public bool ConfigModbusTcpRules(ModbusTcpRulesForm mtrf, bool log_flag, bool add_delete)
{
// RulesDataProcess.ModbusTcpRulesDataProcess(mtrf);
String dpi_pro = "modbusTcp";
string flag = null; string dpi_rules_from_master_to_slave0 = null;
if (mtrf.getSrc_IP() == "any" & mtrf.getDst_IP() == "any")
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP";
}
else if (mtrf.getSrc_IP() == "any" & mtrf.getDst_IP() != "any")
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP";
}
else if (mtrf.getSrc_IP() != "any" & mtrf.getDst_IP() == "any")
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP";
}
else
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + " DROP";
}
//string dpi_rules_from_master_to_slave1 = "iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT";
string dpi_rules_from_master_to_slave_log = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "LOG" + " " + "--log-prefix " + "\"" + "DROP&modbus&data_illegal " + "\"";
if (add_delete == true)
{
flag = "DPI1";
string frule = devform.getDev_IP() + " " + mtrf.getDst_IP() + " " +
mtrf.getSrc_IP() + " " + mtrf.getMin_addr() + " " + mtrf.getMax_addr() + " " + mtrf.getfunc() + " " + mtrf.getMin_data() + " " + mtrf.getMax_data() + " ACCEPT " + log_flag.ToString();
of.SaveRules(frule, "modbustcp");
}
else if (add_delete == false)
{
flag = "DPI0";
string frule = devform.getDev_IP() + " " + mtrf.getDst_IP() + " " + mtrf.getSrc_IP() + " " + mtrf.getMin_addr() +
" " + mtrf.getMax_addr() + " " + mtrf.getfunc() + " " + mtrf.getMin_data() + " " + mtrf.getMax_data() + " ACCEPT " + log_flag.ToString();
of.DeleteRules(frule, "modbustcp");
}
string rule = flag + dpi_rules_from_master_to_slave_log + " && " + dpi_rules_from_master_to_slave0;
SendInfo sendcmd = new SendInfo(devform);
return(sendcmd.SendConfigInfo(rule));
}
public bool ConfigModbusTcpRules(ModbusTcpRulesForm mtrf, bool log_flag, bool add_delete)
{
// RulesDataProcess.ModbusTcpRulesDataProcess(mtrf);
String dpi_pro = "modbusTcp";
string flag = null; string dpi_rules_from_master_to_slave0 = null; string sql_rule = null;;
if (mtrf.getSrc_IP() == "any" & mtrf.getDst_IP() == "any")
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP";
}
else if (mtrf.getSrc_IP() == "any" & mtrf.getDst_IP() != "any")
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP";
}
else if (mtrf.getSrc_IP() != "any" & mtrf.getDst_IP() == "any")
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "DROP";
}
else
{
dpi_rules_from_master_to_slave0 = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + " DROP";
}
//string dpi_rules_from_master_to_slave1 = "iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT";
string dpi_rules_from_master_to_slave_log = "iptables" + " -A" + " " + "FORWARD" + " " + "-p tcp" + " " + "--dport" + " " + "502" + " " + "-s " + mtrf.getSrc_IP() + " " + "-d" + " " + mtrf.getDst_IP() + " " + "-m" + " " + dpi_pro + " " + "--data-addr" + " " + mtrf.getMin_addr() + ":" + mtrf.getMax_addr() + " " + "--modbus-func " + mtrf.getfunc() + " " + "--modbus-data " + mtrf.getMin_data() + ":" + mtrf.getMax_data() + " -j" + " " + "LOG" + " " + "--log-prefix " + "\"" + "DROP&modbus&data_illegal " + "\"";
if (add_delete == true)
{
flag = "DPI1";
sql_rule = "INSERT INTO modbustcp values " + "('" + devform.getDev_IP() + "','" + mtrf.getDst_IP() + "'" +
",'" + mtrf.getSrc_IP() + "','" + mtrf.getMin_addr() + "','" + mtrf.getMax_addr() + "','" + mtrf.getfunc() + "','" + mtrf.getMin_data() + "','" + mtrf.getMax_data() + "','ACCEPT','" + log_flag + "')";
}
else if (add_delete == false)
{
flag = "DPI0";
sql_rule = "DELETE FROM modbustcp where (dst_IP='" + mtrf.getDst_IP() + "' and src_IP='" + mtrf.getSrc_IP() + "' and min_coiladdr='" + mtrf.getMin_addr() + "'" +
" and max_coiladdr='" + mtrf.getMax_addr() + "' and functioncode='" + mtrf.getfunc() + "' and min_speed='" + mtrf.getMin_data() + "' and max_speed='" + mtrf.getMax_data() + "' and method='ACCEPT' and log='" + log_flag + "')";
}
string rule = flag + dpi_rules_from_master_to_slave_log + " && " + dpi_rules_from_master_to_slave0;
DPIdb_operate.dboperate(sql_rule);
SendInfo sendcmd = new SendInfo(devform);
return(sendcmd.SendConfigInfo(rule));
}