/// <summary>
/// Overrides the web filter.
/// </summary>
/// <returns></returns>
public ActionResult Do()
{
// Get the block request object from session state.
BlockRequestModel model = (BlockRequestModel)Session[MvcApplication.SESSION_BLOCK_REQUEST_NAME];
// Get the User ID of the currently logged in user.
model.UserId = User.Identity.Name;
if (!string.IsNullOrWhiteSpace(MvcApplication.overridePayloadTemplate))
{
try
{
StringBuilder payload = new StringBuilder(MvcApplication.overridePayloadTemplate);
payload.Replace("%IP%", model.SourceIP);
// Ignore certificate checking for this connection. (Self-signed certs. Note: this is global to the application.)
RemoteCertificateValidationCallback previousCallback = ServicePointManager.ServerCertificateValidationCallback;
ServicePointManager.ServerCertificateValidationCallback = delegate { return(true); };
// Make a GET request to the firewall with the override XML payload.
string url = "https://" + MvcApplication.FIREWALL_HOSTNAME + "/api/?type=user-id&key=" + MvcApplication.PAN_API_KEY + "&cmd=" + Url.Encode(payload.ToString());
WebRequest request = WebRequest.Create(url);
WebResponse response = request.GetResponse();
// Reinstate certificate checking.
ServicePointManager.ServerCertificateValidationCallback = previousCallback;
// Add the override to the list of active overrides in the database.
MSStoredProcedure upsert = new MSStoredProcedure(MvcApplication.databaseConnectionString, MvcApplication.STORED_PROCEDURE_UPSERT_OVERRIDE, MvcApplication.eventLog);
upsert.AddNVarCharParameter(MvcApplication.STORED_PROCEDURE_PARAM_IP, model.SourceIP, MvcApplication.STORED_PROCEDURE_PARAM_IP_LENGTH, StoredProcedure.ParameterType.In);
upsert.AddNVarCharParameter(MvcApplication.STORED_PROCEDURE_PARAM_USERNAME, model.UserId, MvcApplication.STORED_PROCEDURE_PARAM_USERNAME_LENGTH, StoredProcedure.ParameterType.In);
if (upsert.ExecuteNonQuery() > 0)
{
// Log the override in the event log.
MvcApplication.Log(new Galactic.EventLog.Event(MvcApplication.EVENT_LOG_SOURCE_NAME, DateTime.Now, Galactic.EventLog.Event.SeverityLevels.Information,
MvcApplication.EVENT_LOG_CATEGORY_OVERRIDE, "User: "******" IP: " + model.SourceIP + " URL: " + model.Url));
}
else
{
// Log an error in the event log.
MvcApplication.Log(new Galactic.EventLog.Event(MvcApplication.EVENT_LOG_SOURCE_NAME, DateTime.Now, Galactic.EventLog.Event.SeverityLevels.Error,
MvcApplication.EVENT_LOG_CATEGORY_OVERRIDE, "Unable to save override to database. User: "******" IP: " + model.SourceIP + " URL: " + model.Url));
}
}
catch (Exception e)
{
// Catch any exceptions here.
// Redirect to an error page, where they can try again.
MvcApplication.Log(new Galactic.EventLog.Event(MvcApplication.EVENT_LOG_SOURCE_NAME, DateTime.Now, Galactic.EventLog.Event.SeverityLevels.Error,
MvcApplication.EVENT_LOG_CATEGORY_OVERRIDE, "Unhandled exception.\nMessage: " + e.Message + "\nInner Exception: " + e.InnerException + "\nStack Trace: " + e.StackTrace));
return(null);
}
}
// Redirect the user to the site they initially requested.
TempData[BLOCK_MODEL_TEMPDATA_KEY] = model;
return(RedirectToAction("SiteRedirect"));
}
/// <summary>
/// Expires overrides that are older than the allowed override duration. Run on an interval.
/// </summary>
protected void ExpireOverrides(object sender, ElapsedEventArgs elapsedEventArgs)
{
try
{
// Get the list of overrides that need to be expired.
MSStoredProcedure getExpiredOverrides = new MSStoredProcedure(databaseConnectionString, STORED_PROCEDURE_GET_EXPIRED_OVERRIDES, eventLog);
getExpiredOverrides.AddInt32Parameter(STORED_PROCEDURE_PARAM_OVERRIDE_DURATION, OVERRIDE_DURATION, StoredProcedure.ParameterType.In);
List <SqlRow> expiredOverrides = getExpiredOverrides.Execute();
// Expire each override found.
foreach (SqlRow expiredOverride in expiredOverrides)
{
string ip = (string)expiredOverride[SQL_FIELD_IP];
string userName = (string)expiredOverride[SQL_FIELD_USERNAME];
StringBuilder payload = new StringBuilder(unregisterPayloadTemplate);
payload.Replace("%IP%", ip);
// Ignore certificate checking for this connection. (Self-signed certs. Note: this is global to the application.)
RemoteCertificateValidationCallback previousCallback = ServicePointManager.ServerCertificateValidationCallback;
ServicePointManager.ServerCertificateValidationCallback = delegate { return(true); };
// Make a GET request to the firewall with the unregister XML payload.
string url = "https://" + FIREWALL_HOSTNAME + "/api/?type=user-id&key=" + PAN_API_KEY + "&cmd=" + WebUtility.UrlEncode(payload.ToString());
WebRequest request = WebRequest.Create(url);
using (WebResponse response = request.GetResponse())
{
// Disposes of the response once complete.
}
// Reinstate certificate checking.
ServicePointManager.ServerCertificateValidationCallback = previousCallback;
// Delete the override from the list of active overrides in the database.
MSStoredProcedure deleteOverride = new MSStoredProcedure(databaseConnectionString, STORED_PROCEDURE_DELETE_OVERRIDE, eventLog);
deleteOverride.AddNVarCharParameter(STORED_PROCEDURE_PARAM_IP, ip, STORED_PROCEDURE_PARAM_IP_LENGTH, StoredProcedure.ParameterType.In);
if (deleteOverride.ExecuteNonQuery() > 0)
{
// Log the override in the event log.
eventLog.Log(new Event(EVENT_LOG_SOURCE_NAME, DateTime.Now, Event.SeverityLevels.Information,
EVENT_LOG_CATEGORY_OVERRIDE, "Expire - User: "******" IP: " + ip));
}
else
{
// Log an error in the event log.
eventLog.Log(new Event(EVENT_LOG_SOURCE_NAME, DateTime.Now, Event.SeverityLevels.Error,
EVENT_LOG_CATEGORY_OVERRIDE, "Unable to expire IP in database. IP: " + ip));
}
}
}
catch (Exception e)
{
// Log any exceptions.
eventLog.Log(new Event(EVENT_LOG_SOURCE_NAME, DateTime.Now, Event.SeverityLevels.Error,
EVENT_LOG_CATEGORY_GENERAL, "Service - Unhandled exception.\nMessage: " + e.Message + "\nInner Exception: " + e.InnerException + "\nStack Trace: " + e.StackTrace));
}
}
