// ReSharper disable once TooManyDeclarations
        public void CreateDirectICMPRule()
        {
            var ruleName = RulesPrefix + Guid.NewGuid().ToString("N");
            var rule     = new FirewallWASRule(
                ruleName,
                FirewallAction.Allow,
                FirewallDirection.Inbound,
                FirewallProfiles.Domain
                )
            {
                Protocol        = FirewallProtocol.ICMPv4,
                RemoteAddresses = new IAddress[] { SingleIP.Parse("192.168.0.1") }
            };

            _firewall.Rules.Add(rule);

            var checkRule = _firewall.Rules.FirstOrDefault(firewallRule => firewallRule.Name == ruleName);

            Assert.IsNotNull(checkRule);
            Assert.AreEqual(checkRule.Protocol, FirewallProtocol.ICMPv4);
            Assert.AreEqual(checkRule.Profiles, FirewallProfiles.Domain);

            _firewall.Rules.Remove(rule);

            checkRule = _firewall.Rules.FirstOrDefault(firewallRule => firewallRule.Name == ruleName);
            Assert.IsNull(checkRule);
        }
        // ReSharper disable once TooManyDeclarations
        public void CreateDirectIPv6Rule()
        {
            var ruleName      = RulesPrefix + Guid.NewGuid().ToString("N");
            var remoteAddress = SingleIP.Parse("2607:fea8:4260:31a::9");
            var rule          = new FirewallWASRule(
                ruleName,
                FirewallAction.Block,
                FirewallDirection.Outbound,
                FirewallProfiles.Public
                )
            {
                Protocol        = FirewallProtocol.Any,
                RemoteAddresses = new IAddress[] { remoteAddress }
            };

            _firewall.Rules.Add(rule);

            var checkRule = _firewall.Rules.FirstOrDefault(firewallRule => firewallRule.Name == ruleName);

            Assert.IsNotNull(checkRule);
            Assert.IsTrue(checkRule.RemoteAddresses.SequenceEqual(new IAddress[] { remoteAddress }));
            Assert.AreEqual(checkRule.Profiles, FirewallProfiles.Public);
            Assert.AreEqual(checkRule.Direction, FirewallDirection.Outbound);
            Assert.AreEqual(checkRule.Action, FirewallAction.Block);

            _firewall.Rules.Remove(rule);

            checkRule = _firewall.Rules.FirstOrDefault(firewallRule => firewallRule.Name == ruleName);
            Assert.IsNull(checkRule);
        }
Exemplo n.º 3
0
        //[ResponseType(typeof(string))]
        public IHttpActionResult AddAdditionalIpForRdp([FromUri] string ipAddress)
        {
            var ruleName = "Allow Remote Desktop";

            try
            {
                var rule = FirewallManager.Instance.Rules.Where(o =>
                                                                o.Direction == FirewallDirection.Inbound &&
                                                                o.Name.Equals(ruleName)
                                                                ).FirstOrDefault();

                if (rule != null)
                {
                    var items = rule.RemoteAddresses.ToList();
                    items.Add(SingleIP.Parse(ipAddress));

                    //Update an existing Rule
                    rule.RemoteAddresses = items.ToArray();

                    return(Ok());
                }

                //Create a new rule
                rule = FirewallManager.Instance.CreateApplicationRule(
                    FirewallManager.Instance.GetProfile().Type,
                    ruleName,
                    FirewallAction.Allow,
                    null
                    );

                rule.Direction       = FirewallDirection.Inbound;
                rule.LocalPorts      = new ushort[] { 3389 };
                rule.Action          = FirewallAction.Allow;
                rule.Protocol        = FirewallProtocol.TCP;
                rule.Scope           = FirewallScope.All;
                rule.Profiles        = FirewallProfiles.Public | FirewallProfiles.Private;
                rule.RemoteAddresses = new IAddress[] { SingleIP.Parse(ipAddress) };

                FirewallManager.Instance.Rules.Add(rule);
                return(Ok());
            }
            catch (Exception exception)
            {
                Log.Error($"{nameof(AddAdditionalIpForRdp)}", exception);
            }

            return(InternalServerError());
        }
Exemplo n.º 4
0
        public void InvalidParses()
        {
            // Can't parse empty strings
            Assert.Throws <FormatException>(() =>
            {
                SingleIP.Parse("");
            }
                                            );

            // Can't parse invalid ip addresses
            Assert.Throws <FormatException>(() =>
            {
                SingleIP.Parse("-1.0.0.0");
            }
                                            );
            Assert.Throws <FormatException>(() =>
            {
                SingleIP.Parse("-1::");
            }
                                            );
            Assert.Throws <FormatException>(() =>
            {
                SingleIP.Parse("256.0.0.0");
            }
                                            );
            Assert.Throws <FormatException>(() =>
            {
                SingleIP.Parse("10000::");
            }
                                            );

            // Can't parse ip ranges containing more than one ip address
            Assert.Throws <FormatException>(() =>
            {
                SingleIP.Parse("192.168.1.1-192.168.2.1");
            }
                                            );
            Assert.Throws <FormatException>(() =>
            {
                SingleIP.Parse("2001:1::-2001:2::");
            }
                                            );

            // Can't parse network addresses containing more than one ip address
            Assert.Throws <FormatException>(() =>
            {
                SingleIP.Parse("127.0.0.1/28");
            }
                                            );
            Assert.Throws <FormatException>(() =>
            {
                SingleIP.Parse("::1/112");
            }
                                            );
            Assert.Throws <FormatException>(() =>
            {
                SingleIP.Parse("192.168.1.1/255.255.255.0");
            }
                                            );
            Assert.Throws <FormatException>(() =>
            {
                SingleIP.Parse("2001:1::/ffff:ffff:ffff:ffff:ffff:ffff:ffff:0");
            }
                                            );
        }