private bool isApplicationRuleExists(string filePath, NET_FW_ACTION_ fwAction, bool isExRule = false) { try { Type netFwPolicy = Type.GetTypeFromProgID("HNetCfg.FwPolicy2"); INetFwPolicy2 fwPolicy = (INetFwPolicy2)Activator.CreateInstance(netFwPolicy); if (isExRule) { foreach (INetFwRule rule in fwPolicy.Rules) { if (rule.ApplicationName.ToLower() == filePath.ToLower() && rule.Name.Contains("ex:")) { return(true); } } } else { foreach (INetFwRule rule in fwPolicy.Rules) { if (rule.ApplicationName.ToLower() == filePath.ToLower() && rule.Action == fwAction) { return(true); } } } return(false); } catch { return(false); } }
private void FWRule(string path, NET_FW_RULE_DIRECTION_ d, NET_FW_ACTION_ fwaction, string action) { try { INetFwRule firewallRule = (INetFwRule)Activator.CreateInstance( Type.GetTypeFromProgID("HNetCfg.FWRule")); firewallRule.Action = fwaction; firewallRule.Enabled = true; firewallRule.InterfaceTypes = "All"; firewallRule.ApplicationName = path; firewallRule.Name = "Frewall_Blocker: " + Path.GetFileName(path); INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance (Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); firewallRule.Direction = d; if (action == "1") { firewallPolicy.Rules.Add(firewallRule); MessageBox.Show("Program is blocked"); } else { firewallPolicy.Rules.Remove(firewallRule.Name); MessageBox.Show("Program is unblocked"); } } catch (Exception ex) { MessageBox.Show(ex.Message, "ERROR"); } }
public void AddRule(String name, String Description, NET_FW_ACTION_ Action, NET_FW_RULE_DIRECTION_ Direction, String LocalPort, bool Enabled = true, int Protocole = 6, String RemoteAdresses = "localsubnet", String ApplicationName = "ScreenTask") { Type Policy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2", false); INetFwPolicy2 FwPolicy = (INetFwPolicy2)Activator.CreateInstance(Policy2); INetFwRules rules = FwPolicy.Rules; //Delete if exist to avoid deplicated rules DeleteRule(name); Type RuleType = Type.GetTypeFromProgID("HNetCfg.FWRule"); INetFwRule rule = (INetFwRule)Activator.CreateInstance(RuleType); rule.Name = name; rule.Description = Description; rule.Protocol = Protocole;// TCP/IP rule.LocalPorts = LocalPort; rule.RemoteAddresses = RemoteAdresses; rule.Action = Action; rule.Direction = Direction; rule.ApplicationName = ApplicationName; rule.Enabled = true; //Add Rule rules.Add(rule); }
private Mock <INetFwRule> GetRuleMock( string name, string description, string applicationName, string serviceName, int protocol, string localPorts, string remotePorts, string localAddresses, string remoteAddresses, NET_FW_RULE_DIRECTION_ direction, bool enabled, NET_FW_ACTION_ action) { var rule = new Mock <INetFwRule>(); rule.SetupProperty(p => p.Name, name); rule.SetupProperty(p => p.Description, description); rule.SetupProperty(p => p.ApplicationName, applicationName); rule.SetupProperty(p => p.serviceName, serviceName); rule.SetupProperty(p => p.Protocol, protocol); rule.SetupProperty(p => p.LocalPorts, localPorts); rule.SetupProperty(p => p.LocalAddresses, localAddresses); rule.SetupProperty(p => p.RemotePorts, remotePorts); rule.SetupProperty(p => p.RemoteAddresses, remoteAddresses); rule.SetupProperty(p => p.Direction, direction); rule.SetupProperty(p => p.Enabled, enabled); rule.SetupProperty(p => p.Action, action); return(rule); }
private void BtnCreate_Click(object sender, RoutedEventArgs e) { ComboBoxItem itm = (ComboBoxItem)CmbType.SelectedItem; NET_FW_RULE_DIRECTION_ richting = (NET_FW_RULE_DIRECTION_)itm.Tag; string name = txtFirewallRuleName.Text; string description = txtBeschrijving.Text; int profileValue = 0; if ((bool)chkProfielDomein.IsChecked) { profileValue += 1; } if ((bool)chkProfielPrive.IsChecked) { profileValue += 2; } if ((bool)chkProfielOpenbaar.IsChecked) { profileValue += 4; } bool enabled = (bool)chkIsActief.IsChecked; NET_FW_ACTION_ typeOfRule = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; if ((bool)rdbBlock.IsChecked) { typeOfRule = NET_FW_ACTION_.NET_FW_ACTION_BLOCK; } string application = txtProgramma.Text; if (application.ToString() == "") { application = null; } string localAdresses = txtAdresLokaal.Text; if (localAdresses.Trim() == "") { localAdresses = "*"; } string remoteAdresses = txtAdresExtern.Text; if (remoteAdresses.Trim() == "") { remoteAdresses = "*"; } string localPorts = txtPoortLokaal.Text; string remotePorts = txtPoortExtern.Text; itm = (ComboBoxItem)CmbProtocol.SelectedItem; int protocolValue = (int)itm.Tag; if (WinFireWall.CreateRule(richting, name, description, profileValue, enabled, typeOfRule, application, localAdresses, remoteAdresses, localPorts, remotePorts, protocolValue)) { this.Close(); } }
public static Action Convert(NET_FW_ACTION_ item) { switch (item) { case NET_FW_ACTION_.NET_FW_ACTION_ALLOW: return(Action.Allow); case NET_FW_ACTION_.NET_FW_ACTION_BLOCK: return(Action.Block); default: return(Action.Max); } }
/// <summary> /// Convert a firewall action value to the correct payload value /// </summary> /// <param name="ruleAction">the rule action</param> /// <returns>the payload value corresponding to the action</returns> public static FirewallRulePayload.Actions ToIoTValue(this NET_FW_ACTION_ ruleAction) { switch (ruleAction) { case NET_FW_ACTION_.NET_FW_ACTION_ALLOW: return(FirewallRulePayload.Actions.Allow); case NET_FW_ACTION_.NET_FW_ACTION_BLOCK: return(FirewallRulePayload.Actions.Deny); default: return(FirewallRulePayload.Actions.Other); } }
/// <summary> /// /// </summary> /// <param name="action"></param> /// <returns></returns> private static string GetAction(NET_FW_ACTION_ action) { switch (action) { case NET_FW_ACTION_.NET_FW_ACTION_ALLOW: return(Resources.FW_RULE_ALLOW); case NET_FW_ACTION_.NET_FW_ACTION_BLOCK: return(Resources.FW_RULE_BLOCK); default: LogHelper.Warning("Unknown action type: " + action.ToString()); return("?"); } }
private bool TestDefaultOutboundAction(NET_FW_ACTION_ Action) { if (mFirewallPolicy.get_DefaultOutboundAction(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PRIVATE) != Action) { return(false); } if (mFirewallPolicy.get_DefaultOutboundAction(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_DOMAIN) != Action) { return(false); } if (mFirewallPolicy.get_DefaultOutboundAction(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PUBLIC) != Action) { return(false); } return(true); }
public static bool CreateRule(NET_FW_RULE_DIRECTION_ richting, string name, string description, int profileValue, bool enabled, NET_FW_ACTION_ typeOfRule, string application, string localAdresses, string remoteAdresses, string localPorts, string remotePorts, int protocolValue) { INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); INetFwRule firewallRule = firewallPolicy.Rules.OfType <INetFwRule>().Where(x => x.Name == name).FirstOrDefault(); if (firewallRule != null) { firewallPolicy.Rules.Remove(firewallRule.Name); } try { firewallRule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); firewallRule.Name = name; firewallPolicy.Rules.Add(firewallRule); firewallRule.Description = description; firewallRule.Grouping = "testomgeving .Net"; firewallRule.Profiles = profileValue; firewallRule.Protocol = protocolValue; // moet gezet worden vooraleer de poorten gezet worden firewallRule.Direction = richting; firewallRule.Action = typeOfRule; firewallRule.ApplicationName = application; firewallRule.LocalAddresses = localAdresses; if (localPorts != "") { firewallRule.LocalPorts = localPorts; } firewallRule.RemoteAddresses = remoteAdresses; if (remotePorts != "") { firewallRule.RemotePorts = remotePorts; } firewallRule.Enabled = enabled; } catch (Exception fout) { return(false); } return(true); }
public string fwApplicationRule(string ruleName, string filePath, NET_FW_ACTION_ fwAction, NET_FW_RULE_DIRECTION_ fwDirection, bool isAddRule) { if (isAddRule) { if (isApplicationRuleExists(filePath, fwAction, true)) { return("Exclude"); } if (isApplicationRuleExists(filePath, fwAction)) { return(fwAction.ToString().Replace("NET_FW_ACTION_", string.Empty)); } } try { INetFwRule fwRule = (INetFwRule)Activator.CreateInstance( Type.GetTypeFromProgID("HNetCfg.FWRule")); fwRule.Action = fwAction; fwRule.Enabled = true; fwRule.InterfaceTypes = "All"; fwRule.Name = ruleName.ToLower(); fwRule.ApplicationName = filePath.ToLower(); INetFwPolicy2 fwPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); fwRule.Direction = fwDirection; if (isAddRule) { fwPolicy.Rules.Add(fwRule); return(fwRule.Action.ToString().Replace("NET_FW_ACTION_", string.Empty)); } else { fwPolicy.Rules.Remove(fwRule.Name); return("success"); } } catch (Exception ex) { return(ex.Message); } }
public int AddRule(String name, String Description, String RemoteAdresses, String LocalPort, NET_FW_ACTION_ Action, NET_FW_RULE_DIRECTION_ Direction, NET_FW_IP_PROTOCOL_ Protocole, String ApplicationName = "FirewallMan") { Type Policy2 = Type.GetTypeFromProgID("HNetCfg.FwPolicy2", false); INetFwPolicy2 FwPolicy = (INetFwPolicy2)Activator.CreateInstance(Policy2); INetFwRules rules = FwPolicy.Rules; //Delete if exist to avoid deplicated rules DeleteRule(name); Type RuleType = Type.GetTypeFromProgID("HNetCfg.FWRule"); INetFwRule rule = (INetFwRule)Activator.CreateInstance(RuleType); rule.Name = name; rule.Description = Description; rule.Protocol = (int)Protocole; if (LocalPort != "*") { rule.LocalPorts = LocalPort; } rule.RemoteAddresses = RemoteAdresses; rule.Action = Action; rule.Direction = Direction; rule.ApplicationName = ApplicationName; rule.Grouping = "FirewallManager"; rule.Enabled = true; try { rules.Add(rule); return(0); } catch (Exception ex) { throw (ex); } }
/* Returns action name */ //Todo: What is Max? static public String getActionName(NET_FW_ACTION_ actionEnum) { String actionName = ""; switch (actionEnum) { case NET_FW_ACTION_.NET_FW_ACTION_ALLOW: actionName = "Allow"; break; case NET_FW_ACTION_.NET_FW_ACTION_BLOCK: actionName = "Block"; break; case NET_FW_ACTION_.NET_FW_ACTION_MAX: actionName = "Max"; break; default: actionName = "Unknown"; break; } return(actionName); }
private void SetDefaultOutboundAction(NET_FW_ACTION_ Action) { mFirewallPolicy.set_DefaultOutboundAction(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PRIVATE, Action); mFirewallPolicy.set_DefaultOutboundAction(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_DOMAIN, Action); mFirewallPolicy.set_DefaultOutboundAction(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PUBLIC, Action); }
private bool GetOrCreateRule(string ruleName, string remoteIPAddresses, NET_FW_ACTION_ action, IEnumerable <PortRange> allowedPorts = null) { remoteIPAddresses = (remoteIPAddresses ?? string.Empty).Trim(); bool emptyIPAddressString = string.IsNullOrWhiteSpace(remoteIPAddresses) || remoteIPAddresses == "*"; bool ruleNeedsToBeAdded = false; lock (policy) { recreateRule: INetFwRule rule = null; try { rule = policy.Rules.Item(ruleName); } catch { // ignore exception, assume does not exist } if (rule == null) { rule = Activator.CreateInstance(ruleType) as INetFwRule; rule.Name = ruleName; rule.Enabled = true; rule.Action = action; rule.Description = "Automatically created by IPBan"; rule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN; rule.EdgeTraversal = false; rule.Grouping = "IPBan"; rule.LocalAddresses = "*"; rule.Profiles = int.MaxValue; // all ruleNeedsToBeAdded = true; } // do not ever set an empty string, Windows treats this as * which means everything if (!emptyIPAddressString) { try { PortRange[] allowedPortsArray = (allowedPorts?.ToArray()); if (allowedPortsArray != null && allowedPortsArray.Length != 0) { rule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP; string localPorts; if (action == NET_FW_ACTION_.NET_FW_ACTION_BLOCK) { localPorts = IPBanFirewallUtility.GetPortRangeStringBlockExcept(allowedPortsArray); } else { localPorts = IPBanFirewallUtility.GetPortRangeStringAllow(allowedPortsArray); } rule.LocalPorts = localPorts; } else { try { rule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_ANY; } catch { // failed to set protocol to any, we are switching from tcp back to any without ports, the only option is to // recreate the rule if (!ruleNeedsToBeAdded) { policy.Rules.Remove(ruleName); goto recreateRule; } } } rule.RemoteAddresses = remoteIPAddresses; } catch (Exception ex) { // if something failed, do not create the rule emptyIPAddressString = true; IPBanLog.Error(ex); } } if (emptyIPAddressString || string.IsNullOrWhiteSpace(rule.RemoteAddresses) || rule.RemoteAddresses == "*") { // if no ip addresses, remove the rule as it will allow or block everything with an empty RemoteAddresses string try { rule = null; policy.Rules.Remove(ruleName); } catch { } } else if (ruleNeedsToBeAdded) { policy.Rules.Add(rule); } return(rule != null); } }
private INetFwRule GetOrCreateRule(string ruleName, string remoteIPAddresses, NET_FW_ACTION_ action, params PortRange[] allowedPorts) { lock (policy) { INetFwRule rule = null; try { rule = policy.Rules.Item(ruleName); } catch { // ignore exception, assume does not exist } if (rule == null) { rule = Activator.CreateInstance(ruleType) as INetFwRule; rule.Name = ruleName; rule.Enabled = true; rule.Action = action; rule.Description = "Automatically created by IPBan"; rule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN; rule.EdgeTraversal = false; rule.Grouping = "IPBan"; rule.LocalAddresses = "*"; rule.Profiles = int.MaxValue; // all rule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_ANY; if (allowedPorts != null && allowedPorts.Length != 0) { if (action == NET_FW_ACTION_.NET_FW_ACTION_BLOCK) { rule.LocalPorts = IPBanFirewall.GetPortRangeStringBlockExcept(allowedPorts); } else { rule.LocalPorts = IPBanFirewall.GetPortRangeStringAllow(allowedPorts); } } policy.Rules.Add(rule); } try { rule.RemoteAddresses = remoteIPAddresses; } catch { if (string.IsNullOrWhiteSpace(rule.RemoteAddresses)) { // if no ip addresses, remove the rule as it will allow or block everything policy.Rules.Remove(ruleName); } } return(rule); } }
public bool CreateInboundRule(string name, string description, int profileValue, bool enabled, NET_FW_ACTION_ typeOfRule, string application, string localAdresses, string remoteAdresses, string localPorts, string remotePorts, int protocolValue) { return(CreateRule(NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN, name, description, profileValue, enabled, typeOfRule, application, localAdresses, remoteAdresses, localPorts, remotePorts, protocolValue)); }
public void CreateGenericFwRule(bool enabled, string ruleName, string ruleDescription, NET_FW_RULE_DIRECTION_ direction, NET_FW_ACTION_ permissionType, string interfaceType) { var firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2")); if (firewallPolicy.Rules.Cast <INetFwRule2>().Any(rule => rule.Name.Equals(ruleName))) { _logger.Warning("The rule with the name {RuleName} already exists. Will not create another one!", ruleName); return; } var portsToOpen = string.Empty; var from = Keys.TryGetConfigValue(Keys.FirewallPortFrom, "9000"); var to = Keys.TryGetConfigValue(Keys.FirewallPortTo, "9025"); for (var i = int.Parse(from); i <= int.Parse(to); i++) { portsToOpen = portsToOpen + "," + i; } portsToOpen = portsToOpen.Remove(0, 1); var firewallRule = (INetFwRule)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule")); firewallRule.Action = permissionType; firewallRule.Description = ruleDescription; firewallRule.Direction = direction; firewallRule.Enabled = enabled; firewallRule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP; firewallRule.InterfaceTypes = interfaceType; firewallRule.Name = ruleName; firewallRule.LocalPorts = portsToOpen; firewallPolicy.Rules.Add(firewallRule); _logger.Information("Created a rule for the specified port for Windows firewall."); }
public Boolean setOutboundAction(NET_FW_PROFILE_TYPE2_ fwProfile, NET_FW_ACTION_ action) { fw.set_DefaultOutboundAction(fwProfile, action); return(true); }