vikarti.anatra/safing-portmaster
1
0
Fork 0
mirror of https://github.com/safing/portmaster synced 2025-09-02 18:49:14 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge pull request #171 from safing/feature/conn-proc-ctx

Browse source 
Add ProcessContext to network connection
This commit is contained in:
Patrick Pacher 2020-10-08 16:57:12 +02:00 committed by GitHub
commit 7feefc13e5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 36 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
network/connection.go
View file

@ -24,6 +24,20 @@ import (
// locked before the firewall handler is called. // locked before the firewall handler is called.
type FirewallHandler func(conn *Connection, pkt packet.Packet) type FirewallHandler func(conn *Connection, pkt packet.Packet)
// ProcessContext holds additional information about the process
// that iniated a connection.
type ProcessContext struct {
// Name is the name of the process.
Name string
// BinaryPath is the path to the process binary.
BinaryPath string
// PID i the process identifier.
PID int
// ProfileID is the ID of the main profile that
// is applied to the process.
ProfileID string
}
// Connection describes a distinct physical network connection // Connection describes a distinct physical network connection
// identified by the IP/Port pair. // identified by the IP/Port pair.
type Connection struct { //nolint:maligned // TODO: fix alignment type Connection struct { //nolint:maligned // TODO: fix alignment
@ -98,6 +112,10 @@ type Connection struct { //nolint:maligned // TODO: fix alignment
Tunneled bool Tunneled bool
// Encrypted is currently unused and MUST be ignored. // Encrypted is currently unused and MUST be ignored.
Encrypted bool Encrypted bool
// ProcessContext holds additional information about the process
// that iniated the connection. It is set once when the connection
// object is created and is considered immutable afterwards.
ProcessContext ProcessContext
// Internal is set to true if the connection is attributed as an // Internal is set to true if the connection is attributed as an
// Portmaster internal connection. Internal may be set at different // Portmaster internal connection. Internal may be set at different
// points and access to it must be guarded by the connection lock. // points and access to it must be guarded by the connection lock.
@ -129,6 +147,15 @@ type Connection struct { //nolint:maligned // TODO: fix alignment
profileRevisionCounter uint64 profileRevisionCounter uint64
} }
func getProcessContext(proc *process.Process) ProcessContext {
return ProcessContext{
BinaryPath: proc.Path,
Name: proc.Name,
PID: proc.Pid,
ProfileID: proc.LocalProfileKey,
}
}
// NewConnectionFromDNSRequest returns a new connection based on the given dns request. // NewConnectionFromDNSRequest returns a new connection based on the given dns request.
func NewConnectionFromDNSRequest(ctx context.Context, fqdn string, cnames []string, ipVersion packet.IPVersion, localIP net.IP, localPort uint16) *Connection { func NewConnectionFromDNSRequest(ctx context.Context, fqdn string, cnames []string, ipVersion packet.IPVersion, localIP net.IP, localPort uint16) *Connection {
// get Process // get Process
@ -157,6 +184,7 @@ func NewConnectionFromDNSRequest(ctx context.Context, fqdn string, cnames []stri
CNAME: cnames, CNAME: cnames,
}, },
process: proc, process: proc,
ProcessContext: getProcessContext(proc),
Started: timestamp, Started: timestamp,
Ended: timestamp, Ended: timestamp,
} }
@ -254,6 +282,7 @@ func NewConnectionFromFirstPacket(pkt packet.Packet) *Connection {
IPProtocol: pkt.Info().Protocol, IPProtocol: pkt.Info().Protocol,
LocalIP: pkt.Info().LocalIP(), LocalIP: pkt.Info().LocalIP(),
LocalPort: pkt.Info().LocalPort(), LocalPort: pkt.Info().LocalPort(),
ProcessContext: getProcessContext(proc),
process: proc, process: proc,
// remote endpoint // remote endpoint
Entity: entity, Entity: entity,