/// <summary> /// Initializes <see cref="_rule"/> from existing windows firewall rule or generating new one if not found. also populates <see cref="_rules"/> with managed rules. /// </summary> private void initManagedRule() { for (int _ruleCount = 0; _ruleCount < _settings.MaxRulesCount; ++_ruleCount) { if (_ruleCount + 1 == _settings.MaxRulesCount) { throw new Exception($"Max rules reached. ({_settings.MaxRulesCount})"); } // a counter is appended to the rule name to support more than 1000 records and be able to manage all of them var ruleName = $"{_settings.RuleName}_{_ruleCount}"; var ruleObj = FirewallHelper.Find(ruleName); if (ruleObj == null) { // we assume there is no manual modifications on our firewall rules and it is managed only by this application generateRule(_ruleCount); break; } var rule = new FirewallRule(ruleObj, _settings.IsApplyToRemoteAddresses, _settings.IsApplyToLocalAddresses); _rules.Add(rule); if (rule.IsAddressCountLimitReached) { // generate new rule or find other existing rule where limit is not reached continue; } // record limit is not reached on this rule _rule = rule; break; } }
private void clear() { // iterate through all possible rules and remove them from windows firewall for (int _ruleCount = 0; _ruleCount < _settings.MaxRulesCount; ++_ruleCount) { FirewallHelper.Remove($"{_settings.RuleName}_{_ruleCount}"); } // clear the internal list _rules.Clear(); _rule = null; initManagedRule(); }
/// <summary> /// initiazlies <see cref="_rule"/> with a newly generated rule based on <paramref name="count"/> and adds it to <see cref="_rules"/> /// </summary> /// <param name="count"></param> private void generateRule(int count) { // unique rule based on the current count var ruleName = $"{_settings.RuleName}_{count}"; // set the rule properties based on the provided settings var rule = FirewallHelper.Generate(); rule.Name = ruleName; rule.Enabled = true; // we assume the rule should be enabled by default rule.InterfaceTypes = _settings.InterfaceTypes; rule.Action = _settings.Action; rule.Direction = _settings.Direction; rule.Protocol = (int)_settings.Protocol; if (!string.IsNullOrWhiteSpace(_settings.RuleDescription)) { rule.Description = _settings.RuleDescription; } if (!string.IsNullOrWhiteSpace(_settings.ApplicationName)) { rule.ApplicationName = _settings.ApplicationName; } if (!string.IsNullOrWhiteSpace(_settings.ServiceName)) { rule.serviceName = _settings.ServiceName; } if (!string.IsNullOrWhiteSpace(_settings.IcmpTypesAndCodes)) { rule.IcmpTypesAndCodes = _settings.IcmpTypesAndCodes; } if (!string.IsNullOrWhiteSpace(_settings.Grouping)) { rule.Grouping = _settings.Grouping; } if (_settings.EdgeTraversal != null) { rule.EdgeTraversal = (bool)_settings.EdgeTraversal; } if (_settings.Interfaces != null) { rule.Interfaces = _settings.Interfaces; } if (_settings.IsApplyToRemoteAddresses) { // we do not want to apply to any address at first rule.RemoteAddresses = "255.255.255.255-255.255.255.255"; } if (_settings.IsApplyToLocalAddresses) { // we do not want to apply to any address at first rule.LocalAddresses = "255.255.255.255-255.255.255.255"; } // specific remote ports can be set only if the protocol is specifically TCP or UDP if (_settings.Protocol != NetFwIPProtocols.Any && (!string.IsNullOrWhiteSpace(_settings.RemotePorts) || !string.IsNullOrWhiteSpace(_settings.LocalPorts))) { rule.RemotePorts = _settings.RemotePorts; rule.LocalPorts = _settings.LocalPorts; } // add rule to windows firewall FirewallHelper.Add(rule); // add the rule to our internal managed list _rules.Add(new FirewallRule(rule, _settings.IsApplyToRemoteAddresses, _settings.IsApplyToLocalAddresses)); }