@ -70,17 +70,17 @@ func (r *Rule) AddrString(redact bool) string {
type RuleList [ ] * Rule type RuleList [ ] * Rule
func ( r * Rule ) match ( pkt * nfqueue . Packet , name string ) bool { func ( r * Rule ) match ( dst net . IP , dstPort uint16 , host name string ) bool {
if r . port != matchAny && r . port != pkt. D stPort {
if r . port != matchAny && r . port != d stPort {
return false
return false
}
}
if r . addr == matchAny {
if r . addr == matchAny {
return true
return true
}
}
if r . hostname != "" {
if r . hostname != "" {
return r . hostname ==
return r . hostname == host name
}
}
return r . addr == binary . BigEndian . Uint32 ( pkt. D st)
return r . addr == binary . BigEndian . Uint32 ( d st)
} }
type FilterResult int type FilterResult int
@ -91,18 +91,22 @@ const (
FILTER_PROMPT
FILTER_PROMPT
) )
func ( rl * RuleList ) filter ( p * nfqueue . Packet , pinfo * procsnitch . Info , hostname string ) FilterResult { func ( rl * RuleList ) filterPacket ( p * nfqueue . Packet , pinfo * procsnitch . Info , hostname string ) FilterResult {
return rl . filter ( p . Dst , p . DstPort , hostname , pinfo )
}
func ( rl * RuleList ) filter ( dst net . IP , dstPort uint16 , hostname string , pinfo * procsnitch . Info ) FilterResult {
if rl == nil {
if rl == nil {
return FILTER_PROMPT
return FILTER_PROMPT
}
}
result := FILTER_PROMPT
result := FILTER_PROMPT
for _ , r := range * rl {
for _ , r := range * rl {
if r . match ( p , hostname ) {
if r . match ( dst, dstPort , hostname ) {
dst := p . D st. String ( )
dst Str := d st. String ( )
if logRedact {
if logRedact {
dst = "[redacted]"
dst Str = "[redacted]"
}
}
log . Info ( "%s (%s -> %s:%d)" , r . getString ( logRedact ) , pinfo . ExePath , dst , p . D )
log . Info ( "%s (%s -> %s:%d)" , r . getString ( logRedact ) , pinfo . ExePath , dst Str, d stPort)
if r . rtype == RULE_DENY {
if r . rtype == RULE_DENY {
return FILTER_DENY
return FILTER_DENY
} else if r . rtype == RULE_ALLOW {
} else if r . rtype == RULE_ALLOW {
Bruce Leidl
9 years ago