EaseFilter Demo Project
GlobalConfig.cs
Go to the documentation of this file.
1 //
3 // (C) Copyright 2011 EaseFilter Technologies Inc.
4 // All Rights Reserved
5 //
6 // This software is part of a licensed software product and may
7 // only be used or copied in accordance with the terms of that license.
8 //
10 
11 using System;
12 using System.Collections.Generic;
13 using System.ComponentModel;
14 using System.Data;
15 using System.Text;
16 using System.Runtime.InteropServices;
17 using System.Security.Principal;
18 using System.IO;
19 using System.Configuration;
20 using System.Collections;
21 using System.Xml;
22 using System.Text.RegularExpressions;
23 using System.Threading;
24 using System.Reflection;
25 
26 namespace EaseFilter.CommonObjects
27 {
28 
29  public class GlobalConfig
30  {
31  static Assembly assembly = System.Reflection.Assembly.GetEntryAssembly();
32  public static string AssemblyPath = Path.GetDirectoryName(assembly.Location);
33 
34  //the message output level. It will output the messages which less than this level.
35  static EventLevel eventLevel = EventLevel.Information;
36  static bool[] selectedDisplayEvents = new bool[] { false, true, true, true, false, false };
37  static EventOutputType eventOutputType = EventOutputType.EventView;
38  //The log file name if outputType is ToFile.
39  static string eventLogFileName = "EventLog.txt";
40  static int maxEventLogFileSize = 4 * 1024 * 1024; //4MB
41  static string eventSource = "EaseFilter";
42  static string eventLogName = "EaseFilter";
43 
44  static uint filterConnectionThreads = 5;
45  static uint connectionTimeOut = 30; //seconds
46  static private Dictionary<string, FilterRule> filterRules = new Dictionary<string, FilterRule>();
47  static List<uint> includePidList = new List<uint>();
48  static List<uint> excludePidList = new List<uint>();
49  static List<uint> protectPidList = new List<uint>();
50  static string includedUsers = string.Empty;
51  static string excludedUsers = string.Empty;
52 
53  static uint requestIORegistration = 0;
54  static uint displayEvents = 0;
55 
56  static uint fileChangedEvents = 0;
57 
58  static string accountName = "guest";
59  static string masterPassword = string.Empty;
60  static string activatedLicense = string.Empty;
61 
62  static int maximumFilterMessages = 500;
63  static string filterMessageLogName = "filterMessage.log";
64  static long filterMessageLogFileSize = 10 * 1024 * 1024;
65  static bool enableLogTransaction = false;
66  static bool outputMessageToConsole = true;
67  static bool enableNotification = true;
68 
69  static string configFileName = ConfigSetting.GetFilePath();
70 
71  //the filter driver will use the default IV to encrypt the new file if it is true.
72  static bool enableDefaultIVKey = false;
73 
74  static uint currentPid = (uint)System.Diagnostics.Process.GetCurrentProcess().Id;
75 
76  public static bool isRunning = true;
77  public static ManualResetEvent stopEvent = new ManualResetEvent(false);
78 
79  public static FilterAPI.FilterType filterType = FilterAPI.FilterType.FILE_SYSTEM_MONITOR;
80 
81  static GlobalConfig()
82  {
83 
84  filterRules.Clear();
85 
86  try
87  {
88  filterRules = ConfigSetting.GetFilterRules();
89  filterConnectionThreads = ConfigSetting.Get("filterConnectionThreads", filterConnectionThreads);
90  requestIORegistration = ConfigSetting.Get("requestIORegistration", requestIORegistration);
91  displayEvents = ConfigSetting.Get("displayEvents", displayEvents);
92  filterMessageLogName = ConfigSetting.Get("filterMessageLogName", filterMessageLogName);
93  filterMessageLogFileSize = ConfigSetting.Get("filterMessageLogFileSize", filterMessageLogFileSize);
94  maximumFilterMessages = ConfigSetting.Get("maximumFilterMessages", maximumFilterMessages);
95  enableLogTransaction = ConfigSetting.Get("enableLogTransaction", enableLogTransaction);
96  activatedLicense = ConfigSetting.Get("activatedLicense", activatedLicense);
97  enableDefaultIVKey = ConfigSetting.Get("enableDefaultIVKey", enableDefaultIVKey);
98  accountName = ConfigSetting.Get("accountName", accountName);
99 
100  outputMessageToConsole = ConfigSetting.Get("outputMessageToConsole", outputMessageToConsole);
101  enableNotification = ConfigSetting.Get("enableNotification", enableNotification);
102  eventLevel = (EventLevel)ConfigSetting.Get("eventLevel",(uint)eventLevel);
103 
104  masterPassword = ConfigSetting.Get("masterPassword", masterPassword);
105  masterPassword = FilterAPI.AESEncryptDecryptStr(masterPassword, FilterAPI.EncryptType.Decryption);
106 
107  includedUsers = ConfigSetting.Get("includedUsers", includedUsers);
108  excludedUsers = ConfigSetting.Get("excludedUsers", excludedUsers);
109 
110  }
111  catch (Exception ex)
112  {
113  EventManager.WriteMessage(176, "LoadConfigSetting", CommonObjects.EventLevel.Error, "Load config file " + configFileName + " failed with error:" + ex.Message);
114  }
115  }
116 
117  public static void Stop()
118  {
119  isRunning = false;
120  stopEvent.Set();
121  EventManager.Stop();
122  }
123 
124  public static bool SaveConfigSetting()
125  {
126  bool ret = true;
127 
128  try
129  {
130  ConfigSetting.Save();
131  SendConfigSettingsToFilter();
132  }
133  catch (Exception ex)
134  {
135  EventManager.WriteMessage(235, "SaveConfigSetting", CommonObjects.EventLevel.Error, "Save config file " + configFileName + " failed with error:" + ex.Message);
136  ret = false;
137  }
138 
139  return ret;
140  }
141 
142  static public string ConfigFilePath
143  {
144  get { return configFileName; }
145  }
146 
147 
148  static public bool IsRunning
149  {
150  get { return isRunning; }
151  }
152 
153  static public ManualResetEvent StopEvent
154  {
155  get { return stopEvent; }
156  }
157 
158  static public bool[] SelectedDisplayEvents
159  {
160  get
161  {
162  return selectedDisplayEvents;
163  }
164  set
165  {
166  selectedDisplayEvents = value;
167  }
168  }
169 
170  static public EventLevel EventLevel
171  {
172  get
173  {
174  return eventLevel;
175  }
176  set
177  {
178  eventLevel = value;
179  ConfigSetting.Set("eventLevel", ((uint)value).ToString());
180  }
181  }
182 
183  static public EventOutputType EventOutputType
184  {
185  get
186  {
187  return eventOutputType;
188  }
189  set
190  {
191  eventOutputType = value;
192  }
193  }
194 
195  static public string EventLogFileName
196  {
197  get
198  {
199  return eventLogFileName;
200  }
201  set
202  {
203  eventLogFileName = value;
204  }
205  }
206 
207  static public int MaxEventLogFileSize
208  {
209  get
210  {
211  return maxEventLogFileSize;
212  }
213  set
214  {
215  maxEventLogFileSize = value;
216  }
217  }
218 
219  static public string EventSource
220  {
221  get
222  {
223  return eventSource;
224  }
225  set
226  {
227  eventSource = value;
228  }
229  }
230 
231 
232  static public string EventLogName
233  {
234  get
235  {
236  return eventLogName;
237  }
238  set
239  {
240  eventLogName = value;
241  }
242  }
243 
244 
245  public static uint FilterConnectionThreads
246  {
247  get { return filterConnectionThreads; }
248  set
249  {
250  filterConnectionThreads = value;
251  ConfigSetting.Set("filterConnectionThreads", value.ToString());
252  }
253  }
254 
255  public static uint RequestIORegistration
256  {
257  get { return requestIORegistration; }
258  set
259  {
260  requestIORegistration = value;
261  ConfigSetting.Set("requestIORegistration", value.ToString());
262  }
263  }
264 
265  public static uint DisplayEvents
266  {
267  get { return displayEvents; }
268  set
269  {
270  displayEvents = value;
271  ConfigSetting.Set("displayEvents", value.ToString());
272  }
273  }
274 
275  public static string FilterMessageLogName
276  {
277  get { return filterMessageLogName; }
278  set
279  {
280  filterMessageLogName = value;
281  ConfigSetting.Set("filterMessageLogName", value.ToString());
282  }
283  }
284 
285  public static long FilterMessageLogFileSize
286  {
287  get { return filterMessageLogFileSize; }
288  set
289  {
290  filterMessageLogFileSize = value;
291  ConfigSetting.Set("filterMessageLogFileSize", value.ToString());
292  }
293  }
294 
295  public static int MaximumFilterMessages
296  {
297  get { return maximumFilterMessages; }
298  set
299  {
300  maximumFilterMessages = value;
301  ConfigSetting.Set("maximumFilterMessages", value.ToString());
302  }
303  }
304 
305  public static bool EnableLogTransaction
306  {
307  get { return enableLogTransaction; }
308  set
309  {
310  enableLogTransaction = value;
311  ConfigSetting.Set("enableLogTransaction", value.ToString());
312  }
313  }
314 
315  public static bool OutputMessageToConsole
316  {
317  get { return outputMessageToConsole; }
318  set
319  {
320  outputMessageToConsole = value;
321  ConfigSetting.Set("outputMessageToConsole", value.ToString());
322  }
323  }
324 
325  public static bool EnableNotification
326  {
327  get { return enableNotification; }
328  set
329  {
330  enableNotification = value;
331  ConfigSetting.Set("enableNotification", value.ToString());
332  }
333  }
334 
335  public static List<uint> IncludePidList
336  {
337  get { return includePidList; }
338  set { includePidList = value; }
339  }
340 
341  public static List<uint> ExcludePidList
342  {
343  get { return excludePidList; }
344  set { excludePidList = value; }
345  }
346 
347  public static List<uint> ProtectPidList
348  {
349  get { return protectPidList; }
350  set { protectPidList = value; }
351  }
352 
353 
354  public static uint ConnectionTimeOut
355  {
356  get { return connectionTimeOut; }
357  set
358  {
359  connectionTimeOut = value;
360  ConfigSetting.Set("connectionTimeOut", value.ToString());
361  }
362  }
363 
364  public static string ActivatedLisense
365  {
366  get { return activatedLicense; }
367  set
368  {
369  activatedLicense = value;
370  ConfigSetting.Set("activatedLicense", value.ToString());
371  }
372  }
373 
374  public static bool EnableDefaultIVKey
375  {
376  get { return enableDefaultIVKey; }
377  set
378  {
379  enableDefaultIVKey = value;
380  ConfigSetting.Set("enableDefaultIVKey", value.ToString());
381  }
382  }
383 
384  public static string AccountName
385  {
386  get { return accountName; }
387  set
388  {
389  accountName = value;
390  ConfigSetting.Set("accountName", value.ToString());
391  }
392  }
393 
394 
395  public static string MasterPassword
396  {
397  get
398  {
399  return masterPassword;
400  }
401  set
402  {
403  masterPassword = value;
404  string encryptedPassword = FilterAPI.AESEncryptDecryptStr(value.ToString(), FilterAPI.EncryptType.Encryption);
405  ConfigSetting.Set("masterPassword", encryptedPassword);
406  }
407  }
408 
409  public static string IncludedUsers
410  {
411  get { return includedUsers; }
412  set
413  {
414  includedUsers = value;
415  ConfigSetting.Set("includedUsers", value.ToString());
416  }
417  }
418 
419  public static string ExcludedUsers
420  {
421  get { return excludedUsers; }
422  set
423  {
424  excludedUsers = value;
425  ConfigSetting.Set("excludedUsers", value.ToString());
426  }
427  }
428 
429  public static bool AddFilterRule( FilterRule newRule)
430  {
431  if (filterRules.ContainsKey(newRule.IncludeFileFilterMask))
432  {
433  //the exist filter rule already there,remove it
434  filterRules.Remove(newRule.IncludeFileFilterMask);
435  ConfigSetting.RemoveFilterRule(newRule.IncludeFileFilterMask);
436  }
437 
438  filterRules.Add(newRule.IncludeFileFilterMask, newRule);
439 
440  ConfigSetting.AddFilterRule(newRule);
441 
442  return true;
443  }
444 
445  public static void RemoveFilterRule(string includeFilterMask)
446  {
447  if (filterRules.ContainsKey(includeFilterMask))
448  {
449  filterRules.Remove(includeFilterMask);
450  ConfigSetting.RemoveFilterRule(includeFilterMask);
451  }
452 
453  }
454 
455  public static bool IsFilterRuleExist(string includeFilterMask)
456  {
457  if (filterRules.ContainsKey(includeFilterMask))
458  {
459  return true;
460  }
461 
462  return false;
463  }
464 
465  public static Dictionary<string, FilterRule> FilterRules
466  {
467  get { return filterRules; }
468  }
469 
470  public static void SendConfigSettingsToFilter()
471  {
472  try
473  {
474  if (!FilterAPI.IsFilterStarted)
475  {
476  return;
477  }
478 
479  FilterAPI.ResetConfigData();
480 
481  FilterAPI.SetConnectionTimeout(connectionTimeOut);
482 
483  if (!FilterAPI.SetFilterType((uint)filterType))
484  {
485  EventManager.WriteMessage(443, "SetFilterType", CommonObjects.EventLevel.Error, "SetFilterType " + filterType.ToString() + " failed:" + FilterAPI.GetLastErrorMessage());
486  }
487  else
488  {
489  EventManager.WriteMessage(447, "SetFilterType", CommonObjects.EventLevel.Information, "SetFilterType " + filterType.ToString() + " succeeded.");
490  }
491 
492  //if you want the filter driver to use the devault IV key, you need to set this setting:
493  if (enableDefaultIVKey)
494  {
495  uint boolConfig = (uint)FilterAPI.BooleanConfig.ENABLE_DEFAULT_IV_TAG;
496  FilterAPI.SetBooleanConfig(boolConfig);
497  }
498 
499  foreach (FilterRule filterRule in filterRules.Values)
500  {
501  //add filter rule to filter driver here, the filter rule is unique with the include file filter mask.
502  //you can't have the mutiple filter rules with the same include file filter mask,if there are the same
503  //one exist, the new one with accessFlag will overwrite the old accessFlag.
504  if (!FilterAPI.AddNewFilterRule((uint)filterRule.AccessFlag, filterRule.IncludeFileFilterMask))
505  {
506  EventManager.WriteMessage(456, "SendFilterRule", CommonObjects.EventLevel.Error, "Send filter rule failed:" + FilterAPI.GetLastErrorMessage());
507  }
508  else
509  {
510  EventManager.WriteMessage(460, "SendFilterRule", CommonObjects.EventLevel.Information, "Send filter rule:" + filterRule.IncludeFileFilterMask);
511  }
512 
513  if (!FilterAPI.RegisterEventTypeToFilterRule(filterRule.IncludeFileFilterMask,(uint)filterRule.EventType))
514  {
515  EventManager.WriteMessage(478, "SendFilterRule", CommonObjects.EventLevel.Error, "Register event type:" + (FilterAPI.EVENTTYPE)filterRule.EventType +" failed:" + FilterAPI.GetLastErrorMessage());
516  }
517  else
518  {
519  EventManager.WriteMessage(482, "SendFilterRule", CommonObjects.EventLevel.Information, "Register event type:" + (FilterAPI.EVENTTYPE)filterRule.EventType +" succeed.");
520  }
521 
522  if (!FilterAPI.RegisterMoinitorIOToFilterRule(filterRule.IncludeFileFilterMask, filterRule.MonitorIO))
523  {
524  EventManager.WriteMessage(499, "SendFilterRule", CommonObjects.EventLevel.Error, "Register monitor IO:" + filterRule.MonitorIO + " failed:" + FilterAPI.GetLastErrorMessage());
525  }
526  else
527  {
528  EventManager.WriteMessage(503, "SendFilterRule", CommonObjects.EventLevel.Information, "Register monitor IO:" + filterRule.MonitorIO + " succeed.");
529  }
530 
531  if (!FilterAPI.RegisterControlIOToFilterRule(filterRule.IncludeFileFilterMask, filterRule.ControlIO))
532  {
533  EventManager.WriteMessage(508, "SendFilterRule", CommonObjects.EventLevel.Error, "Register control IO:" + filterRule.ControlIO + " failed:" + FilterAPI.GetLastErrorMessage());
534  }
535  else
536  {
537  EventManager.WriteMessage(512, "SendFilterRule", CommonObjects.EventLevel.Information, "Register control IO:" + filterRule.ControlIO + " succeed.");
538  }
539 
540  //every filter rule can have multiple exclude file filter masks, you can exclude the files
541  //which matches the exclude filter mask.
542  string[] excludeFilterMasks = filterRule.ExcludeFileFilterMasks.Split(new char[] { ';' });
543  if (excludeFilterMasks.Length > 0)
544  {
545  foreach (string excludeFilterMask in excludeFilterMasks)
546  {
547  if (excludeFilterMask.Trim().Length > 0)
548  {
549  if (!FilterAPI.AddExcludeFileMaskToFilterRule(filterRule.IncludeFileFilterMask, excludeFilterMask.Trim()))
550  {
551  EventManager.WriteMessage(496, "AddExcludeFileMaskToFilterRule", CommonObjects.EventLevel.Error, "AddExcludeFileMaskToFilterRule " + excludeFilterMask + " failed:" + FilterAPI.GetLastErrorMessage());
552  }
553  else
554  {
555  EventManager.WriteMessage(500, "AddExcludeFileMaskToFilterRule", CommonObjects.EventLevel.Information, "AddExcludeFileMaskToFilterRule " + excludeFilterMask + " succeeded.");
556  }
557  }
558  }
559 
560  }
561 
562  byte[] encryptionKey = null;
563  uint encryptionKeyLength = 0;
564 
565  //you can enable the encryption per filter rule, set the FILE_ENCRYPTION_RULE to accessFlag, and add encryption key to the filter rule too.
566  if ((filterRule.AccessFlag & (uint)FilterAPI.AccessFlag.FILE_ENCRYPTION_RULE) > 0 && filterRule.EncryptionPassPhrase.Length > 0)
567  {
568  encryptionKey = Utils.GetKeyByPassPhrase(filterRule.EncryptionPassPhrase);
569  encryptionKeyLength = (uint)encryptionKey.Length;
570 
571  if (!FilterAPI.AddEncryptionKeyToFilterRule(filterRule.IncludeFileFilterMask, encryptionKeyLength, encryptionKey))
572  {
573  EventManager.WriteMessage(482, "AddEncryptionKeyToFilterRule", CommonObjects.EventLevel.Error, "AddEncryptionKeyToFilterRule " + filterRule.IncludeFileFilterMask + " failed:" + FilterAPI.GetLastErrorMessage());
574  }
575  else
576  {
577  EventManager.WriteMessage(482, "AddEncryptionKeyToFilterRule", CommonObjects.EventLevel.Information, "AddEncryptionKeyToFilterRule succeeded.");
578  }
579 
580 
581  }
582 
583 
584  string[] includeProcessNames = filterRule.IncludeProcessNames.Split(new char[] { ';' });
585  if (includeProcessNames.Length > 0)
586  {
587  foreach (string includeProcessName in includeProcessNames)
588  {
589  if (includeProcessName.Trim().Length > 0)
590  {
591  if (!FilterAPI.AddIncludeProcessNameToFilterRule(filterRule.IncludeFileFilterMask, includeProcessName.Trim()))
592  {
593  EventManager.WriteMessage(536, "AddIncludeProcessNameToFilterRule", CommonObjects.EventLevel.Error, "AddIncludeProcessNameToFilterRule " + includeProcessName + " failed:" + FilterAPI.GetLastErrorMessage());
594  }
595  else
596  {
597  EventManager.WriteMessage(540, "AddIncludeProcessNameToFilterRule", CommonObjects.EventLevel.Information, "AddIncludeProcessNameToFilterRule " + includeProcessName + " succeeded.");
598  }
599  }
600  }
601 
602  }
603 
604  string[] excludeProcessNames = filterRule.ExcludeProcessNames.Split(new char[] { ';' });
605  if (excludeProcessNames.Length > 0)
606  {
607  foreach (string excludeProcessName in excludeProcessNames)
608  {
609  if (excludeProcessName.Trim().Length > 0)
610  {
611  if (!FilterAPI.AddExcludeProcessNameToFilterRule(filterRule.IncludeFileFilterMask, excludeProcessName.Trim()))
612  {
613  EventManager.WriteMessage(556, "AddExcludeProcessNameToFilterRule", CommonObjects.EventLevel.Error, "AddExcludeProcessNameToFilterRule " + excludeProcessName + " failed:" + FilterAPI.GetLastErrorMessage());
614  }
615  else
616  {
617  EventManager.WriteMessage(560, "AddExcludeProcessNameToFilterRule", CommonObjects.EventLevel.Information, "AddExcludeProcessNameToFilterRule " + excludeProcessName + " succeeded.");
618  }
619  }
620  }
621 
622  }
623 
624  //set include process list for this filter rule.
625  string[] includePidListInFilterRule = filterRule.IncludeProcessIds.Split(new char[] { ';' });
626  if (includePidListInFilterRule.Length > 0)
627  {
628  foreach (string inPidstr in includePidListInFilterRule)
629  {
630  if (inPidstr.Trim().Length > 0)
631  {
632  uint inPid = uint.Parse(inPidstr.Trim());
633  if (!FilterAPI.AddIncludeProcessIdToFilterRule(filterRule.IncludeFileFilterMask, inPid))
634  {
635  EventManager.WriteMessage(523, "AddIncludeProcessIdToFilterRule", CommonObjects.EventLevel.Error, "AddIncludeProcessIdToFilterRule " + filterRule.IncludeFileFilterMask + " PID:" + inPidstr + " failed:" + FilterAPI.GetLastErrorMessage());
636  }
637  else
638  {
639  EventManager.WriteMessage(527, "AddIncludeProcessIdToFilterRule", CommonObjects.EventLevel.Information, "AddIncludeProcessIdToFilterRule " + filterRule.IncludeFileFilterMask + " PID:" + inPidstr + " succeeded.");
640  }
641  }
642  }
643 
644  }
645 
646  //set exclude process list for this filter rule.
647  string[] excludePidListInFilterRule = filterRule.ExcludeProcessIds.Split(new char[] { ';' });
648  if (excludePidListInFilterRule.Length > 0)
649  {
650  foreach (string exPidstr in excludePidListInFilterRule)
651  {
652  if (exPidstr.Trim().Length > 0)
653  {
654  uint exPid = uint.Parse(exPidstr.Trim());
655  if (!FilterAPI.AddExcludeProcessIdToFilterRule(filterRule.IncludeFileFilterMask, exPid))
656  {
657  EventManager.WriteMessage(545, "AddExcludeProcessIdToFilterRule", CommonObjects.EventLevel.Error, "AddExcludeProcessIdToFilterRule " + filterRule.IncludeFileFilterMask + " PID:" + exPidstr + " failed:" + FilterAPI.GetLastErrorMessage());
658  }
659  else
660  {
661  EventManager.WriteMessage(549, "AddExcludeProcessIdToFilterRule", CommonObjects.EventLevel.Information, "AddExcludeProcessIdToFilterRule " + filterRule.IncludeFileFilterMask + " PID:" + exPidstr + " succeeded.");
662  }
663  }
664 
665  }
666  }
667 
668 
669  string[] includeUserNames = filterRule.IncludeUserNames.Split(new char[] { ';' });
670  if (includeUserNames.Length > 0)
671  {
672  foreach (string includeUserName in includeUserNames)
673  {
674  if (includeUserName.Trim().Length > 0)
675  {
676  if (!FilterAPI.AddIncludeUserNameToFilterRule(filterRule.IncludeFileFilterMask, includeUserName.Trim()))
677  {
678  EventManager.WriteMessage(536, "AddIncludeUserNameToFilterRule", CommonObjects.EventLevel.Error, "AddIncludeUserNameToFilterRule " + includeUserName + " failed:" + FilterAPI.GetLastErrorMessage());
679  }
680  else
681  {
682  EventManager.WriteMessage(540, "AddIncludeUserNameToFilterRule", CommonObjects.EventLevel.Information, "AddIncludeUserNameToFilterRule " + includeUserName + " succeeded.");
683  }
684  }
685  }
686 
687  }
688 
689  string[] excludeUserNames = filterRule.ExcludeUserNames.Split(new char[] { ';' });
690  if (excludeUserNames.Length > 0)
691  {
692  foreach (string excludeUserName in excludeUserNames)
693  {
694  if (excludeUserName.Trim().Length > 0)
695  {
696  if (!FilterAPI.AddExcludeUserNameToFilterRule(filterRule.IncludeFileFilterMask, excludeUserName.Trim()))
697  {
698  EventManager.WriteMessage(556, "AddExcludeUserNameToFilterRule", CommonObjects.EventLevel.Error, "AddExcludeUserNameToFilterRule " + excludeUserName + " failed:" + FilterAPI.GetLastErrorMessage());
699  }
700  else
701  {
702  EventManager.WriteMessage(560, "AddExcludeUserNameToFilterRule", CommonObjects.EventLevel.Information, "AddExcludeUserNameToFilterRule " + excludeUserName + " succeeded.");
703  }
704  }
705  }
706 
707  }
708 
709  //every filter rule can have multiple exclude file filter masks, you can exclude the files
710  //which matches the exclude filter mask.
711  string[] hiddenFileFilterMasks = filterRule.HiddenFileFilterMasks.Split(new char[] { ';' });
712  if (hiddenFileFilterMasks.Length > 0)
713  {
714  foreach (string hiddenFilterMask in hiddenFileFilterMasks)
715  {
716  if (hiddenFilterMask.Trim().Length > 0)
717  {
718  if (!FilterAPI.AddHiddenFileMaskToFilterRule(filterRule.IncludeFileFilterMask, hiddenFilterMask.Trim()))
719  {
720  EventManager.WriteMessage(567, "AddHiddenFileMaskToFilterRule", CommonObjects.EventLevel.Error, "AddHiddenFileMaskToFilterRule " + filterRule.IncludeFileFilterMask + " hiddenFilterMask:" + hiddenFilterMask + " failed:" + FilterAPI.GetLastErrorMessage());
721  }
722  else
723  {
724  EventManager.WriteMessage(567, "AddHiddenFileMaskToFilterRule", CommonObjects.EventLevel.Information, "AddHiddenFileMaskToFilterRule " + filterRule.IncludeFileFilterMask + " hiddenFilterMask:" + hiddenFilterMask + " succeeded.");
725  }
726  }
727  }
728 
729  }
730  }
731 
732 
733 
734  //below is the global setting.
735 
736  //if you send the include process Id to filter driver, then only the include processes can
737  //apply to the filter rules, all other processes will be skipped.
738  foreach (uint includedPid in includePidList)
739  {
740  FilterAPI.AddIncludedProcessId(includedPid);
741  }
742 
743  //if the exclude process list is not empty, all process in this list will be skipped by filter driver.
744  foreach (uint excludedPid in excludePidList)
745  {
746  FilterAPI.AddExcludedProcessId(excludedPid);
747  }
748 
749  FilterAPI.RegisterIoRequest(requestIORegistration);
750 
751  foreach (uint protectPid in protectPidList)
752  {
753  FilterAPI.AddProtectedProcessId(protectPid);
754  }
755  }
756  catch (Exception ex)
757  {
758  EventManager.WriteMessage(502, "SendConfigSettingsToFilter", CommonObjects.EventLevel.Error, "Send config settings to filter failed with error " + ex.Message);
759  }
760  }
761  }
762 }
EaseFilter.CommonObjects.GlobalConfig.AddFilterRule
static bool AddFilterRule(FilterRule newRule)
Definition: GlobalConfig.cs:429
EaseFilter.CommonObjects.GlobalConfig.RemoveFilterRule
static void RemoveFilterRule(string includeFilterMask)
Definition: GlobalConfig.cs:445
encryptionKeyLength
ULONG encryptionKeyLength
Definition: FilterAPI.h:561
encryptionKey
ULONG PUCHAR encryptionKey
Definition: FilterAPI.h:561
EaseFilter.CommonObjects.ConfigSetting.RemoveFilterRule
static void RemoveFilterRule(string includeFilterMask)
Definition: ConfigSetting.cs:72
EaseFilter.CommonObjects.FilterRule.EventType
uint EventType
The register the file I/O events
Definition: FilterRuleSection.cs:188
EaseFilter.CommonObjects.ConfigSetting.AddFilterRule
static void AddFilterRule(FilterRule filterRule)
Definition: ConfigSetting.cs:64
EaseFilter.CommonObjects.GlobalConfig.IsFilterRuleExist
static bool IsFilterRuleExist(string includeFilterMask)
Definition: GlobalConfig.cs:455
EaseFilter.CommonObjects.FilterRule.ControlIO
uint ControlIO
register control I/O requests, the filter driver will block and wait for the response.
Definition: FilterRuleSection.cs:208
EaseFilter.CommonObjects.ConfigSetting.GetFilterRules
static Dictionary< string, FilterRule > GetFilterRules()
Definition: ConfigSetting.cs:52
EaseFilter.CommonObjects.ConfigSetting.Set
static void Set(string name, string value)
Definition: ConfigSetting.cs:268
EaseFilter.CommonObjects.Utils.GetKeyByPassPhrase
static byte [] GetKeyByPassPhrase(string pwStr)
Generate 32 bytes key array by pass phrase string
Definition: Utils.cs:207
EaseFilter.CommonObjects.FilterRule.MonitorIO
uint MonitorIO
register monitor I/O requests
Definition: FilterRuleSection.cs:198
EaseFilter.CommonObjects.ConfigSetting.Get
static bool Get(string name, bool value)
Definition: ConfigSetting.cs:84

Social Network


Services Overview

Architect, implement and test file system filter drivers for a wide range of functionality. We can offer several levels of assistance to meet your specific.

Contact Us

You are welcome to contact us for salse or partnership.

Sales: sales@easefilter.com
Support: support@easefilter.com
Info: info@easefilter.com

© Copyright EaseFilter Inc..