From 1f2f0e521327d0ca55e231306b0f16de4451077e Mon Sep 17 00:00:00 2001 From: Vladimir Stoilov Date: Sat, 20 Jan 2024 14:50:52 +0200 Subject: [PATCH] Add support for the new kext --- firewall/interception/interception_windows.go | 27 ++- .../windowskext2/bandwidth_stats.go | 132 +++++++++++++ firewall/interception/windowskext2/doc.go | 4 + firewall/interception/windowskext2/handler.go | 181 ++++++++++++++++++ firewall/interception/windowskext2/kext.go | 156 +++++++++++++++ firewall/interception/windowskext2/packet.go | 110 +++++++++++ firewall/interception/windowskext2/service.go | 154 +++++++++++++++ go.mod | 1 + go.sum | 2 + network/connection.go | 1 + 10 files changed, 765 insertions(+), 3 deletions(-) create mode 100644 firewall/interception/windowskext2/bandwidth_stats.go create mode 100644 firewall/interception/windowskext2/doc.go create mode 100644 firewall/interception/windowskext2/handler.go create mode 100644 firewall/interception/windowskext2/kext.go create mode 100644 firewall/interception/windowskext2/packet.go create mode 100644 firewall/interception/windowskext2/service.go diff --git a/firewall/interception/interception_windows.go b/firewall/interception/interception_windows.go index 069f5c01..8deeecdb 100644 --- a/firewall/interception/interception_windows.go +++ b/firewall/interception/interception_windows.go @@ -5,7 +5,7 @@ import ( "fmt" "time" - "github.com/safing/portmaster/firewall/interception/windowskext" + "github.com/safing/portmaster/firewall/interception/windowskext2" "github.com/safing/portmaster/network" "github.com/safing/portmaster/network/packet" "github.com/safing/portmaster/updates" @@ -35,8 +35,29 @@ func startInterception(packets chan packet.Packet) error { }) // Start bandwidth stats monitor. - module.StartServiceWorker("kext bandwidth stats monitor", 0, func(ctx context.Context) error { - return windowskext.BandwidthStatsWorker(ctx, 1*time.Second, BandwidthUpdates) + // module.StartServiceWorker("kext bandwidth stats monitor", 0, func(ctx context.Context) error { + // return windowskext.BandwidthStatsWorker(ctx, 1*time.Second, BandwidthUpdates) + // }) + + // Start kext logging. The worker will periodically send request to the kext to send logs. + module.StartServiceWorker("kext log request worker", 0, func(ctx context.Context) error { + timer := time.NewTimer(time.Second) + for { + select { + case <-timer.C: + { + err := windowskext.SendLogRequest() + if err != nil { + return err + } + } + case <-ctx.Done(): + { + return nil + } + } + + } }) return nil diff --git a/firewall/interception/windowskext2/bandwidth_stats.go b/firewall/interception/windowskext2/bandwidth_stats.go new file mode 100644 index 00000000..2a1bddc0 --- /dev/null +++ b/firewall/interception/windowskext2/bandwidth_stats.go @@ -0,0 +1,132 @@ +//go:build windows +// +build windows + +package windowskext + +// This file contains example code how to read bandwidth stats from the kext. Its not ment to be used in production. + +import ( + "context" + "time" + + "github.com/safing/portbase/log" + "github.com/safing/portmaster/network/packet" +) + +type Rxtxdata struct { + rx uint64 + tx uint64 +} + +type Key struct { + localIP [4]uint32 + remoteIP [4]uint32 + localPort uint16 + remotePort uint16 + ipv6 bool + protocol uint8 +} + +var m = make(map[Key]Rxtxdata) + +func BandwidthStatsWorker(ctx context.Context, collectInterval time.Duration, bandwidthUpdates chan *packet.BandwidthUpdate) error { + // Setup ticker. + ticker := time.NewTicker(collectInterval) + defer ticker.Stop() + + // Collect bandwidth at every tick. + for { + select { + case <-ticker.C: + err := reportBandwidth(ctx, bandwidthUpdates) + if err != nil { + return err + } + case <-ctx.Done(): + return nil + } + } +} + +func reportBandwidth(ctx context.Context, bandwidthUpdates chan *packet.BandwidthUpdate) error { + stats, err := GetConnectionsStats() + if err != nil { + return err + } + + // Report all statistics. + for i, stat := range stats { + connID := packet.CreateConnectionID( + packet.IPProtocol(stat.protocol), + convertArrayToIP(stat.localIP, stat.ipV6 == 1), stat.localPort, + convertArrayToIP(stat.remoteIP, stat.ipV6 == 1), stat.remotePort, + false, + ) + update := &packet.BandwidthUpdate{ + ConnID: connID, + BytesReceived: stat.receivedBytes, + BytesSent: stat.transmittedBytes, + Method: packet.Additive, + } + select { + case bandwidthUpdates <- update: + case <-ctx.Done(): + return nil + default: + log.Warningf("kext: bandwidth update queue is full, skipping rest of batch (%d entries)", len(stats)-i) + return nil + } + } + + return nil +} + +func StartBandwithConsoleLogger() { + go func() { + ticker := time.NewTicker(2 * time.Second) + defer ticker.Stop() + for range ticker.C { + conns, err := GetConnectionsStats() + if err != nil { + continue + } + for _, conn := range conns { + if conn.receivedBytes == 0 && conn.transmittedBytes == 0 { + continue + } + key := Key{ + localIP: conn.localIP, + remoteIP: conn.remoteIP, + localPort: conn.localPort, + remotePort: conn.remotePort, + ipv6: conn.ipV6 == 1, + protocol: conn.protocol, + } + + // First we get a "copy" of the entry + if entry, ok := m[key]; ok { + // Then we modify the copy + entry.rx += conn.receivedBytes + entry.tx += conn.transmittedBytes + + // Then we reassign map entry + m[key] = entry + } else { + m[key] = Rxtxdata{ + rx: conn.receivedBytes, + tx: conn.transmittedBytes, + } + } + } + log.Debug("----------------------------------") + for key, value := range m { + log.Debugf( + "Conn: %d %s:%d %s:%d rx:%d tx:%d", key.protocol, + convertArrayToIP(key.localIP, key.ipv6), key.localPort, + convertArrayToIP(key.remoteIP, key.ipv6), key.remotePort, + value.rx, value.tx, + ) + } + } + }() +} diff --git a/firewall/interception/windowskext2/doc.go b/firewall/interception/windowskext2/doc.go new file mode 100644 index 00000000..c68a942f --- /dev/null +++ b/firewall/interception/windowskext2/doc.go @@ -0,0 +1,4 @@ +// +build windows + +// Package windowskext provides network interception capabilities on windows via the Portmaster Kernel Extension. +package windowskext diff --git a/firewall/interception/windowskext2/handler.go b/firewall/interception/windowskext2/handler.go new file mode 100644 index 00000000..c6dff10d --- /dev/null +++ b/firewall/interception/windowskext2/handler.go @@ -0,0 +1,181 @@ +//go:build windows +// +build windows + +package windowskext + +import ( + "context" + "encoding/binary" + "fmt" + "net" + "time" + "unsafe" + + "github.com/safing/portmaster/process" + + "github.com/tevino/abool" + + "github.com/safing/portbase/log" + "github.com/safing/portmaster/network/packet" +) + +const ( + // VerdictRequestFlagFastTrackPermitted is set on packets that have been + // already permitted by the kernel extension and the verdict request is only + // informational. + VerdictRequestFlagFastTrackPermitted = 1 + + // VerdictRequestFlagSocketAuth indicates that the verdict request is for a + // connection that was intercepted on an ALE layer instead of in the network + // stack itself. Thus, no packet data is available. + VerdictRequestFlagSocketAuth = 2 + + // VerdictRequestFlagExpectSocketAuth indicates that the next verdict + // requests is expected to be an informational socket auth request from + // the ALE layer. + VerdictRequestFlagExpectSocketAuth = 4 +) + +type ConnectionStat struct { + localIP [4]uint32 //Source Address, only srcIP[0] if IPv4 + remoteIP [4]uint32 //Destination Address + localPort uint16 //Source Port + remotePort uint16 //Destination port + receivedBytes uint64 //Number of bytes recived on this connection + transmittedBytes uint64 //Number of bytes transsmited from this connection + ipV6 uint8 //True: IPv6, False: IPv4 + protocol uint8 //Protocol (UDP, TCP, ...) +} + +type VersionInfo struct { + major uint8 + minor uint8 + revision uint8 + build uint8 +} + +func (v *VersionInfo) String() string { + return fmt.Sprintf("%d.%d.%d.%d", v.major, v.minor, v.revision, v.build) +} + +// Handler transforms received packets to the Packet interface. +func Handler(ctx context.Context, packets chan packet.Packet) { + for { + packetInfo, err := RecvVerdictRequest() + if err != nil { + log.Warningf("failed to get packet from windows kext: %s", err) + return + } + + if packetInfo.Connection != nil { + log.Tracef("packet: %+v", packetInfo.Connection) + conn := packetInfo.Connection + // New Packet + new := &Packet{ + verdictRequest: conn.Id, + verdictSet: abool.NewBool(false), + } + info := new.Info() + info.Inbound = conn.Direction > 0 + info.InTunnel = false + info.Protocol = packet.IPProtocol(conn.Protocol) + info.PID = int(*conn.ProcessId) + info.SeenAt = time.Now() + + // Check PID + if info.PID == 0 { + // Windows does not have zero PIDs. + // Set to UndefinedProcessID. + info.PID = process.UndefinedProcessID + } + + // Set IP version + if conn.IpV6 { + info.Version = packet.IPv6 + } else { + info.Version = packet.IPv4 + } + + // Set IPs + if info.Inbound { + // Inbound + info.Src = net.IP(conn.RemoteIp) + info.Dst = net.IP(conn.LocalIp) + } else { + // Outbound + info.Src = net.IP(conn.LocalIp) + info.Dst = net.IP(conn.RemoteIp) + } + + // Set Ports + if info.Inbound { + // Inbound + info.SrcPort = conn.RemotePort + info.DstPort = conn.LocalPort + } else { + // Outbound + info.SrcPort = conn.LocalPort + info.DstPort = conn.RemotePort + } + + packets <- new + } + + if packetInfo.LogLines != nil { + for _, line := range *packetInfo.LogLines { + switch line.Severity { + case int(log.DebugLevel): + log.Debugf("kext: %s", line.Line) + case int(log.InfoLevel): + log.Infof("kext: %s", line.Line) + case int(log.WarningLevel): + log.Warningf("kext: %s", line.Line) + case int(log.ErrorLevel): + log.Errorf("kext: %s", line.Line) + case int(log.CriticalLevel): + log.Criticalf("kext: %s", line.Line) + } + } + } + } +} + +// convertArrayToIP converts an array of uint32 values to a net.IP address. +func convertArrayToIP(input [4]uint32, ipv6 bool) net.IP { + if !ipv6 { + addressBuf := make([]byte, 4) + binary.BigEndian.PutUint32(addressBuf, input[0]) + return net.IP(addressBuf) + } + + addressBuf := make([]byte, 16) + for i := 0; i < 4; i++ { + binary.BigEndian.PutUint32(addressBuf[i*4:i*4+4], input[i]) + } + return net.IP(addressBuf) +} + +func ipAddressToArray(ip net.IP, isIPv6 bool) [4]uint32 { + array := [4]uint32{0} + if isIPv6 { + for i := 0; i < 4; i++ { + binary.BigEndian.PutUint32(asByteArrayWithLength(&array[i], 4), getUInt32Value(&ip[i])) + } + } else { + binary.BigEndian.PutUint32(asByteArrayWithLength(&array[0], 4), getUInt32Value(&ip[0])) + } + + return array +} + +func asByteArray[T any](obj *T) []byte { + return unsafe.Slice((*byte)(unsafe.Pointer(obj)), unsafe.Sizeof(*obj)) +} + +func asByteArrayWithLength[T any](obj *T, size uint32) []byte { + return unsafe.Slice((*byte)(unsafe.Pointer(obj)), size) +} + +func getUInt32Value[T any](obj *T) uint32 { + return *(*uint32)(unsafe.Pointer(obj)) +} diff --git a/firewall/interception/windowskext2/kext.go b/firewall/interception/windowskext2/kext.go new file mode 100644 index 00000000..f93605b5 --- /dev/null +++ b/firewall/interception/windowskext2/kext.go @@ -0,0 +1,156 @@ +//go:build windows +// +build windows + +package windowskext + +import ( + "errors" + "fmt" + "unsafe" + + "github.com/safing/portbase/log" + "github.com/safing/portmaster/network" + "github.com/vlabo/portmaster_windows_rust_kext/kext_interface" +) + +// Package errors +var ( + ErrKextNotReady = errors.New("the windows kernel extension (driver) is not ready to accept commands") + ErrNoPacketID = errors.New("the packet has no ID, possibly because it was fast-tracked by the kernel extension") + + driverPath string + + service *kext_interface.KextService + kextFile *kext_interface.KextFile +) + +const ( + driverName = "PortmasterKext" +) + +// Init initializes the DLL and the Kext (Kernel Driver). +func Init(path string) error { + driverPath = path + return nil +} + +// Start intercepting. +func Start() error { + + // initialize and start driver service + var err error + service, err = kext_interface.CreateKextService(driverName, driverPath) + if err != nil { + return fmt.Errorf("failed to create service: %w", err) + } + + // Start service and open file + service.Start(true) + kextFile, err = service.OpenFile(1024) + + if err != nil { + return fmt.Errorf("failed to open driver: %w", err) + } + + return nil +} + +// Stop intercepting. +func Stop() error { + // Prepare kernel for shutdown + err := shutdownRequest() + if err != nil { + log.Warningf("winkext: shutdown request failed: %s", err) + } + // Close the interface to the driver. Driver will continue to run. + kextFile.Close() + + // Stop and delete the driver. + service.Stop(true) + service.Delete() + return nil +} + +func shutdownRequest() error { + return kext_interface.WriteCommand(kextFile, kext_interface.BuildShutdown()) +} + +func SendLogRequest() error { + return kext_interface.WriteCommand(kextFile, kext_interface.BuildGetLogs()) +} + +// RecvVerdictRequest waits for the next verdict request from the kext. If a timeout is reached, both *VerdictRequest and error will be nil. +func RecvVerdictRequest() (*kext_interface.Info, error) { + return kext_interface.ReadInfo(kextFile) +} + +// SetVerdict sets the verdict for a packet and/or connection. +func SetVerdict(pkt *Packet, verdict network.Verdict) error { + if verdict == network.VerdictRerouteToNameserver { + redirect := kext_interface.Redirect{Id: pkt.verdictRequest, RemoteAddress: []uint8{127, 0, 0, 1}, RemotePort: 53} + command := kext_interface.BuildRedirect(redirect) + kext_interface.WriteCommand(kextFile, command) + } else if verdict == network.VerdictRerouteToTunnel { + redirect := kext_interface.Redirect{Id: pkt.verdictRequest, RemoteAddress: []uint8{192, 168, 122, 196}, RemotePort: 717} + command := kext_interface.BuildRedirect(redirect) + kext_interface.WriteCommand(kextFile, command) + } else { + verdict := kext_interface.Verdict{Id: pkt.verdictRequest, Verdict: uint8(verdict)} + command := kext_interface.BuildVerdict(verdict) + kext_interface.WriteCommand(kextFile, command) + } + return nil +} + +func ClearCache() error { + return kext_interface.WriteCommand(kextFile, kext_interface.BuildClearCache()) +} + +func UpdateVerdict(conn *network.Connection) error { + redirectAddress := []uint8{} + redirectPort := 0 + if conn.Verdict.Active == network.VerdictRerouteToNameserver { + redirectAddress = []uint8{127, 0, 0, 1} + redirectPort = 53 + } + if conn.Verdict.Active == network.VerdictRerouteToTunnel { + redirectAddress = []uint8{192, 168, 122, 196} + redirectPort = 717 + } + + update := kext_interface.Update{ + Protocol: conn.Entity.Protocol, + LocalAddress: conn.LocalIP, + LocalPort: conn.LocalPort, + RemoteAddress: conn.Entity.IP, + RemotePort: conn.Entity.Port, + Verdict: uint8(conn.Verdict.Active), + RedirectAddress: redirectAddress, + RedirectPort: uint16(redirectPort), + } + + command := kext_interface.BuildUpdate(update) + kext_interface.WriteCommand(kextFile, command) + return nil +} + +func GetVersion() (*VersionInfo, error) { + data, err := kext_interface.ReadVersion(kextFile) + if err != nil { + return nil, err + } + + version := &VersionInfo{ + major: data[0], + minor: data[1], + revision: data[2], + build: data[3], + } + return version, nil +} + +var sizeOfConnectionStat = uint32(unsafe.Sizeof(ConnectionStat{})) + +func GetConnectionsStats() ([]ConnectionStat, error) { + return nil, nil +} diff --git a/firewall/interception/windowskext2/packet.go b/firewall/interception/windowskext2/packet.go new file mode 100644 index 00000000..318d1de6 --- /dev/null +++ b/firewall/interception/windowskext2/packet.go @@ -0,0 +1,110 @@ +//go:build windows +// +build windows + +package windowskext + +import ( + "sync" + + "github.com/tevino/abool" + + "github.com/safing/portmaster/network" + "github.com/safing/portmaster/network/packet" +) + +// Packet represents an IP packet. +type Packet struct { + packet.Base + + verdictRequest uint64 + verdictSet *abool.AtomicBool + + payloadLoaded bool + lock sync.Mutex +} + +// FastTrackedByIntegration returns whether the packet has been fast-track +// accepted by the OS integration. +func (pkt *Packet) FastTrackedByIntegration() bool { + return false +} + +// InfoOnly returns whether the packet is informational only and does not +// represent an actual packet. +func (pkt *Packet) InfoOnly() bool { + return false +} + +// ExpectInfo returns whether the next packet is expected to be informational only. +func (pkt *Packet) ExpectInfo() bool { + return false +} + +// GetPayload returns the full raw packet. +func (pkt *Packet) LoadPacketData() error { + return nil +} + +// Accept accepts the packet. +func (pkt *Packet) Accept() error { + if pkt.verdictSet.SetToIf(false, true) { + return SetVerdict(pkt, -network.VerdictAccept) + } + return nil +} + +// Block blocks the packet. +func (pkt *Packet) Block() error { + if pkt.verdictSet.SetToIf(false, true) { + return SetVerdict(pkt, -network.VerdictBlock) + } + return nil +} + +// Drop drops the packet. +func (pkt *Packet) Drop() error { + if pkt.verdictSet.SetToIf(false, true) { + return SetVerdict(pkt, -network.VerdictDrop) + } + return nil +} + +// PermanentAccept permanently accepts connection (and the current packet). +func (pkt *Packet) PermanentAccept() error { + if pkt.verdictSet.SetToIf(false, true) { + return SetVerdict(pkt, network.VerdictAccept) + } + return nil +} + +// PermanentBlock permanently blocks connection (and the current packet). +func (pkt *Packet) PermanentBlock() error { + if pkt.verdictSet.SetToIf(false, true) { + return SetVerdict(pkt, network.VerdictBlock) + } + return nil +} + +// PermanentDrop permanently drops connection (and the current packet). +func (pkt *Packet) PermanentDrop() error { + if pkt.verdictSet.SetToIf(false, true) { + return SetVerdict(pkt, network.VerdictDrop) + } + return nil +} + +// RerouteToNameserver permanently reroutes the connection to the local nameserver (and the current packet). +func (pkt *Packet) RerouteToNameserver() error { + if pkt.verdictSet.SetToIf(false, true) { + return SetVerdict(pkt, network.VerdictRerouteToNameserver) + } + return nil +} + +// RerouteToTunnel permanently reroutes the connection to the local tunnel entrypoint (and the current packet). +func (pkt *Packet) RerouteToTunnel() error { + if pkt.verdictSet.SetToIf(false, true) { + return SetVerdict(pkt, network.VerdictRerouteToTunnel) + } + return nil +} diff --git a/firewall/interception/windowskext2/service.go b/firewall/interception/windowskext2/service.go new file mode 100644 index 00000000..2731da44 --- /dev/null +++ b/firewall/interception/windowskext2/service.go @@ -0,0 +1,154 @@ +//go:build windows +// +build windows + +package windowskext + +import ( + "github.com/vlabo/portmaster_windows_rust_kext/kext_interface" +) + +func createKextService(driverName string, driverPath string) (*kext_interface.KextService, error) { + return kext_interface.CreateKextService(driverName, driverPath) +} + +// func deleteService(manager windows.Handle, service *KextService, driverName []uint16) error { +// // Stop and wait before deleting +// _ = service.stop(true) + +// // Try to delete even if stop failed +// err := service.delete() +// if err != nil { +// return fmt.Errorf("failed to delete old service: %s", err) +// } + +// // Wait until we can no longer open the old service. +// // Not very efficient but NotifyServiceStatusChange cannot be used with driver service. +// start := time.Now() +// timeLimit := time.Duration(30 * time.Second) +// for { +// handle, err := windows.OpenService(manager, &driverName[0], windows.SERVICE_ALL_ACCESS) +// if err != nil { +// break +// } +// _ = windows.CloseServiceHandle(handle) + +// if time.Since(start) > timeLimit { +// return fmt.Errorf("time limit reached") +// } + +// time.Sleep(100 * time.Millisecond) +// } +// return nil +// } + +// func (s *KextService) isValid() bool { +// return s != nil && s.handle != winInvalidHandleValue && s.handle != 0 +// } + +// func (s *KextService) isRunning() (bool, error) { +// if !s.isValid() { +// return false, fmt.Errorf("kext service not initialized") +// } +// var status windows.SERVICE_STATUS +// err := windows.QueryServiceStatus(s.handle, &status) +// if err != nil { +// return false, err +// } +// return status.CurrentState == windows.SERVICE_RUNNING, nil +// } + +// func waitForServiceStatus(handle windows.Handle, neededStatus uint32, timeLimit time.Duration) (bool, error) { +// var status windows.SERVICE_STATUS +// status.CurrentState = windows.SERVICE_NO_CHANGE +// start := time.Now() +// for status.CurrentState == neededStatus { +// err := windows.QueryServiceStatus(handle, &status) +// if err != nil { +// return false, fmt.Errorf("failed while waiting for service to start: %w", err) +// } + +// if time.Since(start) > timeLimit { +// return false, fmt.Errorf("time limit reached") +// } + +// // Sleep for 1/10 of the wait hint, recommended time from microsoft +// time.Sleep(time.Duration((status.WaitHint / 10)) * time.Millisecond) +// } + +// return true, nil +// } + +// func (s *KextService) start(wait bool) error { +// if !s.isValid() { +// return fmt.Errorf("kext service not initialized") +// } + +// // Start the service: +// err := windows.StartService(s.handle, 0, nil) + +// if err != nil { +// err = windows.GetLastError() +// if err != windows.ERROR_SERVICE_ALREADY_RUNNING { +// // Failed to start service; clean-up: +// var status windows.SERVICE_STATUS +// _ = windows.ControlService(s.handle, windows.SERVICE_CONTROL_STOP, &status) +// _ = windows.DeleteService(s.handle) +// _ = windows.CloseServiceHandle(s.handle) +// s.handle = winInvalidHandleValue +// return err +// } +// } + +// // Wait for service to start +// if wait { +// success, err := waitForServiceStatus(s.handle, windows.SERVICE_RUNNING, time.Duration(10*time.Second)) +// if err != nil || !success { +// return fmt.Errorf("service did not start: %w", err) +// } +// } + +// return nil +// } + +// func (s *KextService) stop(wait bool) error { +// if !s.isValid() { +// return fmt.Errorf("kext service not initialized") +// } + +// // Stop the service +// var status windows.SERVICE_STATUS +// err := windows.ControlService(s.handle, windows.SERVICE_CONTROL_STOP, &status) +// if err != nil { +// return fmt.Errorf("service failed to stop: %w", err) +// } + +// // Wait for service to stop +// if wait { +// success, err := waitForServiceStatus(s.handle, windows.SERVICE_STOPPED, time.Duration(10*time.Second)) +// if err != nil || !success { +// return fmt.Errorf("service did not stop: %w", err) +// } +// } + +// return nil +// } + +// func (s *KextService) delete() error { +// if !s.isValid() { +// return fmt.Errorf("kext service not initialized") +// } + +// err := windows.DeleteService(s.handle) +// if err != nil { +// return fmt.Errorf("failed to delete service: %s", err) +// } + +// // Service wont be deleted until all handles are closed. +// err = windows.CloseServiceHandle(s.handle) +// if err != nil { +// return fmt.Errorf("failed to close service handle: %s", err) +// } + +// s.handle = winInvalidHandleValue +// return nil +// } diff --git a/go.mod b/go.mod index 9421ce7f..78158f63 100644 --- a/go.mod +++ b/go.mod @@ -39,6 +39,7 @@ require ( github.com/tevino/abool v1.2.0 github.com/umahmood/haversine v0.0.0-20151105152445-808ab04add26 github.com/vincent-petithory/dataurl v1.0.0 + github.com/vlabo/portmaster_windows_rust_kext/kext_interface v0.0.0-20240120091731-1a3450b13959 golang.org/x/exp v0.0.0-20240110193028-0dcbfd608b1e golang.org/x/net v0.20.0 golang.org/x/sync v0.6.0 diff --git a/go.sum b/go.sum index d9fdd161..50e19078 100644 --- a/go.sum +++ b/go.sum @@ -275,6 +275,8 @@ github.com/valyala/histogram v1.2.0 h1:wyYGAZZt3CpwUiIb9AU/Zbllg1llXyrtApRS815OL github.com/valyala/histogram v1.2.0/go.mod h1:Hb4kBwb4UxsaNbbbh+RRz8ZR6pdodR57tzWUS3BUzXY= github.com/vincent-petithory/dataurl v1.0.0 h1:cXw+kPto8NLuJtlMsI152irrVw9fRDX8AbShPRpg2CI= github.com/vincent-petithory/dataurl v1.0.0/go.mod h1:FHafX5vmDzyP+1CQATJn7WFKc9CvnvxyvZy6I1MrG/U= +github.com/vlabo/portmaster_windows_rust_kext/kext_interface v0.0.0-20240120091731-1a3450b13959 h1:5j8cHx9n4drternoY4HXomea+4aYJuKMgnA3VhlG5WM= +github.com/vlabo/portmaster_windows_rust_kext/kext_interface v0.0.0-20240120091731-1a3450b13959/go.mod h1:PCv02zl4R2SbmEUDetMKO+kTfvMvsVVZuOzOXRMcHwE= github.com/vmihailenco/msgpack/v5 v5.4.1 h1:cQriyiUvjTwOHg8QZaPihLWeRAAVoCpE00IUPn0Bjt8= github.com/vmihailenco/msgpack/v5 v5.4.1/go.mod h1:GaZTsDaehaPpQVyxrf5mtQlH+pc21PIudVV/E3rRQok= github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g= diff --git a/network/connection.go b/network/connection.go index 6954b0f1..5c4c687a 100644 --- a/network/connection.go +++ b/network/connection.go @@ -424,6 +424,7 @@ func NewIncompleteConnection(pkt packet.Packet) *Connection { IPProtocol: info.Protocol, Started: info.SeenAt.Unix(), PID: info.PID, + Inbound: info.Inbound, dataComplete: abool.NewBool(false), }