/// <summary>
/// Initializes <see cref="_rule"/> from existing windows firewall rule or generating new one if not found. also populates <see cref="_rules"/> with managed rules.
/// </summary>
private void initManagedRule()
{
for (int _ruleCount = 0; _ruleCount < _settings.MaxRulesCount; ++_ruleCount)
{
if (_ruleCount + 1 == _settings.MaxRulesCount)
{
throw new Exception($"Max rules reached. ({_settings.MaxRulesCount})");
}
// a counter is appended to the rule name to support more than 1000 records and be able to manage all of them
var ruleName = $"{_settings.RuleName}_{_ruleCount}";
var ruleObj = FirewallHelper.Find(ruleName);
if (ruleObj == null)
{
// we assume there is no manual modifications on our firewall rules and it is managed only by this application
generateRule(_ruleCount);
break;
}
var rule = new FirewallRule(ruleObj, _settings.IsApplyToRemoteAddresses, _settings.IsApplyToLocalAddresses);
_rules.Add(rule);
if (rule.IsAddressCountLimitReached)
{
// generate new rule or find other existing rule where limit is not reached
continue;
}
// record limit is not reached on this rule
_rule = rule;
break;
}
}
private void clear()
{
// iterate through all possible rules and remove them from windows firewall
for (int _ruleCount = 0; _ruleCount < _settings.MaxRulesCount; ++_ruleCount)
{
FirewallHelper.Remove($"{_settings.RuleName}_{_ruleCount}");
}
// clear the internal list
_rules.Clear();
_rule = null;
initManagedRule();
}
/// <summary>
/// initiazlies <see cref="_rule"/> with a newly generated rule based on <paramref name="count"/> and adds it to <see cref="_rules"/>
/// </summary>
/// <param name="count"></param>
private void generateRule(int count)
{
// unique rule based on the current count
var ruleName = $"{_settings.RuleName}_{count}";
// set the rule properties based on the provided settings
var rule = FirewallHelper.Generate();
rule.Name = ruleName;
rule.Enabled = true; // we assume the rule should be enabled by default
rule.InterfaceTypes = _settings.InterfaceTypes;
rule.Action = _settings.Action;
rule.Direction = _settings.Direction;
rule.Protocol = (int)_settings.Protocol;
if (!string.IsNullOrWhiteSpace(_settings.RuleDescription))
{
rule.Description = _settings.RuleDescription;
}
if (!string.IsNullOrWhiteSpace(_settings.ApplicationName))
{
rule.ApplicationName = _settings.ApplicationName;
}
if (!string.IsNullOrWhiteSpace(_settings.ServiceName))
{
rule.serviceName = _settings.ServiceName;
}
if (!string.IsNullOrWhiteSpace(_settings.IcmpTypesAndCodes))
{
rule.IcmpTypesAndCodes = _settings.IcmpTypesAndCodes;
}
if (!string.IsNullOrWhiteSpace(_settings.Grouping))
{
rule.Grouping = _settings.Grouping;
}
if (_settings.EdgeTraversal != null)
{
rule.EdgeTraversal = (bool)_settings.EdgeTraversal;
}
if (_settings.Interfaces != null)
{
rule.Interfaces = _settings.Interfaces;
}
if (_settings.IsApplyToRemoteAddresses)
{
// we do not want to apply to any address at first
rule.RemoteAddresses = "255.255.255.255-255.255.255.255";
}
if (_settings.IsApplyToLocalAddresses)
{
// we do not want to apply to any address at first
rule.LocalAddresses = "255.255.255.255-255.255.255.255";
}
// specific remote ports can be set only if the protocol is specifically TCP or UDP
if (_settings.Protocol != NetFwIPProtocols.Any &&
(!string.IsNullOrWhiteSpace(_settings.RemotePorts) || !string.IsNullOrWhiteSpace(_settings.LocalPorts)))
{
rule.RemotePorts = _settings.RemotePorts;
rule.LocalPorts = _settings.LocalPorts;
}
// add rule to windows firewall
FirewallHelper.Add(rule);
// add the rule to our internal managed list
_rules.Add(new FirewallRule(rule, _settings.IsApplyToRemoteAddresses, _settings.IsApplyToLocalAddresses));
}
