Switch connection state lookups to use the packet.Info struct

Also, rename the Direction attribute on packet.Info to Inbound

firewall/api.go

@@ -60,16 +60,17 @@ func apiAuthenticator(s *http.Server, r *http.Request) (grantAccess bool, err er
 	var procsChecked []string
 
 	// get process
-	proc, _, err := process.GetProcessByEndpoints(
+	proc, _, err := process.GetProcessByConnection(
 		r.Context(),
-		packet.IPv4,
+		&packet.Info{
-		packet.TCP,
+			Inbound:  false, // outbound as we are looking for the process of the source address
-		// switch reverse/local to get remote process
+			Version:  packet.IPv4,
-		remoteIP,
+			Protocol: packet.TCP,
-		remotePort,
+			Src:      remoteIP,   // source as in the process we are looking for
-		localIP,
+			SrcPort:  remotePort, // source as in the process we are looking for
-		localPort,
+			Dst:      localIP,
-		false,
+			DstPort:  localPort,
+		},
 	)
 	if err != nil {
 		return false, fmt.Errorf("failed to get process: %s", err)

firewall/interception/windowskext/handler.go

@@ -62,7 +62,7 @@ func Handler(packets chan packet.Packet) {
 		}
 
 		info := new.Info()
-		info.Direction = packetInfo.direction > 0
+		info.Inbound = packetInfo.direction > 0
 		info.InTunnel = false
 		info.Protocol = packet.IPProtocol(packetInfo.protocol)
 
@@ -76,7 +76,7 @@ func Handler(packets chan packet.Packet) {
 		// IPs
 		if info.Version == packet.IPv4 {
 			// IPv4
-			if info.Direction {
+			if info.Inbound {
 				// Inbound
 				info.Src = convertIPv4(packetInfo.remoteIP)
 				info.Dst = convertIPv4(packetInfo.localIP)
@@ -87,7 +87,7 @@ func Handler(packets chan packet.Packet) {
 			}
 		} else {
 			// IPv6
-			if info.Direction {
+			if info.Inbound {
 				// Inbound
 				info.Src = convertIPv6(packetInfo.remoteIP)
 				info.Dst = convertIPv6(packetInfo.localIP)
@@ -99,7 +99,7 @@ func Handler(packets chan packet.Packet) {
 		}
 
 		// Ports
-		if info.Direction {
+		if info.Inbound {
 			// Inbound
 			info.SrcPort = packetInfo.remotePort
 			info.DstPort = packetInfo.localPort

firewall/master.go

@@ -91,15 +91,15 @@ func checkSelfCommunication(conn *network.Connection, pkt packet.Packet) bool {
 		pktInfo := pkt.Info()
 		if conn.Process().Pid >= 0 && pktInfo.Src.Equal(pktInfo.Dst) {
 			// get PID
-			otherPid, _, err := state.Lookup(
+			otherPid, _, err := state.Lookup(&packet.Info{
-				pktInfo.Version,
+				Inbound:  !pktInfo.Inbound, // we want to know the process on the other end
-				pktInfo.Protocol,
+				Version:  pktInfo.Version,
-				pktInfo.RemoteIP(),
+				Protocol: pktInfo.Protocol,
-				pktInfo.RemotePort(),
+				Src:      pktInfo.Src,
-				pktInfo.LocalIP(),
+				SrcPort:  pktInfo.SrcPort,
-				pktInfo.LocalPort(),
+				Dst:      pktInfo.Dst,
-				pktInfo.Direction,
+				DstPort:  pktInfo.DstPort,
-			)
+			})
 			if err != nil {
 				log.Warningf("filter: failed to find local peer process PID: %s", err)
 			} else {

nameserver/takeover.go

@@ -58,7 +58,15 @@ func checkForConflictingService() error {
 }
 
 func takeover(resolverIP net.IP) (int, error) {
-	pid, _, err := state.Lookup(0, packet.UDP, resolverIP, 53, nil, 0, false)
+	pid, _, err := state.Lookup(&packet.Info{
+		Inbound:  true,
+		Version:  0, // auto-detect
+		Protocol: packet.UDP,
+		Src:      nil, // do not record direction
+		SrcPort:  0,   // do not record direction
+		Dst:      resolverIP,
+		DstPort:  53,
+	})
 	if err != nil {
 		// there may be nothing listening on :53
 		return 0, nil

network/connection.go

@@ -65,15 +65,17 @@ type Connection struct { //nolint:maligned // TODO: fix alignment
 // NewConnectionFromDNSRequest returns a new connection based on the given dns request.
 func NewConnectionFromDNSRequest(ctx context.Context, fqdn string, cnames []string, ipVersion packet.IPVersion, localIP net.IP, localPort uint16) *Connection {
 	// get Process
-	proc, _, err := process.GetProcessByEndpoints(
+	proc, _, err := process.GetProcessByConnection(
 		ctx,
-		ipVersion,
+		&packet.Info{
-		packet.UDP,
+			Inbound:  false, // outbound as we are looking for the process of the source address
-		localIP,
+			Version:  ipVersion,
-		localPort,
+			Protocol: packet.UDP,
-		dnsAddress, // this might not be correct, but it does not matter, as matching only occurs on the local address
+			Src:      localIP,   // source as in the process we are looking for
-		dnsPort,
+			SrcPort:  localPort, // source as in the process we are looking for
-		false, // inbound, irrevelant
+			Dst:      nil,       // do not record direction
+			DstPort:  0,         // do not record direction
+		},
 	)
 	if err != nil {
 		log.Debugf("network: failed to find process of dns request for %s: %s", fqdn, err)
@@ -97,7 +99,7 @@ func NewConnectionFromDNSRequest(ctx context.Context, fqdn string, cnames []stri
 // NewConnectionFromFirstPacket returns a new connection based on the given packet.
 func NewConnectionFromFirstPacket(pkt packet.Packet) *Connection {
 	// get Process
-	proc, inbound, err := process.GetProcessByPacket(pkt)
+	proc, inbound, err := process.GetProcessByConnection(pkt.Ctx(), pkt.Info())
 	if err != nil {
 		log.Debugf("network: failed to find process of packet %s: %s", pkt, err)
 		proc = process.GetUnidentifiedProcess(pkt.Ctx())

network/packet/packet.go

@@ -36,22 +36,22 @@ func (pkt *Base) SetPacketInfo(packetInfo Info) {
 
 // SetInbound sets a the packet direction to inbound. This must only used when initializing the packet structure.
 func (pkt *Base) SetInbound() {
-	pkt.info.Direction = true
+	pkt.info.Inbound = true
 }
 
 // SetOutbound sets a the packet direction to outbound. This must only used when initializing the packet structure.
 func (pkt *Base) SetOutbound() {
-	pkt.info.Direction = false
+	pkt.info.Inbound = false
 }
 
 // IsInbound checks if the packet is inbound.
 func (pkt *Base) IsInbound() bool {
-	return pkt.info.Direction
+	return pkt.info.Inbound
 }
 
 // IsOutbound checks if the packet is outbound.
 func (pkt *Base) IsOutbound() bool {
-	return !pkt.info.Direction
+	return !pkt.info.Inbound
 }
 
 // HasPorts checks if the packet has a protocol that uses ports.
@@ -80,13 +80,13 @@ func (pkt *Base) GetConnectionID() string {
 
 func (pkt *Base) createConnectionID() {
 	if pkt.info.Protocol == TCP || pkt.info.Protocol == UDP {
-		if pkt.info.Direction {
+		if pkt.info.Inbound {
 			pkt.connID = fmt.Sprintf("%d-%s-%d-%s-%d", pkt.info.Protocol, pkt.info.Dst, pkt.info.DstPort, pkt.info.Src, pkt.info.SrcPort)
 		} else {
 			pkt.connID = fmt.Sprintf("%d-%s-%d-%s-%d", pkt.info.Protocol, pkt.info.Src, pkt.info.SrcPort, pkt.info.Dst, pkt.info.DstPort)
 		}
 	} else {
-		if pkt.info.Direction {
+		if pkt.info.Inbound {
 			pkt.connID = fmt.Sprintf("%d-%s-%s", pkt.info.Protocol, pkt.info.Dst, pkt.info.Src)
 		} else {
 			pkt.connID = fmt.Sprintf("%d-%s-%s", pkt.info.Protocol, pkt.info.Src, pkt.info.Dst)
@@ -105,7 +105,7 @@ func (pkt *Base) MatchesAddress(remote bool, protocol IPProtocol, network *net.I
 	if pkt.info.Protocol != protocol {
 		return false
 	}
-	if pkt.info.Direction != remote {
+	if pkt.info.Inbound != remote {
 		if !network.Contains(pkt.info.Src) {
 			return false
 		}
@@ -131,7 +131,7 @@ func (pkt *Base) MatchesAddress(remote bool, protocol IPProtocol, network *net.I
 // Remote  Src  Dst
 //
 func (pkt *Base) MatchesIP(endpoint bool, network *net.IPNet) bool {
-	if pkt.info.Direction != endpoint {
+	if pkt.info.Inbound != endpoint {
 		if network.Contains(pkt.info.Src) {
 			return true
 		}
@@ -152,12 +152,12 @@ func (pkt *Base) String() string {
 // FmtPacket returns the most important information about the packet as a string
 func (pkt *Base) FmtPacket() string {
 	if pkt.info.Protocol == TCP || pkt.info.Protocol == UDP {
-		if pkt.info.Direction {
+		if pkt.info.Inbound {
 			return fmt.Sprintf("IN %s %s:%d <-> %s:%d", pkt.info.Protocol, pkt.info.Dst, pkt.info.DstPort, pkt.info.Src, pkt.info.SrcPort)
 		}
 		return fmt.Sprintf("OUT %s %s:%d <-> %s:%d", pkt.info.Protocol, pkt.info.Src, pkt.info.SrcPort, pkt.info.Dst, pkt.info.DstPort)
 	}
-	if pkt.info.Direction {
+	if pkt.info.Inbound {
 		return fmt.Sprintf("IN %s %s <-> %s", pkt.info.Protocol, pkt.info.Dst, pkt.info.Src)
 	}
 	return fmt.Sprintf("OUT %s %s <-> %s", pkt.info.Protocol, pkt.info.Src, pkt.info.Dst)
@@ -170,7 +170,7 @@ func (pkt *Base) FmtProtocol() string {
 
 // FmtRemoteIP returns the remote IP address as a string
 func (pkt *Base) FmtRemoteIP() string {
-	if pkt.info.Direction {
+	if pkt.info.Inbound {
 		return pkt.info.Src.String()
 	}
 	return pkt.info.Dst.String()
@@ -179,7 +179,7 @@ func (pkt *Base) FmtRemoteIP() string {
 // FmtRemotePort returns the remote port as a string
 func (pkt *Base) FmtRemotePort() string {
 	if pkt.info.SrcPort != 0 {
-		if pkt.info.Direction {
+		if pkt.info.Inbound {
 			return fmt.Sprintf("%d", pkt.info.SrcPort)
 		}
 		return fmt.Sprintf("%d", pkt.info.DstPort)

network/packet/packetinfo.go

@@ -6,8 +6,8 @@ import (
 
 // Info holds IP and TCP/UDP header information
 type Info struct {
-	Direction bool
+	Inbound  bool
-	InTunnel  bool
+	InTunnel bool
 
 	Version          IPVersion
 	Protocol         IPProtocol
@@ -17,7 +17,7 @@ type Info struct {
 
 // LocalIP returns the local IP of the packet.
 func (pi *Info) LocalIP() net.IP {
-	if pi.Direction {
+	if pi.Inbound {
 		return pi.Dst
 	}
 	return pi.Src
@@ -25,7 +25,7 @@ func (pi *Info) LocalIP() net.IP {
 
 // RemoteIP returns the remote IP of the packet.
 func (pi *Info) RemoteIP() net.IP {
-	if pi.Direction {
+	if pi.Inbound {
 		return pi.Src
 	}
 	return pi.Dst
@@ -33,7 +33,7 @@ func (pi *Info) RemoteIP() net.IP {
 
 // LocalPort returns the local port of the packet.
 func (pi *Info) LocalPort() uint16 {
-	if pi.Direction {
+	if pi.Inbound {
 		return pi.DstPort
 	}
 	return pi.SrcPort
@@ -41,7 +41,7 @@ func (pi *Info) LocalPort() uint16 {
 
 // RemotePort returns the remote port of the packet.
 func (pi *Info) RemotePort() uint16 {
-	if pi.Direction {
+	if pi.Inbound {
 		return pi.SrcPort
 	}
 	return pi.DstPort

network/state/lookup.go

@@ -2,7 +2,6 @@ package state
 
 import (
 	"errors"
-	"net"
 	"sync"
 	"time"
 
@@ -44,62 +43,36 @@ var (
 	waitTime = 3 * time.Millisecond
 )
 
-func LookupWithPacket(pkt packet.Packet) (pid int, inbound bool, err error) {
+func Lookup(pktInfo *packet.Info) (pid int, inbound bool, err error) {
-	meta := pkt.Info()
-	return Lookup(
-		meta.Version,
-		meta.Protocol,
-		meta.LocalIP(),
-		meta.LocalPort(),
-		meta.RemoteIP(),
-		meta.RemotePort(),
-		meta.Direction,
-	)
-}
-
-func Lookup(
-	ipVersion packet.IPVersion,
-	protocol packet.IPProtocol,
-	localIP net.IP,
-	localPort uint16,
-	remoteIP net.IP,
-	remotePort uint16,
-	pktInbound bool,
-) (
-	pid int,
-	inbound bool,
-	err error,
-) {
-
 	// auto-detect version
-	if ipVersion == 0 {
+	if pktInfo.Version == 0 {
-		if ip := localIP.To4(); ip != nil {
+		if ip := pktInfo.LocalIP().To4(); ip != nil {
-			ipVersion = packet.IPv4
+			pktInfo.Version = packet.IPv4
 		} else {
-			ipVersion = packet.IPv6
+			pktInfo.Version = packet.IPv6
 		}
 	}
 
 	switch {
-	case ipVersion == packet.IPv4 && protocol == packet.TCP:
+	case pktInfo.Version == packet.IPv4 && pktInfo.Protocol == packet.TCP:
 		tcp4Lock.Lock()
 		defer tcp4Lock.Unlock()
-		return searchTCP(tcp4Connections, tcp4Listeners, updateTCP4Tables, localIP, localPort)
+		return searchTCP(tcp4Connections, tcp4Listeners, updateTCP4Tables, pktInfo)
 
-	case ipVersion == packet.IPv6 && protocol == packet.TCP:
+	case pktInfo.Version == packet.IPv6 && pktInfo.Protocol == packet.TCP:
 		tcp6Lock.Lock()
 		defer tcp6Lock.Unlock()
-		return searchTCP(tcp6Connections, tcp6Listeners, updateTCP6Tables, localIP, localPort)
+		return searchTCP(tcp6Connections, tcp6Listeners, updateTCP6Tables, pktInfo)
 
-	case ipVersion == packet.IPv4 && protocol == packet.UDP:
+	case pktInfo.Version == packet.IPv4 && pktInfo.Protocol == packet.UDP:
 		udp4Lock.Lock()
 		defer udp4Lock.Unlock()
-		return searchUDP(udp4Binds, udp4States, updateUDP4Table, localIP, localPort, remoteIP, remotePort, pktInbound)
+		return searchUDP(udp4Binds, udp4States, updateUDP4Table, pktInfo)
 
-	case ipVersion == packet.IPv6 && protocol == packet.UDP:
+	case pktInfo.Version == packet.IPv6 && pktInfo.Protocol == packet.UDP:
 		udp6Lock.Lock()
 		defer udp6Lock.Unlock()
-		return searchUDP(udp6Binds, udp6States, updateUDP6Table, localIP, localPort, remoteIP, remotePort, pktInbound)
+		return searchUDP(udp6Binds, udp6States, updateUDP6Table, pktInfo)
 
 	default:
 		return UnidentifiedProcessID, false, errors.New("unsupported protocol for finding process")
@@ -110,14 +83,16 @@ func searchTCP(
 	connections []*socket.ConnectionInfo,
 	listeners []*socket.BindInfo,
 	updateTables func() ([]*socket.ConnectionInfo, []*socket.BindInfo),
-	localIP net.IP,
+	pktInfo *packet.Info,
-	localPort uint16,
 ) (
 	pid int,
 	inbound bool,
 	err error,
 ) {
 
+	localIP := pktInfo.LocalIP()
+	localPort := pktInfo.LocalPort()
+
 	// search until we find something
 	for i := 0; i < 5; i++ {
 		// always search listeners first
@@ -150,18 +125,17 @@ func searchUDP(
 	binds []*socket.BindInfo,
 	udpStates map[string]map[string]*udpState,
 	updateTable func() []*socket.BindInfo,
-	localIP net.IP,
+	pktInfo *packet.Info,
-	localPort uint16,
-	remoteIP net.IP,
-	remotePort uint16,
-	pktInbound bool,
 ) (
 	pid int,
 	inbound bool,
 	err error,
 ) {
 
-	isInboundMulticast := pktInbound && netutils.ClassifyIP(localIP) == netutils.LocalMulticast
+	localIP := pktInfo.LocalIP()
+	localPort := pktInfo.LocalPort()
+
+	isInboundMulticast := pktInfo.Inbound && netutils.ClassifyIP(localIP) == netutils.LocalMulticast
 	// TODO: Currently broadcast/multicast scopes are not checked, so we might
 	// attribute an incoming broadcast/multicast packet to the wrong process if
 	// there are multiple processes listening on the same local port, but
@@ -177,12 +151,12 @@ func searchUDP(
 					localIP.Equal(socketInfo.Local.IP)) {
 
 				// do not check direction if remoteIP/Port is not given
-				if remotePort == 0 {
+				if pktInfo.RemotePort() == 0 {
-					return checkBindPID(socketInfo, pktInbound)
+					return checkBindPID(socketInfo, pktInfo.Inbound)
 				}
 
 				// get direction and return
-				connInbound := getUDPDirection(socketInfo, udpStates, remoteIP, remotePort, pktInbound)
+				connInbound := getUDPDirection(socketInfo, udpStates, pktInfo)
 				return checkBindPID(socketInfo, connInbound)
 			}
 		}
@@ -194,5 +168,5 @@ func searchUDP(
 		binds = updateTable()
 	}
 
-	return UnidentifiedProcessID, pktInbound, ErrConnectionNotFound
+	return UnidentifiedProcessID, pktInfo.Inbound, ErrConnectionNotFound
 }

network/state/udp.go

@@ -5,6 +5,7 @@ import (
 	"net"
 	"time"
 
+	"github.com/safing/portmaster/network/packet"
 	"github.com/safing/portmaster/network/socket"
 )
 
@@ -34,7 +35,7 @@ func getUDPConnState(socketInfo *socket.BindInfo, udpStates map[string]map[strin
 	return nil, false
 }
 
-func getUDPDirection(socketInfo *socket.BindInfo, udpStates map[string]map[string]*udpState, remoteIP net.IP, remotePort uint16, pktInbound bool) (connDirection bool) {
+func getUDPDirection(socketInfo *socket.BindInfo, udpStates map[string]map[string]*udpState, pktInfo *packet.Info) (connDirection bool) {
 	localKey := makeUDPStateKey(socketInfo.Local.IP, socketInfo.Local.Port)
 
 	bindMap, ok := udpStates[localKey]
@@ -43,14 +44,14 @@ func getUDPDirection(socketInfo *socket.BindInfo, udpStates map[string]map[strin
 		udpStates[localKey] = bindMap
 	}
 
-	remoteKey := makeUDPStateKey(remoteIP, remotePort)
+	remoteKey := makeUDPStateKey(pktInfo.RemoteIP(), pktInfo.RemotePort())
 	udpConnState, ok := bindMap[remoteKey]
 	if !ok {
 		bindMap[remoteKey] = &udpState{
-			inbound:  pktInbound,
+			inbound:  pktInfo.Inbound,
 			lastSeen: time.Now().UTC(),
 		}
-		return pktInbound
+		return pktInfo.Inbound
 	}
 
 	udpConnState.lastSeen = time.Now().UTC()

process/find.go

@@ -3,7 +3,6 @@ package process
 import (
 	"context"
 	"errors"
-	"net"
 
 	"github.com/safing/portmaster/network/state"
 
@@ -16,45 +15,16 @@ var (
 	ErrProcessNotFound = errors.New("could not find process in system state tables")
 )
 
-// GetProcessByPacket returns the process that owns the given packet.
-func GetProcessByPacket(pkt packet.Packet) (process *Process, inbound bool, err error) {
-	meta := pkt.Info()
-	return GetProcessByEndpoints(
-		pkt.Ctx(),
-		meta.Version,
-		meta.Protocol,
-		meta.LocalIP(),
-		meta.LocalPort(),
-		meta.RemoteIP(),
-		meta.RemotePort(),
-		meta.Direction,
-	)
-}
-
 // GetProcessByEndpoints returns the process that owns the described link.
-func GetProcessByEndpoints(
+func GetProcessByConnection(ctx context.Context, pktInfo *packet.Info) (process *Process, connInbound bool, err error) {
-	ctx context.Context,
-	ipVersion packet.IPVersion,
-	protocol packet.IPProtocol,
-	localIP net.IP,
-	localPort uint16,
-	remoteIP net.IP,
-	remotePort uint16,
-	pktInbound bool,
-) (
-	process *Process,
-	connInbound bool,
-	err error,
-) {
-
 	if !enableProcessDetection() {
 		log.Tracer(ctx).Tracef("process: process detection disabled")
-		return GetUnidentifiedProcess(ctx), pktInbound, nil
+		return GetUnidentifiedProcess(ctx), pktInfo.Inbound, nil
 	}
 
 	log.Tracer(ctx).Tracef("process: getting pid from system network state")
 	var pid int
-	pid, connInbound, err = state.Lookup(ipVersion, protocol, localIP, localPort, remoteIP, remotePort, pktInbound)
+	pid, connInbound, err = state.Lookup(pktInfo)
 	if err != nil {
 		log.Tracer(ctx).Debugf("process: failed to find PID of connection: %s", err)
 		return nil, connInbound, err