/// <summary> /// Delete a rule from the tracked objects. /// </summary> /// <param name="networkRule"></param> /// <exception cref="Exception"></exception> public void DeleteRule(NetworkRule networkRule) { // Build standard process options. var processOptions = NetworkBuilder.BuildProcessOptions("iptables"); // Get local interface information var interfaceInformation = GetDefaultInterface(); // Determine how to handle the rule. switch (networkRule.Type) { // MASQUERADE case NetworkRuleType.Masquerade: processOptions.Arguments = ("-D " + NetworkBuilder.BuildTemplate(NetworkRuleTemplates.MASQUERADE, networkRule, interfaceInformation)).Split(" "); break; // SNAT case NetworkRuleType.SourceNetworkAddressTranslation: processOptions.Arguments = ("-D " + NetworkBuilder.BuildTemplate(NetworkRuleTemplates.SNAT, networkRule, interfaceInformation)).Split(" "); break; // Unhandled Exception default: _logger.LogError("Firewall environment was provided undefined rule type."); throw FirewallExceptions.UnhandledNetworkRuleException(); } //TODO: Ask paul for help here. Not sure what we should do. _processRunner.Run(processOptions, null); // Forget the rule. _rules.Remove(networkRule); }
/// <summary> /// Add a rule to track. /// </summary> /// <param name="networkRule"></param> /// <exception cref="Exception"></exception> public void AddRule(NetworkRule networkRule) { // Build standard process options. var commandOptions = NetworkBuilder.BuildProcessOptions("iptables"); // Get local interface information var interfaceInformation = GetDefaultInterface(); // Determine how to handle the rule. switch (networkRule.Type) { // MASQUERADE case NetworkRuleType.Masquerade: // Assign the argument. commandOptions.Arguments = ("-A " + NetworkBuilder.BuildTemplate( NetworkRuleTemplates.MASQUERADE, networkRule, interfaceInformation ) ) // Convert to string array. .Split(" "); // Tell the console _logger.LogInformation("Created MASQUERADE rule for {0}", networkRule.Network); break; // SNAT case NetworkRuleType.SourceNetworkAddressTranslation: // Assign the argument commandOptions.Arguments = ("-A " + NetworkBuilder.BuildTemplate( NetworkRuleTemplates.SNAT, networkRule, interfaceInformation ) ) // Convert to string array. .Split(" "); // Tell the console. _logger.LogInformation("Created SNAT rule for {0}", networkRule.Network); break; // Unhandled Exception default: _logger.LogError("Firewall environment was provided undefined rule type."); throw FirewallExceptions.UnhandledNetworkRuleException(); } // Run the process. _processRunner.Run(commandOptions); // Track the rule. _rules.Add(networkRule); }