Exemplo n.º 1
0
        static void MakeOutRule(string text)
        {
            if (text.StartsWith("http://"))
            {
                text = text.Replace("http://", "");
            }
            if (text.StartsWith("https://"))
            {
                text = text.Replace("https://", "");
            }

            IPAddress addr = null;

            if (!IPAddress.TryParse(text, out addr))
            {
                return;
            }

            FwOutRule rule = new FwOutRule(addr);

            if (CheckRule(rule))
            {
                if (!MakeSubNetRules(rule))
                {
                    log.WI("Adding new rule for IP [" + rule.RemoteAddresses + "]");
                    AddFwRule(rule);
                    outRules.Add(rule);
                }
            }
            else
            {
                log.WI("Rule for IP [" + rule.RemoteAddresses + "] or subnet already exists. Skipped");
            }
        }
Exemplo n.º 2
0
        static void LoadOutRules()
        {
            INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(
                Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
            List <INetFwRule> rules = new List <INetFwRule>();

            foreach (var ruleObj in firewallPolicy.Rules)
            {
                if (ruleObj is INetFwRule)
                {
                    rules.Add(ruleObj as INetFwRule);
                }
            }

            foreach (var fwRule in rules)
            {
                if (fwRule.Direction == NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT &&
                    fwRule.Name.StartsWith(AppName))
                {
                    var rule = new FwOutRule(fwRule);
                    if (CheckRule(rule))
                    {
                        outRules.Add(rule);
                    }
                    else
                    {
                        firewallPolicy.Rules.Remove(fwRule.Name);
                        log.WI("Removed duplicate rule for IP [" + rule.RemoteAddresses + "]");
                    }
                }
            }
        }
Exemplo n.º 3
0
        public FwOutRule(FwOutRule rule)
            : this(rule.Text)
        {
            ApplicationName = rule.ApplicationName;
            Name = rule.Name;
            Description = rule.Description;

            _remoteAddresses = rule.RemoteAddresses;
            _mask = rule._mask;
        }
Exemplo n.º 4
0
 public FwOutRule(FwOutRule rule)
     : this()
 {
     Action          = rule.Action;
     ApplicationName = rule.ApplicationName;
     Description     = rule.Description;
     Enabled         = rule.Enabled;
     Name            = rule.Name;
     RemoteAddresses = rule.RemoteAddresses;
     Enabled         = true;
 }
Exemplo n.º 5
0
        static bool CheckRule(FwOutRule rule)
        {
            if (outRules.Exists(r => r.RemoteAddresses.StartsWith(rule.RemoteAddresses)))
            {
                return(false);
            }

            if (outRules.Exists(r => !r.IsIPRule && r.SubNet == rule.SubNet))
            {
                return(false);
            }

            return(true);
        }
Exemplo n.º 6
0
        static void AddFwRule(FwOutRule rule)
        {
            INetFwRule firewallRule = (INetFwRule)Activator.CreateInstance(
                Type.GetTypeFromProgID("HNetCfg.FWRule"));

            firewallRule.Action          = rule.Action;
            firewallRule.Description     = rule.Description;
            firewallRule.Direction       = rule.Direction;
            firewallRule.Enabled         = rule.Enabled;
            firewallRule.InterfaceTypes  = "All";
            firewallRule.Name            = rule.Name;
            firewallRule.RemoteAddresses = rule.RemoteAddresses;

            if (!string.IsNullOrEmpty(rule.ApplicationName))
            {
                firewallRule.ApplicationName = rule.ApplicationName;
            }
            INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(
                Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));

            firewallPolicy.Rules.Add(firewallRule);
        }
Exemplo n.º 7
0
        static bool MakeSubNetRules(FwOutRule rule)
        {
            if (rule.IsIPRule && !outRules.Exists(r => !r.IsIPRule && r.SubNet == rule.SubNet))
            {
                var cnt = outRules.Count(r => r.Name != rule.Name && r.SubNet == rule.SubNet);
                if (cnt > 0)
                {
                    var sRule = new FwOutRule(rule);
                    sRule.RemoteAddresses = rule.SubNet + "0/255.255.255.0";
                    sRule.Name            = string.Format("{0} Used to block an SubNet [{1}]",
                                                          AppName, sRule.RemoteAddresses);

                    log.WI("Adding new rule for SubNet [" + sRule.RemoteAddresses + "]");

                    AddFwRule(sRule);
                    outRules.Add(sRule);

                    return(true);
                }
            }
            return(false);
        }
Exemplo n.º 8
0
        static bool IsWhiteRule(FwOutRule rule)
        {
            if (rule.RemoteAddresses.StartsWith("0.0."))
            {
                return true;
            }

            if ((string.IsNullOrEmpty(rule.ApplicationName) || rule.ApplicationName == "*")
                && outWhiteIPRules.Exists(r => r.IsInclude(rule)))
            {
                return true;
            }

            return false;
        }
Exemplo n.º 9
0
        static void AddWhiteListRule(FwOutRule rule)
        {
            if (!outWhiteIPs.Contains(rule.IPStr))
            {
                log.WI("Rule for [" + rule.RemoteAddresses + "] added to White List");
                outWhiteIPs.Add(rule.IPStr);
            }

            outWhiteIPRules.Add(rule);

            var restartDNS = false;
            IPHostEntry entry = GetDomain(rule);
            if (entry != null && !outWhiteDomains.Contains(entry.HostName))
            {
                if (CheckDomain(entry.HostName))
                {
                    log.WI("Rule for Domain [" + entry.HostName + "] added to White List");
                    outWhiteDomains.Add(entry.HostName);
                    restartDNS = true;
                }
            }

            SaveWhiteLists();

            if (restartDNS)
            {
                // insure that BIND does not block this domain anymore
                LoadBindAssHoles();
            }
        }
Exemplo n.º 10
0
        static void AddFwRule(FwOutRule rule)
        {
            INetFwRule firewallRule = (INetFwRule)Activator.CreateInstance(
                Type.GetTypeFromProgID("HNetCfg.FWRule"));
            firewallRule.Action = rule.Action;
            firewallRule.Description = rule.Description;
            firewallRule.Direction = rule.Direction;
            firewallRule.Enabled = rule.Enabled;
            firewallRule.InterfaceTypes = "All";
            firewallRule.Name = rule.Name;
            firewallRule.RemoteAddresses = rule.RemoteAddresses;

            if (!string.IsNullOrEmpty(rule.ApplicationName))
            {
                firewallRule.ApplicationName = rule.ApplicationName;
            }
            INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(
                Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
            firewallPolicy.Rules.Add(firewallRule);
        }
Exemplo n.º 11
0
        public static void SplitRule(FwOutRule sr, FwOutRule ir)
        {
            if (!sr.IsIPRule)
            {
                var newRules = new List<FwOutRule>();
                if (!SplitSubnetRule(sr, ir, ref newRules))
                {
                    throw new Exception("Cannot split SubNet rule!");
                }

                outRules.Remove(sr);
                foreach (var nr in newRules)
                {
                    if (CheckRule(nr))
                    {
                        AddFwRule(nr);
                        outRules.Add(nr);
                        log.WI("Added new rule for [" + nr.RemoteAddresses + "]");
                    }
                }
            }

            RemoveFwRule(sr);
        }
Exemplo n.º 12
0
        public static void LoadOutRulesFile(string fileName, bool withDomains = false)
        {
            var remoteAddrs = LoadFiles(fileName);

            foreach (var ra in remoteAddrs)
            {
                FwOutRule rule = new FwOutRule(new FwRuleText(ra), ra);
                if (CheckRule(rule))
                {
                    AddFwRule(rule);
                    outRules.Add(rule);
                }

                if (IsWhiteRule(rule) && IsRuleExists(rule))
                {
                    RemoveFwRule(rule);
                }
            }

            if (withDomains)
            {
                throw new NotImplementedException();
            }
        }
Exemplo n.º 13
0
        static void MakeOutRule(string text, bool clear, bool addToWhiteList)
        {
            if (text.StartsWith("http://")) text = text.Replace("http://", "");
            if (text.StartsWith("https://")) text = text.Replace("https://", "");
            if (text.StartsWith("www.")) text = text.Replace("www.", "");

            bool isIPRange = false;
            IPAddress[] addrs = null;
            IList<uint[]> rangeAddrs = null;
            if (IsIPRange(text))
            {
                isIPRange = true;
                rangeAddrs = GetIPRangeAddress(text);
                addrs = rangeAddrs.Select(ra => new IPAddress(ra[0])).ToArray();
            }
            else
            {
                try
                {
                    addrs = Dns.GetHostAddresses(text);
                }
                catch (Exception) { }
            }

            if (addrs != null)
            {
                for (int i = 0; i < addrs.Length; i++)
                {
                    var addr = addrs[i];

                    if (addr.AddressFamily == AddressFamily.InterNetworkV6)
                    {
                        continue;
                    }

                    FwOutRule rule = null;

                    if (isIPRange)
                    {
                        rule = new FwOutRule(new FwRuleText(text), (uint)addr.Address, rangeAddrs[i][1]);
                    }
                    else
                    {
                        rule = new FwOutRule(new FwRuleText(text), addr);
                    }

                    var exists = IsRuleExists(rule);
                    var isWhite = IsWhiteRule(rule);

                    if (exists && isWhite)
                    {
                        log.WI("White List rule bloked!!! [" + rule.RemoteAddresses + "].");
                        var sameRules = outRules.Where(r => r.IsInclude(rule)).ToList();
                        foreach (var sr in sameRules)
                        {
                            if (IsRuleExists(sr))
                            {
                                SplitRule(sr, rule);
                            }
                        }
                    }

                    if (clear)
                    {
                        if (exists)
                        {
                            var sameRules = outRules.Where(r => r.IsInclude(rule)).ToList();
                            foreach (var sr in sameRules)
                            {
                                if (IsRuleExists(sr))
                                {
                                    SplitRule(sr, rule);
                                }
                            }
                        }

                        if (!isWhite && addToWhiteList)
                        {
                            AddWhiteListRule(rule);
                        }
                    }
                    else
                    {
                        if (!exists && !isWhite)
                        {
                            if (checkWhoIs && !isIPRange)
                            {
                                if (!checkWhoIsDlg(rule.IPStr))
                                {
                                    continue;
                                }
                            }

                            if (!MakeSubNetRules(rule))
                            {
                                log.WI(string.Format("Adding new rule for [{0}].", rule.RemoteAddresses));
                                AddFwRule(rule);
                                outRules.Add(rule);
                            }

                            if (!isIPRange)
                            {
                                var entry = GetDomain(rule);
                                if (entry != null)
                                {
                                    DisableDNS(entry.HostName);
                                }
                            }

                            continue;
                        }

                        if (isWhite)
                        {
                            log.WI("Rule for [" + rule.RemoteAddresses + "] is already in White List. Skipped");
                            continue;
                        }

                        if (exists)
                        {
                            log.WI("Rule for [" + rule.RemoteAddresses + "] is already exists. Skipped");
                            continue;
                        }
                    }
                }

                if (!isIPRange)
                {
                    DisableDNS(text);
                }
            }
        }
Exemplo n.º 14
0
        public bool IsInclude(FwOutRule rule)
        {
            if (rule.IP == IP)
            {
                return true;
            }

            var wildCard = ~_mask;
            if ((IP | wildCard) == (rule.IP | wildCard))
            {
                return true;
            }

            //var ruleWildCard = ~rule._mask;
            //if ((IP | ruleWildCard) == (rule.IP | ruleWildCard))
            //{
            //    return true;
            //}

            return false;
        }
Exemplo n.º 15
0
        static bool SplitSubnetRule(FwOutRule sr, FwOutRule ir, ref List<FwOutRule> rules)
        {
            if (sr == null && sr.IsIPRule)
            {
                throw new ArgumentException(nameof(sr));
            }

            if (ir.ReversedEndIP < sr.ReversedStartIP || ir.ReversedStartIP > sr.ReversedEndIP)
            {
                return false;
            }

            rules.Clear();

            var fsRIP = sr.ReversedStartIP;
            var feRIP = ir.ReversedStartIP - 1;
            var lsRIP = ir.ReversedEndIP + 1;
            var leRIP = sr.ReversedEndIP;

            if (fsRIP <= feRIP)
            {
                var fRange = new List<uint[]>();
                FwOutRule.GetMaskedIPRange(FwOutRule.ReverseIP(fsRIP),
                    FwOutRule.ReverseIP(feRIP), out fRange);
                if (fRange.Count > 0)
                {
                    rules.AddRange(fRange.Select(im => new FwOutRule(FwRuleText.Empty, im[0], im[1])));
                }
            }

            if (lsRIP <= leRIP)
            {
                var lRange = new List<uint[]>();
                FwOutRule.GetMaskedIPRange(FwOutRule.ReverseIP(lsRIP),
                    FwOutRule.ReverseIP(leRIP), out lRange);
                if (lRange.Count > 0)
                {
                    rules.AddRange(lRange.Select(im => new FwOutRule(FwRuleText.Empty, im[0], im[1])));
                }
            }

            return rules.Count > 0;
        }
Exemplo n.º 16
0
 static void RemoveFwRule(FwOutRule rule)
 {
     INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(
       Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
     firewallPolicy.Rules.Remove(rule.Name);
     firewallPolicy.Rules.Remove(rule.OldName1);
     firewallPolicy.Rules.Remove(rule.OldName2);
     firewallPolicy.Rules.Remove(rule.OldName3);
     log.WI("Removed rule for [" + rule.RemoteAddresses + "]", false);
 }
Exemplo n.º 17
0
        private static bool MergeSubNetRulesImpl(IList<FwOutRule> rules, IList<FwOutRule> outr, bool listOnly = false)
        {
            var res = true;
            var rangeList = new List<FwOutRule>();

            for (int i = 0; i < rules.Count - 1; i++)
            {
                var curr = rules[i];
                var next = rules[i + 1];

                if (curr.ReversedEndIP + 1 == next.ReversedStartIP)
                {
                    if (rangeList.Count == 0)
                    {
                        rangeList.Add(curr);
                    }
                    rangeList.Add(next);
                }
                else
                {
                    if (rangeList.Count != 0)
                    {
                        var firstRule = rangeList.First();
                        var startIP = firstRule.StartIP;
                        var endIP = rangeList.Last().EndIP;
                        var maskedRange = new List<uint[]>();

                        if (!FwOutRule.GetMaskedIPRange(startIP, endIP, out maskedRange))
                        {
                            throw new Exception("GetMaskedIPRange failed");
                        }

                        if (maskedRange.Count == 0 || maskedRange.Count >= rangeList.Count)
                        {
                            // nothing to optimize
                            rangeList.Clear();
                            continue;
                        }

                        try
                        {
                            foreach (var im in maskedRange)
                            {
                                var unionRule = new FwOutRule(new FwRuleText(firstRule.IPAddr), im[0], im[1]);

                                if (!listOnly)
                                {
                                    log.WI(string.Format("Adding new union rule for [{0}].", unionRule.RemoteAddresses));
                                    AddFwRule(unionRule);
                                }
                                outr.Add(unionRule);
                            }

                            foreach (var or in rangeList)
                            {
                                if (!listOnly) RemoveFwRule(or);
                                outr.Remove(or);
                            }

                            res = false;
                        }
                        catch (Exception ex)
                        {
                            log.WI("Failed to create union rule, error: " + ex.Message, false);
                        }

                        rangeList.Clear();
                    }
                }
            }

            return res;
        }
Exemplo n.º 18
0
        static bool MakeSubNetRules(FwOutRule rule)
        {
            if (rule.IsIPRule && !outRules.Exists(r => !r.IsIPRule && r.IsInclude(rule)))
            {
                var subnetMask = (uint)0xFFFFFF;
                if (outRules.Count(r => r.IsIPRule
                    && r.IP != rule.IP
                    && (r.IP & subnetMask) == (rule.IP & subnetMask)) > 0)
                {
                    var sRule = new FwOutRule(rule);
                    var ipBytes = rule.IPAddr.GetAddressBytes();
                    sRule.UpdateRemoteAddresses(sRule.IP & subnetMask, subnetMask);
                    log.WI("Adding new rule for [" + sRule.RemoteAddresses + "]");

                    AddFwRule(sRule);
                    outRules.Add(sRule);

                    return true;
                }
            }
            return false;
        }
Exemplo n.º 19
0
        static bool IsRuleExists(FwOutRule rule)
        {
            if (outRules.Exists(r => r.IsInclude(rule)))
            {
                return true;
            }

            return false;
        }
Exemplo n.º 20
0
        static void LoadOutRules()
        {
            INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(
               Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
            List<INetFwRule> rules = new List<INetFwRule>();
            foreach (var ruleObj in firewallPolicy.Rules)
            {
                if (ruleObj is INetFwRule)
                {
                    rules.Add(ruleObj as INetFwRule);
                }
            }

            foreach (var fwRule in rules)
            {
                if (fwRule.Direction == NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT
                    && fwRule.Name.StartsWith(AppName))
                {
                    var rule = new FwOutRule(fwRule);
                    if (CheckRule(rule))
                    {
                        outRules.Add(rule);
                    }
                    else
                    {
                        RemoveFwRule(rule);
                    }
                }
            }
        }
Exemplo n.º 21
0
        public static IPHostEntry GetDomain(FwOutRule rule)
        {
            IPHostEntry entry = null;
            try
            {
                entry = Dns.GetHostEntry(rule.IPAddr);
            }
            catch (Exception ex)
            {
                log.WI(ex.Message + "[" + rule.IPStr + "]");
            }

            if (entry == null && !rule.Text.IsIPText)
            {
                try
                {
                    var text = rule.Text.Str;
                    if (!text.Contains(Uri.SchemeDelimiter))
                    {
                        text = string.Concat(Uri.UriSchemeHttp, Uri.SchemeDelimiter, text);
                    }
                    Uri uri = new Uri(text);
                    var domain = uri.DnsSafeHost;
                    if (!string.IsNullOrEmpty(domain))
                    {
                        entry = new IPHostEntry()
                        {
                            HostName = domain,
                            AddressList = new IPAddress[] { rule.IPAddr }
                        };
                    }
                }
                catch (Exception ex)
                {
                    log.WI(ex.Message);
                }
            }

            return entry;
        }
Exemplo n.º 22
0
 static bool CheckRule(FwOutRule rule)
 {
     return !IsRuleExists(rule) && !IsWhiteRule(rule);
 }