Add windowskext integration, update related packages
This commit is contained in:
Daniel
@@ -22,30 +22,30 @@ func GetPidByPacket(pkt packet.Packet) (pid int, direction bool, err error) {
|
||||
var remoteIP net.IP
|
||||
var remotePort uint16
|
||||
if pkt.IsInbound() {
|
||||
localIP = pkt.GetIPHeader().Dst
|
||||
remoteIP = pkt.GetIPHeader().Src
|
||||
localIP = pkt.Info().Dst
|
||||
remoteIP = pkt.Info().Src
|
||||
} else {
|
||||
localIP = pkt.GetIPHeader().Src
|
||||
remoteIP = pkt.GetIPHeader().Dst
|
||||
localIP = pkt.Info().Src
|
||||
remoteIP = pkt.Info().Dst
|
||||
}
|
||||
if pkt.GetIPHeader().Protocol == packet.TCP || pkt.GetIPHeader().Protocol == packet.UDP {
|
||||
if pkt.HasPorts() {
|
||||
if pkt.IsInbound() {
|
||||
localPort = pkt.GetTCPUDPHeader().DstPort
|
||||
remotePort = pkt.GetTCPUDPHeader().SrcPort
|
||||
localPort = pkt.Info().DstPort
|
||||
remotePort = pkt.Info().SrcPort
|
||||
} else {
|
||||
localPort = pkt.GetTCPUDPHeader().SrcPort
|
||||
remotePort = pkt.GetTCPUDPHeader().DstPort
|
||||
localPort = pkt.Info().SrcPort
|
||||
remotePort = pkt.Info().DstPort
|
||||
}
|
||||
}
|
||||
|
||||
switch {
|
||||
case pkt.GetIPHeader().Protocol == packet.TCP && pkt.IPVersion() == packet.IPv4:
|
||||
case pkt.Info().Protocol == packet.TCP && pkt.Info().Version == packet.IPv4:
|
||||
return getTCP4PacketInfo(localIP, localPort, remoteIP, remotePort, pkt.IsInbound())
|
||||
case pkt.GetIPHeader().Protocol == packet.UDP && pkt.IPVersion() == packet.IPv4:
|
||||
case pkt.Info().Protocol == packet.UDP && pkt.Info().Version == packet.IPv4:
|
||||
return getUDP4PacketInfo(localIP, localPort, remoteIP, remotePort, pkt.IsInbound())
|
||||
case pkt.GetIPHeader().Protocol == packet.TCP && pkt.IPVersion() == packet.IPv6:
|
||||
case pkt.Info().Protocol == packet.TCP && pkt.Info().Version == packet.IPv6:
|
||||
return getTCP6PacketInfo(localIP, localPort, remoteIP, remotePort, pkt.IsInbound())
|
||||
case pkt.GetIPHeader().Protocol == packet.UDP && pkt.IPVersion() == packet.IPv6:
|
||||
case pkt.Info().Protocol == packet.UDP && pkt.Info().Version == packet.IPv6:
|
||||
return getUDP6PacketInfo(localIP, localPort, remoteIP, remotePort, pkt.IsInbound())
|
||||
default:
|
||||
return -1, false, errors.New("unsupported protocol for finding process")
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package process
|
||||
|
||||
import (
|
||||
"github.com/Safing/safing-core/process/iphelper"
|
||||
"github.com/Safing/portmaster/process/iphelper"
|
||||
)
|
||||
|
||||
var (
|
||||
|
||||
@@ -6,6 +6,7 @@ import (
|
||||
"fmt"
|
||||
"net"
|
||||
"sync"
|
||||
"time"
|
||||
)
|
||||
|
||||
var (
|
||||
@@ -21,6 +22,8 @@ var (
|
||||
|
||||
ipHelper *IPHelper
|
||||
lock sync.RWMutex
|
||||
|
||||
waitTime = 15 * time.Millisecond
|
||||
)
|
||||
|
||||
func checkIPHelper() (err error) {
|
||||
@@ -34,57 +37,71 @@ func checkIPHelper() (err error) {
|
||||
func GetTCP4PacketInfo(localIP net.IP, localPort uint16, remoteIP net.IP, remotePort uint16, pktDirection bool) (pid int, direction bool, err error) {
|
||||
|
||||
// search
|
||||
pid, direction = search(tcp4Connections, tcp4Listeners, localIP, remoteIP, localPort, remotePort, pktDirection)
|
||||
pid, _ = search(tcp4Connections, tcp4Listeners, localIP, remoteIP, localPort, remotePort, pktDirection)
|
||||
if pid >= 0 {
|
||||
return
|
||||
return pid, pktDirection, nil
|
||||
}
|
||||
|
||||
// if unable to find, refresh
|
||||
lock.Lock()
|
||||
err = checkIPHelper()
|
||||
if err == nil {
|
||||
tcp4Connections, tcp4Listeners, err = ipHelper.GetTables(TCP, IPv4)
|
||||
}
|
||||
lock.Unlock()
|
||||
if err != nil {
|
||||
return -1, direction, err
|
||||
for i := 0; i < 3; i++ {
|
||||
// give kernel some time, then try again
|
||||
// log.Tracef("process: giving kernel some time to think")
|
||||
|
||||
// if unable to find, refresh
|
||||
lock.Lock()
|
||||
err = checkIPHelper()
|
||||
if err == nil {
|
||||
tcp4Connections, tcp4Listeners, err = ipHelper.GetTables(TCP, IPv4)
|
||||
}
|
||||
lock.Unlock()
|
||||
if err != nil {
|
||||
return -1, pktDirection, err
|
||||
}
|
||||
|
||||
// search
|
||||
pid, _ = search(tcp4Connections, tcp4Listeners, localIP, remoteIP, localPort, remotePort, pktDirection)
|
||||
if pid >= 0 {
|
||||
return pid, pktDirection, nil
|
||||
}
|
||||
|
||||
time.Sleep(waitTime)
|
||||
}
|
||||
|
||||
// search
|
||||
pid, direction = search(tcp4Connections, tcp4Listeners, localIP, remoteIP, localPort, remotePort, pktDirection)
|
||||
if pid >= 0 {
|
||||
return
|
||||
}
|
||||
|
||||
return -1, direction, nil
|
||||
return -1, pktDirection, nil
|
||||
}
|
||||
|
||||
func GetTCP6PacketInfo(localIP net.IP, localPort uint16, remoteIP net.IP, remotePort uint16, pktDirection bool) (pid int, direction bool, err error) {
|
||||
|
||||
// search
|
||||
pid, direction = search(tcp6Connections, tcp6Listeners, localIP, remoteIP, localPort, remotePort, pktDirection)
|
||||
pid, _ = search(tcp6Connections, tcp6Listeners, localIP, remoteIP, localPort, remotePort, pktDirection)
|
||||
if pid >= 0 {
|
||||
return
|
||||
return pid, pktDirection, nil
|
||||
}
|
||||
|
||||
// if unable to find, refresh
|
||||
lock.Lock()
|
||||
err = checkIPHelper()
|
||||
if err == nil {
|
||||
tcp6Connections, tcp6Listeners, err = ipHelper.GetTables(TCP, IPv6)
|
||||
}
|
||||
lock.Unlock()
|
||||
if err != nil {
|
||||
return -1, direction, err
|
||||
for i := 0; i < 3; i++ {
|
||||
// give kernel some time, then try again
|
||||
// log.Tracef("process: giving kernel some time to think")
|
||||
|
||||
// if unable to find, refresh
|
||||
lock.Lock()
|
||||
err = checkIPHelper()
|
||||
if err == nil {
|
||||
tcp6Connections, tcp6Listeners, err = ipHelper.GetTables(TCP, IPv6)
|
||||
}
|
||||
lock.Unlock()
|
||||
if err != nil {
|
||||
return -1, pktDirection, err
|
||||
}
|
||||
|
||||
// search
|
||||
pid, _ = search(tcp6Connections, tcp6Listeners, localIP, remoteIP, localPort, remotePort, pktDirection)
|
||||
if pid >= 0 {
|
||||
return pid, pktDirection, nil
|
||||
}
|
||||
|
||||
time.Sleep(waitTime)
|
||||
}
|
||||
|
||||
// search
|
||||
pid, direction = search(tcp6Connections, tcp6Listeners, localIP, remoteIP, localPort, remotePort, pktDirection)
|
||||
if pid >= 0 {
|
||||
return
|
||||
}
|
||||
|
||||
return -1, direction, nil
|
||||
return -1, pktDirection, nil
|
||||
}
|
||||
|
||||
func GetUDP4PacketInfo(localIP net.IP, localPort uint16, remoteIP net.IP, remotePort uint16, pktDirection bool) (pid int, direction bool, err error) {
|
||||
@@ -95,21 +112,28 @@ func GetUDP4PacketInfo(localIP net.IP, localPort uint16, remoteIP net.IP, remote
|
||||
return pid, pktDirection, nil
|
||||
}
|
||||
|
||||
// if unable to find, refresh
|
||||
lock.Lock()
|
||||
err = checkIPHelper()
|
||||
if err == nil {
|
||||
udp4Connections, udp4Listeners, err = ipHelper.GetTables(UDP, IPv4)
|
||||
}
|
||||
lock.Unlock()
|
||||
if err != nil {
|
||||
return -1, pktDirection, err
|
||||
}
|
||||
for i := 0; i < 3; i++ {
|
||||
// give kernel some time, then try again
|
||||
// log.Tracef("process: giving kernel some time to think")
|
||||
|
||||
// search
|
||||
pid, _ = search(udp4Connections, udp4Listeners, localIP, remoteIP, localPort, remotePort, pktDirection)
|
||||
if pid >= 0 {
|
||||
return pid, pktDirection, nil
|
||||
// if unable to find, refresh
|
||||
lock.Lock()
|
||||
err = checkIPHelper()
|
||||
if err == nil {
|
||||
udp4Connections, udp4Listeners, err = ipHelper.GetTables(UDP, IPv4)
|
||||
}
|
||||
lock.Unlock()
|
||||
if err != nil {
|
||||
return -1, pktDirection, err
|
||||
}
|
||||
|
||||
// search
|
||||
pid, _ = search(udp4Connections, udp4Listeners, localIP, remoteIP, localPort, remotePort, pktDirection)
|
||||
if pid >= 0 {
|
||||
return pid, pktDirection, nil
|
||||
}
|
||||
|
||||
time.Sleep(waitTime)
|
||||
}
|
||||
|
||||
return -1, pktDirection, nil
|
||||
@@ -123,21 +147,28 @@ func GetUDP6PacketInfo(localIP net.IP, localPort uint16, remoteIP net.IP, remote
|
||||
return pid, pktDirection, nil
|
||||
}
|
||||
|
||||
// if unable to find, refresh
|
||||
lock.Lock()
|
||||
err = checkIPHelper()
|
||||
if err == nil {
|
||||
udp6Connections, udp6Listeners, err = ipHelper.GetTables(UDP, IPv6)
|
||||
}
|
||||
lock.Unlock()
|
||||
if err != nil {
|
||||
return -1, pktDirection, err
|
||||
}
|
||||
for i := 0; i < 3; i++ {
|
||||
// give kernel some time, then try again
|
||||
// log.Tracef("process: giving kernel some time to think")
|
||||
|
||||
// search
|
||||
pid, _ = search(udp6Connections, udp6Listeners, localIP, remoteIP, localPort, remotePort, pktDirection)
|
||||
if pid >= 0 {
|
||||
return pid, pktDirection, nil
|
||||
// if unable to find, refresh
|
||||
lock.Lock()
|
||||
err = checkIPHelper()
|
||||
if err == nil {
|
||||
udp6Connections, udp6Listeners, err = ipHelper.GetTables(UDP, IPv6)
|
||||
}
|
||||
lock.Unlock()
|
||||
if err != nil {
|
||||
return -1, pktDirection, err
|
||||
}
|
||||
|
||||
// search
|
||||
pid, _ = search(udp6Connections, udp6Listeners, localIP, remoteIP, localPort, remotePort, pktDirection)
|
||||
if pid >= 0 {
|
||||
return pid, pktDirection, nil
|
||||
}
|
||||
|
||||
time.Sleep(waitTime)
|
||||
}
|
||||
|
||||
return -1, pktDirection, nil
|
||||
@@ -190,8 +221,8 @@ func searchListeners(list []*connectionEntry, localIP net.IP, localPort uint16)
|
||||
|
||||
for _, entry := range list {
|
||||
if localPort == entry.localPort &&
|
||||
entry.localIP == nil || // nil IP means zero IP, see tables.go
|
||||
localIP.Equal(entry.localIP) {
|
||||
(entry.localIP == nil || // nil IP means zero IP, see tables.go
|
||||
localIP.Equal(entry.localIP)) {
|
||||
return entry.pid
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,7 +3,6 @@
|
||||
package iphelper
|
||||
|
||||
import (
|
||||
"encoding/binary"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
@@ -125,19 +124,19 @@ func (ipHelper *IPHelper) GetTables(protocol uint8, ipVersion uint8) (connection
|
||||
r1, _, err = ipHelper.getExtendedTcpTable.Call(
|
||||
uintptr(unsafe.Pointer(&buf[0])), // _Out_ PVOID pTcpTable
|
||||
uintptr(unsafe.Pointer(&bufSize)), // _Inout_ PDWORD pdwSize
|
||||
0, // _In_ BOOL bOrder
|
||||
uintptr(afClass), // _In_ ULONG ulAf
|
||||
iphelper_TCP_TABLE_OWNER_PID_ALL, // _In_ TCP_TABLE_CLASS TableClass
|
||||
0, // _In_ ULONG Reserved
|
||||
0, // _In_ BOOL bOrder
|
||||
uintptr(afClass), // _In_ ULONG ulAf
|
||||
iphelper_TCP_TABLE_OWNER_PID_ALL, // _In_ TCP_TABLE_CLASS TableClass
|
||||
0, // _In_ ULONG Reserved
|
||||
)
|
||||
case UDP:
|
||||
r1, _, err = ipHelper.getExtendedUdpTable.Call(
|
||||
uintptr(unsafe.Pointer(&buf[0])), // _Out_ PVOID pUdpTable,
|
||||
uintptr(unsafe.Pointer(&bufSize)), // _Inout_ PDWORD pdwSize,
|
||||
0, // _In_ BOOL bOrder,
|
||||
uintptr(afClass), // _In_ ULONG ulAf,
|
||||
iphelper_UDP_TABLE_OWNER_PID, // _In_ UDP_TABLE_CLASS TableClass,
|
||||
0, // _In_ ULONG Reserved
|
||||
0, // _In_ BOOL bOrder,
|
||||
uintptr(afClass), // _In_ ULONG ulAf,
|
||||
iphelper_UDP_TABLE_OWNER_PID, // _In_ UDP_TABLE_CLASS TableClass,
|
||||
0, // _In_ ULONG Reserved
|
||||
)
|
||||
}
|
||||
|
||||
@@ -165,19 +164,16 @@ func (ipHelper *IPHelper) GetTables(protocol uint8, ipVersion uint8) (connection
|
||||
new.pid = int(row.owningPid)
|
||||
|
||||
// local
|
||||
new.localIP = make([]byte, 4)
|
||||
binary.LittleEndian.PutUint32(new.localIP, row.localAddr)
|
||||
if row.localAddr != 0 {
|
||||
new.localIP = convertIPv4(row.localAddr)
|
||||
}
|
||||
new.localPort = uint16(row.localPort>>8 | row.localPort<<8)
|
||||
|
||||
// remote
|
||||
if row.state == iphelper_TCP_STATE_LISTEN {
|
||||
if new.localIP.Equal(net.IPv4zero) {
|
||||
new.localIP = nil
|
||||
}
|
||||
listeners = append(listeners, new)
|
||||
} else {
|
||||
new.remoteIP = make([]byte, 4)
|
||||
binary.LittleEndian.PutUint32(new.remoteIP, row.remoteAddr)
|
||||
new.remoteIP = convertIPv4(row.remoteAddr)
|
||||
new.remotePort = uint16(row.remotePort>>8 | row.remotePort<<8)
|
||||
connections = append(connections, new)
|
||||
}
|
||||
@@ -229,8 +225,7 @@ func (ipHelper *IPHelper) GetTables(protocol uint8, ipVersion uint8) (connection
|
||||
if row.localAddr == 0 {
|
||||
listeners = append(listeners, new)
|
||||
} else {
|
||||
new.localIP = make([]byte, 4)
|
||||
binary.LittleEndian.PutUint32(new.localIP, row.localAddr)
|
||||
new.localIP = convertIPv4(row.localAddr)
|
||||
connections = append(connections, new)
|
||||
}
|
||||
}
|
||||
@@ -261,3 +256,12 @@ func (ipHelper *IPHelper) GetTables(protocol uint8, ipVersion uint8) (connection
|
||||
|
||||
return connections, listeners, nil
|
||||
}
|
||||
|
||||
func convertIPv4(input uint32) net.IP {
|
||||
return net.IPv4(
|
||||
uint8(input&0xFF),
|
||||
uint8(input>>8&0xFF),
|
||||
uint8(input>>16&0xFF),
|
||||
uint8(input>>24&0xFF),
|
||||
)
|
||||
}
|
||||
|
||||
@@ -5,7 +5,7 @@ package main
|
||||
import (
|
||||
"fmt"
|
||||
|
||||
"github.com/Safing/safing-core/process/iphelper"
|
||||
"github.com/Safing/portmaster/process/iphelper"
|
||||
)
|
||||
|
||||
func main() {
|
||||
|
||||
@@ -5,12 +5,12 @@ import "strings"
|
||||
// IsUser returns whether the process is run by a normal user.
|
||||
func (m *Process) IsUser() bool {
|
||||
return m.Pid != 4 && // Kernel
|
||||
!strings.HasPrefix(m.UserName, "NT-") // NT-Authority (localized!)
|
||||
!strings.HasPrefix(m.UserName, "NT") // NT-Authority (localized!)
|
||||
}
|
||||
|
||||
// IsAdmin returns whether the process is run by an admin user.
|
||||
func (m *Process) IsAdmin() bool {
|
||||
return strings.HasPrefix(m.UserName, "NT-") // NT-Authority (localized!)
|
||||
return strings.HasPrefix(m.UserName, "NT") // NT-Authority (localized!)
|
||||
}
|
||||
|
||||
// IsSystem returns whether the process is run by the operating system.
|
||||
|
||||
Reference in New Issue
Block a user