隐藏

C#向IIS的黑名单写IP

发布:2022/8/19 13:51:53作者:管理员 来源:本站 浏览次数:929

通过前台WEB记录IP访问情况,后台服务定时作规则统计,写黑名单写入IIS的拒绝访问列表里,很有意义噢

static void Main(string[] args)
        {
            try
            {
                // retrieve the directory entry for the root of the IIS server

                System.DirectoryServices.DirectoryEntry IIS =
                   new System.DirectoryServices.DirectoryEntry(
                   "IIS://localhost/w3svc/17679966/root");      //17679966  为网站标记ID

                // retrieve the list of currently denied IPs
                Console.WriteLine("Retrieving the list of currently denied IPs.");
                // get the IPSecurity property
                Type typ = IIS.Properties["IPSecurity"][0].GetType();
                object IPSecurity = IIS.Properties["IPSecurity"][0];
                // retrieve the IPDeny list from the IPSecurity object
                Array origIPDenyList = (Array)typ.InvokeMember("IPDeny",
                           BindingFlags.DeclaredOnly |
                           BindingFlags.Public | BindingFlags.NonPublic |
                           BindingFlags.Instance | BindingFlags.GetProperty,
                           null, IPSecurity, null);

                // display what was being denied
                foreach (string s in origIPDenyList)
                    Console.WriteLine("Before: " + s);

                // check GrantByDefault.  This has to be set to true,
                // or what we are doing will not work.
                bool bGrantByDefault = (bool)typ.InvokeMember("GrantByDefault",
                            BindingFlags.DeclaredOnly |
                            BindingFlags.Public | BindingFlags.NonPublic |
                            BindingFlags.Instance | BindingFlags.GetProperty,
                            null, IPSecurity, null);

                Console.WriteLine("GrantByDefault = " + bGrantByDefault);
                if (!bGrantByDefault)
                {

                    typ.InvokeMember("GrantByDefault",
                           BindingFlags.DeclaredOnly |
                           BindingFlags.Public | BindingFlags.NonPublic |
                           BindingFlags.Instance | BindingFlags.SetProperty,
                           null, IPSecurity, new object[] { true });

                }


                // update the list of denied IPs.  This is a
                // complete replace.  If you want to maintain what
                // was already being denied, you need to make sure
                // those IPs are in here as well.  This area
                // will be where you will most likely modify to
                // your needs as this is just an example.
                Console.WriteLine("Updating the list of denied IPs.");
                object[] newIPDenyList = new object[4];
                newIPDenyList[0] = "192.168.1.1, 255.255.255.255";
                newIPDenyList[1] = "192.168.1.2, 255.255.255.255";
                newIPDenyList[2] = "192.168.1.3, 255.255.255.255";
                newIPDenyList[3] = "192.168.1.4, 255.255.255.255";
                Console.WriteLine("Calling SetProperty");

                // add the updated list back to the IPSecurity object
                typ.InvokeMember("IPDeny",
                         BindingFlags.DeclaredOnly |
                         BindingFlags.Public | BindingFlags.NonPublic |
                         BindingFlags.Instance | BindingFlags.SetProperty,
                         null, IPSecurity, new object[] { newIPDenyList });


                IIS.Properties["IPSecurity"][0] = IPSecurity;
                Console.WriteLine("Commiting the changes.");

                // commit the changes
                IIS.CommitChanges();
                IIS.RefreshCache();


                // check to see if the update took
                Console.WriteLine("Checking to see if the update took.");
                IPSecurity = IIS.Properties["IPSecurity"][0];
                Array y = (Array)typ.InvokeMember("IPDeny",
                          BindingFlags.DeclaredOnly |
                          BindingFlags.Public | BindingFlags.NonPublic |
                          BindingFlags.Instance | BindingFlags.GetProperty,
                          null, IPSecurity, null);

                foreach (string s in y)
                    Console.WriteLine("After: " + s);
            }

            catch (Exception e)
            {
                Console.WriteLine("Error: " + e.Message.ToString());

            }

        }