SafeBuffer IFirewallEnumTemplate <FirewallFilter> .ToTemplateBuffer(DisposableList list) { FirewallActionType action_type = ActionType; switch (action_type) { case FirewallActionType.Permit: case FirewallActionType.Block: action_type &= ~FirewallActionType.Terminating; break; } var template = new FWPM_FILTER_ENUM_TEMPLATE0 { layerKey = LayerKey, flags = Flags, providerKey = ProviderKey.HasValue ? list.AddResource(ProviderKey.Value.ToBuffer()).DangerousGetHandle() : IntPtr.Zero, actionMask = action_type }; var valid_conditions = Conditions.Where(c => !FirewallConditionGuids.IsUserId(c.FieldKey)); int count = valid_conditions.Count(); if (count > 0) { template.numFilterConditions = count; template.filterCondition = list.AddList(valid_conditions.Select(c => c.ToStruct(list))).DangerousGetHandle(); } return(list.AddStructure(template)); }
Func <FirewallFilter, bool> IFirewallEnumTemplate <FirewallFilter> .GetFilterFunc(DisposableList list) { var user_conditions = Conditions.Where(c => FirewallConditionGuids.IsUserId(c.FieldKey)); if (!user_conditions.Any()) { return(_ => true); } var rm = list.AddResource(AuthZResourceManager.Create()); Dictionary <Guid, AuthZContext> contexts = new Dictionary <Guid, AuthZContext>(); foreach (var condition in user_conditions) { if (contexts.ContainsKey(condition.FieldKey)) { continue; } if (!(condition.Value.ContextValue is FirewallTokenInformation token) || token.UserSid == null) { continue; } contexts.Add(condition.FieldKey, token.CreateContext(rm, list)); } return(f => FilterFunc(contexts, f)); }
private static object SpecializeValue(FirewallDataType type, object value, Guid condition_key) { if (condition_key == Guid.Empty) { return(value); } if (FirewallConditionGuids.IsIpAddressCondition(condition_key)) { if (value is byte[] ba && (ba.Length == 4 || ba.Length == 16)) { return(new IPAddress(ba)); } else if (value is uint ui) { ba = BitConverter.GetBytes(ui); Array.Reverse(ba); return(new IPAddress(ba)); } else if (!(value is FirewallRange) && !(value is FirewallAddressAndMask)) { System.Diagnostics.Trace.Write($"Invalid IP Address type: {value.GetType().FullName}"); } }