public void AddFilter(bool permit, bool output, bool v6, IPPROTO[] protocols = null, string[] localRules = null, string[] remoteRules = null)
{
using var ptrs = new NativePtrs();
var actionType = permit ? FWP_ACTION_TYPE.PERMIT : FWP_ACTION_TYPE.BLOCK;
var layerKey = output ?
(v6 ? Layers.FWPM_LAYER_ALE_AUTH_CONNECT_V6 : Layers.FWPM_LAYER_ALE_AUTH_CONNECT_V4) :
(v6 ? Layers.FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V6 : Layers.FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4);
var conditions = Enumerable.Empty <FWPM_FILTER_CONDITION0>()
.ConcatSafe(CreateConditionsProtocol(protocols))
.ConcatSafe(CreateConditionsPortOrSubnet(v6, false, localRules, ptrs))
.ConcatSafe(CreateConditionsPortOrSubnet(v6, true, remoteRules, ptrs))
.ToArray();
AddFilter(actionType, Guid.Empty, layerKey, conditions);
}
public FWPM_FILTER0 AddFilter(FWP_ACTION_TYPE actionType, Guid calloutKey, Guid layerKey, FWPM_FILTER_CONDITION0[] conditions)
{
using var ptrs = new NativePtrs();
var filter = new FWPM_FILTER0();
filter.providerKey = ptrs.Add(providerKey);
filter.filterKey = Guid.NewGuid();
filter.layerKey = layerKey;
filter.subLayerKey = SubLayers.Get(layerKey);
filter.flags = FWPM_FILTER_FLAG.PERSISTENT;
filter.action.type = actionType;
filter.action.calloutKey = calloutKey;
filter.weight.type = FWP_DATA_TYPE.UINT8;
filter.weight.value.uint8 = (actionType == FWP_ACTION_TYPE.PERMIT) ? (byte)1 : (byte)0;
filter.displayData.name = filter.filterKey.ToString();
if (conditions != null && conditions.Length > 0)
{
int conditionSize = Marshal.SizeOf <FWPM_FILTER_CONDITION0>();
var filterConditions = ptrs.Add(conditionSize * conditions.Length);
for (int i = 0; i < conditions.Length; i++)
{
var ptr = new IntPtr(filterConditions.ToInt64() + i * conditionSize);
Marshal.StructureToPtr(conditions[i], ptr, false);
}
filter.numFilterConditions = (uint)conditions.Length;
filter.filterConditions = filterConditions;
}
var code = Methods.FwpmFilterAdd0(engineHandle, ref filter, IntPtr.Zero, out ulong id);
if (code != 0)
{
throw new NativeException(nameof(Methods.FwpmFilterAdd0), code);
}
return(filter);
}
private void AddSubLayers()
{
using var ptrs = new NativePtrs();
var provider = ptrs.Add(providerKey);
foreach (var kv in SubLayers.All())
{
var subLayer = new FWPM_SUBLAYER0();
subLayer.providerKey = provider;
subLayer.subLayerKey = kv.Key;
subLayer.displayData.name = kv.Value;
subLayer.weight = ushort.MaxValue;
subLayer.flags = FWPM_SUBLAYER_FLAG.PERSISTENT;
var code = Methods.FwpmSubLayerAdd0(engineHandle, ref subLayer, IntPtr.Zero);
if (code != 0 && code != (uint)FWP_E.ALREADY_EXISTS)
{
throw new NativeException(nameof(Methods.FwpmProviderAdd0), code);
}
}
}
public IEnumerable<FWPM_FILTER_CONDITION0> CreateConditionsPortOrSubnet(bool v6, bool remote, string[] values, NativePtrs ptrs)
{
if (values == null)
yield break;
foreach (var value in values)
{
if (ushort.TryParse(value, out ushort port))
yield return CreateConditionPort(false, port);
else if (!v6 && Utils.TryParseSubnetV4(value, out uint addr4, out uint mask4))
yield return CreateConditionSubnetV4(false, addr4, mask4, ptrs);
