Merge pull request #1399 from safing/feature/remove-prompt-on-settings-change
Remove connection prompts when applicable settings are changed by user
This commit is contained in:
@@ -111,6 +111,9 @@ func resetAllConnectionVerdicts() {
|
||||
func resetConnectionVerdict(ctx context.Context, conn *network.Connection) (verdictChanged bool) {
|
||||
tracer := log.Tracer(ctx)
|
||||
|
||||
// Remove any active prompt as we settings are being re-evaluated.
|
||||
conn.RemovePrompt()
|
||||
|
||||
conn.Lock()
|
||||
defer conn.Unlock()
|
||||
|
||||
@@ -144,12 +147,17 @@ func resetConnectionVerdict(ctx context.Context, conn *network.Connection) (verd
|
||||
|
||||
// Save if verdict changed.
|
||||
if conn.Verdict.Firewall != previousVerdict {
|
||||
err := interception.UpdateVerdictOfConnection(conn)
|
||||
if err != nil {
|
||||
log.Debugf("filter: failed to update connection verdict: %s", err)
|
||||
}
|
||||
conn.Save()
|
||||
tracer.Infof("filter: verdict of connection %s changed from %s to %s", conn, previousVerdict.Verb(), conn.VerdictVerb())
|
||||
|
||||
// Update verdict in OS integration, if an IP connection.
|
||||
if conn.Type == network.IPConnection {
|
||||
err := interception.UpdateVerdictOfConnection(conn)
|
||||
if err != nil {
|
||||
log.Debugf("filter: failed to update connection verdict: %s", err)
|
||||
}
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
|
||||
@@ -54,6 +54,9 @@ func prompt(ctx context.Context, conn *network.Connection) {
|
||||
return
|
||||
}
|
||||
|
||||
// Add prompt to connection.
|
||||
conn.SetPrompt(n)
|
||||
|
||||
// Get decision timeout and make sure it does not exceed the ask timeout.
|
||||
timeout := decisionTimeout
|
||||
if timeout > askTimeout() {
|
||||
@@ -65,8 +68,13 @@ func prompt(ctx context.Context, conn *network.Connection) {
|
||||
case promptResponse := <-n.Response():
|
||||
switch promptResponse {
|
||||
case allowDomainAll, allowDomainDistinct, allowIP, allowServingIP:
|
||||
// Accept
|
||||
conn.Accept("allowed via prompt", profile.CfgOptionEndpointsKey)
|
||||
default: // deny
|
||||
case "":
|
||||
// Dismissed
|
||||
conn.Deny("prompting canceled, waiting for new decision", profile.CfgOptionDefaultActionKey)
|
||||
default:
|
||||
// Deny
|
||||
conn.Deny("blocked via prompt", profile.CfgOptionEndpointsKey)
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user