Improve handling of unknown links, improve reason messages

2019-02-12 16:33:34 +01:00
parent 12e1eb0917
commit ca508fd20f
3 changed files with 83 additions and 57 deletions
--- a/network/unknown.go
+++ b/network/unknown.go
@@ -1,31 +1,64 @@
 package network

-import "github.com/Safing/portmaster/process"
+import (
+	"time"
+
+	"github.com/Safing/portmaster/network/netutils"
+	"github.com/Safing/portmaster/network/packet"
+	"github.com/Safing/portmaster/process"
+)

 // Static reasons
 const (
 	ReasonUnknownProcess = "unknown connection owner: process could not be found"
 )

-var (
-	UnknownDirectConnection = &Connection{
-		Domain:    "PI",
-		Direction: Outbound,
-		Verdict:   DROP,
-		Reason:    ReasonUnknownProcess,
-		process:   process.UnknownProcess,
+// GetUnknownConnection returns the connection to a packet of unknown owner.
+func GetUnknownConnection(pkt packet.Packet) (*Connection, error) {
+	if pkt.IsInbound() {
+		switch netutils.ClassifyIP(pkt.GetIPHeader().Src) {
+		case netutils.HostLocal:
+			return getOrCreateUnknownConnection(pkt, IncomingHost)
+		case netutils.LinkLocal, netutils.SiteLocal, netutils.LocalMulticast:
+			return getOrCreateUnknownConnection(pkt, IncomingLAN)
+		case netutils.Global, netutils.GlobalMulticast:
+			return getOrCreateUnknownConnection(pkt, IncomingInternet)
+		case netutils.Invalid:
+			return getOrCreateUnknownConnection(pkt, IncomingInvalid)
+		}
 	}

-	UnknownIncomingConnection = &Connection{
-		Domain:    "II",
-		Direction: Inbound,
-		Verdict:   DROP,
-		Reason:    ReasonUnknownProcess,
-		process:   process.UnknownProcess,
+	switch netutils.ClassifyIP(pkt.GetIPHeader().Dst) {
+	case netutils.HostLocal:
+		return getOrCreateUnknownConnection(pkt, PeerHost)
+	case netutils.LinkLocal, netutils.SiteLocal, netutils.LocalMulticast:
+		return getOrCreateUnknownConnection(pkt, PeerLAN)
+	case netutils.Global, netutils.GlobalMulticast:
+		return getOrCreateUnknownConnection(pkt, PeerInternet)
+	case netutils.Invalid:
+		return getOrCreateUnknownConnection(pkt, PeerInvalid)
 	}
-)

-func init() {
-	UnknownDirectConnection.Save()
-	UnknownIncomingConnection.Save()
+	// this should never happen
+	return getOrCreateUnknownConnection(pkt, PeerInvalid)
+}
+
+func getOrCreateUnknownConnection(pkt packet.Packet, connClass string) (*Connection, error) {
+	connection, ok := GetConnection(process.UnknownProcess.Pid, connClass)
+	if !ok {
+		connection = &Connection{
+			Domain:               connClass,
+			Direction:            pkt.IsInbound(),
+			Verdict:              DROP,
+			Reason:               ReasonUnknownProcess,
+			process:              process.UnknownProcess,
+			Inspect:              true,
+			FirstLinkEstablished: time.Now().Unix(),
+		}
+		if pkt.IsOutbound() {
+			connection.Verdict = BLOCK
+		}
+	}
+	connection.process.AddConnection()
+	return connection, nil
 }