{*******************************************************} { } { NicService } { } { Copyright (C) 2022 kku } { } {*******************************************************} unit NicService; interface uses Tocsg.Obj, System.SysUtils, System.Classes, ManagerNic, Winapi.Windows, System.Generics.Collections; const TYPE_MOBILE = 22121; TYPE_VPN = 22122; TYPE_OTHER = 22123; TYPE_WIRELESS = 22124; TYPE_LAN = 22125; TYPE_LOOPBACK = 22126; NCT_TYPE_MOBILE = 'Apple|Mobile|Android|Remote|Bluetooth'; NCT_TYPE_VPN = 'vpn|Virtual|ssl|vm|Secuway|SSTP|Array|TAP-Windows'; NCT_TYPE_WIRELESS = 'Wireless|Wi-Fi|WiFi'; NCT_TYPE_LOOPBACK = 'KM-TEST|Loopback'; type TNicService = class(TTgObject) private MgNic_: TManagerNic; sIpAll_, sApIp_, // 네트워크가 활성화 되어 있는지 판단하기 위해 추가 23_0517 14:54:06 kku sRecentIp_, sRecentMac_, EtcNicBlockExcpt_: String; MobileTypeList_, VpnTypeList_, WirelessTypeList_, LoopbackTypeList_, EtcNicBlockExcptList_: TStringList; // 단순 장치 인덱스로 되살릴 경우 유무선 일체형 보드에서 // 유선랜카드가 되살아나지 않는 문제가 있음 // 그래 장치 이름으로 되살리도록 보완 23_0116 15:35:59 kku DisableNicIndexList_: TList; // TList; dwNicEnableTick_: DWORD; // bWifiPopup_, bVpnNicShutdown_: Boolean; nWifiNicIdx_: Integer; bIsChangeNetCfg_: Boolean; procedure Commit; function GetNetworkCard(bIgnIpCheck: Boolean = false): PNicInfo; function GetNcTypeFromDesc(pInfo: PNicInfo): Integer; procedure OnChangeNicInfo(aState: TChangeNetAdapterState; aOldInfo, aNewInfo: PNicInfo); public Constructor Create; Destructor Destroy; override; procedure UpdateNic; procedure ShutdownVpnNic(bRecoverAble: Boolean = true); procedure SetAllNicEnable(bVal: Boolean; bIgrVPN: Boolean = false); function GetIP: String; function GetMAC: String; function ContainMac(sMac: String): Boolean; function IsActiveAP: Boolean; property IsChangeNetCfg: Boolean read bIsChangeNetCfg_ write bIsChangeNetCfg_; // property WifiPopup: Boolean write bWifiPopup_; property IpAll: String read sIpAll_; property AccessPointIP: String read sApIp_; end; implementation uses Tocsg.Strings, Tocsg.Safe, ManagerService, Condition, Tocsg.Network, Tocsg.Exception, GlobalDefine, ManagerModel, Tocsg.Process, Tocsg.Path; const NIC_DISABLE_MILSEC = 3000; { TNicService } Constructor TNicService.Create; begin Inherited Create; sIpAll_ := IP_NULL; sApIp_ := IP_NULL; sRecentIp_ := IP_NULL; sRecentMac_ := MAC_NULL; MobileTypeList_ := TStringList.Create; SplitString(UpperCase(NCT_TYPE_MOBILE), '|', MobileTypeList_); VpnTypeList_ := TStringList.Create; SplitString(UpperCase(NCT_TYPE_VPN), '|', VpnTypeList_); WirelessTypeList_ := TStringList.Create; SplitString(UpperCase(NCT_TYPE_WIRELESS), '|', WirelessTypeList_); if CUSTOMER_TYPE = CUSTOMER_SERVE1 then begin // 테더링 차단으로 블루투스 차단 안되게 요청 24_0809 10:13:40 kku var n: Integer; n := MobileTypeList_.IndexOf('BLUETOOTH'); if n <> -1 then begin MobileTypeList_.Delete(n); WirelessTypeList_.Add('BLUETOOTH'); end; end; LoopbackTypeList_ := TStringList.Create; SplitString(UpperCase(NCT_TYPE_LOOPBACK), '|', LoopbackTypeList_); EtcNicBlockExcptList_ := TStringList.Create; EtcNicBlockExcpt_ := ''; DisableNicIndexList_ := TList.Create; // TList.Create; dwNicEnableTick_ := 0; // bWifiPopup_ := false; bVpnNicShutdown_ := false; nWifiNicIdx_ := -1; bIsChangeNetCfg_ := false; MgNic_ := TManagerNic.Create; MgNic_.OnChangeNetAdapterEvent := OnChangeNicInfo; end; Destructor TNicService.Destroy; begin FreeAndNil(MgNic_); FreeAndNil(DisableNicIndexList_); FreeAndNil(EtcNicBlockExcptList_); FreeAndNil(LoopbackTypeList_); FreeAndNil(WirelessTypeList_); FreeAndNil(VpnTypeList_); FreeAndNil(MobileTypeList_); Inherited; end; function TNicService.GetNcTypeFromDesc(pInfo: PNicInfo): Integer; var sDesc: String; function IsContanStr(aList: TStringList): Boolean; var i: Integer; begin Result := false; for i := 0 to aList.Count - 1 do if Pos(aList[i], sDesc) > 0 then begin Result := true; exit; end; end; begin sDesc := UpperCase(pInfo.sDesc); if IsContanStr(MobileTypeList_) then Result := TYPE_MOBILE else if IsContanStr(VpnTypeList_) then Result := TYPE_VPN else if IsContanStr(WirelessTypeList_) then Result := TYPE_WIRELESS else if IsContanStr(LoopbackTypeList_) then Result := TYPE_LOOPBACK else begin case pInfo.dwType of MIB_IF_TYPE_ETHERNET : Result := TYPE_LAN; IF_TYPE_IEEE80211 : Result := TYPE_WIRELESS; else Result := TYPE_OTHER; end; end; end; procedure TNicService.SetAllNicEnable(bVal: Boolean; bIgrVPN: Boolean = false); var i, n: Integer; begin try if bVal then begin dwNicEnableTick_ := 0; bVpnNicShutdown_ := false; if DisableNicIndexList_.Count = 0 then exit; for i := 0 to DisableNicIndexList_.Count - 1 do begin SetNicEnable(DisableNicIndexList_[i], true); _Trace('NIC 사용. Desc=%s', [DisableNicIndexList_[i]], 2); end; // SetNicEnableByIndex(DisableNicIndexList_[i], true); DisableNicIndexList_.Clear; gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_NETWORKREFRESH, 'Network Refreshed'); end else begin for i := 0 to MgNic_.NetList.Count - 1 do begin if bIgrVPN and (MgNic_.NetList[i].nNcType = TYPE_VPN) then continue; n := SetNicEnable(MgNic_.NetList[i].sDesc, false); if n <> -1 then begin DisableNicIndexList_.Add(MgNic_.NetList[i].sDesc); _Trace('NIC 차단. Desc=%s', [MgNic_.NetList[i].sDesc], 2); end; // DisableNicIndexList_.Add(n); end; dwNicEnableTick_ := GetTickCount; end; except on E: Exception do ETgException.TraceException(Self, E, 'Fail .. SetAllNicEnable()'); end; end; procedure TNicService.OnChangeNicInfo(aState: TChangeNetAdapterState; aOldInfo, aNewInfo: PNicInfo); var bBlock, bBlocked: Boolean; sData: String; WifiCtrlKind: TWifiCtrlKind; PO: TPrefModel; begin try bBlocked := false; case aState of cnasChangeIP, cnasNewAdapter : begin PO := gMgSvc.ModePolicy; // 네트워크 환경 변경 감지 22_0629 13:19:26 kku // 방화벽 정책 초기화를 위해 추가 bIsChangeNetCfg_ := aNewInfo.sIpAddr <> IP_NULL; if aState = cnasChangeIP then begin _Trace('IP 변경 감지됨. OldIP=%s, NewIP=%s', [aOldInfo.sIpAddr, aNewInfo.sIpAddr], 1); if PO.IsPcStateIpCh then gMgSvc.SendEventLogEx(MONITOR_IP_CHANGE, Format('IP changed. Old=%s, New=%s', [aOldInfo.sIpAddr, aNewInfo.sIpAddr]), false); end else _Trace('새로운 NIC 감지됨. Name=%s, Desc=%s, IP=%s', [aNewInfo.sName, aNewInfo.sDesc, aNewInfo.sIpAddr], 1); if (aNewInfo.dwType = IF_TYPE_IEEE80211) and (aNewInfo.sIpAddr <> '') and (aNewInfo.sIpAddr <> IP_NULL) then begin WifiCtrlKind := PO.WifiCtrlKind; if (WifiCtrlKind <> wckNone) or (PO.IsWifiPublicBlock) then begin // bWifiPopup_ := true; var WlanInfo: TWlanInfo; Guard(WlanInfo, TWlanInfo.Create); var pWEnt: PWLanEnt := WlanInfo.GetWlanEntByName(aNewInfo.sDesc); var sName := aNewInfo.sDesc; if pWEnt <> nil then begin sName := pWEnt.sProfile; bBlock := PO.IsWifiPublicBlock and not pWEnt.bSecurety; end else bBlock := WifiCtrlKind <> wckLog; // true; case WifiCtrlKind of wckBlock, wckBlockName, wckWhiteName : bBlock := true; end; sData := sName + '|' + aNewInfo.sIpAddr + '|' + aNewInfo.sMac; if bBlock then begin case WifiCtrlKind of wckBlockName, wckWhiteName : begin bBlock := false; if pWEnt <> nil then begin var sChkName: String := UpperCase(sName); var NameList: TStringList; Guard(NameList, TStringList.Create); SplitString(UpperCase(PO.WifiBlockNames), ';', NameList); var i: Integer; for i := 0 to NameList.Count - 1 do begin if sChkName.Contains(NameList[i]) then begin bBlock := true; break; end; end; end; // 화이트리스트면 결과 뒤집어 줌 22_1107 08:57:07 kku if WifiCtrlKind = wckWhiteName then bBlock := not bBlock; end; end; if pWEnt <> nil then bBlock := bBlock or (PO.IsWifiPublicBlock and not pWEnt.bSecurety); if bBlock then begin // if IsConnectedWIFI(pWEnt.InterfaceGuid) then // exit; // 무선 연결 해제 추가 22_1021 12:52:50 kku if pWEnt <> nil then bBlocked := DisconnectWIFI(pWEnt.InterfaceGuid); if not bBlocked then begin var nWifiNicIdx: Integer; if PO.IsMobileHotspotExp and (Pos('MICROSOFT WI-FI DIRECT VIRTUAL ADAPTER', UpperCase(aNewInfo.sDesc)) > 0) then nWifiNicIdx := -1 else nWifiNicIdx := SetNicEnable(aNewInfo.sDesc, false); // 실패하면 원래 있던것도 초기화 되기때문에 체크해서 넣어줌 22_0803 08:29:35 kku if nWifiNicIdx <> -1 then begin nWifiNicIdx_ := nWifiNicIdx; bBlocked := true; end; end; if bBlocked then begin if pWEnt <> nil then gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_WIFIBLOCK, Format('Block : %s', [sName])) else gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_WIFIBLOCK, 'WIFI Block'); sData := sData + '|PV'; end; end; end else if pWEnt <> nil then gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_WIFIDETECT, Format('Connected : %s', [sName]), false) else gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_WIFIDETECT, 'WIFI Connected', false); if IsDivPopup then begin if (bBlocked and PO.WifiBlockPopup) or (not bBlocked and PO.WifiAllowPopup) then gMgSvc.PopupMessage(TYPE_MSG_PREVENT_WIFI, sData); end else begin if bBlock or (WifiCtrlKind = wckPopup) or (WifiCtrlKind = wckBlock) then gMgSvc.PopupMessage(TYPE_MSG_PREVENT_WIFI, sData); end; end; end; end; cnasDelAdapter : _Trace('NIC 제거 감지됨. Name=%s, Desc=%s, IP=%s', [aNewInfo.sName, aNewInfo.sDesc, aNewInfo.sIpAddr], 1); end; except on E: Exception do ETgException.TraceException(Self, E, 'Fail .. OnChangeNicInfo()'); end; end; procedure TNicService.UpdateNic; var i, n, nApIp: Integer; bBlock, bBlocked, bIgrVPN: Boolean; sIpAll, sData: String; WifiCtrlKind: TWifiCtrlKind; pEnt: PNicInfo; PO: TPrefModel; begin try bBlocked := false; MgNic_.GetChangeNetAdapterInfo; Commit; PO := gMgSvc.ModePolicy; sIpAll := ''; if (gMgSvc.PrefModel.IsOldPolicy and gMgSvc.PrefModel.EtcNicBlock and (gMgSvc.HeModeKind <> hmkSleep)) or (not gMgSvc.PrefModel.IsOldPolicy and gMgSvc.ModePolicy.EtcNicBlock) then begin for i := MgNic_.NetList.Count - 1 downto 0 do begin pEnt := MgNic_.NetList[i]; // 아래처럼 아이피 할당 안된거 차단하면... 한번 끊기면 연결을 할수가 없음 22_1115 14:37:53 kku // if (pEnt.nNcType <> TYPE_VPN) and // ((pEnt.sIpAddr = '') or (pEnt.sIpAddr = IP_NULL)) then // begin // SetNicEnable(pEnt.sDesc, false); // MgNic_.NetList.Delete(i); // end; case pEnt.nNcType of TYPE_VPN, TYPE_WIRELESS, TYPE_LAN : ; else begin if EtcNicBlockExcpt_ <> PO.EtcNicBlockExcept then begin EtcNicBlockExcpt_ := PO.EtcNicBlockExcept; SplitString(EtcNicBlockExcpt_, '|', EtcNicBlockExcptList_); end; if EtcNicBlockExcptList_.Count > 0 then begin var bIsExcept: Boolean := false; for n := 0 to EtcNicBlockExcptList_.Count - 1 do if Pos(EtcNicBlockExcptList_[n], UpperCase(pEnt.sDesc)) > 0 then begin bIsExcept := true; break; end; if bIsExcept then continue; end; if SetNicEnable(pEnt.sDesc, false) > -1 then begin var LogInfo: TLogInfo; ZeroMemory(@LogInfo, SizeOf(LogInfo)); LogInfo.sCode := PREVENT_TETHERING; LogInfo.sDevName := pEnt.sName; LogInfo.sDevSerial := pEnt.sDesc; LogInfo.sDevClassId := pEnt.sMac; LogInfo.sDestIpUrl := pEnt.sIpAddr; LogInfo.sSummary := Format('Network Blocked : %s', [pEnt.sDesc]); gMgSvc.SendEventLogEx(@LogInfo); sData := pEnt.sDesc + '|' + pEnt.sIpAddr + '|PV'; if gMgSvc.ModePolicy.EtcNicBlockNoti then gMgSvc.PopupMessage(TYPE_MSG_PREVENT_TETHERING, sData); end; MgNic_.NetList.Delete(i); end; end; end; end; nApIp := 99; sData := IP_NULL; for i := MgNic_.NetList.Count - 1 downto 0 do begin pEnt := MgNic_.NetList[i]; if (pEnt.sIpAddr <> '') and (pEnt.sIpAddr <> IP_NULL) then begin case pEnt.nNcType of TYPE_VPN : begin if (sData = IP_NULL) or (nApIp > 2) then begin nApIp := 3; sData := pEnt.sIpAddr; end; SumString(sIpAll, 'VPN:' + pEnt.sIpAddr, ','); end; TYPE_WIRELESS : begin if (sData = IP_NULL) or (nApIp > 1) then begin nApIp := 2; sData := pEnt.sIpAddr; end; SumString(sIpAll, 'WLS:' + pEnt.sIpAddr, ','); end; TYPE_MOBILE : begin if (sData = IP_NULL) or (nApIp > 3) then begin nApIp := 4; sData := pEnt.sIpAddr; end; SumString(sIpAll, 'MOB:' + pEnt.sIpAddr, ','); end; TYPE_LAN : begin nApIp := 1; sData := pEnt.sIpAddr; SumString(sIpAll, pEnt.sIpAddr, ','); end; TYPE_LOOPBACK : SumString(sIpAll, 'LOP:' + pEnt.sIpAddr, ','); else SumString(sIpAll, 'ETC:' + pEnt.sIpAddr, ','); end; end; end; if sData <> sApIp_ then sApIp_ := sData; if sIpAll <> sIpAll_ then sIpAll_ := sIpAll; WifiCtrlKind := gMgSvc.ModePolicy.WifiCtrlKind; // 네트워크 장치 차단 처리 22_0622 13:49:23 kku if gMgSvc.VulService.IsForceDisconnect then begin gMgSvc.VulService.SetDisconnect(false, false); if gMgSvc.PrefModel.IsSecuEndActions then begin if gMgSvc.PrefModel.UnsafeActions.Contains('vnic') then begin ShutdownVpnNic(false); // todo : 취약모드에서는 계속 차단 해야하는 옵션이 필요?? 22_0729 12:26:17 kku bIgrVPN := true; end else bIgrVPN := false; {$IFDEF DEBUG} if DebugHook <> 0 then exit; {$ENDIF} if gMgSvc.PrefModel.UnsafeActions.Contains('net') then SetAllNicEnable(false, bIgrVPN); end; end else if (dwNicEnableTick_ <> 0) and ((GetTickCount - dwNicEnableTick_) > NIC_DISABLE_MILSEC) then begin SetAllNicEnable(true); end else if (WifiCtrlKind <> wckNone) or gMgSvc.ModePolicy.IsWifiPublicBlock then begin if (nWifiNicIdx_ <> -1) and (WifiCtrlKind <> wckBlock) and (WifiCtrlKind <> wckBlockName) and (WifiCtrlKind <> wckWhiteName) and not gMgSvc.ModePolicy.IsWifiPublicBlock then begin // 이미 차단된 상태고 다른 모드정책으로 차단 정책을 사용하지 않는다면 복구한다. 22_0803 08:36:43 kku // bWifiPopup_ := false; if SetNicEnableByIndex(nWifiNicIdx_, true) then gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_NETWORKREFRESH, 'WIFI Enabled', false); nWifiNicIdx_ := -1; end else // if not bWifiPopup_ then if (nWifiNicIdx_ = -1) and ( ((WifiCtrlKind <> wckNone) and (WifiCtrlKind <> wckLog)) or gMgSvc.ModePolicy.IsWifiPublicBlock ) then begin for i := 0 to MgNic_.NetList.Count - 1 do begin if (MgNic_.NetList[i].dwType = IF_TYPE_IEEE80211) and (MgNic_.NetList[i].sIpAddr <> '') and (MgNic_.NetList[i].sIpAddr <> IP_NULL) then begin var WlanInfo: TWlanInfo; Guard(WlanInfo, TWlanInfo.Create); var pWEnt: PWLanEnt := WlanInfo.GetWlanEntByName(MgNic_.NetList[i].sDesc); var sName := MgNic_.NetList[i].sDesc; if pWEnt <> nil then begin sName := pWEnt.sProfile; bBlock := gMgSvc.ModePolicy.IsWifiPublicBlock and not pWEnt.bSecurety; end else bBlock := WifiCtrlKind <> wckLog; // true; case WifiCtrlKind of wckBlock, wckBlockName, wckWhiteName : bBlock := true; end; // bWifiPopup_ := true; sData := sName + '|' + MgNic_.NetList[i].sIpAddr + '|' + MgNic_.NetList[i].sMac; if bBlock then begin case WifiCtrlKind of wckBlockName, wckWhiteName : begin bBlock := false; if pWEnt <> nil then begin var NameList: TStringList; var sChkName: String := UpperCase(sName); Guard(NameList, TStringList.Create); SplitString(UpperCase(gMgSvc.ModePolicy.WifiBlockNames), ';', NameList); var c: Integer; for c := 0 to NameList.Count - 1 do begin if sChkName.Contains(NameList[c]) then begin bBlock := true; break; end; end; end; // 화이트리스트면 결과 뒤집어 줌 22_1107 08:57:07 kku if WifiCtrlKind = wckWhiteName then bBlock := not bBlock; end; end; // 보안없는 와이파이 차단 체크 추가 보완 24_0110 13:39:59 kku if pWEnt <> nil then bBlock := bBlock or (gMgSvc.ModePolicy.IsWifiPublicBlock and not pWEnt.bSecurety); if bBlock then begin if (pWEnt <> nil) and not IsConnectedWIFI(pWEnt.InterfaceGuid) then continue; // 무선 연결 해제 추가 22_1021 12:52:50 kku bBlocked := false; if pWEnt <> nil then bBlocked := DisconnectWIFI(pWEnt.InterfaceGuid); if not bBlocked then begin if GetNicEnable(MgNic_.NetList[i].sDesc) then begin if PO.IsMobileHotspotExp and (Pos('MICROSOFT WI-FI DIRECT VIRTUAL ADAPTER', UpperCase(MgNic_.NetList[i].sDesc)) > 0) then nWifiNicIdx_ := -1 else nWifiNicIdx_ := SetNicEnable(MgNic_.NetList[i].sDesc, false); bBlocked := nWifiNicIdx_ <> -1; end; end; if bBlocked then begin if pWEnt <> nil then gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_WIFIBLOCK, Format('Block : %s', [sName])) else gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_WIFIBLOCK, 'WIFI Block'); sData := sData + '|PV'; end; end; end; // else // if (WifiCtrlKind = wckPopup) or // (WifiCtrlKind = wckBlock) then // begin // if pWEnt <> nil then // gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_WIFIDETECT, Format('Connected : %s', [sName]), false) // else // gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_WIFIDETECT, 'WIFI Connected', false); // end; if IsDivPopup then begin if (bBlocked and PO.WifiBlockPopup) then // (not bBlocked and PO.WifiAllowPopup) then // 여기서 허용 시 팝업을 넣으면 무한 팝업됨 25_0717 14:58:27 kku gMgSvc.PopupMessage(TYPE_MSG_PREVENT_WIFI, sData); end else begin if bBlock or (WifiCtrlKind = wckPopup) or (WifiCtrlKind = wckBlock) then gMgSvc.PopupMessage(TYPE_MSG_PREVENT_WIFI, sData); end; end; end; end; end else begin if nWifiNicIdx_ <> -1 then begin if SetNicEnableByIndex(nWifiNicIdx_, true) then gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_NETWORKREFRESH, 'WIFI Enabled'); nWifiNicIdx_ := -1; end; // bWifiPopup_ := false; end; if gMgSvc.ModePolicy.UseIpScrLogoBold then begin bBlock := false; // sIpAll := GetIP; var IpList: TStringList; Guard(IpList, TStringList.Create); SplitString(gMgSvc.ModePolicy.ScrLogoBoldIps, ';', IpList); var pInfo: PNicInfo; for i := 0 to MgNic_.NetList.Count - 1 do begin if bBlock then break; pInfo := MgNic_.NetList[i]; if (pInfo.sIpAddr <> '') and (pInfo.sIpAddr <> IP_NULL) then begin for n := 0 to IpList.Count - 1 do begin if Pos(IpList[n], pInfo.sIpAddr) = 1 then begin bBlock := true; break; end; end; end; end; if bBlock <> gMgSvc.IsIpMatchScreenLogo then gMgSvc.IsIpMatchScreenLogo := bBlock; end else if gMgSvc.IsIpMatchScreenLogo then gMgSvc.IsIpMatchScreenLogo := false; except on E: Exception do ETgException.TraceException(Self, E, 'Fail .. UpdateNic()'); // ETgException.TraceException(Self, E, Format('Fail .. UpdateNic() D=%d, i=%d, Cnt=%d', [nD, i, MgNic_.NetList.Count])); end; end; procedure TNicService.ShutdownVpnNic(bRecoverAble: Boolean = true); var i, n: Integer; begin try // if not bVpnNicShutdown_ then // VPN NIC 다시 켜지는거 감지하려면 이거 체크하면 안될듯 함 22_0628 15:34:02 kku begin for i := 0 to MgNic_.NetList.Count - 1 do begin if MgNic_.NetList[i].nNcType = TYPE_VPN then begin if Pos('ARRAY NETWORKS', UpperCase(MgNic_.NetList[i].sDesc)) > 0 then begin // Array Networks VPN 차단은 별도 처리 (fot 롯데오토리스) 23_1108 13:51:57 kku var dwPid: DWORD := GetProcessPidByName('MotionPro.exe'); if dwPid <> 0 then begin var sPath :String := GetProcessPathByPid(dwPid); if not FileExists(sPath) then sPath := GetProgramFilesDir + '\Array Networks\MotionPro VPN Client\MotionPro.exe'; if TerminateProcessByPid(dwPid, true) and FileExists(sPath) then begin Sleep(500); {$IFDEF DEBUG} ExecuteApp(sPath, '', SW_SHOWNORMAL); {$ELSE} ExecuteAppAsUser('explorer.exe', sPath, '', SW_SHOWNORMAL); {$ENDIF} end; end; end else begin n := SetNicEnable(MgNic_.NetList[i].sDesc, false); if bRecoverAble and (n <> -1) then begin DisableNicIndexList_.Add(MgNic_.NetList[i].sDesc); // DisableNicIndexList_.Add(n); // bVpnNicShutdown_ := true; end; end; end; end; end; except on E: Exception do ETgException.TraceException(Self, E, 'Fail .. ShutdownVpnNic()'); end; end; procedure TNicService.Commit; var bIsNetworkCardOn, bIsIpContained: Boolean; i, c: Integer; pInfo: PNicInfo; VpnIpList: TStringList; begin try if MgNic_.NetList.Count = 0 then begin gMgSvc.SetRouterOn(false); gMgSvc.SetVpnNicOn(false); end else begin bIsNetworkCardOn := false; bIsIpContained := false; for i := 0 to MgNic_.NetList.Count - 1 do begin pInfo := MgNic_.NetList[i]; if pInfo.nNcType = -1 then pInfo.nNcType := GetNcTypeFromDesc(pInfo); if (pInfo.sIpAddr <> '') and (pInfo.sIpAddr <> IP_NULL) then begin if pInfo.nNcType = TYPE_VPN then bIsNetworkCardOn := true; end; Guard(VpnIpList, TStringList.Create); if SplitString(gMgSvc.PrefModel.VpnIpList, ',', VpnIpList) > 0 then begin for c := 0 to VpnIpList.Count - 1 do begin if Pos(VpnIpList[c], pInfo.sIpAddr) > 0 then begin bIsIpContained := true; break; end; end; end else begin GetVpnIpList(VpnIpList); for c := 0 to VpnIpList.Count - 1 do begin if Pos(VpnIpList[c], pInfo.sIpAddr) > 0 then begin bIsIpContained := true; break; end; end; end; end; gMgSvc.SetVpnNicOn(bIsNetworkCardOn); gMgSvc.SetRouterOn(bIsIpContained); end; except on E: Exception do ETgException.TraceException(Self, E, 'Fail .. Commit()'); end; end; function TNicService.GetNetworkCard(bIgnIpCheck: Boolean = false): PNicInfo; var i, nPri: Integer; // bIsExistsVpn, // bIsExistsMobile, // bIsExistsWireless: Boolean; pInfo: PNicInfo; begin // 현재 우선순위 VPN > Mobile > 무선 > 그밖에 Result := nil; try nPri := 99; for i := 0 to MgNic_.NetList.Count - 1 do begin pInfo := MgNic_.NetList[i]; if not bIgnIpCheck and ((pInfo.sIpAddr = '') or (pInfo.sIpAddr = IP_NULL)) then continue; if (pInfo.sMac = '') or (pInfo.sMac = MAC_NULL) then continue; if pInfo.nNcType = -1 then pInfo.nNcType := GetNcTypeFromDesc(pInfo); case pInfo.nNcType of TYPE_LAN : begin Result := pInfo; nPri := 1; end; TYPE_WIRELESS : begin if nPri > 1 then begin Result := pInfo; nPri := 2; end; end; TYPE_VPN : begin if nPri > 2 then begin Result := pInfo; nPri := 3; end; end; TYPE_MOBILE : begin if nPri > 3 then begin Result := pInfo; nPri := 4; end; end; TYPE_OTHER : begin if nPri > 4 then begin Result := pInfo; nPri := 5; end; end; end; end; // bIsExistsVpn := false; // bIsExistsMobile := false; // bIsExistsWireless := false; // for i := 0 to MgNic_.NetList.Count - 1 do // begin // pInfo := MgNic_.NetList[i]; // if (pInfo.sIpAddr = '') or // (pInfo.sIpAddr = IP_NULL) or // (pInfo.sMac = '') or // (pInfo.sMac = MAC_NULL) then continue; // // if pInfo.nNcType = -1 then // pInfo.nNcType := GetNcTypeFromDesc(pInfo); // // case pInfo.nNcType of // TYPE_MOBILE : // begin // bIsExistsMobile := true; // if not bIsExistsVpn then // Result := pInfo; // end; // TYPE_VPN : // begin // bIsExistsVpn := true; // Result := pInfo; // end; // TYPE_OTHER : // begin // if not bIsExistsVpn and not bIsExistsMobile and // not bIsExistsWireless then // Result := pInfo; // end; // TYPE_WIRELESS : // begin // bIsExistsWireless := true; // if not bIsExistsVpn and not bIsExistsMobile then // Result := pInfo; // end; // end; // end; except on E: Exception do ETgException.TraceException(Self, E, 'Fail .. GetNetworkCard()'); end; end; function TNicService.GetIP: String; var pInfo: PNicInfo; // TNetworkCard; nPos: Integer; begin try pInfo := GetNetworkCard; if pInfo <> nil then begin Result := pInfo.sIpAddr; // ip가 하나 이상일 수 있다 22_0622 12:59:57 kku nPos := Pos(',', Result); if nPos > 0 then SetLength(Result, nPos - 1); if sRecentIp_ <> Result then begin sRecentIp_ := Result; if gMgSvc.IsScreenLogo then gMgSvc.UpdateScreenLogo(true); end; end else Result := sRecentIp_; except on E: Exception do begin Result := sRecentIp_; ETgException.TraceException(Self, E, 'Fail .. GetIP()'); end; end; end; function TNicService.GetMAC: String; var pInfo: PNicInfo; // TNetworkCard; begin try pInfo := GetNetworkCard(CUSTOMER_TYPE = CUSTOMER_CNSCERT); if pInfo <> nil then begin Result := pInfo.sMac; sRecentMac_ := Result; end else Result := sRecentMac_; except on E: Exception do begin Result := sRecentMac_; ETgException.TraceException(Self, E, 'Fail .. GetMAC()'); end; end; end; function TNicService.IsActiveAP: Boolean; begin Result := (sApIp_ <> '') and (sApIp_ <> IP_NULL); end; function TNicService.ContainMac(sMac: String): Boolean; var i: Integer; begin Result := false; try for i := 0 to MgNic_.NetList.Count - 1 do begin if CompareText(MgNic_.NetList[i].sMac, sMac) = 0 then begin Result := true; exit; end; end; except on E: Exception do ETgException.TraceException(Self, E, 'Fail .. ContainMac()'); end; end; end.