vikarti.anatra/safing-portmaster
1
0
Fork 0
mirror of https://github.com/safing/portmaster synced 2025-09-01 18:19:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add check for special android ip in online status check

Browse source
This commit is contained in:
Vladimir Stoilov 2023-04-14 11:09:20 +02:00
parent 394dbf4d4b
commit 4784799541
4 changed files with 37 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
netenv/network-change.go
View file

@ -92,7 +92,7 @@ serviceLoop:
lastNetworkChecksum = newChecksum lastNetworkChecksum = newChecksum
if trigger { if trigger {
triggerOnlineStatusInvestigation() TriggerOnlineStatusInvestigation()
} }
notifyOfNetworkChange() notifyOfNetworkChange()
} }

35
netenv/online-status.go
View file

@ -37,6 +37,9 @@ var (
PortalTestIP = net.IPv4(192, 0, 2, 1) PortalTestIP = net.IPv4(192, 0, 2, 1)
PortalTestURL = fmt.Sprintf("http://%s/", PortalTestIP) PortalTestURL = fmt.Sprintf("http://%s/", PortalTestIP)
// IP address -> 100.127.247.245 is a special ip used by the android VPN service. Must be ignored during online check.
IgnoreIPsOnlineStatusCheck = []net.IP{net.IPv4(100, 127, 247, 245)}
DNSTestDomain = "online-check.safing.io." DNSTestDomain = "online-check.safing.io."
DNSTestExpectedIP = net.IPv4(0, 65, 67, 75) // Ascii: \0ACK DNSTestExpectedIP = net.IPv4(0, 65, 67, 75) // Ascii: \0ACK
DNSTestQueryFunc func(ctx context.Context, fdqn string) (ips []net.IP, ok bool, err error) DNSTestQueryFunc func(ctx context.Context, fdqn string) (ips []net.IP, ok bool, err error)
@ -178,7 +181,7 @@ func GetOnlineStatus() OnlineStatus {
// CheckAndGetOnlineStatus triggers a new online status check and returns the result. // CheckAndGetOnlineStatus triggers a new online status check and returns the result.
func CheckAndGetOnlineStatus() OnlineStatus { func CheckAndGetOnlineStatus() OnlineStatus {
// trigger new investigation // trigger new investigation
triggerOnlineStatusInvestigation() TriggerOnlineStatusInvestigation()
// wait for completion // wait for completion
onlineStatusInvestigationWg.Wait() onlineStatusInvestigationWg.Wait()
// return current status // return current status
@ -328,18 +331,19 @@ func GetCaptivePortal() *CaptivePortal {
// ReportSuccessfulConnection hints the online status monitoring system that a connection attempt was successful. // ReportSuccessfulConnection hints the online status monitoring system that a connection attempt was successful.
func ReportSuccessfulConnection() { func ReportSuccessfulConnection() {
if !onlineStatusQuickCheck.IsSet() { if !onlineStatusQuickCheck.IsSet() {
triggerOnlineStatusInvestigation() TriggerOnlineStatusInvestigation()
} }
} }
// ReportFailedConnection hints the online status monitoring system that a connection attempt has failed. This function has extremely low overhead and may be called as much as wanted. // ReportFailedConnection hints the online status monitoring system that a connection attempt has failed. This function has extremely low overhead and may be called as much as wanted.
func ReportFailedConnection() { func ReportFailedConnection() {
if onlineStatusQuickCheck.IsSet() { if onlineStatusQuickCheck.IsSet() {
triggerOnlineStatusInvestigation() TriggerOnlineStatusInvestigation()
} }
} }
func triggerOnlineStatusInvestigation() { // TriggerOnlineStatusInvestigation manually trigger online status check.
func TriggerOnlineStatusInvestigation() {
if onlineStatusInvestigationInProgress.SetToIf(false, true) { if onlineStatusInvestigationInProgress.SetToIf(false, true) {
onlineStatusInvestigationWg.Add(1) onlineStatusInvestigationWg.Add(1)
} }
@ -351,7 +355,7 @@ func triggerOnlineStatusInvestigation() {
} }
func monitorOnlineStatus(ctx context.Context) error { func monitorOnlineStatus(ctx context.Context) error {
triggerOnlineStatusInvestigation() TriggerOnlineStatusInvestigation()
for { for {
// wait for trigger // wait for trigger
select { select {
@ -395,6 +399,15 @@ func getDynamicStatusTrigger() <-chan time.Time {
} }
} }
func isIPPartOfList(list []net.IP, ip net.IP) bool {
for _, ignoreIP := range list {
if ignoreIP.Equal(ip) {
return true
}
}
return false
}
func checkOnlineStatus(ctx context.Context) { func checkOnlineStatus(ctx context.Context) {
// TODO: implement more methods // TODO: implement more methods
/*status, err := getConnectivityStateFromDbus() /*status, err := getConnectivityStateFromDbus()
@ -423,7 +436,13 @@ func checkOnlineStatus(ctx context.Context) {
log.Warningf("network: failed to get assigned network addresses: %s", err) log.Warningf("network: failed to get assigned network addresses: %s", err)
} else { } else {
var lan bool var lan bool
for _, ip := range ipv4 { for _, ip := range ipv4 {
// Filter special IP list
if isIPPartOfList(IgnoreIPsOnlineStatusCheck, ip) {
continue
}
switch netutils.GetIPScope(ip) { //nolint:exhaustive // Checking to specific values only. switch netutils.GetIPScope(ip) { //nolint:exhaustive // Checking to specific values only.
case netutils.SiteLocal: case netutils.SiteLocal:
lan = true lan = true
@ -433,7 +452,13 @@ func checkOnlineStatus(ctx context.Context) {
return return
} }
} }
for _, ip := range ipv6 { for _, ip := range ipv6 {
// Filter special IP list
if isIPPartOfList(IgnoreIPsOnlineStatusCheck, ip) {
continue
}
switch netutils.GetIPScope(ip) { //nolint:exhaustive // Checking to specific values only. switch netutils.GetIPScope(ip) { //nolint:exhaustive // Checking to specific values only.
case netutils.SiteLocal, netutils.Global: case netutils.SiteLocal, netutils.Global:
// IPv6 global addresses are also used in local networks // IPv6 global addresses are also used in local networks

4
resolver/main.go
View file

@ -16,6 +16,7 @@ import (
"github.com/safing/portbase/utils/debug" "github.com/safing/portbase/utils/debug"
_ "github.com/safing/portmaster/core/base" _ "github.com/safing/portmaster/core/base"
"github.com/safing/portmaster/intel" "github.com/safing/portmaster/intel"
"github.com/safing/portmaster/netenv"
) )
var module *modules.Module var module *modules.Module
@ -25,6 +26,9 @@ func init() {
} }
func prep() error { func prep() error {
// Set DNS test connectivity function for the online status check
netenv.DNSTestQueryFunc = testConnectivity
intel.SetReverseResolver(ResolveIPAndValidate) intel.SetReverseResolver(ResolveIPAndValidate)
if err := registerAPI(); err != nil { if err := registerAPI(); err != nil {

8
resolver/resolve.go
View file

@ -523,10 +523,6 @@ func shouldResetCache(q *Query) (reset bool) {
return false return false
} }
func init() {
netenv.DNSTestQueryFunc = testConnectivity
}
// testConnectivity test if resolving a query succeeds and returns whether the // testConnectivity test if resolving a query succeeds and returns whether the
// query itself succeeded, separate from interpreting the result. // query itself succeeded, separate from interpreting the result.
func testConnectivity(ctx context.Context, fdqn string) (ips []net.IP, ok bool, err error) { func testConnectivity(ctx context.Context, fdqn string) (ips []net.IP, ok bool, err error) {
@ -556,10 +552,10 @@ func testConnectivity(ctx context.Context, fdqn string) (ips []net.IP, ok bool,
} }
case errors.Is(err, ErrNotFound): case errors.Is(err, ErrNotFound):
return nil, true, err return nil, true, err
case errors.Is(err, ErrBlocked):
return nil, true, err
case errors.Is(err, ErrNoCompliance): case errors.Is(err, ErrNoCompliance):
return nil, true, err return nil, true, err
case errors.Is(err, ErrBlocked):
return nil, true, err
default: default:
return nil, false, err return nil, false, err
} }