github/portmaster
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #1399 from safing/feature/remove-prompt-on-settings-change

Browse Source 
Remove connection prompts when applicable settings are changed by user
This commit is contained in:
Daniel Hovie
2023-12-22 14:19:38 +01:00
committed by GitHub
parent 355a483d5e 4ffc6e53b7
commit 496016b810
3 changed files with 51 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
firewall/packet_handler.go
View File

@@ -111,6 +111,9 @@ func resetAllConnectionVerdicts() {
func resetConnectionVerdict(ctx context.Context, conn *network.Connection) (verdictChanged bool) {
tracer := log.Tracer(ctx)
// Remove any active prompt as we settings are being re-evaluated.
conn.RemovePrompt()
conn.Lock()
defer conn.Unlock()
@@ -144,12 +147,17 @@ func resetConnectionVerdict(ctx context.Context, conn *network.Connection) (verd
// Save if verdict changed.
if conn.Verdict.Firewall != previousVerdict {
err := interception.UpdateVerdictOfConnection(conn)
if err != nil {
log.Debugf("filter: failed to update connection verdict: %s", err)
}
conn.Save()
tracer.Infof("filter: verdict of connection %s changed from %s to %s", conn, previousVerdict.Verb(), conn.VerdictVerb())
// Update verdict in OS integration, if an IP connection.
if conn.Type == network.IPConnection {
err := interception.UpdateVerdictOfConnection(conn)
if err != nil {
log.Debugf("filter: failed to update connection verdict: %s", err)
}
}
return true
}

10
firewall/prompt.go
View File

@@ -54,6 +54,9 @@ func prompt(ctx context.Context, conn *network.Connection) {
return
}
// Add prompt to connection.
conn.SetPrompt(n)
// Get decision timeout and make sure it does not exceed the ask timeout.
timeout := decisionTimeout
if timeout > askTimeout() {
@@ -65,8 +68,13 @@ func prompt(ctx context.Context, conn *network.Connection) {
case promptResponse := <-n.Response():
switch promptResponse {
case allowDomainAll, allowDomainDistinct, allowIP, allowServingIP:
// Accept
conn.Accept("allowed via prompt", profile.CfgOptionEndpointsKey)
default: // deny
case "":
// Dismissed
conn.Deny("prompting canceled, waiting for new decision", profile.CfgOptionDefaultActionKey)
default:
// Deny
conn.Deny("blocked via prompt", profile.CfgOptionEndpointsKey)
}