From c7d81b75a11d897fdfd0212e2454865723f25bd9 Mon Sep 17 00:00:00 2001
From: Thumbscrew <james@intmain.co.uk>
Date: Tue, 5 Nov 2019 20:36:08 +0000
Subject: [PATCH] Created format ps1xml. Needs tweaking some more.

---
 PSWinFW.psd1                        | Bin 8068 -> 8138 bytes
 formats/FirewallEvent.Format.ps1xml |  75 ++++++++++++++++++++++++++++
 public/Get-PSFirewallLog.ps1        |   2 +
 3 files changed, 77 insertions(+)
 create mode 100644 formats/FirewallEvent.Format.ps1xml

diff --git a/PSWinFW.psd1 b/PSWinFW.psd1
index 128309da12abeed4c76b884841024de456cf5a1f..926927d51623d54a2e40b8f41c2c71eb8a3c89be 100644
GIT binary patch
delta 90
zcmZp%KV`q+1pnkS{92ys3~3Dc3`GpN42cXS48;sF3~mgWKz=GiIZz}A2wfS<fV@1Q
ctR7Gfp;nKf0I1%Op#rEkhe3VwSN?u}02%BRk^lez

delta 28
kcmX?Q-(tVv1pnj>Y%G&K_<1H@;g_4-$IG|bOQ3-t0HNm!0{{R3

diff --git a/formats/FirewallEvent.Format.ps1xml b/formats/FirewallEvent.Format.ps1xml
new file mode 100644
index 0000000..223ff5a
--- /dev/null
+++ b/formats/FirewallEvent.Format.ps1xml
@@ -0,0 +1,75 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<Configuration>
+    <ViewDefinitions>
+        <View>
+            <Name>FirewallEvent</Name>
+            <ViewSelectedBy>
+                <TypeName>PSWinFW.Log.Event</TypeName>
+            </ViewSelectedBy>
+            <TableControl>
+                <TableHeaders>
+                    <TableColumnHeader> <!-- Date -->
+                        <Width>10</Width>
+                    </TableColumnHeader>
+                    <TableColumnHeader> <!-- Time -->
+                        <Width>8</Width>
+                    </TableColumnHeader>
+                    <TableColumnHeader> <!-- Action -->
+                        <Width>5</Width>
+                    </TableColumnHeader>
+                    <TableColumnHeader> <!-- Protocol -->
+                        <Width>4</Width>
+                    </TableColumnHeader>
+                    <TableColumnHeader/> <!-- SourceIP -->
+                    <TableColumnHeader/> <!-- Destination IP -->
+                    <TableColumnHeader> <!-- SourcePort -->
+                        <Width>5</Width>
+                    </TableColumnHeader>
+                    <TableColumnHeader> <!-- DestinationPort -->
+                        <Width>5</Width>
+                    </TableColumnHeader>
+                    <TableColumnHeader/> <!-- Size -->
+                    <TableColumnHeader> <!-- Path -->
+                        <Width>7</Width>
+                    </TableColumnHeader>
+                </TableHeaders>
+                <TableRowEntries>
+                    <TableRowEntry>
+                        <TableColumnItems>
+                            <TableColumnItem>
+                                <PropertyName>Date</PropertyName>
+                            </TableColumnItem>
+                            <TableColumnItem>
+                                <PropertyName>Time</PropertyName>
+                            </TableColumnItem>
+                            <TableColumnItem>
+                                <PropertyName>Action</PropertyName>
+                            </TableColumnItem>
+                            <TableColumnItem>
+                                <PropertyName>Protocol</PropertyName>
+                            </TableColumnItem>
+                            <TableColumnItem>
+                                <PropertyName>SourceIP</PropertyName>
+                            </TableColumnItem>
+                            <TableColumnItem>
+                                <PropertyName>DestinationIP</PropertyName>
+                            </TableColumnItem>
+                            <TableColumnItem>
+                                <PropertyName>SourcePort</PropertyName>
+                            </TableColumnItem>
+                            <TableColumnItem>
+                                <PropertyName>DestinationPort</PropertyName>
+                            </TableColumnItem>
+                            <TableColumnItem>
+                                <PropertyName>Size</PropertyName>
+                            </TableColumnItem>
+                            <TableColumnItem>
+                                <PropertyName>Path</PropertyName>
+                            </TableColumnItem>
+                        </TableColumnItems>
+                    </TableRowEntry>
+                </TableRowEntries>
+            </TableControl>
+        </View>
+    </ViewDefinitions>
+</Configuration>
\ No newline at end of file
diff --git a/public/Get-PSFirewallLog.ps1 b/public/Get-PSFirewallLog.ps1
index e55e033..d406ee3 100644
--- a/public/Get-PSFirewallLog.ps1
+++ b/public/Get-PSFirewallLog.ps1
@@ -134,6 +134,8 @@ function Get-PSFirewallLog {
                         $fwEvent | Add-Member NoteProperty -Name $member.Name -Value $split[$member.Value]
                     }
 
+                    $fwEvent.pstypenames.insert(0, 'PSWinFW.Log.Event')
+
                     $fwEvent
                 }
             }