/// <summary>
/// Get all the rules currently configured with ufw
/// </summary>
/// <returns></returns>
public static List <UfwRule> GetRules()
{
var result = new List <UfwRule>();
var ufwResult = LocalCommand.Execute("ufw status numbered");
foreach (var line in ufwResult)
{
var rule = UfwRule.TryParse(line);;
if (rule != null)
{
result.Add(rule);
}
}
return(result);
}
/// <summary>
/// Delete the rule on the given index
/// </summary>
/// <param name="rule"></param>
public static void DeleteRule(UfwRule rule)
{
LocalCommand.Execute($"ufw --force delete {rule.RuleIndex}");
}
/// <summary>
/// Attempt to parse the rule from the Ufw response line
/// </summary>
/// <param name="line"></param>
/// <returns></returns>
public static UfwRule TryParse(string line)
{
try
{
line = line.Trim();
if (!line.StartsWith('['))
{
return(null);
}
while (line.Contains(" "))
{
line = line.Replace(" ", " ");
}
var data = line.Split(" ");
var rule = new UfwRule();
// Parse the index
var ruleIndex = line.Remove(0, 1);
ruleIndex = ruleIndex.Remove(ruleIndex.IndexOf(']')).Trim();
rule.RuleIndex = int.Parse(ruleIndex);
// Parse the port & protocol
var portAndProtocol = data[0];
portAndProtocol = portAndProtocol.Remove(0, portAndProtocol.IndexOf(']') + 1);
portAndProtocol = portAndProtocol.Trim();
if (portAndProtocol.IndexOf(' ') != -1)
{
portAndProtocol = portAndProtocol.Remove(portAndProtocol.IndexOf(' '));
}
if (portAndProtocol.Equals("anywhere", StringComparison.OrdinalIgnoreCase))
{
rule.Port = 0;
rule.Protocol = RuleProtocol.Any;
}
else if (portAndProtocol.Contains("/"))
{
var portAndProtocolData = portAndProtocol.Split('/');
rule.Port = int.Parse(portAndProtocolData[0]);
switch (portAndProtocolData[1])
{
case "tcp":
rule.Protocol = RuleProtocol.TCP;
break;
case "udp":
rule.Protocol = RuleProtocol.UDP;
break;
default:
rule.Protocol = RuleProtocol.Any;
break;
}
}
else
{
var portData = portAndProtocol.Split(' ');
if (portData[0].ToLower() == "ssh")
{
rule.Port = 0;
}
else
{
int port = 0;
int.TryParse(portData[0], out port);
rule.Port = port;
}
rule.Protocol = RuleProtocol.Any;
}
// Parse the type
var type = data[1];
type = type.Trim();
switch (type)
{
case "ALLOW":
rule.Type = RuleType.Allow;
break;
case "ALLOW IN":
rule.Type = RuleType.AllowIn;
break;
case "ALLOW OUT":
rule.Type = RuleType.AllowOut;
break;
case "DENY":
rule.Type = RuleType.Deny;
break;
case "DENY IN":
rule.Type = RuleType.DenyIn;
break;
case "DENY OUT":
rule.Type = RuleType.DenyOut;
break;
}
var source = data[2];
if (source.ToLower().StartsWith("anywhere"))
{
rule.Source = source;
rule.SourceType = SourceType.Anywhere;
}
else
{
rule.SourceType = SourceType.Address;
rule.Source = source;
}
return(rule);
}
catch {
return(null);
}
}