public ULogRule(FireWallChains chain, string networkInterface, Protocols protocol, ICMPTypes?icmpType, IPAddress source, IPAddress sourceNetworkMask,
FirewallPort sourcePort, IPAddress destination, IPAddress destinationNetworkMask, FirewallPort destinationPort,
ConnectionStateTypes[] connectionStates, string note, byte logGroup, string prefix, uint bytesToCopy, ushort queueSize) :
base(chain, networkInterface, protocol, icmpType, source, sourceNetworkMask, sourcePort, destination, destinationNetworkMask, destinationPort, connectionStates, note)
{
_logGroup = logGroup;
_prefix = prefix;
_bytesToCopy = bytesToCopy;
_queueSize = queueSize;
if (_prefix != null)
{
if (_prefix.Length > 32)
{
throw new Exception("Unable to create ULog rule with a message prefix greater than 32 characters.");
}
}
if (_logGroup < 1 || _logGroup > 32)
{
throw new Exception("Unable to create ULog rule with a log group not from 1-32.");
}
if (_queueSize < 1)
{
throw new Exception("Unable to create a ULog rule with a queue size less than 1.");
}
}
public RejectRule(FireWallChains chain, string networkInterface, Protocols protocol, ICMPTypes? icmpType, IPAddress source, IPAddress sourceNetworkMask,
FirewallPort sourcePort, IPAddress destination, IPAddress destinationNetworkMask, FirewallPort destinationPort,
ConnectionStateTypes[] connectionStates,string note,RejectOptions rejectWith) :
base(chain,networkInterface, protocol, icmpType, source, sourceNetworkMask, sourcePort, destination, destinationNetworkMask, destinationPort, connectionStates,note)
{
_rejectWith = rejectWith;
}
protected FirewallRule(FireWallChains chain, string networkInterface, Protocols protocol, ICMPTypes?icmpType, IPAddress source, IPAddress sourceNetworkMask,
FirewallPort sourcePort, IPAddress destination, IPAddress destinationNetworkMask, FirewallPort destinationPort,
ConnectionStateTypes[] connectionStates, string note)
{
_chain = chain;
_interface = networkInterface;
_protocol = protocol;
_sourceIP = source;
_sourceNetworkMask = sourceNetworkMask;
_sourcePort = sourcePort;
_destinationIP = destination;
_destinationNetworkMask = destinationNetworkMask;
_destinationPort = destinationPort;
_connectionStates = connectionStates;
_icmpType = icmpType;
_note = note;
if (protocol != Protocols.icmp && _icmpType.HasValue)
{
throw new Exception("Unable to produce a firewall rule with an ICMP type unless ICMP is the protocol specified.");
}
if (protocol == Protocols.udp && _connectionStates != null)
{
throw new Exception("Unable to produce a firewall rule with udp protocol type and Connection States specified since udp is stateless.");
}
}
public RejectRule(FireWallChains chain, string networkInterface, Protocols protocol, ICMPTypes?icmpType, IPAddress source, IPAddress sourceNetworkMask,
FirewallPort sourcePort, IPAddress destination, IPAddress destinationNetworkMask, FirewallPort destinationPort,
ConnectionStateTypes[] connectionStates, string note, RejectOptions rejectWith) :
base(chain, networkInterface, protocol, icmpType, source, sourceNetworkMask, sourcePort, destination, destinationNetworkMask, destinationPort, connectionStates, note)
{
_rejectWith = rejectWith;
}
public LogRule(FireWallChains chain, string networkInterface, Protocols protocol, ICMPTypes? icmpType, IPAddress source, IPAddress sourceNetworkMask,
FirewallPort sourcePort, IPAddress destination, IPAddress destinationNetworkMask, FirewallPort destinationPort,
ConnectionStateTypes[] connectionStates,string note,LogLevels level,string logPrefix,bool logTcpOptions,bool logTcpSequence,bool logIPOptions) :
base(chain,networkInterface, protocol, icmpType, source, sourceNetworkMask, sourcePort, destination, destinationNetworkMask, destinationPort, connectionStates,note)
{
_logLevel = level;
_logPrefix = logPrefix;
_logTcpOptions = logTcpOptions;
_logTcpSequence = logTcpSequence;
_logIPOptions = logIPOptions;
if (_logPrefix != null)
{
if (_logPrefix.Length > 29)
throw new Exception("The log prefix " + _logPrefix + " is too long, it cannot exceed 29 characters.");
}
}
public LogRule(FireWallChains chain, string networkInterface, Protocols protocol, ICMPTypes?icmpType, IPAddress source, IPAddress sourceNetworkMask,
FirewallPort sourcePort, IPAddress destination, IPAddress destinationNetworkMask, FirewallPort destinationPort,
ConnectionStateTypes[] connectionStates, string note, LogLevels level, string logPrefix, bool logTcpOptions, bool logTcpSequence, bool logIPOptions) :
base(chain, networkInterface, protocol, icmpType, source, sourceNetworkMask, sourcePort, destination, destinationNetworkMask, destinationPort, connectionStates, note)
{
_logLevel = level;
_logPrefix = logPrefix;
_logTcpOptions = logTcpOptions;
_logTcpSequence = logTcpSequence;
_logIPOptions = logIPOptions;
if (_logPrefix != null)
{
if (_logPrefix.Length > 29)
{
throw new Exception("The log prefix " + _logPrefix + " is too long, it cannot exceed 29 characters.");
}
}
}
public ULogRule(FireWallChains chain, string networkInterface, Protocols protocol, ICMPTypes? icmpType, IPAddress source, IPAddress sourceNetworkMask,
FirewallPort sourcePort, IPAddress destination, IPAddress destinationNetworkMask, FirewallPort destinationPort,
ConnectionStateTypes[] connectionStates,string note,byte logGroup,string prefix,uint bytesToCopy,ushort queueSize) :
base(chain,networkInterface, protocol, icmpType, source, sourceNetworkMask, sourcePort, destination, destinationNetworkMask, destinationPort, connectionStates,note)
{
_logGroup = logGroup;
_prefix = prefix;
_bytesToCopy = bytesToCopy;
_queueSize = queueSize;
if (_prefix != null)
{
if (_prefix.Length > 32)
throw new Exception("Unable to create ULog rule with a message prefix greater than 32 characters.");
}
if (_logGroup < 1 || _logGroup > 32)
throw new Exception("Unable to create ULog rule with a log group not from 1-32.");
if (_queueSize < 1)
throw new Exception("Unable to create a ULog rule with a queue size less than 1.");
}
public static List <mFirewallRule> LoadAllForChain(FireWallChains chain, bool moduleOnly)
{
if (User.Current == null)
{
return(null);
}
else if (!User.Current.HasRight(Constants.SYSTEM_CONTROL_RIGHT))
{
return(null);
}
List <mFirewallRule> ret = new List <mFirewallRule>();
if (ModuleController.Current.IsModuleEnabled("System Security"))
{
if (!moduleOnly)
{
List <FirewallRule> rules = (List <FirewallRule>)ModuleController.Current.InvokeModuleMethod("System Security", "GetAllRules");
foreach (FirewallRule fr in rules)
{
if (fr.Chain == chain)
{
ret.Add(new mFirewallRule(null, fr));
}
}
}
}
else
{
if (moduleOnly)
{
foreach (IModule mod in ModuleController.CurrentModules)
{
if (ModuleController.Current.IsModuleEnabled(mod.ModuleName))
{
List <FirewallRule> rules = mod.FirewallRules;
if (rules != null)
{
foreach (FirewallRule fr in rules)
{
if (fr.Chain == chain)
{
ret.Add(new mFirewallRule(mod.ModuleName, fr));
}
}
}
}
}
}
else
{
switch (chain)
{
case FireWallChains.Input:
foreach (FirewallRule fr in FirewallRule.DefaultInputRules)
{
ret.Add(new mFirewallRule(null, fr));
}
break;
case FireWallChains.Output:
foreach (FirewallRule fr in FirewallRule.DefaultOutputRules)
{
ret.Add(new mFirewallRule(null, fr));
}
break;
case FireWallChains.Forward:
foreach (FirewallRule fr in FirewallRule.DefaultForwardRules)
{
ret.Add(new mFirewallRule(null, fr));
}
break;
}
}
}
int index = 0;
foreach (mFirewallRule mfr in ret)
{
try
{
System.Diagnostics.Debug.Write(index.ToString() + ". ");
index++;
System.Diagnostics.Debug.WriteLine(mfr.AddRuleCommand);
}
catch (Exception e)
{
Log.Error(e);
}
}
return(ret);
}
protected FirewallRule(FireWallChains chain, string networkInterface, Protocols protocol, ICMPTypes? icmpType, IPAddress source, IPAddress sourceNetworkMask,
FirewallPort sourcePort, IPAddress destination, IPAddress destinationNetworkMask, FirewallPort destinationPort,
ConnectionStateTypes[] connectionStates,string note)
{
_chain = chain;
_interface = networkInterface;
_protocol = protocol;
_sourceIP = source;
_sourceNetworkMask = sourceNetworkMask;
_sourcePort = sourcePort;
_destinationIP = destination;
_destinationNetworkMask = destinationNetworkMask;
_destinationPort = destinationPort;
_connectionStates = connectionStates;
_icmpType = icmpType;
_note = note;
if (protocol != Protocols.icmp && _icmpType.HasValue)
throw new Exception("Unable to produce a firewall rule with an ICMP type unless ICMP is the protocol specified.");
if (protocol == Protocols.udp && _connectionStates != null)
throw new Exception("Unable to produce a firewall rule with udp protocol type and Connection States specified since udp is stateless.");
}
public PortRedirectRule(FireWallChains chain, string networkInterface, Protocols protocol, IPAddress source, FirewallPort sourcePort, FirewallPort destinationPort,
ConnectionStateTypes[] connectionStates, string note, int toPort) :
base(chain, networkInterface, protocol, null, source, null, sourcePort, null, null, destinationPort, connectionStates, note)
{
this._toPort = toPort;
}
public PortRedirectRule(FireWallChains chain, string networkInterface, Protocols protocol, IPAddress source, FirewallPort sourcePort, FirewallPort destinationPort,
ConnectionStateTypes[] connectionStates,string note, int toPort) :
base(chain, networkInterface, protocol, null, source, null, sourcePort, null, null, destinationPort, connectionStates,note)
{
this._toPort = toPort;
}
public static List<mFirewallRule> LoadAllForChain(FireWallChains chain,bool moduleOnly)
{
if (User.Current == null)
return null;
else if (!User.Current.HasRight(Constants.SYSTEM_CONTROL_RIGHT))
return null;
List<mFirewallRule> ret = new List<mFirewallRule>();
if (ModuleController.Current.IsModuleEnabled("System Security"))
{
if (!moduleOnly)
{
List<FirewallRule> rules = (List<FirewallRule>)ModuleController.Current.InvokeModuleMethod("System Security", "GetAllRules");
foreach (FirewallRule fr in rules)
{
if (fr.Chain==chain)
ret.Add(new mFirewallRule(null, fr));
}
}
}
else
{
if (moduleOnly)
{
foreach (IModule mod in ModuleController.CurrentModules)
{
if (ModuleController.Current.IsModuleEnabled(mod.ModuleName))
{
List<FirewallRule> rules = mod.FirewallRules;
if (rules != null)
{
foreach (FirewallRule fr in rules)
{
if (fr.Chain == chain)
ret.Add(new mFirewallRule(mod.ModuleName, fr));
}
}
}
}
}
else
{
switch (chain)
{
case FireWallChains.Input:
foreach (FirewallRule fr in FirewallRule.DefaultInputRules)
ret.Add(new mFirewallRule(null, fr));
break;
case FireWallChains.Output:
foreach (FirewallRule fr in FirewallRule.DefaultOutputRules)
ret.Add(new mFirewallRule(null, fr));
break;
case FireWallChains.Forward:
foreach (FirewallRule fr in FirewallRule.DefaultForwardRules)
ret.Add(new mFirewallRule(null, fr));
break;
}
}
}
int index = 0;
foreach (mFirewallRule mfr in ret)
{
try
{
System.Diagnostics.Debug.Write(index.ToString() + ". ");
index++;
System.Diagnostics.Debug.WriteLine(mfr.AddRuleCommand);
}
catch (Exception e)
{
Log.Error(e);
}
}
return ret;
}
