Remove hack + debug output because of fix in af1a925b11

shw-merge
dma 7 years ago
parent af1a925b11
commit 2869f15ba1

@ -279,22 +279,21 @@ func (c *socksChainSession) filterConnect() (bool, bool) {
var pinfo *procsnitch.Info = nil var pinfo *procsnitch.Info = nil
var optstr = "" var optstr = ""
// try to find process via oz-daemon known proxy endpoints
if err == nil { if err == nil {
pinfo, optstr = findProxyEndpoint(allProxies, c.clientConn) pinfo, optstr = findProxyEndpoint(allProxies, c.clientConn)
} }
// fall back to system-wide processes
if pinfo == nil { if pinfo == nil {
pinfo = procsnitch.FindProcessForConnection(c.clientConn, c.procInfo) pinfo = procsnitch.FindProcessForConnection(c.clientConn, c.procInfo)
// FIXME: TEMPORARY HACK
if pinfo != nil {
if pinfo.ExePath == "/usr/sbin/oz-daemon" {
log.Warningf("Rejecting unknown connection from /usr/bin/oz-daemon.")
return false, false
}
}
} }
// connection maybe doesn't exist anymore
if pinfo == nil { if pinfo == nil {
log.Warningf("No proc found for [socks5] connection from: %s", c.clientConn.RemoteAddr()) log.Warningf("No proc found for [socks5] connection from: %s", c.clientConn.RemoteAddr())
return false, false return false, false
@ -308,7 +307,6 @@ func (c *socksChainSession) filterConnect() (bool, bool) {
optstr = "[Via SOCKS5: " + c.cfg.Name + "] " + optstr optstr = "[Via SOCKS5: " + c.cfg.Name + "] " + optstr
} }
log.Warningf("Lookup policy for %v %v", pinfo.ExePath, pinfo.Sandbox)
policy := c.server.fw.PolicyForPathAndSandbox(GetRealRoot(pinfo.ExePath, pinfo.Pid), pinfo.Sandbox) policy := c.server.fw.PolicyForPathAndSandbox(GetRealRoot(pinfo.ExePath, pinfo.Pid), pinfo.Sandbox)
hostname, ip, port := c.addressDetails() hostname, ip, port := c.addressDetails()
@ -316,7 +314,6 @@ func (c *socksChainSession) filterConnect() (bool, bool) {
return false, false return false, false
} }
result := policy.rules.filter(nil, nil, ip, port, hostname, pinfo, optstr) result := policy.rules.filter(nil, nil, ip, port, hostname, pinfo, optstr)
log.Errorf("result %v len(RuleList): %d", result, len(policy.rules))
switch result { switch result {
case FILTER_DENY: case FILTER_DENY:
return false, false return false, false

Loading…
Cancel
Save