thumbscrw/PSWinFW
1
0
Fork 0
mirror of https://github.com/Thumbscrew/PSWinFW.git synced 2025-01-18 17:45:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8 from Thumbscrew/table-format

Browse Source 
Table format returned by default
This commit is contained in:
James 2019-11-06 19:37:55 +00:00 committed by GitHub
commit 01b2afb1d9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 88 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
PSWinFW.psd1
View File

Binary file not shown.

78
formats/FirewallEvent.Format.ps1xml Normal file
View File

@ -0,0 +1,78 @@
<?xml version="1.0" encoding="utf-8" ?>
<Configuration>
<ViewDefinitions>
<View>
<Name>FirewallEvent</Name>
<ViewSelectedBy>
<TypeName>PSWinFW.Log.Event</TypeName>
</ViewSelectedBy>
<TableControl>
<TableHeaders>
<TableColumnHeader> <!-- Date -->
<Width>10</Width>
</TableColumnHeader>
<TableColumnHeader> <!-- Time -->
<Width>8</Width>
</TableColumnHeader>
<TableColumnHeader> <!-- Action -->
<Width>6</Width>
</TableColumnHeader>
<TableColumnHeader> <!-- Protocol -->
<Label>Prot</Label>
<Width>4</Width>
</TableColumnHeader>
<TableColumnHeader/> <!-- SourceIP -->
<TableColumnHeader/> <!-- Destination IP -->
<TableColumnHeader> <!-- SourcePort -->
<Label>SrcPt</Label>
<Width>5</Width>
</TableColumnHeader>
<TableColumnHeader> <!-- DestinationPort -->
<Label>DstPt</Label>
<Width>5</Width>
</TableColumnHeader>
<TableColumnHeader/> <!-- Size -->
<TableColumnHeader> <!-- Path -->
<Width>7</Width>
</TableColumnHeader>
</TableHeaders>
<TableRowEntries>
<TableRowEntry>
<TableColumnItems>
<TableColumnItem>
<PropertyName>Date</PropertyName>
</TableColumnItem>
<TableColumnItem>
<PropertyName>Time</PropertyName>
</TableColumnItem>
<TableColumnItem>
<PropertyName>Action</PropertyName>
</TableColumnItem>
<TableColumnItem>
<PropertyName>Protocol</PropertyName>
</TableColumnItem>
<TableColumnItem>
<PropertyName>SourceIP</PropertyName>
</TableColumnItem>
<TableColumnItem>
<PropertyName>DestinationIP</PropertyName>
</TableColumnItem>
<TableColumnItem>
<PropertyName>SourcePort</PropertyName>
</TableColumnItem>
<TableColumnItem>
<PropertyName>DestinationPort</PropertyName>
</TableColumnItem>
<TableColumnItem>
<PropertyName>Size</PropertyName>
</TableColumnItem>
<TableColumnItem>
<PropertyName>Path</PropertyName>
</TableColumnItem>
</TableColumnItems>
</TableRowEntry>
</TableRowEntries>
</TableControl>
</View>
</ViewDefinitions>
</Configuration>

51
public/Get-PSFirewallLog.ps1
View File

@ -28,21 +28,6 @@ function Get-PSFirewallLog {
[int]
$Tail = 0,
# Include extended TCP information (TCP Flags, TCP Sequence Number, TCP ACK Number, TCP Window Size). Defaults to false.
[Parameter(Mandatory = $false)]
[switch]
$IncludeTcpInfo,
# Include extended ICMP information (ICMP Type and Code). Defaults to false.
[Parameter(Mandatory = $false)]
[switch]
$IncludeIcmpInfo,
# Include Info field. Defaults to false.
[Parameter(Mandatory = $false)]
[switch]
$IncludeInfo,
# ComputerName to retrieve log from
[Parameter(Mandatory = $false, ParameterSetName = 'remote')]
[string]
@ -96,34 +81,16 @@ function Get-PSFirewallLog {
"SourcePort" = 6
"DestinationPort" = 7
"Size" = 8
"TcpFlags" = 9
"TcpSyn" = 10
"TcpAck" = 11
"TcpWin" = 12
"IcmpType" = 13
"IcmpCode" = 14
"Info" = 15
"Path" = 16
}
if($IncludeTcpInfo) {
$tcpMembers = @{
"TcpFlags" = 9
"TcpSyn" = 10
"TcpAck" = 11
"TcpWin" = 12
}
$members += $tcpMembers
}
if($IncludeIcmpInfo) {
$icmpMembers = @{
"IcmpType" = 13
"IcmpCode" = 14
}
$members += $icmpMembers
}
if($IncludeInfo) {
$members += @{ "Info" = 15 }
}
$members += @{ "Path" = 16 }
$log | ForEach-Object {
$line = $_
$split = $line -split ('\s')
@ -134,6 +101,8 @@ function Get-PSFirewallLog {
$fwEvent | Add-Member NoteProperty -Name $member.Name -Value $split[$member.Value]
}
$fwEvent.pstypenames.insert(0, 'PSWinFW.Log.Event')
$fwEvent
}
}