/*
* public override void OnRecoveryLoad(XmlElement root)
* {
* base.OnRecoveryLoad(root);
*
* if (root.HasAttribute("ids"))
* {
* string list = root.GetAttribute("ids");
* string[] ids = list.Split(';');
* foreach(string id in ids)
* {
* ulong nid;
* if(ulong.TryParse(id, out nid))
* Wfp.RemoveItemId(nid);
* }
* }
* }
*
* public override void OnRecoverySave(XmlElement root)
* {
* base.OnRecoverySave(root);
*
* lock (m_rules)
* {
* string list = "";
* foreach (WfpItem item in m_rules.Values)
* {
* foreach (ulong id in item.FirewallIds)
* list += id.ToString() + ";";
* }
* root.SetAttributeNode("ids", list);
* }
* }
*/
public void AddRule(string code, XmlElement xmlRule)
{
lock (m_rules)
{
if (m_rules.ContainsKey(code))
{
throw new Exception("Unexpected: NetLock WFP rule '" + code + "' already exists");
}
WfpItem item = Wfp.AddItem(code, xmlRule);
m_rules[code] = item;
}
}
public void RemoveRule(string code)
{
lock (m_rules)
{
if (m_rules.ContainsKey(code) == false)
{
return;
}
//throw new Exception("Unexpected: NetLock WFP rule '" + code + "' doesn't exists");
WfpItem item = m_rules[code];
m_rules.Remove(code);
Wfp.RemoveItem(item);
}
}
public static bool RemoveItem(WfpItem item)
{
lock (Items)
{
if (Items.ContainsValue(item) == false)
{
throw new Exception("Windows WFP, unexpected: Rule '" + item.Code + "' not exists");
}
foreach (UInt64 id in item.FirewallIds)
{
bool result = RemoveItemId(id);
if (result == false)
{
string wfpLastError = Engine.Instance.Elevated.DoCommandSync("wfp", "action", "last-error");
throw new Exception(LanguageManager.GetText("WfpRuleRemoveFail", wfpLastError));
}
}
Items.Remove(item.Code);
}
return(true);
}
public static WfpItem AddItem(string code, XmlElement xml)
{
lock (Items)
{
if (Items.ContainsKey(code))
{
throw new Exception("Windows WFP, unexpected: Rule '" + code + "' already exists");
}
WfpItem item = new WfpItem();
item.Code = code;
List <string> layers = new List <string>();
if (xml.GetAttribute("layer") == "all")
{
layers.Add("ale_auth_recv_accept_v4");
layers.Add("ale_auth_recv_accept_v6");
layers.Add("ale_auth_connect_v4");
layers.Add("ale_auth_connect_v6");
layers.Add("ale_flow_established_v4");
layers.Add("ale_flow_established_v6");
}
else if (xml.GetAttribute("layer") == "all-in")
{
layers.Add("ale_auth_recv_accept_v4");
layers.Add("ale_auth_recv_accept_v6");
}
else if (xml.GetAttribute("layer") == "all-out")
{
layers.Add("ale_auth_connect_v4");
layers.Add("ale_auth_connect_v6");
}
else if (xml.GetAttribute("layer") == "ipv4")
{
layers.Add("ale_auth_recv_accept_v4");
layers.Add("ale_auth_connect_v4");
layers.Add("ale_flow_established_v4");
}
else if (xml.GetAttribute("layer") == "ipv6")
{
layers.Add("ale_auth_recv_accept_v6");
layers.Add("ale_auth_connect_v6");
layers.Add("ale_flow_established_v6");
}
else if (xml.GetAttribute("layer") == "ipv4-in")
{
layers.Add("ale_auth_recv_accept_v4");
}
else if (xml.GetAttribute("layer") == "ipv6-in")
{
layers.Add("ale_auth_recv_accept_v6");
}
else if (xml.GetAttribute("layer") == "ipv4-out")
{
layers.Add("ale_auth_connect_v4");
}
else if (xml.GetAttribute("layer") == "ipv6-out")
{
layers.Add("ale_auth_connect_v6");
}
else
{
layers.Add(xml.GetAttribute("layer"));
}
if (xml.HasAttribute("weight") == false)
{
xml.SetAttribute("weight", "1000");
}
foreach (string layer in layers)
{
XmlElement xmlClone = xml.CloneNode(true) as XmlElement;
xmlClone.SetAttribute("layer", layer);
string xmlStr = xmlClone.OuterXml;
UInt64 id1 = NativeMethods.WfpRuleAdd(xmlStr);
if (id1 == 0)
{
throw new Exception(MessagesFormatter.Format(Messages.WfpRuleAddFail, NativeMethods.WfpGetLastError(), xmlStr));
}
else
{
// Only used for debugging WFP issue with rules in some system
// Engine.Instance.Logs.Log(LogType.Verbose, Messages.Format(Messages.WfpRuleAddSuccess, xmlStr));
item.FirewallIds.Add(id1);
}
}
Items[item.Code] = item;
return(item);
}
}
