public void TestBitmapPortNoChange() { var systemFactory = new MockIpsetSystemFactory(); var system = new MockIpsetBinaryAdapter(systemFactory); var iptables = new IpTablesSystem(systemFactory, null, system); IpSetSets rulesOriginal = new IpSetSets(new List <String>() { "create test bitmap:port range 1-65535", "add test 80", "add test 81" }, iptables); rulesOriginal.Sets.FirstOrDefault().SyncMode = IpSetSyncMode.SetAndEntries; system.SetSets(rulesOriginal); IpSetSets rulesNew = new IpSetSets(new List <String>() { "create test bitmap:port bitmap:port range 1-65535", "add test 81", "add test 80" }, iptables); rulesNew.Sets.FirstOrDefault().SyncMode = IpSetSyncMode.SetAndEntries; systemFactory.TestSync(rulesNew, new List <string> { }); }
public void TestSyncEntryNotValues() { var systemFactory = new MockIpsetSystemFactory(); var system = new MockIpsetBinaryAdapter(systemFactory); var iptables = new IpTablesSystem(systemFactory, null, system); IpSetSets rulesOriginal = new IpSetSets(new List <String>() { "create test hash:ip family inet hashsize 1024 maxelem 65536", "add test 8.8.8.8" }, iptables); system.SetSets(rulesOriginal); IpSetSets rulesNew = new IpSetSets(new List <String>() { "create test hash:ip" }, iptables); rulesNew.Sets.FirstOrDefault().SyncMode = IpSetSyncMode.SetOnly; systemFactory.TestSync(rulesNew, new List <string> { }); }
public virtual IpSetSets SaveSets(IpTablesSystem iptables) { IpSetSets sets = new IpSetSets(iptables); String output, error; using (ISystemProcess process = _system.StartProcess(BinaryName, "save")) { ProcessHelper.ReadToEnd(process, out output, out error); } String[] all = output.Split(new string[] { "\r\n", "\n" }, StringSplitOptions.RemoveEmptyEntries); foreach (String line in all) { if (String.IsNullOrEmpty(line)) { break; } var trimmed = line.Trim(); if (trimmed.Length != 0) { sets.Accept(trimmed, iptables); } } return(sets); }
public void TestBitmapPort() { var systemFactory = new MockIpsetSystemFactory(); var system = new MockIpsetBinaryAdapter(systemFactory); var iptables = new IpTablesSystem(systemFactory, null, system); IpSetSets rulesOriginal = new IpSetSets(new List <String>() { "create test bitmap:port family inet", "add test 80" }, iptables); system.SetSets(rulesOriginal); IpSetSets rulesNew = new IpSetSets(new List <String>() { "create test bitmap:port" }, iptables); rulesNew.Sets.FirstOrDefault().SyncMode = IpSetSyncMode.SetOnly; systemFactory.TestSync(rulesNew, new List <string> { }); }
public ModelLoad(IpTablesSystem iptables, Dictionary <int, IpTablesRuleSet> ruleSets, IpSetSets sets, DnsClient dns = null) { _iptables = iptables; _ruleSets = ruleSets; _sets = sets; if (dns != null) { _dns = dns; } }
public void TestParseEntryIp() { var set = IpSetSet.Parse("test_set hash:ip family inet hashsize 10 maxelem 14", null); IpSetSets sets = new IpSetSets(null); sets.AddSet(set); String toParse = "test_set 1.2.3.4"; var entry = IpSetEntry.Parse(toParse, sets); Assert.AreEqual("test_set", entry.Set.Name); Assert.AreEqual(IPAddress.Parse("1.2.3.4"), entry.Cidr.Address); }
public void TestParseEntry2() { var set = IpSetSet.Parse("test_set hash:ip,port family inet hashsize 10 maxelem 14", null); IpSetSets sets = new IpSetSets(null); sets.AddSet(set); String toParse = "test_set 8.8.8.8,tcp:80"; var entry = IpSetEntry.Parse(toParse, sets); Assert.AreEqual("test_set", entry.Set.Name); Assert.AreEqual(IPAddress.Parse("8.8.8.8"), entry.Cidr.Address); Assert.AreEqual(80, entry.Port); }
public void PerformSync(string matches) { var whitelist = _aclProvider.GetWhitelisted(); IpSetSet set = new IpSetSet(IpSetType.HashIp, "wl_ip", 0, _system, IpSetSyncMode.SetAndEntries); foreach (var w in whitelist) { set.Entries.Add(new IpSetEntry(set, new IpCidr(w))); } IpSetSets sets = new IpSetSets(_system); sets.AddSet(set); sets.Sync(); IpTablesRuleSet rules = new IpTablesRuleSet(4, _system); rules.AddRule("-A INPUT -m set --match-set wl_ip src -j ACCEPT -m comment --comment WLRULE"); rules.AddRule("-A INPUT " + matches + " j DROP -m comment --comment DROPRULE"); rules.Sync(new DefaultNetfilterSync <IpTablesRule>(Comparer)); }
public void TestSyncDelete() { var systemFactory = new MockIpsetSystemFactory(); var system = new MockIpsetBinaryAdapter(systemFactory); var iptables = new IpTablesSystem(systemFactory, null, system); IpSetSets rulesOriginal = new IpSetSets(new List <String>() { "create test hash:ip", "add test 8.8.8.8" }, iptables); system.SetSets(rulesOriginal); IpSetSets rulesNew = new IpSetSets(new List <String>() { }, iptables); systemFactory.TestSync(rulesNew, new List <string> { "destroy test" }); }
public virtual IpSetSets SaveSets(IpTablesSystem iptables) { IpSetSets sets = new IpSetSets(iptables); //ipset save using (ISystemProcess process = _system.StartProcess(BinaryName, "save")) { ProcessHelper.ReadToEnd(process, line => { if (line == null) { return; } var trimmed = line.Trim(); if (trimmed.Length != 0) { sets.Accept(trimmed, iptables); } }, err => { }); } return(sets); }
public virtual IpSetSets SaveSets(IpTablesSystem iptables) { ISystemProcess process = _system.StartProcess(BinaryName, "save"); IpSetSets sets = new IpSetSets(iptables); String[] all = process.StandardOutput.ReadToEnd().Split(new string[] { "\r\n", "\n" }, StringSplitOptions.RemoveEmptyEntries); foreach (String line in all) { if (String.IsNullOrEmpty(line)) { break; } var trimmed = line.Trim(); if (trimmed.Length != 0) { sets.Accept(trimmed, iptables); } } process.WaitForExit(); return(sets); }
public void TestSyncCreateNet() { var systemFactory = new MockIpsetSystemFactory(); var system = new MockIpsetBinaryAdapter(systemFactory); var iptables = new IpTablesSystem(systemFactory, null, system); IpSetSets rulesOriginal = new IpSetSets(new List <String>() { }, iptables); system.SetSets(rulesOriginal); IpSetSets rulesNew = new IpSetSets(new List <String>() { "create test hash:net", "add test 8.8.8.8/32" }, iptables); systemFactory.TestSync(rulesNew, new List <string> { "create test hash:net family inet hashsize 1024 maxelem 65536", "add test 8.8.8.8" }); }
public IpSetEntryParser(string[] arguments, IpSetEntry entry, IpSetSets sets) { _arguments = arguments; _entry = entry; _sets = sets; }
public void TestSync(IpSetSets rulesNew, List <string> expectedCommands) { TestSync(rulesNew); CollectionAssert.AreEqual(expectedCommands, Commands.Select(a => a.Value).ToList()); }
public virtual IpSetSets SaveSets(IpTablesSystem iptables) { ISystemProcess process = _system.StartProcess(BinaryName, "save"); IpSetSets sets = new IpSetSets(iptables); String[] all = process.StandardOutput.ReadToEnd().Split(new string[]{"\r\n","\n"}, StringSplitOptions.RemoveEmptyEntries); foreach(String line in all){ if (String.IsNullOrEmpty(line)) { break; } var trimmed = line.Trim(); if (trimmed.Length != 0) { sets.Accept(trimmed, iptables); } } process.WaitForExit(); return sets; }
public void SetSets(IpSetSets sets) { _sets = sets; }
public void TestSync(IpSetSets rulesNew) { rulesNew.Sync((a) => true, false); }
public MockIpsetBinaryAdapter(MockIpsetSystemFactory systemFactory, IpSetSets sets = null) : base(systemFactory) { SetSets(sets); }
public virtual IpSetSets SaveSets(IpTablesSystem iptables) { IpSetSets sets = new IpSetSets(iptables); String output, error; using (ISystemProcess process = _system.StartProcess(BinaryName, "save")) { ProcessHelper.ReadToEnd(process, out output, out error); } String[] all = output.Split(new string[]{"\r\n","\n"}, StringSplitOptions.RemoveEmptyEntries); foreach(String line in all){ if (String.IsNullOrEmpty(line)) { break; } var trimmed = line.Trim(); if (trimmed.Length != 0) { sets.Accept(trimmed, iptables); } } return sets; }