public static void ExecuteIptables(NetfilterSystem system, String command, String iptablesBinary, out String output, out String error) { using (ISystemProcess process = system.System.StartProcess(iptablesBinary, command)) { ProcessHelper.ReadToEnd(process, out output, out error); //OK if (process.ExitCode == 0) { return; } //ERR: INVALID COMMAND LINE if (process.ExitCode == 2) { throw new IpTablesNetException("IPTables execution failed: Invalid Command Line - " + command); } //ERR: GENERAL ERROR if (process.ExitCode == 1) { throw new IpTablesNetException("IPTables execution failed: Error - " + command); } //ERR: UNKNOWN throw new IpTablesNetException("IPTables execution failed: Unknown Error - " + command); } }
public IpTablesChain CreateChain(NetfilterSystem system, int ipVersion) { var chain = GetNewChain(system, ipVersion); _chains.AddChain(chain); return(chain); }
/// <summary> /// Parse a IPTables rule /// </summary> /// <param name="rule"></param> /// <param name="system"></param> /// <param name="chains"></param> /// <param name="version"></param> /// <param name="defaultTable"></param> /// <param name="createChain"></param> /// <returns></returns> public static IpTablesRule Parse(String rule, NetfilterSystem system, IpTablesChainSet chains, int version = 4, String defaultTable = "filter", ChainCreateMode createChain = ChainCreateMode.CreateNewChainIfNeeded) { CommandParser parser; var ipCmd = IpTablesCommand.Parse(rule, system, chains, out parser, version, defaultTable); if (ipCmd.Type != IpTablesCommandType.Add) { throw new IpTablesParserException(rule, "must be add rule to parse"); } var chain = parser.GetChainFromSet(); if (chain == null) { if (createChain == ChainCreateMode.DontCreateErrorInstead) { throw new IpTablesParserException(rule, String.Format("Unable to find chain: {0}", parser.ChainName)); } var ipVersion = chains == null ? 4 : chains.IpVersion; if (createChain == ChainCreateMode.ReturnNewChain) { chain = parser.GetNewChain(system, ipVersion); } else { chain = parser.CreateChain(system, ipVersion); } } Debug.Assert(chain.IpVersion == version); ipCmd.Rule.Chain = chain; return(ipCmd.Rule); }
/// <summary> /// Copy constructor /// </summary> /// <param name="rule"></param> public IpTablesRule(IpTablesRule rule) { _system = rule.System; Chain = rule.Chain; _moduleData = rule.ModuleDataInternal; _cow = true; }
public static ISystemProcess ExecuteIptables(NetfilterSystem system, String command, String iptablesBinary) { ISystemProcess process = system.System.StartProcess(iptablesBinary, command); process.WaitForExit(); //OK if (process.ExitCode == 0) { return(process); } //ERR: INVALID COMMAND LINE if (process.ExitCode == 2) { throw new IpTablesNetException("IPTables execution failed: Invalid Command Line - " + command); } //ERR: GENERAL ERROR if (process.ExitCode == 1) { throw new IpTablesNetException("IPTables execution failed: Error - " + command); } //ERR: UNKNOWN throw new IpTablesNetException("IPTables execution failed: Unknown Error - " + command); }
public IpTablesChain(String table, String chainName, int ipVersion, NetfilterSystem system) { _name = chainName; _table = table; _system = system; _rules = new List <IpTablesRule>(); _ipVersion = ipVersion; }
public IPTablesRestoreAdapterClient(int ipVersion, NetfilterSystem system, String iptablesRestoreBinary = "iptables-restore", String iptableSaveBinary = "iptables-save", String iptablesBinary = "iptables") { _system = system; _iptablesRestoreBinary = iptablesRestoreBinary; _iptablesSaveBinary = iptableSaveBinary; _iptablesBinary = iptablesBinary; _ipVersion = ipVersion; }
public void AddChain(String name, String table, NetfilterSystem system) { if (HasChain(name, table)) { throw new IpTablesNetException("A chain with that name already exists"); } AddChain(new IpTablesChain(table, name, _ipVersion, system)); }
public void AddDefaultChains(NetfilterSystem system) { foreach (var tablePair in IPTablesTables.Tables) { foreach (var chain in tablePair.Value) { _chains.Add(new IpTablesChain(tablePair.Key, chain, _ipVersion, system)); } } }
public IpTablesChain AddChain(String name, String table, NetfilterSystem system) { if (HasChain(name, table)) { throw new IpTablesNetException("A chain with that name already exists"); } var newChain = new IpTablesChain(table, name, _ipVersion, system); AddChain(newChain); return(newChain); }
/// <summary> /// Parse a IPTables rule /// </summary> /// <param name="rule"></param> /// <param name="system"></param> /// <param name="chains"></param> /// <param name="version"></param> /// <param name="defaultTable"></param> /// <param name="createChain"></param> /// <returns></returns> public static IpTablesRule Parse(String rule, NetfilterSystem system, IpTablesChainSet chains, int version = 4, String defaultTable = "filter", ChainCreateMode createChain = ChainCreateMode.CreateNewChainIfNeeded) { Debug.Assert(chains.IpVersion == version); string[] arguments = ArgumentHelper.SplitArguments(rule); int count = arguments.Length; var ipRule = new IpTablesRule(system, new IpTablesChain(null, defaultTable, version, system)); try { var parser = new RuleParser(arguments, ipRule, chains, defaultTable); bool not = false; for (int i = 0; i < count; i++) { if (arguments[i] == "!") { not = true; continue; } i += parser.FeedToSkip(i, not, version); not = false; } var chain = parser.GetChainFromSet(); if (chain == null) { if (createChain == ChainCreateMode.DontCreateErrorInstead) { throw new IpTablesNetException(String.Format("Unable to find chain: {0}", parser.ChainName)); } var ipVersion = chains == null ? 4 : chains.IpVersion; if (createChain == ChainCreateMode.ReturnNewChain) { chain = parser.GetNewChain(system, ipVersion); } else { chain = parser.CreateChain(system, ipVersion); } } Debug.Assert(chain.IpVersion == version); ipRule.Chain = chain; } catch (Exception ex) { throw new IpTablesParserException(rule, ex); } return(ipRule); }
/// <summary> /// Parse a IPTables rule /// </summary> /// <param name="rule"></param> /// <param name="system"></param> /// <param name="chains"></param> /// <param name="defaultTable"></param> /// <param name="createChain"></param> /// <param name="ipVersion"></param> /// <returns></returns> public static IpTablesRule Parse(String rule, NetfilterSystem system, IpTablesChainSet chains, String defaultTable = "filter", bool createChain = false) { string[] arguments = ArgumentHelper.SplitArguments(rule); int count = arguments.Length; var ipRule = new IpTablesRule(system, null); try { var parser = new RuleParser(arguments, ipRule, chains, defaultTable); bool not = false; for (int i = 0; i < count; i++) { if (arguments[i] == "!") { not = true; continue; } i += parser.FeedToSkip(i, not); not = false; } var chain = parser.GetChain(system); if (chain == null) { if (!createChain) { throw new IpTablesNetException(String.Format("Unable to find chain: {0}", parser.ChainName)); } chain = parser.CreateNewChain(system, chains == null ? 4 : chains.IpVersion); } ipRule.Chain = chain; } catch (Exception ex) { throw new IpTablesParserException(rule, ex); } return(ipRule); }
public static IpTablesChainSet GetRulesFromOutput(NetfilterSystem system, String output, String table, int ipVersion, bool ignoreErrors = false) { var ret = new IpTablesChainSet(ipVersion); String ttable = null; foreach (string lineRaw in output.Split(new[] { '\n' })) { string line = lineRaw.Trim(); if (String.IsNullOrEmpty(line)) { continue; } char c = line[0]; IpTablesRule rule; IpTablesChain chain; switch (c) { case '*': ttable = line.Substring(1); break; case ':': string[] split = line.Split(new[] { ' ' }); ret.AddChain(new IpTablesChain(ttable, split[0].Substring(1), ipVersion, system)); break; //Byte & packet count case '[': int positionEnd = line.IndexOf(']'); if (positionEnd == -1) { throw new IpTablesNetException("Parsing error, could not find end of counters"); } string[] counters = line.Substring(1, positionEnd - 1).Split(new[] { ':' }); line = line.Substring(positionEnd + 1); try { rule = IpTablesRule.Parse(line, system, ret, ttable); } catch { if (ignoreErrors) { continue; } throw; } rule.Counters = new PacketCounters(long.Parse(counters[0]), long.Parse(counters[1])); ret.AddRule(rule); break; case '-': rule = IpTablesRule.Parse(line, system, ret, ttable); ret.AddRule(rule); break; case '#': break; case 'C': if (line == "COMMIT" && ttable == table) { if (ttable == null) { throw new IpTablesNetException("Parsing error"); } return(ret); } throw new IpTablesNetException("Unexepected table \"" + table + "\" found \"" + ttable + "\" instead"); } } return(null); }
public IpTablesChain GetChain(NetfilterSystem system) { return(_chains.GetChainOrAdd(_chainName, _tableName, system)); }
INetfilterAdapterClient INetfilterAdapter.GetClient(NetfilterSystem system, int ipVersion = 4) { return(GetClient(system as IpTablesSystem, ipVersion)); }
public IPTablesLibAdapterClient(int ipVersion, NetfilterSystem system, String iptablesBinary) { _system = system; _iptablesBinary = iptablesBinary; _ipVersion = ipVersion; }
public static void ExecuteIptables(NetfilterSystem system, String command, String iptablesBinary) { String output, error; ExecuteIptables(system, command, iptablesBinary, out output, out error); }
protected override IpTablesChain CreateChain(string tableName, string chainName, NetfilterSystem system) { return(new IpTablesChain(tableName, chainName, _ipVersion, system)); }
public MockIpTablesRestoreAdapterClient(NetfilterSystem system, string iptablesRestoreBinary = "iptables-restore") : base(4, system, iptablesRestoreBinary) { }
/// <summary> /// Create a new (empty) IPTables Rule /// </summary> /// <param name="system"></param> /// <param name="chain"></param> public IpTablesRule(NetfilterSystem system, IpTablesChain chain) { _system = system; _chain = chain; }
/// <summary> /// Create a rule with a goto target to a specified chain /// </summary> /// <param name="chainIn"></param> /// <param name="chainJump"></param> /// <param name="system"></param> /// <returns></returns> public static IpTablesRule CreateGoto(IpTablesChain chainIn, String chainJump, NetfilterSystem system) { var rule = new IpTablesRule(system, chainIn); rule.GetModuleOrLoad <CoreModule>("core").Goto = chainJump; return(rule); }
protected override NfTablesChain CreateChain(string tableName, string chainName, NetfilterSystem system) { return(new NfTablesChain(tableName, chainName, system)); }
public IpTablesChain GetNewChain(NetfilterSystem system, int ipVersion) { return(new IpTablesChain(_tableName, _chainName, ipVersion, system)); }
public IpTablesChain GetNewChain(NetfilterSystem system, int ipVersion) { return(new IpTablesChain(_ipCommand.Table, _ipCommand.ChainName, ipVersion, system)); }
public NfTablesChain(string tableName, string chainName, NetfilterSystem netfilterSystem) { throw new NotImplementedException(); }