/// <summary> /// Prints list of rules matched by inconsistent packets. /// </summary> /// <param name="inconsistencies">List of inconsistencies.</param> public static void PrintRuleMatches(List <WindowsFirewallInconsistency> inconsistencies) { Console.WriteLine("Firewall rules matching inconsistently-handled packets:"); Console.WriteLine("-------------------------------------------------------------------------"); Console.WriteLine("| PID | Firewall | Action | Rule Name |"); Console.WriteLine("-------------------------------------------------------------------------"); for (int i = 0; i < inconsistencies.Count; i++) { WindowsFirewallInconsistency inconsistency = inconsistencies[i]; foreach (WindowsFirewallRule rule in inconsistency.RuleMatches.Item1) { Console.WriteLine( $"| {i, 4} " + $"| {"First", 8} " + $"| {(rule.Allow ? "Allow" : "Block"), 6} " + $"| {rule.Name.Substring(0, Math.Min(rule.Name.Length, 42)), -42} |"); } foreach (WindowsFirewallRule rule in inconsistency.RuleMatches.Item2) { Console.WriteLine( $"| {i, 4} " + $"| {"Second", 8} " + $"| {(rule.Allow ? "Allow" : "Block"), 6} " + $"| {rule.Name.Substring(0, Math.Min(rule.Name.Length, 42)), -42} |"); } } Console.WriteLine("-------------------------------------------------------------------------"); }
public void TestSingleDifference() { int localPort = 80; int remotePort = 128; int protocol = 6; string record = $"X\tYes\tAllow\t{localPort}\t192.168.1.0-192.168.1.10\t{remotePort}\t{protocol}"; string text = $"{WindowsFirewallRuleParserTest.HeaderText}\n{record}"; var f1 = new WindowsFirewall { Name = "1", BlockByDefault = true, Rules = WindowsFirewallRuleParser.Parse(text, '\t').ToList() }; record = $"X\tYes\tAllow\t{localPort}\t192.168.1.0-192.168.1.4\t{remotePort}\t{protocol}"; string record2 = $"Y\tYes\tAllow\t{localPort}\t192.168.1.6-192.168.1.10\t{remotePort}\t{protocol}"; text = $"{WindowsFirewallRuleParserTest.HeaderText}\n{record}\n{record2}"; var f2 = new WindowsFirewall { Name = "2", BlockByDefault = true, Rules = WindowsFirewallRuleParser.Parse(text, '\t').ToList() }; var inconstistencies = WindowsFirewallEquivalenceCheck.CheckEquivalence(f1, f2).ToList(); Assert.AreEqual(1, inconstistencies.Count); WindowsFirewallInconsistency inconsistency = inconstistencies.Single(); Assert.AreEqual("1", inconsistency.Firewalls.Item1.Name); Assert.IsTrue(inconsistency.Allowed.Item1); Assert.AreEqual("2", inconsistency.Firewalls.Item2.Name); Assert.IsFalse(inconsistency.Allowed.Item2); Assert.AreEqual(1, inconsistency.RuleMatches.Item1.Count); Assert.AreEqual("X", inconsistency.RuleMatches.Item1.Single().Name); Assert.AreEqual(0, inconsistency.RuleMatches.Item2.Count); Assert.AreEqual(IPAddress.Parse("192.168.1.5"), inconsistency.Packet.SourceAddress); Assert.AreEqual(remotePort, inconsistency.Packet.SourcePort); Assert.AreEqual(localPort, inconsistency.Packet.DestinationPort); Assert.AreEqual(protocol, inconsistency.Packet.Protocol); }
/// <summary> /// Prints the list of packets handled inconsistently between the two firewalls. /// </summary> /// <param name="inconsistencies">List of inconsistencies.</param> public static void PrintInconsistentPackets(List <WindowsFirewallInconsistency> inconsistencies) { Console.WriteLine("Inconsistently-handled packets:"); Console.WriteLine("-------------------------------------------------------------------------"); Console.WriteLine("| PID | Src Address | Src Port | Dest Port | Protocol | Allowed By |"); Console.WriteLine("-------------------------------------------------------------------------"); for (int i = 0; i < inconsistencies.Count; i++) { WindowsFirewallInconsistency inconsistency = inconsistencies[i]; Console.WriteLine( $"| {i, 4} " + $"| {inconsistency.Packet.SourceAddress?.ToString() ?? "Any", 15} " + $"| {inconsistency.Packet.SourcePort?.ToString() ?? "Any", 8} " + $"| {inconsistency.Packet.DestinationPort?.ToString() ?? "Any", 9} " + $"| {(null == inconsistency.Packet.Protocol ? "Any" : NetworkProtocol.GetProtocolName((int)inconsistency.Packet.Protocol)), 8} " + $"| {(inconsistency.Allowed.Item1 ? "First" : "Second"), 10} |"); } Console.WriteLine("-------------------------------------------------------------------------"); }