Add support for unidentified/system processes/profiles

2020-04-17 21:52:06 +02:00
parent 10ee7fd7db
commit 033dceab5b
16 changed files with 243 additions and 67 deletions
--- a/firewall/firewall.go
+++ b/firewall/firewall.go
@@ -233,6 +233,7 @@ func initialHandler(conn *network.Connection, pkt packet.Packet) {
 	if ps.isMe {
 		// approve
 		conn.Accept("internally approved")
+		conn.Hidden = true
 		// finish
 		conn.StopFirewallHandler()
 		issueVerdict(conn, pkt, 0, true)
--- a/firewall/master.go
+++ b/firewall/master.go
@@ -50,6 +50,7 @@ func DecideOnConnection(conn *network.Connection, pkt packet.Packet) { //nolint:
 	if conn.Process().Pid == os.Getpid() {
 		log.Infof("filter: granting own connection %s", conn)
 		conn.Verdict = network.VerdictAccept
+		conn.Hidden = true
 		return
 	}

@@ -75,6 +76,7 @@ func DecideOnConnection(conn *network.Connection, pkt packet.Packet) { //nolint:
 					log.Warningf("filter: failed to find load local peer process with PID %d: %s", otherPid, err)
 				} else if otherProcess.Pid == conn.Process().Pid {
 					conn.Accept("connection to self")
+					conn.Hidden = true
 					return
 				}
 			}