private static string saveFirewallRule(AddFirewallRuleViewModel rule)
{
var ruleName = (string.IsNullOrEmpty(rule.RuleName)) ? getNewRestrictionRuleName() : rule.RuleName;
SshConnection.WriteStream($"uci set firewall.{ruleName}=rule");
SshConnection.WriteStream($"uci set firewall.{ruleName}.src='*'");
SshConnection.WriteStream($"uci set firewall.{ruleName}.dest='*'");
SshConnection.WriteStream($"uci set firewall.{ruleName}.name='{rule.FriendlyName}'");
if (!string.IsNullOrEmpty(rule.SourceMacs))
{
SshConnection.WriteStream($"uci set firewall.{ruleName}.src_mac='{rule.SourceMacs}'");
}
if (!string.IsNullOrEmpty(rule.SourceIPs))
{
SshConnection.WriteStream($"uci set firewall.{ruleName}.src_ip='{rule.SourceIPs}'");
}
if (!string.IsNullOrEmpty(rule.SourcePorts))
{
SshConnection.WriteStream($"uci set firewall.{ruleName}.src_port='{rule.SourcePorts}'");
}
if (!string.IsNullOrEmpty(rule.DestinationIPs))
{
SshConnection.WriteStream($"uci set firewall.{ruleName}.dest_ip='{rule.DestinationIPs}'");
}
if (!string.IsNullOrEmpty(rule.DestinationPorts))
{
SshConnection.WriteStream($"uci set firewall.{ruleName}.dest_port='{rule.DestinationPorts}'");
}
SshConnection.WriteStream($"uci set firewall.{ruleName}.target='DROP'");
SshConnection.WriteStream($"uci set firewall.{ruleName}.enabled='{rule.Enabled}'");
return(ruleName);
}
public static string Send_SaveFirewallRule(AddFirewallRuleViewModel rule)
{
var ruleName = saveFirewallRule(rule);
SshConnection.WriteStream($"uci commit firewall");
SshConnection.Send_CustomCommand($"/etc/init.d/firewall restart");
Thread.Sleep(1500);
SshConnection.Send_CustomCommand($"clear");
return(ruleName);
}
private void SaveModifiedRuleButtonClick(object sender, EventArgs e)
{
var valid = true;
if (FirewallConnection.Get_RestrictionRulesNames().Contains(addRuleNameEditText.Text))
{
Toast.MakeText(this, $"Rule with this name already exist.", ToastLength.Short).Show();
valid = false;
}
if (string.IsNullOrEmpty(addRuleNameEditText.Text))
{
Toast.MakeText(this, $"Rule name can't be empty.", ToastLength.Short).Show();
valid = false;
}
if (!addRuleSourceMacEditText.Text.Any() &&
!addRuleSourceIpEditText.Text.Any() &&
!addRuleSourcePortEditText.Text.Any() &&
!addRuleDestinationIpEditText.Text.Any() &&
!addRuleDestinationPortEditText.Text.Any())
{
Toast.MakeText(this, $"You have to type at least one condition.", ToastLength.Short).Show();
valid = false;
}
const string validateMacPattern = @"^$|^(((([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})[,])*)(([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})))$";
const string validateIpPattern = @"^$|^((((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])[,])*)((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])))$";
const string validatePortPattern = @"^$|^((([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])[,])|((([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])([-])([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5]))[,]))*((([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5]))|(([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])([-])([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])))$";
if (!Regex.Match(addRuleSourceMacEditText.Text, validateMacPattern, RegexOptions.IgnoreCase).Success)
{
Toast.MakeText(this, $"You have typed source Mac in not proper format.", ToastLength.Short).Show();
valid = false;
}
if (!Regex.Match(addRuleSourceIpEditText.Text, validateIpPattern, RegexOptions.IgnoreCase).Success)
{
Toast.MakeText(this, $"You have typed source IP in not proper format.", ToastLength.Short).Show();
valid = false;
}
if (!Regex.Match(addRuleSourcePortEditText.Text, validatePortPattern, RegexOptions.IgnoreCase).Success)
{
Toast.MakeText(this, $"You have typed source port in not proper format.", ToastLength.Short).Show();
valid = false;
}
if (!Regex.Match(addRuleDestinationIpEditText.Text, validateIpPattern, RegexOptions.IgnoreCase).Success)
{
Toast.MakeText(this, $"You have typed destination IP in not proper format.", ToastLength.Short).Show();
valid = false;
}
if (!Regex.Match(addRuleDestinationPortEditText.Text, validatePortPattern, RegexOptions.IgnoreCase).Success)
{
Toast.MakeText(this, $"You have typed destination port in not proper format.", ToastLength.Short).Show();
valid = false;
}
if (!valid)
{
return;
}
var newRule = new AddFirewallRuleViewModel
{
RuleName = null,
FriendlyName = addRuleNameEditText.Text,
SourceMacs = addRuleSourceMacEditText.Text,
SourceIPs = addRuleSourceIpEditText.Text,
SourcePorts = addRuleSourcePortEditText.Text,
DestinationIPs = addRuleDestinationIpEditText.Text,
DestinationPorts = addRuleDestinationPortEditText.Text,
Enabled = addRuleEnabledCheckBox.Enabled ? "1" : "0"
};
FirewallConnection.Send_SaveFirewallRule(newRule);
StartActivity(typeof(FirewallActivity));
Finish();
}
