public bool DefaultRouteConfig(string devIP, bool add_del_flag, string Iface, string gateway) { this.devform.setDev_IP(devIP); if (devform.getDev_IP() == "0.0.0.0") { return(false); } string rule = string.Empty; if (add_del_flag) { rule = "PRT1route add default "; string frule = devIP + " default-route " + Iface + " " + gateway; of.SaveRules(frule, "prt"); } else { rule = "PRT0route del default "; string frule = devIP + " default-route " + Iface + " " + gateway; of.DeleteRules(frule, "prt"); } if (Iface != "") { rule = rule + " dev " + Iface; } if (gateway != "") { rule = rule + " gw " + gateway; } SendInfo sendcmd = new SendInfo(devform); return(sendcmd.SendConfigInfo(rule)); }
public bool ConfigModbusTcpRules(ModbusTcpRulesForm mtrf, bool log_flag, bool add_delete) { // RulesDataProcess.ModbusTcpRulesDataProcess(mtrf); String dpi_pro = "modbusTcp"; string flag = null; string dpi_rules_from_master_to_slave0 = null; string sql_rule = null;; if (mtrf.getSrc_IP() == "any" & mtrf.getDst_IP() == "any") { dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP"; } else if (mtrf.getSrc_IP() == "any" & mtrf.getDst_IP() != "any") { dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP"; } else if (mtrf.getSrc_IP() != "any" & mtrf.getDst_IP() == "any") { dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP"; } else { dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + " DROP"; } //string dpi_rules_from_master_to_slave1 = "iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT"; string dpi_rules_from_master_to_slave_log = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "LOG" + " " + "--log-prefix " + "\"" + "DROP&modbus&data_illegal " + "\""; if (add_delete == true) { flag = "DPI1"; sql_rule = "INSERT INTO modbustcp values " + "('" + devform.getDev_IP() + "','" + mtrf.getDst_IP() + "'" + ",'" + mtrf.getSrc_IP() + "','" + mtrf.getMin_addr() + "','" + mtrf.getMax_addr() + "','" + mtrf.getfunc() + "','" + mtrf.getMin_data() + "','" + mtrf.getMax_data() + "','ACCEPT','" + log_flag + "')"; } else if (add_delete == false) { flag = "DPI0"; sql_rule = "DELETE FROM modbustcp where (dst_IP='" + mtrf.getDst_IP() + "' and src_IP='" + mtrf.getSrc_IP() + "' and min_coiladdr='" + mtrf.getMin_addr() + "'" + " and max_coiladdr='" + mtrf.getMax_addr() + "' and functioncode='" + mtrf.getfunc() + "' and min_speed='" + mtrf.getMin_data() + "' and max_speed='" + mtrf.getMax_data() + "' and method='ACCEPT' and log='" + log_flag + "')"; } string rule = flag + dpi_rules_from_master_to_slave_log + " && " + dpi_rules_from_master_to_slave0; DPIdb_operate.dboperate(sql_rule); SendInfo sendcmd = new SendInfo(devform); return(sendcmd.SendConfigInfo(rule)); }
public bool AddCNCRules(string devIP, bool log_flag, int connlimit, string srcIP, string dstIP, string sport, string dport) { this.devform.setDev_IP(devIP); if (devform.getDev_IP() == "0.0.0.0") { return(false); } string rule1 = "iptables -A FORWARD -p tcp --syn"; if (srcIP != "") { rule1 = rule1 + " -s " + srcIP; } if (sport != "") { rule1 = rule1 + " --sport " + sport; } if (dstIP != "") { rule1 = rule1 + " -d " + dstIP; } if (dport != "") { rule1 = rule1 + " --dport " + dport; } rule1 = rule1 + " -m connlimit --connlimit-above " + Convert.ToString(connlimit); string rule = "CNC1" + rule1 + " -j DROP"; if (log_flag) { rule = rule + " && " + rule1 + " -j LOG"; } string sql_str = "INSERT INTO CNC VALUES " + "('" + devIP + "'," + log_flag.ToString() + ",'" + connlimit.ToString() + "','" + srcIP + "','" + dstIP + "','" + sport + "','" + dport + "')"; db_operate.dboperate(sql_str); SendInfo sendcmd = new SendInfo(devform); return(sendcmd.SendConfigInfo(rule)); }
public bool AddCNCRules(string devIP, bool log_flag, int connlimit, string srcIP, string dstIP, string sport, string dport) { this.devform.setDev_IP(devIP); if (devform.getDev_IP() == "0.0.0.0") { return(false); } string rule1 = "iptables -A FORWARD -p tcp --syn"; if (srcIP != "") { rule1 = rule1 + " -s " + srcIP; } if (sport != "") { rule1 = rule1 + " --sport " + sport; } if (dstIP != "") { rule1 = rule1 + " -d " + dstIP; } if (dport != "") { rule1 = rule1 + " --dport " + dport; } rule1 = rule1 + " -m connlimit --connlimit-above " + Convert.ToString(connlimit); string rule = "CNC1" + rule1 + " -j DROP"; if (log_flag) { rule = rule + " && " + rule1 + " -j LOG"; } string frule = devIP + " " + log_flag.ToString() + " " + connlimit + " " + srcIP + " " + dstIP + " " + sport + " " + dport; fo.SaveRules(frule, "cnc"); SendInfo sendcmd = new SendInfo(devform); return(sendcmd.SendConfigInfo(rule)); }
public bool AddSTDRules(string devIP, bool log_flag, string protocol, string srcIP, string dstIP, string sport, string dport) { this.devform.setDev_IP(devIP); if (devform.getDev_IP() == "0.0.0.0") { return(false); } string rule1 = "iptables -A FORWARD -p " + protocol; if (srcIP != "") { rule1 = rule1 + " -s " + srcIP; } if (sport != "") { rule1 = rule1 + " --sport " + sport; } if (dstIP != "") { rule1 = rule1 + " -d " + dstIP; } if (dport != "") { rule1 = rule1 + " --dport " + dport; } string rule = "STD1" + rule1 + " -m state --state NEW -j ACCEPT"; if (log_flag) { rule = rule + " && " + rule1 + " -m state --state NEW -j LOG"; } string frule = devIP + " " + protocol + " " + srcIP + " " + dstIP + " " + sport + " " + dport + " " + log_flag.ToString(); of.SaveRules(frule, "std"); SendInfo sendcmd = new SendInfo(devform); return(sendcmd.SendConfigInfo(rule)); }
public bool AddSTDRules(string devIP, bool log_flag, string protocol, string srcIP, string dstIP, string sport, string dport) { this.devform.setDev_IP(devIP); if (devform.getDev_IP() == "0.0.0.0") { return(false); } string rule1 = "iptables -A FORWARD -p " + protocol; if (srcIP != "") { rule1 = rule1 + " -s " + srcIP; } if (sport != "") { rule1 = rule1 + " --sport " + sport; } if (dstIP != "") { rule1 = rule1 + " -d " + dstIP; } if (dport != "") { rule1 = rule1 + " --dport " + dport; } string rule = "STD1" + rule1 + " -m state --state NEW -j ACCEPT"; if (log_flag) { rule = rule + " && " + rule1 + " -m state --state NEW -j LOG"; } string sql_str = "INSERT INTO STD VALUES " + "('" + devIP + "'," + log_flag.ToString() + ",'" + protocol + "','" + srcIP + "','" + dstIP + "','" + sport + "','" + dport + "')"; db_operate.dboperate(sql_str); SendInfo sendcmd = new SendInfo(devform); return(sendcmd.SendConfigInfo(rule)); }
public bool DefaultRouteConfig(string devIP, bool add_del_flag, string Iface, string gateway) { this.devform.setDev_IP(devIP); if (devform.getDev_IP() == "0.0.0.0") { return(false); } string rule; string sql_str; if (add_del_flag) { rule = "PRT1route add default "; sql_str = "INSERT INTO PRT VALUES " + "('" + devIP + "'," + "'default-route','" + "" + "','" + "" + "','" + "" + "','" + Iface + "','" + gateway + "')"; } else { rule = "PRT0route del default "; sql_str = "DELETE FROM PRT WHERE (devIP='" + devIP + "' and route_type='default-route'" + " and Iface='" + Iface + "' and gateway='" + gateway + "')"; } if (Iface != "") { rule = rule + " dev " + Iface; } if (gateway != "") { rule = rule + " gw " + gateway; } db_operate.dboperate(sql_str); SendInfo sendcmd = new SendInfo(devform); return(sendcmd.SendConfigInfo(rule)); }
public bool ConfigModbusTcpRules(ModbusTcpRulesForm mtrf, bool log_flag, bool add_delete) { // RulesDataProcess.ModbusTcpRulesDataProcess(mtrf); String dpi_pro = "modbusTcp"; string flag = null; string dpi_rules_from_master_to_slave0 = null; if (mtrf.getSrc_IP() == "any" & mtrf.getDst_IP() == "any") { dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP"; } else if (mtrf.getSrc_IP() == "any" & mtrf.getDst_IP() != "any") { dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP"; } else if (mtrf.getSrc_IP() != "any" & mtrf.getDst_IP() == "any") { dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP"; } else { dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + " DROP"; } //string dpi_rules_from_master_to_slave1 = "iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT"; string dpi_rules_from_master_to_slave_log = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "LOG" + " " + "--log-prefix " + "\"" + "DROP&modbus&data_illegal " + "\""; if (add_delete == true) { flag = "DPI1"; string frule = devform.getDev_IP() + " " + mtrf.getDst_IP() + " " + mtrf.getSrc_IP() + " " + mtrf.getMin_addr() + " " + mtrf.getMax_addr() + " " + mtrf.getfunc() + " " + mtrf.getMin_data() + " " + mtrf.getMax_data() + " ACCEPT " + log_flag.ToString(); of.SaveRules(frule, "modbustcp"); } else if (add_delete == false) { flag = "DPI0"; string frule = devform.getDev_IP() + " " + mtrf.getDst_IP() + " " + mtrf.getSrc_IP() + " " + mtrf.getMin_addr() + " " + mtrf.getMax_addr() + " " + mtrf.getfunc() + " " + mtrf.getMin_data() + " " + mtrf.getMax_data() + " ACCEPT " + log_flag.ToString(); of.DeleteRules(frule, "modbustcp"); } string rule = flag + dpi_rules_from_master_to_slave_log + " && " + dpi_rules_from_master_to_slave0; SendInfo sendcmd = new SendInfo(devform); return(sendcmd.SendConfigInfo(rule)); }
public bool ApplicationProtocolControl(string devIP, string protocol, bool pro_status) { this.devform.setDev_IP(devIP); if (devform.getDev_IP() == "0.0.0.0") { return(false); } string port = protocol_port[protocol]; string rule1 = "iptables -A INPUT -p tcp --dport " + port + " -j ACCEPT && " + "iptables -A OUTPUT -p tcp --dport " + port + " -j ACCEPT && " + "iptables -A FORWARD -p tcp --sport " + port + " -j ACCEPT && " + "iptables -A FORWARD -p tcp --dport " + port + " -j ACCEPT"; string rule2 = "iptables -A INPUT -p tcp --dport " + port + " -j DROP && " + "iptables -A OUTPUT -p tcp --dport " + port + " -j DROP && " + "iptables -A FORWARD -p tcp --sport " + port + " -j DROP && " + "iptables -A FORWARD -p tcp --dport " + port + " -j DROP"; string rule; string sql_str; if (pro_status) { rule = "APC2" + rule1 + "#" + protocol; sql_str = "update APC set status='allow' where protocol='" + protocol + "'"; } else { rule = "APC2" + rule2 + "#" + protocol; sql_str = "update APC set status='forbid' where protocol='" + protocol + "'"; } db_operate.dboperate(sql_str); SendInfo sendcmd = new SendInfo(devform); return(sendcmd.SendConfigInfo(rule)); }
public bool ApplicationProtocolControl(string devIP, string protocol, bool pro_status) { this.devform.setDev_IP(devIP); if (devform.getDev_IP() == "0.0.0.0") { return(false); } string port = protocol_port[protocol]; string rule1 = "iptables -A INPUT -p tcp --dport " + port + " -j ACCEPT && " + "iptables -A OUTPUT -p tcp --dport " + port + " -j ACCEPT && " + "iptables -A FORWARD -p tcp --sport " + port + " -j ACCEPT && " + "iptables -A FORWARD -p tcp --dport " + port + " -j ACCEPT"; string rule2 = "iptables -A INPUT -p tcp --dport " + port + " -j DROP && " + "iptables -A OUTPUT -p tcp --dport " + port + " -j DROP && " + "iptables -A FORWARD -p tcp --sport " + port + " -j DROP && " + "iptables -A FORWARD -p tcp --dport " + port + " -j DROP"; string rule = string.Empty; string sql_str = string.Empty; FileOperation of = new FileOperation("C:\\CMP\\Config"); if (pro_status) { rule = "APC2" + rule1 + "#" + protocol; of.ChangeRules(protocol + " " + "forbid", protocol + " " + "allow", "apc"); } else { rule = "APC2" + rule2 + "#" + protocol; of.ChangeRules(protocol + " " + "allow", protocol + " " + "forbid", "apc"); } SendInfo sendcmd = new SendInfo(devform); return(sendcmd.SendConfigInfo(rule)); }
/// <summary> /// 发送配置信息 /// </summary> /// <param name="cmd">需要配置的规则</param> public bool SendConfigInfo(string cmd) { config_info_confirm = false; byte[] head = { 0x0f, 0x0e, 0x0d }; //自定义数据包包头 byte[] body = Encoding.ASCII.GetBytes(cmd + "!"); byte[] data = head.Concat(body).ToArray(); UdpClient client = null; IPAddress remoteIP = IPAddress.Parse(devform.getDev_IP()); int remotePort = devform.getDev_port(); IPEndPoint remotePoint = new IPEndPoint(remoteIP, remotePort); CaptureDeviceList devices = CaptureDeviceList.Instance; // If no devices were found print an error if (devices.Count < 1) { // Console.WriteLine("No devices were found on this machine"); return(false); } ICaptureDevice device = devices[0]; device.OnPacketArrival += new PacketArrivalEventHandler(configDev_OnPacketArrival); int readTimeoutMilliseconds = 1000; device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds); string filter = "ip and udp"; device.Filter = filter; device.StartCapture(); #if debug Console.WriteLine("start sending:"); #endif client = new UdpClient(); client.Send(data, data.Length, remotePoint); /* 监听无IP配置是否成功返回消息 */ bool done = false; UdpClient listener = new UdpClient(30333); IPEndPoint groupEP = null; //DateTime beforDT = System.DateTime.Now; int n = 0; try { while (!done && n <= 10) { byte[] content = listener.Receive(ref groupEP); string con = Encoding.Default.GetString(content); if (con == "yes") { done = true; config_info_confirm = true; } n++; //DateTime afterDT = System.DateTime.Now; //TimeSpan ts = afterDT.Subtract(beforDT); //Console.WriteLine("{0}",ts.TotalSeconds); } } catch (Exception e) { Console.WriteLine(e.ToString()); config_info_confirm = false; } finally { listener.Close(); } client.Close(); #if debug Console.WriteLine("send successfully!"); #endif device.StopCapture(); device.Close(); return(config_info_confirm); }
/// <summary> /// 发送配置信息 /// </summary> /// <param name="cmd">需要配置的规则</param> public bool SendConfigInfo(string cmd) { config_info_confirm = false; byte[] head = { 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a }; //自定义数据包包头 byte[] body = Encoding.ASCII.GetBytes(cmd + "*"); byte[] data = head.Concat(body).ToArray(); ASCIIEncoding encoding = new ASCIIEncoding(); string yucon = encoding.GetString(data, 0, data.Length); Console.WriteLine("{0}", yucon); UdpClient client = null; IPAddress remoteIP = IPAddress.Parse(devform.getDev_IP()); int remotePort = devform.getDev_port(); IPEndPoint remotePoint = new IPEndPoint(remoteIP, remotePort); //CaptureDeviceList devices = CaptureDeviceList.Instance; //// If no devices were found print an error //if (devices.Count < 1) //{ // // Console.WriteLine("No devices were found on this machine"); // return false; //} //ICaptureDevice device = devices[0]; //device.OnPacketArrival += new PacketArrivalEventHandler(configDev_OnPacketArrival); //int readTimeoutMilliseconds = 1000; //device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds); //string filter = "ip and udp"; //device.Filter = filter; //device.StartCapture(); #if debug Console.WriteLine("start sending:"); #endif client = new UdpClient(); client.Send(data, data.Length, remotePoint); UdpClient listener = new UdpClient(30333); listener.Client.ReceiveTimeout = 10000; IPEndPoint groupEP = null; try { while (!config_info_confirm) { byte[] content = listener.Receive(ref groupEP); string con = Encoding.Default.GetString(content); if (con == "success") { config_info_confirm = true; } } } catch (Exception e) { Console.WriteLine(e.ToString()); config_info_confirm = false; } finally { listener.Close(); } client.Close(); #if debug Console.WriteLine("send successfully!"); #endif return(config_info_confirm); }