public void Assign(FirewallRule rule) { this.guid = rule.guid; this.Index = rule.Index; this.BinaryPath = rule.BinaryPath; this.ServiceTag = rule.ServiceTag; this.AppSID = rule.AppSID; this.ProgID = rule.ProgID; this.Name = rule.Name; this.Grouping = rule.Grouping; this.Description = rule.Description; this.Enabled = rule.Enabled; this.Action = rule.Action; this.Direction = rule.Direction; this.Profile = rule.Profile; this.Protocol = rule.Protocol; this.Interface = rule.Interface; this.LocalPorts = rule.LocalPorts; this.LocalAddresses = rule.LocalAddresses; this.RemoteAddresses = rule.RemoteAddresses; this.RemotePorts = rule.RemotePorts; this.IcmpTypesAndCodes = rule.IcmpTypesAndCodes; this.EdgeTraversal = rule.EdgeTraversal; // todo: xxx }
public DnsEntry(ProgramID progID) { guid = Guid.NewGuid(); ProgID = progID; LastSeen = DateTime.Now; SeenCounter = 0; }
public ProgramControl(ProgramSet prog, CategoryModel Categories) { InitializeComponent(); chkNotify.Content = Translate.fmt("lbl_notify"); btnAdd.Content = Translate.fmt("lbl_add"); btnSplit.Content = Translate.fmt("lbl_split"); btnRemove.Content = Translate.fmt("lbl_remove"); progGrid.Columns[1].Header = Translate.fmt("lbl_name"); progGrid.Columns[2].Header = Translate.fmt("lbl_progam"); SuspendChange++; progArea.Visibility = Visibility.Collapsed; CatModel = Categories; //category.ItemsSource = CatModel.Categorys; category.ItemsSource = CatModel.GetCategorys(); //mBorderBrush = name.BorderBrush; //name.BorderBrush = Brushes.Transparent; cmbAccess.Items.Add(new ComboBoxItem() { Content = Translate.fmt("acl_none"), Tag = ProgramSet.Config.AccessLevels.Unconfigured }); cmbAccess.Items.Add(new ComboBoxItem() { Content = Translate.fmt("acl_allow"), Tag = ProgramSet.Config.AccessLevels.FullAccess }); cmbAccess.Items.Add(new ComboBoxItem() { Content = Translate.fmt("acl_edit"), Tag = ProgramSet.Config.AccessLevels.CustomConfig }); cmbAccess.Items.Add(new ComboBoxItem() { Content = Translate.fmt("acl_lan"), Tag = ProgramSet.Config.AccessLevels.LocalOnly }); cmbAccess.Items.Add(new ComboBoxItem() { Content = Translate.fmt("acl_block"), Tag = ProgramSet.Config.AccessLevels.BlockAccess }); foreach (ComboBoxItem item in cmbAccess.Items) item.Background = GetAccessColor((ProgramSet.Config.AccessLevels)item.Tag); SuspendChange--; Program = prog; DoUpdate(); ProgramID id = prog.Programs.First().Key; if (id.Type == ProgramID.Types.Global || id.Type == ProgramID.Types.System) { btnIDs.IsEnabled = false; //btnCustimize.Visibility = Visibility.Hidden; cmbAccess.Visibility = Visibility.Hidden; //category.Visibility = Visibility.Hidden; } if (id.Type == ProgramID.Types.Global) { chkNotify.Visibility = Visibility.Hidden; } rect.MouseDown += new MouseButtonEventHandler(rect_Click); //name.MouseDown += new MouseButtonEventHandler(rect_Click); name.PreviewMouseDown += new MouseButtonEventHandler(rect_Click); //progGrid.PreviewMouseDown += new MouseButtonEventHandler(rect_Click); icon.MouseDown += new MouseButtonEventHandler(rect_Click); info.MouseDown += new MouseButtonEventHandler(rect_Click); category.PreviewMouseWheel += ctrl_PreviewMouseWheel; //progGrid.PreviewMouseWheel += ctrl_PreviewMouseWheel; }
public bool SplitPrograms(Guid from, ProgramID progID) { ProgramSet from_prog; if (!ProgramSets.TryGetValue(from, out from_prog) || from_prog.IsSpecial()) { return(false); } if (from_prog.Programs.Count == 1) { return(true); // nothing to do } Program prog = null; if (!from_prog.Programs.TryGetValue(progID, out prog)) { return(true); // no found } ProgramSet to_prog = new ProgramSet(prog); // prog.AssignSet taked care of the internal associaltions to_prog.config.Category = from_prog.config.Category; ProgramSets.Add(to_prog.guid, to_prog); App.engine.FirewallManager.EvaluateRules(from_prog); App.engine.FirewallManager.EvaluateRules(to_prog); Changed?.Invoke(this, new ListEvent()); return(true); }
public bool AddProgram(ProgramID progID, Guid guid) { if (Programs.ContainsKey(progID)) { return(false); // already exist } if (guid == Guid.Empty) { AddProgram(progID); } else // add id to existing programSet { ProgramSet progs; if (!ProgramSets.TryGetValue(guid, out progs)) { return(false); } Program prog = new Program(progID); Programs.Add(progID, prog); prog.AssignSet(progs); Changed?.Invoke(this, new ListEvent() { guid = progs.guid }); } return(true); }
public static ProgramID Parse(string Str) { try { ProgramID progID = new ProgramID(); foreach (string token in TextHelpers.SplitStr(Str, "|")) { var IdVal = TextHelpers.Split2(token, "="); if (IdVal.Item1 == "Type") { progID.Type = (Types)Enum.Parse(typeof(Types), IdVal.Item2); } else if (IdVal.Item1 == "Path") { progID.Path = IdVal.Item2; } else if (IdVal.Item1 == "Aux") { progID.Aux = IdVal.Item2; } } return(progID); } catch { return(null); } }
public TrayIcon() { this.components = new Container(); this.contextMenu = new ContextMenu(); // Initialize menuItem1 this.menuBlock = new MenuItem(); this.menuBlock.Index = 0; this.menuBlock.Text = Translate.fmt("mnu_block"); ProgramID id = ProgramID.NewID(ProgramID.Types.Global); ProgramSet prog = App.client.GetProgram(id, true); if (prog == null) { this.menuBlock.Enabled = false; } else { this.menuBlock.Checked = (prog.config.CurAccess == ProgramSet.Config.AccessLevels.BlockAccess); } this.menuBlock.Click += new System.EventHandler(this.menuBlock_Click); // Initialize menuItem1 this.menuExit = new MenuItem(); this.menuExit.Index = 0; this.menuExit.Text = Translate.fmt("mnu_exit"); this.menuExit.Click += new System.EventHandler(this.menuExit_Click); // Initialize contextMenu1 this.contextMenu.MenuItems.AddRange(new MenuItem[] { this.menuBlock, new MenuItem("-"), this.menuExit }); // Create the NotifyIcon. this.notifyIcon = new NotifyIcon(this.components); string exePath = System.Reflection.Assembly.GetExecutingAssembly().Location; // The Icon property sets the icon that will appear // in the systray for this application. //notifyIcon1.Icon = new Icon("wu.ico"); notifyIcon.Icon = System.Drawing.Icon.ExtractAssociatedIcon(exePath); // The ContextMenu property sets the menu that will // appear when the systray icon is right clicked. notifyIcon.ContextMenu = this.contextMenu; // The Text property sets the text that will be displayed, // in a tooltip, when the mouse hovers over the systray icon. notifyIcon.Text = FileVersionInfo.GetVersionInfo(exePath).FileDescription; // Handle the DoubleClick event to activate the form. notifyIcon.DoubleClick += new System.EventHandler(this.notifyIcon1_DoubleClick); notifyIcon.Click += new System.EventHandler(this.notifyIcon1_Click); mTimer.Tick += new EventHandler(OnTimerTick); mTimer.Interval = new TimeSpan(0, 0, 0, 0, 500); mTimer.Start(); }
public Program(ProgramID progID) { //guid = Guid.NewGuid(); ID = progID.Duplicate(); Description = GetDescription(); }
///////////////////////////////////////// // protected byte[] PutProgID(ProgramID value) { if (value == null) { return(new byte[0]); } return(PutStr(value.AsString())); }
protected ProgramID GetProgID(byte[] value) { if (value.Length == 0) { return(null); } return(ProgramID.Parse(GetStr(value))); }
public Program GetProgram(ProgramID progID, bool canAdd = false) { Program prog; if (!Programs.TryGetValue(progID, out prog) && canAdd) { prog = AddProgram(progID); } return(prog); }
public bool SplitPrograms(Guid from, ProgramID id) { List <byte[]> args = new List <byte[]>(); args.Add(PutGuid(from)); args.Add(PutProgID(id)); List <byte[]> ret = RemoteExec("SplitPrograms", args); return(ret != null?GetBool(ret[0]) : false); }
public bool RemoveProgram(Guid guid, ProgramID id = null) { List <byte[]> args = new List <byte[]>(); args.Add(PutGuid(guid)); args.Add(PutProgID(id)); List <byte[]> ret = RemoteExec("RemoveProgram", args); return(ret != null?GetBool(ret[0]) : false); }
public ProgramSet GetProgram(ProgramID id, bool canAdd = false) { List <byte[]> args = new List <byte[]>(); args.Add(PutProgID(id)); args.Add(PutBool(canAdd)); List <byte[]> ret = RemoteExec("GetProgram", args); return(ret != null?GetProgSet(ret[0]) : null); }
public Program GetProgram(ProgramID progID, bool canAdd = false, FuzzyModes fuzzyMode = FuzzyModes.No) { Program prog = GetProgramFuzzy(Programs, progID, fuzzyMode); if (prog == null && canAdd) { prog = AddProgram(progID); } return(prog); }
public void NotifyActivity(Guid guid, Program.LogEntry entry, ProgramID progID, List <String> services = null, bool update = false) { List <byte[]> args = new List <byte[]>(); args.Add(PutGuid(guid)); args.Add(PutLogEntry(entry)); args.Add(PutProgID(progID)); args.Add(PutStrList(services)); args.Add(PutBool(update)); SendPushNotification("ActivityNotification", args); }
public bool Load(XmlNode entryNode) { foreach (XmlNode node in entryNode.ChildNodes) { if (node.Name == "ID") { ProgramID id = new ProgramID(); if (id.Load(node)) { ID = id; } } else if (node.Name == "Description") { Description = node.InnerText; } else if (node.Name == "FwRules") { foreach (XmlNode childNode in node.ChildNodes) { FirewallRuleEx rule = new FirewallRuleEx(); rule.ProgID = ID; if (rule.Load(childNode) && !Rules.ContainsKey(rule.guid)) { Rules.Add(rule.guid, rule); } else { App.LogError("Failed to load Firewall RuleEx {0} in {1}", rule.Name != null ? rule.Name : "[un named]", this.Description); } } } else if (node.Name == "DnsLog") { foreach (XmlNode childNode in node.ChildNodes) { DnsEntry Entry = new DnsEntry(ID); if (Entry.Load(childNode) && !DnsLog.ContainsKey(Entry.HostName)) { DnsLog.Add(Entry.HostName, Entry); } else { App.LogError("Failed to load DnsLog Entry in {0}", this.Description); } } } else { AppLog.Debug("Unknown Program Value, '{0}':{1}", node.Name, node.InnerText); } } return(ID != null); }
public ProgramControl(ProgramSet prog, CategoryModel Categories) { InitializeComponent(); chkNotify.Content = Translate.fmt("lbl_notify"); btnAdd.Content = Translate.fmt("lbl_add"); btnSplit.Content = Translate.fmt("lbl_split"); btnRemove.Content = Translate.fmt("lbl_remove"); progGrid.Columns[1].Header = Translate.fmt("lbl_name"); progGrid.Columns[2].Header = Translate.fmt("lbl_program"); SuspendChange++; progArea.Visibility = Visibility.Collapsed; CatModel = Categories; //category.ItemsSource = CatModel.Categorys; category.ItemsSource = CatModel.GetCategorys(); //mBorderBrush = name.BorderBrush; //name.BorderBrush = Brushes.Transparent; PrepAccessCmb(cmbAccess); SuspendChange--; DoUpdate(prog); ProgramID id = prog.Programs.First().Key; if (id.Type == ProgramID.Types.Global || id.Type == ProgramID.Types.System) { btnIDs.IsEnabled = false; //btnCustimize.Visibility = Visibility.Hidden; cmbAccess.Visibility = Visibility.Hidden; //category.Visibility = Visibility.Hidden; } if (id.Type == ProgramID.Types.Global) { chkNotify.Visibility = Visibility.Hidden; } rect.MouseDown += new MouseButtonEventHandler(rect_Click); //name.MouseDown += new MouseButtonEventHandler(rect_Click); name.PreviewMouseDown += new MouseButtonEventHandler(rect_Click); //progGrid.PreviewMouseDown += new MouseButtonEventHandler(rect_Click); icon.MouseDown += new MouseButtonEventHandler(rect_Click); info.MouseDown += new MouseButtonEventHandler(rect_Click); category.PreviewMouseWheel += ctrl_PreviewMouseWheel; //progGrid.PreviewMouseWheel += ctrl_PreviewMouseWheel; }
public void NotifyActivity(Guid guid, Program.LogEntry entry, ProgramID progID, List <String> services = null, bool update = false) { Priv10Engine.FwEventArgs args = new Priv10Engine.FwEventArgs() { guid = guid, entry = entry, progID = progID, services = services, update = update }; SendPushNotification("ActivityNotification", args); }
public bool RemoveProgram(Guid guid, ProgramID id = null) { ProgramSet progs = null; if (!ProgramSets.TryGetValue(guid, out progs) || progs.IsSpecial()) { return(false); // already gone or can not be removed } List <ProgramID> IDs = new List <ProgramID>(); if (id != null) { IDs.Add(id); } else { IDs = progs.Programs.Keys.ToList(); } foreach (ProgramID progID in IDs) { Program prog; if (!Programs.TryGetValue(progID, out prog)) { continue; // already gone } progs.Programs.Remove(progID); Programs.Remove(progID); foreach (FirewallRule rule in prog.Rules.Values) { App.engine.FirewallManager.RemoveRule(rule.guid); } foreach (NetworkSocket socket in prog.Sockets.Values) { socket.Assigned = false; } } if (progs.Programs.Count == 0) { ProgramSets.Remove(guid); } Changed?.Invoke(this, new ListEvent()); return(true); }
private void UpdateFwMode() { ProgramID id = ProgramID.NewID(ProgramID.Types.Global); ProgramSet prog = App.client.GetProgram(id, true); if (prog == null) { this.menuBlock.Enabled = false; } else { this.menuBlock.Checked = prog.config.CurAccess == ProgramConfig.AccessLevels.BlockAccess; } UpdateMode(); }
private Program AddProgram(ProgramID progID) { Program prog = new Program(progID); Programs.Add(progID, prog); ProgramSet progs = new ProgramSet(prog); ProgramSets.Add(progs.guid, progs); Changed?.Invoke(this, new ListEvent() { guid = progs.guid }); return(prog); }
public Program(ProgramID progID) { //guid = Guid.NewGuid(); ID = progID.Duplicate(); string Name = ""; string Info = null; switch (ID.Type) { case ProgramID.Types.System: Name = Translate.fmt("name_system"); break; case ProgramID.Types.Global: Name = Translate.fmt("name_global"); break; case ProgramID.Types.Program: Name = System.IO.Path.GetFileName(ID.Path); Info = MiscFunc.GetExeDescription(ID.Path); break; case ProgramID.Types.Service: Name = ID.GetServiceId(); Info = ID.GetServiceName(); break; case ProgramID.Types.App: Name = ID.GetPackageName(); var AppPkg = App.engine.FirewallManager.GetAppPkgBySid(ID.GetPackageSID()); Info = AppPkg?.Name; break; } if (Info != null && Info.Length > 0) { Description = Info + " (" + Name + ")"; } else { Description = Name; } }
public static string FormatProgID(ProgramID ProgID) { string Name = ""; string Path = ProgID.Path; switch (ProgID.Type) { case ProgramID.Types.System: Path = MiscFunc.NtOsKrnlPath; break; case ProgramID.Types.Program: break; case ProgramID.Types.Service: Name = ProgID.GetServiceId(); if (Name != null && Name.Length > 0) { Name = Translate.fmt("name_service") + " " + Name; } break; case ProgramID.Types.App: Name = ProgID.GetPackageName(); if (Name != null && Name.Length > 0) { Name = Translate.fmt("name_app") + " " + Name; } break; default: case ProgramID.Types.Global: Name = Translate.fmt("name_global"); break; } if (Name == null || Name.Length == 0) { Name = Path; } else if (Path != null && Path.Length > 0) { Name += " (" + Path + ")"; } return(Name ?? ""); }
public static string GetIcon(ProgramID ProgId) { if (ProgId.Type == ProgramID.Types.App) { var AppPkg = AppModel.GetInstance().GetAppPkgBySid(ProgId.GetPackageSID()); if (AppPkg != null && AppPkg.Logo != null) { return(AppPkg.Logo); } } if (ProgId.Type == ProgramID.Types.Service) // || (ProgId.IsSystem() && ProgId.Path.Length == 0)) { return(SvcIconPath); } return(ProgId.Path); }
private void OnDnsQueryWatched(object sender, DnsQueryWatcher.DnsEvent Event) { foreach (IPAddress remoteAddress in Event.RemoteAddresses) { OnHostName(remoteAddress, Event.HostName, NameSources.CapturedQuery, Event.ProcessId); } List <ServiceHelper.ServiceInfo> Services = ServiceHelper.GetServicesByPID(Event.ProcessId); ProgramID ProgID = App.engine.GetProgIDbyPID(Event.ProcessId, (Services == null || Services.Count > 1) ? null : Services[0].ServiceName); if (ProgID == null) { Priv10Logger.LogWarning("Watched a DNS query '{0}' for a terminated process with id {1}", Event.HostName, Event.ProcessId); } else { Program prog = App.engine.ProgramList.FindProgram(ProgID, true, ProgramID.FuzzyModes.Any); prog?.LogDomain(Event.HostName, Event.TimeStamp); } }
public void SetProgID(ProgramID progID) { ProgID = progID; switch (progID.Type) { case ProgramID.Types.Global: BinaryPath = null; break; case ProgramID.Types.System: BinaryPath = "System"; break; default: if (progID.Path != null && progID.Path.Length > 0) { BinaryPath = progID.Path; } break; } if (progID.Type == ProgramID.Types.App) { AppSID = progID.GetPackageSID(); } else { AppSID = null; } if (progID.Type == ProgramID.Types.Service) { ServiceTag = progID.GetServiceId(); } else { ServiceTag = null; } }
public static T GetProgramFuzzy <T>(SortedDictionary <ProgramID, T> Programs, ProgramID progID, FuzzyModes fuzzyMode) where T : class { T prog = null; if (Programs.TryGetValue(progID, out prog)) { return(prog); } // Only works for services and apps if (!(progID.Type == ProgramID.Types.Service || progID.Type == ProgramID.Types.App)) { return(null); } if ((fuzzyMode & FuzzyModes.Tag) != 0 && progID.Aux.Length > 0) { // first drop path and try to get by serviceTag or application SID ProgramID auxId = ProgramID.New(progID.Type, null, progID.Aux); if (Programs.TryGetValue(auxId, out prog)) { return(prog); } } if ((fuzzyMode & FuzzyModes.Path) != 0 && progID.Path.Length > 0 && (progID.Type == ProgramID.Types.Service || progID.Type == ProgramID.Types.App) && System.IO.Path.GetFileName(progID.Path).Equals("svchost.exe", StringComparison.OrdinalIgnoreCase) == false) // dont use this for svchost.exe { // than try to get an entry by path only ProgramID pathId = ProgramID.New(ProgramID.Types.Program, progID.Path, null); if (Programs.TryGetValue(pathId, out prog)) { return(prog); } } return(null); }
public LogEntry(FirewallEvent Event, ProgramID progID) { guid = Guid.NewGuid(); FwEvent = Event; ProgID = progID; if (NetFunc.IsLocalHost(FwEvent.RemoteAddress)) { Realm = Realms.LocalHost; } else if (NetFunc.IsMultiCast(FwEvent.RemoteAddress)) { Realm = Realms.MultiCast; } else if (FirewallManager.MatchAddress(FwEvent.RemoteAddress, FirewallRule.AddrKeywordLocalSubnet)) { Realm = Realms.LocalArea; } else { Realm = Realms.Internet; } }
public bool Load(XmlNode entryNode) { foreach (XmlNode node in entryNode.ChildNodes) { if (node.Name == "ID") { ProgID = new ProgramID(); ProgID.Load(node); } else if (node.Name == "HostName") { HostName = node.InnerText; } else if (node.Name == "LastSeen") { DateTime.TryParse(node.InnerText, out LastSeen); } else if (node.Name == "SeenCounter") { int.TryParse(node.InnerText, out SeenCounter); } else if (node.Name == "ConCounter") { int.TryParse(node.InnerText, out OldConCounter); } else if (node.Name == "ReceivedBytes") { UInt64.TryParse(node.InnerText, out OldDownload); } else if (node.Name == "SentBytes") { UInt64.TryParse(node.InnerText, out OldUpload); } } return(HostName != null); }