Merge pull request #20 from safing/feature/portscan_detection

minor general changes: debugmessages, comments, TODOs

firewall/firewall.go

@@ -146,6 +146,7 @@ func handlePacket(pkt packet.Packet) {
 			pkt.PermanentAccept()
 			return
 		}
+		// TODO: Howto handle NetBios?
 	}
 
 	// log.Debugf("firewall: pkt %s has ID %s", pkt, pkt.GetLinkID())
@@ -268,6 +269,7 @@ func initialHandler(pkt packet.Packet, link *network.Link) {
 	// 	link.StopFirewallHandler()
 	// 	permanentVerdict(pkt, network.VerdictAccept)
 	case link.Inspect:
+		log.Tracer(pkt.Ctx()).Trace("firewall: start inspecting")
 		link.SetFirewallHandler(inspectThenVerdict)
 		inspectThenVerdict(pkt, link)
 	default:

firewall/inspection/inspection.go

@@ -64,7 +64,7 @@ func RunInspectors(pkt packet.Packet, link *network.Link) (network.Verdict, bool
 			continue
 		}
 
-		action := inspectors[key](pkt, link)
+		action := inspectors[key](pkt, link) // Actually run inspector
 		switch action {
 		case DO_NOTHING:
 			if verdict < network.VerdictAccept {

status/threat.go

@@ -14,6 +14,7 @@ type Threat struct {
 	MitigationLevel uint8       // Recommended Security Level to switch to for mitigation
 	Started         int64
 	Ended           int64
+	// TODO: add locking
 }
 
 // AddOrUpdateThreat adds or updates a new threat in the system status.