internal void ExecuteMacOs()

in Lib/Collectors/FirewallCollector.cs [125:212]

• 70 lines of code
• 7 McCabe index (conditional complexity)

        internal void ExecuteMacOs(CancellationToken cancellationToken)
        {
            // Example output: "Firewall is enabled. (State = 1)"
            var result = ExternalCommandRunner.RunExternalCommand("/usr/libexec/ApplicationFirewall/socketfilterfw", "--getglobalstate");
            var enabled = result.Contains("1");
            var obj = new FirewallObject("Firewall Enabled")
            {
                Action = FirewallAction.Block,
                Direction = FirewallDirection.Inbound,
                IsEnable = enabled,
                FriendlyName = "Firewall Enabled",
                Scope = FirewallScope.All
            };
            HandleChange(obj);

            // Example output: "Stealth mode disabled"
            result = ExternalCommandRunner.RunExternalCommand("/usr/libexec/ApplicationFirewall/socketfilterfw", "--getglobalstate");
            obj = new FirewallObject("Stealth Mode")
            {
                Action = FirewallAction.Block,
                Direction = FirewallDirection.Inbound,
                IsEnable = result.Contains("enabled"),
                FriendlyName = "Stealth Mode",
                Scope = FirewallScope.All
            };
            HandleChange(obj);

            /* Example Output:
             * Automatically allow signed built-in software ENABLED
             * Automatically allow downloaded signed software ENABLED */
            result = ExternalCommandRunner.RunExternalCommand("/usr/libexec/ApplicationFirewall/socketfilterfw", "--getallowsigned");
            obj = new FirewallObject("Allow signed built-in software")
            {
                Action = FirewallAction.Allow,
                Direction = FirewallDirection.Inbound,
                IsEnable = result.Split('\n')[0].Contains("ENABLED"),
                FriendlyName = "Allow signed built-in software",
                Scope = FirewallScope.All
            };
            HandleChange(obj);

            obj = new FirewallObject("Allow downloaded signed software")
            {
                Action = FirewallAction.Allow,
                Direction = FirewallDirection.Inbound,
                IsEnable = result.Split('\n')[1].Contains("ENABLED"),
                FriendlyName = "Allow downloaded signed software",
                Scope = FirewallScope.All
            };
            HandleChange(obj);

            /* Example Output:
ALF: total number of apps = 2

1 :  /Applications/AppName.app
 ( Allow incoming connections )

2 :  /Applications/AppName2.app
 ( Block incoming connections ) */
            result = ExternalCommandRunner.RunExternalCommand("/usr/libexec/ApplicationFirewall/socketfilterfw", "--listapps");
            string appName = "";
            Regex startsWithNumber = new Regex("^[1-9]");
            var lines = new List<string>(result.Split('\n'));
            if (lines.Any())
            {
                lines = lines.Skip(2).ToList();
                foreach (var line in lines)
                {
                    if (cancellationToken.IsCancellationRequested) { return; }

                    if (startsWithNumber.IsMatch(line))
                    {
                        appName = line.Substring(line.IndexOf('/'));
                    }
                    else if (line.Contains("incoming connections"))
                    {
                        obj = new FirewallObject(appName)
                        {
                            Action = (line.Contains("Allow")) ? FirewallAction.Allow : FirewallAction.Block,
                            Direction = FirewallDirection.Inbound,
                            FriendlyName = appName,
                            Scope = FirewallScope.All
                        };
                        HandleChange(obj);
                    }
                }
            }
        }