'https://stackoverflow.com/questions/27396742/how-to-block-all-but-a-specific-list-of-ip-addresses-on-a-given-port-using-ipsec
CreateCommandAndRunIt("ipsec static add filterlist name=filterlist_RDPGuardRichStyle", "filterlist")
'CreateCommandAndRunIt("ipsec static delete filter filterlist=filterlist_RDPGuardRichStyle srcaddr=192.168.2.3 dstaddr=Me protocol=tcp srcport=0 dstport=1234", "filter")
CreateCommandAndRunIt("ipsec static add filter filterlist=filterlist_RDPGuardRichStyle srcaddr=192.168.2.3 dstaddr=Me protocol=tcp srcport=0 dstport=1234", "filter")
CreateCommandAndRunIt("ipsec static add filteraction name=action_RDPGuardRichStyle action=block", "block")
CreateCommandAndRunIt("ipsec static add policy name=policy_RDPGuardRichStyle assign=yes", "assign")
CreateCommandAndRunIt("ipsec static add rule name=rule_RDPGuardRichStyle policy=policy_RDPGuardRichStyle filterlist=filterlist_RDPGuardRichStyle filteraction=action_RDPGuardRichStyle", "rule")
''CreateCommandAndRunIt("ipsec static add filterlist name=filterlist_RDPGuardRichStyle", "filterlist")
'CreateCommandAndRunIt("ipsec static delete filter filterlist=filterlist_RDPGuardRichStyle srcaddr=10.222.222.223 dstaddr=Me protocol=tcp srcport=0 dstport=1234", "filter")
CreateCommandAndRunIt("ipsec static add filter filterlist=filterlist_RDPGuardRichStyle srcaddr=10.222.222.223 dstaddr=Me protocol=tcp srcport=0 dstport=1234", "filter")
'' CreateCommandAndRunIt("ipsec static delete filter filterlist=filterlist_RDPGuardRichStyle srcaddr=10.222.222.222 dstaddr=Me protocol=tcp srcport=0 dstport=1234", "filter")
CreateCommandAndRunIt("ipsec static add filter filterlist=filterlist_RDPGuardRichStyle srcaddr=10.222.222.222 dstaddr=Me protocol=tcp srcport=0 dstport=1234", "filter")
Function CreateCommandAndRunIt(sArgs As String, sTag As String) As String
Dim oProc As New Process
oProc.StartInfo.FileName = "C:\Windows\System32\netsh.exe"
oProc.StartInfo.Arguments = sArgs
oProc.StartInfo.RedirectStandardError = True
oProc.StartInfo.RedirectStandardOutput = True
oProc.StartInfo.UseShellExecute = False
Try
Dim blnOk As Boolean = oProc.Start()
If blnOk Then
WriteFile("Success: " & Now & " " & sTag, "c:\temp\servicefailed.txt")
Return oProc.StandardOutput.ReadToEnd.ToString
Else
WriteFile("Failed: " & Now & " " & " " & sTag & " ", "c:\temp\servicefailed.txt")
Return oProc.StandardError.ReadToEnd.ToString
End If
Catch ex As Exception
WriteFile("Failed: " & Now & " " & " " & sTag & " " & ex.Message.ToString, "c:\temp\servicefailed.txt")
Return oProc.StandardError.ReadToEnd.ToString
'Me.Stop()
End Try
End Function
Function IsIPInternalOnly(sIP As String) As Boolean
Dim ip As IPAddress
Dim is_valid As Boolean = IPAddress.TryParse(sIP, ip)
If Not is_valid Then Return True ' so that it will be ignored
If Val(funGrabBetween(sIP, "", ".")) = 10 Or Left(sIP, 3) = "10." Then
WriteFile(" 10. Internal Address " & sIP & " " & Now, "c:\temp\servicefailed.txt")
Return True
ElseIf Val(funGrabBetween(sIP, "", ".")) = 172 Or Left(sIP, 4) = "172." Then
Dim iSecondOctet As Integer = 0
iSecondOctet = Val(funGrabBetween(sIP, "172.", "."))
If iSecondOctet >= 16 And iSecondOctet <= 31 Then
WriteFile(" 172. Internal Address " & sIP & " " & Now, "c:\temp\servicefailed.txt")
Return True
End If
ElseIf Left(sIP, 8) = "192.168." Then
WriteFile(" 192.168. Internal Address " & sIP & " " & Now, "c:\temp\servicefailed.txt")
Return True
Else
WriteFile(" External Address " & sIP & " " & Now, "c:\temp\servicefailed.txt")
Return False
End If
End Function
private bool IsIPInternalOnly(String sIP )
{
IPAddress ip = null;
bool is_valid = IPAddress.TryParse(sIP, out ip);
if (!is_valid)
{
return false;
}
if (string.Compare(GrabBetween(sIP, "", ".") , "10")==0 || string.Compare(sIP.Substring(0,3) , "10.")==0)
return true;
if (string.Compare(GrabBetween(sIP, "", "."), "172")==0 || string.Compare(sIP.Substring(4), "172.")==0)
{
int iSecondOctet = 0;
//Response.Write("Second Octet = " + GrabBetween(sIP, "172.", ".") + "<BR>");
iSecondOctet = Convert.ToInt32(GrabBetween(sIP, "172.", ".").Replace(".",""));
if ((iSecondOctet >= 16) && (iSecondOctet <= 31))
return true;
}
//Response.Write("<BR />" + sIP +" jj=" + sIP.Substring(0,8) + "]");
if (string.Compare(sIP.Substring(0,8), "192.168.", comparisonType: StringComparison.OrdinalIgnoreCase)==0)
return true;
return false;
}