/// <summary>
/// Delete a rule from the tracked objects.
/// </summary>
/// <param name="networkRule"></param>
/// <exception cref="Exception"></exception>
public void DeleteRule(NetworkRule networkRule)
{
// Build standard process options.
var processOptions = NetworkBuilder.BuildProcessOptions("iptables");
// Get local interface information
var interfaceInformation = GetDefaultInterface();
// Determine how to handle the rule.
switch (networkRule.Type)
{
// MASQUERADE
case NetworkRuleType.Masquerade:
processOptions.Arguments = ("-D " + NetworkBuilder.BuildTemplate(NetworkRuleTemplates.MASQUERADE, networkRule, interfaceInformation)).Split(" ");
break;
// SNAT
case NetworkRuleType.SourceNetworkAddressTranslation:
processOptions.Arguments =
("-D " + NetworkBuilder.BuildTemplate(NetworkRuleTemplates.SNAT, networkRule, interfaceInformation)).Split(" ");
break;
// Unhandled Exception
default:
_logger.LogError("Firewall environment was provided undefined rule type.");
throw FirewallExceptions.UnhandledNetworkRuleException();
}
//TODO: Ask paul for help here. Not sure what we should do.
_processRunner.Run(processOptions, null);
// Forget the rule.
_rules.Remove(networkRule);
}
/// <summary>
/// Add a rule to track.
/// </summary>
/// <param name="networkRule"></param>
/// <exception cref="Exception"></exception>
public void AddRule(NetworkRule networkRule)
{
// Build standard process options.
var commandOptions = NetworkBuilder.BuildProcessOptions("iptables");
// Get local interface information
var interfaceInformation = GetDefaultInterface();
// Determine how to handle the rule.
switch (networkRule.Type)
{
// MASQUERADE
case NetworkRuleType.Masquerade:
// Assign the argument.
commandOptions.Arguments = ("-A " + NetworkBuilder.BuildTemplate(
NetworkRuleTemplates.MASQUERADE,
networkRule,
interfaceInformation
)
)
// Convert to string array.
.Split(" ");
// Tell the console
_logger.LogInformation("Created MASQUERADE rule for {0}", networkRule.Network);
break;
// SNAT
case NetworkRuleType.SourceNetworkAddressTranslation:
// Assign the argument
commandOptions.Arguments = ("-A " + NetworkBuilder.BuildTemplate(
NetworkRuleTemplates.SNAT,
networkRule,
interfaceInformation
)
)
// Convert to string array.
.Split(" ");
// Tell the console.
_logger.LogInformation("Created SNAT rule for {0}", networkRule.Network);
break;
// Unhandled Exception
default:
_logger.LogError("Firewall environment was provided undefined rule type.");
throw FirewallExceptions.UnhandledNetworkRuleException();
}
// Run the process.
_processRunner.Run(commandOptions);
// Track the rule.
_rules.Add(networkRule);
}