[service] Always put ICMP in the Other Connections group instead of Network Noise

2025-04-18 01:49:09 +00:00 · 2024-05-28 16:32:28 +02:00 · 2024-05-28 16:32:28 +02:00 · 7e4e4c47a8
commit 7e4e4c47a8
parent 47f805ce00
1 changed files with 16 additions and 3 deletions
--- a/service/process/find.go
+++ b/service/process/find.go
@ -10,6 +10,7 @@ import (
 	"github.com/safing/portbase/log"
 	"github.com/safing/portmaster/service/network/netutils"
 	"github.com/safing/portmaster/service/network/packet"
+	"github.com/safing/portmaster/service/network/reference"
 	"github.com/safing/portmaster/service/network/state"
 	"github.com/safing/portmaster/service/profile"
 )
@ -77,10 +78,22 @@ func GetPidOfConnection(ctx context.Context, pktInfo *packet.Info) (pid int, con

 	// Fallback to special profiles if PID could not be found.
 	if pid == UndefinedProcessID {
-		if connInbound && !netutils.ClassifyIP(pktInfo.Dst).IsLocalhost() {
-			pid = UnsolicitedProcessID
-		} else {
+		switch {
+		case !connInbound:
 			pid = UnidentifiedProcessID
+
+		case netutils.ClassifyIP(pktInfo.Dst).IsLocalhost():
+			// Always treat localhost connections as unidentified/unknown.
+			pid = UnidentifiedProcessID
+
+		case reference.IsICMP(uint8(pktInfo.Protocol)):
+			// Always treat ICMP as unidentified/unknown, as the direction
+			// might change to outgoing by new ICMP echo packets.
+			pid = UnidentifiedProcessID
+
+		default:
+			// All other inbound connections are "unsolicited".
+			pid = UnsolicitedProcessID
 		}
 	}