예제 #1
0
        internal IPsecSecurityAssociation(IPSEC_SA_DETAILS1 details, Func <FWPM_FILTER0, FirewallFilter> get_filter)
        {
            Direction     = details.saDirection;
            LocalEndpoint = FirewallUtils.GetEndpoint(details.traffic.ipVersion,
                                                      details.traffic.localAddrV4, details.traffic.localAddrV6, details.traffic.localPort);
            RemoteEndpoint = FirewallUtils.GetEndpoint(details.traffic.ipVersion,
                                                       details.traffic.remoteAddrV4, details.traffic.remoteAddrV6, details.traffic.remotePort);
            IpProtocol      = (ProtocolType)details.traffic.ipProtocol;
            LocalIfLuid     = details.traffic.localIfLuid;
            RealIfProfileId = details.traffic.realIfProfileId;
            TrafficType     = details.traffic.trafficType;
            TrafficTypeId   = details.traffic.trafficTypeId;
            if (details.transportFilter != IntPtr.Zero)
            {
                TransportFilter = get_filter(details.transportFilter.ReadStruct <FWPM_FILTER0>());
            }
            Bundle = new IPsecSecurityAssociationBundle(details.saBundle);
            var virt_if = details.virtualIfTunnelInfo.ReadStruct <IPSEC_VIRTUAL_IF_TUNNEL_INFO0>();

            VirtualIfTunnelId = virt_if.virtualIfTunnelId;
            TrafficSelectorId = virt_if.trafficSelectorId;
            if (details.ipVersion == FirewallIpVersion.V4)
            {
                var udp_enc = details.udpEncapsulation.ReadStruct <IPSEC_V4_UDP_ENCAPSULATION0>();
                LocalUdpEncapPort  = udp_enc.localUdpEncapPort;
                RemoteUdpEncapPort = udp_enc.remoteUdpEncapPort;
            }
        }
예제 #2
0
 internal FirewallAleEndpoint(FWPS_ALE_ENDPOINT_PROPERTIES0 ep)
 {
     EndpointId           = ep.endpointId;
     LocalEndpoint        = FirewallUtils.GetEndpoint(ep.ipVersion, ep.localAddress, ep.localPort);
     RemoteEndpoint       = FirewallUtils.GetEndpoint(ep.ipVersion, ep.remoteAddress, ep.remotePort);
     IpProtocol           = (ProtocolType)ep.ipProtocol;
     LocalTokenModifiedId = new Luid(ep.localTokenModifiedId);
     MmSaId      = ep.mmSaId;
     QmSaId      = ep.qmSaId;
     IPsecStatus = ep.ipsecStatus;
     Flags       = ep.flags;
     AppId       = Encoding.Unicode.GetString(ep.appId.ToArray()).TrimEnd('\0');
 }
예제 #3
0
        private protected FirewallNetEvent(IFwNetEvent net_event)
        {
            Type = net_event.Type;
            var header = net_event.Header;

            Flags          = header.flags;
            Timestamp      = new LargeInteger(header.timeStamp.ToInt64()).ToDateTime();
            IPProtocol     = (ProtocolType)header.ipProtocol;
            LocalEndpoint  = FirewallUtils.GetEndpoint(header.ipVersion, header.localAddrV4, header.localAddrV6, header.localPort);
            RemoteEndpoint = FirewallUtils.GetEndpoint(header.ipVersion, header.remoteAddrV4, header.remoteAddrV6, header.remotePort);
            ScopeId        = header.scopeId;
            AppId          = Encoding.Unicode.GetString(header.appId.ToArray()).TrimEnd('\0');
            UserId         = Sid.Parse(header.userId, false).GetResultOrDefault();
            AddressFamily  = header.addressFamily;
            PackageSid     = Sid.Parse(header.packageSid, false).GetResultOrDefault();
        }