Reevaluate and update firewall core logic
This commit is contained in:
6
threats/all.go
Normal file
6
threats/all.go
Normal file
@@ -0,0 +1,6 @@
|
||||
package threats
|
||||
|
||||
import (
|
||||
_ "github.com/Safing/portmaster/threats/arp"
|
||||
_ "github.com/Safing/portmaster/threats/portscan"
|
||||
)
|
||||
7
threats/arp/arpentry.go
Normal file
7
threats/arp/arpentry.go
Normal file
@@ -0,0 +1,7 @@
|
||||
package arp
|
||||
|
||||
type arpEntry struct {
|
||||
IP string
|
||||
MAC string
|
||||
Interface string
|
||||
}
|
||||
48
threats/arp/os_linux.go
Normal file
48
threats/arp/os_linux.go
Normal file
@@ -0,0 +1,48 @@
|
||||
package arp
|
||||
|
||||
import (
|
||||
"bufio"
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
"github.com/Safing/portbase/log"
|
||||
)
|
||||
|
||||
const (
|
||||
arpTableProcFile = "/proc/net/arp"
|
||||
)
|
||||
|
||||
func getArpTable() (table []*arpEntry, err error) {
|
||||
// open file
|
||||
arpData, err := os.Open(arpTableProcFile)
|
||||
if err != nil {
|
||||
log.Warningf("threats/arp: could not read %s: %s", arpTableProcFile, err)
|
||||
return nil, err
|
||||
}
|
||||
defer arpData.Close()
|
||||
|
||||
// file scanner
|
||||
scanner := bufio.NewScanner(arpData)
|
||||
scanner.Split(bufio.ScanLines)
|
||||
|
||||
// parse
|
||||
scanner.Scan() // skip first line
|
||||
for scanner.Scan() {
|
||||
line := strings.Fields(scanner.Text())
|
||||
if len(line) < 6 {
|
||||
continue
|
||||
}
|
||||
|
||||
table = append(table, &arpEntry{
|
||||
IP: line[0],
|
||||
MAC: line[3],
|
||||
Interface: line[5],
|
||||
})
|
||||
}
|
||||
|
||||
return table, nil
|
||||
}
|
||||
|
||||
func clearArpTable() error {
|
||||
return nil
|
||||
}
|
||||
1
threats/portscan/detection.go
Normal file
1
threats/portscan/detection.go
Normal file
@@ -0,0 +1 @@
|
||||
package portscan
|
||||
1
threats/portscan/module.go
Normal file
1
threats/portscan/module.go
Normal file
@@ -0,0 +1 @@
|
||||
package portscan
|
||||
Reference in New Issue
Block a user