);
     foreach (var c in config.Chains)
     {
         if (c.IsDynamic)
         {
             var chains = _ruleSets.Select(
                 (a) => a.Value.Chains.FirstOrDefault((d) => d.Name == c.Name && c.Tables.Contains(d.Table))).Where((a)=>a != null).ToList();
             foreach (var di in c.DynamicInit)
             {
                 foreach (var cc in chains)
                 {
                     rb.Dcr.GetDynamicChainRules(cc, di);
                 }
             }
         }
     }
 }
Example #4
0
        private void CreateRules(IpTablesDetails config, RuleBuilder rb)
        {
            var rules = config.Rules.AsParallel().AsOrdered()
                .Where((c) => rb.IsConditionTrue(c.Condition))
                .SelectMany((c) => ParseAll(rb, c)).AsSequential();

            foreach(var rule in rules){
                lock (_dynamicLock)
                {
                    if (rb.Dcr.IsDynamic(rule.Chain))
                    {
                        rb.Dcr.AddRule(rule);
                        continue;
                    }
                }

                var chains = _ruleSets[rule.IpVersion].Chains;
                IpTablesChain chain;
                lock (chains)
                {
                    chain = chains.GetChainOrDefault(rule.Chain.Name, rule.Chain.Table);
                }
                if (chain == null)
                {
                    throw new Exception(String.Format("Chain was not created ipv{0},{1}:{2}",
                        rule.Chain.IpVersion, rule.Chain.Table, rule.Chain.Name));
                }
                lock (chain)
                {
                    chain.AddRule(rule);
                }
            }
        }