public override Task <bool> AllowIPAddresses(string ruleNamePrefix, IEnumerable <IPAddressRange> ipAddresses, IEnumerable <PortRange> allowedPorts = null, CancellationToken cancelToken = default) { var allowedIPList = ipAddresses.Select(i => IPAddressRange.Parse(i)).ToList(); var allowedPortList = allowedPorts?.ToList(); lock (this) { allowRuleRanges[ruleNamePrefix] = new MemoryFirewallRuleRanges(allowedIPList, allowedPortList, false); } return(Task.FromResult <bool>(true)); }
public static bool TryParse(string ipRangeString, out IPAddressRange ipRange) { try { ipRange = IPAddressRange.Parse(ipRangeString); return(true); } catch (Exception) { ipRange = null; return(false); } }
private static bool IpAddressIsInRange(string ipAddress, string ipRange) { try { IPAddressRange range = IPAddressRange.Parse(ipRange); return(range.Contains(IPAddress.Parse(ipAddress))); /* * string[] parts = ipRange.Split('/'); * int IP_addr = BitConverter.ToInt32(IPAddress.Parse(parts[0]).GetAddressBytes(), 0); * int CIDR_addr = BitConverter.ToInt32(IPAddress.Parse(ipAddress).GetAddressBytes(), 0); * int CIDR_mask = IPAddress.HostToNetworkOrder(-1 << (32 - int.Parse(parts[1]))); * return ((IP_addr & CIDR_mask) == (CIDR_addr & CIDR_mask)); */ } catch { return(false); } }
private void ParseFirewallBlockRules() { string firewallBlockRuleString = null; GetConfig <string>("FirewallRules", ref firewallBlockRuleString); firewallBlockRuleString = (firewallBlockRuleString ?? string.Empty).Trim(); if (firewallBlockRuleString.Length == 0) { return; } IEnumerable <string> firewallBlockRuleList = firewallBlockRuleString.Trim().Split('\n').Select(s => s.Trim()).Where(s => s.Length != 0); foreach (string firewallBlockRule in firewallBlockRuleList) { string[] pieces = firewallBlockRule.Split(';'); if (pieces.Length == 5) { IPBanFirewallRule firewallBlockRuleObj = new IPBanFirewallRule { Block = (pieces[1].Equals("block", StringComparison.OrdinalIgnoreCase)), IPAddressRanges = pieces[2].Split(',').Select(p => IPAddressRange.Parse(p)).ToList(), Name = "EXTRA_" + pieces[0].Trim(), AllowPortRanges = pieces[3].Split(',').Select(p => PortRange.Parse(p)).Where(p => p.MinPort >= 0).ToList(), PlatformRegex = new Regex(pieces[4].Replace('*', '.'), RegexOptions.IgnoreCase | RegexOptions.CultureInvariant) }; if (firewallBlockRuleObj.PlatformRegex.IsMatch(OSUtility.Name)) { extraRules.Add(firewallBlockRuleObj); } } else { Logger.Warn("Firewall block rule entry should have 3 comma separated pieces: name;ips;ports. Invalid entry: {0}", firewallBlockRule); } } }
public bool IsIPAddressBlocked(string ipAddress, out string ruleName, int port = -1) { ruleName = null; try { lock (policy) { for (int i = 0; ; i += MaxIpAddressesPerRule) { string firewallRuleName = BlockRulePrefix + i.ToString(CultureInfo.InvariantCulture); try { INetFwRule rule = policy.Rules.Item(firewallRuleName); if (rule is null) { // no more rules to check break; } else { HashSet <string> set = new HashSet <string>(rule.RemoteAddresses.Split(',').Select(i2 => IPAddressRange.Parse(i2).Begin.ToString())); if (set.Contains(ipAddress)) { ruleName = firewallRuleName; return(true); } } } catch { // no more rules to check break; } } } } catch (Exception ex) { Logger.Error(ex); } return(false); }