bool CFirewallOpener::AddRule(const CICSRuleInfo& riPortRule, const INetSharingConfigurationPtr pNSC, const INetConnectionPropsPtr pNCP) { INetSharingPortMappingPtr pNSPM; HRESULT hr = pNSC->AddPortMapping(riPortRule.m_strRuleName.AllocSysString(), riPortRule.m_byProtocol, riPortRule.m_nPortNumber, riPortRule.m_nPortNumber, 0, CComBSTR(L"127.0.0.1"), ICSTT_IPADDRESS, &pNSPM); CComBSTR bstrName; pNCP->get_Name(&bstrName); if ( SUCCEEDED(hr) && SUCCEEDED(pNSPM->Enable())) { // ==> Improved ICS-Firewall support [MoNKi] - Max if(riPortRule.m_bRemoveOnExit || m_bClearMappings) { CICSRuleInfo ruleToAdd(riPortRule); AddToICFdat(ruleToAdd); } // <== Improved ICS-Firewall support [MoNKi] - Max theApp.QueueDebugLogLine(false, _T("Succeeded to add Rule '%s' for Port '%u' on Connection '%s'"),riPortRule.m_strRuleName, riPortRule.m_nPortNumber, CString(bstrName)); return true; } else { theApp.QueueDebugLogLine(false, _T("Failed to add Rule '%s' for Port '%u' on Connection '%s'"),riPortRule.m_strRuleName, riPortRule.m_nPortNumber, CString(bstrName)); return false; } }
bool CFirewallOpener::AddRule(const CICSRuleInfo& riPortRule, const INetSharingConfigurationPtr pNSC, const INetConnectionPropsPtr pNCP){ INetSharingPortMappingPtr pNSPM; HRESULT hr = pNSC->AddPortMapping(riPortRule.m_strRuleName.AllocSysString(), riPortRule.m_byProtocol, riPortRule.m_nPortNumber, riPortRule.m_nPortNumber, 0, L"127.0.0.1", ICSTT_IPADDRESS, &pNSPM); CComBSTR bstrName; pNCP->get_Name(&bstrName); if ( SUCCEEDED(hr) && SUCCEEDED(pNSPM->Enable())){ theApp.QueueDebugLogLine(false, _T("Succeeded to add Rule '%s' for Port '%u' on Connection '%s'"),riPortRule.m_strRuleName, riPortRule.m_nPortNumber, CString(bstrName)); return true; } else{ theApp.QueueDebugLogLine(false, _T("Failed to add Rule '%s' for Port '%u' on Connection '%s'"),riPortRule.m_strRuleName, riPortRule.m_nPortNumber, CString(bstrName)); return false; } }
bool CFirewallOpener::DoAction(const EFOCAction eAction, const CICSRuleInfo& riPortRule){ if ( !Init() ) return false; //TODO lets see if we can find a reliable method to find out the internet standard connection set by the user bool bSuccess = true; bool bPartialSucceeded = false; bool bFoundAtLeastOneConn = false; INetSharingEveryConnectionCollectionPtr NSECCP; IEnumVARIANTPtr varEnum; IUnknownPtr pUnk; RETURN_ON_FAIL(m_pINetSM->get_EnumEveryConnection(&NSECCP)); RETURN_ON_FAIL(NSECCP->get__NewEnum(&pUnk)); RETURN_ON_FAIL(pUnk->QueryInterface(__uuidof(IEnumVARIANT), (void**)&varEnum)); _variant_t var; while (S_OK == varEnum->Next(1, &var, NULL)) { INetConnectionPtr NCP; if (V_VT(&var) == VT_UNKNOWN && SUCCEEDED(V_UNKNOWN(&var)->QueryInterface(__uuidof(INetConnection),(void**)&NCP))) { INetConnectionPropsPtr pNCP; if ( !SUCCEEDED(m_pINetSM->get_NetConnectionProps (NCP, &pNCP)) ) continue; DWORD dwCharacteristics = 0; pNCP->get_Characteristics(&dwCharacteristics); if (dwCharacteristics & (NCCF_FIREWALLED)) { NETCON_MEDIATYPE MediaType = NCM_NONE; pNCP->get_MediaType (&MediaType); if ((MediaType != NCM_SHAREDACCESSHOST_LAN) && (MediaType != NCM_SHAREDACCESSHOST_RAS) ){ INetSharingConfigurationPtr pNSC; if ( !SUCCEEDED(m_pINetSM->get_INetSharingConfigurationForINetConnection (NCP, &pNSC)) ) continue; VARIANT_BOOL varbool = VARIANT_FALSE; pNSC->get_InternetFirewallEnabled(&varbool); if (varbool == VARIANT_FALSE) continue; bFoundAtLeastOneConn = true; switch(eAction){ case FOC_ADDRULE:{ bool bResult; // we do not want to overwrite an existing rule if (FindRule(FOC_FINDRULEBYPORT, riPortRule, pNSC, NULL)){ bResult = true; } else bResult = AddRule(riPortRule, pNSC, pNCP); bSuccess = bSuccess && bResult; if (bResult && !bPartialSucceeded) m_liAddedRules.Add(riPortRule); // keep track of added rules bPartialSucceeded = bPartialSucceeded || bResult; break; } case FOC_FWCONNECTIONEXISTS: return true; case FOC_DELETERULEBYNAME: case FOC_DELETERULEEXCACT: bSuccess = bSuccess && FindRule(eAction, riPortRule, pNSC, NULL); break; case FOC_FINDRULEBYNAME: if (FindRule(FOC_FINDRULEBYNAME, riPortRule, pNSC, NULL)) return true; else bSuccess = false; break; case FOC_FINDRULEBYPORT: if (FindRule(FOC_FINDRULEBYPORT, riPortRule, pNSC, NULL)) return true; else bSuccess = false; break; default: ASSERT ( false ); } } } } var.Clear(); } return bSuccess && bFoundAtLeastOneConn; }