github/portmaster
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Improve logging, support pre-authorized ports

Browse Source
This commit is contained in:
Daniel
2019-05-10 11:57:18 +02:00
parent 55ef385dcb
commit e72ed023db
5 changed files with 118 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
network/communication.go
View File

@@ -3,6 +3,7 @@
package network package network
import ( import (
"context"
"errors" "errors"
"fmt" "fmt"
"net" "net"
@@ -235,9 +236,9 @@ var (
) )
// GetCommunicationByDNSRequest returns the matching communication from the internal storage. // GetCommunicationByDNSRequest returns the matching communication from the internal storage.
func GetCommunicationByDNSRequest(ip net.IP, port uint16, fqdn string) (*Communication, error) { func GetCommunicationByDNSRequest(ctx context.Context, ip net.IP, port uint16, fqdn string) (*Communication, error) {
// get Process // get Process
proc, err := process.GetProcessByEndpoints(ip, port, dnsAddress, dnsPort, packet.UDP) proc, err := process.GetProcessByEndpoints(ctx, ip, port, dnsAddress, dnsPort, packet.UDP)
if err != nil { if err != nil {
return nil, err return nil, err
} }

5
network/link.go
View File

@@ -279,9 +279,12 @@ func GetLink(id string) (*Link, bool) {
func GetOrCreateLinkByPacket(pkt packet.Packet) (*Link, bool) { func GetOrCreateLinkByPacket(pkt packet.Packet) (*Link, bool) {
link, ok := GetLink(pkt.GetLinkID()) link, ok := GetLink(pkt.GetLinkID())
if ok { if ok {
log.Tracer(pkt.Ctx()).Tracef("network: assigned to link %s", link.ID)
return link, false return link, false
} }
return CreateLinkFromPacket(pkt), true link = CreateLinkFromPacket(pkt)
log.Tracer(pkt.Ctx()).Tracef("network: created new link %s", link.ID)
return link, true
} }
// CreateLinkFromPacket creates a new Link based on Packet. // CreateLinkFromPacket creates a new Link based on Packet.

14
network/packet/packet.go
View File

@@ -3,17 +3,29 @@
package packet package packet
import ( import (
"context"
"fmt" "fmt"
"net" "net"
) )
// Base is a base structure for satisfying the Packet interface. // Base is a base structure for satisfying the Packet interface.
type Base struct { type Base struct {
ctx context.Context
info Info info Info
linkID string linkID string
Payload []byte Payload []byte
} }
// SetCtx sets the packet context.
func (pkt *Base) SetCtx(ctx context.Context) {
pkt.ctx = ctx
}
// Ctx returns the packet context.
func (pkt *Base) Ctx() context.Context {
return pkt.ctx
}
// Info returns the packet Info. // Info returns the packet Info.
func (pkt *Base) Info() *Info { func (pkt *Base) Info() *Info {
return &pkt.info return &pkt.info
@@ -195,6 +207,8 @@ type Packet interface {
RerouteToTunnel() error RerouteToTunnel() error
// INFO // INFO
SetCtx(context.Context)
Ctx() context.Context
Info() *Info Info() *Info
SetPacketInfo(Info) SetPacketInfo(Info)
IsInbound() bool IsInbound() bool

76
network/self.go Normal file
View File

@@ -0,0 +1,76 @@
package network
import (
"fmt"
"os"
"time"
"github.com/Safing/portmaster/network/netutils"
"github.com/Safing/portmaster/network/packet"
"github.com/Safing/portmaster/process"
)
// GetOwnComm returns the communication for the given packet, that originates from
func GetOwnComm(pkt packet.Packet) (*Communication, error) {
var domain string
// Incoming
if pkt.IsInbound() {
switch netutils.ClassifyIP(pkt.Info().RemoteIP()) {
case netutils.HostLocal:
domain = IncomingHost
case netutils.LinkLocal, netutils.SiteLocal, netutils.LocalMulticast:
domain = IncomingLAN
case netutils.Global, netutils.GlobalMulticast:
domain = IncomingInternet
case netutils.Invalid:
domain = IncomingInvalid
}
communication, ok := GetCommunication(os.Getpid(), domain)
if !ok {
proc, err := process.GetOrFindProcess(pkt.Ctx(), os.Getpid())
if err != nil {
return nil, fmt.Errorf("could not get own process")
}
communication = &Communication{
Domain: domain,
Direction: Inbound,
process: proc,
Inspect: true,
FirstLinkEstablished: time.Now().Unix(),
}
}
communication.process.AddCommunication()
return communication, nil
}
// PeerToPeer
switch netutils.ClassifyIP(pkt.Info().RemoteIP()) {
case netutils.HostLocal:
domain = PeerHost
case netutils.LinkLocal, netutils.SiteLocal, netutils.LocalMulticast:
domain = PeerLAN
case netutils.Global, netutils.GlobalMulticast:
domain = PeerInternet
case netutils.Invalid:
domain = PeerInvalid
}
communication, ok := GetCommunication(os.Getpid(), domain)
if !ok {
proc, err := process.GetOrFindProcess(pkt.Ctx(), os.Getpid())
if err != nil {
return nil, fmt.Errorf("could not get own process")
}
communication = &Communication{
Domain: domain,
Direction: Outbound,
process: proc,
Inspect: true,
FirstLinkEstablished: time.Now().Unix(),
}
}
communication.process.AddCommunication()
return communication, nil
}

21
network/status.go
View File

@@ -17,6 +17,27 @@ const (
VerdictRerouteToTunnel Verdict = 6 VerdictRerouteToTunnel Verdict = 6
) )
func (v Verdict) String() string {
switch v {
case VerdictUndecided:
return "<Undecided>"
case VerdictUndeterminable:
return "<Undeterminable>"
case VerdictAccept:
return "Accept"
case VerdictBlock:
return "Block"
case VerdictDrop:
return "Drop"
case VerdictRerouteToNameserver:
return "RerouteToNameserver"
case VerdictRerouteToTunnel:
return "RerouteToTunnel"
default:
return "<INVALID VERDICT>"
}
}
// Packer Directions // Packer Directions
const ( const (
Inbound = true Inbound = true