private static bool CreateDefaultRules()
{
bool ret = true;
var rules = FirewallHelper.GetRules();
using (ServiceController sc = new ServiceController())
{
string rname;
// Windows 8 or higher
if (Environment.OSVersion.Version >= new System.Version(6, 2))
{
rname = String.Format(Resources.RULE_NAME_FORMAT, "Windows Applications (auto)");
if (rules.All(r => r.Name != rname))
{
CustomRule newRule = new CustomRule(rname, Environment.SystemDirectory + "\\wwahost.exe", null, null, (string)null, Protocol.ANY, null, null, null, FirewallHelper.GetGlobalProfile(), CustomRule.CustomRuleAction.Allow);
ret = ret && FirewallHelper.AddRule(newRule.GetPreparedRule(false));
}
}
sc.ServiceName = "wuauserv";
rname = String.Format(Resources.RULE_NAME_FORMAT, sc.DisplayName + " (auto)");
if (rules.All(r => r.Name != rname + " [R:80,443]"))
{
CustomRule newRule = new CustomRule(rname, Environment.SystemDirectory + "\\svchost.exe", null, null, "wuauserv", Protocol.TCP, null, "80,443", null, FirewallHelper.GetGlobalProfile(), CustomRule.CustomRuleAction.Allow);
ret = ret && FirewallHelper.AddRule(newRule.GetPreparedRule(false));
}
sc.ServiceName = "bits";
rname = String.Format(Resources.RULE_NAME_FORMAT, sc.DisplayName + "(auto)");
if (rules.All(r => r.Name != rname + " [R:80,443]"))
{
CustomRule newRule = new CustomRule(rname, Environment.SystemDirectory + "\\svchost.exe", null, null, "bits", Protocol.TCP, null, "80,443", null, FirewallHelper.GetGlobalProfile(), CustomRule.CustomRuleAction.Allow);
ret = ret && FirewallHelper.AddRule(newRule.GetPreparedRule(false));
}
sc.ServiceName = "cryptsvc";
rname = String.Format(Resources.RULE_NAME_FORMAT, sc.DisplayName + "(auto)");
if (rules.All(r => r.Name != rname + " [R:80]"))
{
CustomRule newRule = new CustomRule(rname, Environment.SystemDirectory + "\\svchost.exe", null, null, "cryptsvc", Protocol.TCP, null, "80", null, FirewallHelper.GetGlobalProfile(), CustomRule.CustomRuleAction.Allow);
ret = ret && FirewallHelper.AddRule(newRule.GetPreparedRule(false));
}
//sc.ServiceName = "aelookupsvc";
//rname = String.Format(Resources.RULE_NAME_FORMAT, sc.DisplayName + "(auto)");
//if (rules.All(r => r.Name != rname + " [R:80]"))
//{
// CustomRule newRule = new CustomRule(rname, Environment.SystemDirectory + "\\svchost.exe", null, null,"aelookupsvc", (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP, null, "80", null, FirewallHelper.GetGlobalProfile(), "A");
// ret = ret && FirewallHelper.AddRule(newRule.GetPreparedRule(false));
//}
}
return(ret);
}
private bool createAllowRule(CurrentConn activeConn, string[] services, bool isTemp)
{
int Profiles = _optionsView.IsCurrentProfileChecked ? FirewallHelper.GetCurrentProfile() : FirewallHelper.GetGlobalProfile();
FirewallHelper.CustomRule newRule = new FirewallHelper.CustomRule(activeConn.RuleName, activeConn.CurrentPath, _optionsView.IsAppChecked? activeConn.CurrentAppPkgId : null, activeConn.CurrentLocalUserOwner, services, _optionsView.IsProtocolChecked? activeConn.Protocol : -1, _optionsView.IsTargetIPChecked? activeConn.Target: null, _optionsView.IsTargetPortChecked? activeConn.TargetPort: null, _optionsView.IsLocalPortChecked? activeConn.LocalPort: null, Profiles, "A");
return(newRule.ApplyIndirect(isTemp));
}
private bool createBlockRule(CurrentConn activeConn, string[] services, bool isTemp)
{
bool success = false;
if (!isTemp)
{
if (Settings.Default.UseBlockRules)
{
int Profiles = _optionsView.IsCurrentProfileChecked ? FirewallHelper.GetCurrentProfile() : FirewallHelper.GetGlobalProfile();
FirewallHelper.CustomRule newRule = new FirewallHelper.CustomRule(activeConn.RuleName, activeConn.CurrentPath, _optionsView.IsAppChecked ? activeConn.CurrentAppPkgId : null, activeConn.CurrentLocalUserOwner, services, _optionsView.IsProtocolChecked ? activeConn.Protocol : -1, _optionsView.IsTargetIPChecked ? activeConn.Target : null, _optionsView.IsTargetPortChecked ? activeConn.TargetPort : null, _optionsView.IsLocalPortChecked ? activeConn.LocalPort : null, Profiles, "B");
success = newRule.ApplyIndirect(isTemp);
if (!success)
{
MessageBox.Show(Common.Properties.Resources.MSG_RULE_FAILED, Common.Properties.Resources.MSG_DLG_ERR_TITLE, MessageBoxButton.OK, MessageBoxImage.Error);
}
}
else
{
string entry = (!_optionsView.IsServiceRuleChecked || String.IsNullOrEmpty(activeConn.CurrentService) ? activeConn.CurrentPath : activeConn.CurrentService) +
(_optionsView.IsLocalPortChecked ? ";" + activeConn.LocalPort : ";") +
(_optionsView.IsTargetIPChecked ? ";" + activeConn.Target : ";") +
(_optionsView.IsTargetPortChecked ? ";" + activeConn.TargetPort : ";"); //FIXME: Need to add more?
using (StreamWriter sw = new StreamWriter(Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "exclusions.set"), true))
{
sw.WriteLine(entry);
}
success = true;
}
}
return(success);
}
private bool createAllowRule(CurrentConn activeConn, string[] services, bool createWithAdvancedOptions, bool createTempRule, string ruleName)
{
int Profiles = OptionsView.IsCurrentProfileChecked ? FirewallHelper.GetCurrentProfile() : FirewallHelper.GetGlobalProfile();
string finalRuleName = createTempRule ? Messages.RULE_TEMP_PREFIX + ruleName : ruleName;
var newRule = new CustomRule(finalRuleName,
createWithAdvancedOptions || OptionsView.IsPathChecked ? activeConn.Path : null,
!createWithAdvancedOptions && OptionsView.IsAppChecked ? activeConn.CurrentAppPkgId : null,
activeConn.CurrentLocalUserOwner,
services,
!createWithAdvancedOptions && OptionsView.IsProtocolChecked ? activeConn.RawProtocol : -1,
!createWithAdvancedOptions && OptionsView.IsTargetIPChecked ? activeConn.TargetIP : null,
!createWithAdvancedOptions && OptionsView.IsTargetPortChecked ? activeConn.TargetPort : null,
!createWithAdvancedOptions && OptionsView.IsLocalPortChecked ? activeConn.SourcePort : null,
Profiles,
CustomRule.CustomRuleAction.Allow);
bool success = FirewallHelper.AddRule(newRule.GetPreparedRule(createTempRule)); // does not use RuleManager
if (success && createTempRule)
{
CreateTempRuleNotifyIcon(newRule);
}
return(success);
}
private bool createBlockRule(CurrentConn activeConn, string[] services, bool createWithAdvancedOptions, bool createTempRule, string ruleName)
{
bool success;
if (Settings.Default.UseBlockRules)
{
int Profiles = OptionsView.IsCurrentProfileChecked ? FirewallHelper.GetCurrentProfile() : FirewallHelper.GetGlobalProfile();
string finalRuleName = (createTempRule) ? Messages.RULE_TEMP_PREFIX + ruleName : ruleName;
var newRule = new CustomRule(finalRuleName,
createWithAdvancedOptions || OptionsView.IsPathChecked ? activeConn.Path : null,
!createWithAdvancedOptions && OptionsView.IsAppChecked ? activeConn.CurrentAppPkgId : null,
activeConn.CurrentLocalUserOwner,
services,
!createWithAdvancedOptions && OptionsView.IsProtocolChecked ? activeConn.RawProtocol : -1,
!createWithAdvancedOptions && OptionsView.IsTargetIPChecked ? activeConn.TargetIP : null,
!createWithAdvancedOptions && OptionsView.IsTargetPortChecked ? activeConn.TargetPort : null,
!createWithAdvancedOptions && OptionsView.IsLocalPortChecked ? activeConn.SourcePort : null,
Profiles,
CustomRule.CustomRuleAction.Block);
success = FirewallHelper.AddRule(newRule.GetPreparedRule(createTempRule)); // does not use RuleManager
if (success && createTempRule)
{
CreateTempRuleNotifyIcon(newRule);
}
if (!success)
{
MessageBox.Show(Messages.MSG_RULE_FAILED, Messages.MSG_DLG_ERR_TITLE, MessageBoxButton.OK, MessageBoxImage.Error);
}
}
else
{
// FIXME: Remove and always use Global Rules?
throw new ArgumentException("Only global block rules can be used - check options");
string entry = (!OptionsView.IsServiceRuleChecked || String.IsNullOrEmpty(activeConn.CurrentService) ? activeConn.Path : activeConn.CurrentService) +
(OptionsView.IsLocalPortChecked ? ";" + activeConn.SourcePort : ";") +
(OptionsView.IsTargetIPChecked ? ";" + activeConn.TargetIP : ";") +
(OptionsView.IsTargetPortChecked ? ";" + activeConn.TargetPort : ";"); //FIXME: Need to add more?
using (StreamWriter sw = new StreamWriter(Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "exclusions.set"), true))
{
sw.WriteLine(entry);
}
success = true;
}
return(success);
}
private bool createAllowRule(CurrentConn activeConn, string[] services, bool isTemp)
{
int Profiles = OptionsView.IsCurrentProfileChecked ? FirewallHelper.GetCurrentProfile() : FirewallHelper.GetGlobalProfile();
string ruleName = isTemp ? Messages.RULE_TEMP_PREFIX + activeConn.RuleName : activeConn.RuleName;
CustomRule newRule = new CustomRule(ruleName, activeConn.CurrentPath, OptionsView.IsAppChecked ? activeConn.CurrentAppPkgId : null
, activeConn.CurrentLocalUserOwner, services, OptionsView.IsProtocolChecked ? activeConn.Protocol : -1, OptionsView.IsTargetIPChecked ? activeConn.Target : null
, OptionsView.IsTargetPortChecked ? activeConn.TargetPort : null, OptionsView.IsLocalPortChecked ? activeConn.LocalPort : null, Profiles
, CustomRule.CustomRuleAction.A);
bool success = FirewallHelper.AddRule(newRule.GetPreparedRule(isTemp)); // does not use RuleManager
if (success && isTemp)
{
CreateTempRuleNotifyIcon(newRule);
}
return(success);
}