public List <IpTablesRule> GetDynamicChainRules(IpTablesChain chain, String arg) { if (!IsDynamic(chain)) { throw new Exception("Chain " + chain.Name + " should be dynamic"); } var chains = _chains[chain.IpVersion]; List <IpTablesRule> rules = new List <IpTablesRule>(); var targetTemplate = _dynamicChains[chain]; if (targetTemplate.Count == 0) { throw new Exception("Chain " + chain.Name + " should have rules"); } foreach (var rule in targetTemplate) { var formatted = String.Format(rule.GetActionCommand(), arg); var newRule = IpTablesRule.Parse(formatted, _system, chains, rule.Chain.IpVersion, rule.Chain.Table, IpTablesRule.ChainCreateMode.CreateNewChainIfNeeded); rules.Add(newRule); } return(rules); }
/// <summary> /// Create a rule with a goto target to a specified chain /// </summary> /// <param name="chainIn"></param> /// <param name="chainJump"></param> /// <param name="system"></param> /// <returns></returns> public static IpTablesRule CreateGoto(IpTablesChain chainIn, String chainJump, NetfilterSystem system) { var rule = new IpTablesRule(system, chainIn); rule.GetModuleOrLoad <CoreModule>("core").Goto = chainJump; return(rule); }
private string DynamicLookup(string dynamicName, string subname) { if (_tableState == null) { throw new Exception("Unexpected state"); } var chain = Dcr.GetByVariable(dynamicName, _tableState, _versionState); if (chain == null) { throw new Exception("Variable " + dynamicName + " not found"); } Debug.Assert(Dcr.IsDynamic(chain)); var chainName = String.Format(chain.Name, subname); var createdChain = new IpTablesChain(chain.Table, chainName, chain.IpVersion, null); if (_dynamicChainsCreated.Contains(createdChain)) { return chainName; } var ruleset = _ruleSets[chain.IpVersion]; //Get chain rules, for all applicable tables and versions var rules = Dcr.GetDynamicChainRules(chain, subname); foreach (var r in rules) { ruleset.AddRule(r); } _dynamicChainsCreated.Add(createdChain); return chainName; }
public void RegisterDynamicChain(String variable, String table, String chainName, int ipVersion) { var regChain = new IpTablesChain(table, chainName, ipVersion, _system); if (_dynamicChains.ContainsKey(regChain)) { throw new Exception(String.Format("A chain of ipv{0},{1}:{2} is already registered", ipVersion, chainName, table)); } _dynamicChains.Add(regChain, new List<IpTablesRule>()); _variables.Add(new Tuple<string, string, int>(table, variable, ipVersion), regChain);//todo: Support for multiple table! }
public void TestSync <TSync>(INetfilterAdapterClient client, IpTablesRuleSet rulesOriginal, IpTablesRuleSet rulesNew, TSync sync, List <string> expectedCommands = null) where TSync : INetfilterSync <IpTablesRule> { IpTablesChain chain = rulesOriginal.Chains.First(); chain.Sync(client, rulesNew.Chains.First().Rules, sync); if (expectedCommands != null) { CollectionAssert.AreEqual(expectedCommands, ExecutionLog.Select(a => a.Value).ToList()); } }
public void RegisterDynamicChain(String variable, String table, String chainName, int ipVersion) { var regChain = new IpTablesChain(table, chainName, ipVersion, _system); if (_dynamicChains.ContainsKey(regChain)) { throw new Exception(String.Format("A chain of ipv{0},{1}:{2} is already registered", ipVersion, chainName, table)); } _dynamicChains.Add(regChain, new List <IpTablesRule>()); _variables.Add(new Tuple <string, string, int>(table, variable, ipVersion), regChain);//todo: Support for multiple table! }
public void TestSync(IpTablesRuleSet rulesOriginal, IpTablesRuleSet rulesNew, Func <IpTablesRule, IpTablesRule, bool> commentComparer = null) { IpTablesChain chain = rulesOriginal.Chains.First(); DefaultNetfilterSync <IpTablesRule> sync = new DefaultNetfilterSync <IpTablesRule>(commentComparer, null); if (commentComparer == null) { chain.Sync(rulesNew.Chains.First().Rules, sync); } else { chain.Sync(rulesNew.Chains.First().Rules, sync); } }
public IpTablesChain AddChain(IpTablesChain chain, bool addRules = false) { GetTableAdapter(chain.IpVersion).AddChain(chain.Table, chain.Name); if (addRules) { foreach (IpTablesRule r in chain.Rules) { r.AddRule(); } } else { chain = new IpTablesChain(chain.Table, chain.Name, chain.IpVersion, chain.System); } return(chain); }
public IpTablesChain AddChain(INetfilterAdapterClient client, IpTablesChain chain, bool addRules = false) { client.AddChain(chain.Table, chain.Name); if (addRules) { foreach (IpTablesRule r in chain.Rules) { r.AddRule(); } } else { chain = new IpTablesChain(chain.Table, chain.Name, chain.IpVersion, chain.System); } return(chain); }
public List<IpTablesRule> GetDynamicChainRules(IpTablesChain chain, String arg) { if (!IsDynamic(chain)) { throw new Exception("Chain should be dynamic"); } var chains = _chains[chain.IpVersion]; List<IpTablesRule> rules = new List<IpTablesRule>(); foreach (var rule in _dynamicChains[chain]) { var formatted = String.Format(rule.GetActionCommand(), arg); var newRule = IpTablesRule.Parse(formatted, _system, chains, rule.Chain.IpVersion, rule.Chain.Table, IpTablesRule.ChainCreateMode.CreateNewChainIfNeeded); rules.Add(newRule); } return rules; }
public override void AddChain(string table, string chainName) { Debug.Assert(chainName != null); if (!IpTablesChain.ValidateChainName(chainName)) { throw new IpTablesNetException(String.Format("Failed to add chain \"{0}\" to table \"{1}\" due to validation error", chainName, table)); } if (!_inTransaction) { //Revert to using IPTables Binary if non transactional IPTablesBinaryAdapterClient binaryClient = new IPTablesBinaryAdapterClient(_ipVersion, _system, _iptablesBinary); binaryClient.AddChain(table, chainName); return; } if (!GetInterface(table).AddChain(chainName)) { throw new IpTablesNetException(String.Format("Failed to add chain \"{0}\" to table \"{1}\" due to error: \"{2}\"", chainName, table, GetInterface(table).GetErrorString())); } }
private void AcceptIPInternal(IPAddress address) { if (address == null) { return; } using var adapter = System.GetTableAdapter(4); var chain = new IpTablesChain(IpTable, IpChain, 4, System); var rule = new IpTablesRule(System, chain); rule.AppendToRule(GetAcceptRule(address)); chain.AddRule(rule); var sync = new DefaultNetfilterSync <IpTablesRule>(); (System.GetChain(adapter, IpTable, IpChain) as IpTablesChain).Sync(adapter, chain.Rules, sync); Logger.LogInformation($"Whitelisted {address}"); }
private string DynamicLookup(string dynamicName, string subname) { if (_tableState == null) { throw new Exception("Unexpected state"); } var chain = Dcr.GetByVariable(dynamicName, _tableState, _versionState); if (chain == null) { throw new Exception("Variable " + dynamicName + " not found"); } Debug.Assert(Dcr.IsDynamic(chain)); var chainName = String.Format(chain.Name, subname); var createdChain = new IpTablesChain(chain.Table, chainName, chain.IpVersion, null); if (_dynamicChainsCreated.Contains(createdChain)) { return(chainName); } var ruleset = _ruleSets[chain.IpVersion]; //Get chain rules, for all applicable tables and versions var rules = Dcr.GetDynamicChainRules(chain, subname); foreach (var r in rules) { ruleset.AddRule(r); } _dynamicChainsCreated.Add(createdChain); return(chainName); }
public IpTablesChain AddChain(IpTablesChain chain, bool addRules = false) { return(AddChain(chain.Name, chain.Table, chain.IpVersion)); }
public IpTablesChain AddChain(INetfilterAdapterClient client, IpTablesChain chain, bool addRules = false) { client.AddChain(chain.Table, chain.Name); if (addRules) { foreach (IpTablesRule r in chain.Rules) { r.AddRule(); } } else { chain = new IpTablesChain(chain.Table,chain.Name, chain.IpVersion, chain.System); } return chain; }
public bool IsDynamic(IpTablesChain chain) { var comparisonChain = new IpTablesChain(chain.Table, chain.Name, chain.IpVersion, _system); return(_dynamicChains.ContainsKey(comparisonChain)); }
public IpTablesChain AddChain(IpTablesChain chain, bool addRules = false) { return AddChain(chain.Name, chain.Table, chain.IpVersion); }
/// <summary> /// Create a rule with a goto target to a specified chain /// </summary> /// <param name="chain"></param> /// <param name="target"></param> /// <returns></returns> public static IpTablesRule CreateGoto(IpTablesChain chain, String target) { return(CreateGoto(chain, target, chain.System)); }
public bool IsDynamic(IpTablesChain chain) { var comparisonChain = new IpTablesChain(chain.Table, chain.Name, chain.IpVersion, _system); return _dynamicChains.ContainsKey(comparisonChain); }