public FirewallRule.Actions LookupRuleAction(FirewallEvent FwEvent, NetworkMonitor.AdapterInfo NicInfo)
{
int BlockRules = 0;
int AllowRules = 0;
foreach (FirewallRuleEx rule in Rules.Values)
{
if (!rule.Enabled)
{
continue;
}
if (rule.Direction != FwEvent.Direction)
{
continue;
}
if (rule.Protocol != (int)NetFunc.KnownProtocols.Any && FwEvent.Protocol != rule.Protocol)
{
continue;
}
if (((int)NicInfo.Profile & rule.Profile) == 0)
{
continue;
}
if (rule.Interface != (int)FirewallRule.Interfaces.All && (int)NicInfo.Type != rule.Interface)
{
continue;
}
if (!FirewallManager.MatchEndpoint(rule.RemoteAddresses, rule.RemotePorts, FwEvent.RemoteAddress, FwEvent.RemotePort, NicInfo))
{
continue;
}
if (!FirewallManager.MatchEndpoint(rule.LocalAddresses, rule.LocalPorts, FwEvent.RemoteAddress, FwEvent.RemotePort, NicInfo))
{
continue;
}
rule.HitCount++;
if (rule.Action == FirewallRule.Actions.Allow)
{
AllowRules++;
}
else if (rule.Action == FirewallRule.Actions.Block)
{
BlockRules++;
}
}
// Note: block rules take precedence
if (BlockRules > 0)
{
return(FirewallRule.Actions.Block);
}
if (AllowRules > 0)
{
return(FirewallRule.Actions.Allow);
}
return(FirewallRule.Actions.Undefined);
}
public LogEntry(FirewallEvent Event, ProgramID progID)
{
guid = Guid.NewGuid();
FwEvent = Event;
ProgID = progID;
if (NetFunc.IsLocalHost(FwEvent.RemoteAddress))
{
Realm = Realms.LocalHost;
}
else if (NetFunc.IsMultiCast(FwEvent.RemoteAddress))
{
Realm = Realms.MultiCast;
}
else if (FirewallManager.MatchAddress(FwEvent.RemoteAddress, FirewallRule.AddrKeywordLocalSubnet))
{
Realm = Realms.LocalArea;
}
else
{
Realm = Realms.Internet;
}
}
public Tuple <int, int> LookupRuleAccess(NetworkSocket Socket)
{
int AllowOutProfiles = 0;
int BlockOutProfiles = 0;
int AllowInProfiles = 0;
int BlockInProfiles = 0;
int Protocol = 0;
if ((Socket.ProtocolType & 0xFF) == (UInt32)IPHelper.AF_PROT.TCP)
{
Protocol = (int)IPHelper.AF_PROT.TCP;
}
else if ((Socket.ProtocolType & 0xFF) == (UInt32)IPHelper.AF_PROT.UDP)
{
Protocol = (int)IPHelper.AF_PROT.UDP;
}
else
{
return(Tuple.Create(0, 0));
}
foreach (FirewallRule rule in Rules.Values)
{
if (!rule.Enabled)
{
continue;
}
if (rule.Protocol != (int)NetFunc.KnownProtocols.Any && Protocol != rule.Protocol)
{
continue;
}
if (Protocol == (int)IPHelper.AF_PROT.TCP)
{
if (!FirewallManager.MatchEndpoint(rule.RemoteAddresses, rule.RemotePorts, Socket.RemoteAddress, Socket.RemotePort))
{
continue;
}
}
if (!FirewallManager.MatchEndpoint(rule.LocalAddresses, rule.LocalPorts, Socket.LocalAddress, Socket.LocalPort))
{
continue;
}
switch (rule.Direction)
{
case FirewallRule.Directions.Outbound:
{
if (rule.Action == FirewallRule.Actions.Allow)
{
AllowOutProfiles |= rule.Profile;
}
else if (rule.Action == FirewallRule.Actions.Block)
{
BlockOutProfiles |= rule.Profile;
}
break;
}
case FirewallRule.Directions.Inbound:
{
if (rule.Action == FirewallRule.Actions.Allow)
{
AllowInProfiles |= rule.Profile;
}
else if (rule.Action == FirewallRule.Actions.Block)
{
BlockInProfiles |= rule.Profile;
}
break;
}
}
}
for (int i = 0; i < FirewallManager.FwProfiles.Length; i++)
{
if ((AllowOutProfiles & (int)FirewallManager.FwProfiles[i]) == 0 &&
(BlockOutProfiles & (int)FirewallManager.FwProfiles[i]) == 0)
{
if (App.engine.FirewallManager.GetDefaultOutboundAction(FirewallManager.FwProfiles[i]) == FirewallRule.Actions.Allow)
{
AllowOutProfiles |= (int)FirewallManager.FwProfiles[i];
}
else
{
BlockOutProfiles |= (int)FirewallManager.FwProfiles[i];
}
}
if ((AllowInProfiles & (int)FirewallManager.FwProfiles[i]) == 0 &&
(BlockInProfiles & (int)FirewallManager.FwProfiles[i]) == 0)
{
if (App.engine.FirewallManager.GetDefaultInboundAction(FirewallManager.FwProfiles[i]) == FirewallRule.Actions.Allow)
{
AllowInProfiles |= (int)FirewallManager.FwProfiles[i];
}
else
{
BlockInProfiles |= (int)FirewallManager.FwProfiles[i];
}
}
}
AllowOutProfiles &= ~BlockOutProfiles;
AllowInProfiles &= ~BlockInProfiles;
return(Tuple.Create(AllowOutProfiles, AllowInProfiles));
}