WipFW Script Generator V1 Beta
Posted in hacking, HelpDesk, Internet, Networking, Scripting, seguridad, Sistemas, soporte, Utilidades on Nov 29th, 2011
WipFW Script Generator V1 Beta.
Esta utilidad ( WipFW Script Generator ) la he implementado con C# 4.0, en el IDE SharpDevelop 4.1, para .Net 4.0 client profile. Y la he probado en un Windows 7 ultimate SP1 con WipFW 0.5.5b en una LAN stub
Su función es generar un batch script para configurar el firewall WipFW, en un host o máquina de una red stub, es decir que solo conoce una ruta de último recurso (un Gateway) para salir a Inet.
El script generado es simple, no contempla NAT ni redirección de puertos, ya que esta enfocado a configurar el cortafuegos WipFW a modo de “personal firewall” (a grosso modo: capar/permitir redes, hosts, dominios y capar/permitir puertos tcp, udp) para una maquina que no haga funciones router y sea la típica maquina cliente en una típica LAN.)
La utilidad detecta las NICs del host y sus parámetros TCP/IPv4 (IPv4, mascara, dns, gw y proxy si lo hubiera), y se elegiria en un comboBox, mediante la MAC, la NIC con salida a Inet. Tambien se puede elegir la opción “interfaz ppp / modem 3G / …” donde se parametrizaria “a mano” (siempre se podran editar los parametros a mano, idenpendientemente de los valores que obtengan).
Una vez elegida la NIC por su Mac y completado sus parametros tcp/ip, se clikaria el boton OK para validar si estan todos los parametros necesarios, y si lo estuviesen, apareceria el mensaje “parametriza script“, donde el siguiente paso seria acceder al panel de configuración de WipFW, que se encuentra abajo y donde procederiamos a configurar cada pestaña.
Por defecto he marcado o habilitado y desmarcado o deshabilitado los checkBox de las reglas que me parece que son necesarias para optimizar la securización de la maquina con WipFW.
Los comoBox de cada regla permiten definir si la regla va a:
- allow – permitir
- allow log – permitir y escribir en el log
- deny – denegar
- deny log – denegar y escribir en el log
- drop – descartar sin envio de icmp destination port unrechable
- drop log – descartar sin envio de icmp destination port unrechable y escribir en el log
En la pestaña redes, se puede definir las reglas para redes como multicast (224.0.0.0/3), link-local (169.254.0.0/16), y las redes privadas y bogon (a marcar en un checkedListBox ), tambien se puede editar el fichero de la Lista Negra, donde se pueden incluir IPs de host ( 80.59.69.239) o de red ( 80.59.69.0/24 ) o dominios ( www.malware.com ) que se van a bloquear su acceso tanto de salida ( out ) como de entrada ( in )
En la pestaña puertos, podras editar los puertos a permitir o capar ya sean tcp o udp de entrada y salida
Para el usuario no avanzado, tan solo con elegir la nic con salida a Inet y dejar casi por defecto las opciones de la utilidad, tendra un batch script (ultima pestaña SCRIPT) muy funcional, donde solo se permitiria por defecto las consultas DNS a sus servidores DNS, el cliente ssh (tcp22), la navegación WEB (tcp80,tcp443), el correo (smtp, pop3, imap, …) y ser accesible via terminal server o remote desktop protocol (tcp3389)…
En la pestaña proxy, credenciales, IPv6, se podrá dar permisos o capar el proxy:port, definir las credenciales (usuario:contraseña del host) por si se desea ejecutar el script (hacen falta rivilegios de administrador local de la máquina) y dar permiso o capar IPv6.
Tras esto en la pestaña SCRIPT podra ejecutar el script y/o guardarlo o copiarlo al portapapeles. Tan solo es condicion necesaria tener instalado WipFW en la maquina (obvio, pero siempre hay despistados 
)
En el botón de “Monitorizar Log” he adjuntado otra utilidad, Tail Con C#, que he implementado tanmbien en c#, para monitorizar el log de WipFW
Y voila
El código del MainForm.cs
MainForm.cs
///*
// * Created by SharpDevelop.
// * User: JavCasta - http://javcasta.com/
// * Date: 19/09/2011
// * Time: 11:09
// *
// * To change this template use Tools | Options | Coding | Edit Standard Headers.
// */
using System;
using System.Collections.Generic;
using System.Data;
using System.Diagnostics;
using System.Drawing;
using System.IO;
using System.Management;
using System.Net;
using System.Text.RegularExpressions;
using System.Windows.Forms;
namespace Prueba
{
/// <summary>
/// Description of MainForm.
/// </summary>
public partial class MainForm : Form
{
ManagementClass objMC;
ManagementObjectCollection objMOC;
string[] ipaddresses;
string[] subnets;
string[] gateways;
string[] dns;
string hostname;
int i = 0;
public MainForm()
{
//
// The InitializeComponent() call is required for Windows Forms designer support.
//
InitializeComponent();
//
// TODO: Add constructor code after the InitializeComponent() call.
//
// Begin show
richTextBox1.Text="";
ListIP();
// end show
}
public void fulldata()
{
if (comboBox2.Text!="" && comboBox3.Text!="" && comboBox4.Text!="" && textBox4.Text!="") {
MessageBox.Show("Parametriza script");
tabControl1.Enabled=true;
}
else {
MessageBox.Show("Faltan parametros");
tabControl1.Enabled=false;
}
}
public void ListIP()
{
objMC = new ManagementClass("Win32_NetworkAdapterConfiguration");
objMOC = objMC.GetInstances();
i=0;
foreach(ManagementObject objMO in objMOC)
{
if(!(bool)objMO["ipEnabled"])
continue;
i=i+1; // i = nº de NICs
// j = nº de IPs
richTextBox1.Text=richTextBox1.Text + "NIC: " + objMO["Caption"] + "," + objMO["ServiceName"] + "," + objMO["MACAddress"] +"\n";
comboBox1.Items.Add(objMO["MACAddress"]);
ipaddresses = (string[]) objMO["IPAddress"];
subnets = (string[]) objMO["IPSubnet"];
gateways = (string[]) objMO["DefaultIPGateway"];
dns = (string[]) objMO["DNSServerSearchOrder"];
hostname = (String) objMO["DNSHostName"];
groupBox1.Text = "Info TCP/IPv4: " + hostname;
try
{
richTextBox1.Text=richTextBox1.Text + "Gateway: ";
if (gateways != null)
foreach(string sGate in gateways) {
richTextBox1.Text=richTextBox1.Text + sGate + "\n";
}
else richTextBox1.Text=richTextBox1.Text + "\n";
richTextBox1.Text=richTextBox1.Text + "Ip: ";
if (ipaddresses != null) {
foreach(string sIP in ipaddresses) {
richTextBox1.Text=richTextBox1.Text + sIP + "\n";
}
}
else richTextBox1.Text=richTextBox1.Text + "\n";
richTextBox1.Text=richTextBox1.Text + "Mascara: ";
if (subnets != null)
foreach(string sNet in subnets)
richTextBox1.Text=richTextBox1.Text + sNet + "\n";
else richTextBox1.Text=richTextBox1.Text + "\n";
richTextBox1.Text=richTextBox1.Text + "DNS: ";
if (dns != null)
foreach(string sDns in dns)
richTextBox1.Text=richTextBox1.Text + sDns + ", ";
else richTextBox1.Text=richTextBox1.Text + "\n";
} //fin try
catch(Exception ex)
{
MessageBox.Show("error : " + ex.Message);
}
richTextBox1.Text=richTextBox1.Text + "\n===================================================\n";
}
comboBox1.Items.Add("Interfaz ppp/modem 3G/ ...");
//proxy
//ref http://stackoverflow.com/questions/4254351/get-the-uri-from-the-default-web-proxy
var proxy = HttpWebRequest.GetSystemWebProxy();
string laurl="http://javcasta.com";
string myproxy = "";
string myproxyport = "";
Uri proxyUri = proxy.GetProxy(new Uri(laurl));
if (laurl == "http://"+proxyUri.Host.ToString())
{
//MessageBox.Show("No hay proxy");
myproxy = "";
myproxyport = "";
}
else
{
myproxy = proxyUri.Host.ToString();
myproxyport = proxyUri.Port.ToString();
//MessageBox.Show("Proxy: "+myproxy+" puerto: "+myproxyport);
}
textBox6.Text = myproxy;
textBox7.Text = myproxyport;
comboBox5.SelectedIndex = 0;
comboBox7.SelectedIndex = 0;
comboBox8.SelectedIndex = 0;
comboBox9.SelectedIndex = 0;
comboBox10.SelectedIndex = 0;
comboBox11.SelectedIndex = 0;
comboBox13.SelectedIndex = 3;
comboBox15.SelectedIndex = 0;
comboBox17.SelectedIndex = 0;
comboBox12.SelectedIndex = 3;
comboBox14.SelectedIndex = 0;
comboBox16.SelectedIndex = 0;
comboBox18.SelectedIndex = 0;
comboBox19.SelectedIndex = 0;
comboBox20.SelectedIndex = 0;
comboBox21.SelectedIndex = 0;
comboBox26.SelectedIndex = 0;
comboBox24.SelectedIndex = 0;
comboBox22.SelectedIndex = 0;
comboBox23.SelectedIndex = 0;
comboBox25.SelectedIndex = 0;
comboBox27.SelectedIndex = 0;
comboBox28.SelectedIndex = 0;
comboBox29.SelectedIndex = 0;
for ( int ele=0; ele < checkedListBox1.Items.Count; ++ele )
checkedListBox1.SetItemChecked( ele, true );
for ( int ele=0; ele < checkedListBox2.Items.Count; ++ele )
checkedListBox2.SetItemChecked( ele, true );
for ( int ele=3; ele < 9 ; ++ele )
checkedListBox3.SetItemChecked( ele, true );
} //fin ListIP
void ComboBox1SelectedIndexChanged(object sender, EventArgs e)
{
//elegir nic
comboBox2.Items.Clear();
comboBox3.Items.Clear();
comboBox4.Items.Clear();
comboBox2.Text = "";
comboBox3.Text = "";
comboBox4.Text = "";
textBox4.Text ="";
textBox5.Text ="";
string consulta="SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = 'TRUE' And MACAddress = '"+
comboBox1.SelectedItem.ToString()+"' And (SettingID != NULL)";
//MessageBox.Show(consulta);
ManagementObjectSearcher query = new ManagementObjectSearcher(consulta);
ManagementObjectCollection queryCollection = query.Get();
try
{
foreach( ManagementObject mo in queryCollection )
{
string[] direcciones = (string[])mo["IPAddress"];
if (direcciones != null) {
foreach(string strIP in direcciones) {
comboBox2.Items.Add(strIP);
if (comboBox2.Text == "") comboBox2.Text = strIP;
}
}
string[] mascaras = (string[])mo["IPSubnet"];
if (mascaras != null) {
foreach(string strMascara in mascaras) {
comboBox3.Items.Add(strMascara);
if (comboBox3.Text == "") comboBox3.Text = strMascara;
}
}
string[] puertaDeEnlace = (string[])mo["DefaultIPGateway"];
if (puertaDeEnlace != null) {
foreach(string strGW in puertaDeEnlace) {
comboBox4.Items.Add(strGW);
if (comboBox4.Text == "") comboBox4.Text = strGW;
}
}
string[] sdns = (string[])mo["DNSServerSearchOrder"];
if (sdns != null) {
foreach(string strdns in sdns) {
if (textBox4.Text == "") textBox4.Text=strdns;
textBox5.Text = strdns;
}
}
}
}//try
catch(Exception ex)
{
//MessageBox.Show("error : " + ex.Message);
}
if (comboBox1.Text=="Interfaz ppp/modem 3G/ ...") {
comboBox3.Text="255.255.255.255";
comboBox4.Text="0.0.0.0";
textBox4.Text="208.67.222.222";
textBox5.Text="208.67.220.220";
}
} //fin evento combobox
void ComboBox2SelectedIndexChanged(object sender, EventArgs e)
{
try
{
comboBox3.SelectedIndex = comboBox2.SelectedIndex;
}
catch(Exception ex)
{
//MessageBox.Show("error : " + ex.Message);
}
}//
void ComboBox3SelectedIndexChanged(object sender, EventArgs e)
{
try
{
comboBox2.SelectedIndex = comboBox3.SelectedIndex;
}
catch(Exception ex)
{
//MessageBox.Show("error : " + ex.Message);
}
}
void CheckBox1CheckedChanged(object sender, EventArgs e)
{
if (checkBox1.Checked) {
textBox6.Enabled = true;
textBox7.Enabled = true;
checkBox27.Checked = true;
}
else {
textBox6.Enabled = false;
textBox7.Enabled = false;
checkBox27.Checked = false;
}
}
void Button1Click(object sender, EventArgs e)
{
Process.Start("TailCsharp2.exe");
/*
* Process p= new Process();
p.StartInfo.WorkingDirectory = @"C:\whatever";
p.StartInfo.FileName = @"C:\some.exe";
p.StartInfo.CreateNoWindow = true;
p.Start();
p.WaitForExit();
*/
}
void Button2Click(object sender, EventArgs e)
{
//si no existe fichero lo creamos
if (!File.Exists("table1.txt")) {
StreamWriter Sw1 = new StreamWriter("table1.txt");
Sw1.WriteLine("adultpornoxxx.info");
Sw1.WriteLine("0.0.0.0/8");
Sw1.WriteLine("5.64.0.0/10");
Sw1.WriteLine("5.128.0.0/9");
Sw1.WriteLine("216.252.162.8");
Sw1.Close();
}
Process.Start("table1.txt");
}
void Button3Click(object sender, EventArgs e)
{
Process.Start("http://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt");
}
void Button4Click(object sender, EventArgs e)
{
Process.Start("http://www.joewein.net/dl/bl/dom-bl-base.txt");
}
void Button5Click(object sender, System.EventArgs e)
{
//si no existe fichero lo creamos
if (!File.Exists("portsout.txt")) {
StreamWriter Sw1 = new StreamWriter("portsout.txt");
Sw1.WriteLine("# tcp ports out - puertos tcp a los que podrás conectarte");
Sw1.WriteLine("# ftp");
Sw1.WriteLine("20");
Sw1.WriteLine("21");
Sw1.WriteLine("# ssh");
Sw1.WriteLine("22");
Sw1.WriteLine("# telnet");
Sw1.WriteLine("23");
Sw1.WriteLine("# smtp");
Sw1.WriteLine("25");
Sw1.WriteLine("# http");
Sw1.WriteLine("80");
Sw1.WriteLine("# pop3");
Sw1.WriteLine("110");
Sw1.WriteLine("# https");
Sw1.WriteLine("443");
Sw1.WriteLine("# secureImap");
Sw1.WriteLine("993");
Sw1.WriteLine("# Terminal server - remote desktop");
Sw1.WriteLine("3389");
Sw1.Close();
}
Process.Start("portsout.txt");
}
void Button6Click(object sender, System.EventArgs e)
{
//si no existe fichero lo creamos
if (!File.Exists("portsin.txt")) {
StreamWriter Sw1 = new StreamWriter("portsin.txt");
Sw1.WriteLine("# tcp ports in - puertos tuyos tcp a los que podrán conectarse");
Sw1.WriteLine("# Terminal server o Remote desktop for win: tcp3389");
Sw1.WriteLine("3389");
Sw1.Close();
}
Process.Start("portsin.txt");
}
void CheckBox12CheckedChanged(object sender, EventArgs e)
{
if (checkBox12.Checked)
{
//checkedListBox5.Enabled = true;
button6.Enabled = true;
}
else
{
//checkedListBox5.Enabled = false;
button6.Enabled = false;
}
}
void Button7Click(object sender, EventArgs e)
{
fulldata();
}
void Button8Click(object sender, EventArgs e)
{
Process.Start("http://wipfw.sourceforge.net/");
}
void Button9Click(object sender, EventArgs e)
{
//si no existe fichero lo creamos
if (!File.Exists("udpout.txt")) {
StreamWriter Sw1 = new StreamWriter("udpout.txt");
Sw1.WriteLine("#No udp Ports out");
Sw1.WriteLine("# tftp udp69");
Sw1.WriteLine("69");
Sw1.Close();
}
Process.Start("udpout.txt");
}
void Button10Click(object sender, EventArgs e)
{
Process.Start("http://www.javcasta.com/2011/07/31/wipfw-un-firewall-freebsd-por-consola-para-windows/");
}
void Button11Click(object sender, EventArgs e)
{
Process.Start("http://www.javcasta.com/?s=wipfw");
}
void TabPage3GotFocus(object sender, EventArgs e)
{
//evento foco
richTextBox2.Select();
richTextBox2.Text="@echo off\n";
richTextBox2.Text+="@SETLOCAL ENABLEDELAYEDEXPANSION\n";
richTextBox2.Text+="REM WipFW 0.5.5b Script Generator V1.Beta - By JavCasta - 2.011\n";
richTextBox2.Text+="REM http://javcasta.com/\n";
richTextBox2.Text+="set dns1="+textBox4.Text+"\n";
richTextBox2.Text+="set dns2="+textBox5.Text+"\n";
richTextBox2.Text+="set me="+comboBox2.Text+"\n";
richTextBox2.Text+="set mask="+comboBox3.Text+"\n";
richTextBox2.Text+="set gw="+comboBox4.Text+"\n";
if (checkBox1.Checked) {
if (textBox6.Text!="" && textBox7.Text!="") {
richTextBox2.Text+="set proxy="+textBox6.Text+"\n";
richTextBox2.Text+="set proxyport="+textBox7.Text+"\n";
}
}
richTextBox2.Text+="echo Limpiamos (flush) reglas del firewall wipfw.\n";
richTextBox2.Text+="ipfw -q -f flush\n";
if (checkBox2.Checked) richTextBox2.Text+="REM count\n"+"ipfw -q add count "+comboBox6.Text+"ip from any to any\n";
if (checkBox3.Checked) richTextBox2.Text+="REM loopback\n"+"ipfw -q add "+comboBox5.Text+"ip from any to any via lo*\n";
if (checkBox4.Checked) richTextBox2.Text+="REM debegamos trafico entrante aleatorio con probabilidad >=5%\n"+
"ipfw -q add prob 0.05 drop ip from any to any in\n";
if (checkBox5.Checked) richTextBox2.Text+="REM denegamos localhost spoofing\n"+"ipfw -q add drop log ip from any to 127.0.0.0/8 in\n";
if (checkBox6.Checked) richTextBox2.Text+="ipfw -q add drop log ip from 127.0.0.0/8 to any in\n";
if (checkBox7.Checked) richTextBox2.Text+="REM denegamos trafico fragmentado\n"+"ipfw -q add drop log all from any to any frag\n";
if (checkBox20.Checked) {
richTextBox2.Text+="REM DHCP\n"+"ipfw -q add pass udp from 0.0.0.0 68 to 255.255.255.255 67 out\n"+
"ipfw -q add pass udp from any 67 to any 68 in\n"+
"ipfw -q add pass udp from any 67 to 255.255.255.255 68 in\n";
}
if (checkBox10.Checked) richTextBox2.Text+="REM ICMP\n"+"ipfw -q add "+comboBox9.Text+"icmp from any to any\n";
if (checkBox32.Checked) richTextBox2.Text+="REM IPv6\n"+"ipfw -q add "+comboBox29.Text+"ipv6 from any to any\n";
if (checkBox22.Checked) richTextBox2.Text+="REM Check-State\n"+"ipfw -q add check-state\n";
if (checkBox23.Checked) richTextBox2.Text+="REM DNS\n"+"ipfw -q add "+comboBox20.Text+"udp from any to %dns1%,%dns2% 53 keep-state\n";
if (checkBox24.Checked) richTextBox2.Text+="ipfw -q add "+comboBox21.Text+"udp from %dns1%,%dns2% 53 to any keep-state\n";
if (checkBox14.Checked) richTextBox2.Text+="REM Multicast / IGMP\n"+"ipfw -q add "+comboBox13.Text+"ip from any to 224.0.0.0/3\n";
if (checkBox14.Checked) richTextBox2.Text+="ipfw -q add "+comboBox12.Text+"ip from 224.0.0.0/3 to any\n";
if (checkBox16.Checked) richTextBox2.Text+="REM link-local\n"+"ipfw -q add "+comboBox15.Text+"ip from any to 169.254.0.0/16\n";
if (checkBox15.Checked) richTextBox2.Text+="ipfw -q add "+comboBox14.Text+"ip from 169.254.0.0/16 to any\n";
//redes privadas y bogon
string poolnet1="";
String poolnet2="";
int countpool = 0;
foreach(var item in checkedListBox3.CheckedItems){
Regex ip = new Regex(@"\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\/\d{1,2}\b");
MatchCollection result = ip.Matches(item.ToString());
if (countpool < 4) poolnet1+=result[0]+",";
if (countpool >= 4) poolnet2+=result[0]+",";
countpool++;
}
poolnet1=poolnet1.TrimEnd(',');
poolnet2=poolnet2.TrimEnd(',');
//MessageBox.Show(poolnet1);
if (checkBox18.Checked) {
richTextBox2.Text+="REM redes privadas y bogon\n"+
"ipfw -q add "+comboBox17.Text+"ip from any to "+poolnet1+"\n";
richTextBox2.Text+="ipfw -q add "+comboBox17.Text+"ip from any to "+poolnet2+"\n";
}
if (checkBox29.Checked) {
richTextBox2.Text+="ipfw -q add "+comboBox26.Text+"ip from "+poolnet1+" to any\n";
richTextBox2.Text+="ipfw -q add "+comboBox26.Text+"ip from "+poolnet2+" to any\n";
}
richTextBox2.Text+="REM Lista Negra\n"+"ipfw -q table 1 flush\n";
richTextBox2.Text+="if exist table1.txt FOR /F \"eol=#\" %%i IN (table1.txt) do ipfw -q table 1 add %%i\n";
if (checkBox17.Checked) richTextBox2.Text+="if exist table1.txt ipfw -q add "+comboBox16.Text+"ip from \"table(1)\" to any\n";
if (checkBox19.Checked) richTextBox2.Text+="if exist table1.txt ipfw -q add "+comboBox18.Text+"ip from any to \"table(1)\"\n";
//no tcp ports out
String vnoportsout="";
if (checkBox30.Checked) {
richTextBox2.Text+="REM denegamos puertos tcp out\n";
//leemos noportsout.txt
StreamReader ficheronpo = new StreamReader("noportsout.txt");
int counternpo = 0;
string linenpo="#";
while((linenpo = ficheronpo.ReadLine()) != null){
if (!linenpo.StartsWith("#")) {
vnoportsout+=linenpo+",";
counternpo++;
}
if (counternpo>4) {
vnoportsout=vnoportsout.TrimEnd(',');
if (vnoportsout!="") richTextBox2.Text+="ipfw -q add "+comboBox27.Text+"tcp from %me% to any "+vnoportsout+"\n";
counternpo=0;
vnoportsout="";
}
}
ficheronpo.Close();
vnoportsout=vnoportsout.TrimEnd(',');
if (vnoportsout!="") richTextBox2.Text+="ipfw -q add "+comboBox27.Text+"tcp from %me% to any "+vnoportsout+"\n";
}
//no tcp ports in
String vnoportsin="";
if (checkBox25.Checked) {
richTextBox2.Text+="REM denegamos puertos tcp in\n";
//leemos noportsin.txt
StreamReader ficheronpi = new StreamReader("noportsin.txt");
int counternpi = 0;
string linenpi="#";
while((linenpi = ficheronpi.ReadLine()) != null){
if (!linenpi.StartsWith("#")) {
vnoportsin+=linenpi+",";
counternpi++;
}
if (counternpi>4) {
vnoportsin=vnoportsin.TrimEnd(',');
if (vnoportsin!="") richTextBox2.Text+="ipfw -q add "+comboBox22.Text+"tcp from any to %me% "+vnoportsin+"\n";
counternpi=0;
vnoportsin="";
}
}
ficheronpi.Close();
vnoportsin=vnoportsin.TrimEnd(',');
if (vnoportsin!="") richTextBox2.Text+="ipfw -q add "+comboBox22.Text+"tcp from any to %me% "+vnoportsin+"\n";
}
//no udp out
String vnoudpout="";
if (checkBox26.Checked) {
richTextBox2.Text+="REM denegamos puertos udp out\n";
//leemos noudpout.txt
StreamReader ficheronuo = new StreamReader("noudpout.txt");
int counternuo = 0;
string linenuo="#";
while((linenuo = ficheronuo.ReadLine()) != null){
if (!linenuo.StartsWith("#")) {
vnoudpout+=linenuo+",";
counternuo++;
}
if (counternuo>4) {
vnoudpout=vnoudpout.TrimEnd(',');
if (vnoudpout!="") richTextBox2.Text+="ipfw -q add "+comboBox23.Text+"udp from %me% to any "+vnoudpout+"\n";
counternuo=0;
vnoudpout="";
}
}
ficheronuo.Close();
vnoudpout=vnoudpout.TrimEnd(',');
if (vnoudpout!="") richTextBox2.Text+="ipfw -q add "+comboBox23.Text+"udp from %me% to any "+vnoudpout+"\n";
}
//noudpin
String vnoudpin="";
if (checkBox28.Checked) {
richTextBox2.Text+="REM denegamos puertos udp in\n";
//leemos noudpin.txt
StreamReader ficheronui = new StreamReader("noudpin.txt");
int counternui = 0;
string linenui="#";
while((linenui = ficheronui.ReadLine()) != null){
if (!linenui.StartsWith("#")) {
vnoudpin+=linenui+",";
counternui++;
}
if (counternui>4) {
vnoudpin=vnoudpin.TrimEnd(',');
if (vnoudpin!="") richTextBox2.Text+="ipfw -q add "+comboBox25.Text+"udp from any to %me% "+vnoudpin+"\n";
counternui=0;
vnoudpin="";
}
}
ficheronui.Close();
vnoudpin=vnoudpin.TrimEnd(',');
if (vnoudpin!="") richTextBox2.Text+="ipfw -q add "+comboBox25.Text+"udp from any to %me% "+vnoudpin+"\n";
}
richTextBox2.Text+="REM si trafico entre %me% y any saltamos a 50000\n";
richTextBox2.Text+="ipfw -q add skipto 50000 ip from %me% to any\n";
richTextBox2.Text+="ipfw -q add skipto 50000 ip from any to %me%\n";
richTextBox2.Text+="REM lo permitido ya ha saltado a 50000, denegamos establecidas\n";
richTextBox2.Text+="ipfw -q add drop log tcp from any to any established\n";
richTextBox2.Text+="REM saltamos a 65534 - drop all from any to any\n";
richTextBox2.Text+="ipfw -q add skipto 65534 ip from any to any\n";
//established
richTextBox2.Text+="REM Established y si tcp out\n"+"ipfw -q add 50000 allow tcp from %me% to any established out\n";
richTextBox2.Text+="ipfw -q add allow tcp from any to %me% established in\n";
//sitcpout
string vportsout="";
if (checkBox11.Checked) {
//leemos portsout.txt
StreamReader fichero = new StreamReader("portsout.txt");
int counter = 0;
string line="#";
while((line = fichero.ReadLine()) != null){
if (!line.StartsWith("#")) {
vportsout+=line+",";
counter++;
}
if (counter>4) {
vportsout=vportsout.TrimEnd(',');
if (vportsout!="") richTextBox2.Text+="ipfw -q add "+comboBox10.Text+"tcp from %me% to any "+vportsout+" setup keep-state\n";
counter=0;
vportsout="";
}
}
fichero.Close();
vportsout=vportsout.TrimEnd(',');
if (vportsout!="") richTextBox2.Text+="ipfw -q add "+comboBox10.Text+"tcp from %me% to any "+vportsout+" setup keep-state\n";
}
//proxy
if (checkBox27.Checked) richTextBox2.Text+="if defined proxy if defined proxyport ipfw -q add "+comboBox24.Text+"tcp from %me% to %proxy% %proxyport% setup keep-state\n";
//si tcp ports in
String vsiportsin="";
if (checkBox12.Checked) {
richTextBox2.Text+="REM permitimos puertos tcp in - entrantes\n";
//leemos portsin.txt
StreamReader ficherospi = new StreamReader("portsin.txt");
int counterspi = 0;
string linespi="#";
while((linespi = ficherospi.ReadLine()) != null){
if (!linespi.StartsWith("#")) {
vsiportsin+=linespi+",";
counterspi++;
}
if (counterspi>4) {
vsiportsin=vsiportsin.TrimEnd(',');
if (vsiportsin!="") richTextBox2.Text+="ipfw -q add "+comboBox11.Text+"tcp from any to %me% "+vsiportsin+" setup keep-state\n";
counterspi=0;
vsiportsin="";
}
}
ficherospi.Close();
vsiportsin=vsiportsin.TrimEnd(',');
if (vsiportsin!="") richTextBox2.Text+="ipfw -q add "+comboBox11.Text+"tcp from any to %me% "+vsiportsin+" setup keep-state\n";
}
//si udp in
String vudpin="";
if (checkBox31.Checked) {
richTextBox2.Text+="REM denegamos puertos udp in\n";
//leemos udpin.txt
StreamReader ficherosui = new StreamReader("udpin.txt");
int counterui = 0;
string linenui="#";
while((linenui = ficherosui.ReadLine()) != null){
if (!linenui.StartsWith("#")) {
vudpin+=linenui+",";
counterui++;
}
if (counterui>4) {
vudpin=vudpin.TrimEnd(',');
if (vudpin!="") richTextBox2.Text+="ipfw -q add "+comboBox18.Text+"udp from any to %me% "+vudpin+"\n";
counterui=0;
vudpin="";
}
}
ficherosui.Close();
vudpin=vudpin.TrimEnd(',');
if (vudpin!="") richTextBox2.Text+="ipfw -q add "+comboBox18.Text+"udp from any to %me% "+vudpin+"\n";
}
//si udp out
String vudpout="";
if (checkBox21.Checked) {
richTextBox2.Text+="REM permitimos puertos udp out\n";
//leemos udpout.txt
StreamReader ficherosuo = new StreamReader("udpout.txt");
int counteruo = 0;
string linenuo="#";
while((linenuo = ficherosuo.ReadLine()) != null){
if (!linenuo.StartsWith("#")) {
vudpout+=linenuo+",";
counteruo++;
}
if (counteruo>4) {
vudpout=vudpout.TrimEnd(',');
if (vudpout!="") richTextBox2.Text+="ipfw -q add "+comboBox19.Text+"udp from %me% to %any% "+vudpout+" keep-state\n";
counteruo=0;
vudpout="";
}
}
ficherosuo.Close();
vudpout=vudpout.TrimEnd(',');
if (vudpout!="") richTextBox2.Text+="ipfw -q add "+comboBox19.Text+"udp from %me% to any "+vudpout+" keep-state\n";
}
richTextBox2.Text+="ipfw -q add 65534 drop log all from any to any\n";
richTextBox2.Text+="pause";
}
void Button15Click(object sender, EventArgs e)
{
Process.Start("https://secure.wikimedia.org/wikipedia/en/wiki/List_of_IP_protocol_numbers");
}
void Button14Click(object sender, EventArgs e)
{
//si no existe fichero lo creamos
if (!File.Exists("noportsout.txt")) {
StreamWriter Sw1 = new StreamWriter("noportsout.txt");
Sw1.WriteLine("#No tcp Ports out");
Sw1.WriteLine("#vnc tcp5800, tcp5900");
Sw1.WriteLine("5800");
Sw1.WriteLine("5900");
Sw1.Close();
}
Process.Start("noportsout.txt");
}
void Button16Click(object sender, EventArgs e)
{
richTextBox2.SelectAll();
richTextBox2.Copy();
}
void Button17Click(object sender, EventArgs e)
{
if (!File.Exists("noportsin.txt")) {
StreamWriter Sw1 = new StreamWriter("noportsin.txt");
Sw1.WriteLine("# No tcp Ports in - Puertos tuyos tcp a los que no se podran conectar");
Sw1.WriteLine("21");
Sw1.WriteLine("23");
Sw1.WriteLine("25");
Sw1.WriteLine("80");
Sw1.WriteLine("443");
Sw1.WriteLine("162");
Sw1.WriteLine("169");
Sw1.Close();
}
Process.Start("noportsin.txt");
}
void Button12Click(object sender, EventArgs e)
{
//ejecutar
StreamWriter defaultScript = new StreamWriter("MyWipFWScript.cmd");
defaultScript.Write(richTextBox2.Text);
defaultScript.Close();
//string pass = "";
var pass = new System.Security.SecureString();
foreach (Char c in maskedTextBox1.Text.ToCharArray()){
pass.AppendChar(c);
}
try {
Process.Start("MyWipFWScript.cmd",textBox1.Text, pass, "");
}
catch(Exception ex) {
MessageBox.Show("error : " + ex.Message + "\n Revisa en la pestaña anterior, las credenciales de "+textBox1.Text);
}
/*
var psi = new ProcessStartInfo
{
FileName = "MyWipFWScript.cmd",
UserName = "administrador",
Domain = "",
Password = pass,
UseShellExecute = false,
RedirectStandardOutput = true,
RedirectStandardError = true
};
Process.Start(psi);
*/
}
void Button13Click(object sender, EventArgs e)
{
//guardar MyWipFWScript
string ahora = DateTime.Now.Day.ToString()+"-"+DateTime.Now.Month.ToString()+"-"+
DateTime.Now.Year.ToString()+"-"+DateTime.Now.Hour.ToString()+"-"+DateTime.Now.Minute.ToString();
string script = "MyWipFWScript"+"-"+ahora+".cmd";
//creamos fichero
StreamWriter myscript = new StreamWriter(script);
myscript.Write(richTextBox2.Text);
myscript.Close();
MessageBox.Show("Se ha guardado "+script);
}
void Button18Click(object sender, EventArgs e)
{
//no udp out
if (!File.Exists("noudpout.txt")) {
StreamWriter Sw1 = new StreamWriter("noudpout.txt");
Sw1.WriteLine("# No udp ports out");
Sw1.WriteLine("161");
Sw1.Close();
}
Process.Start("noudpout.txt");
}
void Button20Click(object sender, EventArgs e)
{
//si udp in
if (!File.Exists("udpin.txt")) {
StreamWriter Sw1 = new StreamWriter("udpin.txt");
Sw1.WriteLine("# udp ports in");
Sw1.WriteLine("# tftp69");
Sw1.WriteLine("#69");
Sw1.Close();
}
Process.Start("udpin.txt");
}
void Button19Click(object sender, EventArgs e)
{
//no udp in
if (!File.Exists("noudpin.txt")) {
StreamWriter Sw1 = new StreamWriter("noudpin.txt");
Sw1.WriteLine("# no udp ports in");
Sw1.WriteLine("69");
Sw1.Close();
}
Process.Start("noudpin.txt");
}
void Button21Click(object sender, EventArgs e)
{
//FAQ
Process.Start("http://www.javcasta.com/2011/11/29/wipfw-script-generator-v1-beta/");
}
}
}
Clika en el altavoz para oir el post
.˛.°★。˛ °.★** *★* *˛.
˛ °_██_*。*./ \ .˛* .˛.*.★*¡¡¡Feliz año 2012 Javier!!!*★ 。*
˛. (´• ̮•)*˛°*/.♫.♫\*˛.* ˛_Π_____. * ˛*
. °( . • . ) ˛°./• ‘♫ ‘ •\.˛*./______/~\*. ˛*.。˛* ˛. *。
* (…’•’.. ) *˛╬╬╬╬╬˛°.|田田 |門|╬╬╬╬ .
¯˜”*°••°*”˜¯`´¯˜”*°••°*”˜¯`¬´¯˜”*°´¯˜”*°••°*”˜¯`´¯˜”*°•~´¯˜”*°´¯˜”*°••°*”˜¯`´¯˜”*°
Con muuuuucho cariño
Pili
Igualmente Pili. Feliz 2012.
Pedazo de ascii art!
Ups!! Debí poner una posdata en la que aclarar que no lo hice yo, que me lo enviaron por el facebook y me gustó tanto que lo modifiqué para usarlo como felicitación.
Ojalá se me diera a mi tan bien ese arte
pero no es el caso
Un besote enoooooooooooooorme!!!
Sigue siendo un “peazo” de ascci art
365 Besotes para ti para este año, q a pesar de que prometa malos tiempos, estoy seguro q para ti y loos tuyos seran excelentes
Abrazos