internal FirewallProvider(FWPM_PROVIDER0 provider, FirewallEngine engine, Func <SecurityInformation, bool, NtResult <SecurityDescriptor> > get_sd) : base(provider.providerKey, provider.displayData, new NamedGuidDictionary(), engine, get_sd) { ServiceName = provider.serviceName ?? string.Empty; Flags = provider.flags; ProviderData = provider.providerData.ToArray(); }
internal FirewallCallout(FWPM_CALLOUT0 callout, FirewallEngine engine, Func <SecurityInformation, bool, NtResult <SecurityDescriptor> > get_sd) : base(callout.calloutKey, callout.displayData, NamedGuidDictionary.CalloutGuids.Value, engine, get_sd) { Flags = callout.flags; ProviderData = callout.providerData.ToArray(); ProviderKey = FirewallUtils.ReadGuid(callout.providerKey) ?? Guid.Empty; ApplicableLayer = callout.applicableLayer; CalloutId = callout.calloutId; }
internal FirewallSubLayer(FWPM_SUBLAYER0 sublayer, FirewallEngine engine, Func <SecurityInformation, bool, NtResult <SecurityDescriptor> > get_sd) : base(sublayer.subLayerKey, sublayer.displayData, NamedGuidDictionary.SublayerGuids.Value, engine, get_sd) { if (sublayer.providerKey != IntPtr.Zero) { ProviderKey = new Guid(NtProcess.Current.ReadMemory(sublayer.providerKey.ToInt64(), 16)); } ProviderData = sublayer.providerData.ToArray(); Flags = sublayer.flags; Weight = sublayer.weight; }
private protected FirewallObject(Guid key, FWPM_DISPLAY_DATA0 display_data, NamedGuidDictionary key_to_name, FirewallEngine engine, Func<SecurityInformation, bool, NtResult<SecurityDescriptor>> get_sd) { Key = key; Name = display_data.name ?? string.Empty; Description = display_data.description ?? string.Empty; KeyName = key_to_name.GetName(key); _engine = engine; _get_sd = get_sd; _get_sd_default = new Lazy<SecurityDescriptor>(() => ((INtObjectSecurity)this).GetSecurityDescriptor(SecurityInformation.Owner | SecurityInformation.Group | SecurityInformation.Dacl)); }
internal FirewallLayer(FWPM_LAYER0 layer, FirewallEngine engine, Func <SecurityInformation, bool, NtResult <SecurityDescriptor> > get_sd) : base(layer.layerKey, layer.displayData, NamedGuidDictionary.LayerGuids.Value, engine, get_sd) { Flags = layer.flags; DefaultSubLayerKey = layer.defaultSubLayerKey; LayerId = layer.layerId; List <FirewallField> fields = new List <FirewallField>(); if (layer.numFields > 0 && layer.field != IntPtr.Zero) { var buffer = new SafeHGlobalBuffer(layer.field, 1, false); buffer.Initialize <FWPM_FIELD0>((uint)layer.numFields); fields.AddRange(buffer.ReadArray <FWPM_FIELD0>(0, layer.numFields).Select(f => new FirewallField(f))); } Fields = fields.AsReadOnly(); }
internal FirewallFilter(FWPM_FILTER0 filter, FirewallEngine engine, Func <SecurityInformation, bool, NtResult <SecurityDescriptor> > get_sd) : base(filter.filterKey, filter.displayData, new NamedGuidDictionary(), engine, get_sd) { ActionType = filter.action.type; if (ActionType.HasFlag(FirewallActionType.Callout)) { CalloutKey = filter.action.action.calloutKey; CalloutKeyName = NamedGuidDictionary.CalloutGuids.Value.GetName(CalloutKey); } else { FilterType = filter.action.action.filterType; } LayerKey = filter.layerKey; LayerKeyName = NamedGuidDictionary.LayerGuids.Value.GetName(LayerKey); SubLayerKey = filter.subLayerKey; SubLayerKeyName = NamedGuidDictionary.SubLayerGuids.Value.GetName(SubLayerKey); Flags = filter.flags; List <FirewallFilterCondition> conditions = new List <FirewallFilterCondition>(); if (filter.numFilterConditions > 0) { var conds = new SafeHGlobalBuffer(filter.filterCondition, 1, false); conds.Initialize <FWPM_FILTER_CONDITION0>((uint)filter.numFilterConditions); conditions.AddRange(conds.ReadArray <FWPM_FILTER_CONDITION0>(0, filter.numFilterConditions).Select(c => new FirewallFilterCondition(c))); } Conditions = conditions.AsReadOnly(); Weight = new FirewallValue(filter.weight, Guid.Empty); EffectiveWeight = new FirewallValue(filter.effectiveWeight, Guid.Empty); if (filter.providerKey != IntPtr.Zero) { ProviderKey = filter.providerKey.ReadGuid() ?? Guid.Empty; } ProviderData = filter.providerData.ToArray(); FilterId = filter.filterId; }
private FirewallNetEventListener(FirewallEngine engine) { _engine = engine; _queue = new BlockingCollection <FirewallNetEvent>(); }