github.com/mysteriumnetwork/node@v0.0.0-20240516044423-365054f76801/firewall/firewall_windows.go

github.com/mysteriumnetwork/node@v0.0.0-20240516044423-365054f76801/firewall/firewall_windows.go (about)

     1  /*
     2   * Copyright (C) 2019 The "MysteriumNetwork/node" Authors.
     3   *
     4   * This program is free software: you can redistribute it and/or modify
     5   * it under the terms of the GNU General Public License as published by
     6   * the Free Software Foundation, either version 3 of the License, or
     7   * (at your option) any later version.
     8   *
     9   * This program is distributed in the hope that it will be useful,
    10   * but WITHOUT ANY WARRANTY; without even the implied warranty of
    11   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    12   * GNU General Public License for more details.
    13   *
    14   * You should have received a copy of the GNU General Public License
    15   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    16   */
    17  
    18  package firewall
    19  
    20  import (
    21  	"fmt"
    22  
    23  	"github.com/mysteriumnetwork/node/utils/cmdutil"
    24  	"github.com/pkg/errors"
    25  	"github.com/rs/zerolog/log"
    26  )
    27  
    28  // AddInboundRule adds new inbound rule to the platform specific firewall.
    29  func AddInboundRule(proto string, port int) error {
    30  	name := fmt.Sprintf("myst-%d:%s", port, proto)
    31  	cmd := fmt.Sprintf(`netsh advfirewall firewall add rule name="%s" dir=in action=allow protocol=%s localport=%d`, name, proto, port)
    32  
    33  	if inboundRuleExists(name) {
    34  		return nil
    35  	}
    36  
    37  	_, err := cmdutil.PowerShell(cmd)
    38  	if err != nil {
    39  		log.Warn().Err(err).Msg("Failed to add firewall rule")
    40  		return err
    41  	}
    42  
    43  	return nil
    44  }
    45  
    46  // RemoveInboundRule removes inbound rule from the platform specific firewall.
    47  func RemoveInboundRule(proto string, port int) error {
    48  	name := fmt.Sprintf("myst-%d:%s", port, proto)
    49  	cmd := fmt.Sprintf(`netsh advfirewall firewall delete rule name="%s" dir=in`, name)
    50  
    51  	if !inboundRuleExists(name) {
    52  		return errors.New("firewall rule not found")
    53  	}
    54  
    55  	_, err := cmdutil.PowerShell(cmd)
    56  	if err != nil {
    57  		log.Warn().Err(err).Msg("Failed to remove firewall rule")
    58  		return err
    59  	}
    60  
    61  	return nil
    62  }
    63  
    64  func inboundRuleExists(name string) bool {
    65  	cmd := fmt.Sprintf(`netsh advfirewall firewall show rule name="%s" dir=in`, name)
    66  
    67  	if _, err := cmdutil.PowerShell(cmd); err != nil {
    68  		log.Warn().Err(err).Msg("Failed to get firewall rule")
    69  		return false
    70  	}
    71  
    72  	return true
    73  }