/// <summary>
/// Add item to internal query list (asking user whether to allow this connection request), if there is no block rule available.
/// </summary>
/// <param name="pid"></param>
/// <param name="path"></param>
/// <param name="target"></param>
/// <param name="protocol"></param>
/// <param name="targetPort"></param>
/// <param name="localPort"></param>
///
/// <returns>false if item is blocked and was thus not added to internal query list</returns>
internal bool AddItem(CurrentConn conn)
{
try
{
var sourcePortAsInt = int.Parse(conn.SourcePort);
var existing = Dispatcher.Invoke(() => this.Connections.FirstOrDefault(c => StringComparer.InvariantCultureIgnoreCase.Equals(c.Path, conn.Path) && c.TargetIP == conn.TargetIP && c.TargetPort == conn.TargetPort && (sourcePortAsInt >= IPHelper.GetMaxUserPort() || c.SourcePort == conn.SourcePort) && c.RawProtocol == conn.RawProtocol));
if (existing != null)
{
LogHelper.Debug("Connection matches an already existing connection request.");
if (!existing.LocalPortArray.Contains(sourcePortAsInt))
{
existing.LocalPortArray.Add(sourcePortAsInt);
//Note: Unfortunately, C# doesn't have a simple List that automatically sorts... :(
// TODO: it does with SortedSet. Don't get this comment...
// existing.LocalPortArray.Sort();
existing.SourcePort = IPHelper.MergePorts(existing.LocalPortArray);
}
existing.TentativesCounter++;
}
else
{
ServiceInfoResult svcInfo = null;
if (Settings.Default.EnableServiceDetection)
{
svcInfo = ServiceNameResolver.GetServiceInfo(conn.Pid, conn.FileName);
}
conn.CurrentAppPkgId = ProcessHelper.GetAppPkgId(conn.Pid);
conn.CurrentLocalUserOwner = ProcessHelper.GetLocalUserOwner(conn.Pid);
conn.CurrentService = svcInfo?.DisplayName;
conn.CurrentServiceDesc = svcInfo?.Name;
// Check whether this connection is blocked by a rule.
var blockingRules = FirewallHelper.GetMatchingRules(conn.Path, conn.CurrentAppPkgId, conn.RawProtocol, conn.TargetIP, conn.TargetPort, conn.SourcePort, conn.CurrentServiceDesc, conn.CurrentLocalUserOwner, blockOnly: true, outgoingOnly: true);
if (blockingRules.Any())
{
LogHelper.Info("Connection matches a block-rule!");
LogHelper.Debug($"pid: {Process.GetCurrentProcess().Id} GetMatchingRules: {conn.FileName}, {conn.Protocol}, {conn.TargetIP}, {conn.TargetPort}, {conn.SourcePort}, {svcInfo?.Name}");
return(false);
}
conn.LocalPortArray.Add(sourcePortAsInt);
Dispatcher.Invoke(() => this.Connections.Add(conn));
return(true);
}
}
catch (Exception e)
{
LogHelper.Error("Unable to add the connection to the pool.", e);
}
return(false);
}
public BinaryProtoLookupService(IActorRef connectionPool, IActorRef idGenerator, string serviceUrl, string listenerName, bool useTls, int maxLookupRedirects, TimeSpan operationTimeout)
{
_generator = idGenerator;
_context = Context;
_log = Context.GetLogger();
_useTls = useTls;
_maxLookupRedirects = maxLookupRedirects;
_serviceNameResolver = new PulsarServiceNameResolver(_log);
_listenerName = listenerName;
_operationTimeout = operationTimeout;
_connectionPool = connectionPool;
UpdateServiceUrl(serviceUrl);
Awaiting();
}
public static bool TryCreateFromEventLogEntry <T>(EventLogEntry entry, int index, out T?view) where T : LogEntryViewModel, new()
{
if (entry == null)
{
view = null;
return(false);
}
try
{
//LogHelper.Debug($"Create EntryViewModel entry...");
var pid = uint.Parse(GetReplacementString(entry, 0));
var direction = GetReplacementString(entry, 2) == @"%%14593" ? "Out" : "In";
var protocol = int.Parse(GetReplacementString(entry, 7));
var path = GetReplacementString(entry, 1);
if (path == "-")
{
path = "System";
}
else
{
path = PathResolver.ResolvePath(path);
}
var fileName = System.IO.Path.GetFileName(path);
// try to get the servicename from pid (works only if service is running)
var serviceName = ServiceNameResolver.GetServicName(pid);
var le = new T()
{
Index = index,
Id = entry.Index,
Pid = pid,
CreationTime = entry.TimeGenerated,
Path = (path == "-" ? "System" : path),
FileName = fileName,
ServiceName = serviceName,
SourceIP = GetReplacementString(entry, 3),
SourcePort = GetReplacementString(entry, 4),
TargetIP = GetReplacementString(entry, 5),
TargetPort = GetReplacementString(entry, 6),
RawProtocol = protocol,
Protocol = WFP.Protocol.GetProtocolAsString(protocol),
Direction = direction,
FilterId = GetReplacementString(entry, 8),
Reason = EventLogAsyncReader.GetEventInstanceIdAsString(entry.InstanceId),
Message = entry.Message
};
le.ReasonColor = le.Reason.StartsWith("Block") ? Brushes.OrangeRed : Brushes.Blue;
le.DirectionColor = le.Direction.StartsWith("In") ? Brushes.OrangeRed : Brushes.Black;
view = le;
return(true);
}
catch (Exception ex)
{
LogHelper.Error("Cannot parse eventlog entry: eventID=" + entry.InstanceId.ToString(), ex);
}
view = null;
return(false);
}
