Driver: Always collect traffic statistics

2024-11-15 10:15:07 +00:00 · 2023-05-04 11:18:32 +03:00 · 2023-05-04 11:18:32 +03:00 · 9940f16daa
commit 9940f16daa
parent dd9f7ee2de
8 changed files with 32 additions and 48 deletions
--- a/src/driver/common/fortconf.h
+++ b/src/driver/common/fortconf.h
@ -24,18 +24,23 @@ typedef struct fort_conf_flags
    UINT32 boot_filter : 1;
    UINT32 filter_enabled : 1;
    UINT32 filter_locals : 1;
    UINT32 stop_traffic : 1;
    UINT32 stop_inet_traffic : 1;
    UINT32 allow_all_new : 1;
    UINT32 ask_to_connect : 1;
    UINT32 app_block_all : 1;
    UINT32 app_allow_all : 1;
-    UINT32 log_blocked : 1;
+
    UINT32 log_stat : 1;
    UINT32 log_stat_no_filter : 1;
    UINT32 log_blocked : 1;
    UINT32 log_allowed_ip : 1;
    UINT32 log_blocked_ip : 1;
    UINT32 log_alerted_blocked_ip : 1;
    UINT32 group_apply_child : 1;
    UINT32 group_bits : 16;
--- a/src/driver/fortstat.c
+++ b/src/driver/fortstat.c
@ -437,18 +437,19 @@ FORT_API void fort_stat_close(PFORT_STAT stat)
 FORT_API void fort_stat_log_update(PFORT_STAT stat, BOOL log_stat)
 {
    const UCHAR old_stat_flags = fort_stat_flags_set(stat, FORT_STAT_LOG, log_stat);
    if (log_stat || (old_stat_flags & FORT_STAT_LOG) == 0)
        return;
    KLOCK_QUEUE_HANDLE lock_queue;
    KeAcquireInStackQueuedSpinLock(&stat->lock, &lock_queue);
    const UCHAR old_stat_flags = fort_stat_flags_set(stat, FORT_STAT_LOG, log_stat);
    if (!log_stat && (old_stat_flags & FORT_STAT_LOG) != 0) {
    /* Clear the processes' active list */
    fort_stat_traf_flush(stat, /*proc_count=*/FORT_PROC_COUNT_MAX, /*out=*/NULL);
    /* Clear the processes' logged flag */
    tommy_hashdyn_foreach_node(&stat->procs_map, &fort_stat_proc_unlog);
    }
    KeReleaseInStackQueuedSpinLock(&lock_queue);
 }
--- a/src/ui/conf/firewallconf.cpp
+++ b/src/ui/conf/firewallconf.cpp
@ -16,9 +16,9 @@ FirewallConf::FirewallConf(Settings *settings, QObject *parent) :
    m_stopInetTraffic(false),
    m_allowAllNew(false),
    m_askToConnect(false),
    m_logBlocked(false),
    m_logStat(false),
    m_logStatNoFilter(false),
    m_logBlocked(false),
    m_logAllowedIp(false),
    m_logBlockedIp(false),
    m_logAlertedBlockedIp(false),
@ -70,17 +70,9 @@ void FirewallConf::setAskToConnect(bool askToConnect)
    m_askToConnect = askToConnect;
 }
 void FirewallConf::setLogBlocked(bool logBlocked)
 {
    m_logBlocked = logBlocked;
 }
 void FirewallConf::setLogStat(bool logStat)
 {
    if (m_logStat != logStat) {
    m_logStat = logStat;
        emit logStatChanged();
    }
 }
 void FirewallConf::setLogStatNoFilter(bool logStatNoFilter)
@ -88,6 +80,11 @@ void FirewallConf::setLogStatNoFilter(bool logStatNoFilter)
    m_logStatNoFilter = logStatNoFilter;
 }
 void FirewallConf::setLogBlocked(bool logBlocked)
 {
    m_logBlocked = logBlocked;
 }
 void FirewallConf::setLogAllowedIp(bool logAllowedIp)
 {
    m_logAllowedIp = logAllowedIp;
@ -335,9 +332,9 @@ void FirewallConf::copyFlags(const FirewallConf &o)
    m_allowAllNew = o.allowAllNew();
    m_askToConnect = o.askToConnect();
    m_logBlocked = o.logBlocked();
    m_logStat = o.logStat();
    m_logStatNoFilter = o.logStatNoFilter();
    m_logBlocked = o.logBlocked();
    m_logAllowedIp = o.logAllowedIp();
    m_logBlockedIp = o.logBlockedIp();
@ -383,9 +380,9 @@ QVariant FirewallConf::flagsToVariant() const
    map["allowAllNew"] = allowAllNew();
    map["askToConnect"] = askToConnect();
    map["logBlocked"] = logBlocked();
    map["logStat"] = logStat();
    map["logStatNoFilter"] = logStatNoFilter();
    map["logBlocked"] = logBlocked();
    map["logAllowedIp"] = logAllowedIp();
    map["logBlockedIp"] = logBlockedIp();
--- a/src/ui/conf/firewallconf.h
+++ b/src/ui/conf/firewallconf.h
@ -64,15 +64,15 @@ public:
    bool askToConnect() const { return m_askToConnect; }
    void setAskToConnect(bool askToConnect);
    bool logBlocked() const { return m_logBlocked; }
    void setLogBlocked(bool logBlocked);
    bool logStat() const { return m_logStat; }
    void setLogStat(bool logStat);
    bool logStatNoFilter() const { return m_logStatNoFilter; }
    void setLogStatNoFilter(bool logStatNoFilter);
    bool logBlocked() const { return m_logBlocked; }
    void setLogBlocked(bool logBlocked);
    bool logAllowedIp() const { return m_logAllowedIp; }
    void setLogAllowedIp(bool logAllowedIp);
@ -137,7 +137,6 @@ public:
    static uint editedFlagsFromVariant(const QVariant &v);
 signals:
    void logStatChanged();
    void appGroupsChanged();
 public slots:
@ -181,9 +180,9 @@ private:
    uint m_allowAllNew : 1;
    uint m_askToConnect : 1;
    uint m_logBlocked : 1;
    uint m_logStat : 1;
    uint m_logStatNoFilter : 1;
    uint m_logBlocked : 1;
    uint m_logAllowedIp : 1;
    uint m_logBlockedIp : 1;
--- a/src/ui/form/opt/pages/applicationspage.cpp
+++ b/src/ui/form/opt/pages/applicationspage.cpp
@ -560,23 +560,6 @@ void ApplicationsPage::setupGroupLimitBufferSize()
    });
 }
 void ApplicationsPage::setupGroupOptionsEnabled()
 {
    const auto refreshOptionsEnabled = [&] {
        const bool logStat = conf()->logStat();
        m_cbLogBlocked->setEnabled(logStat);
        m_cbLogConn->setEnabled(logStat);
        m_cscLimitIn->setEnabled(logStat);
        m_cscLimitOut->setEnabled(logStat);
    };
    refreshOptionsEnabled();
    connect(conf(), &FirewallConf::logStatChanged, this, refreshOptionsEnabled);
 }
 void ApplicationsPage::setupBlockApps()
 {
    m_blockApps = new AppsColumn();
--- a/src/ui/form/opt/pages/applicationspage.h
+++ b/src/ui/form/opt/pages/applicationspage.h
@ -55,7 +55,6 @@ private:
    void setupGroupLimitLatency();
    void setupGroupLimitPacketLoss();
    void setupGroupLimitBufferSize();
    void setupGroupOptionsEnabled();
    void setupBlockApps();
    void setupAllowApps();
    void setupSplitter();
--- a/src/ui/fortsettings.cpp
+++ b/src/ui/fortsettings.cpp
@ -313,9 +313,9 @@ void FortSettings::readConfIni(FirewallConf &conf) const
    conf.setStopInetTraffic(iniBool("stopInetTraffic"));
    conf.setAllowAllNew(iniBool("allowAllNew", true));
    conf.setAskToConnect(iniBool("askToConnect"));
    conf.setLogBlocked(iniBool("logBlocked", true));
    conf.setLogStat(iniBool("logStat", true));
    conf.setLogStatNoFilter(iniBool("logStatNoFilter", true));
    conf.setLogBlocked(iniBool("logBlocked", true));
    conf.setLogAllowedIp(iniBool("logAllowedIp", true));
    conf.setLogBlockedIp(iniBool("logBlockedIp", true));
    conf.setLogAlertedBlockedIp(iniBool("logAlertedBlockedIp"));
@ -355,9 +355,9 @@ void FortSettings::writeConfIni(const FirewallConf &conf)
        setIniValue("stopInetTraffic", conf.stopInetTraffic());
        setIniValue("allowAllNew", conf.allowAllNew());
        setIniValue("askToConnect", conf.askToConnect());
        setIniValue("logBlocked", conf.logBlocked());
        setIniValue("logStat", conf.logStat());
        setIniValue("logStatNoFilter", conf.logStatNoFilter());
        setIniValue("logBlocked", conf.logBlocked());
        setIniValue("logAllowedIp", conf.logAllowedIp());
        setIniValue("logBlockedIp", conf.logBlockedIp());
        setIniValue("logAlertedBlockedIp", conf.logAlertedBlockedIp());
--- a/src/ui/util/conf/confutil.cpp
+++ b/src/ui/util/conf/confutil.cpp
@ -59,9 +59,9 @@ void writeConfFlags(const FirewallConf &conf, PFORT_CONF_FLAGS confFlags)
    confFlags->app_block_all = conf.appBlockAll();
    confFlags->app_allow_all = conf.appAllowAll();
-    confFlags->log_blocked = conf.logBlocked();
+    confFlags->log_stat = true; // always enabled for driver
    confFlags->log_stat = conf.logStat();
    confFlags->log_stat_no_filter = conf.logStatNoFilter();
    confFlags->log_blocked = conf.logBlocked();
    confFlags->log_allowed_ip = conf.logAllowedIp();
    confFlags->log_blocked_ip = conf.logBlockedIp();