示例#1
0
        public void Remove(string name)
        {
            NetFwRule netFwRule = (NetFwRule)this._rules[name];

#if DotNetCoreClrLinux
            NativeHelper.system(netFwRule.RemoveCommand());     // Ignore any error encountered in removing a rule
#endif
            _rules.Remove(name);
        }
示例#2
0
        public INetFwRule Clone()
        {
            var rule = new NetFwRule
            {
                Action          = this.Action,
                ApplicationName = this.ApplicationName,
                Direction       = this.Direction,
                Enabled         = this.Enabled,
                Grouping        = this.Grouping,
                LocalPorts      = this.LocalPorts,
                Name            = this.Name,
                Profiles        = this.Profiles,
                Protocol        = this.Protocol,
            };

            return(rule);
        }
示例#3
0
        public void Add(INetFwRule rule)
        {
            if (String.IsNullOrEmpty(rule.LocalPorts) || rule.LocalPorts.Equals("0"))
            {
                return;
            }

            NetFwRule netFwRule = (NetFwRule)rule;

#if DotNetCoreClrLinux
            var addCommand  = netFwRule.AddCommand();
            int returnvalue = NativeHelper.system(addCommand);
            if (returnvalue != 0)
            {
                throw new Exception(String.Format("Error encountered in executing command {0} with return value {1}", addCommand, returnvalue));
            }
#endif
            _rules.Add(rule.Name, rule.Clone());
        }
示例#4
0
        private void PopulateFwRules()
        {
#if DotNetCoreClrLinux
            string listCommand = "iptables -w -L --line-numbers";
            IntPtr pipePtr     = NativeHelper.popen(listCommand, "r");
            if (pipePtr == IntPtr.Zero)
            {
                throw new Exception(String.Format("Error encountered in opening a pipe to execute command {0}", listCommand));
            }
            try
            {
                StringBuilder outputBuilder = new StringBuilder(1024);
                int           type          = 0;
                while (NativeHelper.fgets(outputBuilder, 1024, pipePtr) != IntPtr.Zero)
                {
                    string sData = outputBuilder.ToString();
                    if (sData.Contains("Chain INPUT"))
                    {
                        type = 1;
                    }
                    else if (sData.Contains("Chain OUTPUT"))
                    {
                        type = 2;
                    }
                    if (sData.Contains("WindowsFabric:"))
                    {
                        NetFwRule netFwRule    = new NetFwRule();
                        int       commentStart = sData.IndexOf("/*");
                        int       commentend   = sData.IndexOf("*/");
                        string    comment      = sData.Substring(commentStart + 2, commentend - (commentStart + 2)).Trim();
                        string[]  commentArray = comment.Split(':');
                        netFwRule.Grouping = commentArray[0];
                        netFwRule.Name     = commentArray[1];

                        if (this._rules.ContainsKey(netFwRule.Name))
                        {
                            // Duplicate rule detected
                            continue;
                        }

                        if (sData.Contains("tcp"))
                        {
                            netFwRule.Protocol = 1;
                        }
                        else
                        {
                            netFwRule.Protocol = 2;
                        }
                        int dptStart = sData.IndexOf("dpt:");
                        if (dptStart != -1)
                        {
                            string port = sData.Substring(dptStart + 4, commentStart - (dptStart + 4)).Trim();
                            netFwRule.LocalPorts = LookupPort(port);
                        }
                        else
                        {
                            int multiportStart = sData.IndexOf("dports");
                            if (multiportStart == -1)
                            {
                                throw new Exception(String.Format("Firewall line contained neither dpt nor dports: {0}", sData));
                            }

                            string ports = sData.Substring(multiportStart + 6, commentStart - (multiportStart + 6)).Trim();

                            string[] portsArray = ports.Split(':');
                            portsArray[0] = LookupPort(portsArray[0]);
                            portsArray[1] = LookupPort(portsArray[1]);

                            netFwRule.LocalPorts = string.Format("{0}-{1}", portsArray[0], portsArray[1]);
                        }
                        if (type == 1)
                        {
                            netFwRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
                        }
                        else
                        {
                            netFwRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT;
                        }

                        netFwRule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW;      // Assuming today we create all allow rules
                        this._rules.Add(netFwRule.Name, netFwRule);
                    }
                }
            }
            finally
            {
                NativeHelper.pclose(pipePtr);
            }
#endif
        }