bool CFirewallOpener::FindRule(const EFOCAction eAction, const CICSRuleInfo& riPortRule, const INetSharingConfigurationPtr pNSC, INetSharingPortMappingPropsPtr* outNSPMP){
INetSharingPortMappingCollectionPtr pNSPMC;
RETURN_ON_FAIL(pNSC->get_EnumPortMappings (ICSSC_DEFAULT, &pNSPMC));
INetSharingPortMappingPtr pNSPM;
IEnumVARIANTPtr varEnum;
IUnknownPtr pUnk;
RETURN_ON_FAIL(pNSPMC->get__NewEnum(&pUnk));
RETURN_ON_FAIL(pUnk->QueryInterface(__uuidof(IEnumVARIANT), (void**)&varEnum));
_variant_t var;
while (S_OK == varEnum->Next(1, &var, NULL)) {
INetSharingPortMappingPropsPtr pNSPMP;
if (V_VT(&var) == VT_DISPATCH
&& SUCCEEDED(V_DISPATCH(&var)->QueryInterface(__uuidof(INetSharingPortMapping),(void**)&pNSPM))
&& SUCCEEDED(pNSPM->get_Properties (&pNSPMP)))
{
UCHAR ucProt = 0;
long uExternal = 0;
CComBSTR bstrName;
pNSPMP->get_IPProtocol (&ucProt);
pNSPMP->get_ExternalPort (&uExternal);
pNSPMP->get_Name(&bstrName);
switch(eAction){
case FOC_FINDRULEBYPORT:
if (riPortRule.m_nPortNumber == uExternal && riPortRule.m_byProtocol == ucProt){
if (outNSPMP != NULL)
*outNSPMP = pNSPM;
return true;
}
break;
case FOC_FINDRULEBYNAME:
if (riPortRule.m_strRuleName == CString(bstrName)){
if (outNSPMP != NULL)
*outNSPMP = pNSPM;
return true;
}
break;
case FOC_DELETERULEEXCACT:
if (riPortRule.m_strRuleName == CString(bstrName)
&& riPortRule.m_nPortNumber == uExternal && riPortRule.m_byProtocol == ucProt)
{
RETURN_ON_FAIL(pNSC->RemovePortMapping(pNSPM));
theApp.QueueDebugLogLine(false,_T("Rule removed"));
}
break;
case FOC_DELETERULEBYNAME:
if (riPortRule.m_strRuleName == CString(bstrName)){
RETURN_ON_FAIL(pNSC->RemovePortMapping(pNSPM));
theApp.QueueDebugLogLine(false,_T("Rule removed"));
}
break;
default:
ASSERT( false );
}
}
var.Clear();
}
switch(eAction){
case FOC_DELETERULEBYNAME:
case FOC_DELETERULEEXCACT:
return true;
case FOC_FINDRULEBYPORT:
case FOC_FINDRULEBYNAME:
default:
return false;
}
}
bool CFirewallOpener::DoAction(const EFOCAction eAction, const CICSRuleInfo& riPortRule){
if ( !Init() )
return false;
//TODO lets see if we can find a reliable method to find out the internet standard connection set by the user
bool bSuccess = true;
bool bPartialSucceeded = false;
bool bFoundAtLeastOneConn = false;
INetSharingEveryConnectionCollectionPtr NSECCP;
IEnumVARIANTPtr varEnum;
IUnknownPtr pUnk;
RETURN_ON_FAIL(m_pINetSM->get_EnumEveryConnection(&NSECCP));
RETURN_ON_FAIL(NSECCP->get__NewEnum(&pUnk));
RETURN_ON_FAIL(pUnk->QueryInterface(__uuidof(IEnumVARIANT), (void**)&varEnum));
_variant_t var;
while (S_OK == varEnum->Next(1, &var, NULL)) {
INetConnectionPtr NCP;
if (V_VT(&var) == VT_UNKNOWN
&& SUCCEEDED(V_UNKNOWN(&var)->QueryInterface(__uuidof(INetConnection),(void**)&NCP)))
{
INetConnectionPropsPtr pNCP;
if ( !SUCCEEDED(m_pINetSM->get_NetConnectionProps (NCP, &pNCP)) )
continue;
DWORD dwCharacteristics = 0;
pNCP->get_Characteristics(&dwCharacteristics);
if (dwCharacteristics & (NCCF_FIREWALLED)) {
NETCON_MEDIATYPE MediaType = NCM_NONE;
pNCP->get_MediaType (&MediaType);
if ((MediaType != NCM_SHAREDACCESSHOST_LAN) && (MediaType != NCM_SHAREDACCESSHOST_RAS) ){
INetSharingConfigurationPtr pNSC;
if ( !SUCCEEDED(m_pINetSM->get_INetSharingConfigurationForINetConnection (NCP, &pNSC)) )
continue;
VARIANT_BOOL varbool = VARIANT_FALSE;
pNSC->get_InternetFirewallEnabled(&varbool);
if (varbool == VARIANT_FALSE)
continue;
bFoundAtLeastOneConn = true;
switch(eAction){
case FOC_ADDRULE:{
bool bResult;
// we do not want to overwrite an existing rule
if (FindRule(FOC_FINDRULEBYPORT, riPortRule, pNSC, NULL)){
bResult = true;
}
else
bResult = AddRule(riPortRule, pNSC, pNCP);
bSuccess = bSuccess && bResult;
if (bResult && !bPartialSucceeded)
m_liAddedRules.Add(riPortRule); // keep track of added rules
bPartialSucceeded = bPartialSucceeded || bResult;
break;
}
case FOC_FWCONNECTIONEXISTS:
return true;
case FOC_DELETERULEBYNAME:
case FOC_DELETERULEEXCACT:
bSuccess = bSuccess && FindRule(eAction, riPortRule, pNSC, NULL);
break;
case FOC_FINDRULEBYNAME:
if (FindRule(FOC_FINDRULEBYNAME, riPortRule, pNSC, NULL))
return true;
else
bSuccess = false;
break;
case FOC_FINDRULEBYPORT:
if (FindRule(FOC_FINDRULEBYPORT, riPortRule, pNSC, NULL))
return true;
else
bSuccess = false;
break;
default:
ASSERT ( false );
}
}
}
}
var.Clear();
}
return bSuccess && bFoundAtLeastOneConn;
}
int
Extension::foreachCmd (
ClientData,
Tcl_Interp *interp,
int objc,
Tcl_Obj *const objv[])
{
if (objc != 4) {
Tcl_WrongNumArgs(
interp, 1, objv, "varList collectionHandle script");
return TCL_ERROR;
}
Tcl_Obj *pVarList = objv[1];
Tcl_Obj *pBody = objv[3];
Reference *pCollection = referenceHandles.find(interp, objv[2]);
if (pCollection == 0) {
const char *arg = Tcl_GetStringFromObj(objv[2], 0);
Tcl_AppendResult(
interp, "invalid interface pointer handle ", arg, 0);
return TCL_ERROR;
}
// Collections should implement a _NewEnum method which returns an object
// that enumerates the elements.
HRESULT hr;
PositionalArguments arguments;
_variant_t varResult;
hr = pCollection->invoke(
DISPID_NEWENUM,
DISPATCH_METHOD | DISPATCH_PROPERTYGET,
arguments,
&varResult);
if (FAILED(hr) || V_VT(&varResult) != VT_UNKNOWN) {
Tcl_AppendResult(interp, "object is not a collection", NULL);
return TCL_ERROR;
}
IUnknownPtr pUnk(V_UNKNOWN(&varResult));
// Get a specific kind of enumeration.
IEnumVARIANTPtr pEnumVARIANT;
IEnumUnknownPtr pEnumUnknown;
enum EnumKind { ENUM_VARIANT, ENUM_UNKNOWN };
EnumKind enumKind;
hr = pUnk->QueryInterface(
IID_IEnumVARIANT, reinterpret_cast<void **>(&pEnumVARIANT));
if (SUCCEEDED(hr)) {
enumKind = ENUM_VARIANT;
} else {
hr = pUnk->QueryInterface(
IID_IEnumUnknown, reinterpret_cast<void **>(&pEnumUnknown));
if (SUCCEEDED(hr)) {
enumKind = ENUM_UNKNOWN;
}
}
if (FAILED(hr)) {
Tcl_AppendResult(interp,
"Unknown enumerator type: not IEnumVARIANT or IEnumUnknown", NULL);
return TCL_ERROR;
}
int completionCode;
int varc; // number of loop variables
completionCode = Tcl_ListObjLength(interp, pVarList, &varc);
if (completionCode != TCL_OK) {
return TCL_ERROR;
}
if (varc < 1) {
Tcl_AppendResult(interp, "foreach varlist is empty", NULL);
return TCL_ERROR;
}
while (true) {
// If the variable list has been converted to another kind of Tcl
// object, convert it back to a list and refetch the pointer to its
// element array.
Tcl_Obj **varv;
completionCode =
Tcl_ListObjGetElements(interp, pVarList, &varc, &varv);
if (completionCode != TCL_OK) {
return TCL_ERROR;
}
// Assign values to all loop variables.
int v = 0;
for (; v < varc; ++v) {
TclObject value;
ULONG count;
switch (enumKind) {
case ENUM_VARIANT:
{
_variant_t elementVar;
hr = pEnumVARIANT->Next(1, &elementVar, &count);
if (hr == S_OK && count > 0) {
value = TclObject(&elementVar, Type::variant(), interp, 0);
}
}
break;
case ENUM_UNKNOWN:
{
IUnknown *pElement;
hr = pEnumUnknown->Next(1, &pElement, &count);
if (hr == S_OK && count > 0) {
value = referenceHandles.newObj(
interp, Reference::newReference(pElement));
}
}
break;
}
if (FAILED(hr)) {
_com_issue_error(hr);
}
if (hr != S_OK || count == 0) {
break;
}
Tcl_Obj *varValuePtr = Tcl_ObjSetVar2(
interp, varv[v], NULL, value, TCL_LEAVE_ERR_MSG);
if (varValuePtr == NULL) {
return TCL_ERROR;
}
}
if (v == 0) {
completionCode = TCL_OK;
break;
}
if (v < varc) {
TclObject empty;
for (; v < varc; ++v) {
Tcl_Obj *varValuePtr = Tcl_ObjSetVar2(
interp, varv[v], NULL, empty, TCL_LEAVE_ERR_MSG);
if (varValuePtr == NULL) {
return TCL_ERROR;
}
}
}
// Execute the script body.
completionCode =
#if TCL_MINOR_VERSION >= 1
Tcl_EvalObjEx(interp, pBody, 0);
#else
Tcl_EvalObj(interp, pBody);
#endif
if (completionCode == TCL_CONTINUE) {
// do nothing
} else if (completionCode == TCL_BREAK) {
completionCode = TCL_OK;
break;
} else if (completionCode == TCL_ERROR) {
std::ostringstream oss;
oss << "\n (\"foreach\" body line %d)" << interp->errorLine;
Tcl_AddObjErrorInfo(
interp, const_cast<char *>(oss.str().c_str()), -1);
break;
} else if (completionCode != TCL_OK) {
break;
}
}
if (completionCode == TCL_OK) {
Tcl_ResetResult(interp);
}
return completionCode;
}
