diff --git a/src/driver/common/fortconf.h b/src/driver/common/fortconf.h index cac4f4b0..f38fee32 100644 --- a/src/driver/common/fortconf.h +++ b/src/driver/common/fortconf.h @@ -24,18 +24,23 @@ typedef struct fort_conf_flags UINT32 boot_filter : 1; UINT32 filter_enabled : 1; UINT32 filter_locals : 1; + UINT32 stop_traffic : 1; UINT32 stop_inet_traffic : 1; + UINT32 allow_all_new : 1; UINT32 ask_to_connect : 1; UINT32 app_block_all : 1; UINT32 app_allow_all : 1; - UINT32 log_blocked : 1; + UINT32 log_stat : 1; UINT32 log_stat_no_filter : 1; + UINT32 log_blocked : 1; + UINT32 log_allowed_ip : 1; UINT32 log_blocked_ip : 1; UINT32 log_alerted_blocked_ip : 1; + UINT32 group_apply_child : 1; UINT32 group_bits : 16; diff --git a/src/driver/fortstat.c b/src/driver/fortstat.c index ec2f4a8f..64db8f58 100644 --- a/src/driver/fortstat.c +++ b/src/driver/fortstat.c @@ -437,18 +437,19 @@ FORT_API void fort_stat_close(PFORT_STAT stat) FORT_API void fort_stat_log_update(PFORT_STAT stat, BOOL log_stat) { + const UCHAR old_stat_flags = fort_stat_flags_set(stat, FORT_STAT_LOG, log_stat); + + if (log_stat || (old_stat_flags & FORT_STAT_LOG) == 0) + return; + KLOCK_QUEUE_HANDLE lock_queue; KeAcquireInStackQueuedSpinLock(&stat->lock, &lock_queue); - const UCHAR old_stat_flags = fort_stat_flags_set(stat, FORT_STAT_LOG, log_stat); + /* Clear the processes' active list */ + fort_stat_traf_flush(stat, /*proc_count=*/FORT_PROC_COUNT_MAX, /*out=*/NULL); - if (!log_stat && (old_stat_flags & FORT_STAT_LOG) != 0) { - /* Clear the processes' active list */ - fort_stat_traf_flush(stat, /*proc_count=*/FORT_PROC_COUNT_MAX, /*out=*/NULL); - - /* Clear the processes' logged flag */ - tommy_hashdyn_foreach_node(&stat->procs_map, &fort_stat_proc_unlog); - } + /* Clear the processes' logged flag */ + tommy_hashdyn_foreach_node(&stat->procs_map, &fort_stat_proc_unlog); KeReleaseInStackQueuedSpinLock(&lock_queue); } diff --git a/src/ui/conf/firewallconf.cpp b/src/ui/conf/firewallconf.cpp index 72ec562d..13b68c6c 100644 --- a/src/ui/conf/firewallconf.cpp +++ b/src/ui/conf/firewallconf.cpp @@ -16,9 +16,9 @@ FirewallConf::FirewallConf(Settings *settings, QObject *parent) : m_stopInetTraffic(false), m_allowAllNew(false), m_askToConnect(false), - m_logBlocked(false), m_logStat(false), m_logStatNoFilter(false), + m_logBlocked(false), m_logAllowedIp(false), m_logBlockedIp(false), m_logAlertedBlockedIp(false), @@ -70,17 +70,9 @@ void FirewallConf::setAskToConnect(bool askToConnect) m_askToConnect = askToConnect; } -void FirewallConf::setLogBlocked(bool logBlocked) -{ - m_logBlocked = logBlocked; -} - void FirewallConf::setLogStat(bool logStat) { - if (m_logStat != logStat) { - m_logStat = logStat; - emit logStatChanged(); - } + m_logStat = logStat; } void FirewallConf::setLogStatNoFilter(bool logStatNoFilter) @@ -88,6 +80,11 @@ void FirewallConf::setLogStatNoFilter(bool logStatNoFilter) m_logStatNoFilter = logStatNoFilter; } +void FirewallConf::setLogBlocked(bool logBlocked) +{ + m_logBlocked = logBlocked; +} + void FirewallConf::setLogAllowedIp(bool logAllowedIp) { m_logAllowedIp = logAllowedIp; @@ -335,9 +332,9 @@ void FirewallConf::copyFlags(const FirewallConf &o) m_allowAllNew = o.allowAllNew(); m_askToConnect = o.askToConnect(); - m_logBlocked = o.logBlocked(); m_logStat = o.logStat(); m_logStatNoFilter = o.logStatNoFilter(); + m_logBlocked = o.logBlocked(); m_logAllowedIp = o.logAllowedIp(); m_logBlockedIp = o.logBlockedIp(); @@ -383,9 +380,9 @@ QVariant FirewallConf::flagsToVariant() const map["allowAllNew"] = allowAllNew(); map["askToConnect"] = askToConnect(); - map["logBlocked"] = logBlocked(); map["logStat"] = logStat(); map["logStatNoFilter"] = logStatNoFilter(); + map["logBlocked"] = logBlocked(); map["logAllowedIp"] = logAllowedIp(); map["logBlockedIp"] = logBlockedIp(); diff --git a/src/ui/conf/firewallconf.h b/src/ui/conf/firewallconf.h index d61a90ea..226ebbf8 100644 --- a/src/ui/conf/firewallconf.h +++ b/src/ui/conf/firewallconf.h @@ -64,15 +64,15 @@ public: bool askToConnect() const { return m_askToConnect; } void setAskToConnect(bool askToConnect); - bool logBlocked() const { return m_logBlocked; } - void setLogBlocked(bool logBlocked); - bool logStat() const { return m_logStat; } void setLogStat(bool logStat); bool logStatNoFilter() const { return m_logStatNoFilter; } void setLogStatNoFilter(bool logStatNoFilter); + bool logBlocked() const { return m_logBlocked; } + void setLogBlocked(bool logBlocked); + bool logAllowedIp() const { return m_logAllowedIp; } void setLogAllowedIp(bool logAllowedIp); @@ -137,7 +137,6 @@ public: static uint editedFlagsFromVariant(const QVariant &v); signals: - void logStatChanged(); void appGroupsChanged(); public slots: @@ -181,9 +180,9 @@ private: uint m_allowAllNew : 1; uint m_askToConnect : 1; - uint m_logBlocked : 1; uint m_logStat : 1; uint m_logStatNoFilter : 1; + uint m_logBlocked : 1; uint m_logAllowedIp : 1; uint m_logBlockedIp : 1; diff --git a/src/ui/form/opt/pages/applicationspage.cpp b/src/ui/form/opt/pages/applicationspage.cpp index 2730e860..aaecfc9b 100644 --- a/src/ui/form/opt/pages/applicationspage.cpp +++ b/src/ui/form/opt/pages/applicationspage.cpp @@ -560,23 +560,6 @@ void ApplicationsPage::setupGroupLimitBufferSize() }); } -void ApplicationsPage::setupGroupOptionsEnabled() -{ - const auto refreshOptionsEnabled = [&] { - const bool logStat = conf()->logStat(); - - m_cbLogBlocked->setEnabled(logStat); - m_cbLogConn->setEnabled(logStat); - - m_cscLimitIn->setEnabled(logStat); - m_cscLimitOut->setEnabled(logStat); - }; - - refreshOptionsEnabled(); - - connect(conf(), &FirewallConf::logStatChanged, this, refreshOptionsEnabled); -} - void ApplicationsPage::setupBlockApps() { m_blockApps = new AppsColumn(); diff --git a/src/ui/form/opt/pages/applicationspage.h b/src/ui/form/opt/pages/applicationspage.h index c941bd9e..1b4685d2 100644 --- a/src/ui/form/opt/pages/applicationspage.h +++ b/src/ui/form/opt/pages/applicationspage.h @@ -55,7 +55,6 @@ private: void setupGroupLimitLatency(); void setupGroupLimitPacketLoss(); void setupGroupLimitBufferSize(); - void setupGroupOptionsEnabled(); void setupBlockApps(); void setupAllowApps(); void setupSplitter(); diff --git a/src/ui/fortsettings.cpp b/src/ui/fortsettings.cpp index 595240b0..77a7e991 100644 --- a/src/ui/fortsettings.cpp +++ b/src/ui/fortsettings.cpp @@ -313,9 +313,9 @@ void FortSettings::readConfIni(FirewallConf &conf) const conf.setStopInetTraffic(iniBool("stopInetTraffic")); conf.setAllowAllNew(iniBool("allowAllNew", true)); conf.setAskToConnect(iniBool("askToConnect")); - conf.setLogBlocked(iniBool("logBlocked", true)); conf.setLogStat(iniBool("logStat", true)); conf.setLogStatNoFilter(iniBool("logStatNoFilter", true)); + conf.setLogBlocked(iniBool("logBlocked", true)); conf.setLogAllowedIp(iniBool("logAllowedIp", true)); conf.setLogBlockedIp(iniBool("logBlockedIp", true)); conf.setLogAlertedBlockedIp(iniBool("logAlertedBlockedIp")); @@ -355,9 +355,9 @@ void FortSettings::writeConfIni(const FirewallConf &conf) setIniValue("stopInetTraffic", conf.stopInetTraffic()); setIniValue("allowAllNew", conf.allowAllNew()); setIniValue("askToConnect", conf.askToConnect()); - setIniValue("logBlocked", conf.logBlocked()); setIniValue("logStat", conf.logStat()); setIniValue("logStatNoFilter", conf.logStatNoFilter()); + setIniValue("logBlocked", conf.logBlocked()); setIniValue("logAllowedIp", conf.logAllowedIp()); setIniValue("logBlockedIp", conf.logBlockedIp()); setIniValue("logAlertedBlockedIp", conf.logAlertedBlockedIp()); diff --git a/src/ui/util/conf/confutil.cpp b/src/ui/util/conf/confutil.cpp index 851ac3ef..cc5d0a47 100644 --- a/src/ui/util/conf/confutil.cpp +++ b/src/ui/util/conf/confutil.cpp @@ -59,9 +59,9 @@ void writeConfFlags(const FirewallConf &conf, PFORT_CONF_FLAGS confFlags) confFlags->app_block_all = conf.appBlockAll(); confFlags->app_allow_all = conf.appAllowAll(); - confFlags->log_blocked = conf.logBlocked(); - confFlags->log_stat = conf.logStat(); + confFlags->log_stat = true; // always enabled for driver confFlags->log_stat_no_filter = conf.logStatNoFilter(); + confFlags->log_blocked = conf.logBlocked(); confFlags->log_allowed_ip = conf.logAllowedIp(); confFlags->log_blocked_ip = conf.logBlockedIp();