github/portmaster
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Custom filter list proof of concept

Browse Source
This commit is contained in:
Vladimir Stoilov
2022-07-22 17:49:06 +02:00
committed by Daniel
parent a7034e423c
commit 420da81b33
3 changed files with 139 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
firewall/master.go
View File

@@ -13,6 +13,7 @@ import (
"github.com/safing/portbase/log"
"github.com/safing/portmaster/detection/dga"
"github.com/safing/portmaster/intel/customlists"
"github.com/safing/portmaster/netenv"
"github.com/safing/portmaster/network"
"github.com/safing/portmaster/network/netutils"
@@ -54,6 +55,7 @@ var defaultDeciders = []deciderFn{
dropInbound,
checkDomainHeuristics,
checkAutoPermitRelated,
checkCustomFilterList,
}
// DecideOnConnection makes a decision about a connection.
@@ -612,3 +614,26 @@ matchLoop:
}
return related, reason
}
func checkCustomFilterList(_ context.Context, conn *network.Connection, p *profile.LayeredProfile, _ packet.Packet) bool {
// block domains that are in the custom list
if conn.Entity.Domain != "" {
if customlists.LookupDomain(conn.Entity.Domain) {
// FIXME: add proper messages
log.Debugf("Blocked %s", conn.Entity.Domain)
conn.Block("Domains appiers in the custom user list", profile.CfgOptionRemoveBlockedDNSKey)
return true
}
}
if conn.Entity.IP != nil {
if customlists.LookupIPv4(&conn.Entity.IP) {
// FIXME: add proper messages
log.Debugf("Blocked %s", conn.Entity.IP)
conn.Block("IP appiers in the custom user list", profile.CfgOptionBlockScopeInternetKey)
return true
}
}
return false
}