github/portmaster
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Add SPN integration

Browse Source
This commit is contained in:
Daniel
2020-08-06 21:22:14 +02:00
parent 1ce9049ca0
commit cdec623033
9 changed files with 116 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
firewall/interception.go
View File

@@ -12,7 +12,10 @@ import (
"github.com/safing/portmaster/firewall/inspection"
"github.com/safing/portmaster/firewall/interception"
"github.com/safing/portmaster/network"
"github.com/safing/portmaster/network/netutils"
"github.com/safing/portmaster/network/packet"
"github.com/safing/spn/captain"
"github.com/safing/spn/sluice"
// module dependencies
_ "github.com/safing/portmaster/core/base"
@@ -222,6 +225,22 @@ func initialHandler(conn *network.Connection, pkt packet.Packet) {
DecideOnConnection(pkt.Ctx(), conn, pkt)
conn.Inspecting = false // TODO: enable inspecting again
// tunneling
// TODO: add implementation for forced tunneling
if pkt.IsOutbound() &&
captain.ClientReady() &&
netutils.IPIsGlobal(conn.Entity.IP) &&
conn.Verdict == network.VerdictAccept {
// try to tunnel
err := sluice.AwaitRequest(pkt.Info(), conn.Entity.Domain)
if err != nil {
log.Tracer(pkt.Ctx()).Tracef("filter: not tunneling: %s", err)
} else {
log.Tracer(pkt.Ctx()).Trace("filter: tunneling request")
conn.Verdict = network.VerdictRerouteToTunnel
}
}
switch {
case conn.Inspecting:
log.Tracer(pkt.Ctx()).Trace("filter: start inspecting")