Exemple #1
0
        public bool RemoveRule(FirewallRuleEx rule)
        {
            List <byte[]> args = new List <byte[]>();

            args.Add(PutStr(rule.guid));
            args.Add(PutProgID(rule.ProgID)); // we tell the progid so that we dont need to check all programs
            List <byte[]> ret = RemoteExec("RemoveRule", args);

            return(ret != null?GetBool(ret[0]) : false);
        }
Exemple #2
0
        public void NotifyChange(Program prog, FirewallRuleEx rule, Priv10Engine.RuleEventType type, Priv10Engine.RuleFixAction action)
        {
            List <byte[]> args = new List <byte[]>();

            args.Add(PutProg(prog));
            args.Add(PutRule(rule));
            args.Add(PutStr(type));
            args.Add(PutStr(action));
            SendPushNotification("ChangeNotification", args);
        }
Exemple #3
0
        public int SetRuleApproval(Priv10Engine.ApprovalMode Mode, FirewallRuleEx rule)
        {
            List <byte[]> args = new List <byte[]>();

            args.Add(PutStr(Mode));
            args.Add(PutStr(rule != null ? rule.guid : null));      // null means all rules
            args.Add(PutProgID(rule != null ? rule.ProgID : null)); // we tell the progid so that we dont need to check all programs
            List <byte[]> ret = RemoteExec("SetRuleApproval", args);

            return(ret != null?GetInt(ret[0]) : 0);
        }
Exemple #4
0
 public void NotifyChange(Program prog, FirewallRuleEx rule, Priv10Engine.RuleEventType type, Priv10Engine.RuleFixAction action)
 {
     Priv10Engine.ChangeArgs args = new Priv10Engine.ChangeArgs()
     {
         prog   = prog,
         rule   = rule,
         type   = type,
         action = action
     };
     SendPushNotification("ChangeNotification", args);
 }
Exemple #5
0
 public bool Load(XmlNode entryNode)
 {
     foreach (XmlNode node in entryNode.ChildNodes)
     {
         if (node.Name == "ID")
         {
             ProgramID id = new ProgramID();
             if (id.Load(node))
             {
                 ID = id;
             }
         }
         else if (node.Name == "Description")
         {
             Description = node.InnerText;
         }
         else if (node.Name == "FwRules")
         {
             foreach (XmlNode childNode in node.ChildNodes)
             {
                 FirewallRuleEx rule = new FirewallRuleEx();
                 rule.ProgID = ID;
                 if (rule.Load(childNode) && !Rules.ContainsKey(rule.guid))
                 {
                     Rules.Add(rule.guid, rule);
                 }
                 else
                 {
                     App.LogError("Failed to load Firewall RuleEx {0} in {1}", rule.Name != null ? rule.Name : "[un named]", this.Description);
                 }
             }
         }
         else if (node.Name == "DnsLog")
         {
             foreach (XmlNode childNode in node.ChildNodes)
             {
                 DnsEntry Entry = new DnsEntry(ID);
                 if (Entry.Load(childNode) && !DnsLog.ContainsKey(Entry.HostName))
                 {
                     DnsLog.Add(Entry.HostName, Entry);
                 }
                 else
                 {
                     App.LogError("Failed to load DnsLog Entry in {0}", this.Description);
                 }
             }
         }
         else
         {
             AppLog.Debug("Unknown Program Value, '{0}':{1}", node.Name, node.InnerText);
         }
     }
     return(ID != null);
 }
Exemple #6
0
        public FirewallRuleEx(FirewallRuleEx other, FirewallRule rule)
        {
            this.State = other.State;

            //this.Changed = other.Changed;
            this.LastChangedTime = other.LastChangedTime;
            this.ChangedCount    = other.ChangedCount;

            this.Expiration = other.Expiration;

            this.Backup = other.Backup;

            this.Assign(rule);
        }
Exemple #7
0
        public bool ApplyRule(Program prog, FirewallRule rule, UInt64 expiration = 0)
        {
            if (!UpdateRule(rule)) // if the rule is new i.e. guid == null this call will set a new unique guid and add the rule to the global list
            {
                return(false);
            }

            FirewallRuleEx ruleEx;

            if (!prog.Rules.TryGetValue(rule.guid, out ruleEx))
            {
                ruleEx        = new FirewallRuleEx();
                ruleEx.ProgID = FirewallRuleEx.GetIdFromRule(rule);
                prog.Rules.Add(rule.guid, ruleEx);
            }
            ruleEx.Expiration = expiration;
            ruleEx.SetApplied();
            ruleEx.Assign(rule);
            return(true);
        }
Exemple #8
0
 protected byte[] PutRule(FirewallRuleEx rule)
 {
     return(PutObjXml(rule, (FirewallRuleEx obj, XmlWriter writer) => { obj.Store(writer); }));
 }
Exemple #9
0
        public void ApplyRules(ProgramSet progSet, UInt64 expiration = 0)
        {
            EvaluateRules(progSet, true);

            if (progSet.config.NetAccess == ProgramConfig.AccessLevels.Unconfigured)
            {
                return;
            }

            if (progSet.config.NetAccess == progSet.config.CurAccess)
            {
                return;
            }

            foreach (Program prog in progSet.Programs.Values)
            {
                ClearRules(prog, progSet.config.NetAccess != ProgramConfig.AccessLevels.CustomConfig);

                if (progSet.config.NetAccess == ProgramConfig.AccessLevels.CustomConfig)
                {
                    continue; // dont create any rules
                }
                for (int i = 1; i <= 2; i++)
                {
                    FirewallRule.Directions direction = (FirewallRule.Directions)i;

                    if ((progSet.config.NetAccess == ProgramConfig.AccessLevels.InBoundAccess && direction != FirewallRule.Directions.Inbound) ||
                        (progSet.config.NetAccess == ProgramConfig.AccessLevels.OutBoundAccess && direction != FirewallRule.Directions.Outbound))
                    {
                        continue;
                    }

                    switch (progSet.config.NetAccess)
                    {
                    case ProgramConfig.AccessLevels.FullAccess:
                    case ProgramConfig.AccessLevels.InBoundAccess:
                    case ProgramConfig.AccessLevels.OutBoundAccess:
                    {
                        // add and enable allow all rule
                        FirewallRule rule = new FirewallRule();
                        FirewallRuleEx.SetProgID(rule, prog.ID);
                        rule.Name      = MakeRuleName(AllowAllName, expiration != 0, prog.Description);
                        rule.Grouping  = RuleGroup;
                        rule.Action    = FirewallRule.Actions.Allow;
                        rule.Direction = direction;
                        rule.Enabled   = true;
                        ApplyRule(prog, rule, expiration);
                        break;
                    }

                    case ProgramConfig.AccessLevels.LocalOnly:
                    {
                        // create block rule only of we operate in blacklist mode
                        //if (GetFilteringMode() == FilteringModes.BlackList)
                        //{
                        //add and enable block rules for the internet
                        FirewallRule rule1 = new FirewallRule();
                        FirewallRuleEx.SetProgID(rule1, prog.ID);
                        rule1.Name      = MakeRuleName(BlockInet, expiration != 0, prog.Description);
                        rule1.Grouping  = RuleGroup;
                        rule1.Action    = FirewallRule.Actions.Block;
                        rule1.Direction = direction;
                        rule1.Enabled   = true;
                        if (UwpFunc.IsWindows7OrLower)
                        {
                            rule1.RemoteAddresses = GetSpecialNet(FirewallRule.AddrKeywordIntErnet);
                        }
                        else
                        {
                            rule1.RemoteAddresses = FirewallRule.AddrKeywordIntErnet;
                        }
                        ApplyRule(prog, rule1, expiration);
                        //}

                        //add and enable allow rules for the lan
                        FirewallRule rule2 = new FirewallRule();
                        FirewallRuleEx.SetProgID(rule2, prog.ID);
                        rule2.Name      = MakeRuleName(AllowLan, expiration != 0, prog.Description);
                        rule2.Grouping  = RuleGroup;
                        rule2.Action    = FirewallRule.Actions.Allow;
                        rule2.Direction = direction;
                        rule2.Enabled   = true;
                        //rule.RemoteAddresses = FirewallRule.GetSpecialNet(FirewallRule.AddrKeywordLocalSubnet);
                        rule2.RemoteAddresses = FirewallRule.AddrKeywordLocalSubnet;
                        ApplyRule(prog, rule2, expiration);
                        break;
                    }

                    case ProgramConfig.AccessLevels.BlockAccess:
                    {
                        // add and enable broad block rules
                        FirewallRule rule = new FirewallRule();
                        FirewallRuleEx.SetProgID(rule, prog.ID);
                        rule.Name      = MakeRuleName(BlockAllName, expiration != 0, prog.Description);
                        rule.Grouping  = RuleGroup;
                        rule.Action    = FirewallRule.Actions.Block;
                        rule.Direction = direction;
                        rule.Enabled   = true;
                        ApplyRule(prog, rule, expiration);
                        break;
                    }
                    }
                }
            }

            progSet.config.CurAccess = progSet.config.NetAccess;

            App.engine.OnRulesUpdated(progSet);
        }
Exemple #10
0
        public bool Load(XmlNode entryNode)
        {
            foreach (XmlNode node in entryNode.ChildNodes)
            {
                if (node.Name == "ID")
                {
                    ProgramID id = new ProgramID();
                    if (id.Load(node))
                    {
                        // COMPAT: remove service tag
                        ID = FirewallRuleEx.AdjustProgID(id);
                    }
                }
                else if (node.Name == "Description")
                {
                    Description = node.InnerText;
                }
                else if (node.Name == "ReceivedBytes")
                {
                    UInt64.TryParse(node.InnerText, out OldDownload);
                }
                else if (node.Name == "SentBytes")
                {
                    UInt64.TryParse(node.InnerText, out OldUpload);
                }
                else if (node.Name == "FwRules")
                {
                    foreach (XmlNode childNode in node.ChildNodes)
                    {
                        FirewallRuleEx rule = new FirewallRuleEx();
                        rule.ProgID = ID; // todo: remove later, load loads this amyways
                        if (rule.Load(childNode) && !Rules.ContainsKey(rule.guid))
                        {
                            // COMPAT: update entry, old version did not save these data separatly
                            //if (ID.Type != ProgramID.Types.Global && (rule.BinaryPath == null && rule.ServiceTag == null && rule.AppSID == null))
                            //    rule.SetProgID(ID);

                            Rules.Add(rule.guid, rule);
                        }
                        else
                        {
                            Priv10Logger.LogError("Failed to load Firewall RuleEx {0} in {1}", rule.Name != null ? rule.Name : "[un named]", this.Description);
                        }
                    }
                }
                else if (node.Name == "DnsLog")
                {
                    foreach (XmlNode childNode in node.ChildNodes)
                    {
                        DnsEntry Entry = new DnsEntry(ID);
                        if (Entry.Load(childNode) && !DnsLog.ContainsKey(Entry.HostName))
                        {
                            DnsLog.Add(Entry.HostName, Entry);
                        }
                        else
                        {
                            Priv10Logger.LogError("Failed to load DnsLog Entry in {0}", this.Description);
                        }
                    }
                }
                else
                {
                    AppLog.Debug("Unknown Program Value, '{0}':{1}", node.Name, node.InnerText);
                }
            }

            if (Description == null || Description.Substring(0, 2) == "@{")
            {
                Description = GetDescription();
            }

            return(ID != null);
        }