[service] Fix kext verdict of update command

2025-04-18 01:49:09 +00:00 · 2024-06-27 16:39:31 +03:00 · 2024-06-27 16:39:31 +03:00 · 176494550e
commit 176494550e
parent fe7bc629c6
1 changed files with 45 additions and 2 deletions
--- a/service/firewall/interception/windowskext2/kext.go
+++ b/service/firewall/interception/windowskext2/kext.go
@ -130,7 +130,7 @@ func UpdateVerdict(conn *network.Connection) error {
 			LocalPort:     conn.LocalPort,
 			RemoteAddress: [4]byte(conn.Entity.IP),
 			RemotePort:    conn.Entity.Port,
-			Verdict:       uint8(conn.Verdict),
+			Verdict:       uint8(getKextVerdictFromConnection(conn)),
 		}

 		return kextinterface.SendUpdateV4Command(kextFile, update)
@ -141,7 +141,7 @@ func UpdateVerdict(conn *network.Connection) error {
 			LocalPort:     conn.LocalPort,
 			RemoteAddress: [16]byte(conn.Entity.IP),
 			RemotePort:    conn.Entity.Port,
-			Verdict:       uint8(conn.Verdict),
+			Verdict:       uint8(getKextVerdictFromConnection(conn)),
 		}

 		return kextinterface.SendUpdateV6Command(kextFile, update)
@ -149,6 +149,49 @@ func UpdateVerdict(conn *network.Connection) error {
 	return nil
 }

+func getKextVerdictFromConnection(conn *network.Connection) kextinterface.KextVerdict {
+	if conn.VerdictPermanent {
+		switch conn.Verdict {
+		case network.VerdictUndecided:
+			return kextinterface.VerdictUndecided
+		case network.VerdictUndeterminable:
+			return kextinterface.VerdictUndeterminable
+		case network.VerdictAccept:
+			return kextinterface.VerdictPermanentAccept
+		case network.VerdictBlock:
+			return kextinterface.VerdictPermanentBlock
+		case network.VerdictDrop:
+			return kextinterface.VerdictPermanentDrop
+		case network.VerdictRerouteToNameserver:
+			return kextinterface.VerdictRerouteToNameserver
+		case network.VerdictRerouteToTunnel:
+			return kextinterface.VerdictRerouteToTunnel
+		case network.VerdictFailed:
+			return kextinterface.VerdictFailed
+		}
+	} else {
+		switch conn.Verdict {
+		case network.VerdictUndecided:
+			return kextinterface.VerdictUndecided
+		case network.VerdictUndeterminable:
+			return kextinterface.VerdictUndeterminable
+		case network.VerdictAccept:
+			return kextinterface.VerdictAccept
+		case network.VerdictBlock:
+			return kextinterface.VerdictBlock
+		case network.VerdictDrop:
+			return kextinterface.VerdictDrop
+		case network.VerdictRerouteToNameserver:
+			return kextinterface.VerdictRerouteToNameserver
+		case network.VerdictRerouteToTunnel:
+			return kextinterface.VerdictRerouteToTunnel
+		case network.VerdictFailed:
+			return kextinterface.VerdictFailed
+		}
+	}
+	return kextinterface.VerdictUndeterminable
+}
+
 // Returns the kext version.
 func GetVersion() (*VersionInfo, error) {
 	data, err := kextinterface.ReadVersion(kextFile)