public LogItem(Program.LogEntry entry, string name)
{
this.entry = entry;
this.name = name != null ? name : "[unknown progream]";
this.IsLocal = NetFunc.IsLocalHost(entry.FwEvent.RemoteAddress);
this.IsMulti = NetFunc.IsMultiCast(entry.FwEvent.RemoteAddress);
this.IsLan = FirewallRule.MatchAddress(entry.FwEvent.RemoteAddress, FirewallRule.AddrKeywordLocalSubnet);
}
public bool OnActivity(ProgramSet prog, Program program, Priv10Engine.FwEventArgs args)
{
ProgramControl item = null;
if (!ProgramList.Items.TryGetValue(args.guid.ToString(), out item))
{
if (FirewallPage.DoFilter(CurFilter, prog))
{
return(false);
}
item = ProgramList.AddItem(prog);
args.update = false;
}
//Note: windows firewall doesn't block localhost acces so we ignore it
//if (args.entry.State == Program.LogEntry.States.RuleError
// && args.entry.FwEvent.Action == FirewallRule.Actions.Allow
// && !NetFunc.IsLocalHost(args.entry.FwEvent.RemoteAddress))
// item.SetError(true);
if ((chkNoLocal.IsChecked != true || (!NetFunc.IsLocalHost(args.entry.FwEvent.RemoteAddress) && !NetFunc.IsMultiCast(args.entry.FwEvent.RemoteAddress))) &&
(chkNoLan.IsChecked != true || !FirewallRule.MatchAddress(args.entry.FwEvent.RemoteAddress, FirewallRule.AddrKeywordLocalSubnet)) &&
args.entry.FwEvent.ProcessId != ProcFunc.CurID) // Note: When DNS proxy is nabled we are always very active, so ignore it
{
switch (args.entry.FwEvent.Action)
{
case FirewallRule.Actions.Allow: item.Flash(Colors.LightGreen); break;
case FirewallRule.Actions.Block: item.Flash(Colors.LightPink); break;
}
}
item.DoUpdate(prog);
return(SortBy == Sorts.LastActivity);
}
public LogEntry(FirewallEvent Event, ProgramID progID)
{
guid = Guid.NewGuid();
FwEvent = Event;
ProgID = progID;
if (NetFunc.IsLocalHost(FwEvent.RemoteAddress))
{
Realm = Realms.LocalHost;
}
else if (NetFunc.IsMultiCast(FwEvent.RemoteAddress))
{
Realm = Realms.MultiCast;
}
else if (FirewallManager.MatchAddress(FwEvent.RemoteAddress, FirewallRule.AddrKeywordLocalSubnet))
{
Realm = Realms.LocalArea;
}
else
{
Realm = Realms.Internet;
}
}
private bool SocksFilter(object obj)
{
var item = obj as SocketItem;
if (socketFilter != FirewallPage.FilterPreset.Socket.Any)
{
switch (socketFilter)
{
case FirewallPage.FilterPreset.Socket.TCP:
if ((item.sock.ProtocolType & (UInt32)IPHelper.AF_PROT.TCP) == 0)
{
return(false);
}
break;
case FirewallPage.FilterPreset.Socket.Client:
if ((item.sock.ProtocolType & (UInt32)IPHelper.AF_PROT.TCP) == 0 || item.sock.State == (int)IPHelper.MIB_TCP_STATE.LISTENING)
{
return(false);
}
break;
case FirewallPage.FilterPreset.Socket.Server:
if ((item.sock.ProtocolType & (UInt32)IPHelper.AF_PROT.TCP) == 0 || item.sock.State != (int)IPHelper.MIB_TCP_STATE.LISTENING)
{
return(false);
}
break;
case FirewallPage.FilterPreset.Socket.UDP:
if ((item.sock.ProtocolType & (UInt32)IPHelper.AF_PROT.UDP) == 0)
{
return(false);
}
break;
case FirewallPage.FilterPreset.Socket.Web:
if ((item.sock.ProtocolType & (UInt32)IPHelper.AF_PROT.TCP) == 0 || !(item.sock.RemotePort == 80 || item.sock.RemotePort == 443))
{
return(false);
}
break;
}
}
if (item.sock.RemoteAddress != null)
{
if (NetFunc.IsLocalHost(item.sock.RemoteAddress))
{
if (chkNoLocal.IsChecked == true)
{
return(false);
}
}
/*else if (NetFunc.IsMultiCast(item.sock.RemoteAddress))
* {
* if (chkNoMulti.IsChecked == true)
* return false;
* }*/
else if (FirewallRule.MatchAddress(item.sock.RemoteAddress, FirewallRule.AddrKeywordLocalSubnet))
{
if (chkNoLAN.IsChecked == true)
{
return(false);
}
}
else if (chkNoINet.IsChecked == true)
{
return(false);
}
}
if (FirewallPage.DoFilter(textFilter, item.name, new List <ProgramID>()
{
item.sock.ProgID
}))
{
return(false);
}
return(true);
}