mirror of
https://github.com/tnodir/fort
synced 2024-11-15 07:45:22 +00:00
Driver: Always collect traffic statistics
This commit is contained in:
parent
dd9f7ee2de
commit
9940f16daa
@ -24,18 +24,23 @@ typedef struct fort_conf_flags
|
||||
UINT32 boot_filter : 1;
|
||||
UINT32 filter_enabled : 1;
|
||||
UINT32 filter_locals : 1;
|
||||
|
||||
UINT32 stop_traffic : 1;
|
||||
UINT32 stop_inet_traffic : 1;
|
||||
|
||||
UINT32 allow_all_new : 1;
|
||||
UINT32 ask_to_connect : 1;
|
||||
UINT32 app_block_all : 1;
|
||||
UINT32 app_allow_all : 1;
|
||||
UINT32 log_blocked : 1;
|
||||
|
||||
UINT32 log_stat : 1;
|
||||
UINT32 log_stat_no_filter : 1;
|
||||
UINT32 log_blocked : 1;
|
||||
|
||||
UINT32 log_allowed_ip : 1;
|
||||
UINT32 log_blocked_ip : 1;
|
||||
UINT32 log_alerted_blocked_ip : 1;
|
||||
|
||||
UINT32 group_apply_child : 1;
|
||||
|
||||
UINT32 group_bits : 16;
|
||||
|
@ -437,18 +437,19 @@ FORT_API void fort_stat_close(PFORT_STAT stat)
|
||||
|
||||
FORT_API void fort_stat_log_update(PFORT_STAT stat, BOOL log_stat)
|
||||
{
|
||||
const UCHAR old_stat_flags = fort_stat_flags_set(stat, FORT_STAT_LOG, log_stat);
|
||||
|
||||
if (log_stat || (old_stat_flags & FORT_STAT_LOG) == 0)
|
||||
return;
|
||||
|
||||
KLOCK_QUEUE_HANDLE lock_queue;
|
||||
KeAcquireInStackQueuedSpinLock(&stat->lock, &lock_queue);
|
||||
|
||||
const UCHAR old_stat_flags = fort_stat_flags_set(stat, FORT_STAT_LOG, log_stat);
|
||||
|
||||
if (!log_stat && (old_stat_flags & FORT_STAT_LOG) != 0) {
|
||||
/* Clear the processes' active list */
|
||||
fort_stat_traf_flush(stat, /*proc_count=*/FORT_PROC_COUNT_MAX, /*out=*/NULL);
|
||||
|
||||
/* Clear the processes' logged flag */
|
||||
tommy_hashdyn_foreach_node(&stat->procs_map, &fort_stat_proc_unlog);
|
||||
}
|
||||
|
||||
KeReleaseInStackQueuedSpinLock(&lock_queue);
|
||||
}
|
||||
|
@ -16,9 +16,9 @@ FirewallConf::FirewallConf(Settings *settings, QObject *parent) :
|
||||
m_stopInetTraffic(false),
|
||||
m_allowAllNew(false),
|
||||
m_askToConnect(false),
|
||||
m_logBlocked(false),
|
||||
m_logStat(false),
|
||||
m_logStatNoFilter(false),
|
||||
m_logBlocked(false),
|
||||
m_logAllowedIp(false),
|
||||
m_logBlockedIp(false),
|
||||
m_logAlertedBlockedIp(false),
|
||||
@ -70,17 +70,9 @@ void FirewallConf::setAskToConnect(bool askToConnect)
|
||||
m_askToConnect = askToConnect;
|
||||
}
|
||||
|
||||
void FirewallConf::setLogBlocked(bool logBlocked)
|
||||
{
|
||||
m_logBlocked = logBlocked;
|
||||
}
|
||||
|
||||
void FirewallConf::setLogStat(bool logStat)
|
||||
{
|
||||
if (m_logStat != logStat) {
|
||||
m_logStat = logStat;
|
||||
emit logStatChanged();
|
||||
}
|
||||
}
|
||||
|
||||
void FirewallConf::setLogStatNoFilter(bool logStatNoFilter)
|
||||
@ -88,6 +80,11 @@ void FirewallConf::setLogStatNoFilter(bool logStatNoFilter)
|
||||
m_logStatNoFilter = logStatNoFilter;
|
||||
}
|
||||
|
||||
void FirewallConf::setLogBlocked(bool logBlocked)
|
||||
{
|
||||
m_logBlocked = logBlocked;
|
||||
}
|
||||
|
||||
void FirewallConf::setLogAllowedIp(bool logAllowedIp)
|
||||
{
|
||||
m_logAllowedIp = logAllowedIp;
|
||||
@ -335,9 +332,9 @@ void FirewallConf::copyFlags(const FirewallConf &o)
|
||||
m_allowAllNew = o.allowAllNew();
|
||||
m_askToConnect = o.askToConnect();
|
||||
|
||||
m_logBlocked = o.logBlocked();
|
||||
m_logStat = o.logStat();
|
||||
m_logStatNoFilter = o.logStatNoFilter();
|
||||
m_logBlocked = o.logBlocked();
|
||||
|
||||
m_logAllowedIp = o.logAllowedIp();
|
||||
m_logBlockedIp = o.logBlockedIp();
|
||||
@ -383,9 +380,9 @@ QVariant FirewallConf::flagsToVariant() const
|
||||
map["allowAllNew"] = allowAllNew();
|
||||
map["askToConnect"] = askToConnect();
|
||||
|
||||
map["logBlocked"] = logBlocked();
|
||||
map["logStat"] = logStat();
|
||||
map["logStatNoFilter"] = logStatNoFilter();
|
||||
map["logBlocked"] = logBlocked();
|
||||
|
||||
map["logAllowedIp"] = logAllowedIp();
|
||||
map["logBlockedIp"] = logBlockedIp();
|
||||
|
@ -64,15 +64,15 @@ public:
|
||||
bool askToConnect() const { return m_askToConnect; }
|
||||
void setAskToConnect(bool askToConnect);
|
||||
|
||||
bool logBlocked() const { return m_logBlocked; }
|
||||
void setLogBlocked(bool logBlocked);
|
||||
|
||||
bool logStat() const { return m_logStat; }
|
||||
void setLogStat(bool logStat);
|
||||
|
||||
bool logStatNoFilter() const { return m_logStatNoFilter; }
|
||||
void setLogStatNoFilter(bool logStatNoFilter);
|
||||
|
||||
bool logBlocked() const { return m_logBlocked; }
|
||||
void setLogBlocked(bool logBlocked);
|
||||
|
||||
bool logAllowedIp() const { return m_logAllowedIp; }
|
||||
void setLogAllowedIp(bool logAllowedIp);
|
||||
|
||||
@ -137,7 +137,6 @@ public:
|
||||
static uint editedFlagsFromVariant(const QVariant &v);
|
||||
|
||||
signals:
|
||||
void logStatChanged();
|
||||
void appGroupsChanged();
|
||||
|
||||
public slots:
|
||||
@ -181,9 +180,9 @@ private:
|
||||
uint m_allowAllNew : 1;
|
||||
uint m_askToConnect : 1;
|
||||
|
||||
uint m_logBlocked : 1;
|
||||
uint m_logStat : 1;
|
||||
uint m_logStatNoFilter : 1;
|
||||
uint m_logBlocked : 1;
|
||||
|
||||
uint m_logAllowedIp : 1;
|
||||
uint m_logBlockedIp : 1;
|
||||
|
@ -560,23 +560,6 @@ void ApplicationsPage::setupGroupLimitBufferSize()
|
||||
});
|
||||
}
|
||||
|
||||
void ApplicationsPage::setupGroupOptionsEnabled()
|
||||
{
|
||||
const auto refreshOptionsEnabled = [&] {
|
||||
const bool logStat = conf()->logStat();
|
||||
|
||||
m_cbLogBlocked->setEnabled(logStat);
|
||||
m_cbLogConn->setEnabled(logStat);
|
||||
|
||||
m_cscLimitIn->setEnabled(logStat);
|
||||
m_cscLimitOut->setEnabled(logStat);
|
||||
};
|
||||
|
||||
refreshOptionsEnabled();
|
||||
|
||||
connect(conf(), &FirewallConf::logStatChanged, this, refreshOptionsEnabled);
|
||||
}
|
||||
|
||||
void ApplicationsPage::setupBlockApps()
|
||||
{
|
||||
m_blockApps = new AppsColumn();
|
||||
|
@ -55,7 +55,6 @@ private:
|
||||
void setupGroupLimitLatency();
|
||||
void setupGroupLimitPacketLoss();
|
||||
void setupGroupLimitBufferSize();
|
||||
void setupGroupOptionsEnabled();
|
||||
void setupBlockApps();
|
||||
void setupAllowApps();
|
||||
void setupSplitter();
|
||||
|
@ -313,9 +313,9 @@ void FortSettings::readConfIni(FirewallConf &conf) const
|
||||
conf.setStopInetTraffic(iniBool("stopInetTraffic"));
|
||||
conf.setAllowAllNew(iniBool("allowAllNew", true));
|
||||
conf.setAskToConnect(iniBool("askToConnect"));
|
||||
conf.setLogBlocked(iniBool("logBlocked", true));
|
||||
conf.setLogStat(iniBool("logStat", true));
|
||||
conf.setLogStatNoFilter(iniBool("logStatNoFilter", true));
|
||||
conf.setLogBlocked(iniBool("logBlocked", true));
|
||||
conf.setLogAllowedIp(iniBool("logAllowedIp", true));
|
||||
conf.setLogBlockedIp(iniBool("logBlockedIp", true));
|
||||
conf.setLogAlertedBlockedIp(iniBool("logAlertedBlockedIp"));
|
||||
@ -355,9 +355,9 @@ void FortSettings::writeConfIni(const FirewallConf &conf)
|
||||
setIniValue("stopInetTraffic", conf.stopInetTraffic());
|
||||
setIniValue("allowAllNew", conf.allowAllNew());
|
||||
setIniValue("askToConnect", conf.askToConnect());
|
||||
setIniValue("logBlocked", conf.logBlocked());
|
||||
setIniValue("logStat", conf.logStat());
|
||||
setIniValue("logStatNoFilter", conf.logStatNoFilter());
|
||||
setIniValue("logBlocked", conf.logBlocked());
|
||||
setIniValue("logAllowedIp", conf.logAllowedIp());
|
||||
setIniValue("logBlockedIp", conf.logBlockedIp());
|
||||
setIniValue("logAlertedBlockedIp", conf.logAlertedBlockedIp());
|
||||
|
@ -59,9 +59,9 @@ void writeConfFlags(const FirewallConf &conf, PFORT_CONF_FLAGS confFlags)
|
||||
confFlags->app_block_all = conf.appBlockAll();
|
||||
confFlags->app_allow_all = conf.appAllowAll();
|
||||
|
||||
confFlags->log_blocked = conf.logBlocked();
|
||||
confFlags->log_stat = conf.logStat();
|
||||
confFlags->log_stat = true; // always enabled for driver
|
||||
confFlags->log_stat_no_filter = conf.logStatNoFilter();
|
||||
confFlags->log_blocked = conf.logBlocked();
|
||||
|
||||
confFlags->log_allowed_ip = conf.logAllowedIp();
|
||||
confFlags->log_blocked_ip = conf.logBlockedIp();
|
||||
|
Loading…
Reference in New Issue
Block a user