beau/NetworkGenie
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
NetworkGenie/NetworkGenie/jive@10.0.0.119

83 lines
3.8 KiB
Plaintext
Raw Blame History

// Called from native code
private Allowed isAddressAllowed(Packet packet) {
SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this);
lock.readLock().lock();
System.out.println("BPB: check if allowed packet with source: " + packet.saddr + ":" + packet.sport + " -> " + packet.daddr + ":" + packet.dport);
packet.allowed = false;
if (prefs.getBoolean("filter", false)) {
// https://android.googlesource.com/platform/system/core/+/master/include/private/android_filesystem_config.h
if (packet.protocol == 17 /* UDP */ && !prefs.getBoolean("filter_udp", false)) {
// Allow unfiltered UDP
packet.allowed = true;
Log.i(TAG, "Allowing UDP " + packet);
} else if (packet.uid < 2000 &&
!last_connected && isSupported(packet.protocol) && false) {
// Allow system applications in disconnected state
packet.allowed = true;
Log.w(TAG, "Allowing disconnected system " + packet);
} else if (packet.uid < 2000 &&
!mapUidKnown.containsKey(packet.uid) && isSupported(packet.protocol)) {
// Allow unknown system traffic
packet.allowed = true;
Log.w(TAG, "Allowing unknown system " + packet);
} else if (packet.uid == Process.myUid()) {
// Allow self
packet.allowed = true;
Log.w(TAG, "Allowing self " + packet);
} else {
boolean filtered = false;
IPKey key = new IPKey(packet.version, packet.protocol, packet.dport, packet.uid);
if (mapUidIPFilters.containsKey(key))
try {
InetAddress iaddr = InetAddress.getByName(packet.daddr);
Map<InetAddress, IPRule> map = mapUidIPFilters.get(key);
if (map != null && map.containsKey(iaddr)) {
IPRule rule = map.get(iaddr);
if (rule.isExpired())
Log.i(TAG, "DNS expired " + packet + " rule " + rule);
else {
filtered = true;
packet.allowed = !rule.isBlocked();
Log.i(TAG, "Filtering " + packet +
" allowed=" + packet.allowed + " rule " + rule);
}
}
} catch (UnknownHostException ex) {
Log.w(TAG, "Allowed " + ex.toString() + "\n" + Log.getStackTraceString(ex));
}
if (!filtered)
if (mapUidAllowed.containsKey(packet.uid))
packet.allowed = mapUidAllowed.get(packet.uid);
else
Log.w(TAG, "No rules for " + packet);
}
}
Allowed allowed = null;
if (packet.allowed) {
if (mapForward.containsKey(packet.dport)) {
Forward fwd = mapForward.get(packet.dport);
if (fwd.ruid == packet.uid) {
allowed = new Allowed();
} else {
allowed = new Allowed(fwd.raddr, fwd.rport);
packet.data = "> " + fwd.raddr + "/" + fwd.rport;
}
} else
allowed = new Allowed();
}
lock.readLock().unlock();
if (prefs.getBoolean("log", false) || prefs.getBoolean("log_app", false))
if (packet.protocol != 6 /* TCP */ || !"".equals(packet.flags))
if (packet.uid != Process.myUid())
logPacket(packet);
return allowed;
}
Reference in New Issue View Git Blame Copy Permalink