private bool isApplicationRuleExists(string filePath, NET_FW_ACTION_ fwAction, bool isExRule = false)
{
try
{
Type netFwPolicy = Type.GetTypeFromProgID("HNetCfg.FwPolicy2");
INetFwPolicy2 fwPolicy = (INetFwPolicy2)Activator.CreateInstance(netFwPolicy);
if (isExRule)
{
foreach (INetFwRule rule in fwPolicy.Rules)
{
if (rule.ApplicationName.ToLower() == filePath.ToLower() &&
rule.Name.Contains("ex:"))
{
return(true);
}
}
}
else
{
foreach (INetFwRule rule in fwPolicy.Rules)
{
if (rule.ApplicationName.ToLower() == filePath.ToLower() &&
rule.Action == fwAction)
{
return(true);
}
}
}
return(false);
}
catch
{
return(false);
}
}
private void FWRule(string path, NET_FW_RULE_DIRECTION_ d,
NET_FW_ACTION_ fwaction, string action)
{
try
{
INetFwRule firewallRule = (INetFwRule)Activator.CreateInstance(
Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRule.Action = fwaction;
firewallRule.Enabled = true;
firewallRule.InterfaceTypes = "All";
firewallRule.ApplicationName = path;
firewallRule.Name = "Frewall_Blocker: " + Path.GetFileName(path);
INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance
(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
firewallRule.Direction = d;
if (action == "1")
{
firewallPolicy.Rules.Add(firewallRule);
MessageBox.Show("Program is blocked");
}
else
{
firewallPolicy.Rules.Remove(firewallRule.Name);
MessageBox.Show("Program is unblocked");
}
}
catch (Exception ex) { MessageBox.Show(ex.Message, "ERROR"); }
}
public void AddRule(String name, String Description,
NET_FW_ACTION_ Action, NET_FW_RULE_DIRECTION_ Direction, String LocalPort,
bool Enabled = true, int Protocole = 6, String RemoteAdresses = "localsubnet", String ApplicationName = "ScreenTask")
{
Type Policy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2", false);
INetFwPolicy2 FwPolicy = (INetFwPolicy2)Activator.CreateInstance(Policy2);
INetFwRules rules = FwPolicy.Rules;
//Delete if exist to avoid deplicated rules
DeleteRule(name);
Type RuleType = Type.GetTypeFromProgID("HNetCfg.FWRule");
INetFwRule rule = (INetFwRule)Activator.CreateInstance(RuleType);
rule.Name = name;
rule.Description = Description;
rule.Protocol = Protocole;// TCP/IP
rule.LocalPorts = LocalPort;
rule.RemoteAddresses = RemoteAdresses;
rule.Action = Action;
rule.Direction = Direction;
rule.ApplicationName = ApplicationName;
rule.Enabled = true;
//Add Rule
rules.Add(rule);
}
private Mock <INetFwRule> GetRuleMock(
string name,
string description,
string applicationName,
string serviceName,
int protocol,
string localPorts,
string remotePorts,
string localAddresses,
string remoteAddresses,
NET_FW_RULE_DIRECTION_ direction,
bool enabled,
NET_FW_ACTION_ action)
{
var rule = new Mock <INetFwRule>();
rule.SetupProperty(p => p.Name, name);
rule.SetupProperty(p => p.Description, description);
rule.SetupProperty(p => p.ApplicationName, applicationName);
rule.SetupProperty(p => p.serviceName, serviceName);
rule.SetupProperty(p => p.Protocol, protocol);
rule.SetupProperty(p => p.LocalPorts, localPorts);
rule.SetupProperty(p => p.LocalAddresses, localAddresses);
rule.SetupProperty(p => p.RemotePorts, remotePorts);
rule.SetupProperty(p => p.RemoteAddresses, remoteAddresses);
rule.SetupProperty(p => p.Direction, direction);
rule.SetupProperty(p => p.Enabled, enabled);
rule.SetupProperty(p => p.Action, action);
return(rule);
}
private void BtnCreate_Click(object sender, RoutedEventArgs e)
{
ComboBoxItem itm = (ComboBoxItem)CmbType.SelectedItem;
NET_FW_RULE_DIRECTION_ richting = (NET_FW_RULE_DIRECTION_)itm.Tag;
string name = txtFirewallRuleName.Text;
string description = txtBeschrijving.Text;
int profileValue = 0;
if ((bool)chkProfielDomein.IsChecked)
{
profileValue += 1;
}
if ((bool)chkProfielPrive.IsChecked)
{
profileValue += 2;
}
if ((bool)chkProfielOpenbaar.IsChecked)
{
profileValue += 4;
}
bool enabled = (bool)chkIsActief.IsChecked;
NET_FW_ACTION_ typeOfRule = NET_FW_ACTION_.NET_FW_ACTION_ALLOW;
if ((bool)rdbBlock.IsChecked)
{
typeOfRule = NET_FW_ACTION_.NET_FW_ACTION_BLOCK;
}
string application = txtProgramma.Text;
if (application.ToString() == "")
{
application = null;
}
string localAdresses = txtAdresLokaal.Text;
if (localAdresses.Trim() == "")
{
localAdresses = "*";
}
string remoteAdresses = txtAdresExtern.Text;
if (remoteAdresses.Trim() == "")
{
remoteAdresses = "*";
}
string localPorts = txtPoortLokaal.Text;
string remotePorts = txtPoortExtern.Text;
itm = (ComboBoxItem)CmbProtocol.SelectedItem;
int protocolValue = (int)itm.Tag;
if (WinFireWall.CreateRule(richting, name, description, profileValue, enabled, typeOfRule, application, localAdresses, remoteAdresses, localPorts, remotePorts, protocolValue))
{
this.Close();
}
}
public static Action Convert(NET_FW_ACTION_ item)
{
switch (item)
{
case NET_FW_ACTION_.NET_FW_ACTION_ALLOW: return(Action.Allow);
case NET_FW_ACTION_.NET_FW_ACTION_BLOCK: return(Action.Block);
default: return(Action.Max);
}
}
/// <summary>
/// Convert a firewall action value to the correct payload value
/// </summary>
/// <param name="ruleAction">the rule action</param>
/// <returns>the payload value corresponding to the action</returns>
public static FirewallRulePayload.Actions ToIoTValue(this NET_FW_ACTION_ ruleAction)
{
switch (ruleAction)
{
case NET_FW_ACTION_.NET_FW_ACTION_ALLOW:
return(FirewallRulePayload.Actions.Allow);
case NET_FW_ACTION_.NET_FW_ACTION_BLOCK:
return(FirewallRulePayload.Actions.Deny);
default:
return(FirewallRulePayload.Actions.Other);
}
}
/// <summary>
///
/// </summary>
/// <param name="action"></param>
/// <returns></returns>
private static string GetAction(NET_FW_ACTION_ action)
{
switch (action)
{
case NET_FW_ACTION_.NET_FW_ACTION_ALLOW:
return(Resources.FW_RULE_ALLOW);
case NET_FW_ACTION_.NET_FW_ACTION_BLOCK:
return(Resources.FW_RULE_BLOCK);
default:
LogHelper.Warning("Unknown action type: " + action.ToString());
return("?");
}
}
private bool TestDefaultOutboundAction(NET_FW_ACTION_ Action)
{
if (mFirewallPolicy.get_DefaultOutboundAction(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PRIVATE) != Action)
{
return(false);
}
if (mFirewallPolicy.get_DefaultOutboundAction(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_DOMAIN) != Action)
{
return(false);
}
if (mFirewallPolicy.get_DefaultOutboundAction(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PUBLIC) != Action)
{
return(false);
}
return(true);
}
public static bool CreateRule(NET_FW_RULE_DIRECTION_ richting, string name, string description, int profileValue, bool enabled,
NET_FW_ACTION_ typeOfRule, string application, string localAdresses, string remoteAdresses, string localPorts, string remotePorts,
int protocolValue)
{
INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
INetFwRule firewallRule = firewallPolicy.Rules.OfType <INetFwRule>().Where(x => x.Name == name).FirstOrDefault();
if (firewallRule != null)
{
firewallPolicy.Rules.Remove(firewallRule.Name);
}
try
{
firewallRule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRule.Name = name;
firewallPolicy.Rules.Add(firewallRule);
firewallRule.Description = description;
firewallRule.Grouping = "testomgeving .Net";
firewallRule.Profiles = profileValue;
firewallRule.Protocol = protocolValue; // moet gezet worden vooraleer de poorten gezet worden
firewallRule.Direction = richting;
firewallRule.Action = typeOfRule;
firewallRule.ApplicationName = application;
firewallRule.LocalAddresses = localAdresses;
if (localPorts != "")
{
firewallRule.LocalPorts = localPorts;
}
firewallRule.RemoteAddresses = remoteAdresses;
if (remotePorts != "")
{
firewallRule.RemotePorts = remotePorts;
}
firewallRule.Enabled = enabled;
}
catch (Exception fout)
{
return(false);
}
return(true);
}
public string fwApplicationRule(string ruleName, string filePath, NET_FW_ACTION_ fwAction, NET_FW_RULE_DIRECTION_ fwDirection, bool isAddRule)
{
if (isAddRule)
{
if (isApplicationRuleExists(filePath, fwAction, true))
{
return("Exclude");
}
if (isApplicationRuleExists(filePath, fwAction))
{
return(fwAction.ToString().Replace("NET_FW_ACTION_", string.Empty));
}
}
try
{
INetFwRule fwRule = (INetFwRule)Activator.CreateInstance(
Type.GetTypeFromProgID("HNetCfg.FWRule"));
fwRule.Action = fwAction;
fwRule.Enabled = true;
fwRule.InterfaceTypes = "All";
fwRule.Name = ruleName.ToLower();
fwRule.ApplicationName = filePath.ToLower();
INetFwPolicy2 fwPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
fwRule.Direction = fwDirection;
if (isAddRule)
{
fwPolicy.Rules.Add(fwRule);
return(fwRule.Action.ToString().Replace("NET_FW_ACTION_", string.Empty));
}
else
{
fwPolicy.Rules.Remove(fwRule.Name);
return("success");
}
}
catch (Exception ex)
{
return(ex.Message);
}
}
public int AddRule(String name, String Description, String RemoteAdresses, String LocalPort,
NET_FW_ACTION_ Action, NET_FW_RULE_DIRECTION_ Direction,
NET_FW_IP_PROTOCOL_ Protocole, String ApplicationName = "FirewallMan")
{
Type Policy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2", false);
INetFwPolicy2 FwPolicy = (INetFwPolicy2)Activator.CreateInstance(Policy2);
INetFwRules rules = FwPolicy.Rules;
//Delete if exist to avoid deplicated rules
DeleteRule(name);
Type RuleType = Type.GetTypeFromProgID("HNetCfg.FWRule");
INetFwRule rule = (INetFwRule)Activator.CreateInstance(RuleType);
rule.Name = name;
rule.Description = Description;
rule.Protocol = (int)Protocole;
if (LocalPort != "*")
{
rule.LocalPorts = LocalPort;
}
rule.RemoteAddresses = RemoteAdresses;
rule.Action = Action;
rule.Direction = Direction;
rule.ApplicationName = ApplicationName;
rule.Grouping = "FirewallManager";
rule.Enabled = true;
try
{
rules.Add(rule);
return(0);
}
catch (Exception ex)
{
throw (ex);
}
}
/* Returns action name */
//Todo: What is Max?
static public String getActionName(NET_FW_ACTION_ actionEnum)
{
String actionName = "";
switch (actionEnum)
{
case NET_FW_ACTION_.NET_FW_ACTION_ALLOW:
actionName = "Allow";
break;
case NET_FW_ACTION_.NET_FW_ACTION_BLOCK:
actionName = "Block";
break;
case NET_FW_ACTION_.NET_FW_ACTION_MAX:
actionName = "Max";
break;
default:
actionName = "Unknown";
break;
}
return(actionName);
}
private void SetDefaultOutboundAction(NET_FW_ACTION_ Action)
{
mFirewallPolicy.set_DefaultOutboundAction(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PRIVATE, Action);
mFirewallPolicy.set_DefaultOutboundAction(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_DOMAIN, Action);
mFirewallPolicy.set_DefaultOutboundAction(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PUBLIC, Action);
}
private bool GetOrCreateRule(string ruleName, string remoteIPAddresses, NET_FW_ACTION_ action, IEnumerable <PortRange> allowedPorts = null)
{
remoteIPAddresses = (remoteIPAddresses ?? string.Empty).Trim();
bool emptyIPAddressString = string.IsNullOrWhiteSpace(remoteIPAddresses) || remoteIPAddresses == "*";
bool ruleNeedsToBeAdded = false;
lock (policy)
{
recreateRule:
INetFwRule rule = null;
try
{
rule = policy.Rules.Item(ruleName);
}
catch
{
// ignore exception, assume does not exist
}
if (rule == null)
{
rule = Activator.CreateInstance(ruleType) as INetFwRule;
rule.Name = ruleName;
rule.Enabled = true;
rule.Action = action;
rule.Description = "Automatically created by IPBan";
rule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
rule.EdgeTraversal = false;
rule.Grouping = "IPBan";
rule.LocalAddresses = "*";
rule.Profiles = int.MaxValue; // all
ruleNeedsToBeAdded = true;
}
// do not ever set an empty string, Windows treats this as * which means everything
if (!emptyIPAddressString)
{
try
{
PortRange[] allowedPortsArray = (allowedPorts?.ToArray());
if (allowedPortsArray != null && allowedPortsArray.Length != 0)
{
rule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP;
string localPorts;
if (action == NET_FW_ACTION_.NET_FW_ACTION_BLOCK)
{
localPorts = IPBanFirewallUtility.GetPortRangeStringBlockExcept(allowedPortsArray);
}
else
{
localPorts = IPBanFirewallUtility.GetPortRangeStringAllow(allowedPortsArray);
}
rule.LocalPorts = localPorts;
}
else
{
try
{
rule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_ANY;
}
catch
{
// failed to set protocol to any, we are switching from tcp back to any without ports, the only option is to
// recreate the rule
if (!ruleNeedsToBeAdded)
{
policy.Rules.Remove(ruleName);
goto recreateRule;
}
}
}
rule.RemoteAddresses = remoteIPAddresses;
}
catch (Exception ex)
{
// if something failed, do not create the rule
emptyIPAddressString = true;
IPBanLog.Error(ex);
}
}
if (emptyIPAddressString || string.IsNullOrWhiteSpace(rule.RemoteAddresses) || rule.RemoteAddresses == "*")
{
// if no ip addresses, remove the rule as it will allow or block everything with an empty RemoteAddresses string
try
{
rule = null;
policy.Rules.Remove(ruleName);
}
catch
{
}
}
else if (ruleNeedsToBeAdded)
{
policy.Rules.Add(rule);
}
return(rule != null);
}
}
private INetFwRule GetOrCreateRule(string ruleName, string remoteIPAddresses, NET_FW_ACTION_ action, params PortRange[] allowedPorts)
{
lock (policy)
{
INetFwRule rule = null;
try
{
rule = policy.Rules.Item(ruleName);
}
catch
{
// ignore exception, assume does not exist
}
if (rule == null)
{
rule = Activator.CreateInstance(ruleType) as INetFwRule;
rule.Name = ruleName;
rule.Enabled = true;
rule.Action = action;
rule.Description = "Automatically created by IPBan";
rule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
rule.EdgeTraversal = false;
rule.Grouping = "IPBan";
rule.LocalAddresses = "*";
rule.Profiles = int.MaxValue; // all
rule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_ANY;
if (allowedPorts != null && allowedPorts.Length != 0)
{
if (action == NET_FW_ACTION_.NET_FW_ACTION_BLOCK)
{
rule.LocalPorts = IPBanFirewall.GetPortRangeStringBlockExcept(allowedPorts);
}
else
{
rule.LocalPorts = IPBanFirewall.GetPortRangeStringAllow(allowedPorts);
}
}
policy.Rules.Add(rule);
}
try
{
rule.RemoteAddresses = remoteIPAddresses;
}
catch
{
if (string.IsNullOrWhiteSpace(rule.RemoteAddresses))
{
// if no ip addresses, remove the rule as it will allow or block everything
policy.Rules.Remove(ruleName);
}
}
return(rule);
}
}
public bool CreateInboundRule(string name, string description, int profileValue, bool enabled, NET_FW_ACTION_ typeOfRule, string application, string localAdresses, string remoteAdresses, string localPorts, string remotePorts, int protocolValue)
{
return(CreateRule(NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN, name, description, profileValue, enabled, typeOfRule, application, localAdresses, remoteAdresses, localPorts, remotePorts, protocolValue));
}
public void CreateGenericFwRule(bool enabled, string ruleName, string ruleDescription, NET_FW_RULE_DIRECTION_ direction, NET_FW_ACTION_ permissionType, string interfaceType)
{
var firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
if (firewallPolicy.Rules.Cast <INetFwRule2>().Any(rule => rule.Name.Equals(ruleName)))
{
_logger.Warning("The rule with the name {RuleName} already exists. Will not create another one!", ruleName);
return;
}
var portsToOpen = string.Empty;
var from = Keys.TryGetConfigValue(Keys.FirewallPortFrom, "9000");
var to = Keys.TryGetConfigValue(Keys.FirewallPortTo, "9025");
for (var i = int.Parse(from); i <= int.Parse(to); i++)
{
portsToOpen = portsToOpen + "," + i;
}
portsToOpen = portsToOpen.Remove(0, 1);
var firewallRule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRule.Action = permissionType;
firewallRule.Description = ruleDescription;
firewallRule.Direction = direction;
firewallRule.Enabled = enabled;
firewallRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP;
firewallRule.InterfaceTypes = interfaceType;
firewallRule.Name = ruleName;
firewallRule.LocalPorts = portsToOpen;
firewallPolicy.Rules.Add(firewallRule);
_logger.Information("Created a rule for the specified port for Windows firewall.");
}
public Boolean setOutboundAction(NET_FW_PROFILE_TYPE2_ fwProfile, NET_FW_ACTION_ action)
{
fw.set_DefaultOutboundAction(fwProfile, action);
return(true);
}
