Windows implementation

2025-09-01 18:19:12 +00:00 · 2022-09-08 15:21:17 +02:00 · 2022-09-08 15:21:17 +02:00 · 4bd8412f71
commit 4bd8412f71
parent b8bfbf14e4
4 changed files with 40 additions and 5 deletions
--- a/firewall/interception/interception_linux.go
+++ b/firewall/interception/interception_linux.go
@ -1,6 +1,7 @@
 package interception

 import (
+	"github.com/safing/portmaster/firewall/interception/nfq"
 	"github.com/safing/portmaster/network/packet"
 )

@ -13,3 +14,8 @@ func start(ch chan packet.Packet) error {
 func stop() error {
 	return StopNfqueueInterception()
 }
+
+// ResetAllConnections resets all connections so they are forced to go thought the firewall again
+func ResetAllConnections() error {
+	return nfq.DeleteAllMarkedConnection()
+}
--- a/firewall/interception/interception_windows.go
+++ b/firewall/interception/interception_windows.go
@ -38,3 +38,8 @@ func start(ch chan packet.Packet) error {
 func stop() error {
 	return windowskext.Stop()
 }
+
+// ResetAllConnections resets all connections so they are forced to go thought the firewall again
+func ResetAllConnections() error {
+	return windowskext.ClearCache()
+}
--- a/firewall/interception/nfqueue_linux.go
+++ b/firewall/interception/nfqueue_linux.go
@ -341,8 +341,3 @@ func (dnfq *disabledNfQueue) PacketChannel() <-chan packet.Packet {
 }

 func (dnfq *disabledNfQueue) Destroy() {}
-
-// ResetAllConnections resets all connections so they are forced to go thought the firewall again
-func ResetAllConnections() error {
-	return nfq.DeleteAllMarkedConnection()
-}
--- a/firewall/interception/windowskext/kext.go
+++ b/firewall/interception/windowskext/kext.go
@ -1,3 +1,4 @@
+//go:build windows
 // +build windows

 package windowskext
@ -48,6 +49,7 @@ type WinKext struct {
 	recvVerdictRequest *windows.Proc
 	setVerdict         *windows.Proc
 	getPayload         *windows.Proc
+	clearCache         *windows.Proc
 }

 // Init initializes the DLL and the Kext (Kernel Driver).
@ -90,6 +92,12 @@ func Init(dllPath, driverPath string) error {
 	if err != nil {
 		return fmt.Errorf("could not find proc PortmasterGetPayload in dll: %s", err)
 	}
+	new.clearCache, err = new.dll.FindProc("PortmasterClearCache")
+	if err != nil {
+		// the loaded dll is an old version
+		log.Errorf("could not find proc PortmasterClearCache in dll: %s", err)
+		log.Warning("are you using the latest kext version?")
+	}

 	// initialize dll/kext
 	rc, _, lastErr := new.init.Call()
@ -246,6 +254,27 @@ func GetPayload(packetID uint32, packetSize uint32) ([]byte, error) {
 	return buf, nil
 }

+func ClearCache() error {
+	kextLock.RLock()
+	defer kextLock.RUnlock()
+	if !ready.IsSet() {
+		log.Error("kext: failed to clear the cache: kext not ready")
+		return ErrKextNotReady
+	}
+
+	if kext.clearCache == nil {
+		log.Error("kext: cannot clear cache: clearCache function  missing")
+	}
+
+	rc, _, lastErr := kext.clearCache.Call()
+
+	if rc != windows.NO_ERROR {
+		return formatErr(lastErr, rc)
+	}
+
+	return nil
+}
+
 func formatErr(err error, rc uintptr) error {
 	sysErr, ok := err.(syscall.Errno)
 	if ok {