1031 lines
31 KiB
Plaintext
1031 lines
31 KiB
Plaintext
{*******************************************************}
|
|
{ }
|
|
{ NicService }
|
|
{ }
|
|
{ Copyright (C) 2022 kku }
|
|
{ }
|
|
{*******************************************************}
|
|
|
|
unit NicService;
|
|
|
|
interface
|
|
|
|
uses
|
|
Tocsg.Obj, System.SysUtils, System.Classes, ManagerNic, Winapi.Windows,
|
|
System.Generics.Collections;
|
|
|
|
const
|
|
TYPE_MOBILE = 22121;
|
|
TYPE_VPN = 22122;
|
|
TYPE_OTHER = 22123;
|
|
TYPE_WIRELESS = 22124;
|
|
TYPE_LAN = 22125;
|
|
TYPE_LOOPBACK = 22126;
|
|
|
|
NCT_TYPE_MOBILE = 'Apple|Mobile|Android|Remote|Bluetooth';
|
|
NCT_TYPE_VPN = 'vpn|Virtual|ssl|vm|Secuway|SSTP|Array|TAP-Windows';
|
|
NCT_TYPE_WIRELESS = 'Wireless|Wi-Fi|WiFi';
|
|
NCT_TYPE_LOOPBACK = 'KM-TEST|Loopback';
|
|
|
|
type
|
|
TNicService = class(TTgObject)
|
|
private
|
|
MgNic_: TManagerNic;
|
|
sIpAll_,
|
|
sApIp_, // 네트워크가 활성화 되어 있는지 판단하기 위해 추가 23_0517 14:54:06 kku
|
|
sRecentIp_,
|
|
sRecentMac_,
|
|
EtcNicBlockExcpt_: String;
|
|
MobileTypeList_,
|
|
VpnTypeList_,
|
|
WirelessTypeList_,
|
|
LoopbackTypeList_,
|
|
EtcNicBlockExcptList_: TStringList;
|
|
|
|
// 단순 장치 인덱스로 되살릴 경우 유무선 일체형 보드에서
|
|
// 유선랜카드가 되살아나지 않는 문제가 있음
|
|
// 그래 장치 이름으로 되살리도록 보완 23_0116 15:35:59 kku
|
|
DisableNicIndexList_: TList<String>; // TList<Integer>;
|
|
dwNicEnableTick_: DWORD;
|
|
// bWifiPopup_,
|
|
bVpnNicShutdown_: Boolean;
|
|
nWifiNicIdx_: Integer;
|
|
bIsChangeNetCfg_: Boolean;
|
|
|
|
procedure Commit;
|
|
function GetNetworkCard(bIgnIpCheck: Boolean = false): PNicInfo;
|
|
function GetNcTypeFromDesc(pInfo: PNicInfo): Integer;
|
|
procedure OnChangeNicInfo(aState: TChangeNetAdapterState; aOldInfo, aNewInfo: PNicInfo);
|
|
public
|
|
Constructor Create;
|
|
Destructor Destroy; override;
|
|
|
|
procedure UpdateNic;
|
|
procedure ShutdownVpnNic(bRecoverAble: Boolean = true);
|
|
procedure SetAllNicEnable(bVal: Boolean; bIgrVPN: Boolean = false);
|
|
|
|
function GetIP: String;
|
|
function GetMAC: String;
|
|
|
|
function ContainMac(sMac: String): Boolean;
|
|
|
|
function IsActiveAP: Boolean;
|
|
|
|
property IsChangeNetCfg: Boolean read bIsChangeNetCfg_ write bIsChangeNetCfg_;
|
|
// property WifiPopup: Boolean write bWifiPopup_;
|
|
property IpAll: String read sIpAll_;
|
|
property AccessPointIP: String read sApIp_;
|
|
end;
|
|
|
|
implementation
|
|
|
|
uses
|
|
Tocsg.Strings, Tocsg.Safe, ManagerService, Condition, Tocsg.Network,
|
|
Tocsg.Exception, GlobalDefine, ManagerModel, Tocsg.Process, Tocsg.Path;
|
|
|
|
const
|
|
NIC_DISABLE_MILSEC = 3000;
|
|
|
|
{ TNicService }
|
|
|
|
Constructor TNicService.Create;
|
|
begin
|
|
Inherited Create;
|
|
sIpAll_ := IP_NULL;
|
|
sApIp_ := IP_NULL;
|
|
sRecentIp_ := IP_NULL;
|
|
sRecentMac_ := MAC_NULL;
|
|
|
|
MobileTypeList_ := TStringList.Create;
|
|
SplitString(UpperCase(NCT_TYPE_MOBILE), '|', MobileTypeList_);
|
|
VpnTypeList_ := TStringList.Create;
|
|
SplitString(UpperCase(NCT_TYPE_VPN), '|', VpnTypeList_);
|
|
WirelessTypeList_ := TStringList.Create;
|
|
SplitString(UpperCase(NCT_TYPE_WIRELESS), '|', WirelessTypeList_);
|
|
if CUSTOMER_TYPE = CUSTOMER_SERVE1 then
|
|
begin
|
|
// 테더링 차단으로 블루투스 차단 안되게 요청 24_0809 10:13:40 kku
|
|
var n: Integer;
|
|
n := MobileTypeList_.IndexOf('BLUETOOTH');
|
|
if n <> -1 then
|
|
begin
|
|
MobileTypeList_.Delete(n);
|
|
WirelessTypeList_.Add('BLUETOOTH');
|
|
end;
|
|
end;
|
|
LoopbackTypeList_ := TStringList.Create;
|
|
SplitString(UpperCase(NCT_TYPE_LOOPBACK), '|', LoopbackTypeList_);
|
|
EtcNicBlockExcptList_ := TStringList.Create;
|
|
EtcNicBlockExcpt_ := '';
|
|
DisableNicIndexList_ := TList<String>.Create; // TList<Integer>.Create;
|
|
dwNicEnableTick_ := 0;
|
|
// bWifiPopup_ := false;
|
|
bVpnNicShutdown_ := false;
|
|
nWifiNicIdx_ := -1;
|
|
bIsChangeNetCfg_ := false;
|
|
|
|
MgNic_ := TManagerNic.Create;
|
|
MgNic_.OnChangeNetAdapterEvent := OnChangeNicInfo;
|
|
end;
|
|
|
|
Destructor TNicService.Destroy;
|
|
begin
|
|
FreeAndNil(MgNic_);
|
|
FreeAndNil(DisableNicIndexList_);
|
|
FreeAndNil(EtcNicBlockExcptList_);
|
|
FreeAndNil(LoopbackTypeList_);
|
|
FreeAndNil(WirelessTypeList_);
|
|
FreeAndNil(VpnTypeList_);
|
|
FreeAndNil(MobileTypeList_);
|
|
Inherited;
|
|
end;
|
|
|
|
function TNicService.GetNcTypeFromDesc(pInfo: PNicInfo): Integer;
|
|
var
|
|
sDesc: String;
|
|
|
|
function IsContanStr(aList: TStringList): Boolean;
|
|
var
|
|
i: Integer;
|
|
begin
|
|
Result := false;
|
|
for i := 0 to aList.Count - 1 do
|
|
if Pos(aList[i], sDesc) > 0 then
|
|
begin
|
|
Result := true;
|
|
exit;
|
|
end;
|
|
end;
|
|
|
|
begin
|
|
sDesc := UpperCase(pInfo.sDesc);
|
|
if IsContanStr(MobileTypeList_) then
|
|
Result := TYPE_MOBILE
|
|
else if IsContanStr(VpnTypeList_) then
|
|
Result := TYPE_VPN
|
|
else if IsContanStr(WirelessTypeList_) then
|
|
Result := TYPE_WIRELESS
|
|
else if IsContanStr(LoopbackTypeList_) then
|
|
Result := TYPE_LOOPBACK
|
|
else begin
|
|
case pInfo.dwType of
|
|
MIB_IF_TYPE_ETHERNET : Result := TYPE_LAN;
|
|
IF_TYPE_IEEE80211 : Result := TYPE_WIRELESS;
|
|
else Result := TYPE_OTHER;
|
|
end;
|
|
end;
|
|
end;
|
|
|
|
procedure TNicService.SetAllNicEnable(bVal: Boolean; bIgrVPN: Boolean = false);
|
|
var
|
|
i, n: Integer;
|
|
begin
|
|
try
|
|
if bVal then
|
|
begin
|
|
dwNicEnableTick_ := 0;
|
|
bVpnNicShutdown_ := false;
|
|
|
|
if DisableNicIndexList_.Count = 0 then
|
|
exit;
|
|
|
|
for i := 0 to DisableNicIndexList_.Count - 1 do
|
|
begin
|
|
SetNicEnable(DisableNicIndexList_[i], true);
|
|
_Trace('NIC 사용. Desc=%s', [DisableNicIndexList_[i]], 2);
|
|
end;
|
|
// SetNicEnableByIndex(DisableNicIndexList_[i], true);
|
|
DisableNicIndexList_.Clear;
|
|
|
|
gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_NETWORKREFRESH, 'Network Refreshed');
|
|
end else begin
|
|
for i := 0 to MgNic_.NetList.Count - 1 do
|
|
begin
|
|
if bIgrVPN and (MgNic_.NetList[i].nNcType = TYPE_VPN) then
|
|
continue;
|
|
|
|
n := SetNicEnable(MgNic_.NetList[i].sDesc, false);
|
|
if n <> -1 then
|
|
begin
|
|
DisableNicIndexList_.Add(MgNic_.NetList[i].sDesc);
|
|
_Trace('NIC 차단. Desc=%s', [MgNic_.NetList[i].sDesc], 2);
|
|
end;
|
|
// DisableNicIndexList_.Add(n);
|
|
end;
|
|
dwNicEnableTick_ := GetTickCount;
|
|
end;
|
|
except
|
|
on E: Exception do
|
|
ETgException.TraceException(Self, E, 'Fail .. SetAllNicEnable()');
|
|
end;
|
|
end;
|
|
|
|
procedure TNicService.OnChangeNicInfo(aState: TChangeNetAdapterState; aOldInfo, aNewInfo: PNicInfo);
|
|
var
|
|
bBlock, bBlocked: Boolean;
|
|
sData: String;
|
|
WifiCtrlKind: TWifiCtrlKind;
|
|
PO: TPrefModel;
|
|
begin
|
|
try
|
|
bBlocked := false;
|
|
case aState of
|
|
cnasChangeIP,
|
|
cnasNewAdapter :
|
|
begin
|
|
PO := gMgSvc.ModePolicy;
|
|
|
|
// 네트워크 환경 변경 감지 22_0629 13:19:26 kku
|
|
// 방화벽 정책 초기화를 위해 추가
|
|
bIsChangeNetCfg_ := aNewInfo.sIpAddr <> IP_NULL;
|
|
|
|
if aState = cnasChangeIP then
|
|
begin
|
|
_Trace('IP 변경 감지됨. OldIP=%s, NewIP=%s', [aOldInfo.sIpAddr, aNewInfo.sIpAddr], 1);
|
|
|
|
if PO.IsPcStateIpCh then
|
|
gMgSvc.SendEventLogEx(MONITOR_IP_CHANGE, Format('IP changed. Old=%s, New=%s', [aOldInfo.sIpAddr, aNewInfo.sIpAddr]), false);
|
|
|
|
end else
|
|
_Trace('새로운 NIC 감지됨. Name=%s, Desc=%s, IP=%s', [aNewInfo.sName, aNewInfo.sDesc, aNewInfo.sIpAddr], 1);
|
|
|
|
if (aNewInfo.dwType = IF_TYPE_IEEE80211) and
|
|
(aNewInfo.sIpAddr <> '') and
|
|
(aNewInfo.sIpAddr <> IP_NULL) then
|
|
begin
|
|
WifiCtrlKind := PO.WifiCtrlKind;
|
|
if (WifiCtrlKind <> wckNone) or
|
|
(PO.IsWifiPublicBlock) then
|
|
begin
|
|
// bWifiPopup_ := true;
|
|
var WlanInfo: TWlanInfo;
|
|
Guard(WlanInfo, TWlanInfo.Create);
|
|
var pWEnt: PWLanEnt := WlanInfo.GetWlanEntByName(aNewInfo.sDesc);
|
|
var sName := aNewInfo.sDesc;
|
|
if pWEnt <> nil then
|
|
begin
|
|
sName := pWEnt.sProfile;
|
|
bBlock := PO.IsWifiPublicBlock and not pWEnt.bSecurety;
|
|
end else
|
|
bBlock := WifiCtrlKind <> wckLog; // true;
|
|
|
|
case WifiCtrlKind of
|
|
wckBlock,
|
|
wckBlockName,
|
|
wckWhiteName : bBlock := true;
|
|
end;
|
|
|
|
sData := sName + '|' + aNewInfo.sIpAddr + '|' + aNewInfo.sMac;
|
|
|
|
if bBlock then
|
|
begin
|
|
case WifiCtrlKind of
|
|
wckBlockName,
|
|
wckWhiteName :
|
|
begin
|
|
bBlock := false;
|
|
if pWEnt <> nil then
|
|
begin
|
|
var sChkName: String := UpperCase(sName);
|
|
var NameList: TStringList;
|
|
Guard(NameList, TStringList.Create);
|
|
SplitString(UpperCase(PO.WifiBlockNames), ';', NameList);
|
|
var i: Integer;
|
|
for i := 0 to NameList.Count - 1 do
|
|
begin
|
|
if sChkName.Contains(NameList[i]) then
|
|
begin
|
|
bBlock := true;
|
|
break;
|
|
end;
|
|
end;
|
|
end;
|
|
|
|
// 화이트리스트면 결과 뒤집어 줌 22_1107 08:57:07 kku
|
|
if WifiCtrlKind = wckWhiteName then
|
|
bBlock := not bBlock;
|
|
end;
|
|
end;
|
|
|
|
if pWEnt <> nil then
|
|
bBlock := bBlock or (PO.IsWifiPublicBlock and not pWEnt.bSecurety);
|
|
|
|
if bBlock then
|
|
begin
|
|
// if IsConnectedWIFI(pWEnt.InterfaceGuid) then
|
|
// exit;
|
|
|
|
// 무선 연결 해제 추가 22_1021 12:52:50 kku
|
|
if pWEnt <> nil then
|
|
bBlocked := DisconnectWIFI(pWEnt.InterfaceGuid);
|
|
|
|
if not bBlocked then
|
|
begin
|
|
var nWifiNicIdx: Integer;
|
|
if PO.IsMobileHotspotExp and
|
|
(Pos('MICROSOFT WI-FI DIRECT VIRTUAL ADAPTER', UpperCase(aNewInfo.sDesc)) > 0) then
|
|
nWifiNicIdx := -1
|
|
else
|
|
nWifiNicIdx := SetNicEnable(aNewInfo.sDesc, false);
|
|
|
|
// 실패하면 원래 있던것도 초기화 되기때문에 체크해서 넣어줌 22_0803 08:29:35 kku
|
|
if nWifiNicIdx <> -1 then
|
|
begin
|
|
nWifiNicIdx_ := nWifiNicIdx;
|
|
bBlocked := true;
|
|
end;
|
|
end;
|
|
|
|
if bBlocked then
|
|
begin
|
|
if pWEnt <> nil then
|
|
gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_WIFIBLOCK, Format('Block : %s', [sName]))
|
|
else
|
|
gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_WIFIBLOCK, 'WIFI Block');
|
|
sData := sData + '|PV';
|
|
end;
|
|
end;
|
|
end else
|
|
if pWEnt <> nil then
|
|
gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_WIFIDETECT, Format('Connected : %s', [sName]), false)
|
|
else
|
|
gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_WIFIDETECT, 'WIFI Connected', false);
|
|
|
|
if IsDivPopup then
|
|
begin
|
|
if (bBlocked and PO.WifiBlockPopup) or
|
|
(not bBlocked and PO.WifiAllowPopup) then
|
|
gMgSvc.PopupMessage(TYPE_MSG_PREVENT_WIFI, sData);
|
|
end else begin
|
|
if bBlock or
|
|
(WifiCtrlKind = wckPopup) or
|
|
(WifiCtrlKind = wckBlock) then
|
|
gMgSvc.PopupMessage(TYPE_MSG_PREVENT_WIFI, sData);
|
|
end;
|
|
end;
|
|
end;
|
|
end;
|
|
cnasDelAdapter : _Trace('NIC 제거 감지됨. Name=%s, Desc=%s, IP=%s', [aNewInfo.sName, aNewInfo.sDesc, aNewInfo.sIpAddr], 1);
|
|
end;
|
|
except
|
|
on E: Exception do
|
|
ETgException.TraceException(Self, E, 'Fail .. OnChangeNicInfo()');
|
|
end;
|
|
end;
|
|
|
|
procedure TNicService.UpdateNic;
|
|
var
|
|
i, n, nApIp: Integer;
|
|
bBlock,
|
|
bBlocked, bIgrVPN: Boolean;
|
|
sIpAll,
|
|
sData: String;
|
|
WifiCtrlKind: TWifiCtrlKind;
|
|
pEnt: PNicInfo;
|
|
PO: TPrefModel;
|
|
begin
|
|
try
|
|
bBlocked := false;
|
|
MgNic_.GetChangeNetAdapterInfo;
|
|
Commit;
|
|
|
|
PO := gMgSvc.ModePolicy;
|
|
sIpAll := '';
|
|
if (gMgSvc.PrefModel.IsOldPolicy and gMgSvc.PrefModel.EtcNicBlock and (gMgSvc.HeModeKind <> hmkSleep)) or
|
|
(not gMgSvc.PrefModel.IsOldPolicy and gMgSvc.ModePolicy.EtcNicBlock) then
|
|
begin
|
|
for i := MgNic_.NetList.Count - 1 downto 0 do
|
|
begin
|
|
pEnt := MgNic_.NetList[i];
|
|
|
|
// 아래처럼 아이피 할당 안된거 차단하면... 한번 끊기면 연결을 할수가 없음 22_1115 14:37:53 kku
|
|
// if (pEnt.nNcType <> TYPE_VPN) and
|
|
// ((pEnt.sIpAddr = '') or (pEnt.sIpAddr = IP_NULL)) then
|
|
// begin
|
|
// SetNicEnable(pEnt.sDesc, false);
|
|
// MgNic_.NetList.Delete(i);
|
|
// end;
|
|
|
|
case pEnt.nNcType of
|
|
TYPE_VPN,
|
|
TYPE_WIRELESS,
|
|
TYPE_LAN : ;
|
|
else begin
|
|
if EtcNicBlockExcpt_ <> PO.EtcNicBlockExcept then
|
|
begin
|
|
EtcNicBlockExcpt_ := PO.EtcNicBlockExcept;
|
|
SplitString(EtcNicBlockExcpt_, '|', EtcNicBlockExcptList_);
|
|
end;
|
|
|
|
if EtcNicBlockExcptList_.Count > 0 then
|
|
begin
|
|
var bIsExcept: Boolean := false;
|
|
for n := 0 to EtcNicBlockExcptList_.Count - 1 do
|
|
if Pos(EtcNicBlockExcptList_[n], UpperCase(pEnt.sDesc)) > 0 then
|
|
begin
|
|
bIsExcept := true;
|
|
break;
|
|
end;
|
|
|
|
if bIsExcept then
|
|
continue;
|
|
end;
|
|
|
|
if SetNicEnable(pEnt.sDesc, false) > -1 then
|
|
begin
|
|
var LogInfo: TLogInfo;
|
|
ZeroMemory(@LogInfo, SizeOf(LogInfo));
|
|
LogInfo.sCode := PREVENT_TETHERING;
|
|
LogInfo.sDevName := pEnt.sName;
|
|
LogInfo.sDevSerial := pEnt.sDesc;
|
|
LogInfo.sDevClassId := pEnt.sMac;
|
|
LogInfo.sDestIpUrl := pEnt.sIpAddr;
|
|
LogInfo.sSummary := Format('Network Blocked : %s', [pEnt.sDesc]);
|
|
gMgSvc.SendEventLogEx(@LogInfo);
|
|
|
|
sData := pEnt.sDesc + '|' + pEnt.sIpAddr + '|PV';
|
|
if gMgSvc.ModePolicy.EtcNicBlockNoti then
|
|
gMgSvc.PopupMessage(TYPE_MSG_PREVENT_TETHERING, sData);
|
|
end;
|
|
MgNic_.NetList.Delete(i);
|
|
end;
|
|
end;
|
|
end;
|
|
end;
|
|
|
|
nApIp := 99;
|
|
sData := IP_NULL;
|
|
for i := MgNic_.NetList.Count - 1 downto 0 do
|
|
begin
|
|
pEnt := MgNic_.NetList[i];
|
|
|
|
if (pEnt.sIpAddr <> '') and (pEnt.sIpAddr <> IP_NULL) then
|
|
begin
|
|
case pEnt.nNcType of
|
|
TYPE_VPN :
|
|
begin
|
|
if (sData = IP_NULL) or (nApIp > 2) then
|
|
begin
|
|
nApIp := 3;
|
|
sData := pEnt.sIpAddr;
|
|
end;
|
|
SumString(sIpAll, 'VPN:' + pEnt.sIpAddr, ',');
|
|
end;
|
|
TYPE_WIRELESS :
|
|
begin
|
|
if (sData = IP_NULL) or (nApIp > 1) then
|
|
begin
|
|
nApIp := 2;
|
|
sData := pEnt.sIpAddr;
|
|
end;
|
|
SumString(sIpAll, 'WLS:' + pEnt.sIpAddr, ',');
|
|
end;
|
|
TYPE_MOBILE :
|
|
begin
|
|
if (sData = IP_NULL) or (nApIp > 3) then
|
|
begin
|
|
nApIp := 4;
|
|
sData := pEnt.sIpAddr;
|
|
end;
|
|
SumString(sIpAll, 'MOB:' + pEnt.sIpAddr, ',');
|
|
end;
|
|
TYPE_LAN :
|
|
begin
|
|
nApIp := 1;
|
|
sData := pEnt.sIpAddr;
|
|
SumString(sIpAll, pEnt.sIpAddr, ',');
|
|
end;
|
|
TYPE_LOOPBACK : SumString(sIpAll, 'LOP:' + pEnt.sIpAddr, ',');
|
|
else SumString(sIpAll, 'ETC:' + pEnt.sIpAddr, ',');
|
|
end;
|
|
end;
|
|
end;
|
|
|
|
if sData <> sApIp_ then
|
|
sApIp_ := sData;
|
|
|
|
if sIpAll <> sIpAll_ then
|
|
sIpAll_ := sIpAll;
|
|
|
|
WifiCtrlKind := gMgSvc.ModePolicy.WifiCtrlKind;
|
|
|
|
// 네트워크 장치 차단 처리 22_0622 13:49:23 kku
|
|
if gMgSvc.VulService.IsForceDisconnect then
|
|
begin
|
|
gMgSvc.VulService.SetDisconnect(false, false);
|
|
|
|
if gMgSvc.PrefModel.IsSecuEndActions then
|
|
begin
|
|
if gMgSvc.PrefModel.UnsafeActions.Contains('vnic') then
|
|
begin
|
|
ShutdownVpnNic(false); // todo : 취약모드에서는 계속 차단 해야하는 옵션이 필요?? 22_0729 12:26:17 kku
|
|
bIgrVPN := true;
|
|
end else
|
|
bIgrVPN := false;
|
|
|
|
{$IFDEF DEBUG}
|
|
if DebugHook <> 0 then
|
|
exit;
|
|
{$ENDIF}
|
|
|
|
if gMgSvc.PrefModel.UnsafeActions.Contains('net') then
|
|
SetAllNicEnable(false, bIgrVPN);
|
|
end;
|
|
end else
|
|
if (dwNicEnableTick_ <> 0) and
|
|
((GetTickCount - dwNicEnableTick_) > NIC_DISABLE_MILSEC) then
|
|
begin
|
|
SetAllNicEnable(true);
|
|
end else
|
|
if (WifiCtrlKind <> wckNone) or
|
|
gMgSvc.ModePolicy.IsWifiPublicBlock then
|
|
begin
|
|
if (nWifiNicIdx_ <> -1) and
|
|
(WifiCtrlKind <> wckBlock) and
|
|
(WifiCtrlKind <> wckBlockName) and
|
|
(WifiCtrlKind <> wckWhiteName) and
|
|
not gMgSvc.ModePolicy.IsWifiPublicBlock then
|
|
begin
|
|
// 이미 차단된 상태고 다른 모드정책으로 차단 정책을 사용하지 않는다면 복구한다. 22_0803 08:36:43 kku
|
|
// bWifiPopup_ := false;
|
|
if SetNicEnableByIndex(nWifiNicIdx_, true) then
|
|
gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_NETWORKREFRESH, 'WIFI Enabled', false);
|
|
nWifiNicIdx_ := -1;
|
|
end else
|
|
// if not bWifiPopup_ then
|
|
if (nWifiNicIdx_ = -1) and
|
|
( ((WifiCtrlKind <> wckNone) and (WifiCtrlKind <> wckLog)) or
|
|
gMgSvc.ModePolicy.IsWifiPublicBlock ) then
|
|
begin
|
|
for i := 0 to MgNic_.NetList.Count - 1 do
|
|
begin
|
|
if (MgNic_.NetList[i].dwType = IF_TYPE_IEEE80211) and
|
|
(MgNic_.NetList[i].sIpAddr <> '') and
|
|
(MgNic_.NetList[i].sIpAddr <> IP_NULL) then
|
|
begin
|
|
var WlanInfo: TWlanInfo;
|
|
Guard(WlanInfo, TWlanInfo.Create);
|
|
var pWEnt: PWLanEnt := WlanInfo.GetWlanEntByName(MgNic_.NetList[i].sDesc);
|
|
var sName := MgNic_.NetList[i].sDesc;
|
|
if pWEnt <> nil then
|
|
begin
|
|
sName := pWEnt.sProfile;
|
|
bBlock := gMgSvc.ModePolicy.IsWifiPublicBlock and not pWEnt.bSecurety;
|
|
end else
|
|
bBlock := WifiCtrlKind <> wckLog; // true;
|
|
|
|
case WifiCtrlKind of
|
|
wckBlock,
|
|
wckBlockName,
|
|
wckWhiteName : bBlock := true;
|
|
end;
|
|
|
|
// bWifiPopup_ := true;
|
|
sData := sName + '|' + MgNic_.NetList[i].sIpAddr + '|' + MgNic_.NetList[i].sMac;
|
|
if bBlock then
|
|
begin
|
|
case WifiCtrlKind of
|
|
wckBlockName,
|
|
wckWhiteName :
|
|
begin
|
|
bBlock := false;
|
|
if pWEnt <> nil then
|
|
begin
|
|
var NameList: TStringList;
|
|
var sChkName: String := UpperCase(sName);
|
|
Guard(NameList, TStringList.Create);
|
|
SplitString(UpperCase(gMgSvc.ModePolicy.WifiBlockNames), ';', NameList);
|
|
var c: Integer;
|
|
|
|
for c := 0 to NameList.Count - 1 do
|
|
begin
|
|
if sChkName.Contains(NameList[c]) then
|
|
begin
|
|
bBlock := true;
|
|
break;
|
|
end;
|
|
end;
|
|
end;
|
|
|
|
// 화이트리스트면 결과 뒤집어 줌 22_1107 08:57:07 kku
|
|
if WifiCtrlKind = wckWhiteName then
|
|
bBlock := not bBlock;
|
|
end;
|
|
end;
|
|
|
|
// 보안없는 와이파이 차단 체크 추가 보완 24_0110 13:39:59 kku
|
|
if pWEnt <> nil then
|
|
bBlock := bBlock or (gMgSvc.ModePolicy.IsWifiPublicBlock and not pWEnt.bSecurety);
|
|
|
|
if bBlock then
|
|
begin
|
|
if (pWEnt <> nil) and not IsConnectedWIFI(pWEnt.InterfaceGuid) then
|
|
continue;
|
|
|
|
// 무선 연결 해제 추가 22_1021 12:52:50 kku
|
|
bBlocked := false;
|
|
if pWEnt <> nil then
|
|
bBlocked := DisconnectWIFI(pWEnt.InterfaceGuid);
|
|
|
|
if not bBlocked then
|
|
begin
|
|
if GetNicEnable(MgNic_.NetList[i].sDesc) then
|
|
begin
|
|
if PO.IsMobileHotspotExp and
|
|
(Pos('MICROSOFT WI-FI DIRECT VIRTUAL ADAPTER', UpperCase(MgNic_.NetList[i].sDesc)) > 0) then
|
|
nWifiNicIdx_ := -1
|
|
else
|
|
nWifiNicIdx_ := SetNicEnable(MgNic_.NetList[i].sDesc, false);
|
|
|
|
bBlocked := nWifiNicIdx_ <> -1;
|
|
end;
|
|
end;
|
|
|
|
if bBlocked then
|
|
begin
|
|
if pWEnt <> nil then
|
|
gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_WIFIBLOCK, Format('Block : %s', [sName]))
|
|
else
|
|
gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_WIFIBLOCK, 'WIFI Block');
|
|
sData := sData + '|PV';
|
|
end;
|
|
end;
|
|
end;
|
|
// else
|
|
// if (WifiCtrlKind = wckPopup) or
|
|
// (WifiCtrlKind = wckBlock) then
|
|
// begin
|
|
// if pWEnt <> nil then
|
|
// gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_WIFIDETECT, Format('Connected : %s', [sName]), false)
|
|
// else
|
|
// gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_WIFIDETECT, 'WIFI Connected', false);
|
|
// end;
|
|
|
|
if IsDivPopup then
|
|
begin
|
|
if (bBlocked and PO.WifiBlockPopup) then
|
|
// (not bBlocked and PO.WifiAllowPopup) then // 여기서 허용 시 팝업을 넣으면 무한 팝업됨 25_0717 14:58:27 kku
|
|
gMgSvc.PopupMessage(TYPE_MSG_PREVENT_WIFI, sData);
|
|
end else begin
|
|
if bBlock or
|
|
(WifiCtrlKind = wckPopup) or
|
|
(WifiCtrlKind = wckBlock) then
|
|
gMgSvc.PopupMessage(TYPE_MSG_PREVENT_WIFI, sData);
|
|
end;
|
|
end;
|
|
end;
|
|
end;
|
|
end else begin
|
|
if nWifiNicIdx_ <> -1 then
|
|
begin
|
|
if SetNicEnableByIndex(nWifiNicIdx_, true) then
|
|
gMgSvc.SendEventLog(URI_CONFIGURATION, LOGCODE_EVENT_NETWORKREFRESH, 'WIFI Enabled');
|
|
nWifiNicIdx_ := -1;
|
|
end;
|
|
// bWifiPopup_ := false;
|
|
end;
|
|
|
|
if gMgSvc.ModePolicy.UseIpScrLogoBold then
|
|
begin
|
|
bBlock := false;
|
|
// sIpAll := GetIP;
|
|
var IpList: TStringList;
|
|
Guard(IpList, TStringList.Create);
|
|
SplitString(gMgSvc.ModePolicy.ScrLogoBoldIps, ';', IpList);
|
|
|
|
var pInfo: PNicInfo;
|
|
for i := 0 to MgNic_.NetList.Count - 1 do
|
|
begin
|
|
if bBlock then
|
|
break;
|
|
|
|
pInfo := MgNic_.NetList[i];
|
|
if (pInfo.sIpAddr <> '') and (pInfo.sIpAddr <> IP_NULL) then
|
|
begin
|
|
for n := 0 to IpList.Count - 1 do
|
|
begin
|
|
if Pos(IpList[n], pInfo.sIpAddr) = 1 then
|
|
begin
|
|
bBlock := true;
|
|
break;
|
|
end;
|
|
end;
|
|
end;
|
|
end;
|
|
|
|
if bBlock <> gMgSvc.IsIpMatchScreenLogo then
|
|
gMgSvc.IsIpMatchScreenLogo := bBlock;
|
|
end else
|
|
if gMgSvc.IsIpMatchScreenLogo then
|
|
gMgSvc.IsIpMatchScreenLogo := false;
|
|
except
|
|
on E: Exception do
|
|
ETgException.TraceException(Self, E, 'Fail .. UpdateNic()');
|
|
// ETgException.TraceException(Self, E, Format('Fail .. UpdateNic() D=%d, i=%d, Cnt=%d', [nD, i, MgNic_.NetList.Count]));
|
|
end;
|
|
end;
|
|
|
|
procedure TNicService.ShutdownVpnNic(bRecoverAble: Boolean = true);
|
|
var
|
|
i, n: Integer;
|
|
begin
|
|
try
|
|
// if not bVpnNicShutdown_ then // VPN NIC 다시 켜지는거 감지하려면 이거 체크하면 안될듯 함 22_0628 15:34:02 kku
|
|
begin
|
|
for i := 0 to MgNic_.NetList.Count - 1 do
|
|
begin
|
|
if MgNic_.NetList[i].nNcType = TYPE_VPN then
|
|
begin
|
|
if Pos('ARRAY NETWORKS', UpperCase(MgNic_.NetList[i].sDesc)) > 0 then
|
|
begin
|
|
// Array Networks VPN 차단은 별도 처리 (fot 롯데오토리스) 23_1108 13:51:57 kku
|
|
var dwPid: DWORD := GetProcessPidByName('MotionPro.exe');
|
|
if dwPid <> 0 then
|
|
begin
|
|
var sPath :String := GetProcessPathByPid(dwPid);
|
|
if not FileExists(sPath) then
|
|
sPath := GetProgramFilesDir + '\Array Networks\MotionPro VPN Client\MotionPro.exe';
|
|
|
|
if TerminateProcessByPid(dwPid, true) and FileExists(sPath) then
|
|
begin
|
|
Sleep(500);
|
|
{$IFDEF DEBUG}
|
|
ExecuteApp(sPath, '', SW_SHOWNORMAL);
|
|
{$ELSE}
|
|
ExecuteAppAsUser('explorer.exe', sPath, '', SW_SHOWNORMAL);
|
|
{$ENDIF}
|
|
end;
|
|
end;
|
|
end else begin
|
|
n := SetNicEnable(MgNic_.NetList[i].sDesc, false);
|
|
if bRecoverAble and (n <> -1) then
|
|
begin
|
|
DisableNicIndexList_.Add(MgNic_.NetList[i].sDesc);
|
|
// DisableNicIndexList_.Add(n);
|
|
// bVpnNicShutdown_ := true;
|
|
end;
|
|
end;
|
|
end;
|
|
end;
|
|
end;
|
|
except
|
|
on E: Exception do
|
|
ETgException.TraceException(Self, E, 'Fail .. ShutdownVpnNic()');
|
|
end;
|
|
end;
|
|
|
|
procedure TNicService.Commit;
|
|
var
|
|
bIsNetworkCardOn,
|
|
bIsIpContained: Boolean;
|
|
i, c: Integer;
|
|
pInfo: PNicInfo;
|
|
VpnIpList: TStringList;
|
|
begin
|
|
try
|
|
if MgNic_.NetList.Count = 0 then
|
|
begin
|
|
gMgSvc.SetRouterOn(false);
|
|
gMgSvc.SetVpnNicOn(false);
|
|
end else begin
|
|
bIsNetworkCardOn := false;
|
|
bIsIpContained := false;
|
|
|
|
for i := 0 to MgNic_.NetList.Count - 1 do
|
|
begin
|
|
pInfo := MgNic_.NetList[i];
|
|
if pInfo.nNcType = -1 then
|
|
pInfo.nNcType := GetNcTypeFromDesc(pInfo);
|
|
|
|
if (pInfo.sIpAddr <> '') and (pInfo.sIpAddr <> IP_NULL) then
|
|
begin
|
|
if pInfo.nNcType = TYPE_VPN then
|
|
bIsNetworkCardOn := true;
|
|
end;
|
|
|
|
Guard(VpnIpList, TStringList.Create);
|
|
|
|
if SplitString(gMgSvc.PrefModel.VpnIpList, ',', VpnIpList) > 0 then
|
|
begin
|
|
for c := 0 to VpnIpList.Count - 1 do
|
|
begin
|
|
if Pos(VpnIpList[c], pInfo.sIpAddr) > 0 then
|
|
begin
|
|
bIsIpContained := true;
|
|
break;
|
|
end;
|
|
end;
|
|
end else begin
|
|
GetVpnIpList(VpnIpList);
|
|
for c := 0 to VpnIpList.Count - 1 do
|
|
begin
|
|
if Pos(VpnIpList[c], pInfo.sIpAddr) > 0 then
|
|
begin
|
|
bIsIpContained := true;
|
|
break;
|
|
end;
|
|
end;
|
|
end;
|
|
end;
|
|
|
|
gMgSvc.SetVpnNicOn(bIsNetworkCardOn);
|
|
gMgSvc.SetRouterOn(bIsIpContained);
|
|
end;
|
|
except
|
|
on E: Exception do
|
|
ETgException.TraceException(Self, E, 'Fail .. Commit()');
|
|
end;
|
|
end;
|
|
|
|
function TNicService.GetNetworkCard(bIgnIpCheck: Boolean = false): PNicInfo;
|
|
var
|
|
i, nPri: Integer;
|
|
// bIsExistsVpn,
|
|
// bIsExistsMobile,
|
|
// bIsExistsWireless: Boolean;
|
|
pInfo: PNicInfo;
|
|
begin
|
|
// 현재 우선순위 VPN > Mobile > 무선 > 그밖에
|
|
Result := nil;
|
|
try
|
|
nPri := 99;
|
|
for i := 0 to MgNic_.NetList.Count - 1 do
|
|
begin
|
|
pInfo := MgNic_.NetList[i];
|
|
if not bIgnIpCheck and ((pInfo.sIpAddr = '') or (pInfo.sIpAddr = IP_NULL)) then
|
|
continue;
|
|
|
|
if (pInfo.sMac = '') or (pInfo.sMac = MAC_NULL) then
|
|
continue;
|
|
|
|
if pInfo.nNcType = -1 then
|
|
pInfo.nNcType := GetNcTypeFromDesc(pInfo);
|
|
|
|
case pInfo.nNcType of
|
|
TYPE_LAN :
|
|
begin
|
|
Result := pInfo;
|
|
nPri := 1;
|
|
end;
|
|
TYPE_WIRELESS :
|
|
begin
|
|
if nPri > 1 then
|
|
begin
|
|
Result := pInfo;
|
|
nPri := 2;
|
|
end;
|
|
end;
|
|
TYPE_VPN :
|
|
begin
|
|
if nPri > 2 then
|
|
begin
|
|
Result := pInfo;
|
|
nPri := 3;
|
|
end;
|
|
end;
|
|
TYPE_MOBILE :
|
|
begin
|
|
if nPri > 3 then
|
|
begin
|
|
Result := pInfo;
|
|
nPri := 4;
|
|
end;
|
|
end;
|
|
TYPE_OTHER :
|
|
begin
|
|
if nPri > 4 then
|
|
begin
|
|
Result := pInfo;
|
|
nPri := 5;
|
|
end;
|
|
end;
|
|
end;
|
|
end;
|
|
|
|
// bIsExistsVpn := false;
|
|
// bIsExistsMobile := false;
|
|
// bIsExistsWireless := false;
|
|
// for i := 0 to MgNic_.NetList.Count - 1 do
|
|
// begin
|
|
// pInfo := MgNic_.NetList[i];
|
|
// if (pInfo.sIpAddr = '') or
|
|
// (pInfo.sIpAddr = IP_NULL) or
|
|
// (pInfo.sMac = '') or
|
|
// (pInfo.sMac = MAC_NULL) then continue;
|
|
//
|
|
// if pInfo.nNcType = -1 then
|
|
// pInfo.nNcType := GetNcTypeFromDesc(pInfo);
|
|
//
|
|
// case pInfo.nNcType of
|
|
// TYPE_MOBILE :
|
|
// begin
|
|
// bIsExistsMobile := true;
|
|
// if not bIsExistsVpn then
|
|
// Result := pInfo;
|
|
// end;
|
|
// TYPE_VPN :
|
|
// begin
|
|
// bIsExistsVpn := true;
|
|
// Result := pInfo;
|
|
// end;
|
|
// TYPE_OTHER :
|
|
// begin
|
|
// if not bIsExistsVpn and not bIsExistsMobile and
|
|
// not bIsExistsWireless then
|
|
// Result := pInfo;
|
|
// end;
|
|
// TYPE_WIRELESS :
|
|
// begin
|
|
// bIsExistsWireless := true;
|
|
// if not bIsExistsVpn and not bIsExistsMobile then
|
|
// Result := pInfo;
|
|
// end;
|
|
// end;
|
|
// end;
|
|
except
|
|
on E: Exception do
|
|
ETgException.TraceException(Self, E, 'Fail .. GetNetworkCard()');
|
|
end;
|
|
end;
|
|
|
|
function TNicService.GetIP: String;
|
|
var
|
|
pInfo: PNicInfo; // TNetworkCard;
|
|
nPos: Integer;
|
|
begin
|
|
try
|
|
pInfo := GetNetworkCard;
|
|
if pInfo <> nil then
|
|
begin
|
|
Result := pInfo.sIpAddr;
|
|
// ip가 하나 이상일 수 있다 22_0622 12:59:57 kku
|
|
nPos := Pos(',', Result);
|
|
if nPos > 0 then
|
|
SetLength(Result, nPos - 1);
|
|
|
|
if sRecentIp_ <> Result then
|
|
begin
|
|
sRecentIp_ := Result;
|
|
|
|
if gMgSvc.IsScreenLogo then
|
|
gMgSvc.UpdateScreenLogo(true);
|
|
end;
|
|
end else
|
|
Result := sRecentIp_;
|
|
except
|
|
on E: Exception do
|
|
begin
|
|
Result := sRecentIp_;
|
|
ETgException.TraceException(Self, E, 'Fail .. GetIP()');
|
|
end;
|
|
end;
|
|
end;
|
|
|
|
function TNicService.GetMAC: String;
|
|
var
|
|
pInfo: PNicInfo; // TNetworkCard;
|
|
begin
|
|
try
|
|
pInfo := GetNetworkCard(CUSTOMER_TYPE = CUSTOMER_CNSCERT);
|
|
if pInfo <> nil then
|
|
begin
|
|
Result := pInfo.sMac;
|
|
sRecentMac_ := Result;
|
|
end else
|
|
Result := sRecentMac_;
|
|
except
|
|
on E: Exception do
|
|
begin
|
|
Result := sRecentMac_;
|
|
ETgException.TraceException(Self, E, 'Fail .. GetMAC()');
|
|
end;
|
|
end;
|
|
end;
|
|
|
|
function TNicService.IsActiveAP: Boolean;
|
|
begin
|
|
Result := (sApIp_ <> '') and (sApIp_ <> IP_NULL);
|
|
end;
|
|
|
|
function TNicService.ContainMac(sMac: String): Boolean;
|
|
var
|
|
i: Integer;
|
|
begin
|
|
Result := false;
|
|
try
|
|
for i := 0 to MgNic_.NetList.Count - 1 do
|
|
begin
|
|
if CompareText(MgNic_.NetList[i].sMac, sMac) = 0 then
|
|
begin
|
|
Result := true;
|
|
exit;
|
|
end;
|
|
end;
|
|
except
|
|
on E: Exception do
|
|
ETgException.TraceException(Self, E, 'Fail .. ContainMac()');
|
|
end;
|
|
end;
|
|
|
|
end.
|