public bool MatchesEvent(int currentProfile, string appPkgId, string svcName, string path, string target = "*", string remoteport = "*")
{
var friendlyPath = string.IsNullOrWhiteSpace(path) ? path : PathResolver.GetFriendlyPath(path);
var ruleFriendlyPath = string.IsNullOrWhiteSpace(ApplicationName) ? ApplicationName : PathResolver.GetFriendlyPath(ApplicationName);
var ret = Enabled &&
((Profiles & currentProfile) != 0 || (Profiles & (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_ALL) != 0) &&
(string.IsNullOrEmpty(ruleFriendlyPath) || ruleFriendlyPath.Equals(friendlyPath, StringComparison.OrdinalIgnoreCase)) &&
CheckRuleAddresses(RemoteAddresses, target) &&
CheckRulePorts(RemotePorts, remoteport) &&
(string.IsNullOrEmpty(AppPkgId) || AppPkgId == appPkgId) &&
(string.IsNullOrEmpty(ServiceName) || svcName.Any() && ServiceName == "*" || svcName.Equals(ServiceName, StringComparison.OrdinalIgnoreCase))
;
if (ret && LogHelper.IsDebugEnabled())
{
LogHelper.Debug("Found enabled " + ActionStr + " " + DirectionStr + " Rule '" + Name + "'");
LogHelper.Debug("\t" + Profiles.ToString() + " <--> " + currentProfile.ToString() + " : " + ((Profiles & currentProfile) != 0 || (Profiles & (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_ALL) != 0).ToString());
LogHelper.Debug("\t" + ruleFriendlyPath + " <--> " + friendlyPath + " : " + (string.IsNullOrEmpty(ruleFriendlyPath) || ruleFriendlyPath.Equals(friendlyPath, StringComparison.OrdinalIgnoreCase)).ToString());
LogHelper.Debug("\t" + RemoteAddresses + " <--> " + target + " : " + CheckRuleAddresses(RemoteAddresses, target).ToString());
LogHelper.Debug("\t" + RemotePorts + " <--> " + remoteport + " : " + CheckRulePorts(RemotePorts, remoteport).ToString());
LogHelper.Debug("\t" + AppPkgId + " <--> " + appPkgId + " : " + (string.IsNullOrEmpty(AppPkgId) || AppPkgId == appPkgId).ToString());
LogHelper.Debug("\t" + ServiceName + " <--> " + svcName + " : " + (string.IsNullOrEmpty(ServiceName) || svcName.Equals(ServiceName, StringComparison.OrdinalIgnoreCase)).ToString());
}
return(ret);
}
public void TestRuleMatchesEvent()
{
IEnumerable <Rule> ret = GetRules(AlsoGetInactive: false);
string exePath = @"C:\Windows\System32\svchost.exe";
const int PROF_ALL = (int)NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_ALL;
WriteDebugOutput($"{exePath}");
int cntMatch = 0;
foreach (Rule rule in ret)
{
bool matches = rule.MatchesEvent(currentProfile: PROF_ALL, appPkgId: null, svcName: "*", path: exePath, target: "*", remoteport: "*");
if (matches)
{
string ruleFriendlyPath = String.IsNullOrWhiteSpace(rule.ApplicationName) ? rule.ApplicationName : PathResolver.GetFriendlyPath(rule.ApplicationName);
Assert.True(String.IsNullOrWhiteSpace(ruleFriendlyPath) || exePath.Equals(ruleFriendlyPath, StringComparison.OrdinalIgnoreCase));
WriteDebugOutput($"match found={matches}, rule={rule.Name}");
cntMatch++;
}
}
Assert.True(cntMatch > 0);
}
