github/portmaster
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Added filterlist integration

Browse Source
This commit is contained in:
ppacher
2020-04-01 09:12:06 +02:00
committed by Patrick Pacher
parent 61d31d4426
commit f96f8d8d6e
20 changed files with 1898 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
profile/profile-layered.go
View File

@@ -6,6 +6,7 @@ import (
"github.com/safing/portbase/log"
"github.com/safing/portmaster/intel/filterlist"
"github.com/safing/portmaster/status"
"github.com/tevino/abool"
@@ -94,7 +95,7 @@ func NewLayeredProfile(localProfile *Profile) *LayeredProfile {
cfgOptionRemoveBlockedDNS,
)
// TODO: load referenced profiles
// TODO: load linked profiles.
// FUTURE: load forced company profile
new.layers = append(new.layers, localProfile)
@@ -154,7 +155,7 @@ func (lp *LayeredProfile) Update() (revisionCounter uint64) {
func (lp *LayeredProfile) updateCaches() {
// update security level
var newLevel uint8 = 0
var newLevel uint8
for _, layer := range lp.layers {
if newLevel < layer.SecurityLevel {
newLevel = layer.SecurityLevel
@@ -217,6 +218,45 @@ func (lp *LayeredProfile) MatchServiceEndpoint(entity *intel.Entity) (result end
return cfgServiceEndpoints.Match(entity)
}
// MatchFilterLists matches the entity against the set of filter
// lists.
func (lp *LayeredProfile) MatchFilterLists(entity *intel.Entity) (result endpoints.EPResult, reason string) {
lookupMap, hasLists := entity.GetListsMap()
if !hasLists {
return endpoints.NoMatch, ""
}
log.Errorf("number of layers: %d", len(lp.layers))
for _, layer := range lp.layers {
if id := lookupMap.Match(layer.filterListIDs); id != "" {
return endpoints.Denied, id
}
// only check the first layer that has filter list
// IDs defined.
if len(layer.filterListIDs) > 0 {
return endpoints.NoMatch, ""
}
}
// TODO(ppacher): re-resolving global list IDs is a bit overkill,
// add some caching here.
cfgLock.RLock()
defer cfgLock.RUnlock()
globalIds, err := filterlist.ResolveListIDs(cfgOptionFilterLists())
if err != nil {
log.Errorf("filter: failed to get global filter list IDs: %s", err)
return endpoints.NoMatch, ""
}
if id := lookupMap.Match(globalIds); id != "" {
return endpoints.Denied, id
}
return endpoints.NoMatch, ""
}
// AddEndpoint adds an endpoint to the local endpoint list, saves the local profile and reloads the configuration.
func (lp *LayeredProfile) AddEndpoint(newEntry string) {
lp.localProfile.AddEndpoint(newEntry)