vikarti.anatra/safing-portmaster
1
0
Fork 0
mirror of https://github.com/safing/portmaster synced 2025-09-02 10:39:22 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge pull request #29 from safing/fix/profiles-global-updater

Browse source 
Fix updating the global profile and other bugs
This commit is contained in:
Patrick Pacher 2020-04-10 10:49:45 +02:00 committed by GitHub
commit 8f59cc0cb8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 36 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
profile/config-update.go
View file

@ -71,16 +71,16 @@ func updateGlobalConfigProfile(ctx context.Context, data interface{}) error {
// fill profile config options // fill profile config options
for key, value := range cfgStringOptions { for key, value := range cfgStringOptions {
profile.Config[key] = value profile.Config[key] = value()
} }
for key, value := range cfgStringArrayOptions { for key, value := range cfgStringArrayOptions {
profile.Config[key] = value profile.Config[key] = value()
} }
for key, value := range cfgIntOptions { for key, value := range cfgIntOptions {
profile.Config[key] = value profile.Config[key] = value()
} }
for key, value := range cfgBoolOptions { for key, value := range cfgBoolOptions {
profile.Config[key] = value profile.Config[key] = value()
} }
// save profile // save profile

41
profile/config.go
View file

@ -2,6 +2,7 @@ package profile
import ( import (
"github.com/safing/portbase/config" "github.com/safing/portbase/config"
"github.com/safing/portmaster/status"
) )
// Configuration Keys // Configuration Keys
@ -74,13 +75,13 @@ func registerConfiguration() error {
Description: "Auto Permit searches for a relation between an app and the destionation of a connection - if there is a correlation, the connection will be permitted. This setting is negated in order to provide a streamlined user experience, where higher settings are better.", Description: "Auto Permit searches for a relation between an app and the destionation of a connection - if there is a correlation, the connection will be permitted. This setting is negated in order to provide a streamlined user experience, where higher settings are better.",
OptType: config.OptTypeInt, OptType: config.OptTypeInt,
ExternalOptType: "security level", ExternalOptType: "security level",
DefaultValue: 4, DefaultValue: status.SecurityLevelsAll,
ValidationRegex: "^(4|6|7)$", ValidationRegex: "^(4|6|7)$",
}) })
if err != nil { if err != nil {
return err return err
} }
cfgOptionDisableAutoPermit = config.Concurrent.GetAsInt(CfgOptionDisableAutoPermitKey, 4) cfgOptionDisableAutoPermit = config.Concurrent.GetAsInt(CfgOptionDisableAutoPermitKey, int64(status.SecurityLevelsAll))
cfgIntOptions[CfgOptionDisableAutoPermitKey] = cfgOptionDisableAutoPermit cfgIntOptions[CfgOptionDisableAutoPermitKey] = cfgOptionDisableAutoPermit
// Endpoint Filter List // Endpoint Filter List
@ -141,13 +142,13 @@ Examples:
Description: "Block connections to your own device, ie. localhost.", Description: "Block connections to your own device, ie. localhost.",
OptType: config.OptTypeInt, OptType: config.OptTypeInt,
ExternalOptType: "security level", ExternalOptType: "security level",
DefaultValue: 0, DefaultValue: status.SecurityLevelOff,
ValidationRegex: "^(0|4|6|7)$", ValidationRegex: "^(0|4|6|7)$",
}) })
if err != nil { if err != nil {
return err return err
} }
cfgOptionBlockScopeLocal = config.Concurrent.GetAsInt(CfgOptionBlockScopeLocalKey, 0) cfgOptionBlockScopeLocal = config.Concurrent.GetAsInt(CfgOptionBlockScopeLocalKey, int64(status.SecurityLevelOff))
cfgIntOptions[CfgOptionBlockScopeLocalKey] = cfgOptionBlockScopeLocal cfgIntOptions[CfgOptionBlockScopeLocalKey] = cfgOptionBlockScopeLocal
// Block Scope LAN // Block Scope LAN
@ -157,13 +158,13 @@ Examples:
Description: "Block connections to the Local Area Network.", Description: "Block connections to the Local Area Network.",
OptType: config.OptTypeInt, OptType: config.OptTypeInt,
ExternalOptType: "security level", ExternalOptType: "security level",
DefaultValue: 0, DefaultValue: status.SecurityLevelOff,
ValidationRegex: "^(0|4|6|7)$", ValidationRegex: "^(0|4|6|7)$",
}) })
if err != nil { if err != nil {
return err return err
} }
cfgOptionBlockScopeLAN = config.Concurrent.GetAsInt(CfgOptionBlockScopeLANKey, 0) cfgOptionBlockScopeLAN = config.Concurrent.GetAsInt(CfgOptionBlockScopeLANKey, int64(status.SecurityLevelOff))
cfgIntOptions[CfgOptionBlockScopeLANKey] = cfgOptionBlockScopeLAN cfgIntOptions[CfgOptionBlockScopeLANKey] = cfgOptionBlockScopeLAN
// Block Scope Internet // Block Scope Internet
@ -173,13 +174,13 @@ Examples:
Description: "Block connections to the Internet.", Description: "Block connections to the Internet.",
OptType: config.OptTypeInt, OptType: config.OptTypeInt,
ExternalOptType: "security level", ExternalOptType: "security level",
DefaultValue: 0, DefaultValue: status.SecurityLevelOff,
ValidationRegex: "^(0|4|6|7)$", ValidationRegex: "^(0|4|6|7)$",
}) })
if err != nil { if err != nil {
return err return err
} }
cfgOptionBlockScopeInternet = config.Concurrent.GetAsInt(CfgOptionBlockScopeInternetKey, 0) cfgOptionBlockScopeInternet = config.Concurrent.GetAsInt(CfgOptionBlockScopeInternetKey, int64(status.SecurityLevelOff))
cfgIntOptions[CfgOptionBlockScopeInternetKey] = cfgOptionBlockScopeInternet cfgIntOptions[CfgOptionBlockScopeInternetKey] = cfgOptionBlockScopeInternet
// Block Peer to Peer Connections // Block Peer to Peer Connections
@ -189,13 +190,13 @@ Examples:
Description: "Block peer to peer connections. These are connections that are established directly to an IP address on the Internet without resolving a domain name via DNS first.", Description: "Block peer to peer connections. These are connections that are established directly to an IP address on the Internet without resolving a domain name via DNS first.",
OptType: config.OptTypeInt, OptType: config.OptTypeInt,
ExternalOptType: "security level", ExternalOptType: "security level",
DefaultValue: 7, DefaultValue: status.SecurityLevelsAll,
ValidationRegex: "^(4|6|7)$", ValidationRegex: "^(4|6|7)$",
}) })
if err != nil { if err != nil {
return err return err
} }
cfgOptionBlockP2P = config.Concurrent.GetAsInt(CfgOptionBlockP2PKey, 7) cfgOptionBlockP2P = config.Concurrent.GetAsInt(CfgOptionBlockP2PKey, int64(status.SecurityLevelsAll))
cfgIntOptions[CfgOptionBlockP2PKey] = cfgOptionBlockP2P cfgIntOptions[CfgOptionBlockP2PKey] = cfgOptionBlockP2P
// Block Inbound Connections // Block Inbound Connections
@ -205,13 +206,13 @@ Examples:
Description: "Block inbound connections to your device. This will usually only be the case if you are running a network service or are using peer to peer software.", Description: "Block inbound connections to your device. This will usually only be the case if you are running a network service or are using peer to peer software.",
OptType: config.OptTypeInt, OptType: config.OptTypeInt,
ExternalOptType: "security level", ExternalOptType: "security level",
DefaultValue: 4, DefaultValue: status.SecurityLevelsHighAndExtreme,
ValidationRegex: "^(4|6|7)$", ValidationRegex: "^(4|6|7)$",
}) })
if err != nil { if err != nil {
return err return err
} }
cfgOptionBlockInbound = config.Concurrent.GetAsInt(CfgOptionBlockInboundKey, 6) cfgOptionBlockInbound = config.Concurrent.GetAsInt(CfgOptionBlockInboundKey, int64(status.SecurityLevelsHighAndExtreme))
cfgIntOptions[CfgOptionBlockInboundKey] = cfgOptionBlockInbound cfgIntOptions[CfgOptionBlockInboundKey] = cfgOptionBlockInbound
// Enforce SPN // Enforce SPN
@ -222,13 +223,13 @@ Examples:
OptType: config.OptTypeInt, OptType: config.OptTypeInt,
ReleaseLevel: config.ReleaseLevelExperimental, ReleaseLevel: config.ReleaseLevelExperimental,
ExternalOptType: "security level", ExternalOptType: "security level",
DefaultValue: 0, DefaultValue: status.SecurityLevelOff,
ValidationRegex: "^(0|4|6|7)$", ValidationRegex: "^(0|4|6|7)$",
}) })
if err != nil { if err != nil {
return err return err
} }
cfgOptionEnforceSPN = config.Concurrent.GetAsInt(CfgOptionEnforceSPNKey, 0) cfgOptionEnforceSPN = config.Concurrent.GetAsInt(CfgOptionEnforceSPNKey, int64(status.SecurityLevelOff))
cfgIntOptions[CfgOptionEnforceSPNKey] = cfgOptionEnforceSPN cfgIntOptions[CfgOptionEnforceSPNKey] = cfgOptionEnforceSPN
// Filter Out-of-Scope DNS Records // Filter Out-of-Scope DNS Records
@ -240,14 +241,14 @@ Examples:
ExpertiseLevel: config.ExpertiseLevelExpert, ExpertiseLevel: config.ExpertiseLevelExpert,
ReleaseLevel: config.ReleaseLevelBeta, ReleaseLevel: config.ReleaseLevelBeta,
ExternalOptType: "security level", ExternalOptType: "security level",
DefaultValue: 7, DefaultValue: status.SecurityLevelsAll,
ValidationRegex: "^(7|6|4)$", ValidationRegex: "^(7|6|4)$",
}) })
if err != nil { if err != nil {
return err return err
} }
cfgOptionRemoveOutOfScopeDNS = config.Concurrent.GetAsInt(CfgOptionRemoveOutOfScopeDNSKey, 7) cfgOptionRemoveOutOfScopeDNS = config.Concurrent.GetAsInt(CfgOptionRemoveOutOfScopeDNSKey, int64(status.SecurityLevelsAll))
cfgIntOptions[CfgOptionRemoveOutOfScopeDNSKey] = cfgOptionEnforceSPN cfgIntOptions[CfgOptionRemoveOutOfScopeDNSKey] = cfgOptionRemoveOutOfScopeDNS
// Filter DNS Records that would be blocked // Filter DNS Records that would be blocked
err = config.Register(&config.Option{ err = config.Register(&config.Option{
@ -258,14 +259,14 @@ Examples:
ExpertiseLevel: config.ExpertiseLevelExpert, ExpertiseLevel: config.ExpertiseLevelExpert,
ReleaseLevel: config.ReleaseLevelBeta, ReleaseLevel: config.ReleaseLevelBeta,
ExternalOptType: "security level", ExternalOptType: "security level",
DefaultValue: 7, DefaultValue: status.SecurityLevelsAll,
ValidationRegex: "^(7|6|4)$", ValidationRegex: "^(7|6|4)$",
}) })
if err != nil { if err != nil {
return err return err
} }
cfgOptionRemoveBlockedDNS = config.Concurrent.GetAsInt(CfgOptionRemoveBlockedDNSKey, 7) cfgOptionRemoveBlockedDNS = config.Concurrent.GetAsInt(CfgOptionRemoveBlockedDNSKey, int64(status.SecurityLevelsAll))
cfgIntOptions[CfgOptionRemoveBlockedDNSKey] = cfgOptionEnforceSPN cfgIntOptions[CfgOptionRemoveBlockedDNSKey] = cfgOptionRemoveBlockedDNS
return nil return nil
} }

2
profile/profile.go
View file

@ -110,7 +110,7 @@ func (profile *Profile) parseConfig() error {
var err error var err error
var lastErr error var lastErr error
action, ok := profile.configPerspective.GetAsString(CfgOptionBlockInboundKey) action, ok := profile.configPerspective.GetAsString(CfgOptionDefaultActionKey)
if ok { if ok {
switch action { switch action {
case "permit": case "permit":

20
resolver/config.go
View file

@ -120,8 +120,8 @@ func prepConfig() error {
ExpertiseLevel: config.ExpertiseLevelExpert, ExpertiseLevel: config.ExpertiseLevelExpert,
ReleaseLevel: config.ReleaseLevelStable, ReleaseLevel: config.ReleaseLevelStable,
ExternalOptType: "security level", ExternalOptType: "security level",
DefaultValue: 6, DefaultValue: status.SecurityLevelsHighAndExtreme,
ValidationRegex: "^(7|6|4)$", ValidationRegex: "^(4|6|7)$",
}) })
if err != nil { if err != nil {
return err return err
@ -136,8 +136,8 @@ func prepConfig() error {
ExpertiseLevel: config.ExpertiseLevelExpert, ExpertiseLevel: config.ExpertiseLevelExpert,
ReleaseLevel: config.ReleaseLevelStable, ReleaseLevel: config.ReleaseLevelStable,
ExternalOptType: "security level", ExternalOptType: "security level",
DefaultValue: 4, DefaultValue: status.SecurityLevelsHighAndExtreme,
ValidationRegex: "^(7|6|4)$", ValidationRegex: "^(4|6|7)$",
}) })
if err != nil { if err != nil {
return err return err
@ -152,8 +152,8 @@ func prepConfig() error {
ExpertiseLevel: config.ExpertiseLevelExpert, ExpertiseLevel: config.ExpertiseLevelExpert,
ReleaseLevel: config.ReleaseLevelStable, ReleaseLevel: config.ReleaseLevelStable,
ExternalOptType: "security level", ExternalOptType: "security level",
DefaultValue: 6, DefaultValue: status.SecurityLevelsHighAndExtreme,
ValidationRegex: "^(7|6|4)$", ValidationRegex: "^(4|6|7)$",
}) })
if err != nil { if err != nil {
return err return err
@ -168,8 +168,8 @@ func prepConfig() error {
ExpertiseLevel: config.ExpertiseLevelExpert, ExpertiseLevel: config.ExpertiseLevelExpert,
ReleaseLevel: config.ReleaseLevelStable, ReleaseLevel: config.ReleaseLevelStable,
ExternalOptType: "security level", ExternalOptType: "security level",
DefaultValue: 7, DefaultValue: status.SecurityLevelsAll,
ValidationRegex: "^(7|6|4)$", ValidationRegex: "^(4|6|7)$",
}) })
if err != nil { if err != nil {
return err return err
@ -184,8 +184,8 @@ func prepConfig() error {
ExpertiseLevel: config.ExpertiseLevelExpert, ExpertiseLevel: config.ExpertiseLevelExpert,
ReleaseLevel: config.ReleaseLevelStable, ReleaseLevel: config.ReleaseLevelStable,
ExternalOptType: "security level", ExternalOptType: "security level",
DefaultValue: 6, DefaultValue: status.SecurityLevelsHighAndExtreme,
ValidationRegex: "^(7|6|4)$", ValidationRegex: "^(4|6|7)$",
}) })
if err != nil { if err != nil {
return err return err