public void SyncChainRules(INetfilterAdapterClient client, IEnumerable <INetfilterRule> with, IEnumerable <INetfilterRule> currentRules)
{
var withCast = with.Cast <T>();
var currentRulesCast = currentRules.Cast <T>();
SyncChainRules(client, withCast, currentRulesCast);
}
public void AddRule(INetfilterAdapterClient client)
{
if (Chain == null)
{
throw new IpTablesNetException("Unknown Chain");
}
client.AddRule(this);
}
public void SyncChainRules(INetfilterAdapterClient client, IEnumerable <T> with, INetfilterChain <T> chain)
{
//Copy the rules
var currentRules = new List <T>(chain.Rules);
int i = 0, len = with.Count();
bool shouldUpdate = currentRules.Count == len;
foreach (T cR in currentRules)
{
//Delete any extra rules
if (i == len)
{
if (_shouldDelete(cR))
{
cR.DeleteRule(client);
}
continue;
}
//Get the rule for comparison
T withRule = with.ElementAt(i);
bool eq = _comparer.Equals(cR, withRule);
if (eq)
{
//No need to make any changes
i++;
continue;
}
//Debug:
if (_ruleComparerForUpdate(cR, withRule) || shouldUpdate)
{
//Replace this rule
cR.ReplaceRule(client, withRule);
i++;
}
else
{
// Don't delete if this is non deletable
if (_shouldDelete(cR))
{
cR.DeleteRule(client);
}
}
}
//Get rules to be added
foreach (T rR in with.Skip(i))
{
var newRule = rR.ShallowClone();
newRule.Chain = chain;
newRule.AddRule(client);
}
}
public void Sync(INetfilterAdapterClient client, IEnumerable <IpTablesRule> with,
INetfilterSync <IpTablesRule> sync)
{
client.StartTransaction();
SyncInternal(client, with, sync);
client.EndTransactionCommit();
}
public void ReplaceRule(INetfilterAdapterClient client, INetfilterRule with)
{
var withCast = with as IpTablesRule;
if (withCast == null)
{
throw new IpTablesNetException("Comparing different Netfilter rule types, unsupported");
}
ReplaceRule(client, withCast);
}
public INetfilterChain GetChain(INetfilterAdapterClient client, string table, string chain)
{
INetfilterChainSet tableRules = GetRules(client, table);
if (tableRules == null)
{
throw new IpTablesNetException("Unable to get a chainset for table: " + table);
}
return(tableRules.GetChainOrDefault(chain, table));
}
public void ReplaceRule(INetfilterAdapterClient client, IpTablesRule withRule)
{
if (Chain == null)
{
throw new IpTablesNetException("Unknown Chain");
}
int idx = Chain.Rules.IndexOf(this);
client.ReplaceRule(withRule);
Chain.Rules[idx] = withRule;
}
public void TestSync <TSync>(INetfilterAdapterClient client, IpTablesRuleSet rulesOriginal, IpTablesRuleSet rulesNew, TSync sync, List <string> expectedCommands = null) where TSync : INetfilterSync <IpTablesRule>
{
IpTablesChain chain = rulesOriginal.Chains.First();
chain.Sync(client, rulesNew.Chains.First().Rules, sync);
if (expectedCommands != null)
{
CollectionAssert.AreEqual(expectedCommands, ExecutionLog.Select(a => a.Value).ToList());
}
}
public NetfilterSystem(ISystemFactory system, INetfilterAdapter tableAdapter, IpSetBinaryAdapter setAdapter = null)
{
_system = system;
_tableAdapter4 = tableAdapter == null ? null : tableAdapter.GetClient(this, 4);
_tableAdapter6 = tableAdapter == null ? null : tableAdapter.GetClient(this, 6);
if (setAdapter == null)
{
setAdapter = new IpSetBinaryAdapter(system);
}
_setAdapter = setAdapter;
}
public void TestSync(INetfilterAdapterClient client, IpTablesRuleSet rulesOriginal, IpTablesRuleSet rulesNew, Func<IpTablesRule, IpTablesRule, bool> commentComparer = null)
{
IpTablesChain chain = rulesOriginal.Chains.First();
DefaultNetfilterSync<IpTablesRule> sync = new DefaultNetfilterSync<IpTablesRule>(commentComparer,null);
if (commentComparer == null)
chain.Sync(client, rulesNew.Chains.First().Rules, sync);
else
chain.Sync(client, rulesNew.Chains.First().Rules, sync);
}
public void TestSync(INetfilterAdapterClient client, IpTablesRuleSet rulesOriginal, IpTablesRuleSet rulesNew, Func <IpTablesRule, IpTablesRule, bool> commentComparer = null)
{
IpTablesChain chain = rulesOriginal.Chains.First();
DefaultNetfilterSync <IpTablesRule> sync = new DefaultNetfilterSync <IpTablesRule>(commentComparer, null);
if (commentComparer == null)
{
chain.Sync(client, rulesNew.Chains.First().Rules, sync);
}
else
{
chain.Sync(client, rulesNew.Chains.First().Rules, sync);
}
}
public void DeleteRule(INetfilterAdapterClient client, bool usingPosition = true)
{
if (Chain == null)
{
throw new IpTablesNetException("Unknown Chain");
}
if (usingPosition)
{
var position = Chain.GetRulePosition(this);
client.DeleteRule(Chain.Table, Chain.Name, position);
}
else
{
client.DeleteRule(this);
}
Chain.Rules.Remove(this);
}
public IpTablesChain AddChain(INetfilterAdapterClient client, IpTablesChain chain, bool addRules = false)
{
client.AddChain(chain.Table, chain.Name);
if (addRules)
{
foreach (IpTablesRule r in chain.Rules)
{
r.AddRule();
}
}
else
{
chain = new IpTablesChain(chain.Table, chain.Name, chain.IpVersion, chain.System);
}
return(chain);
}
public void SyncChainRules(INetfilterAdapterClient client, IEnumerable <T> with, IEnumerable <T> currentRules)
{
//Copy the rules
currentRules = new List <T>(currentRules.ToArray());
int i = 0, len = with.Count();
foreach (T cR in currentRules)
{
//Delete any extra rules
if (i == len)
{
if (_shouldDelete(cR))
{
cR.DeleteRule(client);
}
continue;
}
//Get the rule for comparison
T withRule = with.ElementAt(i);
bool eq;
if (_debug)
{
eq = cR.DebugEquals(withRule, true);
}
else
{
eq = cR.Equals(withRule);
}
if (eq)
{
//No need to make any changes
i++;
}
else
{
//Debug:
if (_ruleComparerForUpdate(cR, withRule))
{
//Replace this rule
cR.ReplaceRule(client, withRule);
i++;
}
else
{
if (_shouldDelete(cR))
{
cR.DeleteRule(client);
}
}
}
}
//Get rules to be added
foreach (T rR in with.Skip(i))
{
rR.AddRule(client);
}
}
public void DeleteRule(INetfilterAdapterClient client, bool usingPosition = true)
{
throw new NotImplementedException();
}
public void DeleteChain(INetfilterAdapterClient client, string name, string table = "filter", int ipVersion = 4, bool flush = false)
{
client.DeleteChain(table, name, flush);
}
public void TestSync(INetfilterAdapterClient client, IpTablesRuleSet rulesOriginal, IpTablesRuleSet rulesNew, List <string> expectedCommands, Func <IpTablesRule, IpTablesRule, bool> commentComparer = null)
{
TestSync(client, rulesOriginal, rulesNew, commentComparer);
CollectionAssert.AreEqual(expectedCommands, ExecutionLog.Select(a => a.Value).ToList());
}
internal void SyncInternal(INetfilterAdapterClient client, IEnumerable <IpTablesRule> with, INetfilterSync <IpTablesRule> sync)
{
sync.SyncChainRules(client, with, this);
}
public IpTablesChain AddChain(INetfilterAdapterClient client, String name, String table = "filter", int ipVersion = 4)
{
client.AddChain(table, name);
return(new IpTablesChain(table, name, ipVersion, this, new List <IpTablesRule>()));
}
public void AddRule(INetfilterAdapterClient client)
{
throw new NotImplementedException();
}
public void ReplaceRule(INetfilterAdapterClient client, INetfilterRule with)
{
throw new NotImplementedException();
}
public INetfilterChainSet GetRules(INetfilterAdapterClient client, string table)
{
return(client.ListRules(table));
}
public IEnumerable <INetfilterChain> GetChains(INetfilterAdapterClient client, string table)
{
return(GetRules(client, table).Chains);
}
public INetfilterChainSet GetRules(INetfilterAdapterClient client, string table)
{
return client.ListRules(table);
}
public IpTablesChain AddChain(INetfilterAdapterClient client, IpTablesChain chain, bool addRules = false)
{
client.AddChain(chain.Table, chain.Name);
if (addRules)
{
foreach (IpTablesRule r in chain.Rules)
{
r.AddRule();
}
}
else
{
chain = new IpTablesChain(chain.Table,chain.Name, chain.IpVersion, chain.System);
}
return chain;
}
public IpTablesChain AddChain(INetfilterAdapterClient client, String name, String table = "filter", int ipVersion = 4)
{
client.AddChain(table, name);
return new IpTablesChain(table, name, ipVersion, this, new List<IpTablesRule>());
}
public void AddRule(INetfilterAdapterClient client)
{
throw new NotImplementedException();
}
public new IEnumerable <IpTablesChain> GetChains(INetfilterAdapterClient client, String table, int ipVersion)
{
return(base.GetChains(client, table).Cast <IpTablesChain>());
}
public void ReplaceRule(INetfilterAdapterClient client, INetfilterRule with)
{
throw new NotImplementedException();
}
public List <String> GetChainNames(INetfilterAdapterClient client, String table, int ipVersion)
{
var adapter = client as IIPTablesAdapterClient;
return(adapter.GetChains(table));
}
public void Delete(INetfilterAdapterClient client, bool flush = false)
{
_system.DeleteChain(client, _name, _table, _ipVersion, flush);
}
public new IEnumerable<IpTablesChain> GetChains(INetfilterAdapterClient client, String table, int ipVersion)
{
return base.GetChains(client, table).Cast<IpTablesChain>();
}
public void DeleteChain(INetfilterAdapterClient client, string name, string table = "filter", int ipVersion = 4, bool flush = false)
{
client.DeleteChain(table, name, flush);
}
public List<String> GetChainNames(INetfilterAdapterClient client, String table, int ipVersion)
{
var adapter = client as IIPTablesAdapterClient;
return adapter.GetChains(table);
}
public IEnumerable<INetfilterRule> GetRules(INetfilterAdapterClient client, string table, string chain)
{
return GetChain(client, table, chain).Rules;
}
public void TestSync(INetfilterAdapterClient client, IpTablesRuleSet rulesOriginal, IpTablesRuleSet rulesNew, List<string> expectedCommands, Func<IpTablesRule, IpTablesRule, bool> commentComparer = null)
{
TestSync(client, rulesOriginal, rulesNew, commentComparer);
CollectionAssert.AreEqual(expectedCommands, ExecutionLog.Select(a => a.Value).ToList());
}
public IEnumerable <INetfilterRule> GetRules(INetfilterAdapterClient client, string table, string chain)
{
return(GetChain(client, table, chain).Rules);
}
public IEnumerable<INetfilterChain> GetChains(INetfilterAdapterClient client, string table)
{
return GetRules(client, table).Chains;
}
public INetfilterChain GetChain(INetfilterAdapterClient client, string table, string chain)
{
INetfilterChainSet tableRules = GetRules(client, table);
if (tableRules == null)
{
throw new IpTablesNetException("Unable to get a chainset for table: "+table);
}
return tableRules.GetChainOrDefault(chain, table);
}
public void DeleteRule(INetfilterAdapterClient client, bool usingPosition = true)
{
throw new NotImplementedException();
}
