private void LoadFirewall(IPBanConfig oldConfig) { IIPBanFirewall existing = Firewall; Firewall = FirewallCreator.CreateFirewall(Config, Firewall); if (existing != Firewall) { AddUpdater(Firewall); Logger.Warn("Loaded firewall type {0}", Firewall.GetType()); if (existing != null) { RemoveUpdater(existing); // transfer banned ip to new firewall Firewall.BlockIPAddresses(null, ipDB.EnumerateBannedIPAddresses()).Sync(); } } if (oldConfig is null) { // clear out all previous custom rules foreach (string rule in Firewall.GetRuleNames(Firewall.RulePrefix + "EXTRA_").ToArray()) { Firewall.DeleteRule(rule); } } else { // check for updated / new / removed block rules List <string> deleteList = new List <string>(oldConfig.ExtraRules.Select(r => r.Name)); // cleanup rules that are no longer in the config foreach (string newRule in Config.ExtraRules.Select(r => r.Name)) { deleteList.Remove(newRule); } foreach (string rule in deleteList) { foreach (string ruleName in Firewall.GetRuleNames(rule).ToArray()) { Firewall.DeleteRule(ruleName); } } } // ensure firewall is cleared out if needed - will only execute once UpdateBannedIPAddressesOnStart(); // ensure windows event viewer is setup if needed - will only execute once SetupWindowsEventViewer(); // add/update global rules Firewall.AllowIPAddresses("GlobalWhitelist", Config.Whitelist); Firewall.BlockIPAddresses("GlobalBlacklist", Config.BlackList); // add/update user specified rules foreach (IPBanFirewallRule rule in Config.ExtraRules) { if (rule.Block) { Firewall.BlockIPAddresses(rule.Name, rule.IPAddressRanges, rule.AllowPortRanges); } else { Firewall.AllowIPAddresses(rule.Name, rule.IPAddressRanges, rule.AllowPortRanges); } } }