public static Firewall TryCreate(string exePath)
{
if (!FirewallManager.IsServiceRunning)
{
MessageBox.Show(String.Format("Windows firewall service is not running"));
return(null);
}
IFirewall inst;
if (!FirewallManager.TryGetInstance(out inst))
{
MessageBox.Show(String.Format("Cannot get windows firewall service instance"));
return(null);
}
var rule = inst.Rules.FirstOrDefault(r => r.Name == RuleName);
if (rule == null)
{
rule = CreateRule(inst, exePath);
Console.WriteLine("Firewall rule has been created: {0}", rule);
}
else
{
Console.WriteLine("Firewall rule already exists: {0}", rule);
}
return(new Firewall(inst, rule));
}
public void Start()
{
try {
if (!(new Initializer()).WaitUntilSQLStarts())
{
throw new Exception("SQL Engine didn't start on time!");
}
FirewallManager.StartFirewall(rbrProcessFilePath, "RBR");
if (!houskeeper.Start(instanceLicenseExpired))
{
throw new Exception("Houskeeper didn't start!");
}
udpServer.Start();
if (Configuration.Instance.Main.NodeRole == NodeRole.SIP)
{
ChannelListenerFactory.Create(rbrProcessFilePath, new SessionDispatcher(callStatistics));
TimokLogger.Instance.LogRbr(LogSeverity.Status, ON_START_LABEL, "RbrServer started in Softswitch mode");
}
else
{
TimokLogger.Instance.LogRbr(LogSeverity.Status, ON_START_LABEL, "RbrServer Started in Admin mode");
}
}
catch (Exception _ex) {
TimokLogger.Instance.LogRbr(LogSeverity.Critical, ON_START_LABEL, string.Format("Exception:\r\n{0}", _ex));
throw;
}
}
public void DelegatesToFirewallManager()
{
var tcpPortManager = new LocalTcpPortManager(FirewallManager, NetShRunner);
tcpPortManager.RemoveFirewallRules("fred");
FirewallManager.Received(1).RemoveAllFirewallRules("fred");
}
void OnTriggerEnter(Collider col)
{
if (col.name.StartsWith("PuzzleTerminal"))
{
atPuzzleTerminal = true;
currentFirewall = col.gameObject.GetComponent <FirewallManager>();
}
}
void closeFirewall()
{
if (File.Exists(processFilePath))
{
FirewallManager.StopFirewall(processFilePath);
TimokLogger.Instance.LogRbr(LogSeverity.Debug, "R_ReplicationService.closeFirewall", string.Format("FirewallDisabled for app={0}", processFilePath));
}
}
public void DelegatesToFirewallManager()
{
var tcpPortManager = new LocalTcpPortManager(FirewallManager, NetShRunner);
var firewallRuleSpec = new FirewallRuleSpec();
tcpPortManager.CreateOutboundFirewallRule("fred", firewallRuleSpec);
FirewallManager.Received(1).CreateOutboundFirewallRule("fred", firewallRuleSpec);
}
public void RemovesFirewallRulesEvenWithNoPort()
{
var tcpPortManager = new LocalTcpPortManager(FirewallManager, NetShRunner);
tcpPortManager.ReleaseLocalPort(null, "userName");
NetShRunner.DidNotReceive().DeleteRule(Arg.Any <int>());
FirewallManager.Received().ClosePort(Arg.Is("userName"));
}
public void Can_add_simple_udp_rule()
{
FirewallManager sut = new FirewallManager();
var rules = new FirewallRule[]
{
new FirewallRule("test", 1000, 1000, "any")
};
sut.ApplyUdpRules(rules);
}
private bool MakeCustom(Program prog, UInt64 expiration, ConEntry entry = null)
{
FirewallRuleEx rule = new FirewallRuleEx()
{
guid = null, Profile = (int)FirewallRule.Profiles.All, Interface = (int)FirewallRule.Interfaces.All, Enabled = true
};
rule.SetProgID(prog.ID);
rule.Name = FirewallManager.MakeRuleName(FirewallManager.CustomName, expiration != 0, prog.Description);
rule.Grouping = FirewallManager.RuleGroup;
if (entry != null)
{
rule.Direction = entry.Entry.FwEvent.Direction;
rule.Protocol = (int)entry.Entry.FwEvent.Protocol;
switch (entry.Entry.FwEvent.Protocol)
{
/*case (int)FirewallRule.KnownProtocols.ICMP:
* case (int)FirewallRule.KnownProtocols.ICMPv6:
*
* break;*/
case (int)FirewallRule.KnownProtocols.TCP:
case (int)FirewallRule.KnownProtocols.UDP:
rule.LocalPorts = "*";
rule.RemotePorts = entry.Entry.FwEvent.RemotePort.ToString();
break;
}
rule.LocalAddresses = "*";
rule.RemoteAddresses = entry.Entry.FwEvent.RemoteAddress.ToString();
}
else
{
rule.Direction = FirewallRule.Directions.Bidirectiona;
}
RuleWindow ruleWnd = new RuleWindow(new List <Program>()
{
prog
}, rule);
ruleWnd.Topmost = true;
if (ruleWnd.ShowDialog() != true)
{
return(false);
}
if (!App.client.UpdateRule(rule, expiration))
{
MessageBox.Show(Translate.fmt("msg_rule_failed"), App.Title, MessageBoxButton.OK, MessageBoxImage.Exclamation);
return(false);
}
return(true);
}
public override void Puzzle(FirewallManager fwm)
{
if (!isStarting)
{
details.animator.SetTrigger("toPuzzle");
details.PlaySFX("puzzleTerminal");
timeTillStart = details.puzzleTime;
isStarting = true;
firewallManager = fwm;
}
}
public void ThrowWardenExecptionIfFirewallManagerFails()
{
var tcpPortManager = new LocalTcpPortManager(FirewallManager, NetShRunner);
NetShRunner.AddRule(Arg.Any <int>(), Arg.Any <string>()).ReturnsForAnyArgs(true);
FirewallManager.When(x => x.OpenPort(Arg.Any <int>(), Arg.Any <string>())).Do(x => { throw new Exception(); });
var exception = Record.Exception(() => tcpPortManager.ReserveLocalPort(8888, "userName"));
Assert.IsType <Exception>(exception);
}
//--------------------------------- Protected -------------------------------------------------
protected override void OnStart(string[] args)
{
FirewallManager.StartFirewall(processFilePath, "Replication");
//engine = new ReplicationEngine(CurrentNode.Instance.Id);
if (!startReplication())
{
TimokLogger.Instance.LogRbr(LogSeverity.Critical, "R_ReplicationService.OnStart", "Replication Service start failed.");
throw new Exception(string.Format("Replication start failed: {0}", ServiceName));
}
}
public void CallsNetShRunnerFirewallManagerToReleasePort()
{
var tcpPortManager = new LocalTcpPortManager(FirewallManager, NetShRunner);
NetShRunner.DeleteRule(Arg.Any <int>()).ReturnsForAnyArgs(true);
tcpPortManager.ReleaseLocalPort(8888, "userName");
NetShRunner.Received().DeleteRule(Arg.Is(8888));
FirewallManager.Received().ClosePort(Arg.Is("userName"));
}
public void CallsNetShRunnerFirewallManagerAndReturnsPort()
{
var tcpPortManager = new LocalTcpPortManager(FirewallManager, NetShRunner);
NetShRunner.AddRule(Arg.Any <int>(), Arg.Any <string>()).ReturnsForAnyArgs(true);
var port = tcpPortManager.ReserveLocalPort(8888, "userName");
NetShRunner.Received().AddRule(Arg.Is(8888), Arg.Is("userName"));
FirewallManager.Received().OpenPort(Arg.Is(8888), Arg.Is("userName"));
Assert.Equal(8888, port);
}
static void Main(string[] args)
{
#if DEBUG
DebugPrint();
#endif
Logger l = Logger.GetINSTANCE();
if (Debug())
{
l.LogRun();
}
if (!IsAdmin())
{
l.LogMissingAdmin();
l.Close();
Environment.Exit(0);
}
WhitelistSection wlSection = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None).Sections["whitelistSection"] as WhitelistSection;
WhitelistElementCollection wlColl = wlSection.Whitelisted;
List <IPrange> whitelist = new List <IPrange>();
foreach (WhitelistElement element in wlColl)
{
whitelist.Add(new IPrange(element.IP, element.Range, 0, false));
}
FileSettingSection fsSection = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None).Sections["fileSettingsSection"] as FileSettingSection;
FileSettingElementCollection fsColl = fsSection.FileSettings;
foreach (FileSettingElement element in fsColl)
{
FileReader.ReadFolder(element);
if (Debug())
{
Console.WriteLine("{0}: {1}", element.RuleName, element.ReadPath);
}
}
#if DEBUG
DebugPrint();
//FirewallManager.BlockIPs(IPManager.GetInstance().Values, whitelist);
Console.ReadKey();
#else
if (Debug())
{
DebugPrint();
}
FirewallManager.BlockIPs(IPManager.GetInstance().Values, whitelist);
#endif
l.Close();
}
public void Stop()
{
if (File.Exists(rbrProcessFilePath))
{
FirewallManager.StopFirewall(rbrProcessFilePath);
TimokLogger.Instance.LogRbr(LogSeverity.Debug, ON_STOP_LABEL, string.Format("FirewallDisabled for app={0}", rbrProcessFilePath));
}
if (currentNode.IsSIP)
{
ChannelListenerFactory.Destroy();
TimokLogger.Instance.LogRbr(LogSeverity.Status, ON_STOP_LABEL, "IVR Stopped");
}
udpServer.Stop();
houskeeper.Stop();
TimokLogger.Instance.LogRbr(LogSeverity.Status, ON_STOP_LABEL, "RbrServer Stoped");
}
/// <summary>
/// netsh http delete urlacl http://*:8888/
/// </summary>
public void ReleaseLocalPort()
{
string arguments = String.Format("http delete urlacl http://*:{0}/", port);
if (RunNetsh(arguments))
{
try
{
var firewallManager = new FirewallManager(port, firewallRuleName);
firewallManager.ClosePort();
}
catch (Exception ex)
{
throw new WardenException(String.Format("Error removing firewall rule for port '{0}', user '{1}'", port, userName), ex);
}
}
else
{
throw new WardenException("Error removing reservation for port '{0}'", port);
}
}
protected override void OnStop()
{
PluginManager.Stop();
WebServer.Stop();
ServerManager.Stop();
WorldManager.Stop();
VersionManager.Stop();
UpdateManager.Stop();
PortManager.Stop();
FirewallManager.RemoveFirewallExecutableException("MainService");
UserMessageManager.SaveConfiguration();
CurrentSettings.SaveConfiguration();
if (exitCode == 0)
{
Logger.FinishLog();
}
else
{
Environment.Exit(exitCode);
}
}
/// <summary>
/// Monitor and Block failed RDP session attempts
/// </summary>
public RDPWatcher(RDPGuardSettings settings)
{
_settings = settings;
_eventLogListener = new EventLogListener(EVENTLOG_SOURCE, EVENT_INSTANCE_ID)
{
OnMessage = onEventLogMessage
};
_auditFailureCounter = new OccurrenceCounter <string>(settings.AuditFailureLimit)
{
OnLimitReached = onAuditFailureLimitReached
};
_firewallBlock = new FirewallManager(settings.FirewallSettings ?? new FirewallManagerSettings());
if (settings.IsFreshStart)
{
_firewallBlock.Clear();
}
}
/// <summary>
/// netsh http add urlacl http://*:8888/ user=warden_094850238
/// </summary>
public ushort ReserveLocalPort()
{
string arguments = String.Format("http add urlacl http://*:{0}/ user={1}", port, userName);
if (RunNetsh(arguments))
{
try
{
var firewallManager = new FirewallManager(port, firewallRuleName);
firewallManager.OpenPort();
}
catch (Exception ex)
{
throw new WardenException(String.Format("Error adding firewall rule for port '{0}', user '{1}'", port, userName), ex);
}
}
else
{
throw new WardenException("Error reserving port '{0}' for user '{1}'", port, userName);
}
return port;
}
private void btnRemove_Click(object sender, EventArgs e)
{
FirewallManager manager = new FirewallManager();
manager.DeletePortFromWhiteList(Convert.ToInt32(txbPort.Text), ProtocolEnum.TCP);
}
public override void Puzzle(FirewallManager fwm)
{
}
public void CanExtractRules()
{
FirewallManager sut = new FirewallManager();
Assert.DoesNotThrow(() => sut.SearchFirewallRules());
}
private void btnAddToFirewall_Click(object sender, EventArgs e)
{
FirewallManager manager = new FirewallManager();
manager.AddPortToWhiteList(txbName.Text, Convert.ToInt32(txbPort.Text), ProtocolEnum.TCP);
}
private static void SetLocalServerFireWallOutboundRule(string applicationPath)
{
try // Make sure that we still try and set the firewall rules even if we bomb out trying to get information on the firewall configuration
{
TL.LogMessage("QueryFireWall", string.Format("Firewall version: {0}", FirewallManager.Version.ToString())); // Log the firewall version in use
foreach (IFirewallProfile profile in FirewallManager.Instance.Profiles)
{
TL.LogMessage("QueryFireWall", string.Format("Found current firewall profile {0}, enabled: {1}", profile.Type.ToString(), profile.IsActive));
}
COMTypeResolver cOMTypeResolver = new COMTypeResolver();
IFirewallProductsCollection thirdPartyFirewalls = FirewallManager.GetRegisteredProducts(cOMTypeResolver);
TL.LogMessage("QueryFireWall", string.Format("number of third party firewalls: {0}", thirdPartyFirewalls.Count));
foreach (FirewallProduct firewall in thirdPartyFirewalls)
{
TL.LogMessage("QueryFireWall", $"Found third party firewall: {firewall.Name} - {firewall.FriendlyName}");
//foreach (IFirewallProfile profile in firewall.)
//{
// TL.LogMessage("QueryFireWall", string.Format("Found third party firewall profile {0}, enabled: {1}", profile.Type.ToString(), profile.IsActive));
//}
}
}
catch (Exception ex)
{
TL.LogMessageCrLf("QueryFireWall", "Exception: " + ex.ToString());
}
TL.BlankLine();
try
{
if ((new WindowsPrincipal(WindowsIdentity.GetCurrent())).IsInRole(WindowsBuiltInRole.Administrator)) // Application is being run with Administrator privilege so go ahead and set the firewall rules
{
// Check whether the specified file exists
if (File.Exists(applicationPath)) // The file does exist so process it
{
string applicationPathFull = Path.GetFullPath(applicationPath);
TL.LogMessage("SetFireWallOutboundRule", string.Format("Supplied path: {0}, full path: {1}", applicationPath, applicationPathFull));
// Now clear up previous instances of this rule
IEnumerable <IFirewallRule> query = FirewallManager.Instance.Rules.Where(ruleName => ruleName.Name.ToUpperInvariant().StartsWith(LOCAL_SERVER_OUTBOUND_RULE_NAME.ToUpperInvariant()));
List <IFirewallRule> queryCopy = query.ToList();
foreach (IFirewallRule existingRule in queryCopy)
{
TL.LogMessage("SetFireWallOutboundRule", string.Format("Found rule: {0}", existingRule.Name));
FirewallManager.Instance.Rules.Remove(existingRule); // Delete the rule
TL.LogMessage("SetFireWallOutboundRule", string.Format("Deleted rule: {0}", existingRule.Name));
}
IFirewallRule rule = FirewallManager.Instance.CreateApplicationRule(FirewallManager.Instance.GetProfile(FirewallProfiles.Domain | FirewallProfiles.Private | FirewallProfiles.Public).Type, LOCAL_SERVER_OUTBOUND_RULE_NAME, FirewallAction.Allow, applicationPathFull);
rule.Direction = FirewallDirection.Outbound;
// Add the group name to the outbound rule
if (rule is FirewallWASRule) //Rules.StandardRule)
{
TL.LogMessage("SetHttpSysFireWallRule", "Firewall rule is a standard rule");
((FirewallWASRule)rule).Grouping = GROUP_NAME;
TL.LogMessage("SetHttpSysFireWallRule", $"Group name set to: {GROUP_NAME}");
}
else
{
TL.LogMessage("SetHttpSysFireWallRule", "Firewall rule is not a standard rule");
}
if (rule is FirewallWASRuleWin7)
{
TL.LogMessage("SetHttpSysFireWallRule", "Firewall rule is a WIN7 rule");
((FirewallWASRuleWin7)rule).Grouping = GROUP_NAME;
TL.LogMessage("SetHttpSysFireWallRule", $"Group name set to: {GROUP_NAME}");
}
else
{
TL.LogMessage("SetHttpSysFireWallRule", "Firewall rule is not a WIN7 rule");
}
if (rule is FirewallWASRuleWin8)
{
TL.LogMessage("SetHttpSysFireWallRule", "Firewall rule is a WIN8 rule");
((FirewallWASRuleWin8)rule).Grouping = GROUP_NAME;
TL.LogMessage("SetHttpSysFireWallRule", $"Group name set to: {GROUP_NAME}");
}
else
{
TL.LogMessage("SetHttpSysFireWallRule", "Firewall rule is not a WIN8 rule");
}
TL.LogMessage("SetFireWallOutboundRule", "Successfully created outbound rule");
FirewallManager.Instance.Rules.Add(rule);
TL.LogMessage("SetFireWallOutboundRule", string.Format("Successfully added outbound rule for {0}", applicationPathFull));
}
else
{
TL.LogMessage("SetFireWallOutboundRule", string.Format("The specified file does not exist: {0}", applicationPath));
Console.WriteLine("The specified file does not exist: {0}", applicationPath);
}
}
else
{
TL.LogMessage("SetFireWallOutboundRule", "Not running as Administrator so unable to set firewall rules.");
Console.WriteLine("Not running as Administrator so unable to set firewall rules.");
}
TL.BlankLine();
}
catch (Exception ex)
{
TL.LogMessageCrLf("SetFireWallOutboundRule", "Exception: " + ex.ToString());
Console.WriteLine("SetFireWallOutboundRule threw an exception: " + ex.Message);
}
}
public virtual void Puzzle(FirewallManager fwm)
{
currentState = new PuzzleState(details);
currentState.Puzzle(fwm);
}
private static void SetHttpSysFireWallInboundRule(string portNumberString)
{
try // Make sure that we still try and set the firewall rules even if we bomb out trying to get information on the firewall configuration
{
TL.LogMessage("QueryFireWall", string.Format("Firewall version: {0}", FirewallManager.Version.ToString())); // Log the firewall version in use
foreach (IFirewallProfile profile in FirewallManager.Instance.Profiles)
{
TL.LogMessage("QueryFireWall", string.Format("Found current firewall profile {0}, enabled: {1}", profile.Type.ToString(), profile.IsActive));
}
COMTypeResolver cOMTypeResolver = new COMTypeResolver();
IFirewallProductsCollection thirdPartyFirewalls = FirewallManager.GetRegisteredProducts(cOMTypeResolver);
TL.LogMessage("QueryFireWall", string.Format("number of third party firewalls: {0}", thirdPartyFirewalls.Count));
foreach (FirewallProduct firewall in thirdPartyFirewalls)
{
TL.LogMessage("QueryFireWall", $"Found third party firewall: {firewall.Name} - {firewall.FriendlyName}");
//foreach (IFirewallProfile profile in firewall.Profiles)
//{
// TL.LogMessage("QueryFireWall", string.Format("Found third party firewall profile {0}, enabled: {1}", profile.Type.ToString(), profile.IsActive));
//}
}
}
catch (Exception ex)
{
TL.LogMessageCrLf("QueryFireWall", "Exception: " + ex.ToString());
}
TL.BlankLine();
try
{
if ((new WindowsPrincipal(WindowsIdentity.GetCurrent())).IsInRole(WindowsBuiltInRole.Administrator)) // Application is being run with Administrator privilege so go ahead and set the firewall rules
{
TL.LogMessage("SetHttpSysFireWallRule", $"Supplied HTTP.SYS port: {portNumberString}");
if (ushort.TryParse(portNumberString, out ushort portNumber)) // Make sure the supplied port number is a valid value before processing it
{
// Clear up redundant firewall rules left over from previous versions (ASCOM Remote Server - Inbound and Outbound)
IEnumerable <IFirewallRule> queryRedundant = FirewallManager.Instance.Rules.Where(ruleName => ruleName.Name.ToUpperInvariant().StartsWith(REMOTE_SERVER_RULE_NAME_BASE.ToUpperInvariant()));
List <IFirewallRule> queryRedundantCopy = queryRedundant.ToList();
foreach (IFirewallRule existingRule in queryRedundantCopy)
{
TL.LogMessage("SetHttpSysFireWallRule", string.Format("Found redundant rule: {0}", existingRule.Name));
FirewallManager.Instance.Rules.Remove(existingRule); // Delete the rule
TL.LogMessage("SetHttpSysFireWallRule", string.Format("Deleted redundant rule: {0}", existingRule.Name));
}
// Check whether the specified file exists and if so delete it
IEnumerable <IFirewallRule> query = FirewallManager.Instance.Rules.Where(ruleName => ruleName.Name.ToUpperInvariant().Equals(HTTP_DOT_SYS_INBOUND_RULE_NAME.ToUpperInvariant()));
List <IFirewallRule> queryCopy = query.ToList();
foreach (IFirewallRule existingRule in queryCopy)
{
TL.LogMessage("SetHttpSysFireWallRule", string.Format("Found rule: {0}", existingRule.Name));
FirewallManager.Instance.Rules.Remove(existingRule); // Delete the rule
TL.LogMessage("SetHttpSysFireWallRule", string.Format("Deleted rule: {0}", existingRule.Name));
}
SetHttpRule(FirewallProfiles.Private, portNumber);
SetHttpRule(FirewallProfiles.Public, portNumber);
SetHttpRule(FirewallProfiles.Domain, portNumber);
}
else
{
TL.LogMessage("SetHttpSysFireWallRule", $"Supplied port number {portNumberString} is not valid so can't set permission for HTTP.SYS");
Console.WriteLine($"Supplied port number: \"{portNumberString}\" is not valid so can't set permission for HTTP.SYS");
}
}
else
{
TL.LogMessage("SetHttpSysFireWallRule", "Not running as Administrator so unable to set firewall rules.");
Console.WriteLine("Not running as Administrator so unable to set firewall rules.");
}
TL.BlankLine();
}
catch (Exception ex)
{
TL.LogMessageCrLf("SetHttpSysFireWallRule", "Exception: " + ex.ToString());
Console.WriteLine("SetHttpSysFireWallRule threw an exception: " + ex.Message);
}
}
public virtual void Puzzle(FirewallManager fwm)
{
}