public void Add(FwData fwdata, UInt64 weight = 0, bool permit = false, bool persistent = false)
{
long expiration = fwdata.Expire;
long currtime = DateTime.UtcNow.Ticks;
// Adding filter with expiration time in past
// doesn't really make any sense
if (currtime >= expiration)
{
string tmp = Convert.ToString(expiration);
try
{
DateTime tmpExp = new DateTime(expiration, DateTimeKind.Utc);
tmp = tmpExp.ToLocalTime().ToString();
}
catch (Exception)
{
}
Log.Info("Skipping expired firewall rule (expired on " + tmp + ")");
return;
}
byte[] hash = fwdata.Hash;
FirewallConditions conds = fwdata.Conditions();
// IPv4 filter layer
if (conds.HasIPv4() || (!conds.HasIPv4() && !conds.HasIPv6()))
{
byte[] hash4 = new byte[hash.Length];
hash.CopyTo(hash4, 0);
hash4[hash4.Length - 1] &= 0xfe;
Add(fwdata.ToString(), expiration, hash4, conds, weight, permit, persistent, F2B.Firewall.Instance.AddIPv4);
}
// IPv6 filter layer
if (conds.HasIPv6() || (!conds.HasIPv4() && !conds.HasIPv6()))
{
byte[] hash6 = new byte[hash.Length];
hash.CopyTo(hash6, 0);
hash6[hash6.Length - 1] |= 0x01;
Add(fwdata.ToString(), expiration, hash6, conds, weight, permit, persistent, F2B.Firewall.Instance.AddIPv6);
}
}
