diff options
| author | Odd Stranne <odd@mullvad.net> | 2018-05-25 11:22:01 +0200 |
|---|---|---|
| committer | Odd Stranne <odd@mullvad.net> | 2018-05-25 11:22:01 +0200 |
| commit | 32e1bd67dd67652c89762a327e44ba3d47780c48 (patch) | |
| tree | f0ae4de1b7d5703a500209f876d35530f3dcb9fc /wfpctl/src | |
| parent | 835342bcd9ccffc092825b1c96077f6af1eb9878 (diff) | |
| download | mullvadvpn-32e1bd67dd67652c89762a327e44ba3d47780c48.tar.xz mullvadvpn-32e1bd67dd67652c89762a327e44ba3d47780c48.zip | |
Move wfpctl -> windows/winfw
Diffstat (limited to 'wfpctl/src')
84 files changed, 0 insertions, 5619 deletions
diff --git a/wfpctl/src/extras/cli/cli.cpp b/wfpctl/src/extras/cli/cli.cpp deleted file mode 100644 index 9595c24234..0000000000 --- a/wfpctl/src/extras/cli/cli.cpp +++ /dev/null @@ -1,173 +0,0 @@ -// cli.cpp : Defines the entry point for the console application. -// - -#include "stdafx.h" -#include "util.h" -#include "filterengineprovider.h" -#include "modules/imodule.h" -#include "modules/list.h" -#include "modules/monitor.h" -#include "modules/wfpctl.h" -#include "libcommon/string.h" -#include <iostream> -#include <conio.h> - -// Should set key comparison operator to compare lowercase strings but meh. -std::map<std::wstring, std::unique_ptr<modules::IModule> > g_modules; - -void OutputConsole(const std::wstring &str) -{ - std::wcout << str.c_str() << std::endl; -} - -void InitializeFilterEngine() -{ - FilterEngineProvider::Instance().set(std::move(wfp::FilterEngine::DynamicSession())); -} - -void InitializeModules() -{ - auto list = std::make_unique<modules::List>(OutputConsole); - g_modules.insert(std::make_pair(common::string::Lower(list->name()), std::move(list))); - - auto monitor = std::make_unique<modules::Monitor>(OutputConsole); - g_modules.insert(std::make_pair(common::string::Lower(monitor->name()), std::move(monitor))); - - auto wfpctl = std::make_unique<modules::Wfpctl>(OutputConsole); - g_modules.insert(std::make_pair(common::string::Lower(wfpctl->name()), std::move(wfpctl))); -} - -void ProcessHelp(const std::wstring &request) -{ - auto tokens = common::string::Tokenize(request, L" "); - - if (tokens.empty()) - { - std::wcout << L"Unable to interpret request." << std::endl; - return; - } - - if (tokens.size() == 1) - { - PropertyList list; - - for (auto &module : g_modules) - { - list.add(common::string::Lower(module.second->name()), module.second->description()); - } - - list.add(L"help", L"List available modules."); - list.add(L"help /module/", L"Show module specific help."); - list.add(L"reset", L"Reset the Filter Engine session."); - list.add(L"quit", L"Exit the application."); - - PrettyPrintOptions options; - - options.indent = 0; - options.useSeparator = false; - - PrettyPrintProperties(OutputConsole, options, list); - - return; - } - - if (tokens.size() != 2) - { - std::wcout << L"Unable to interpret request." << std::endl; - return; - } - - auto wanted = common::string::Lower(tokens[1]); - auto found = g_modules.find(wanted); - - if (found == g_modules.end()) - { - std::wcout << L"No such module: " << wanted << L"." << std::endl; - return; - } - - auto moduleCommands = found->second->commands(); - - PrettyPrintOptions options; - - options.indent = 0; - options.useSeparator = false; - - PrettyPrintProperties(OutputConsole, options, moduleCommands); -} - -void ProcessRequest(const std::wstring &request) -{ - auto tokens = common::string::Tokenize(request, L" "); - - if (tokens.empty()) - { - std::wcout << L"Unable to interpret request." << std::endl; - return; - } - - auto wanted = common::string::Lower(tokens[0]); - auto found = g_modules.find(wanted); - - if (found == g_modules.end()) - { - std::wcout << L"No such module: " << wanted << L"." << std::endl; - return; - } - - tokens.erase(tokens.begin()); - - found->second->handleRequest(tokens); -} - -int main(int, wchar_t **) -{ - InitializeFilterEngine(); - InitializeModules(); - - for (;;) - { - std::wcout << L"wfp> "; - - std::wstring request; - std::getline(std::wcin, request); - - if (0 == _wcsicmp(request.c_str(), L"quit")) - { - break; - } - - if (0 == _wcsicmp(request.c_str(), L"reset")) - { - InitializeFilterEngine(); - std::wcout << std::endl; - - continue; - } - - if (0 == _wcsnicmp(request.c_str(), L"help", 4)) - { - ProcessHelp(request); - std::wcout << std::endl; - - continue; - } - - try - { - ProcessRequest(request); - } - catch (std::exception &error) - { - std::cout << "Error: " << error.what() << std::endl; - } - catch (...) - { - std::cout << "Unknown error, caught exception!" << std::endl; - } - - std::wcout << std::endl; - } - - return 0; -} diff --git a/wfpctl/src/extras/cli/cli.vcxproj b/wfpctl/src/extras/cli/cli.vcxproj deleted file mode 100644 index 86d6094f63..0000000000 --- a/wfpctl/src/extras/cli/cli.vcxproj +++ /dev/null @@ -1,230 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<Project DefaultTargets="Build" ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> - <ItemGroup Label="ProjectConfigurations"> - <ProjectConfiguration Include="Debug|Win32"> - <Configuration>Debug</Configuration> - <Platform>Win32</Platform> - </ProjectConfiguration> - <ProjectConfiguration Include="Release|Win32"> - <Configuration>Release</Configuration> - <Platform>Win32</Platform> - </ProjectConfiguration> - <ProjectConfiguration Include="Debug|x64"> - <Configuration>Debug</Configuration> - <Platform>x64</Platform> - </ProjectConfiguration> - <ProjectConfiguration Include="Release|x64"> - <Configuration>Release</Configuration> - <Platform>x64</Platform> - </ProjectConfiguration> - </ItemGroup> - <PropertyGroup Label="Globals"> - <VCProjectVersion>15.0</VCProjectVersion> - <ProjectGuid>{242A58CA-8E54-4170-A8C5-6F91CC4F7DB2}</ProjectGuid> - <Keyword>Win32Proj</Keyword> - <RootNamespace>cli</RootNamespace> - <WindowsTargetPlatformVersion>10.0.16299.0</WindowsTargetPlatformVersion> - </PropertyGroup> - <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" /> - <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration"> - <ConfigurationType>Application</ConfigurationType> - <UseDebugLibraries>true</UseDebugLibraries> - <PlatformToolset>v141</PlatformToolset> - <CharacterSet>Unicode</CharacterSet> - </PropertyGroup> - <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration"> - <ConfigurationType>Application</ConfigurationType> - <UseDebugLibraries>false</UseDebugLibraries> - <PlatformToolset>v141</PlatformToolset> - <WholeProgramOptimization>true</WholeProgramOptimization> - <CharacterSet>Unicode</CharacterSet> - </PropertyGroup> - <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration"> - <ConfigurationType>Application</ConfigurationType> - <UseDebugLibraries>true</UseDebugLibraries> - <PlatformToolset>v141</PlatformToolset> - <CharacterSet>Unicode</CharacterSet> - </PropertyGroup> - <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration"> - <ConfigurationType>Application</ConfigurationType> - <UseDebugLibraries>false</UseDebugLibraries> - <PlatformToolset>v141</PlatformToolset> - <WholeProgramOptimization>true</WholeProgramOptimization> - <CharacterSet>Unicode</CharacterSet> - </PropertyGroup> - <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" /> - <ImportGroup Label="ExtensionSettings"> - </ImportGroup> - <ImportGroup Label="Shared"> - </ImportGroup> - <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"> - <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> - </ImportGroup> - <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> - <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> - </ImportGroup> - <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> - <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> - </ImportGroup> - <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> - <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> - </ImportGroup> - <PropertyGroup Label="UserMacros" /> - <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"> - <LinkIncremental>true</LinkIncremental> - <OutDir>$(SolutionDir)\bin\$(Platform)-$(Configuration)\</OutDir> - <IntDir>$(SolutionDir)\bin\temp\$(Platform)-$(Configuration)\$(ProjectName)\</IntDir> - </PropertyGroup> - <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> - <LinkIncremental>true</LinkIncremental> - <IntDir>$(SolutionDir)\bin\temp\$(Platform)-$(Configuration)\$(ProjectName)\</IntDir> - <OutDir>$(SolutionDir)\bin\$(Platform)-$(Configuration)\</OutDir> - </PropertyGroup> - <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> - <LinkIncremental>false</LinkIncremental> - <OutDir>$(SolutionDir)\bin\$(Platform)-$(Configuration)\</OutDir> - <IntDir>$(SolutionDir)\bin\temp\$(Platform)-$(Configuration)\$(ProjectName)\</IntDir> - </PropertyGroup> - <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> - <LinkIncremental>false</LinkIncremental> - <IntDir>$(SolutionDir)\bin\temp\$(Platform)-$(Configuration)\$(ProjectName)\</IntDir> - <OutDir>$(SolutionDir)\bin\$(Platform)-$(Configuration)\</OutDir> - </PropertyGroup> - <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"> - <ClCompile> - <PrecompiledHeader>Use</PrecompiledHeader> - <WarningLevel>Level4</WarningLevel> - <Optimization>Disabled</Optimization> - <SDLCheck>true</SDLCheck> - <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions> - <AdditionalIncludeDirectories>$(ProjectDir)..\;$(ProjectDir)..\..\;$(ProjectDir)..\..\..\libwfp\src\</AdditionalIncludeDirectories> - <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary> - <LanguageStandard>stdcpplatest</LanguageStandard> - </ClCompile> - <Link> - <SubSystem>Console</SubSystem> - <GenerateDebugInformation>true</GenerateDebugInformation> - <AdditionalDependencies>wfpctl.lib;libcommon.lib;libwfp.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies> - <AdditionalLibraryDirectories>$(SolutionDir)/bin/$(Platform)-$(Configuration)</AdditionalLibraryDirectories> - </Link> - </ItemDefinitionGroup> - <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> - <ClCompile> - <PrecompiledHeader>Use</PrecompiledHeader> - <WarningLevel>Level4</WarningLevel> - <Optimization>Disabled</Optimization> - <SDLCheck>true</SDLCheck> - <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions> - <AdditionalIncludeDirectories>$(ProjectDir)..\;$(ProjectDir)..\..\;$(ProjectDir)..\..\..\libwfp\src\</AdditionalIncludeDirectories> - <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary> - <LanguageStandard>stdcpplatest</LanguageStandard> - </ClCompile> - <Link> - <SubSystem>Console</SubSystem> - <GenerateDebugInformation>true</GenerateDebugInformation> - <AdditionalLibraryDirectories>$(SolutionDir)/bin/$(Platform)-$(Configuration)</AdditionalLibraryDirectories> - <AdditionalDependencies>wfpctl.lib;libcommon.lib;libwfp.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies> - </Link> - </ItemDefinitionGroup> - <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> - <ClCompile> - <PrecompiledHeader>Use</PrecompiledHeader> - <WarningLevel>Level4</WarningLevel> - <Optimization>MaxSpeed</Optimization> - <FunctionLevelLinking>true</FunctionLevelLinking> - <IntrinsicFunctions>true</IntrinsicFunctions> - <SDLCheck>true</SDLCheck> - <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions> - <AdditionalIncludeDirectories>$(ProjectDir)..\;$(ProjectDir)..\..\;$(ProjectDir)..\..\..\libwfp\src\</AdditionalIncludeDirectories> - <RuntimeLibrary>MultiThreaded</RuntimeLibrary> - <LanguageStandard>stdcpplatest</LanguageStandard> - </ClCompile> - <Link> - <SubSystem>Console</SubSystem> - <EnableCOMDATFolding>true</EnableCOMDATFolding> - <OptimizeReferences>true</OptimizeReferences> - <GenerateDebugInformation>true</GenerateDebugInformation> - <AdditionalDependencies>wfpctl.lib;libcommon.lib;libwfp.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies> - <AdditionalLibraryDirectories>$(SolutionDir)/bin/$(Platform)-$(Configuration)</AdditionalLibraryDirectories> - </Link> - </ItemDefinitionGroup> - <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> - <ClCompile> - <PrecompiledHeader>Use</PrecompiledHeader> - <WarningLevel>Level4</WarningLevel> - <Optimization>MaxSpeed</Optimization> - <FunctionLevelLinking>true</FunctionLevelLinking> - <IntrinsicFunctions>true</IntrinsicFunctions> - <SDLCheck>true</SDLCheck> - <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions> - <AdditionalIncludeDirectories>$(ProjectDir)..\;$(ProjectDir)..\..\;$(ProjectDir)..\..\..\libwfp\src\</AdditionalIncludeDirectories> - <RuntimeLibrary>MultiThreaded</RuntimeLibrary> - <LanguageStandard>stdcpplatest</LanguageStandard> - </ClCompile> - <Link> - <SubSystem>Console</SubSystem> - <EnableCOMDATFolding>true</EnableCOMDATFolding> - <OptimizeReferences>true</OptimizeReferences> - <GenerateDebugInformation>true</GenerateDebugInformation> - <AdditionalLibraryDirectories>$(SolutionDir)/bin/$(Platform)-$(Configuration)</AdditionalLibraryDirectories> - <AdditionalDependencies>wfpctl.lib;libcommon.lib;libwfp.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies> - </Link> - </ItemDefinitionGroup> - <ItemGroup> - <ClInclude Include="commands\icommand.h" /> - <ClInclude Include="commands\list\events.h" /> - <ClInclude Include="commands\list\filters.h" /> - <ClInclude Include="commands\list\layers.h" /> - <ClInclude Include="commands\list\providercontexts.h" /> - <ClInclude Include="commands\list\providers.h" /> - <ClInclude Include="commands\list\sessions.h" /> - <ClInclude Include="commands\list\sublayers.h" /> - <ClInclude Include="commands\monitor\m_events.h" /> - <ClInclude Include="commands\wfpctl\deinit.h" /> - <ClInclude Include="commands\wfpctl\init.h" /> - <ClInclude Include="commands\wfpctl\policy.h" /> - <ClInclude Include="filterengineprovider.h" /> - <ClInclude Include="inlineformatter.h" /> - <ClInclude Include="ipropertydecorator.h" /> - <ClInclude Include="modules\imodule.h" /> - <ClInclude Include="modules\list.h" /> - <ClInclude Include="modules\module.h" /> - <ClInclude Include="modules\monitor.h" /> - <ClInclude Include="modules\wfpctl.h" /> - <ClInclude Include="objectproperties.h" /> - <ClInclude Include="propertydecorator.h" /> - <ClInclude Include="propertylist.h" /> - <ClInclude Include="stdafx.h" /> - <ClInclude Include="subcommanddispatcher.h" /> - <ClInclude Include="targetver.h" /> - <ClInclude Include="util.h" /> - </ItemGroup> - <ItemGroup> - <ClCompile Include="cli.cpp" /> - <ClCompile Include="commands\list\events.cpp" /> - <ClCompile Include="commands\list\filters.cpp" /> - <ClCompile Include="commands\list\layers.cpp" /> - <ClCompile Include="commands\list\providercontexts.cpp" /> - <ClCompile Include="commands\list\providers.cpp" /> - <ClCompile Include="commands\list\sessions.cpp" /> - <ClCompile Include="commands\list\sublayers.cpp" /> - <ClCompile Include="commands\monitor\m_events.cpp" /> - <ClCompile Include="commands\wfpctl\deinit.cpp" /> - <ClCompile Include="commands\wfpctl\init.cpp" /> - <ClCompile Include="commands\wfpctl\policy.cpp" /> - <ClCompile Include="modules\module.cpp" /> - <ClCompile Include="objectproperties.cpp" /> - <ClCompile Include="propertydecorator.cpp" /> - <ClCompile Include="stdafx.cpp"> - <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader> - <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader> - <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader> - <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">Create</PrecompiledHeader> - </ClCompile> - <ClCompile Include="subcommanddispatcher.cpp" /> - <ClCompile Include="util.cpp" /> - </ItemGroup> - <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" /> - <ImportGroup Label="ExtensionTargets"> - </ImportGroup> -</Project>
\ No newline at end of file diff --git a/wfpctl/src/extras/cli/cli.vcxproj.filters b/wfpctl/src/extras/cli/cli.vcxproj.filters deleted file mode 100644 index fabc1492f8..0000000000 --- a/wfpctl/src/extras/cli/cli.vcxproj.filters +++ /dev/null @@ -1,127 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> - <ItemGroup> - <Filter Include="commands"> - <UniqueIdentifier>{da097053-def0-4a93-a7a3-b62cc761ac4c}</UniqueIdentifier> - </Filter> - <Filter Include="commands\list"> - <UniqueIdentifier>{25335122-c3ac-492b-bec2-827f73a5269f}</UniqueIdentifier> - </Filter> - <Filter Include="modules"> - <UniqueIdentifier>{e88bc8bf-763d-4c21-b558-18c18c3d01aa}</UniqueIdentifier> - </Filter> - <Filter Include="commands\monitor"> - <UniqueIdentifier>{ff50eaf3-6e11-41ad-bae9-24427a025d33}</UniqueIdentifier> - </Filter> - <Filter Include="commands\wfpctl"> - <UniqueIdentifier>{571487f4-437d-4ad1-a409-f2b143f6803e}</UniqueIdentifier> - </Filter> - </ItemGroup> - <ItemGroup> - <ClInclude Include="modules\imodule.h"> - <Filter>modules</Filter> - </ClInclude> - <ClInclude Include="modules\list.h"> - <Filter>modules</Filter> - </ClInclude> - <ClInclude Include="commands\icommand.h"> - <Filter>commands</Filter> - </ClInclude> - <ClInclude Include="commands\list\sessions.h"> - <Filter>commands\list</Filter> - </ClInclude> - <ClInclude Include="modules\module.h"> - <Filter>modules</Filter> - </ClInclude> - <ClInclude Include="commands\list\providers.h"> - <Filter>commands\list</Filter> - </ClInclude> - <ClInclude Include="commands\list\events.h"> - <Filter>commands\list</Filter> - </ClInclude> - <ClInclude Include="commands\list\filters.h"> - <Filter>commands\list</Filter> - </ClInclude> - <ClInclude Include="commands\list\layers.h"> - <Filter>commands\list</Filter> - </ClInclude> - <ClInclude Include="commands\list\providercontexts.h"> - <Filter>commands\list</Filter> - </ClInclude> - <ClInclude Include="commands\list\sublayers.h"> - <Filter>commands\list</Filter> - </ClInclude> - <ClInclude Include="filterengineprovider.h" /> - <ClInclude Include="inlineformatter.h" /> - <ClInclude Include="objectproperties.h" /> - <ClInclude Include="propertylist.h" /> - <ClInclude Include="stdafx.h" /> - <ClInclude Include="targetver.h" /> - <ClInclude Include="util.h" /> - <ClInclude Include="modules\monitor.h"> - <Filter>modules</Filter> - </ClInclude> - <ClInclude Include="commands\monitor\m_events.h"> - <Filter>commands\monitor</Filter> - </ClInclude> - <ClInclude Include="ipropertydecorator.h" /> - <ClInclude Include="propertydecorator.h" /> - <ClInclude Include="commands\wfpctl\policy.h"> - <Filter>commands\wfpctl</Filter> - </ClInclude> - <ClInclude Include="subcommanddispatcher.h" /> - <ClInclude Include="modules\wfpctl.h"> - <Filter>modules</Filter> - </ClInclude> - <ClInclude Include="commands\wfpctl\init.h"> - <Filter>commands\wfpctl</Filter> - </ClInclude> - <ClInclude Include="commands\wfpctl\deinit.h"> - <Filter>commands\wfpctl</Filter> - </ClInclude> - </ItemGroup> - <ItemGroup> - <ClCompile Include="commands\list\sessions.cpp"> - <Filter>commands\list</Filter> - </ClCompile> - <ClCompile Include="modules\module.cpp"> - <Filter>modules</Filter> - </ClCompile> - <ClCompile Include="commands\list\providers.cpp"> - <Filter>commands\list</Filter> - </ClCompile> - <ClCompile Include="commands\list\events.cpp"> - <Filter>commands\list</Filter> - </ClCompile> - <ClCompile Include="commands\list\filters.cpp"> - <Filter>commands\list</Filter> - </ClCompile> - <ClCompile Include="commands\list\layers.cpp"> - <Filter>commands\list</Filter> - </ClCompile> - <ClCompile Include="commands\list\providercontexts.cpp"> - <Filter>commands\list</Filter> - </ClCompile> - <ClCompile Include="commands\list\sublayers.cpp"> - <Filter>commands\list</Filter> - </ClCompile> - <ClCompile Include="cli.cpp" /> - <ClCompile Include="objectproperties.cpp" /> - <ClCompile Include="stdafx.cpp" /> - <ClCompile Include="util.cpp" /> - <ClCompile Include="commands\monitor\m_events.cpp"> - <Filter>commands\monitor</Filter> - </ClCompile> - <ClCompile Include="propertydecorator.cpp" /> - <ClCompile Include="commands\wfpctl\policy.cpp"> - <Filter>commands\wfpctl</Filter> - </ClCompile> - <ClCompile Include="subcommanddispatcher.cpp" /> - <ClCompile Include="commands\wfpctl\init.cpp"> - <Filter>commands\wfpctl</Filter> - </ClCompile> - <ClCompile Include="commands\wfpctl\deinit.cpp"> - <Filter>commands\wfpctl</Filter> - </ClCompile> - </ItemGroup> -</Project>
\ No newline at end of file diff --git a/wfpctl/src/extras/cli/commands/icommand.h b/wfpctl/src/extras/cli/commands/icommand.h deleted file mode 100644 index a9503a205b..0000000000 --- a/wfpctl/src/extras/cli/commands/icommand.h +++ /dev/null @@ -1,17 +0,0 @@ -#pragma once - -#include <string> -#include <vector> - -namespace commands -{ - -struct ICommand -{ - virtual std::wstring name() = 0; - virtual std::wstring description() = 0; - - virtual void handleRequest(const std::vector<std::wstring> &arguments) = 0; -}; - -} diff --git a/wfpctl/src/extras/cli/commands/list/events.cpp b/wfpctl/src/extras/cli/commands/list/events.cpp deleted file mode 100644 index 4396eff980..0000000000 --- a/wfpctl/src/extras/cli/commands/list/events.cpp +++ /dev/null @@ -1,51 +0,0 @@ -#include "stdafx.h" -#include "events.h" -#include "cli/objectproperties.h" -#include "cli/filterengineprovider.h" -#include "cli/propertydecorator.h" -#include "libwfp/objectenumerator.h" - -namespace commands::list -{ - -Events::Events(MessageSink messageSink) - : m_messageSink(messageSink) -{ -} - -std::wstring Events::name() -{ - return L"events"; - -} - -std::wstring Events::description() -{ - return L"Provides a listing of all recent events in the system."; -} - -void Events::handleRequest(const std::vector<std::wstring> &arguments) -{ - if (false == arguments.empty()) - { - throw std::runtime_error("Unsupported argument(s). Cannot complete request."); - } - - PrettyPrintOptions options; - - options.indent = 2; - options.useSeparator = true; - - PropertyDecorator decorator(FilterEngineProvider::Instance().get()); - - wfp::ObjectEnumerator::Events(*FilterEngineProvider::Instance().get(), [&](const FWPM_NET_EVENT0 &event) - { - m_messageSink(L"Event"); - - PrettyPrintProperties(m_messageSink, options, EventProperties(event, &decorator)); - - return true; - }); -} - -} diff --git a/wfpctl/src/extras/cli/commands/list/events.h b/wfpctl/src/extras/cli/commands/list/events.h deleted file mode 100644 index cc727712f0..0000000000 --- a/wfpctl/src/extras/cli/commands/list/events.h +++ /dev/null @@ -1,25 +0,0 @@ -#pragma once - -#include "cli/commands/icommand.h" -#include "cli/util.h" - -namespace commands::list -{ - -class Events : public ICommand -{ -public: - - Events(MessageSink messageSink); - - std::wstring name() override; - std::wstring description() override; - - void handleRequest(const std::vector<std::wstring> &arguments) override; - -private: - - MessageSink m_messageSink; -}; - -} diff --git a/wfpctl/src/extras/cli/commands/list/filters.cpp b/wfpctl/src/extras/cli/commands/list/filters.cpp deleted file mode 100644 index 9c7917bf66..0000000000 --- a/wfpctl/src/extras/cli/commands/list/filters.cpp +++ /dev/null @@ -1,51 +0,0 @@ -#include "stdafx.h" -#include "filters.h" -#include "cli/objectproperties.h" -#include "cli/filterengineprovider.h" -#include "cli/propertydecorator.h" -#include "libwfp/objectenumerator.h" - -namespace commands::list -{ - -Filters::Filters(MessageSink messageSink) - : m_messageSink(messageSink) -{ -} - -std::wstring Filters::name() -{ - return L"filters"; - -} - -std::wstring Filters::description() -{ - return L"Provides a listing of all filters in the system."; -} - -void Filters::handleRequest(const std::vector<std::wstring> &arguments) -{ - if (false == arguments.empty()) - { - throw std::runtime_error("Unsupported argument(s). Cannot complete request."); - } - - PrettyPrintOptions options; - - options.indent = 2; - options.useSeparator = true; - - PropertyDecorator decorator(FilterEngineProvider::Instance().get()); - - wfp::ObjectEnumerator::Filters(*FilterEngineProvider::Instance().get(), [&](const FWPM_FILTER0 &filter) - { - m_messageSink(L"Filter"); - - PrettyPrintProperties(m_messageSink, options, FilterProperties(filter, &decorator)); - - return true; - }); -} - -} diff --git a/wfpctl/src/extras/cli/commands/list/filters.h b/wfpctl/src/extras/cli/commands/list/filters.h deleted file mode 100644 index 4c0345f3b3..0000000000 --- a/wfpctl/src/extras/cli/commands/list/filters.h +++ /dev/null @@ -1,25 +0,0 @@ -#pragma once - -#include "cli/commands/icommand.h" -#include "cli/util.h" - -namespace commands::list -{ - -class Filters : public ICommand -{ -public: - - Filters(MessageSink messageSink); - - std::wstring name() override; - std::wstring description() override; - - void handleRequest(const std::vector<std::wstring> &arguments) override; - -private: - - MessageSink m_messageSink; -}; - -} diff --git a/wfpctl/src/extras/cli/commands/list/layers.cpp b/wfpctl/src/extras/cli/commands/list/layers.cpp deleted file mode 100644 index 3dc4368894..0000000000 --- a/wfpctl/src/extras/cli/commands/list/layers.cpp +++ /dev/null @@ -1,51 +0,0 @@ -#include "stdafx.h" -#include "layers.h" -#include "cli/objectproperties.h" -#include "cli/filterengineprovider.h" -#include "cli/propertydecorator.h" -#include "libwfp/objectenumerator.h" - -namespace commands::list -{ - -Layers::Layers(MessageSink messageSink) - : m_messageSink(messageSink) -{ -} - -std::wstring Layers::name() -{ - return L"layers"; - -} - -std::wstring Layers::description() -{ - return L"Provides a listing of all layers in the system."; -} - -void Layers::handleRequest(const std::vector<std::wstring> &arguments) -{ - if (false == arguments.empty()) - { - throw std::runtime_error("Unsupported argument(s). Cannot complete request."); - } - - PrettyPrintOptions options; - - options.indent = 2; - options.useSeparator = true; - - PropertyDecorator decorator(FilterEngineProvider::Instance().get()); - - wfp::ObjectEnumerator::Layers(*FilterEngineProvider::Instance().get(), [&](const FWPM_LAYER0 &layer) - { - m_messageSink(L"Layer"); - - PrettyPrintProperties(m_messageSink, options, LayerProperties(layer, &decorator)); - - return true; - }); -} - -} diff --git a/wfpctl/src/extras/cli/commands/list/layers.h b/wfpctl/src/extras/cli/commands/list/layers.h deleted file mode 100644 index 92a62c58e0..0000000000 --- a/wfpctl/src/extras/cli/commands/list/layers.h +++ /dev/null @@ -1,25 +0,0 @@ -#pragma once - -#include "cli/commands/icommand.h" -#include "cli/util.h" - -namespace commands::list -{ - -class Layers : public ICommand -{ -public: - - Layers(MessageSink messageSink); - - std::wstring name() override; - std::wstring description() override; - - void handleRequest(const std::vector<std::wstring> &arguments) override; - -private: - - MessageSink m_messageSink; -}; - -} diff --git a/wfpctl/src/extras/cli/commands/list/providercontexts.cpp b/wfpctl/src/extras/cli/commands/list/providercontexts.cpp deleted file mode 100644 index 6612ce03dc..0000000000 --- a/wfpctl/src/extras/cli/commands/list/providercontexts.cpp +++ /dev/null @@ -1,51 +0,0 @@ -#include "stdafx.h" -#include "providercontexts.h" -#include "cli/objectproperties.h" -#include "cli/filterengineprovider.h" -#include "cli/propertydecorator.h" -#include "libwfp/objectenumerator.h" - -namespace commands::list -{ - -ProviderContexts::ProviderContexts(MessageSink messageSink) - : m_messageSink(messageSink) -{ -} - -std::wstring ProviderContexts::name() -{ - return L"providercontexts"; - -} - -std::wstring ProviderContexts::description() -{ - return L"Provides a listing of all provider contexts in the system."; -} - -void ProviderContexts::handleRequest(const std::vector<std::wstring> &arguments) -{ - if (false == arguments.empty()) - { - throw std::runtime_error("Unsupported argument(s). Cannot complete request."); - } - - PrettyPrintOptions options; - - options.indent = 2; - options.useSeparator = true; - - PropertyDecorator decorator(FilterEngineProvider::Instance().get()); - - wfp::ObjectEnumerator::ProviderContexts(*FilterEngineProvider::Instance().get(), [&](const FWPM_PROVIDER_CONTEXT0 &context) - { - m_messageSink(L"Provider context"); - - PrettyPrintProperties(m_messageSink, options, ProviderContextProperties(context, &decorator)); - - return true; - }); -} - -} diff --git a/wfpctl/src/extras/cli/commands/list/providercontexts.h b/wfpctl/src/extras/cli/commands/list/providercontexts.h deleted file mode 100644 index b87886eac7..0000000000 --- a/wfpctl/src/extras/cli/commands/list/providercontexts.h +++ /dev/null @@ -1,25 +0,0 @@ -#pragma once - -#include "cli/commands/icommand.h" -#include "cli/util.h" - -namespace commands::list -{ - -class ProviderContexts : public ICommand -{ -public: - - ProviderContexts(MessageSink messageSink); - - std::wstring name() override; - std::wstring description() override; - - void handleRequest(const std::vector<std::wstring> &arguments) override; - -private: - - MessageSink m_messageSink; -}; - -} diff --git a/wfpctl/src/extras/cli/commands/list/providers.cpp b/wfpctl/src/extras/cli/commands/list/providers.cpp deleted file mode 100644 index a06318d74b..0000000000 --- a/wfpctl/src/extras/cli/commands/list/providers.cpp +++ /dev/null @@ -1,48 +0,0 @@ -#include "stdafx.h" -#include "providers.h" -#include "cli/objectproperties.h" -#include "cli/filterengineprovider.h" -#include "libwfp/objectenumerator.h" - -namespace commands::list -{ - -Providers::Providers(MessageSink messageSink) - : m_messageSink(messageSink) -{ -} - -std::wstring Providers::name() -{ - return L"providers"; - -} - -std::wstring Providers::description() -{ - return L"Provides a listing of all providers in the system."; -} - -void Providers::handleRequest(const std::vector<std::wstring> &arguments) -{ - if (false == arguments.empty()) - { - throw std::runtime_error("Unsupported argument(s). Cannot complete request."); - } - - PrettyPrintOptions options; - - options.indent = 2; - options.useSeparator = true; - - wfp::ObjectEnumerator::Providers(*FilterEngineProvider::Instance().get(), [&](const FWPM_PROVIDER0 &provider) - { - m_messageSink(L"Provider"); - - PrettyPrintProperties(m_messageSink, options, ProviderProperties(provider)); - - return true; - }); -} - -} diff --git a/wfpctl/src/extras/cli/commands/list/providers.h b/wfpctl/src/extras/cli/commands/list/providers.h deleted file mode 100644 index 2a09a88b67..0000000000 --- a/wfpctl/src/extras/cli/commands/list/providers.h +++ /dev/null @@ -1,25 +0,0 @@ -#pragma once - -#include "cli/commands/icommand.h" -#include "cli/util.h" - -namespace commands::list -{ - -class Providers : public ICommand -{ -public: - - Providers(MessageSink messageSink); - - std::wstring name() override; - std::wstring description() override; - - void handleRequest(const std::vector<std::wstring> &arguments) override; - -private: - - MessageSink m_messageSink; -}; - -} diff --git a/wfpctl/src/extras/cli/commands/list/sessions.cpp b/wfpctl/src/extras/cli/commands/list/sessions.cpp deleted file mode 100644 index 27000c903d..0000000000 --- a/wfpctl/src/extras/cli/commands/list/sessions.cpp +++ /dev/null @@ -1,48 +0,0 @@ -#include "stdafx.h" -#include "sessions.h" -#include "cli/objectproperties.h" -#include "cli/filterengineprovider.h" -#include "libwfp/objectenumerator.h" - -namespace commands::list -{ - -Sessions::Sessions(MessageSink messageSink) - : m_messageSink(messageSink) -{ -} - -std::wstring Sessions::name() -{ - return L"sessions"; - -} - -std::wstring Sessions::description() -{ - return L"Provides a listing of all active sessions in the system."; -} - -void Sessions::handleRequest(const std::vector<std::wstring> &arguments) -{ - if (false == arguments.empty()) - { - throw std::runtime_error("Unsupported argument(s). Cannot complete request."); - } - - PrettyPrintOptions options; - - options.indent = 2; - options.useSeparator = true; - - wfp::ObjectEnumerator::Sessions(*FilterEngineProvider::Instance().get(), [&](const FWPM_SESSION0 &session) - { - m_messageSink(L"Session"); - - PrettyPrintProperties(m_messageSink, options, SessionProperties(session)); - - return true; - }); -} - -} diff --git a/wfpctl/src/extras/cli/commands/list/sessions.h b/wfpctl/src/extras/cli/commands/list/sessions.h deleted file mode 100644 index b9d8f04ea2..0000000000 --- a/wfpctl/src/extras/cli/commands/list/sessions.h +++ /dev/null @@ -1,25 +0,0 @@ -#pragma once - -#include "cli/commands/icommand.h" -#include "cli/util.h" - -namespace commands::list -{ - -class Sessions : public ICommand -{ -public: - - Sessions(MessageSink messageSink); - - std::wstring name() override; - std::wstring description() override; - - void handleRequest(const std::vector<std::wstring> &arguments) override; - -private: - - MessageSink m_messageSink; -}; - -} diff --git a/wfpctl/src/extras/cli/commands/list/sublayers.cpp b/wfpctl/src/extras/cli/commands/list/sublayers.cpp deleted file mode 100644 index 0c8a5f2f58..0000000000 --- a/wfpctl/src/extras/cli/commands/list/sublayers.cpp +++ /dev/null @@ -1,51 +0,0 @@ -#include "stdafx.h" -#include "sublayers.h" -#include "cli/objectproperties.h" -#include "cli/filterengineprovider.h" -#include "cli/propertydecorator.h" -#include "libwfp/objectenumerator.h" - -namespace commands::list -{ - -Sublayers::Sublayers(MessageSink messageSink) - : m_messageSink(messageSink) -{ -} - -std::wstring Sublayers::name() -{ - return L"sublayers"; - -} - -std::wstring Sublayers::description() -{ - return L"Provides a listing of all sublayers in the system."; -} - -void Sublayers::handleRequest(const std::vector<std::wstring> &arguments) -{ - if (false == arguments.empty()) - { - throw std::runtime_error("Unsupported argument(s). Cannot complete request."); - } - - PrettyPrintOptions options; - - options.indent = 2; - options.useSeparator = true; - - PropertyDecorator decorator(FilterEngineProvider::Instance().get()); - - wfp::ObjectEnumerator::Sublayers(*FilterEngineProvider::Instance().get(), [&](const FWPM_SUBLAYER0 &sublayer) - { - m_messageSink(L"Sublayer"); - - PrettyPrintProperties(m_messageSink, options, SublayerProperties(sublayer, &decorator)); - - return true; - }); -} - -} diff --git a/wfpctl/src/extras/cli/commands/list/sublayers.h b/wfpctl/src/extras/cli/commands/list/sublayers.h deleted file mode 100644 index e9b34bbd52..0000000000 --- a/wfpctl/src/extras/cli/commands/list/sublayers.h +++ /dev/null @@ -1,25 +0,0 @@ -#pragma once - -#include "cli/commands/icommand.h" -#include "cli/util.h" - -namespace commands::list -{ - -class Sublayers : public ICommand -{ -public: - - Sublayers(MessageSink messageSink); - - std::wstring name() override; - std::wstring description() override; - - void handleRequest(const std::vector<std::wstring> &arguments) override; - -private: - - MessageSink m_messageSink; -}; - -} diff --git a/wfpctl/src/extras/cli/commands/monitor/m_events.cpp b/wfpctl/src/extras/cli/commands/monitor/m_events.cpp deleted file mode 100644 index 294ae38e9c..0000000000 --- a/wfpctl/src/extras/cli/commands/monitor/m_events.cpp +++ /dev/null @@ -1,68 +0,0 @@ -#include "stdafx.h" -#include "m_events.h" -#include "cli/objectproperties.h" -#include "cli/propertydecorator.h" -#include "cli/filterengineprovider.h" -#include "libwfp/objectmonitor.h" -#include <conio.h> - -namespace commands::monitor -{ - -Events::Events(MessageSink messageSink) - : m_messageSink(messageSink) -{ -} - -std::wstring Events::name() -{ - return L"events"; - -} - -std::wstring Events::description() -{ - return L"Provides monitoring of drop/allow events."; -} - -void Events::handleRequest(const std::vector<std::wstring> &arguments) -{ - if (false == arguments.empty()) - { - throw std::runtime_error("Unsupported argument(s). Cannot complete request."); - } - - wfp::ObjectMonitor objectMonitor(FilterEngineProvider::Instance().get()); - - objectMonitor.monitorEvents(std::bind(&Events::eventCallback, this, std::placeholders::_1)); - - m_messageSink(L"Successfully enabled monitor. Press any key to abort monitoring."); - - // - // This assumes we're in a console environment, but the alternative is to have - // the command (this class) communicate to the outside world that we're in - // a monitoring state. - // - // Hence, this is sufficient for now. - // - - _getwch(); - - objectMonitor.monitorEventsStop(); -} - -void Events::eventCallback(const FWPM_NET_EVENT1 &event) -{ - m_messageSink(L"Event"); - - PrettyPrintOptions options; - - options.indent = 2; - options.useSeparator = true; - - PropertyDecorator decorator(FilterEngineProvider::Instance().get()); - - PrettyPrintProperties(m_messageSink, options, EventProperties(event, &decorator)); -} - -} diff --git a/wfpctl/src/extras/cli/commands/monitor/m_events.h b/wfpctl/src/extras/cli/commands/monitor/m_events.h deleted file mode 100644 index e8724129e8..0000000000 --- a/wfpctl/src/extras/cli/commands/monitor/m_events.h +++ /dev/null @@ -1,28 +0,0 @@ -#pragma once - -#include "cli/commands/icommand.h" -#include "cli/util.h" -#include <memory> - -namespace commands::monitor -{ - -class Events : public ICommand -{ -public: - - Events(MessageSink messageSink); - - std::wstring name() override; - std::wstring description() override; - - void handleRequest(const std::vector<std::wstring> &arguments) override; - -private: - - MessageSink m_messageSink; - - void eventCallback(const FWPM_NET_EVENT1 &event); -}; - -} diff --git a/wfpctl/src/extras/cli/commands/wfpctl/deinit.cpp b/wfpctl/src/extras/cli/commands/wfpctl/deinit.cpp deleted file mode 100644 index fc5f5e0b2e..0000000000 --- a/wfpctl/src/extras/cli/commands/wfpctl/deinit.cpp +++ /dev/null @@ -1,35 +0,0 @@ -#include "stdafx.h" -#include "deinit.h" -#include "wfpctl/wfpctl.h" - -namespace commands::wfpctl -{ - -Deinit::Deinit(MessageSink messageSink) - : m_messageSink(messageSink) -{ -} - -std::wstring Deinit::name() -{ - return L"deinit"; -} - -std::wstring Deinit::description() -{ - return L"Deinitialize wfpctl; Destroy session and all associated objects"; -} - -void Deinit::handleRequest(const std::vector<std::wstring> &arguments) -{ - if (false == arguments.empty()) - { - throw std::runtime_error("Invalid argument(s). Cannot complete request."); - } - - m_messageSink((Wfpctl_Deinitialize() - ? L"Deinitialization completed successfully." - : L"Deinitialization failed. See above for details, if any.")); -} - -} diff --git a/wfpctl/src/extras/cli/commands/wfpctl/deinit.h b/wfpctl/src/extras/cli/commands/wfpctl/deinit.h deleted file mode 100644 index f445566f02..0000000000 --- a/wfpctl/src/extras/cli/commands/wfpctl/deinit.h +++ /dev/null @@ -1,25 +0,0 @@ -#pragma once - -#include "cli/commands/icommand.h" -#include "cli/util.h" - -namespace commands::wfpctl -{ - -class Deinit : public ICommand -{ -public: - - Deinit(MessageSink messageSink); - - std::wstring name() override; - std::wstring description() override; - - void handleRequest(const std::vector<std::wstring> &arguments) override; - -private: - - MessageSink m_messageSink; -}; - -} diff --git a/wfpctl/src/extras/cli/commands/wfpctl/init.cpp b/wfpctl/src/extras/cli/commands/wfpctl/init.cpp deleted file mode 100644 index eb569f55e7..0000000000 --- a/wfpctl/src/extras/cli/commands/wfpctl/init.cpp +++ /dev/null @@ -1,54 +0,0 @@ -#include "stdafx.h" -#include "init.h" -#include "libcommon/string.h" - -namespace commands::wfpctl -{ - -Init::Init(MessageSink messageSink) - : m_messageSink(messageSink) -{ -} - -std::wstring Init::name() -{ - return L"init"; -} - -std::wstring Init::description() -{ - return L"Initialize wfpctl; Create session and fundamental objects"; -} - -void Init::handleRequest(const std::vector<std::wstring> &arguments) -{ - uint32_t timeout = 0; - - if (false == arguments.empty()) - { - auto keyvalue = common::string::SplitKeyValuePairs(arguments); - - if (keyvalue.empty() || 0 != keyvalue.begin()->first.compare(L"timeout")) - { - throw std::runtime_error("Invalid argument. Cannot complete request."); - } - - timeout = wcstoul(keyvalue.begin()->second.c_str(), nullptr, 10); - } - - auto success = Wfpctl_Initialize(timeout, &Init::ErrorForwarder, this); - - m_messageSink((success - ? L"Initialization completed successfully." - : L"Initialization failed. See above for details, if any.")); -} - -//static -void WFPCTL_API Init::ErrorForwarder(const char *errorMessage, void *context) -{ - auto thiz = reinterpret_cast<Init *>(context); - - thiz->m_messageSink(common::string::ToWide(errorMessage)); -} - -} diff --git a/wfpctl/src/extras/cli/commands/wfpctl/init.h b/wfpctl/src/extras/cli/commands/wfpctl/init.h deleted file mode 100644 index 96686a2680..0000000000 --- a/wfpctl/src/extras/cli/commands/wfpctl/init.h +++ /dev/null @@ -1,28 +0,0 @@ -#pragma once - -#include "cli/commands/icommand.h" -#include "cli/util.h" -#include "wfpctl/wfpctl.h" - -namespace commands::wfpctl -{ - -class Init : public ICommand -{ -public: - - Init(MessageSink messageSink); - - std::wstring name() override; - std::wstring description() override; - - void handleRequest(const std::vector<std::wstring> &arguments) override; - -private: - - MessageSink m_messageSink; - - static void WFPCTL_API ErrorForwarder(const char *errorMessage, void *context); -}; - -} diff --git a/wfpctl/src/extras/cli/commands/wfpctl/policy.cpp b/wfpctl/src/extras/cli/commands/wfpctl/policy.cpp deleted file mode 100644 index 3d4ce2aaf6..0000000000 --- a/wfpctl/src/extras/cli/commands/wfpctl/policy.cpp +++ /dev/null @@ -1,170 +0,0 @@ -#include "stdafx.h" -#include "policy.h" -#include "libcommon/string.h" -#include "wfpctl/wfpctl.h" -#include <functional> - -namespace commands::wfpctl -{ - -namespace detail -{ - -WfpctlSettings CreateSettings(const std::wstring &dhcp, const std::wstring &lan) -{ - WfpctlSettings s; - - s.permitDhcp = (0 == _wcsicmp(dhcp.c_str(), L"yes")); - s.permitLan = (0 == _wcsicmp(lan.c_str(), L"yes")); - - return s; -} - -WfpctlProtocol TranslateProtocol(const std::wstring &protocol) -{ - return (0 == _wcsicmp(protocol.c_str(), L"tcp") ? WfpctlProtocol::Tcp : WfpctlProtocol::Udp); -} - -WfpctlRelay CreateRelay(const wchar_t *ip, const std::wstring &port, const std::wstring &protocol) -{ - WfpctlRelay r; - - r.ip = ip; - r.port = common::string::LexicalCast<uint16_t>(port); - r.protocol = TranslateProtocol(protocol); - - return r; -} - -} // namespace detail - -Policy::Policy(MessageSink messageSink) - : m_messageSink(messageSink) -{ - m_dispatcher.addSubcommand - ( - L"connecting", - std::bind(&Policy::processConnecting, this, std::placeholders::_1) - ); - - m_dispatcher.addSubcommand - ( - L"connected", - std::bind(&Policy::processConnected, this, std::placeholders::_1) - ); - - m_dispatcher.addSubcommand - ( - L"netblocked", - std::bind(&Policy::processNetBlocked, this) - ); - - m_dispatcher.addSubcommand - ( - L"reset", - std::bind(&Policy::processReset, this) - ); -} - -std::wstring Policy::name() -{ - return L"policy"; -} - -std::wstring Policy::description() -{ - return L"Activate and reset policies."; -} - -void Policy::handleRequest(const std::vector<std::wstring> &arguments) -{ - if (arguments.empty()) - { - throw std::runtime_error("Missing subcommand. Cannot complete request."); - } - - auto subcommand = arguments[0]; - - auto actualArguments(arguments); - actualArguments.erase(actualArguments.begin()); - - m_dispatcher.dispatch(subcommand, actualArguments); -} - -void Policy::processConnecting(const KeyValuePairs &arguments) -{ - auto settings = detail::CreateSettings - ( - GetArgumentValue(arguments, L"dhcp"), - GetArgumentValue(arguments, L"lan") - ); - - auto r = GetArgumentValue(arguments, L"relay"); - - auto relay = detail::CreateRelay - ( - r.c_str(), - GetArgumentValue(arguments, L"port"), - GetArgumentValue(arguments, L"protocol") - ); - - auto success = Wfpctl_ApplyPolicyConnecting - ( - settings, - relay - ); - - m_messageSink((success - ? L"Successfully applied policy." - : L"Failed to apply policy.")); -} - -void Policy::processConnected(const KeyValuePairs &arguments) -{ - auto settings = detail::CreateSettings - ( - GetArgumentValue(arguments, L"dhcp"), - GetArgumentValue(arguments, L"lan") - ); - - auto r = GetArgumentValue(arguments, L"relay"); - - auto relay = detail::CreateRelay - ( - r.c_str(), - GetArgumentValue(arguments, L"port"), - GetArgumentValue(arguments, L"protocol") - ); - - auto success = Wfpctl_ApplyPolicyConnected - ( - settings, - relay, - GetArgumentValue(arguments, L"tunnel").c_str(), - GetArgumentValue(arguments, L"dns").c_str() - ); - - m_messageSink((success - ? L"Successfully applied policy." - : L"Failed to apply policy.")); -} - -void Policy::processNetBlocked() -{ - auto success = Wfpctl_ApplyPolicyNetBlocked(); - - m_messageSink((success - ? L"Successfully applied policy." - : L"Failed to apply policy.")); -} - -void Policy::processReset() -{ - auto success = Wfpctl_Reset(); - - m_messageSink((success - ? L"Successfully reset policy." - : L"Failed to reset policy.")); -} - -} diff --git a/wfpctl/src/extras/cli/commands/wfpctl/policy.h b/wfpctl/src/extras/cli/commands/wfpctl/policy.h deleted file mode 100644 index 524640d3e6..0000000000 --- a/wfpctl/src/extras/cli/commands/wfpctl/policy.h +++ /dev/null @@ -1,35 +0,0 @@ -#pragma once - -#include "cli/commands/icommand.h" -#include "cli/util.h" -#include "cli/subcommanddispatcher.h" -#include "libcommon/string.h" - -namespace commands::wfpctl -{ - -class Policy : public ICommand -{ -public: - - Policy(MessageSink messageSink); - - std::wstring name() override; - std::wstring description() override; - - void handleRequest(const std::vector<std::wstring> &arguments) override; - -private: - - MessageSink m_messageSink; - SubcommandDispatcher m_dispatcher; - - using KeyValuePairs = common::string::KeyValuePairs; - - void processConnecting(const KeyValuePairs &arguments); - void processConnected(const KeyValuePairs &arguments); - void processNetBlocked(); - void processReset(); -}; - -} diff --git a/wfpctl/src/extras/cli/filterengineprovider.h b/wfpctl/src/extras/cli/filterengineprovider.h deleted file mode 100644 index 50382c7a6c..0000000000 --- a/wfpctl/src/extras/cli/filterengineprovider.h +++ /dev/null @@ -1,39 +0,0 @@ -#pragma once - -#include "libwfp/filterengine.h" -#include <memory> - -class FilterEngineProvider -{ - FilterEngineProvider() - { - } - -public: - - static FilterEngineProvider &Instance() - { - static FilterEngineProvider provider; - return provider; - } - - std::shared_ptr<wfp::FilterEngine> get() - { - return m_engine; - } - - // - // naive set(), good for now - // - void set(std::shared_ptr<wfp::FilterEngine> engine) - { - m_engine = engine; - } - -private: - - FilterEngineProvider(const FilterEngineProvider &); - FilterEngineProvider &operator=(const FilterEngineProvider &); - - std::shared_ptr<wfp::FilterEngine> m_engine; -}; diff --git a/wfpctl/src/extras/cli/inlineformatter.h b/wfpctl/src/extras/cli/inlineformatter.h deleted file mode 100644 index f00aa6d504..0000000000 --- a/wfpctl/src/extras/cli/inlineformatter.h +++ /dev/null @@ -1,30 +0,0 @@ -#pragma once - -#include <sstream> -#include <utility> - -class InlineFormatter -{ -public: - - template<typename T> - InlineFormatter &operator<<(const T &t) - { - m_ss << t; - return *this; - } - - std::wstring str() - { - auto s = m_ss.str(); - - m_ss.str(L""); - m_ss.clear(); - - return s; - } - -private: - - std::wstringstream m_ss; -}; diff --git a/wfpctl/src/extras/cli/ipropertydecorator.h b/wfpctl/src/extras/cli/ipropertydecorator.h deleted file mode 100644 index 01a6021ba1..0000000000 --- a/wfpctl/src/extras/cli/ipropertydecorator.h +++ /dev/null @@ -1,32 +0,0 @@ -#pragma once - -// -// These methods should be used during property extraction in order to translate -// identifiers (references) into something more meaningful. -// -// Ideally we would nest a PropertyList inside a PropertyList, but that's a rather -// large update since each element in the PropertyList would need to be wrapped. -// If such an update is made one day, be sure to also add a "group" element so -// we can have better structuring within a PropertyList -// - -#include <windows.h> -#include <string> - -struct IPropertyDecorator -{ - // - // These methods should return a short string that adds - // value for human operators/analysts. - // - - virtual std::wstring FilterDecoration(UINT64 id) = 0; - virtual std::wstring LayerDecoration(UINT16 id) = 0; - virtual std::wstring LayerDecoration(const GUID &key) = 0; - virtual std::wstring ProviderDecoration(const GUID &key) = 0; - virtual std::wstring SublayerDecoration(const GUID &key) = 0; - - virtual ~IPropertyDecorator() = 0 - { - } -}; diff --git a/wfpctl/src/extras/cli/modules/imodule.h b/wfpctl/src/extras/cli/modules/imodule.h deleted file mode 100644 index 82221f284f..0000000000 --- a/wfpctl/src/extras/cli/modules/imodule.h +++ /dev/null @@ -1,19 +0,0 @@ -#pragma once - -#include "cli/propertylist.h" -#include <string> -#include <vector> - -namespace modules -{ - -struct IModule -{ - virtual std::wstring name() = 0; - virtual std::wstring description() = 0; - virtual PropertyList commands() = 0; - - virtual void handleRequest(const std::vector<std::wstring> &request) = 0; -}; - -} diff --git a/wfpctl/src/extras/cli/modules/list.h b/wfpctl/src/extras/cli/modules/list.h deleted file mode 100644 index 23751c2a26..0000000000 --- a/wfpctl/src/extras/cli/modules/list.h +++ /dev/null @@ -1,33 +0,0 @@ -#pragma once - -#include "module.h" -#include "cli/util.h" -#include "cli/commands/list/sessions.h" -#include "cli/commands/list/providers.h" -#include "cli/commands/list/events.h" -#include "cli/commands/list/filters.h" -#include "cli/commands/list/layers.h" -#include "cli/commands/list/providercontexts.h" -#include "cli/commands/list/sublayers.h" - -namespace modules -{ - -class List : public Module -{ -public: - - List(MessageSink messageSink) - : Module(L"list", L"List various objects in the WFP universe.") - { - addCommand(std::make_unique<commands::list::Sessions>(messageSink)); - addCommand(std::make_unique<commands::list::Providers>(messageSink)); - addCommand(std::make_unique<commands::list::Events>(messageSink)); - addCommand(std::make_unique<commands::list::Filters>(messageSink)); - addCommand(std::make_unique<commands::list::Layers>(messageSink)); - addCommand(std::make_unique<commands::list::ProviderContexts>(messageSink)); - addCommand(std::make_unique<commands::list::Sublayers>(messageSink)); - } -}; - -} diff --git a/wfpctl/src/extras/cli/modules/module.cpp b/wfpctl/src/extras/cli/modules/module.cpp deleted file mode 100644 index f66ae5a084..0000000000 --- a/wfpctl/src/extras/cli/modules/module.cpp +++ /dev/null @@ -1,70 +0,0 @@ -#include "stdafx.h" -#include "module.h" -#include "cli/util.h" -#include "libcommon/string.h" -#include <sstream> -#include <utility> - -namespace modules -{ - -PropertyList Module::commands() -{ - PropertyList c; - - for (auto &command : m_commands) - { - c.add(common::string::Lower(command.second->name()), command.second->description()); - } - - return c; -} - -void Module::handleRequest(const std::vector<std::wstring> &request) -{ - // - // The request has the form of: - // - // [0] command - // [1] arg1 - // [2] arg2 - // ... - // - - if (request.empty()) - { - std::wstringstream ss; - - ss << L"Command missing. Try 'help " << m_name << "'."; - - throw std::runtime_error(common::string::ToAnsi(ss.str())); - } - - auto wanted = common::string::Lower(request[0]); - auto found = m_commands.find(wanted); - - if (found == m_commands.end()) - { - std::wstringstream ss; - - ss << L"Module '" << m_name << "' doesn't support the command '" << request[0] << "'."; - - throw std::runtime_error(common::string::ToAnsi(ss.str())); - } - - auto args = request; - - args.erase(args.begin()); - - found->second->handleRequest(args); -} - -void Module::addCommand(std::unique_ptr<commands::ICommand> command) -{ - m_commands.insert(std::make_pair( - common::string::Lower(command->name()), - std::move(command) - )); -} - -} diff --git a/wfpctl/src/extras/cli/modules/module.h b/wfpctl/src/extras/cli/modules/module.h deleted file mode 100644 index 45587ab7e5..0000000000 --- a/wfpctl/src/extras/cli/modules/module.h +++ /dev/null @@ -1,50 +0,0 @@ -#pragma once - -#include "imodule.h" -#include "cli/commands/icommand.h" -#include <map> -#include <memory> - -namespace modules -{ - -class Module : public IModule -{ -public: - - Module(const std::wstring &name, const std::wstring &description) - : m_name(name) - , m_description(description) - { - } - - std::wstring name() override - { - return m_name; - } - - std::wstring description() override - { - return m_description; - } - - // Collect name and description from commands. - PropertyList commands() override; - - // Identify requested command and dispatch to it. - void handleRequest(const std::vector<std::wstring> &request) override; - - void addCommand(std::unique_ptr<commands::ICommand> command); - -private: - - Module(const Module &); - Module &operator=(const Module &); - - std::wstring m_name; - std::wstring m_description; - - std::map<std::wstring, std::unique_ptr<commands::ICommand> > m_commands; -}; - -} diff --git a/wfpctl/src/extras/cli/modules/monitor.h b/wfpctl/src/extras/cli/modules/monitor.h deleted file mode 100644 index e227192e82..0000000000 --- a/wfpctl/src/extras/cli/modules/monitor.h +++ /dev/null @@ -1,21 +0,0 @@ -#pragma once - -#include "module.h" -#include "cli/util.h" -#include "cli/commands/monitor/m_events.h" - -namespace modules -{ - -class Monitor : public Module -{ -public: - - Monitor(MessageSink messageSink) - : Module(L"monitor", L"Real-time monitoring of events and object creation/deletion in WFP.") - { - addCommand(std::make_unique<commands::monitor::Events>(messageSink)); - } -}; - -} diff --git a/wfpctl/src/extras/cli/modules/wfpctl.h b/wfpctl/src/extras/cli/modules/wfpctl.h deleted file mode 100644 index b690454e19..0000000000 --- a/wfpctl/src/extras/cli/modules/wfpctl.h +++ /dev/null @@ -1,25 +0,0 @@ -#pragma once - -#include "module.h" -#include "cli/util.h" -#include "cli/commands/wfpctl/init.h" -#include "cli/commands/wfpctl/deinit.h" -#include "cli/commands/wfpctl/policy.h" - -namespace modules -{ - -class Wfpctl : public Module -{ -public: - - Wfpctl(MessageSink messageSink) - : Module(L"wfpctl", L"Exercise functionality provided by \"wfpctl.dll\".") - { - addCommand(std::make_unique<commands::wfpctl::Init>(messageSink)); - addCommand(std::make_unique<commands::wfpctl::Deinit>(messageSink)); - addCommand(std::make_unique<commands::wfpctl::Policy>(messageSink)); - } -}; - -} diff --git a/wfpctl/src/extras/cli/objectproperties.cpp b/wfpctl/src/extras/cli/objectproperties.cpp deleted file mode 100644 index 8b7b5a9c04..0000000000 --- a/wfpctl/src/extras/cli/objectproperties.cpp +++ /dev/null @@ -1,709 +0,0 @@ -#include "stdafx.h" -#include "objectproperties.h" -#include "inlineformatter.h" -#include "propertylist.h" -#include "libcommon/string.h" -#include <string> -#include <utility> -#include <vector> -#include <cwchar> - -// Add missing constants -// These are documented in MSDN but not defined in any header? -#define FWP_DIRECTION_IN 0x00003900L -#define FWP_DIRECTION_OUT 0x00003901L -#define FWP_DIRECTION_FORWARD 0x00003902L - -namespace detail -{ - -std::wstring SessionFlags(UINT32 flags) -{ - std::vector<std::pair<UINT32, std::wstring> > definitions = - { - std::make_pair(FWPM_SESSION_FLAG_DYNAMIC, L"FWPM_SESSION_FLAG_DYNAMIC"), - std::make_pair(FWPM_SESSION_FLAG_RESERVED, L"FWPM_SESSION_FLAG_RESERVED") - }; - - return common::string::FormatFlags(definitions, flags); -} - -std::wstring ProviderFlags(UINT32 flags) -{ - std::vector<std::pair<UINT32, std::wstring> > definitions = - { - std::make_pair(FWPM_PROVIDER_FLAG_PERSISTENT, L"FWPM_PROVIDER_FLAG_PERSISTENT"), - std::make_pair(FWPM_PROVIDER_FLAG_DISABLED, L"FWPM_PROVIDER_FLAG_DISABLED") - }; - - return common::string::FormatFlags(definitions, flags); -} - -std::wstring FormatIpProtocol(UINT8 protocol) -{ - switch (protocol) - { - case 0: return L"IPPROTO_HOPOPTS"; - case 1: return L"IPPROTO_ICMP"; - case 2: return L"IPPROTO_IGMP"; - case 3: return L"IPPROTO_GGP"; - case 4: return L"IPPROTO_IPV4"; - case 5: return L"IPPROTO_ST"; - case 6: return L"IPPROTO_TCP"; - case 7: return L"IPPROTO_CBT"; - case 8: return L"IPPROTO_EGP"; - case 9: return L"IPPROTO_IGP"; - case 12: return L"IPPROTO_PUP"; - case 17: return L"IPPROTO_UDP"; - case 22: return L"IPPROTO_IDP"; - case 27: return L"IPPROTO_RDP"; - case 41: return L"IPPROTO_IPV6"; - case 43: return L"IPPROTO_ROUTING"; - case 44: return L"IPPROTO_FRAGMENT"; - case 50: return L"IPPROTO_ESP"; - case 51: return L"IPPROTO_AH"; - case 58: return L"IPPROTO_ICMPV6"; - case 59: return L"IPPROTO_NONE"; - case 60: return L"IPPROTO_DSTOPTS"; - case 77: return L"IPPROTO_ND"; - case 78: return L"IPPROTO_ICLFXBM"; - case 103: return L"IPPROTO_PIM"; - case 113: return L"IPPROTO_PGM"; - case 115: return L"IPPROTO_L2TP"; - case 132: return L"IPPROTO_SCTP"; - case 255: return L"IPPROTO_RAW"; - default: return L"Unknown"; - }; -} - -std::wstring FilterFlags(UINT32 flags) -{ - std::vector<std::pair<UINT32, std::wstring> > definitions = - { - std::make_pair(FWPM_FILTER_FLAG_PERSISTENT, L"FWPM_FILTER_FLAG_PERSISTENT"), - std::make_pair(FWPM_FILTER_FLAG_BOOTTIME, L"FWPM_FILTER_FLAG_BOOTTIME"), - std::make_pair(FWPM_FILTER_FLAG_CLEAR_ACTION_RIGHT, L"FWPM_FILTER_FLAG_CLEAR_ACTION_RIGHT"), - std::make_pair(FWPM_FILTER_FLAG_PERMIT_IF_CALLOUT_UNREGISTERED, L"FWPM_FILTER_FLAG_PERMIT_IF_CALLOUT_UNREGISTERED"), - std::make_pair(FWPM_FILTER_FLAG_DISABLED, L"FWPM_FILTER_FLAG_DISABLED"), - std::make_pair(FWPM_FILTER_FLAG_INDEXED, L"FWPM_FILTER_FLAG_INDEXED") - }; - - return common::string::FormatFlags(definitions, flags); -} - -std::wstring LayerFlags(UINT32 flags) -{ - std::vector<std::pair<UINT32, std::wstring> > definitions = - { - std::make_pair(FWPM_LAYER_FLAG_KERNEL, L"FWPM_LAYER_FLAG_KERNEL"), - std::make_pair(FWPM_LAYER_FLAG_BUILTIN, L"FWPM_LAYER_FLAG_BUILTIN"), - std::make_pair(FWPM_LAYER_FLAG_CLASSIFY_MOSTLY, L"FWPM_LAYER_FLAG_CLASSIFY_MOSTLY"), - std::make_pair(FWPM_LAYER_FLAG_BUFFERED, L"FWPM_LAYER_FLAG_BUFFERED") - }; - - return common::string::FormatFlags(definitions, flags); -} - -std::wstring ProviderContextType(FWPM_PROVIDER_CONTEXT_TYPE type) -{ - switch (type) - { - case FWPM_IPSEC_KEYING_CONTEXT: return L"FWPM_IPSEC_KEYING_CONTEXT"; - case FWPM_IPSEC_IKE_QM_TRANSPORT_CONTEXT: return L"FWPM_IPSEC_IKE_QM_TRANSPORT_CONTEXT"; - case FWPM_IPSEC_IKE_QM_TUNNEL_CONTEXT: return L"FWPM_IPSEC_IKE_QM_TUNNEL_CONTEXT"; - case FWPM_IPSEC_AUTHIP_QM_TRANSPORT_CONTEXT: return L"FWPM_IPSEC_AUTHIP_QM_TRANSPORT_CONTEXT"; - case FWPM_IPSEC_AUTHIP_QM_TUNNEL_CONTEXT: return L"FWPM_IPSEC_AUTHIP_QM_TUNNEL_CONTEXT"; - case FWPM_IPSEC_IKE_MM_CONTEXT: return L"FWPM_IPSEC_IKE_MM_CONTEXT"; - case FWPM_IPSEC_AUTHIP_MM_CONTEXT: return L"FWPM_IPSEC_AUTHIP_MM_CONTEXT"; - case FWPM_CLASSIFY_OPTIONS_CONTEXT: return L"FWPM_CLASSIFY_OPTIONS_CONTEXT"; - case FWPM_GENERAL_CONTEXT: return L"FWPM_GENERAL_CONTEXT"; - case FWPM_IPSEC_IKEV2_QM_TUNNEL_CONTEXT: return L"FWPM_IPSEC_IKEV2_QM_TUNNEL_CONTEXT"; - case FWPM_IPSEC_IKEV2_MM_CONTEXT: return L"FWPM_IPSEC_IKEV2_MM_CONTEXT"; - case FWPM_IPSEC_DOSP_CONTEXT: return L"FWPM_IPSEC_DOSP_CONTEXT"; - case FWPM_IPSEC_IKEV2_QM_TRANSPORT_CONTEXT: return L"FWPM_IPSEC_IKEV2_QM_TRANSPORT_CONTEXT"; - default: return L"[Unknown]"; - } -} - -std::wstring Direction(UINT32 direction) -{ - switch (direction) - { - case FWP_DIRECTION_IN: return L"In"; - case FWP_DIRECTION_OUT: return L"Out"; - case FWP_DIRECTION_FORWARD: return L"Forward"; - default: return L"[Unknown]"; - } -} - -std::wstring FilterDecoration(IPropertyDecorator *decorator, UINT64 id) -{ - if (nullptr == decorator) - { - return L""; - } - - return (InlineFormatter() << L" " << decorator->FilterDecoration(id)).str(); -} - -std::wstring LayerDecoration(IPropertyDecorator *decorator, UINT16 id) -{ - if (nullptr == decorator) - { - return L""; - } - - return (InlineFormatter() << L" " << decorator->LayerDecoration(id)).str(); -} - -std::wstring LayerDecoration(IPropertyDecorator *decorator, const GUID &key) -{ - if (nullptr == decorator) - { - return L""; - } - - return (InlineFormatter() << L" " << decorator->LayerDecoration(key)).str(); -} - -std::wstring ProviderDecoration(IPropertyDecorator *decorator, const GUID &key) -{ - if (nullptr == decorator) - { - return L""; - } - - return (InlineFormatter() << L" " << decorator->ProviderDecoration(key)).str(); -} - -std::wstring SublayerDecoration(IPropertyDecorator *decorator, const GUID &key) -{ - if (nullptr == decorator) - { - return L""; - } - - return (InlineFormatter() << L" " << decorator->SublayerDecoration(key)).str(); -} - -void AddStringProperty(PropertyList &props, const wchar_t *name, const wchar_t *value) -{ - if (nullptr == value || 0 == wcslen(value)) - { - return; - } - - props.add(name, value); -} - -// This won't work because sometimes 0 is a valid flag value -//template<typename T> -//void AddFlagProperty(PropertyList &props, const std::wstring &name, T value, std::function<std::wstring(T)> formatter> - -} // namespace detail - -PropertyList SessionProperties(const FWPM_SESSION0 &session) -{ - PropertyList props; - InlineFormatter f; - - props.add(L"key", common::string::FormatGuid(session.sessionKey)); - detail::AddStringProperty(props, L"name", session.displayData.name); - detail::AddStringProperty(props, L"description", session.displayData.description); - - props.add(L"flags", (f << session.flags << L" = " << detail::SessionFlags(session.flags)).str()); - props.add(L"wait timeout", (f << session.txnWaitTimeoutInMSec).str()); - props.add(L"sid", common::string::FormatSid(*session.sid)); - props.add(L"username", session.username); - props.add(L"kernel", (session.kernelMode ? L"true" : L"false")); - - return props; -} - -PropertyList ProviderProperties(const FWPM_PROVIDER0 &provider) -{ - PropertyList props; - InlineFormatter f; - - props.add(L"key", common::string::FormatGuid(provider.providerKey)); - detail::AddStringProperty(props, L"name", provider.displayData.name); - detail::AddStringProperty(props, L"description", provider.displayData.description); - - props.add(L"flags", (f << provider.flags << L" = " << detail::ProviderFlags(provider.flags)).str()); - - if (0 != provider.providerData.size) - { - props.add(L"provider data", (f << L"Present (" << provider.providerData.size << L" bytes)").str()); - } - - detail::AddStringProperty(props, L"service name", provider.serviceName); - - return props; -} - -PropertyList EventProperties(const FWPM_NET_EVENT0 &event, IPropertyDecorator *decorator) -{ - PropertyList props; - InlineFormatter f; - - props.add(L"timestamp", common::string::FormatTime(event.header.timeStamp)); - - if (0 != (event.header.flags & FWPM_NET_EVENT_FLAG_IP_PROTOCOL_SET)) - { - props.add(L"protocol", detail::FormatIpProtocol(event.header.ipProtocol)); - } - - if (0 != (event.header.flags & FWPM_NET_EVENT_FLAG_IP_VERSION_SET) - && 0 != (event.header.flags & FWPM_NET_EVENT_FLAG_LOCAL_ADDR_SET)) - { - if (event.header.ipVersion == FWP_IP_VERSION_V4) - { - props.add(L"local addr", common::string::FormatIpv4(event.header.localAddrV4)); - } - else - { - props.add(L"local addr", common::string::FormatIpv6(event.header.localAddrV6.byteArray16)); - } - } - - if (0 != (event.header.flags & FWPM_NET_EVENT_FLAG_IP_VERSION_SET) - && 0 != (event.header.flags & FWPM_NET_EVENT_FLAG_REMOTE_ADDR_SET)) - { - if (event.header.ipVersion == FWP_IP_VERSION_V4) - { - props.add(L"remote addr", common::string::FormatIpv4(event.header.remoteAddrV4)); - } - else - { - props.add(L"remote addr", common::string::FormatIpv6(event.header.remoteAddrV6.byteArray16)); - } - } - - if (0 != (event.header.flags & FWPM_NET_EVENT_FLAG_LOCAL_PORT_SET)) - { - props.add(L"local port", (f << event.header.localPort).str()); - } - - if (0 != (event.header.flags & FWPM_NET_EVENT_FLAG_REMOTE_PORT_SET)) - { - props.add(L"remote port", (f << event.header.remotePort).str()); - } - - if (0 != (event.header.flags & FWPM_NET_EVENT_FLAG_APP_ID_SET)) - { - auto begin = reinterpret_cast<wchar_t *>(event.header.appId.data); - auto end = begin + (event.header.appId.size / sizeof(wchar_t)); - - props.add(L"app id", std::wstring(begin, end)); - } - - if (0 != (event.header.flags & FWPM_NET_EVENT_FLAG_USER_ID_SET)) - { - props.add(L"user id", common::string::FormatSid(*event.header.userId)); - } - - if (0 != (event.header.flags & FWPM_NET_EVENT_FLAG_SCOPE_ID_SET)) - { - props.add(L"IPv6 scope id", (f << event.header.scopeId).str()); - } - - switch (event.type) - { - case FWPM_NET_EVENT_TYPE_IKEEXT_MM_FAILURE: - { - props.add(L"type", L"IKEEXT_MM_FAILURE"); - break; - } - case FWPM_NET_EVENT_TYPE_IKEEXT_QM_FAILURE: - { - props.add(L"type", L"IKEEXT_QM_FAILURE"); - break; - } - case FWPM_NET_EVENT_TYPE_IKEEXT_EM_FAILURE: - { - props.add(L"type", L"IKEEXT_EM_FAILURE"); - break; - } - case FWPM_NET_EVENT_TYPE_CLASSIFY_DROP: - { - props.add(L"type", L"CLASSIFY_DROP"); - - props.add(L"filter id", (f << event.classifyDrop->filterId - << detail::FilterDecoration(decorator, event.classifyDrop->filterId)).str()); - - props.add(L"layer id", (f << event.classifyDrop->layerId - << detail::LayerDecoration(decorator, event.classifyDrop->layerId)).str()); - - break; - } - case FWPM_NET_EVENT_TYPE_IPSEC_KERNEL_DROP: - { - props.add(L"type", L"IPSEC_KERNEL_DROP"); - break; - } - case FWPM_NET_EVENT_TYPE_IPSEC_DOSP_DROP: - { - props.add(L"type", L"IPSEC_DOSP_DROP"); - break; - } - case FWPM_NET_EVENT_TYPE_CLASSIFY_ALLOW: - { - props.add(L"type", L"CLASSIFY_ALLOW"); - break; - } - case FWPM_NET_EVENT_TYPE_CAPABILITY_DROP: - { - props.add(L"type", L"CAPABILITY_DROP"); - break; - } - case FWPM_NET_EVENT_TYPE_CAPABILITY_ALLOW: - { - props.add(L"type", L"CAPABILITY_ALLOW"); - break; - } - case FWPM_NET_EVENT_TYPE_CLASSIFY_DROP_MAC: - { - props.add(L"type", L"CLASSIFY_DROP_MAC"); - break; - } - default: - { - props.add(L"type", L"Unknown"); - } - }; - - return props; -} - -PropertyList EventProperties(const FWPM_NET_EVENT1 &event, IPropertyDecorator *decorator) -{ - // - // TODO-MAYBE: Restructure code to operate on individual elements of the structure - // then use upcasting and a single implementation for extracting the basic information. - // - - PropertyList props; - InlineFormatter f; - - props.add(L"timestamp", common::string::FormatTime(event.header.timeStamp)); - - if (0 != (event.header.flags & FWPM_NET_EVENT_FLAG_IP_PROTOCOL_SET)) - { - props.add(L"protocol", detail::FormatIpProtocol(event.header.ipProtocol)); - } - - if (0 != (event.header.flags & FWPM_NET_EVENT_FLAG_IP_VERSION_SET) - && 0 != (event.header.flags & FWPM_NET_EVENT_FLAG_LOCAL_ADDR_SET)) - { - if (event.header.ipVersion == FWP_IP_VERSION_V4) - { - props.add(L"local addr", common::string::FormatIpv4(event.header.localAddrV4)); - } - else - { - props.add(L"local addr", common::string::FormatIpv6(event.header.localAddrV6.byteArray16)); - } - } - - if (0 != (event.header.flags & FWPM_NET_EVENT_FLAG_IP_VERSION_SET) - && 0 != (event.header.flags & FWPM_NET_EVENT_FLAG_REMOTE_ADDR_SET)) - { - if (event.header.ipVersion == FWP_IP_VERSION_V4) - { - props.add(L"remote addr", common::string::FormatIpv4(event.header.remoteAddrV4)); - } - else - { - props.add(L"remote addr", common::string::FormatIpv6(event.header.remoteAddrV6.byteArray16)); - } - } - - if (0 != (event.header.flags & FWPM_NET_EVENT_FLAG_LOCAL_PORT_SET)) - { - props.add(L"local port", (f << event.header.localPort).str()); - } - - if (0 != (event.header.flags & FWPM_NET_EVENT_FLAG_REMOTE_PORT_SET)) - { - props.add(L"remote port", (f << event.header.remotePort).str()); - } - - if (0 != (event.header.flags & FWPM_NET_EVENT_FLAG_APP_ID_SET)) - { - auto begin = reinterpret_cast<wchar_t *>(event.header.appId.data); - auto end = begin + (event.header.appId.size / sizeof(wchar_t)); - - props.add(L"app id", std::wstring(begin, end)); - } - - if (0 != (event.header.flags & FWPM_NET_EVENT_FLAG_USER_ID_SET)) - { - props.add(L"user id", common::string::FormatSid(*event.header.userId)); - } - - if (0 != (event.header.flags & FWPM_NET_EVENT_FLAG_SCOPE_ID_SET)) - { - props.add(L"IPv6 scope id", (f << event.header.scopeId).str()); - } - - switch (event.type) - { - case FWPM_NET_EVENT_TYPE_IKEEXT_MM_FAILURE: - { - props.add(L"type", L"IKEEXT_MM_FAILURE"); - break; - } - case FWPM_NET_EVENT_TYPE_IKEEXT_QM_FAILURE: - { - props.add(L"type", L"IKEEXT_QM_FAILURE"); - break; - } - case FWPM_NET_EVENT_TYPE_IKEEXT_EM_FAILURE: - { - props.add(L"type", L"IKEEXT_EM_FAILURE"); - break; - } - case FWPM_NET_EVENT_TYPE_CLASSIFY_DROP: - { - props.add(L"type", L"CLASSIFY_DROP"); - - props.add(L"filter id", (f << event.classifyDrop->filterId - << detail::FilterDecoration(decorator, event.classifyDrop->filterId)).str()); - - props.add(L"layer id", (f << event.classifyDrop->layerId - << detail::LayerDecoration(decorator, event.classifyDrop->layerId)).str()); - - props.add(L"direction", detail::Direction(event.classifyDrop->msFwpDirection)); - - if (1 == event.classifyDrop->isLoopback) - { - props.add(L"loopback", L"True"); - } - - break; - } - case FWPM_NET_EVENT_TYPE_IPSEC_KERNEL_DROP: - { - props.add(L"type", L"IPSEC_KERNEL_DROP"); - break; - } - case FWPM_NET_EVENT_TYPE_IPSEC_DOSP_DROP: - { - props.add(L"type", L"IPSEC_DOSP_DROP"); - break; - } - case FWPM_NET_EVENT_TYPE_CLASSIFY_ALLOW: - { - props.add(L"type", L"CLASSIFY_ALLOW"); - break; - } - case FWPM_NET_EVENT_TYPE_CAPABILITY_DROP: - { - props.add(L"type", L"CAPABILITY_DROP"); - break; - } - case FWPM_NET_EVENT_TYPE_CAPABILITY_ALLOW: - { - props.add(L"type", L"CAPABILITY_ALLOW"); - break; - } - case FWPM_NET_EVENT_TYPE_CLASSIFY_DROP_MAC: - { - props.add(L"type", L"CLASSIFY_DROP_MAC"); - break; - } - default: - { - props.add(L"type", L"Unknown"); - } - }; - - return props; -} - -PropertyList FilterProperties(const FWPM_FILTER0 &filter, IPropertyDecorator *decorator) -{ - PropertyList props; - InlineFormatter f; - - props.add(L"key", common::string::FormatGuid(filter.filterKey)); - detail::AddStringProperty(props, L"name", filter.displayData.name); - detail::AddStringProperty(props, L"description", filter.displayData.description); - - props.add(L"flags", (f << filter.flags << L" = " << detail::FilterFlags(filter.flags)).str()); - - if (nullptr != filter.providerKey) - { - props.add(L"provider key", (f << common::string::FormatGuid(*filter.providerKey) - << detail::ProviderDecoration(decorator, *filter.providerKey)).str()); - } - - if (0 != filter.providerData.size) - { - props.add(L"provider data", (f << L"Present (" << filter.providerData.size << L" bytes)").str()); - } - - props.add(L"layer key", (f << common::string::FormatGuid(filter.layerKey) - << detail::LayerDecoration(decorator, filter.layerKey)).str()); - - props.add(L"sublayer key", (f << common::string::FormatGuid(filter.subLayerKey) - << detail::SublayerDecoration(decorator, filter.subLayerKey)).str()); - - if (FWP_UINT64 == filter.weight.type) - { - props.add(L"weight", (f << *filter.weight.uint64 << L" (exact)").str()); - } - else if (FWP_UINT8 == filter.weight.type) - { - props.add(L"weight", (f << filter.weight.uint8 << L" (relative 0-15)").str()); - } - else - { - props.add(L"weight", L"Automatic"); - } - - props.add(L"num conditions", (f << filter.numFilterConditions).str()); - props.add(L"conditions", L"TODO"); - - if (FWP_ACTION_BLOCK == filter.action.type) - { - props.add(L"action", L"Block"); - props.add(L"filter type", common::string::FormatGuid(filter.action.filterType)); - } - else if (FWP_ACTION_PERMIT == filter.action.type) - { - props.add(L"action", L"Permit"); - props.add(L"filter type", common::string::FormatGuid(filter.action.filterType)); - } - else if (FWP_ACTION_CALLOUT_TERMINATING == filter.action.type) - { - props.add(L"action", L"Callout terminating"); - props.add(L"callout key", common::string::FormatGuid(filter.action.calloutKey)); - } - else if (FWP_ACTION_CALLOUT_INSPECTION == filter.action.type) - { - props.add(L"action", L"Callout inspection"); - props.add(L"callout key", common::string::FormatGuid(filter.action.calloutKey)); - } - else if (FWP_ACTION_CALLOUT_UNKNOWN == filter.action.type) - { - props.add(L"action", L"Callout unknown"); - props.add(L"callout key", common::string::FormatGuid(filter.action.calloutKey)); - } - - if (0 != (filter.flags & FWPM_FILTER_FLAG_HAS_PROVIDER_CONTEXT)) - { - props.add(L"context", L"Provider context"); - } - else - { - props.add(L"context", L"Raw context"); - } - - props.add(L"filter id", (f << filter.filterId).str()); - - if (FWP_UINT64 == filter.effectiveWeight.type) - { - props.add(L"effective weight", (f << *filter.effectiveWeight.uint64 << L" (exact)").str()); - } - else if (FWP_UINT8 == filter.effectiveWeight.type) - { - props.add(L"effective weight", (f << filter.effectiveWeight.uint8 << L" (relative 0-15)").str()); - } - else - { - props.add(L"effective weight", L"Automatic"); - } - - return props; -} - -PropertyList LayerProperties(const FWPM_LAYER0 &layer, IPropertyDecorator *decorator) -{ - PropertyList props; - InlineFormatter f; - - props.add(L"key", common::string::FormatGuid(layer.layerKey)); - detail::AddStringProperty(props, L"name", layer.displayData.name); - detail::AddStringProperty(props, L"description", layer.displayData.description); - - props.add(L"flags", (f << layer.flags << L" = " << detail::LayerFlags(layer.flags)).str()); - props.add(L"num fields", (f << layer.numFields).str()); - props.add(L"field array", L"TODO"); - - props.add(L"default sublayer", (f << common::string::FormatGuid(layer.defaultSubLayerKey) - << detail::SublayerDecoration(decorator, layer.defaultSubLayerKey)).str()); - - props.add(L"layer id", (f << layer.layerId).str()); - - return props; -} - -PropertyList ProviderContextProperties(const FWPM_PROVIDER_CONTEXT0 &context, IPropertyDecorator *decorator) -{ - PropertyList props; - InlineFormatter f; - - props.add(L"key", common::string::FormatGuid(context.providerContextKey)); - detail::AddStringProperty(props, L"name", context.displayData.name); - detail::AddStringProperty(props, L"description", context.displayData.description); - - if (0 != (context.flags & FWPM_PROVIDER_CONTEXT_FLAG_PERSISTENT)) - { - props.add(L"flags", L"FWPM_PROVIDER_CONTEXT_FLAG_PERSISTENT"); - } - else - { - props.add(L"flags", (f << context.flags).str()); - } - - if (nullptr != context.providerKey) - { - props.add(L"provider key", (f << common::string::FormatGuid(*context.providerKey) - << detail::ProviderDecoration(decorator, *context.providerKey)).str()); - } - - if (0 != context.providerData.size) - { - props.add(L"provider data", (f << L"Present (" << context.providerData.size << L" bytes)").str()); - } - - props.add(L"context type", detail::ProviderContextType(context.type)); - props.add(L"id", (f << context.providerContextId).str()); - - return props; -} - -PropertyList SublayerProperties(const FWPM_SUBLAYER0 &sublayer, IPropertyDecorator *decorator) -{ - PropertyList props; - InlineFormatter f; - - props.add(L"key", common::string::FormatGuid(sublayer.subLayerKey)); - detail::AddStringProperty(props, L"name", sublayer.displayData.name); - detail::AddStringProperty(props, L"description", sublayer.displayData.description); - - if (0 != (sublayer.flags & FWPM_SUBLAYER_FLAG_PERSISTENT)) - { - props.add(L"flags", L"FWPM_SUBLAYER_FLAG_PERSISTENT"); - } - else - { - props.add(L"flags", (f << sublayer.flags).str()); - } - - if (nullptr != sublayer.providerKey) - { - props.add(L"provider key", (f << common::string::FormatGuid(*sublayer.providerKey) - << detail::ProviderDecoration(decorator, *sublayer.providerKey)).str()); - } - - if (0 != sublayer.providerData.size) - { - props.add(L"provider data", (f << L"Present (" << sublayer.providerData.size << L" bytes)").str()); - } - - props.add(L"weight", (f << sublayer.weight).str()); - - return props; -} diff --git a/wfpctl/src/extras/cli/objectproperties.h b/wfpctl/src/extras/cli/objectproperties.h deleted file mode 100644 index a4f349f828..0000000000 --- a/wfpctl/src/extras/cli/objectproperties.h +++ /dev/null @@ -1,15 +0,0 @@ -#pragma once - -#include "propertylist.h" -#include "ipropertydecorator.h" -#include <windows.h> -#include <fwpmu.h> - -PropertyList SessionProperties(const FWPM_SESSION0 &session); -PropertyList ProviderProperties(const FWPM_PROVIDER0 &provider); -PropertyList EventProperties(const FWPM_NET_EVENT0 &event, IPropertyDecorator *decorator = nullptr); -PropertyList EventProperties(const FWPM_NET_EVENT1 &event, IPropertyDecorator *decorator = nullptr); -PropertyList FilterProperties(const FWPM_FILTER0 &filter, IPropertyDecorator *decorator = nullptr); -PropertyList LayerProperties(const FWPM_LAYER0 &layer, IPropertyDecorator *decorator = nullptr); -PropertyList ProviderContextProperties(const FWPM_PROVIDER_CONTEXT0 &context, IPropertyDecorator *decorator = nullptr); -PropertyList SublayerProperties(const FWPM_SUBLAYER0 &sublayer, IPropertyDecorator *decorator = nullptr); diff --git a/wfpctl/src/extras/cli/propertydecorator.cpp b/wfpctl/src/extras/cli/propertydecorator.cpp deleted file mode 100644 index 115c628c27..0000000000 --- a/wfpctl/src/extras/cli/propertydecorator.cpp +++ /dev/null @@ -1,92 +0,0 @@ -#include "stdafx.h" -#include "propertydecorator.h" -#include "libwfp/objectexplorer.h" -#include "libcommon/string.h" -#include "inlineformatter.h" -#include <cwchar> - -namespace detail -{ - -std::wstring Format(const wchar_t *in_name, const wchar_t *in_desc) -{ - auto haveName = (nullptr != in_name && 0 != wcslen(in_name)); - auto haveDesc = (nullptr != in_desc && 0 != wcslen(in_desc)); - - std::wstring name = (haveName ? in_name : L"n/a"); - std::wstring desc = (haveDesc ? common::string::Summary(in_desc, 50) : L"n/a"); - - return (InlineFormatter() << L"[" << name << L", " << desc << L"]").str(); -} - -} // namespace detail - -PropertyDecorator::PropertyDecorator(std::shared_ptr<wfp::FilterEngine> engine) - : m_engine(engine) -{ -} - -std::wstring PropertyDecorator::FilterDecoration(UINT64 id) -{ - std::wstring brief = L"[n/a]"; - - wfp::ObjectExplorer::GetFilter(*m_engine, id, [&brief](const FWPM_FILTER0 &filter) - { - brief = detail::Format(filter.displayData.name, filter.displayData.description); - return true; - }); - - return brief; -} - -std::wstring PropertyDecorator::LayerDecoration(UINT16 id) -{ - std::wstring brief = L"[n/a]"; - - wfp::ObjectExplorer::GetLayer(*m_engine, id, [&brief](const FWPM_LAYER0 &layer) - { - brief = detail::Format(layer.displayData.name, layer.displayData.description); - return true; - }); - - return brief; -} - -std::wstring PropertyDecorator::LayerDecoration(const GUID &key) -{ - std::wstring brief = L"[n/a]"; - - wfp::ObjectExplorer::GetLayer(*m_engine, key, [&brief](const FWPM_LAYER0 &layer) - { - brief = detail::Format(layer.displayData.name, layer.displayData.description); - return true; - }); - - return brief; -} - -std::wstring PropertyDecorator::ProviderDecoration(const GUID &key) -{ - std::wstring brief = L"[n/a]"; - - wfp::ObjectExplorer::GetProvider(*m_engine, key, [&brief](const FWPM_PROVIDER0 &provider) - { - brief = detail::Format(provider.displayData.name, provider.displayData.description); - return true; - }); - - return brief; -} - -std::wstring PropertyDecorator::SublayerDecoration(const GUID &key) -{ - std::wstring brief = L"[n/a]"; - - wfp::ObjectExplorer::GetSublayer(*m_engine, key, [&brief](const FWPM_SUBLAYER0 &sublayer) - { - brief = detail::Format(sublayer.displayData.name, sublayer.displayData.description); - return true; - }); - - return brief; -} diff --git a/wfpctl/src/extras/cli/propertydecorator.h b/wfpctl/src/extras/cli/propertydecorator.h deleted file mode 100644 index b021d275e1..0000000000 --- a/wfpctl/src/extras/cli/propertydecorator.h +++ /dev/null @@ -1,27 +0,0 @@ -#pragma once - -#include "ipropertydecorator.h" -#include "libwfp/filterengine.h" -#include <memory> - -class PropertyDecorator : public IPropertyDecorator -{ -public: - - PropertyDecorator(std::shared_ptr<wfp::FilterEngine> engine); - - // - // The format of the returned string: - // [name, first 50 chars of description] - // - - std::wstring FilterDecoration(UINT64 id) override; - std::wstring LayerDecoration(UINT16 id) override; - std::wstring LayerDecoration(const GUID &key) override; - std::wstring ProviderDecoration(const GUID &key) override; - std::wstring SublayerDecoration(const GUID &key) override; - -private: - - std::shared_ptr<wfp::FilterEngine> m_engine; -}; diff --git a/wfpctl/src/extras/cli/propertylist.h b/wfpctl/src/extras/cli/propertylist.h deleted file mode 100644 index b5d9d71499..0000000000 --- a/wfpctl/src/extras/cli/propertylist.h +++ /dev/null @@ -1,55 +0,0 @@ -#pragma once - -#include <string> -#include <utility> -#include <vector> - -class PropertyList -{ -public: - - struct Property - { - Property(const std::wstring &n, const std::wstring &v) - : name(n), value(v) - { - } - - Property(std::wstring &&n, std::wstring &&v) - : name(n), value(v) - { - } - - std::wstring name; - std::wstring value; - }; - - void add(const std::wstring &name, const std::wstring &value) - { - m_properties.emplace_back(name, value); - } - - void add(std::wstring &&name, std::wstring &&value) - { - m_properties.emplace_back(name, value); - } - - const std::vector<Property> &list() - { - return m_properties; - } - - std::vector<Property>::const_iterator begin() const - { - return m_properties.begin(); - } - - std::vector<Property>::const_iterator end() const - { - return m_properties.end(); - } - -private: - - std::vector<Property> m_properties; -}; diff --git a/wfpctl/src/extras/cli/stdafx.cpp b/wfpctl/src/extras/cli/stdafx.cpp deleted file mode 100644 index 62355160c9..0000000000 --- a/wfpctl/src/extras/cli/stdafx.cpp +++ /dev/null @@ -1,8 +0,0 @@ -// stdafx.cpp : source file that includes just the standard includes -// cli.pch will be the pre-compiled header -// stdafx.obj will contain the pre-compiled type information - -#include "stdafx.h" - -// TODO: reference any additional headers you need in STDAFX.H -// and not in this file diff --git a/wfpctl/src/extras/cli/stdafx.h b/wfpctl/src/extras/cli/stdafx.h deleted file mode 100644 index b005a839de..0000000000 --- a/wfpctl/src/extras/cli/stdafx.h +++ /dev/null @@ -1,15 +0,0 @@ -// stdafx.h : include file for standard system include files, -// or project specific include files that are used frequently, but -// are changed infrequently -// - -#pragma once - -#include "targetver.h" - -#include <stdio.h> -#include <tchar.h> - - - -// TODO: reference additional headers your program requires here diff --git a/wfpctl/src/extras/cli/subcommanddispatcher.cpp b/wfpctl/src/extras/cli/subcommanddispatcher.cpp deleted file mode 100644 index 4bb7868cd7..0000000000 --- a/wfpctl/src/extras/cli/subcommanddispatcher.cpp +++ /dev/null @@ -1,27 +0,0 @@ -#include "stdafx.h" -#include "subcommanddispatcher.h" -#include "libcommon/string.h" -#include <sstream> -#include <stdexcept> -#include <utility> - -void SubcommandDispatcher::addSubcommand(const std::wstring &command, Handler handler) -{ - m_commands.insert(std::make_pair(command, handler)); -} - -void SubcommandDispatcher::dispatch(const std::wstring &command, const std::vector<std::wstring> &arguments) -{ - auto selectedCommand = m_commands.find(command); - - if (m_commands.end() == selectedCommand) - { - std::wstringstream ss; - - ss << L"Unsupported subcommand '" << command << "'. Cannot complete request."; - - throw std::runtime_error(common::string::ToAnsi(ss.str()).c_str()); - } - - selectedCommand->second(common::string::SplitKeyValuePairs(arguments)); -} diff --git a/wfpctl/src/extras/cli/subcommanddispatcher.h b/wfpctl/src/extras/cli/subcommanddispatcher.h deleted file mode 100644 index a480ec8104..0000000000 --- a/wfpctl/src/extras/cli/subcommanddispatcher.h +++ /dev/null @@ -1,20 +0,0 @@ -#pragma once - -#include "libcommon/string.h" -#include <functional> -#include <string> -#include <unordered_map> - -class SubcommandDispatcher -{ - typedef std::function<void(const common::string::KeyValuePairs &)> Handler; - -public: - - void addSubcommand(const std::wstring &command, Handler handler); - void dispatch(const std::wstring &command, const std::vector<std::wstring> &arguments); - -private: - - std::unordered_map<std::wstring, Handler> m_commands; -}; diff --git a/wfpctl/src/extras/cli/targetver.h b/wfpctl/src/extras/cli/targetver.h deleted file mode 100644 index ae4a5c032c..0000000000 --- a/wfpctl/src/extras/cli/targetver.h +++ /dev/null @@ -1,12 +0,0 @@ -#pragma once - -// Including SDKDDKVer.h defines the highest available Windows platform. - -// If you wish to build your application for a previous Windows platform, include WinSDKVer.h and -// set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h. - -#include <WinSDKVer.h> - -#define _WIN32_WINNT _WIN32_WINNT_WIN7 - -#include <SDKDDKVer.h> diff --git a/wfpctl/src/extras/cli/util.cpp b/wfpctl/src/extras/cli/util.cpp deleted file mode 100644 index 6181e68639..0000000000 --- a/wfpctl/src/extras/cli/util.cpp +++ /dev/null @@ -1,62 +0,0 @@ -#include "stdafx.h" -#include "util.h" -#include "inlineformatter.h" -#include "libcommon/string.h" -#include <string> - -void PrettyPrintProperties(MessageSink messageSink, PrettyPrintOptions options, const PropertyList &properties) -{ - size_t longestName = 0; - - for (auto &property : properties) - { - longestName = max(longestName, property.name.size()); - } - - // - // Format is: - // indent, name, [separator], tab, [tab, ...] - // - - const auto separator = std::wstring(options.useSeparator ? L":" : L""); - - auto insert = options.indent + longestName + separator.size(); - - if (0 == (insert % 8)) - { - insert += 8; - } - else - { - insert = ((insert / 8) + 1) * 8; - } - - std::wstring indenter(options.indent, L' '); - InlineFormatter f; - - for (auto &property : properties) - { - auto at = options.indent + property.name.size() + separator.size(); - auto distance = insert - at; - auto tabs = (0 == (distance % 8) ? distance / 8 : (distance / 8) + 1); - - messageSink((f << indenter << property.name << separator - << std::wstring(tabs, L'\t') << property.value).str()); - } -} - -std::wstring GetArgumentValue(const common::string::KeyValuePairs &arguments, const std::wstring &key) -{ - auto arg = arguments.find(key); - - if (arguments.end() == arg) - { - std::wstringstream ss; - - ss << L"Missing argument: '" << key << L"'"; - - throw std::runtime_error(common::string::ToAnsi(ss.str())); - } - - return arg->second; -} diff --git a/wfpctl/src/extras/cli/util.h b/wfpctl/src/extras/cli/util.h deleted file mode 100644 index 3919e03422..0000000000 --- a/wfpctl/src/extras/cli/util.h +++ /dev/null @@ -1,20 +0,0 @@ -#pragma once - -#include <functional> -#include <memory> -#include <string> -#include "propertylist.h" -#include "libwfp/filterengine.h" -#include "libcommon/string.h" - -typedef std::function<void(const std::wstring &)> MessageSink; - -struct PrettyPrintOptions -{ - size_t indent; - bool useSeparator; -}; - -void PrettyPrintProperties(MessageSink, PrettyPrintOptions options, const PropertyList &properties); - -std::wstring GetArgumentValue(const common::string::KeyValuePairs &arguments, const std::wstring &key); diff --git a/wfpctl/src/wfpctl/dllmain.cpp b/wfpctl/src/wfpctl/dllmain.cpp deleted file mode 100644 index 21717c7d4a..0000000000 --- a/wfpctl/src/wfpctl/dllmain.cpp +++ /dev/null @@ -1,11 +0,0 @@ -#include "stdafx.h" -#include <windows.h> - -BOOL APIENTRY DllMain(HMODULE, DWORD, LPVOID) -{ - // - // Avoid doing work in DllMain since the loader lock is held - // - - return TRUE; -} diff --git a/wfpctl/src/wfpctl/iobjectinstaller.h b/wfpctl/src/wfpctl/iobjectinstaller.h deleted file mode 100644 index 1d38d427c3..0000000000 --- a/wfpctl/src/wfpctl/iobjectinstaller.h +++ /dev/null @@ -1,17 +0,0 @@ -#pragma once - -#include "libwfp/iconditionbuilder.h" -#include "libwfp/filterbuilder.h" -#include "libwfp/providerbuilder.h" -#include "libwfp/sublayerbuilder.h" - -struct IObjectInstaller -{ - virtual ~IObjectInstaller() = 0 - { - } - - virtual bool addProvider(wfp::ProviderBuilder &providerBuilder) = 0; - virtual bool addSublayer(wfp::SublayerBuilder &sublayerBuilder) = 0; - virtual bool addFilter(wfp::FilterBuilder &filterBuilder, const wfp::IConditionBuilder &conditionBuilder) = 0; -}; diff --git a/wfpctl/src/wfpctl/mullvadguids.cpp b/wfpctl/src/wfpctl/mullvadguids.cpp deleted file mode 100644 index dbe00b6538..0000000000 --- a/wfpctl/src/wfpctl/mullvadguids.cpp +++ /dev/null @@ -1,380 +0,0 @@ -#include "stdafx.h" -#include "mullvadguids.h" - -//static -const GUID &MullvadGuids::Provider() -{ - static const GUID g = - { - 0x21e1dab8, - 0xb9db, - 0x43c0, - { 0xb3, 0x43, 0xeb, 0x93, 0x65, 0xc7, 0xbd, 0xd2 } - }; - - return g; -} - -//static -const GUID &MullvadGuids::SublayerWhitelist() -{ - static const GUID g = - { - 0x11d1a31a, - 0xd7fa, - 0x469b, - { 0xbc, 0x21, 0xcc, 0xe9, 0x2e, 0x35, 0xfe, 0x90 } - }; - - return g; -} - -//static -const GUID &MullvadGuids::SublayerBlacklist() -{ - static const GUID g = - { - 0x843b74f0, - 0xb499, - 0x499a, - { 0xac, 0xe3, 0xf9, 0xee, 0xa2, 0x4, 0x89, 0xc1 } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterBlockAll_Outbound_Ipv4() -{ - static const GUID g = - { - 0xa81c5411, - 0xfd0, - 0x43a9, - { 0xa9, 0xbe, 0x31, 0x3f, 0x29, 0x9d, 0xe6, 0x4f } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterBlockAll_Outbound_Ipv6() -{ - static const GUID g = - { - 0x8ae5c389, - 0xd604, - 0x43df, - { 0x87, 0x4a, 0x5c, 0x86, 0x76, 0xc9, 0xc2, 0xb8 } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterBlockAll_Inbound_Ipv4() -{ - static const GUID g = - { - 0x86d07155, - 0x885f, - 0x409a, - { 0x8f, 0x22, 0x1, 0x9f, 0x87, 0x7a, 0xe4, 0x9 } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterBlockAll_Inbound_Ipv6() -{ - static const GUID g = - { - 0x18b8c1d2, - 0x5910, - 0x4b51, - { 0xa5, 0x48, 0x1e, 0xfc, 0xd5, 0x4b, 0x63, 0xe9 } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterPermitLan_10_8() -{ - static const GUID g = - { - 0x73fe6348, - 0x62f4, - 0x4686, - { 0x95, 0x47, 0x51, 0xa8, 0x21, 0xb, 0xa3, 0x8f } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterPermitLan_172_16_12() -{ - static const GUID g = - { - 0x7a38dae, - 0x150f, - 0x47f1, - { 0xa6, 0xac, 0x99, 0x3, 0x48, 0x53, 0x83, 0x26 } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterPermitLan_192_168_16() -{ - static const GUID g = - { - 0x518bfc38, - 0xa7c5, - 0x42fe, - { 0xa3, 0xf2, 0xe1, 0x56, 0x24, 0xd7, 0x86, 0x1c } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterPermitLan_Multicast() -{ - static const GUID g = - { - 0xea5e136b, - 0xd951, - 0x4263, - { 0x99, 0xd8, 0x85, 0xc3, 0xf6, 0x4b, 0xda, 0xe9 } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterPermitLanService_10_8() -{ - static const GUID g = - { - 0x24ed3b23, - 0x5d5a, - 0x4f1e, - { 0x8c, 0xfa, 0xfd, 0x68, 0x79, 0x6a, 0x83, 0x8a } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterPermitLanService_172_16_12() -{ - static const GUID g = - { - 0xa925dc62, - 0x54ea, - 0x46f5, - { 0x9d, 0x37, 0xa9, 0x5a, 0xf2, 0x84, 0xc3, 0x6f } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterPermitLanService_192_168_16() -{ - static const GUID g = - { - 0x97fd73cb, - 0x9bf0, - 0x47f2, - { 0x98, 0x69, 0xd1, 0x5e, 0xf3, 0x5c, 0x3a, 0x8 } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterPermitLoopback_Outbound_Ipv4() -{ - static const GUID g = - { - 0xd9ff592d, - 0xbe46, - 0x49fb, - { 0x97, 0xec, 0x71, 0x1, 0x3c, 0x12, 0xb8, 0x30 } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterPermitLoopback_Outbound_Ipv6() -{ - static const GUID g = - { - 0x764d4944, - 0x8a1e, - 0x4d96, - { 0xbf, 0xf0, 0x8d, 0xa6, 0x4f, 0x31, 0x44, 0xa2 } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterPermitLoopback_Inbound_Ipv4() -{ - static const GUID g = - { - 0xb8efb500, - 0xc51, - 0x4550, - { 0xbf, 0x5c, 0x48, 0x54, 0xa6, 0xc8, 0x48, 0xb9 } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterPermitLoopback_Inbound_Ipv6() -{ - static const GUID g = - { - 0xbad325b0, - 0x736c, - 0x4e67, - { 0x8b, 0x37, 0x62, 0xb2, 0xdb, 0xe7, 0xd6, 0xeb } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterPermitDhcp_Outbound_Request() -{ - static const GUID g = - { - 0x6cf1687b, - 0x35e9, - 0x4d18, - { 0xa2, 0x3, 0xb2, 0x6b, 0x71, 0xa9, 0x5f, 0x8d } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterPermitDhcp_Inbound_Response() -{ - static const GUID g = - { - 0x2db298d7, - 0x4108, - 0x47ff, - { 0x85, 0x99, 0xaf, 0xa5, 0xcb, 0x95, 0x9c, 0x25 } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterPermitVpnRelay() -{ - static const GUID g = - { - 0x160c205d, - 0xdb40, - 0x4f79, - { 0x90, 0x6d, 0xfd, 0xa1, 0xe1, 0xc1, 0x8a, 0x70 } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterPermitVpnTunnel_Outbound_Ipv4() -{ - static const GUID g = - { - 0xdfdcbb76, - 0x2284, - 0x4b03, - { 0x93, 0x4e, 0x93, 0xe5, 0xd3, 0x84, 0x8c, 0xf1 } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterPermitVpnTunnel_Outbound_Ipv6() -{ - static const GUID g = - { - 0x9b1fa7d, - 0x843b, - 0x4946, - { 0xa6, 0x2, 0x90, 0x4, 0x26, 0x2a, 0xb8, 0x6b } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterRestrictDns_Outbound_Ipv4() -{ - static const GUID g = - { - 0xc0792b44, - 0xfc3c, - 0x42e8, - { 0xa6, 0x60, 0x25, 0x4b, 0xd0, 0x4, 0xb1, 0x9d } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterRestrictDns_Outbound_Ipv6() -{ - static const GUID g = - { - 0xcde477eb, - 0x2d8a, - 0x45b8, - { 0x9a, 0x3e, 0x9a, 0xa3, 0xbe, 0x4d, 0xe2, 0xb4 } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterRestrictDns_Outbound_Tunnel_Ipv4() -{ - static const GUID g = - { - 0x790445dc, - 0xb23e, - 0x4ab4, - { 0x8e, 0x2f, 0xc7, 0x6, 0x55, 0x5f, 0x94, 0xff } - }; - - return g; -} - -//static -const GUID &MullvadGuids::FilterRestrictDns_Outbound_Tunnel_Ipv6() -{ - static const GUID g = - { - 0xacc90d87, - 0xab77, - 0x4cf4, - { 0x84, 0xee, 0x1d, 0x68, 0x95, 0xf0, 0x66, 0xc2 } - }; - - return g; -} diff --git a/wfpctl/src/wfpctl/mullvadguids.h b/wfpctl/src/wfpctl/mullvadguids.h deleted file mode 100644 index 788b8b8b30..0000000000 --- a/wfpctl/src/wfpctl/mullvadguids.h +++ /dev/null @@ -1,45 +0,0 @@ -#pragma once -#include <guiddef.h> - -class MullvadGuids -{ -public: - - MullvadGuids() = delete; - - static const GUID &Provider(); - static const GUID &SublayerWhitelist(); - static const GUID &SublayerBlacklist(); - - static const GUID &FilterBlockAll_Outbound_Ipv4(); - static const GUID &FilterBlockAll_Outbound_Ipv6(); - static const GUID &FilterBlockAll_Inbound_Ipv4(); - static const GUID &FilterBlockAll_Inbound_Ipv6(); - - static const GUID &FilterPermitLan_10_8(); - static const GUID &FilterPermitLan_172_16_12(); - static const GUID &FilterPermitLan_192_168_16(); - static const GUID &FilterPermitLan_Multicast(); - - static const GUID &FilterPermitLanService_10_8(); - static const GUID &FilterPermitLanService_172_16_12(); - static const GUID &FilterPermitLanService_192_168_16(); - - static const GUID &FilterPermitLoopback_Outbound_Ipv4(); - static const GUID &FilterPermitLoopback_Outbound_Ipv6(); - static const GUID &FilterPermitLoopback_Inbound_Ipv4(); - static const GUID &FilterPermitLoopback_Inbound_Ipv6(); - - static const GUID &FilterPermitDhcp_Outbound_Request(); - static const GUID &FilterPermitDhcp_Inbound_Response(); - - static const GUID &FilterPermitVpnRelay(); - - static const GUID &FilterPermitVpnTunnel_Outbound_Ipv4(); - static const GUID &FilterPermitVpnTunnel_Outbound_Ipv6(); - - static const GUID &FilterRestrictDns_Outbound_Ipv4(); - static const GUID &FilterRestrictDns_Outbound_Ipv6(); - static const GUID &FilterRestrictDns_Outbound_Tunnel_Ipv4(); - static const GUID &FilterRestrictDns_Outbound_Tunnel_Ipv6(); -}; diff --git a/wfpctl/src/wfpctl/mullvadobjects.cpp b/wfpctl/src/wfpctl/mullvadobjects.cpp deleted file mode 100644 index 43618b51b3..0000000000 --- a/wfpctl/src/wfpctl/mullvadobjects.cpp +++ /dev/null @@ -1,46 +0,0 @@ -#include "stdafx.h" -#include "mullvadobjects.h" -#include "mullvadguids.h" - -//static -std::unique_ptr<wfp::ProviderBuilder> MullvadObjects::Provider() -{ - auto builder = std::make_unique<wfp::ProviderBuilder>(); - - (*builder) - .name(L"Mullvad VPN") - .description(L"Mullvad VPN firewall integration") - .key(MullvadGuids::Provider()); - - return builder; -} - -//static -std::unique_ptr<wfp::SublayerBuilder> MullvadObjects::SublayerWhitelist() -{ - auto builder = std::make_unique<wfp::SublayerBuilder>(); - - (*builder) - .name(L"Mullvad VPN whitelist") - .description(L"Filters that permit traffic") - .key(MullvadGuids::SublayerWhitelist()) - .provider(MullvadGuids::Provider()) - .weight(MAXUINT16); - - return builder; -} - -//static -std::unique_ptr<wfp::SublayerBuilder> MullvadObjects::SublayerBlacklist() -{ - auto builder = std::make_unique<wfp::SublayerBuilder>(); - - (*builder) - .name(L"Mullvad VPN blacklist") - .description(L"Filters that block traffic") - .key(MullvadGuids::SublayerBlacklist()) - .provider(MullvadGuids::Provider()) - .weight(MAXUINT16 - 1); - - return builder; -} diff --git a/wfpctl/src/wfpctl/mullvadobjects.h b/wfpctl/src/wfpctl/mullvadobjects.h deleted file mode 100644 index 9a056c9186..0000000000 --- a/wfpctl/src/wfpctl/mullvadobjects.h +++ /dev/null @@ -1,18 +0,0 @@ -#pragma once - -#include "libwfp/providerbuilder.h" -#include "libwfp/sublayerbuilder.h" -#include "libwfp/conditionbuilder.h" -#include "libwfp/filterbuilder.h" -#include <memory> - -class MullvadObjects -{ -public: - - MullvadObjects() = delete; - - static std::unique_ptr<wfp::ProviderBuilder> Provider(); - static std::unique_ptr<wfp::SublayerBuilder> SublayerWhitelist(); - static std::unique_ptr<wfp::SublayerBuilder> SublayerBlacklist(); -}; diff --git a/wfpctl/src/wfpctl/rules/blockall.cpp b/wfpctl/src/wfpctl/rules/blockall.cpp deleted file mode 100644 index 50e7f78b77..0000000000 --- a/wfpctl/src/wfpctl/rules/blockall.cpp +++ /dev/null @@ -1,73 +0,0 @@ -#include "stdafx.h" -#include "blockall.h" -#include "wfpctl/mullvadguids.h" -#include "libwfp/filterbuilder.h" -#include "libwfp/nullconditionbuilder.h" - -namespace rules -{ - -bool BlockAll::apply(IObjectInstaller &objectInstaller) -{ - wfp::FilterBuilder filterBuilder; - - // - // #1 block outbound connections, ipv4 - // - - filterBuilder - .key(MullvadGuids::FilterBlockAll_Outbound_Ipv4()) - .name(L"Block all outbound connections") - .description(L"This filter is part of a rule that restricts inbound and outbound traffic") - .provider(MullvadGuids::Provider()) - .layer(FWPM_LAYER_ALE_AUTH_CONNECT_V4) - .sublayer(MullvadGuids::SublayerWhitelist()) - .weight(wfp::FilterBuilder::WeightClass::Min) - .block(); - - wfp::NullConditionBuilder nullConditionBuilder; - - if (false == objectInstaller.addFilter(filterBuilder, nullConditionBuilder)) - { - return false; - } - - // - // #2 block outbound connections, ipv6 - // - - filterBuilder - .key(MullvadGuids::FilterBlockAll_Outbound_Ipv6()) - .layer(FWPM_LAYER_ALE_AUTH_CONNECT_V6); - - if (false == objectInstaller.addFilter(filterBuilder, nullConditionBuilder)) - { - return false; - } - - // - // #3 block inbound connections, ipv4 - // - - filterBuilder - .key(MullvadGuids::FilterBlockAll_Inbound_Ipv4()) - .name(L"Block all inbound connections") - .layer(FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4); - - if (false == objectInstaller.addFilter(filterBuilder, nullConditionBuilder)) - { - return false; - } - - // - // #4 block inbound connections, ipv6 - // - - filterBuilder - .key(MullvadGuids::FilterBlockAll_Inbound_Ipv6()) - .layer(FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V6); - - return objectInstaller.addFilter(filterBuilder, nullConditionBuilder); -} - -} diff --git a/wfpctl/src/wfpctl/rules/blockall.h b/wfpctl/src/wfpctl/rules/blockall.h deleted file mode 100644 index c60c43fa1d..0000000000 --- a/wfpctl/src/wfpctl/rules/blockall.h +++ /dev/null @@ -1,18 +0,0 @@ -#pragma once - -#include "ifirewallrule.h" - -namespace rules -{ - -class BlockAll : public IFirewallRule -{ -public: - - BlockAll() = default; - ~BlockAll() = default; - - bool apply(IObjectInstaller &objectInstaller) override; -}; - -} diff --git a/wfpctl/src/wfpctl/rules/ifirewallrule.h b/wfpctl/src/wfpctl/rules/ifirewallrule.h deleted file mode 100644 index 827fb6fb51..0000000000 --- a/wfpctl/src/wfpctl/rules/ifirewallrule.h +++ /dev/null @@ -1,25 +0,0 @@ -#pragma once - -#include "wfpctl/iobjectinstaller.h" - -// -// A firewall rule uses one of more filters to implement a concept -// E.g. "allow lan traffic" -// - -namespace rules -{ - -struct IFirewallRule -{ - virtual ~IFirewallRule() = 0 - { - } - - //virtual std::wstring name() = 0; - //virtual std::vector<std::wstring> details() = 0; // doesn't work? because there can be multiple filters each with multiple conditions - - virtual bool apply(IObjectInstaller &objectInstaller) = 0; -}; - -} diff --git a/wfpctl/src/wfpctl/rules/permitdhcp.cpp b/wfpctl/src/wfpctl/rules/permitdhcp.cpp deleted file mode 100644 index 7cf3bcbf7e..0000000000 --- a/wfpctl/src/wfpctl/rules/permitdhcp.cpp +++ /dev/null @@ -1,74 +0,0 @@ -#include "stdafx.h" -#include "permitdhcp.h" -#include "wfpctl/mullvadguids.h" -#include "libwfp/filterbuilder.h" -#include "libwfp/conditionbuilder.h" -#include "libwfp/ipaddress.h" -#include "libwfp/conditions/conditionprotocol.h" -#include "libwfp/conditions/conditionport.h" -#include "libwfp/conditions/conditionip.h" -#include "libwfp/conditions/conditionport.h" - -using namespace wfp::conditions; - -namespace rules -{ - -bool PermitDhcp::apply(IObjectInstaller &objectInstaller) -{ - // - // First UDP packet for a unique [remote address, port] tuple is mapped into: - // - // outbound: FWPM_LAYER_ALE_AUTH_CONNECT_V{4|6} - // inbound: FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V{4|6} - // - - wfp::FilterBuilder filterBuilder; - - // - // #1 permit outbound DHCP request - // - - filterBuilder - .key(MullvadGuids::FilterPermitDhcp_Outbound_Request()) - .name(L"Permit outbound DHCP request") - .description(L"This filter is part of a rule that permits DHCP client traffic") - .provider(MullvadGuids::Provider()) - .layer(FWPM_LAYER_ALE_AUTH_CONNECT_V4) - .sublayer(MullvadGuids::SublayerWhitelist()) - .weight(wfp::FilterBuilder::WeightClass::Max) - .permit(); - - { - wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_CONNECT_V4); - - conditionBuilder.add_condition(ConditionProtocol::Udp()); - conditionBuilder.add_condition(ConditionPort::Local(68)); - conditionBuilder.add_condition(ConditionIp::Remote(wfp::IpAddress::Literal({ 255, 255, 255, 255 }))); - conditionBuilder.add_condition(ConditionPort::Remote(67)); - - if (!objectInstaller.addFilter(filterBuilder, conditionBuilder)) - { - return false; - } - } - - // - // #2 permit inbound DHCP response - // - - filterBuilder - .key(MullvadGuids::FilterPermitDhcp_Inbound_Response()) - .name(L"Permit inbound DHCP response") - .layer(FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4); - - wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4); - - conditionBuilder.add_condition(ConditionProtocol::Udp()); - conditionBuilder.add_condition(ConditionPort::Remote(67)); - conditionBuilder.add_condition(ConditionPort::Local(68)); - - return objectInstaller.addFilter(filterBuilder, conditionBuilder); -} - -} diff --git a/wfpctl/src/wfpctl/rules/permitdhcp.h b/wfpctl/src/wfpctl/rules/permitdhcp.h deleted file mode 100644 index 58bd90bfa5..0000000000 --- a/wfpctl/src/wfpctl/rules/permitdhcp.h +++ /dev/null @@ -1,18 +0,0 @@ -#pragma once - -#include "ifirewallrule.h" - -namespace rules -{ - -class PermitDhcp : public IFirewallRule -{ -public: - - PermitDhcp() = default; - ~PermitDhcp() = default; - - bool apply(IObjectInstaller &objectInstaller) override; -}; - -} diff --git a/wfpctl/src/wfpctl/rules/permitlan.cpp b/wfpctl/src/wfpctl/rules/permitlan.cpp deleted file mode 100644 index ddf51d27e0..0000000000 --- a/wfpctl/src/wfpctl/rules/permitlan.cpp +++ /dev/null @@ -1,96 +0,0 @@ -#include "stdafx.h" -#include "permitlan.h" -#include "wfpctl/mullvadguids.h" -#include "libwfp/filterbuilder.h" -#include "libwfp/conditionbuilder.h" -#include "libwfp/ipaddress.h" -#include "libwfp/conditions/conditionip.h" - -using namespace wfp::conditions; - -namespace rules -{ - -bool PermitLan::apply(IObjectInstaller &objectInstaller) -{ - wfp::FilterBuilder filterBuilder; - - // - // #1 locally-initiated on 10/8 - // - - filterBuilder - .key(MullvadGuids::FilterPermitLan_10_8()) - .name(L"Permit locally-initiated traffic on 10/8") - .description(L"This filter is part of a rule that permits LAN traffic") - .provider(MullvadGuids::Provider()) - .layer(FWPM_LAYER_ALE_AUTH_CONNECT_V4) - .sublayer(MullvadGuids::SublayerWhitelist()) - .weight(wfp::FilterBuilder::WeightClass::Max) - .permit(); - - wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_CONNECT_V4); - - conditionBuilder.add_condition(ConditionIp::Local(wfp::IpAddress::Literal({ 10, 0, 0, 0 }), uint8_t(8))); - conditionBuilder.add_condition(ConditionIp::Remote(wfp::IpAddress::Literal({ 10, 0, 0, 0 }), uint8_t(8))); - - if (!objectInstaller.addFilter(filterBuilder, conditionBuilder)) - { - return false; - } - - // - // #2 locally-initiated on 172.16/12 - // - - filterBuilder - .key(MullvadGuids::FilterPermitLan_172_16_12()) - .name(L"Permit locally-initiated traffic on 172.16/12"); - - conditionBuilder.reset(); - - conditionBuilder.add_condition(ConditionIp::Local(wfp::IpAddress::Literal({ 172, 16, 0, 0 }), uint8_t(12))); - conditionBuilder.add_condition(ConditionIp::Remote(wfp::IpAddress::Literal({ 172, 16, 0, 0 }), uint8_t(12))); - - if (!objectInstaller.addFilter(filterBuilder, conditionBuilder)) - { - return false; - } - - // - // #3 locally-initiated on 192.168/16 - // - - filterBuilder - .key(MullvadGuids::FilterPermitLan_192_168_16()) - .name(L"Permit locally-initiated traffic on 192.168/16"); - - conditionBuilder.reset(); - - conditionBuilder.add_condition(ConditionIp::Local(wfp::IpAddress::Literal({ 192, 168, 0, 0 }), uint8_t(16))); - conditionBuilder.add_condition(ConditionIp::Remote(wfp::IpAddress::Literal({ 192, 168, 0, 0 }), uint8_t(16))); - - if (!objectInstaller.addFilter(filterBuilder, conditionBuilder)) - { - return false; - } - - // - // #4 LAN to multicast - // - - filterBuilder - .key(MullvadGuids::FilterPermitLan_Multicast()) - .name(L"Permit locally-initiated multicast traffic"); - - conditionBuilder.reset(); - - conditionBuilder.add_condition(ConditionIp::Local(wfp::IpAddress::Literal({ 10, 0, 0, 0 }), uint8_t(8))); - conditionBuilder.add_condition(ConditionIp::Local(wfp::IpAddress::Literal({ 172, 16, 0, 0 }), uint8_t(12))); - conditionBuilder.add_condition(ConditionIp::Local(wfp::IpAddress::Literal({ 192, 168, 0, 0 }), uint8_t(16))); - conditionBuilder.add_condition(ConditionIp::Remote(wfp::IpAddress::Literal({ 224, 0, 0, 0 }), uint8_t(24))); - - return objectInstaller.addFilter(filterBuilder, conditionBuilder); -} - -} diff --git a/wfpctl/src/wfpctl/rules/permitlan.h b/wfpctl/src/wfpctl/rules/permitlan.h deleted file mode 100644 index 9194b0bcd7..0000000000 --- a/wfpctl/src/wfpctl/rules/permitlan.h +++ /dev/null @@ -1,18 +0,0 @@ -#pragma once - -#include "ifirewallrule.h" - -namespace rules -{ - -class PermitLan : public IFirewallRule -{ -public: - - PermitLan() = default; - ~PermitLan() = default; - - bool apply(IObjectInstaller &objectInstaller) override; -}; - -} diff --git a/wfpctl/src/wfpctl/rules/permitlanservice.cpp b/wfpctl/src/wfpctl/rules/permitlanservice.cpp deleted file mode 100644 index 4f4d5a9c59..0000000000 --- a/wfpctl/src/wfpctl/rules/permitlanservice.cpp +++ /dev/null @@ -1,76 +0,0 @@ -#include "stdafx.h" -#include "permitlanservice.h" -#include "wfpctl/mullvadguids.h" -#include "libwfp/filterbuilder.h" -#include "libwfp/conditionbuilder.h" -#include "libwfp/ipaddress.h" -#include "libwfp/conditions/conditionip.h" - -using namespace wfp::conditions; - -namespace rules -{ - -bool PermitLanService::apply(IObjectInstaller &objectInstaller) -{ - wfp::FilterBuilder filterBuilder; - - // - // #1 incoming request on 10/8 - // - - filterBuilder - .key(MullvadGuids::FilterPermitLanService_10_8()) - .name(L"Permit incoming requests on 10/8") - .description(L"This filter is part of a rule that permits hosting services in a LAN environment") - .provider(MullvadGuids::Provider()) - .layer(FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4) - .sublayer(MullvadGuids::SublayerWhitelist()) - .weight(wfp::FilterBuilder::WeightClass::Max) - .permit(); - - wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4); - - conditionBuilder.add_condition(ConditionIp::Local(wfp::IpAddress::Literal({ 10, 0, 0, 0 }), uint8_t(8))); - conditionBuilder.add_condition(ConditionIp::Remote(wfp::IpAddress::Literal({ 10, 0, 0, 0 }), uint8_t(8))); - - if (!objectInstaller.addFilter(filterBuilder, conditionBuilder)) - { - return false; - } - - // - // #2 incoming request on 172.16/12 - // - - filterBuilder - .key(MullvadGuids::FilterPermitLanService_172_16_12()) - .name(L"Permit incoming requests on 172.16/12"); - - conditionBuilder.reset(); - - conditionBuilder.add_condition(ConditionIp::Local(wfp::IpAddress::Literal({ 172, 16, 0, 0 }), uint8_t(12))); - conditionBuilder.add_condition(ConditionIp::Remote(wfp::IpAddress::Literal({ 172, 16, 0, 0 }), uint8_t(12))); - - if (!objectInstaller.addFilter(filterBuilder, conditionBuilder)) - { - return false; - } - - // - // #3 incoming request on 192.168/16 - // - - filterBuilder - .key(MullvadGuids::FilterPermitLanService_192_168_16()) - .name(L"Permit incoming requests on 192.168/16"); - - conditionBuilder.reset(); - - conditionBuilder.add_condition(ConditionIp::Local(wfp::IpAddress::Literal({ 192, 168, 0, 0 }), uint8_t(16))); - conditionBuilder.add_condition(ConditionIp::Remote(wfp::IpAddress::Literal({ 192, 168, 0, 0 }), uint8_t(16))); - - return objectInstaller.addFilter(filterBuilder, conditionBuilder); -} - -} diff --git a/wfpctl/src/wfpctl/rules/permitlanservice.h b/wfpctl/src/wfpctl/rules/permitlanservice.h deleted file mode 100644 index be482386a3..0000000000 --- a/wfpctl/src/wfpctl/rules/permitlanservice.h +++ /dev/null @@ -1,18 +0,0 @@ -#pragma once - -#include "ifirewallrule.h" - -namespace rules -{ - -class PermitLanService : public IFirewallRule -{ -public: - - PermitLanService() = default; - ~PermitLanService() = default; - - bool apply(IObjectInstaller &objectInstaller) override; -}; - -} diff --git a/wfpctl/src/wfpctl/rules/permitloopback.cpp b/wfpctl/src/wfpctl/rules/permitloopback.cpp deleted file mode 100644 index 3247a4e8ec..0000000000 --- a/wfpctl/src/wfpctl/rules/permitloopback.cpp +++ /dev/null @@ -1,96 +0,0 @@ -#include "stdafx.h" -#include "permitloopback.h" -#include "wfpctl/mullvadguids.h" -#include "libwfp/filterbuilder.h" -#include "libwfp/conditionbuilder.h" -#include "libwfp/conditions/conditionloopback.h" - -using namespace wfp::conditions; - -namespace rules -{ - -bool PermitLoopback::apply(IObjectInstaller &objectInstaller) -{ - wfp::FilterBuilder filterBuilder; - - // - // #1 permit outbound connections, ipv4 - // - - filterBuilder - .key(MullvadGuids::FilterPermitLoopback_Outbound_Ipv4()) - .name(L"Permit outbound connections on loopback") - .description(L"This filter is part of a rule that permits all loopback traffic") - .provider(MullvadGuids::Provider()) - .layer(FWPM_LAYER_ALE_AUTH_CONNECT_V4) - .sublayer(MullvadGuids::SublayerWhitelist()) - .weight(wfp::FilterBuilder::WeightClass::Max) - .permit(); - - { - wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_CONNECT_V4); - - conditionBuilder.add_condition(std::make_unique<ConditionLoopback>()); - - if (false == objectInstaller.addFilter(filterBuilder, conditionBuilder)) - { - return false; - } - } - - // - // #2 permit outbound connections, ipv6 - // - - filterBuilder - .key(MullvadGuids::FilterPermitLoopback_Outbound_Ipv6()) - .layer(FWPM_LAYER_ALE_AUTH_CONNECT_V6); - - { - wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_CONNECT_V6); - - conditionBuilder.add_condition(std::make_unique<ConditionLoopback>()); - - if (false == objectInstaller.addFilter(filterBuilder, conditionBuilder)) - { - return false; - } - } - - // - // #3 permit inbound connections, ipv4 - // - - filterBuilder - .key(MullvadGuids::FilterPermitLoopback_Inbound_Ipv4()) - .name(L"Permit inbound connections on loopback") - .layer(FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4); - - { - wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V4); - - conditionBuilder.add_condition(std::make_unique<ConditionLoopback>()); - - if (false == objectInstaller.addFilter(filterBuilder, conditionBuilder)) - { - return false; - } - } - - // - // #4 permit inbound connections, ipv6 - // - - filterBuilder - .key(MullvadGuids::FilterPermitLoopback_Inbound_Ipv6()) - .layer(FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V6); - - wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_RECV_ACCEPT_V6); - - conditionBuilder.add_condition(std::make_unique<ConditionLoopback>()); - - return objectInstaller.addFilter(filterBuilder, conditionBuilder); -} - -} diff --git a/wfpctl/src/wfpctl/rules/permitloopback.h b/wfpctl/src/wfpctl/rules/permitloopback.h deleted file mode 100644 index 71694c353d..0000000000 --- a/wfpctl/src/wfpctl/rules/permitloopback.h +++ /dev/null @@ -1,18 +0,0 @@ -#pragma once - -#include "ifirewallrule.h" - -namespace rules -{ - -class PermitLoopback : public IFirewallRule -{ -public: - - PermitLoopback() = default; - ~PermitLoopback() = default; - - bool apply(IObjectInstaller &objectInstaller) override; -}; - -} diff --git a/wfpctl/src/wfpctl/rules/permitvpnrelay.cpp b/wfpctl/src/wfpctl/rules/permitvpnrelay.cpp deleted file mode 100644 index 6cfa02ed92..0000000000 --- a/wfpctl/src/wfpctl/rules/permitvpnrelay.cpp +++ /dev/null @@ -1,80 +0,0 @@ -#include "stdafx.h" -#include "permitvpnrelay.h" -#include "wfpctl/mullvadguids.h" -#include "libwfp/filterbuilder.h" -#include "libwfp/conditionbuilder.h" -#include "libwfp/conditions/conditionprotocol.h" -#include "libwfp/conditions/conditionip.h" -#include "libwfp/conditions/conditionport.h" - -using namespace wfp::conditions; - -namespace rules -{ - -namespace -{ - -const GUID &LayerFromIp(const wfp::IpAddress &ip) -{ - switch (ip.type()) - { - case wfp::IpAddress::Type::Ipv4: return FWPM_LAYER_ALE_AUTH_CONNECT_V4; - case wfp::IpAddress::Type::Ipv6: return FWPM_LAYER_ALE_AUTH_CONNECT_V6; - default: - { - throw std::logic_error("Missing case handler in switch clause"); - } - }; -} - -std::unique_ptr<ConditionProtocol> CreateProtocolCondition(PermitVpnRelay::Protocol protocol) -{ - switch (protocol) - { - case PermitVpnRelay::Protocol::Tcp: return ConditionProtocol::Tcp(); - case PermitVpnRelay::Protocol::Udp: return ConditionProtocol::Udp(); - default: - { - throw std::logic_error("Missing case handler in switch clause"); - } - }; -} - -} // anonymous namespace - -PermitVpnRelay::PermitVpnRelay(const wfp::IpAddress &relay, uint16_t relayPort, Protocol protocol) - : m_relay(relay) - , m_relayPort(relayPort) - , m_protocol(protocol) -{ -} - -bool PermitVpnRelay::apply(IObjectInstaller &objectInstaller) -{ - wfp::FilterBuilder filterBuilder; - - // - // #1 permit connecting to relay - // - - filterBuilder - .key(MullvadGuids::FilterPermitVpnRelay()) - .name(L"Permit outbound connections to VPN relay") - .description(L"This filter is part of a rule that permits communication with a VPN relay") - .provider(MullvadGuids::Provider()) - .layer(LayerFromIp(m_relay)) - .sublayer(MullvadGuids::SublayerWhitelist()) - .weight(wfp::FilterBuilder::WeightClass::Max) - .permit(); - - wfp::ConditionBuilder conditionBuilder(LayerFromIp(m_relay)); - - conditionBuilder.add_condition(ConditionIp::Remote(m_relay)); - conditionBuilder.add_condition(ConditionPort::Remote(m_relayPort)); - conditionBuilder.add_condition(CreateProtocolCondition(m_protocol)); - - return objectInstaller.addFilter(filterBuilder, conditionBuilder); -} - -} diff --git a/wfpctl/src/wfpctl/rules/permitvpnrelay.h b/wfpctl/src/wfpctl/rules/permitvpnrelay.h deleted file mode 100644 index c5ae8b024a..0000000000 --- a/wfpctl/src/wfpctl/rules/permitvpnrelay.h +++ /dev/null @@ -1,30 +0,0 @@ -#pragma once - -#include "ifirewallrule.h" -#include "libwfp/ipaddress.h" - -namespace rules -{ - -class PermitVpnRelay : public IFirewallRule -{ -public: - - enum class Protocol - { - Tcp, - Udp - }; - - PermitVpnRelay(const wfp::IpAddress &relay, uint16_t relayPort, Protocol protocol); - - bool apply(IObjectInstaller &objectInstaller) override; - -private: - - const wfp::IpAddress m_relay; - const uint16_t m_relayPort; - const Protocol m_protocol; -}; - -} diff --git a/wfpctl/src/wfpctl/rules/permitvpntunnel.cpp b/wfpctl/src/wfpctl/rules/permitvpntunnel.cpp deleted file mode 100644 index fadd606791..0000000000 --- a/wfpctl/src/wfpctl/rules/permitvpntunnel.cpp +++ /dev/null @@ -1,62 +0,0 @@ -#include "stdafx.h" -#include "permitvpntunnel.h" -#include "wfpctl/mullvadguids.h" -#include "libwfp/filterbuilder.h" -#include "libwfp/conditionbuilder.h" -#include "libwfp/conditions/conditioninterface.h" - -using namespace wfp::conditions; - -namespace rules -{ - -PermitVpnTunnel::PermitVpnTunnel(const std::wstring &tunnelInterfaceAlias) - : m_tunnelInterfaceAlias(tunnelInterfaceAlias) -{ -} - -bool PermitVpnTunnel::apply(IObjectInstaller &objectInstaller) -{ - wfp::FilterBuilder filterBuilder; - - // - // #1 permit locally-initiated traffic on tunnel interface, ipv4 - // - - filterBuilder - .key(MullvadGuids::FilterPermitVpnTunnel_Outbound_Ipv4()) - .name(L"Permit locally-initiated traffic on tunnel interface") - .description(L"This filter is part of a rule that permits communications inside the VPN tunnel") - .provider(MullvadGuids::Provider()) - .layer(FWPM_LAYER_ALE_AUTH_CONNECT_V4) - .sublayer(MullvadGuids::SublayerWhitelist()) - .weight(wfp::FilterBuilder::WeightClass::Max) - .permit(); - - { - wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_CONNECT_V4); - - conditionBuilder.add_condition(ConditionInterface::Alias(m_tunnelInterfaceAlias)); - - if (!objectInstaller.addFilter(filterBuilder, conditionBuilder)) - { - return false; - } - } - - // - // #2 permit locally-initiated traffic on tunnel interface, ipv6 - // - - filterBuilder - .key(MullvadGuids::FilterPermitVpnTunnel_Outbound_Ipv6()) - .layer(FWPM_LAYER_ALE_AUTH_CONNECT_V6); - - wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_CONNECT_V6); - - conditionBuilder.add_condition(ConditionInterface::Alias(m_tunnelInterfaceAlias)); - - return objectInstaller.addFilter(filterBuilder, conditionBuilder); -} - -} diff --git a/wfpctl/src/wfpctl/rules/permitvpntunnel.h b/wfpctl/src/wfpctl/rules/permitvpntunnel.h deleted file mode 100644 index 49c1b028ab..0000000000 --- a/wfpctl/src/wfpctl/rules/permitvpntunnel.h +++ /dev/null @@ -1,22 +0,0 @@ -#pragma once - -#include "ifirewallrule.h" -#include <string> - -namespace rules -{ - -class PermitVpnTunnel : public IFirewallRule -{ -public: - - PermitVpnTunnel(const std::wstring &tunnelInterfaceAlias); - - bool apply(IObjectInstaller &objectInstaller) override; - -private: - - const std::wstring m_tunnelInterfaceAlias; -}; - -} diff --git a/wfpctl/src/wfpctl/rules/restrictdns.cpp b/wfpctl/src/wfpctl/rules/restrictdns.cpp deleted file mode 100644 index 0d868c0428..0000000000 --- a/wfpctl/src/wfpctl/rules/restrictdns.cpp +++ /dev/null @@ -1,148 +0,0 @@ -#include "stdafx.h" -#include "restrictdns.h" -#include "wfpctl/mullvadguids.h" -#include "libwfp/filterbuilder.h" -#include "libwfp/conditionbuilder.h" -#include "libwfp/conditions/conditioninterface.h" -#include "libwfp/conditions/conditionip.h" -#include "libwfp/conditions/conditionport.h" - -using namespace wfp::conditions; - -namespace rules -{ - -RestrictDns::RestrictDns(const std::wstring &tunnelInterfaceAlias, const wfp::IpAddress &dns) - : m_tunnelInterfaceAlias(tunnelInterfaceAlias) - , m_dns(dns) -{ -} - -bool RestrictDns::apply(IObjectInstaller &objectInstaller) -{ - wfp::FilterBuilder filterBuilder; - - // - // Requires that the following rules are in effect: - // - // BlockAll - // PermitVpnTunnel - // - // TODO: Have each rule specify requirements? - // - - filterBuilder - .key(MullvadGuids::FilterRestrictDns_Outbound_Ipv4()) - .name(L"Block DNS requests outside the VPN tunnel") - .description(L"This filter is part of a rule that restricts DNS traffic") - .provider(MullvadGuids::Provider()) - .layer(FWPM_LAYER_ALE_AUTH_CONNECT_V4) - .sublayer(MullvadGuids::SublayerBlacklist()) - .weight(wfp::FilterBuilder::WeightClass::Max) - .block(); - - { - wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_CONNECT_V4); - - conditionBuilder.add_condition(ConditionPort::Remote(53)); - conditionBuilder.add_condition(ConditionInterface::Alias(m_tunnelInterfaceAlias, CompareNeq())); - - if (!objectInstaller.addFilter(filterBuilder, conditionBuilder)) - { - return false; - } - } - - // - // IPv6 also - // - - filterBuilder - .key(MullvadGuids::FilterRestrictDns_Outbound_Ipv6()) - .layer(FWPM_LAYER_ALE_AUTH_CONNECT_V6); - - { - wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_CONNECT_V6); - - conditionBuilder.add_condition(ConditionPort::Remote(53)); - conditionBuilder.add_condition(ConditionInterface::Alias(m_tunnelInterfaceAlias, CompareNeq())); - - if (!objectInstaller.addFilter(filterBuilder, conditionBuilder)) - { - return false; - } - } - - // - // This next part is a little redundant since the entire rule could be defined - // using three filters. Let's use four filters to maintain some kind of readability. - // - // The reason it would be possible to use three filters is because the single DNS - // is going to be either v4 or v6, so all requests that cannot be sent to the DNS - // will have to be blocked (thereby shadowing one of the filters above). - // - - filterBuilder - .name(L"Restrict DNS requests inside the VPN tunnel"); - - if (m_dns.type() == wfp::IpAddress::Type::Ipv4) - { - filterBuilder - .key(MullvadGuids::FilterRestrictDns_Outbound_Tunnel_Ipv4()) - .layer(FWPM_LAYER_ALE_AUTH_CONNECT_V4); - - { - wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_CONNECT_V4); - - conditionBuilder.add_condition(ConditionPort::Remote(53)); - conditionBuilder.add_condition(ConditionIp::Remote(m_dns, CompareNeq())); - - if (!objectInstaller.addFilter(filterBuilder, conditionBuilder)) - { - return false; - } - } - - filterBuilder - .key(MullvadGuids::FilterRestrictDns_Outbound_Tunnel_Ipv6()) - .layer(FWPM_LAYER_ALE_AUTH_CONNECT_V6); - - wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_CONNECT_V6); - - conditionBuilder.add_condition(ConditionPort::Remote(53)); - - return objectInstaller.addFilter(filterBuilder, conditionBuilder); - } - - // - // Specified DNS is IPv6 - // - - filterBuilder - .key(MullvadGuids::FilterRestrictDns_Outbound_Tunnel_Ipv6()) - .layer(FWPM_LAYER_ALE_AUTH_CONNECT_V6); - - { - wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_CONNECT_V6); - - conditionBuilder.add_condition(ConditionPort::Remote(53)); - conditionBuilder.add_condition(ConditionIp::Remote(m_dns, CompareNeq())); - - if (!objectInstaller.addFilter(filterBuilder, conditionBuilder)) - { - return false; - } - } - - filterBuilder - .key(MullvadGuids::FilterRestrictDns_Outbound_Tunnel_Ipv4()) - .layer(FWPM_LAYER_ALE_AUTH_CONNECT_V4); - - wfp::ConditionBuilder conditionBuilder(FWPM_LAYER_ALE_AUTH_CONNECT_V4); - - conditionBuilder.add_condition(ConditionPort::Remote(53)); - - return objectInstaller.addFilter(filterBuilder, conditionBuilder); -} - -} diff --git a/wfpctl/src/wfpctl/rules/restrictdns.h b/wfpctl/src/wfpctl/rules/restrictdns.h deleted file mode 100644 index da09e970d3..0000000000 --- a/wfpctl/src/wfpctl/rules/restrictdns.h +++ /dev/null @@ -1,24 +0,0 @@ -#pragma once - -#include "ifirewallrule.h" -#include "libwfp/ipaddress.h" -#include <string> - -namespace rules -{ - -class RestrictDns : public IFirewallRule -{ -public: - - RestrictDns(const std::wstring &tunnelInterfaceAlias, const wfp::IpAddress &dns); - - bool apply(IObjectInstaller &objectInstaller) override; - -private: - - const std::wstring m_tunnelInterfaceAlias; - const wfp::IpAddress m_dns; -}; - -} diff --git a/wfpctl/src/wfpctl/sessioncontroller.cpp b/wfpctl/src/wfpctl/sessioncontroller.cpp deleted file mode 100644 index 2965233600..0000000000 --- a/wfpctl/src/wfpctl/sessioncontroller.cpp +++ /dev/null @@ -1,248 +0,0 @@ -#include "stdafx.h" -#include "sessioncontroller.h" -#include "libwfp/objectinstaller.h" -#include "libwfp/objectdeleter.h" -#include "libwfp/transaction.h" -#include "libcommon/memory.h" -#include <utility> - -namespace -{ - -template<typename T> -void EraseBack(T &container, size_t elements) -{ - if (elements >= container.size()) - { - container.clear(); - } - else - { - container.erase - ( - std::next(container.begin(), container.size() - elements), - container.end() - ); - } -} - -template<typename T> -void ProcessReverse(T &container, size_t elements, std::function<void(typename T::value_type &)> f) -{ - auto it = container.rbegin(); - auto end = std::next(it, elements); - - while (it != end) - { - f(*it++); - } -} - -bool CheckpointKeyToIndex(const std::vector<SessionRecord> &container, uint32_t key, size_t &elementIndex) -{ - auto index = 0; - - for (auto it = container.begin(); it != container.end(); ++it, ++index) - { - if (it->key() == key) - { - elementIndex = index; - return true; - } - } - - return false; -} - -} // anonymous namespace - -SessionController::SessionController(std::unique_ptr<wfp::FilterEngine> &&engine) - : m_engine(std::move(engine)) - , m_activeTransaction(false) -{ -} - -SessionController::~SessionController() -{ - // - // TODO: Review destruction of this instance and its owner. - // - - try - { - executeTransaction([this]() - { - reset(); - return true; - }); - } - catch (...) - { - return; - } -} - -bool SessionController::addProvider(wfp::ProviderBuilder &providerBuilder) -{ - if (false == m_activeTransaction) - { - throw std::runtime_error("Cannot add provider outside transaction"); - } - - GUID key; - - auto status = wfp::ObjectInstaller::AddProvider(*m_engine, providerBuilder, &key); - - if (status) - { - m_transactionRecords.emplace_back(SessionRecord(key, SessionRecord::ObjectType::Provider)); - } - - return status; -} - -bool SessionController::addSublayer(wfp::SublayerBuilder &sublayerBuilder) -{ - if (false == m_activeTransaction) - { - throw std::runtime_error("Cannot add sublayer outside transaction"); - } - - GUID key; - - auto status = wfp::ObjectInstaller::AddSublayer(*m_engine, sublayerBuilder, &key); - - if (status) - { - m_transactionRecords.emplace_back(SessionRecord(key, SessionRecord::ObjectType::Sublayer)); - } - - return status; -} - -bool SessionController::addFilter(wfp::FilterBuilder &filterBuilder, const wfp::IConditionBuilder &conditionBuilder) -{ - if (false == m_activeTransaction) - { - throw std::runtime_error("Cannot add filter outside transaction"); - } - - UINT64 id; - - auto status = wfp::ObjectInstaller::AddFilter(*m_engine, filterBuilder, conditionBuilder, &id); - - if (status) - { - m_transactionRecords.emplace_back(SessionRecord(id)); - } - - return status; -} - -bool SessionController::executeTransaction(std::function<bool()> operation) -{ - if (m_activeTransaction.exchange(true)) - { - throw std::runtime_error("Recursive/concurrent transactions are not supported"); - } - - common::memory::ScopeDestructor scopeDestructor; - - scopeDestructor += [this]() - { - m_activeTransaction.store(false); - }; - - m_transactionRecords = m_records; - - auto status = wfp::Transaction::Execute(*m_engine, operation); - - if (status) - { - m_records.swap(m_transactionRecords); - } - - return status; -} - -bool SessionController::executeReadOnlyTransaction(std::function<bool()> operation) -{ - if (m_activeTransaction.exchange(true)) - { - throw std::runtime_error("Recursive/concurrent transactions are not supported"); - } - - common::memory::ScopeDestructor scopeDestructor; - - scopeDestructor += [this]() - { - m_activeTransaction.store(false); - }; - - return wfp::Transaction::ExecuteReadOnly(*m_engine, operation); -} - -uint32_t SessionController::checkpoint() -{ - if (m_activeTransaction) - { - throw std::runtime_error("Cannot read checkpoint key while in transaction"); - } - - if (m_records.empty()) - { - return 0; - } - - return m_records.back().key(); -} - -void SessionController::revert(uint32_t key) -{ - if (false == m_activeTransaction) - { - throw std::runtime_error("Cannot revert session state outside transaction"); - } - - size_t elementIndex = 0; - - if (false == CheckpointKeyToIndex(m_transactionRecords, key, elementIndex)) - { - throw std::runtime_error("Invalid checkpoint key (checkpoint may have been overwritten?)"); - } - - const size_t numRemove = m_transactionRecords.size() - (elementIndex + 1); - - rewindState(numRemove); -} - -void SessionController::reset() -{ - if (false == m_activeTransaction) - { - throw std::runtime_error("Cannot reset session state outside transaction"); - } - - rewindState(m_transactionRecords.size()); -} - -void SessionController::rewindState(size_t steps) -{ - auto purged = 0; - - try - { - ProcessReverse(m_transactionRecords, steps, [this, &purged](SessionRecord &record) - { - record.purge(*m_engine); - ++purged; - }); - } - catch (...) - { - EraseBack(m_transactionRecords, purged); - throw; - } - - EraseBack(m_transactionRecords, steps); -} diff --git a/wfpctl/src/wfpctl/sessioncontroller.h b/wfpctl/src/wfpctl/sessioncontroller.h deleted file mode 100644 index 61163533c4..0000000000 --- a/wfpctl/src/wfpctl/sessioncontroller.h +++ /dev/null @@ -1,55 +0,0 @@ -#pragma once - -#include "iobjectinstaller.h" -#include "sessionrecord.h" -#include "libwfp/filterengine.h" -#include <atomic> -#include <memory> -#include <vector> - -class SessionController : public IObjectInstaller -{ -public: - - SessionController(std::unique_ptr<wfp::FilterEngine> &&engine); - ~SessionController(); - - bool addProvider(wfp::ProviderBuilder &providerBuilder) override; - bool addSublayer(wfp::SublayerBuilder &sublayerBuilder) override; - bool addFilter(wfp::FilterBuilder &filterBuilder, const wfp::IConditionBuilder &conditionBuilder) override; - - bool executeTransaction(std::function<bool()> operation); - bool executeReadOnlyTransaction(std::function<bool()> operation); - - // - // Retrieve checkpoint key that can be used to restore the current session state - // This should be done outside of an active transaction - // - uint32_t checkpoint(); - - // - // Purge objects in the stack and return to an earlier state - // Use only inside active transaction - // - void revert(uint32_t key); - - // - // Purge all objects in the stack - // Use only inside active transaction - // - void reset(); - -private: - - SessionController(const SessionController &) = delete; - SessionController &operator=(const SessionController &) = delete; - - void rewindState(size_t steps); - - std::unique_ptr<wfp::FilterEngine> m_engine; - - std::vector<SessionRecord> m_records; - std::vector<SessionRecord> m_transactionRecords; - - std::atomic_bool m_activeTransaction; -}; diff --git a/wfpctl/src/wfpctl/sessionrecord.cpp b/wfpctl/src/wfpctl/sessionrecord.cpp deleted file mode 100644 index ad11f4c013..0000000000 --- a/wfpctl/src/wfpctl/sessionrecord.cpp +++ /dev/null @@ -1,58 +0,0 @@ -#include "stdafx.h" -#include "sessionrecord.h" -#include "libwfp/objectdeleter.h" -#include <atomic> -#include <cstdint> -#include <stdexcept> - -namespace -{ - -std::atomic<uint32_t> g_keybase = 0; - -} // anonymous namespace - -SessionRecord::SessionRecord(const GUID &id, ObjectType type) - : m_type(type) - , m_id(id) - , m_key(g_keybase++) -{ -} - -SessionRecord::SessionRecord(UINT64 id) - : m_type(ObjectType::Filter) - , m_filterId(id) - , m_key(g_keybase++) -{ -} - -void SessionRecord::purge(wfp::FilterEngine &engine) -{ - switch (m_type) - { - case ObjectType::Provider: - { - wfp::ObjectDeleter::DeleteProvider(engine, m_id); - break; - } - case ObjectType::Sublayer: - { - wfp::ObjectDeleter::DeleteSublayer(engine, m_id); - break; - } - case ObjectType::Filter: - { - wfp::ObjectDeleter::DeleteFilter(engine, m_filterId); - break; - } - default: - { - throw std::logic_error("Missing case handler in switch clause"); - } - }; -} - -uint32_t SessionRecord::key() const -{ - return m_key; -} diff --git a/wfpctl/src/wfpctl/sessionrecord.h b/wfpctl/src/wfpctl/sessionrecord.h deleted file mode 100644 index 8ad3be8c86..0000000000 --- a/wfpctl/src/wfpctl/sessionrecord.h +++ /dev/null @@ -1,37 +0,0 @@ -#pragma once - -#include "libwfp/filterengine.h" -#include <guiddef.h> -#include <windows.h> - -class SessionRecord -{ -public: - - enum class ObjectType - { - Provider, - Sublayer, - Filter - }; - - SessionRecord(const GUID &id, ObjectType type); - SessionRecord(UINT64 id); - - SessionRecord(const SessionRecord &) = default; - SessionRecord(SessionRecord &&) = default; - SessionRecord &operator=(const SessionRecord &) = default; - - void purge(wfp::FilterEngine &engine); - - uint32_t key() const; - -private: - - ObjectType m_type; - - GUID m_id; - UINT64 m_filterId; - - uint32_t m_key; -}; diff --git a/wfpctl/src/wfpctl/stdafx.cpp b/wfpctl/src/wfpctl/stdafx.cpp deleted file mode 100644 index 021bdb1465..0000000000 --- a/wfpctl/src/wfpctl/stdafx.cpp +++ /dev/null @@ -1,8 +0,0 @@ -// stdafx.cpp : source file that includes just the standard includes -// wfpctrl.pch will be the pre-compiled header -// stdafx.obj will contain the pre-compiled type information - -#include "stdafx.h" - -// TODO: reference any additional headers you need in STDAFX.H -// and not in this file diff --git a/wfpctl/src/wfpctl/stdafx.h b/wfpctl/src/wfpctl/stdafx.h deleted file mode 100644 index f3a07375c7..0000000000 --- a/wfpctl/src/wfpctl/stdafx.h +++ /dev/null @@ -1,16 +0,0 @@ -// stdafx.h : include file for standard system include files, -// or project specific include files that are used frequently, but -// are changed infrequently -// - -#pragma once - -#include "targetver.h" - -#define WIN32_LEAN_AND_MEAN // Exclude rarely-used stuff from Windows headers -// Windows Header Files: -#include <windows.h> - - - -// TODO: reference additional headers your program requires here diff --git a/wfpctl/src/wfpctl/targetver.h b/wfpctl/src/wfpctl/targetver.h deleted file mode 100644 index ae4a5c032c..0000000000 --- a/wfpctl/src/wfpctl/targetver.h +++ /dev/null @@ -1,12 +0,0 @@ -#pragma once - -// Including SDKDDKVer.h defines the highest available Windows platform. - -// If you wish to build your application for a previous Windows platform, include WinSDKVer.h and -// set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h. - -#include <WinSDKVer.h> - -#define _WIN32_WINNT _WIN32_WINNT_WIN7 - -#include <SDKDDKVer.h> diff --git a/wfpctl/src/wfpctl/wfpcontext.cpp b/wfpctl/src/wfpctl/wfpcontext.cpp deleted file mode 100644 index 9783336216..0000000000 --- a/wfpctl/src/wfpctl/wfpcontext.cpp +++ /dev/null @@ -1,164 +0,0 @@ -#include "stdafx.h" -#include "wfpcontext.h" -#include "mullvadobjects.h" -#include "rules/blockall.h" -#include "rules/ifirewallrule.h" -#include "rules/permitdhcp.h" -#include "rules/permitlan.h" -#include "rules/permitlanservice.h" -#include "rules/permitloopback.h" -#include "rules/permitvpnrelay.h" -#include "rules/permitvpntunnel.h" -#include "rules/restrictdns.h" -#include "libwfp/transaction.h" -#include "libwfp/filterengine.h" -#include <functional> -#include <stdexcept> -#include <utility> - -namespace -{ - -rules::PermitVpnRelay::Protocol TranslateProtocol(WfpctlProtocol protocol) -{ - switch (protocol) - { - case Tcp: return rules::PermitVpnRelay::Protocol::Tcp; - case Udp: return rules::PermitVpnRelay::Protocol::Udp; - default: - { - throw std::logic_error("Missing case handler in switch clause"); - } - }; -} - -void AppendSettingsRules(WfpContext::Ruleset &ruleset, const WfpctlSettings &settings) -{ - if (settings.permitDhcp) - { - ruleset.emplace_back(std::make_unique<rules::PermitDhcp>()); - } - - if (settings.permitLan) - { - ruleset.emplace_back(std::make_unique<rules::PermitLan>()); - ruleset.emplace_back(std::make_unique<rules::PermitLanService>()); - } -} - -void AppendNetBlockedRules(WfpContext::Ruleset &ruleset) -{ - ruleset.emplace_back(std::make_unique<rules::BlockAll>()); - ruleset.emplace_back(std::make_unique<rules::PermitLoopback>()); -} - -} // anonymous namespace - -WfpContext::WfpContext(uint32_t timeout) - : m_baseline(0) -{ - auto engine = wfp::FilterEngine::DynamicSession(timeout); - - // - // Pass engine ownership to "session controller" - // - m_sessionController = std::make_unique<SessionController>(std::move(engine)); - - if (false == applyBaseConfiguration()) - { - throw std::runtime_error("Failed to apply base configuration in BFE."); - } - - m_baseline = m_sessionController->checkpoint(); -} - -bool WfpContext::applyPolicyConnecting(const WfpctlSettings &settings, const WfpctlRelay &relay) -{ - Ruleset ruleset; - - AppendNetBlockedRules(ruleset); - AppendSettingsRules(ruleset, settings); - - ruleset.emplace_back(std::make_unique<rules::PermitVpnRelay>( - wfp::IpAddress(relay.ip), - relay.port, - TranslateProtocol(relay.protocol) - )); - - return applyRuleset(ruleset); -} - -bool WfpContext::applyPolicyConnected(const WfpctlSettings &settings, const WfpctlRelay &relay, const wchar_t *tunnelInterfaceAlias, const wchar_t *primaryDns) -{ - Ruleset ruleset; - - AppendNetBlockedRules(ruleset); - AppendSettingsRules(ruleset, settings); - - ruleset.emplace_back(std::make_unique<rules::PermitVpnRelay>( - wfp::IpAddress(relay.ip), - relay.port, - TranslateProtocol(relay.protocol) - )); - - ruleset.emplace_back(std::make_unique<rules::PermitVpnTunnel>( - tunnelInterfaceAlias - )); - - ruleset.emplace_back(std::make_unique<rules::RestrictDns>( - tunnelInterfaceAlias, - wfp::IpAddress(primaryDns) - )); - - return applyRuleset(ruleset); -} - -bool WfpContext::applyPolicyNetBlocked() -{ - Ruleset ruleset; - - AppendNetBlockedRules(ruleset); - - return applyRuleset(ruleset); -} - -bool WfpContext::reset() -{ - return m_sessionController->executeTransaction([this]() - { - m_sessionController->revert(m_baseline); - return true; - }); -} - -bool WfpContext::applyRuleset(const Ruleset &ruleset) -{ - return m_sessionController->executeTransaction([&]() - { - m_sessionController->revert(m_baseline); - - for (const auto &rule : ruleset) - { - if (false == rule->apply(*m_sessionController)) - { - return false; - } - } - - return true; - }); -} - -bool WfpContext::applyBaseConfiguration() -{ - return m_sessionController->executeTransaction([&]() - { - // - // Install structural objects - // - - return m_sessionController->addProvider(*MullvadObjects::Provider()) - && m_sessionController->addSublayer(*MullvadObjects::SublayerWhitelist()) - && m_sessionController->addSublayer(*MullvadObjects::SublayerBlacklist()); - }); -} diff --git a/wfpctl/src/wfpctl/wfpcontext.h b/wfpctl/src/wfpctl/wfpcontext.h deleted file mode 100644 index 23c25f0ca5..0000000000 --- a/wfpctl/src/wfpctl/wfpcontext.h +++ /dev/null @@ -1,35 +0,0 @@ -#pragma once - -#include "wfpctl.h" -#include "sessioncontroller.h" -#include "rules/ifirewallrule.h" -#include <cstdint> -#include <memory> -#include <vector> - -class WfpContext -{ -public: - - WfpContext(uint32_t timeout); - - bool applyPolicyConnecting(const WfpctlSettings &settings, const WfpctlRelay &relay); - bool applyPolicyConnected(const WfpctlSettings &settings, const WfpctlRelay &relay, const wchar_t *tunnelInterfaceAlias, const wchar_t *primaryDns); - bool applyPolicyNetBlocked(); - - bool reset(); - - using Ruleset = std::vector<std::unique_ptr<rules::IFirewallRule> >; - -private: - - WfpContext(const WfpContext &) = delete; - WfpContext &operator=(const WfpContext &) = delete; - - bool applyBaseConfiguration(); - bool applyRuleset(const Ruleset &ruleset); - - std::unique_ptr<SessionController> m_sessionController; - - uint32_t m_baseline; -}; diff --git a/wfpctl/src/wfpctl/wfpctl.cpp b/wfpctl/src/wfpctl/wfpctl.cpp deleted file mode 100644 index 5ac5617e0a..0000000000 --- a/wfpctl/src/wfpctl/wfpctl.cpp +++ /dev/null @@ -1,208 +0,0 @@ -#include "stdafx.h" -#include "wfpctl.h" -#include "wfpcontext.h" -#include "libwfp/ipaddress.h" -#include <windows.h> -#include <stdexcept> - -namespace -{ - -uint32_t g_timeout = 0; - -WfpctlErrorSink g_ErrorSink = nullptr; -void * g_ErrorContext = nullptr; - -WfpContext *g_wfpContext = nullptr; - -} // anonymous namespace - -WFPCTL_LINKAGE -bool -WFPCTL_API -Wfpctl_Initialize( - uint32_t timeout, - WfpctlErrorSink errorSink, - void *errorContext -) -{ - if (nullptr != g_wfpContext) - { - // - // This is an error. - // The existing instance may have a different timeout etc. - // - return false; - } - - // Convert seconds to milliseconds. - g_timeout = timeout * 1000; - - g_ErrorSink = errorSink; - g_ErrorContext = errorContext; - - try - { - g_wfpContext = new WfpContext(g_timeout); - } - catch (std::exception &err) - { - if (nullptr != g_ErrorSink) - { - g_ErrorSink(err.what(), g_ErrorContext); - } - - return false; - } - catch (...) - { - return false; - } - - return true; -} - -WFPCTL_LINKAGE -bool -WFPCTL_API -Wfpctl_Deinitialize() -{ - if (nullptr == g_wfpContext) - { - return true; - } - - delete g_wfpContext; - g_wfpContext = nullptr; - - return true; -} - -WFPCTL_LINKAGE -bool -WFPCTL_API -Wfpctl_ApplyPolicyConnecting( - const WfpctlSettings &settings, - const WfpctlRelay &relay -) -{ - if (nullptr == g_wfpContext) - { - return false; - } - - try - { - return g_wfpContext->applyPolicyConnecting(settings, relay); - } - catch (std::exception &err) - { - if (nullptr != g_ErrorSink) - { - g_ErrorSink(err.what(), g_ErrorContext); - } - - return false; - } - catch (...) - { - return false; - } -} - -WFPCTL_LINKAGE -bool -WFPCTL_API -Wfpctl_ApplyPolicyConnected( - const WfpctlSettings &settings, - const WfpctlRelay &relay, - const wchar_t *tunnelInterfaceAlias, - const wchar_t *primaryDns -) -{ - if (nullptr == g_wfpContext) - { - return false; - } - - try - { - return g_wfpContext->applyPolicyConnected(settings, relay, tunnelInterfaceAlias, primaryDns); - } - catch (std::exception &err) - { - if (nullptr != g_ErrorSink) - { - g_ErrorSink(err.what(), g_ErrorContext); - } - - return false; - } - catch (...) - { - return false; - } -} - -WFPCTL_LINKAGE -bool -WFPCTL_API -Wfpctl_ApplyPolicyNetBlocked( -) -{ - if (nullptr == g_wfpContext) - { - return false; - } - - try - { - return g_wfpContext->applyPolicyNetBlocked(); - } - catch (std::exception &err) - { - if (nullptr != g_ErrorSink) - { - g_ErrorSink(err.what(), g_ErrorContext); - } - - return false; - } - catch (...) - { - return false; - } -} - -WFPCTL_LINKAGE -bool -WFPCTL_API -Wfpctl_Reset() -{ - if (nullptr == g_wfpContext) - { - // - // This is an error. - // The reset instance enforces the block-all rule. - // - return false; - } - - try - { - return g_wfpContext->reset(); - } - catch (std::exception &err) - { - if (nullptr != g_ErrorSink) - { - g_ErrorSink(err.what(), g_ErrorContext); - } - - return false; - } - catch (...) - { - return false; - } -} diff --git a/wfpctl/src/wfpctl/wfpctl.def b/wfpctl/src/wfpctl/wfpctl.def deleted file mode 100644 index a175f1afb2..0000000000 --- a/wfpctl/src/wfpctl/wfpctl.def +++ /dev/null @@ -1,9 +0,0 @@ -LIBRARY wfpctl -EXPORTS - -Wfpctl_Initialize -Wfpctl_Deinitialize -Wfpctl_ApplyPolicyConnecting -Wfpctl_ApplyPolicyConnected -Wfpctl_ApplyPolicyNetBlocked -Wfpctl_Reset diff --git a/wfpctl/src/wfpctl/wfpctl.h b/wfpctl/src/wfpctl/wfpctl.h deleted file mode 100644 index 3d92b02760..0000000000 --- a/wfpctl/src/wfpctl/wfpctl.h +++ /dev/null @@ -1,150 +0,0 @@ -#pragma once -#include <cstdint> - -// -// WFPCTL public API -// - -#ifdef WFPCTL_EXPORTS -#define WFPCTL_LINKAGE __declspec(dllexport) -#else -#define WFPCTL_LINKAGE __declspec(dllimport) -#endif - -#define WFPCTL_API __stdcall - -/////////////////////////////////////////////////////////////////////////////// -// Structures -/////////////////////////////////////////////////////////////////////////////// - -#pragma pack(push, 1) - -typedef struct tag_WfpctlSettings -{ - // Permit outbound DHCP requests and inbound DHCP responses on all interfaces. - bool permitDhcp; - - // Permit all traffic to and from private address ranges. - bool permitLan; -} -WfpctlSettings; - -enum WfpctlProtocol : uint8_t -{ - Tcp = 0, - Udp = 1 -}; - -typedef struct tag_WfpctlRelay -{ - const wchar_t *ip; - uint16_t port; - WfpctlProtocol protocol; -} -WfpctlRelay; - -#pragma pack(pop) - -/////////////////////////////////////////////////////////////////////////////// -// Functions -/////////////////////////////////////////////////////////////////////////////// - -// -// Initialize: -// -// Call this function once at startup, to register the provider etc. -// -// The timeout, in seconds, specifies how long to wait for the -// transaction lock to become available. Specify 0 to use a default timeout -// determined by Windows. -// -// Optionally provide a callback if you are interested in logging exceptions. -// -typedef void (WFPCTL_API *WfpctlErrorSink)(const char *errorMessage, void *context); - -extern "C" -WFPCTL_LINKAGE -bool -WFPCTL_API -Wfpctl_Initialize( - uint32_t timeout, - WfpctlErrorSink errorSink, - void *errorContext -); - -// -// Deinitialize: -// -// Call this function once before unloading WFPCTL or exiting the process. -// -extern "C" -WFPCTL_LINKAGE -bool -WFPCTL_API -Wfpctl_Deinitialize(); - -// -// ApplyPolicyConnecting: -// -// Apply restrictions in the firewall that block all traffic, except: -// - What is specified by settings -// - Communication with the relay server -// -extern "C" -WFPCTL_LINKAGE -bool -WFPCTL_API -Wfpctl_ApplyPolicyConnecting( - const WfpctlSettings &settings, - const WfpctlRelay &relay -); - -// -// ApplyPolicyConnected: -// -// Apply restrictions in the firewall that block all traffic, except: -// - What is specified by settings -// - Communication with the relay server -// - Non-DNS traffic inside the VPN tunnel -// - DNS requests inside the VPN tunnel, to the specified DNS server -// -// Parameters: -// -// tunnelInterfaceAlias: -// Friendly name of VPN tunnel interface -// primaryDns: -// String encoded IP address of DNS to use inside tunnel -// -extern "C" -WFPCTL_LINKAGE -bool -WFPCTL_API -Wfpctl_ApplyPolicyConnected( - const WfpctlSettings &settings, - const WfpctlRelay &relay, - const wchar_t *tunnelInterfaceAlias, - const wchar_t *primaryDns -); - -// -// ApplyPolicyNetBlocked: -// -// Apply restrictions in the firewall that block all traffic. -// -extern "C" -WFPCTL_LINKAGE -bool -WFPCTL_API -Wfpctl_ApplyPolicyNetBlocked( -); - -// -// Reset: -// -// Clear the policy in effect, if any. -// -extern "C" -WFPCTL_LINKAGE -bool -WFPCTL_API -Wfpctl_Reset(); diff --git a/wfpctl/src/wfpctl/wfpctl.vcxproj b/wfpctl/src/wfpctl/wfpctl.vcxproj deleted file mode 100644 index 5a8f2ada02..0000000000 --- a/wfpctl/src/wfpctl/wfpctl.vcxproj +++ /dev/null @@ -1,226 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<Project DefaultTargets="Build" ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> - <ItemGroup Label="ProjectConfigurations"> - <ProjectConfiguration Include="Debug|Win32"> - <Configuration>Debug</Configuration> - <Platform>Win32</Platform> - </ProjectConfiguration> - <ProjectConfiguration Include="Release|Win32"> - <Configuration>Release</Configuration> - <Platform>Win32</Platform> - </ProjectConfiguration> - <ProjectConfiguration Include="Debug|x64"> - <Configuration>Debug</Configuration> - <Platform>x64</Platform> - </ProjectConfiguration> - <ProjectConfiguration Include="Release|x64"> - <Configuration>Release</Configuration> - <Platform>x64</Platform> - </ProjectConfiguration> - </ItemGroup> - <ItemGroup> - <ClCompile Include="dllmain.cpp" /> - <ClCompile Include="mullvadguids.cpp" /> - <ClCompile Include="mullvadobjects.cpp" /> - <ClCompile Include="rules\blockall.cpp" /> - <ClCompile Include="rules\permitdhcp.cpp" /> - <ClCompile Include="rules\permitlan.cpp" /> - <ClCompile Include="rules\permitlanservice.cpp" /> - <ClCompile Include="rules\permitloopback.cpp" /> - <ClCompile Include="rules\permitvpnrelay.cpp" /> - <ClCompile Include="rules\permitvpntunnel.cpp" /> - <ClCompile Include="rules\restrictdns.cpp" /> - <ClCompile Include="sessioncontroller.cpp" /> - <ClCompile Include="sessionrecord.cpp" /> - <ClCompile Include="stdafx.cpp"> - <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader> - <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader> - <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader> - <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">Create</PrecompiledHeader> - </ClCompile> - <ClCompile Include="wfpcontext.cpp" /> - <ClCompile Include="wfpctl.cpp" /> - </ItemGroup> - <ItemGroup> - <ClInclude Include="iobjectinstaller.h" /> - <ClInclude Include="mullvadguids.h" /> - <ClInclude Include="mullvadobjects.h" /> - <ClInclude Include="rules\blockall.h" /> - <ClInclude Include="rules\ifirewallrule.h" /> - <ClInclude Include="rules\permitdhcp.h" /> - <ClInclude Include="rules\permitlan.h" /> - <ClInclude Include="rules\permitlanservice.h" /> - <ClInclude Include="rules\permitloopback.h" /> - <ClInclude Include="rules\permitvpnrelay.h" /> - <ClInclude Include="rules\permitvpntunnel.h" /> - <ClInclude Include="rules\restrictdns.h" /> - <ClInclude Include="sessioncontroller.h" /> - <ClInclude Include="sessionrecord.h" /> - <ClInclude Include="stdafx.h" /> - <ClInclude Include="targetver.h" /> - <ClInclude Include="wfpcontext.h" /> - <ClInclude Include="wfpctl.h" /> - </ItemGroup> - <ItemGroup> - <None Include="wfpctl.def" /> - </ItemGroup> - <PropertyGroup Label="Globals"> - <VCProjectVersion>15.0</VCProjectVersion> - <ProjectGuid>{801E7DEB-2BD0-4E60-9E4B-74A5CA12ADCB}</ProjectGuid> - <Keyword>Win32Proj</Keyword> - <RootNamespace>wfpctl</RootNamespace> - <WindowsTargetPlatformVersion>10.0.16299.0</WindowsTargetPlatformVersion> - </PropertyGroup> - <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" /> - <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration"> - <ConfigurationType>DynamicLibrary</ConfigurationType> - <UseDebugLibraries>true</UseDebugLibraries> - <PlatformToolset>v141</PlatformToolset> - <CharacterSet>Unicode</CharacterSet> - </PropertyGroup> - <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration"> - <ConfigurationType>DynamicLibrary</ConfigurationType> - <UseDebugLibraries>false</UseDebugLibraries> - <PlatformToolset>v141</PlatformToolset> - <WholeProgramOptimization>true</WholeProgramOptimization> - <CharacterSet>Unicode</CharacterSet> - </PropertyGroup> - <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration"> - <ConfigurationType>DynamicLibrary</ConfigurationType> - <UseDebugLibraries>true</UseDebugLibraries> - <PlatformToolset>v141</PlatformToolset> - <CharacterSet>Unicode</CharacterSet> - </PropertyGroup> - <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration"> - <ConfigurationType>DynamicLibrary</ConfigurationType> - <UseDebugLibraries>false</UseDebugLibraries> - <PlatformToolset>v141</PlatformToolset> - <WholeProgramOptimization>true</WholeProgramOptimization> - <CharacterSet>Unicode</CharacterSet> - </PropertyGroup> - <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" /> - <ImportGroup Label="ExtensionSettings"> - </ImportGroup> - <ImportGroup Label="Shared"> - </ImportGroup> - <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"> - <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> - </ImportGroup> - <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> - <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> - </ImportGroup> - <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> - <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> - </ImportGroup> - <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> - <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> - </ImportGroup> - <PropertyGroup Label="UserMacros" /> - <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"> - <LinkIncremental>true</LinkIncremental> - <OutDir>$(SolutionDir)\bin\$(Platform)-$(Configuration)\</OutDir> - <IntDir>$(SolutionDir)\bin\temp\$(Platform)-$(Configuration)\$(ProjectName)\</IntDir> - </PropertyGroup> - <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> - <LinkIncremental>true</LinkIncremental> - <OutDir>$(SolutionDir)\bin\$(Platform)-$(Configuration)\</OutDir> - <IntDir>$(SolutionDir)\bin\temp\$(Platform)-$(Configuration)\$(ProjectName)\</IntDir> - </PropertyGroup> - <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> - <LinkIncremental>false</LinkIncremental> - <OutDir>$(SolutionDir)\bin\$(Platform)-$(Configuration)\</OutDir> - <IntDir>$(SolutionDir)\bin\temp\$(Platform)-$(Configuration)\$(ProjectName)\</IntDir> - </PropertyGroup> - <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> - <LinkIncremental>false</LinkIncremental> - <OutDir>$(SolutionDir)\bin\$(Platform)-$(Configuration)\</OutDir> - <IntDir>$(SolutionDir)\bin\temp\$(Platform)-$(Configuration)\$(ProjectName)\</IntDir> - </PropertyGroup> - <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'"> - <ClCompile> - <PrecompiledHeader>Use</PrecompiledHeader> - <WarningLevel>Level4</WarningLevel> - <Optimization>Disabled</Optimization> - <SDLCheck>true</SDLCheck> - <PreprocessorDefinitions>WIN32;_DEBUG;WFPCTL_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions> - <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary> - <LanguageStandard>stdcpplatest</LanguageStandard> - <AdditionalIncludeDirectories>$(ProjectDir)..\;$(ProjectDir)..\..\libwfp\src\</AdditionalIncludeDirectories> - </ClCompile> - <Link> - <SubSystem>Windows</SubSystem> - <GenerateDebugInformation>true</GenerateDebugInformation> - <AdditionalDependencies>libwfp.lib;libcommon.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies> - <AdditionalLibraryDirectories>$(SolutionDir)/bin/$(Platform)-$(Configuration)</AdditionalLibraryDirectories> - <ModuleDefinitionFile>wfpctl.def</ModuleDefinitionFile> - </Link> - </ItemDefinitionGroup> - <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> - <ClCompile> - <PrecompiledHeader>Use</PrecompiledHeader> - <WarningLevel>Level4</WarningLevel> - <Optimization>Disabled</Optimization> - <SDLCheck>true</SDLCheck> - <PreprocessorDefinitions>_DEBUG;WFPCTL_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions> - <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary> - <LanguageStandard>stdcpplatest</LanguageStandard> - <AdditionalIncludeDirectories>$(ProjectDir)..\;$(ProjectDir)..\..\libwfp\src\</AdditionalIncludeDirectories> - </ClCompile> - <Link> - <SubSystem>Windows</SubSystem> - <GenerateDebugInformation>true</GenerateDebugInformation> - <AdditionalDependencies>libwfp.lib;libcommon.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies> - <AdditionalLibraryDirectories>$(SolutionDir)/bin/$(Platform)-$(Configuration)</AdditionalLibraryDirectories> - <ModuleDefinitionFile>wfpctl.def</ModuleDefinitionFile> - </Link> - </ItemDefinitionGroup> - <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'"> - <ClCompile> - <PrecompiledHeader>Use</PrecompiledHeader> - <WarningLevel>Level4</WarningLevel> - <Optimization>MaxSpeed</Optimization> - <FunctionLevelLinking>true</FunctionLevelLinking> - <IntrinsicFunctions>true</IntrinsicFunctions> - <SDLCheck>true</SDLCheck> - <PreprocessorDefinitions>WIN32;NDEBUG;WFPCTL_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions> - <RuntimeLibrary>MultiThreaded</RuntimeLibrary> - <LanguageStandard>stdcpplatest</LanguageStandard> - <AdditionalIncludeDirectories>$(ProjectDir)..\;$(ProjectDir)..\..\libwfp\src\</AdditionalIncludeDirectories> - </ClCompile> - <Link> - <SubSystem>Windows</SubSystem> - <EnableCOMDATFolding>true</EnableCOMDATFolding> - <OptimizeReferences>true</OptimizeReferences> - <GenerateDebugInformation>true</GenerateDebugInformation> - <AdditionalDependencies>libwfp.lib;libcommon.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies> - <AdditionalLibraryDirectories>$(SolutionDir)/bin/$(Platform)-$(Configuration)</AdditionalLibraryDirectories> - <ModuleDefinitionFile>wfpctl.def</ModuleDefinitionFile> - </Link> - </ItemDefinitionGroup> - <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> - <ClCompile> - <PrecompiledHeader>Use</PrecompiledHeader> - <WarningLevel>Level4</WarningLevel> - <Optimization>MaxSpeed</Optimization> - <FunctionLevelLinking>true</FunctionLevelLinking> - <IntrinsicFunctions>true</IntrinsicFunctions> - <SDLCheck>true</SDLCheck> - <PreprocessorDefinitions>NDEBUG;WFPCTL_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions> - <RuntimeLibrary>MultiThreaded</RuntimeLibrary> - <LanguageStandard>stdcpplatest</LanguageStandard> - <AdditionalIncludeDirectories>$(ProjectDir)..\;$(ProjectDir)..\..\libwfp\src\</AdditionalIncludeDirectories> - </ClCompile> - <Link> - <SubSystem>Windows</SubSystem> - <EnableCOMDATFolding>true</EnableCOMDATFolding> - <OptimizeReferences>true</OptimizeReferences> - <GenerateDebugInformation>true</GenerateDebugInformation> - <AdditionalDependencies>libwfp.lib;libcommon.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies> - <AdditionalLibraryDirectories>$(SolutionDir)/bin/$(Platform)-$(Configuration)</AdditionalLibraryDirectories> - <ModuleDefinitionFile>wfpctl.def</ModuleDefinitionFile> - </Link> - </ItemDefinitionGroup> - <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" /> - <ImportGroup Label="ExtensionTargets"> - </ImportGroup> -</Project>
\ No newline at end of file diff --git a/wfpctl/src/wfpctl/wfpctl.vcxproj.filters b/wfpctl/src/wfpctl/wfpctl.vcxproj.filters deleted file mode 100644 index 04abe71829..0000000000 --- a/wfpctl/src/wfpctl/wfpctl.vcxproj.filters +++ /dev/null @@ -1,83 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> - <ItemGroup> - <ClCompile Include="dllmain.cpp" /> - <ClCompile Include="stdafx.cpp" /> - <ClCompile Include="wfpctl.cpp" /> - <ClCompile Include="wfpcontext.cpp" /> - <ClCompile Include="sessioncontroller.cpp" /> - <ClCompile Include="mullvadguids.cpp" /> - <ClCompile Include="mullvadobjects.cpp" /> - <ClCompile Include="rules\permitlan.cpp"> - <Filter>rules</Filter> - </ClCompile> - <ClCompile Include="rules\blockall.cpp"> - <Filter>rules</Filter> - </ClCompile> - <ClCompile Include="rules\permitlanservice.cpp"> - <Filter>rules</Filter> - </ClCompile> - <ClCompile Include="rules\permitloopback.cpp"> - <Filter>rules</Filter> - </ClCompile> - <ClCompile Include="rules\permitdhcp.cpp"> - <Filter>rules</Filter> - </ClCompile> - <ClCompile Include="rules\permitvpnrelay.cpp"> - <Filter>rules</Filter> - </ClCompile> - <ClCompile Include="rules\permitvpntunnel.cpp"> - <Filter>rules</Filter> - </ClCompile> - <ClCompile Include="sessionrecord.cpp" /> - <ClCompile Include="rules\restrictdns.cpp"> - <Filter>rules</Filter> - </ClCompile> - </ItemGroup> - <ItemGroup> - <ClInclude Include="stdafx.h" /> - <ClInclude Include="targetver.h" /> - <ClInclude Include="wfpctl.h" /> - <ClInclude Include="wfpcontext.h" /> - <ClInclude Include="sessioncontroller.h" /> - <ClInclude Include="mullvadguids.h" /> - <ClInclude Include="mullvadobjects.h" /> - <ClInclude Include="rules\ifirewallrule.h"> - <Filter>rules</Filter> - </ClInclude> - <ClInclude Include="rules\permitlan.h"> - <Filter>rules</Filter> - </ClInclude> - <ClInclude Include="iobjectinstaller.h" /> - <ClInclude Include="rules\blockall.h"> - <Filter>rules</Filter> - </ClInclude> - <ClInclude Include="rules\permitlanservice.h"> - <Filter>rules</Filter> - </ClInclude> - <ClInclude Include="rules\permitloopback.h"> - <Filter>rules</Filter> - </ClInclude> - <ClInclude Include="rules\permitdhcp.h"> - <Filter>rules</Filter> - </ClInclude> - <ClInclude Include="rules\permitvpnrelay.h"> - <Filter>rules</Filter> - </ClInclude> - <ClInclude Include="rules\permitvpntunnel.h"> - <Filter>rules</Filter> - </ClInclude> - <ClInclude Include="sessionrecord.h" /> - <ClInclude Include="rules\restrictdns.h"> - <Filter>rules</Filter> - </ClInclude> - </ItemGroup> - <ItemGroup> - <Filter Include="rules"> - <UniqueIdentifier>{3639a3ba-599e-400c-918b-8869654cdc1f}</UniqueIdentifier> - </Filter> - </ItemGroup> - <ItemGroup> - <None Include="wfpctl.def" /> - </ItemGroup> -</Project>
\ No newline at end of file |