github/portmaster
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

incoming: force block by default, apply default action and allow LAN per rules

Browse Source
This commit is contained in:
Patrick Pacher
2022-09-20 09:16:23 +02:00
parent 2388c1b036
commit d4f316e65a
2 changed files with 3 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
firewall/master.go
View File

@@ -54,7 +54,6 @@ var defaultDeciders = []deciderFn{
checkBypassPrevention,
checkFilterLists,
checkCustomFilterList,
dropInbound,
checkDomainHeuristics,
checkAutoPermitRelated,
}
@@ -539,15 +538,6 @@ func checkDomainHeuristics(ctx context.Context, conn *network.Connection, p *pro
return false
}
func dropInbound(_ context.Context, conn *network.Connection, _ *profile.LayeredProfile, _ packet.Packet) bool {
// implicit default=block for inbound
if conn.Inbound {
conn.Drop("incoming connection blocked by default", profile.CfgOptionServiceEndpointsKey)
return true
}
return false
}
func checkAutoPermitRelated(_ context.Context, conn *network.Connection, p *profile.LayeredProfile, _ packet.Packet) bool {
// Auto permit is disabled for default action permit.
if p.DefaultAction() == profile.DefaultActionPermit {