/// <summary> /// /// </summary> /// <param name="filePath">The output file name</param> public void ExportExcludes(string filePath) { if (IsRunning == true) { OnExclamation("Already performing an export"); return; } IsRunning = true; new Thread(() => { try { List<Exclude> excludes = new List<Exclude>(); using (NPoco.Database dbMySql = new NPoco.Database(Db.GetOpenMySqlConnection())) { var data = dbMySql.Fetch<Dictionary<string, object>>(_sql.GetQuery(snorbert.Configs.Sql.Query.SQL_EXCLUDES)); foreach (Dictionary<string, object> temp in data) { Exclude exclude = new Exclude(); exclude.Id = long.Parse(temp["id"].ToString()); exclude.SigId = long.Parse(temp["sig_id"].ToString()); exclude.SigSid = long.Parse(temp["sig_sid"].ToString()); exclude.Rule = temp["sig_name"].ToString(); exclude.SourceIpText = temp["ip_src"].ToString(); exclude.DestinationIpText = temp["ip_dst"].ToString(); if (((byte[])temp["fp"])[0] == 48) { exclude.FalsePositive = false; } else { exclude.FalsePositive = true; } exclude.Timestamp = DateTime.Parse(temp["timestamp"].ToString()); excludes.Add(exclude); } } CsvConfiguration csvConfiguration = new CsvConfiguration(); csvConfiguration.Delimiter = '\t'; using (FileStream fileStream = new FileStream(filePath, FileMode.Append, FileAccess.Write)) using (StreamWriter streamWriter = new StreamWriter(fileStream)) using (CsvHelper.CsvWriter csvWriter = new CsvHelper.CsvWriter(streamWriter, csvConfiguration)) { // Write out the file headers csvWriter.WriteField("Sig. ID"); csvWriter.WriteField("Source IP"); csvWriter.WriteField("Destination IP"); csvWriter.WriteField("FP"); csvWriter.WriteField("Comment"); csvWriter.WriteField("Sig. Name"); csvWriter.WriteField("Timestamp"); csvWriter.WriteField("Sig."); csvWriter.NextRecord(); foreach (var temp in excludes) { csvWriter.WriteField(temp.SigId); csvWriter.WriteField(temp.SourceIpText); csvWriter.WriteField(temp.DestinationIpText); csvWriter.WriteField(temp.FalsePositive); csvWriter.WriteField(temp.Comment); csvWriter.WriteField(temp.Rule); csvWriter.WriteField(temp.Timestamp); csvWriter.WriteField(temp.Rule); csvWriter.NextRecord(); } } OnComplete(); } catch (Exception ex) { OnError("An error occurred whilst performing the export: " + ex.Message); } finally { IsRunning = false; } }).Start(); }
/// <summary> /// /// </summary> private void LoadExcludes() { try { using (new HourGlass(this)) using (NPoco.Database db = new NPoco.Database(Db.GetOpenMySqlConnection())) { listExcludes.ClearObjects(); var data = db.Fetch<Dictionary<string, object>>(_sql.GetQuery(Sql.Query.SQL_EXCLUDES)); List<Exclude> excludes = new List<Exclude>(); foreach (Dictionary<string, object> temp in data) { Exclude exclude = new Exclude(); exclude.Id = long.Parse(temp["id"].ToString()); exclude.SigId = long.Parse(temp["sig_id"].ToString()); exclude.SigSid = long.Parse(temp["sig_sid"].ToString()); exclude.Rule = temp["sig_name"].ToString(); exclude.Comment = temp["comment"].ToString(); exclude.SourceIpText = temp["ip_src"].ToString(); exclude.SourcePortText = temp["port_src"].ToString(); exclude.DestinationIpText = temp["ip_dst"].ToString(); exclude.DestinationPortText = temp["port_dst"].ToString(); if (int.Parse(temp["ip_proto"].ToString()) == (int)Global.Protocols.Tcp) { exclude.Protocol = Global.Protocols.Tcp.GetEnumDescription(); } else if (int.Parse(temp["ip_proto"].ToString()) == (int)Global.Protocols.Udp) { exclude.Protocol = Global.Protocols.Udp.GetEnumDescription(); } else if (int.Parse(temp["ip_proto"].ToString()) == (int)Global.Protocols.Icmp) { exclude.Protocol = Global.Protocols.Icmp.GetEnumDescription(); } if (((byte[])temp["fp"])[0] == 48) { exclude.FalsePositive = false; } else { exclude.FalsePositive = true; } exclude.Timestamp = DateTime.Parse(temp["timestamp"].ToString()); excludes.Add(exclude); } listExcludes.SetObjects(excludes); if (excludes.Count > 0) { listExcludes.SelectedObject = excludes[0]; } } ResizeFilterListColumns(); SetButtonState(); } catch (Exception ex) { UserInterface.DisplayErrorMessageBox("An error occurred whilst loading the excludes" + ex.Message); } }
/// <summary> /// /// </summary> /// <param name="sender"></param> /// <param name="e"></param> private void btnOk_Click(object sender, EventArgs e) { try { using (NPoco.Database db = new NPoco.Database(Db.GetOpenMySqlConnection())) { Exclude exclude = new Exclude(); if (chkRule.Checked == true) { exclude.SigId = _ruleId; } if (chkSourceIp.Checked == true) { byte[] ip = _sourceIp.GetAddressBytes(); Array.Reverse(ip); exclude.SourceIp = BitConverter.ToUInt32(ip, 0); } if (chkSrcPort.Checked == true) { exclude.SourcePort = ushort.Parse(txtSourcePort.Text); } if (chkDestinationIp.Checked == true) { byte[] ip = _destinationIp.GetAddressBytes(); Array.Reverse(ip); exclude.DestinationIp = BitConverter.ToUInt32(ip, 0); } if (chkDestPort.Checked == true) { exclude.DestinationPort = ushort.Parse(txtDestinationPort.Text); } exclude.IpProto = _ipProto; exclude.Comment = txtComment.Text; exclude.FalsePositive = chkFalsePositive.Checked; exclude.Timestamp = DateTime.Now; db.Insert(exclude); } } catch (Exception ex) { UserInterface.DisplayErrorMessageBox("An error occurred whilst adding the exclude: " + ex.Message); return; } this.DialogResult = System.Windows.Forms.DialogResult.OK; }