public bool DefaultRouteConfig(string devIP, bool add_del_flag, string Iface, string gateway) { this.devform.setDev_IP(devIP); if (devform.getDev_IP() == "0.0.0.0") { return(false); } string rule = string.Empty; if (add_del_flag) { rule = "PRT1route add default "; string frule = devIP + " default-route " + Iface + " " + gateway; of.SaveRules(frule, "prt"); } else { rule = "PRT0route del default "; string frule = devIP + " default-route " + Iface + " " + gateway; of.DeleteRules(frule, "prt"); } if (Iface != "") { rule = rule + " dev " + Iface; } if (gateway != "") { rule = rule + " gw " + gateway; } SendInfo sendcmd = new SendInfo(devform); return(sendcmd.SendConfigInfo(rule)); }
public bool ConfigSNAT(FWDeviceForm fw_dev, string EthName, string devIP, string EthIP, bool add_delete) { string flag = ""; string configEth_bridge = ""; string configInfo = ""; string configEth_IP = ""; string rule = "iptables -t nat -A POSTROUTING -s " + devIP + " -o br0 -j SNAT --to-source " + fw_dev.getDev_IP(); if (add_delete) { flag = "NAT1"; configEth_bridge = "brctl delif br0 " + EthName;//先将网口从网桥上删除 configEth_IP = "ifconfig " + EthName + " " + EthIP + " netmask 255.255.255.0" + " up"; configInfo = flag + configEth_bridge + " && " + configEth_IP + " && " + rule; string frule = fw_dev.getDev_IP() + " " + devIP + " " + EthName + " " + EthIP + " " + fw_dev.getDev_IP(); of.SaveRules(frule, "snat"); } else if (!add_delete) { flag = "NAT0"; configEth_bridge = "brctl addif br0 " + EthName; configEth_IP = "ifconfig " + EthName + " " + "0.0.0.0 up"; configInfo = flag + configEth_IP + " && " + configEth_bridge + " && " + rule; string frule = fw_dev.getDev_IP() + " " + devIP + " " + EthName + " " + EthIP + " " + fw_dev.getDev_IP(); of.DeleteRules(frule, "snat"); } fw_dev.setDev_port(22222); SendInfo sendcmd = new SendInfo(fw_dev); return(sendcmd.SendConfigInfo(configInfo)); }
public bool ChangeWhiteLists(string dev_IP, string dst_IP, string src_IP, string dst_port, string src_port, bool log_record, bool add_delete) { this.devform.setDev_IP(dev_IP); WhiteLists lists = new WhiteLists(); lists.setIPAndPort(dst_IP, src_IP, dst_port, src_port); string flag = null; string whiteList_from_client_to_server0 = "iptables -A FORWARD -p tcp -s " + lists.getsrc_IP() + " -d " + lists.getdst_IP() + " --sport " + lists.getsrc_port() + " --dport " + lists.getdst_port() + " -j ACCEPT "; // string whiteList_from_client_to_server1 = "iptables -A FORWARD -p tcp -d" + wl.getSrc_IP() + "--sport" + wl.getPort(); if (add_delete) { flag = "WHL1"; string frule = dev_IP + " " + dst_IP + " " + src_IP + " " + dst_port + " " + src_port; of.SaveRules(frule, "whl"); } else { flag = "WHL0"; string frule = dev_IP + " " + dst_IP + " " + src_IP + " " + dst_port + " " + src_port; of.DeleteRules(frule, "whl"); } string changewl = flag + whiteList_from_client_to_server0; //DeviceForm devform = new DeviceForm(dev_IP, 22222); SendInfo sendcmd = new SendInfo(devform); return(sendcmd.SendConfigInfo(changewl)); }
public bool configARPRules(string dev_IP, string gateIP, string gateMAC, bool addDelete) { this.devform.setDev_IP(dev_IP); string arpRules = null; string rule0 = "arptables -A INPUT -i br0 --src-mac ! " + gateMAC + " -j DROP"; string rule1 = "arptables -A INPUT -i br0 --src-ip " + gateIP + " --src-mac ! " + gateMAC + " -j DROP"; string rule2 = "arptables -A OUTPUT --destination-mac ff:ff:ff:ff:ff:ff -j ACCEPT"; FileOperation of = new FileOperation("C:\\CMP\\Config"); if (addDelete) { arpRules = "ARP1" + rule0 + " && " + rule1 + " && " + rule2; string frule = dev_IP + " " + gateIP + " " + gateMAC; of.SaveRules(frule, "arp"); } else if (!addDelete) { arpRules = "ARP0" + rule0 + " && " + rule1 + " && " + rule2; string frule = dev_IP + " " + gateIP + " " + gateMAC; of.DeleteRules(frule, "arp"); } SendInfo send = new SendInfo(devform); return(send.SendConfigInfo(arpRules)); }
public bool ConfigModbusTcpRules(ModbusTcpRulesForm mtrf, bool log_flag, bool add_delete) { // RulesDataProcess.ModbusTcpRulesDataProcess(mtrf); String dpi_pro = "modbusTcp"; string flag = null; string dpi_rules_from_master_to_slave0 = null; if (mtrf.getSrc_IP() == "any" & mtrf.getDst_IP() == "any") { dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP"; } else if (mtrf.getSrc_IP() == "any" & mtrf.getDst_IP() != "any") { dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP"; } else if (mtrf.getSrc_IP() != "any" & mtrf.getDst_IP() == "any") { dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP"; } else { dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + " DROP"; } //string dpi_rules_from_master_to_slave1 = "iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT"; string dpi_rules_from_master_to_slave_log = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "LOG" + " " + "--log-prefix " + "\"" + "DROP&modbus&data_illegal " + "\""; if (add_delete == true) { flag = "DPI1"; string frule = devform.getDev_IP() + " " + mtrf.getDst_IP() + " " + mtrf.getSrc_IP() + " " + mtrf.getMin_addr() + " " + mtrf.getMax_addr() + " " + mtrf.getfunc() + " " + mtrf.getMin_data() + " " + mtrf.getMax_data() + " ACCEPT " + log_flag.ToString(); of.SaveRules(frule, "modbustcp"); } else if (add_delete == false) { flag = "DPI0"; string frule = devform.getDev_IP() + " " + mtrf.getDst_IP() + " " + mtrf.getSrc_IP() + " " + mtrf.getMin_addr() + " " + mtrf.getMax_addr() + " " + mtrf.getfunc() + " " + mtrf.getMin_data() + " " + mtrf.getMax_data() + " ACCEPT " + log_flag.ToString(); of.DeleteRules(frule, "modbustcp"); } string rule = flag + dpi_rules_from_master_to_slave_log + " && " + dpi_rules_from_master_to_slave0; SendInfo sendcmd = new SendInfo(devform); return(sendcmd.SendConfigInfo(rule)); }
static void Main(string[] args) { string str = "C:\\CMP\\Config"; FileOperation op = new FileOperation(str); //op.SearchRules("modbustcp.config"); //string rules = "DPI test Rule"; op.SaveRules("3333", "modbustcp.config"); // IDevicesCheck devConfirm = new DevicesCheck(); // List<FWDeviceForm> fws = devConfirm.CheckDevices("172.16.10.9", "172.16.10.10"); // Console.WriteLine("打印扫描结果 :"); // IReceiveLog log = new ReceiveLog(); // log.Save_DisplayLog(true); // foreach (FWDeviceForm fw in fws) // { // string fwip = fw.getDev_IP(); // string fwmac = fw.getDev_MAC(); // List<ProtecDeviceForm> protecDev_list = fw.getProtecDev_list(); // Console.WriteLine("防火墙设备IP : {0} 防火墙设备MAC : {1}", fwip, fwmac); // Console.WriteLine("关联的受保护设备 :"); // if (fwip != "0.0.0.0") // { // foreach (var item in protecDev_list) // { // string dev_type = item.getDev_type(); // Console.WriteLine("IP {0} MAC {1} 设备制造商 {2}", item.getDev_IP(), item.getDev_MAC(), dev_type); // } // } // else Console.WriteLine("防火墙为无IP模式"); // } // //IARPProtect tes = new ARPProtect(); // //tes.configARPRules("172.16.10.9", "172.16.10.254", "08:57:00:e5:87:a7", true); #if debug Console.ReadLine(); #endif }
public bool AddCNCRules(string devIP, bool log_flag, int connlimit, string srcIP, string dstIP, string sport, string dport) { this.devform.setDev_IP(devIP); if (devform.getDev_IP() == "0.0.0.0") { return(false); } string rule1 = "iptables -A FORWARD -p tcp --syn"; if (srcIP != "") { rule1 = rule1 + " -s " + srcIP; } if (sport != "") { rule1 = rule1 + " --sport " + sport; } if (dstIP != "") { rule1 = rule1 + " -d " + dstIP; } if (dport != "") { rule1 = rule1 + " --dport " + dport; } rule1 = rule1 + " -m connlimit --connlimit-above " + Convert.ToString(connlimit); string rule = "CNC1" + rule1 + " -j DROP"; if (log_flag) { rule = rule + " && " + rule1 + " -j LOG"; } string frule = devIP + " " + log_flag.ToString() + " " + connlimit + " " + srcIP + " " + dstIP + " " + sport + " " + dport; fo.SaveRules(frule, "cnc"); SendInfo sendcmd = new SendInfo(devform); return(sendcmd.SendConfigInfo(rule)); }
public bool AddSTDRules(string devIP, bool log_flag, string protocol, string srcIP, string dstIP, string sport, string dport) { this.devform.setDev_IP(devIP); if (devform.getDev_IP() == "0.0.0.0") { return(false); } string rule1 = "iptables -A FORWARD -p " + protocol; if (srcIP != "") { rule1 = rule1 + " -s " + srcIP; } if (sport != "") { rule1 = rule1 + " --sport " + sport; } if (dstIP != "") { rule1 = rule1 + " -d " + dstIP; } if (dport != "") { rule1 = rule1 + " --dport " + dport; } string rule = "STD1" + rule1 + " -m state --state NEW -j ACCEPT"; if (log_flag) { rule = rule + " && " + rule1 + " -m state --state NEW -j LOG"; } string frule = devIP + " " + protocol + " " + srcIP + " " + dstIP + " " + sport + " " + dport + " " + log_flag.ToString(); of.SaveRules(frule, "std"); SendInfo sendcmd = new SendInfo(devform); return(sendcmd.SendConfigInfo(rule)); }