/// <summary> /// Create linux firewall configuration snapshot /// </summary> /// <returns>List of firewall configuration snapshot event, the list should contain only one element</returns> protected override List <IEvent> GetEventsImpl() { var returnedEvents = new List <IEvent>(); if (!_isIptablesExist) { SimpleLogger.Error($"{GetType().Name}: Could not collect iptables rules"); return(returnedEvents); } string iptablesSaveOutput = _processUtil.ExecuteBashShellCommand(IpTablesSaveCommand) ?? string.Empty; string[] filterTable = GetIptablesTableSection(iptablesSaveOutput, FilterTableName) ?? new string[] {}; var snapshot = IptablesChain.GetChainsFromTable(filterTable) .SelectMany(ParseChainFromTable) .ToArray(); if (snapshot.Length == 0) { //If no rules defined on the machine, send default tables snapshot = GetDefaultTableRules(); } returnedEvents.Add(new FirewallConfiguration(Priority, snapshot)); return(returnedEvents); }
private static List <FirewallRulePayload> ParseChainFromTable(IptablesChain chain) { FirewallRulePayload.Directions?direction = null; if (chain.Name == InputChain) { direction = FirewallRulePayload.Directions.In; } else if (chain.Name == OutputChain) { direction = FirewallRulePayload.Directions.Out; } return(chain.Rules.Select(rule => new FirewallRulePayload { Priority = rule.Priority, ChainName = chain.Name, Action = rule.TargetAction, Direction = direction, Enabled = true, ExtraDetails = rule.Extras, SourceAddress = GetConcatenatedValues(rule.RuleMatchConditions, IptableRule.MatchConditions.SourceAddress, IptableRule.MatchConditions.SourceAddressRange), SourcePort = GetConcatenatedValues(rule.RuleMatchConditions, IptableRule.MatchConditions.SourcePort, IptableRule.MatchConditions.SourcePortRange), Protocol = GetValueOrEmptyString(rule.RuleMatchConditions, IptableRule.MatchConditions.Protocol), DestinationAddress = GetConcatenatedValues(rule.RuleMatchConditions, IptableRule.MatchConditions.DestinationAddress, IptableRule.MatchConditions.DestinationAddressRange), DestinationPort = GetConcatenatedValues(rule.RuleMatchConditions, IptableRule.MatchConditions.DestinationPort, IptableRule.MatchConditions.DestinationPortRange) }).ToList()); }
/// <summary> /// Create linux firewall configuration snapshot /// </summary> /// <returns>List of firewall configuration snapshot event, the list should contain only one element</returns> protected override List <IEvent> GetEventsImpl() { var returnedEvents = new List <IEvent>(); if (!_isIptablesExist) { SimpleLogger.Warning($"{GetType().Name}: Iptables does not exist on this device"); returnedEvents.Add(new FirewallConfiguration(Priority)); return(returnedEvents); } string iptablesSaveOutput = _processUtil.ExecuteBashShellCommand(IpTablesSaveCommand); if (string.IsNullOrEmpty(iptablesSaveOutput)) { SimpleLogger.Warning( $"{GetType().Name}: Can't get Iptables data, check permission or iptables is not configured on this machine"); returnedEvents.Add(new FirewallConfiguration(Priority)); return(returnedEvents); } string[] filterTable = GetIptablesTableSection(iptablesSaveOutput, FilterTableName); var snapshot = IptablesChain.GetChainsFromTable(filterTable ?? new string[] {}) .SelectMany(ParseChainFromTable) .ToArray(); returnedEvents.Add(new FirewallConfiguration(Priority, snapshot)); return(returnedEvents); }