From c12526235a8052521f4fa008240a78be3a1f762b Mon Sep 17 00:00:00 2001 From: Patrick Pacher Date: Tue, 22 Sep 2020 15:39:30 +0200 Subject: [PATCH] Add category annotations to options --- core/config.go | 2 ++ firewall/config.go | 3 +++ firewall/filter.go | 3 +++ process/config.go | 1 + profile/config.go | 25 +++++++++++++++++++++---- resolver/config.go | 44 +++++++++++++++++++++++++------------------- updates/config.go | 2 ++ 7 files changed, 57 insertions(+), 23 deletions(-) diff --git a/core/config.go b/core/config.go index bb6280be..2aedff32 100644 --- a/core/config.go +++ b/core/config.go @@ -36,6 +36,7 @@ func registerConfig() error { DefaultValue: defaultDevMode, Annotations: config.Annotations{ config.DisplayOrderAnnotation: 127, + config.CategoryAnnotation: "Development", }, }) if err != nil { @@ -52,6 +53,7 @@ func registerConfig() error { DefaultValue: true, // TODO: turn off by default on unsupported systems Annotations: config.Annotations{ config.DisplayOrderAnnotation: 32, + config.CategoryAnnotation: "General", }, }) if err != nil { diff --git a/firewall/config.go b/firewall/config.go index 6dc4ba1f..e495001e 100644 --- a/firewall/config.go +++ b/firewall/config.go @@ -36,6 +36,7 @@ func registerConfig() error { DefaultValue: true, Annotations: config.Annotations{ config.DisplayOrderAnnotation: cfgOptionPermanentVerdictsOrder, + config.CategoryAnnotation: "Advanced", }, }) if err != nil { @@ -53,6 +54,7 @@ func registerConfig() error { DefaultValue: true, Annotations: config.Annotations{ config.DisplayOrderAnnotation: cfgOptionAskWithSystemNotificationsOrder, + config.CategoryAnnotation: "General", }, }) if err != nil { @@ -70,6 +72,7 @@ func registerConfig() error { Annotations: config.Annotations{ config.DisplayOrderAnnotation: cfgOptionAskTimeoutOrder, config.UnitAnnotation: "seconds", + config.CategoryAnnotation: "General", }, }) if err != nil { diff --git a/firewall/filter.go b/firewall/filter.go index 3a2aa137..b4b3420c 100644 --- a/firewall/filter.go +++ b/firewall/filter.go @@ -31,6 +31,9 @@ func init() { ExpertiseLevel: config.ExpertiseLevelUser, ReleaseLevel: config.ReleaseLevelBeta, DefaultValue: true, + Annotations: config.Annotations{ + config.CategoryAnnotation: "General", + }, }, ) } diff --git a/process/config.go b/process/config.go index d96d65f2..03e6c78b 100644 --- a/process/config.go +++ b/process/config.go @@ -22,6 +22,7 @@ func registerConfiguration() error { DefaultValue: true, Annotations: config.Annotations{ config.DisplayOrderAnnotation: 144, + config.CategoryAnnotation: "Development", }, }) if err != nil { diff --git a/profile/config.go b/profile/config.go index 96d421c2..9e5f12a6 100644 --- a/profile/config.go +++ b/profile/config.go @@ -103,6 +103,7 @@ func registerConfiguration() error { Annotations: config.Annotations{ config.DisplayHintAnnotation: config.DisplayHintOneOf, config.DisplayOrderAnnotation: cfgOptionDefaultActionOrder, + config.CategoryAnnotation: "General", }, PossibleValues: []config.PossibleValue{ { @@ -138,6 +139,7 @@ func registerConfiguration() error { Annotations: config.Annotations{ config.DisplayOrderAnnotation: cfgOptionDisableAutoPermitOrder, config.DisplayHintAnnotation: status.DisplayHintSecurityLevel, + config.CategoryAnnotation: "Advanced", }, PossibleValues: status.SecurityLevelValues, }) @@ -175,15 +177,16 @@ Examples: // Endpoint Filter List err = config.Register(&config.Option{ - Name: "Endpoint Filter List", + Name: "Outgoing Rules", Key: CfgOptionEndpointsKey, - Description: "Filter outgoing connections by matching the destination endpoint. Network Scope restrictions still apply.", + Description: "Rules that apply to outgoing network connections. Network Scope restrictions still apply.", Help: filterListHelp, OptType: config.OptTypeStringArray, DefaultValue: []string{}, Annotations: config.Annotations{ config.DisplayHintAnnotation: endpoints.DisplayHintEndpointList, config.DisplayOrderAnnotation: cfgOptionEndpointsOrder, + config.CategoryAnnotation: "Rules", }, ValidationRegex: `^(\+|\-) [A-z0-9\.:\-*/]+( [A-z0-9/]+)?$`, }) @@ -195,15 +198,16 @@ Examples: // Service Endpoint Filter List err = config.Register(&config.Option{ - Name: "Service Endpoint Filter List", + Name: "Incoming Rules", Key: CfgOptionServiceEndpointsKey, - Description: "Filter incoming connections by matching the source endpoint. Network Scope restrictions and the inbound permission still apply. Also not that the implicit default action of this list is to always block.", + Description: "Rules that apply to incoming network connections. Network Scope restrictions and the inbound permission still apply. Also not that the implicit default action of this list is to always block.", Help: filterListHelp, OptType: config.OptTypeStringArray, DefaultValue: []string{"+ Localhost"}, Annotations: config.Annotations{ config.DisplayHintAnnotation: endpoints.DisplayHintEndpointList, config.DisplayOrderAnnotation: cfgOptionServiceEndpointsOrder, + config.CategoryAnnotation: "Rules", }, ValidationRegex: `^(\+|\-) [A-z0-9\.:\-*/]+( [A-z0-9/]+)?$`, }) @@ -223,6 +227,7 @@ Examples: Annotations: config.Annotations{ config.DisplayHintAnnotation: "filter list", config.DisplayOrderAnnotation: cfgOptionFilterListsOrder, + config.CategoryAnnotation: "Rules", }, ValidationRegex: `^[a-zA-Z0-9\-]+$`, }) @@ -243,6 +248,7 @@ Examples: Annotations: config.Annotations{ config.DisplayHintAnnotation: status.DisplayHintSecurityLevel, config.DisplayOrderAnnotation: cfgOptionFilterCNAMEOrder, + config.CategoryAnnotation: "DNS", }, PossibleValues: status.SecurityLevelValues, }) @@ -263,6 +269,7 @@ Examples: Annotations: config.Annotations{ config.DisplayHintAnnotation: status.DisplayHintSecurityLevel, config.DisplayOrderAnnotation: cfgOptionFilterSubDomainsOrder, + config.CategoryAnnotation: "DNS", }, }) if err != nil { @@ -283,6 +290,7 @@ Examples: Annotations: config.Annotations{ config.DisplayHintAnnotation: status.DisplayHintSecurityLevel, config.DisplayOrderAnnotation: cfgOptionBlockScopeLocalOrder, + config.CategoryAnnotation: "Scopes & Types", }, }) if err != nil { @@ -302,6 +310,7 @@ Examples: Annotations: config.Annotations{ config.DisplayHintAnnotation: status.DisplayHintSecurityLevel, config.DisplayOrderAnnotation: cfgOptionBlockScopeLANOrder, + config.CategoryAnnotation: "Scopes & Types", }, }) if err != nil { @@ -321,6 +330,7 @@ Examples: Annotations: config.Annotations{ config.DisplayHintAnnotation: status.DisplayHintSecurityLevel, config.DisplayOrderAnnotation: cfgOptionBlockScopeInternetOrder, + config.CategoryAnnotation: "Scopes & Types", }, }) if err != nil { @@ -340,6 +350,7 @@ Examples: Annotations: config.Annotations{ config.DisplayHintAnnotation: status.DisplayHintSecurityLevel, config.DisplayOrderAnnotation: cfgOptionBlockP2POrder, + config.CategoryAnnotation: "Scopes & Types", }, }) if err != nil { @@ -359,6 +370,7 @@ Examples: Annotations: config.Annotations{ config.DisplayHintAnnotation: status.DisplayHintSecurityLevel, config.DisplayOrderAnnotation: cfgOptionBlockInboundOrder, + config.CategoryAnnotation: "Scopes & Types", }, }) if err != nil { @@ -379,6 +391,7 @@ Examples: Annotations: config.Annotations{ config.DisplayHintAnnotation: status.DisplayHintSecurityLevel, config.DisplayOrderAnnotation: cfgOptionEnforceSPNOrder, + config.CategoryAnnotation: "Advanced", }, }) if err != nil { @@ -400,6 +413,7 @@ Examples: Annotations: config.Annotations{ config.DisplayHintAnnotation: status.DisplayHintSecurityLevel, config.DisplayOrderAnnotation: cfgOptionRemoveOutOfScopeDNSOrder, + config.CategoryAnnotation: "DNS", }, }) if err != nil { @@ -421,6 +435,7 @@ Examples: Annotations: config.Annotations{ config.DisplayHintAnnotation: status.DisplayHintSecurityLevel, config.DisplayOrderAnnotation: cfgOptionRemoveBlockedDNSOrder, + config.CategoryAnnotation: "DNS", }, }) if err != nil { @@ -441,6 +456,7 @@ Examples: Annotations: config.Annotations{ config.DisplayHintAnnotation: status.DisplayHintSecurityLevel, config.DisplayOrderAnnotation: cfgOptionDomainHeuristicsOrder, + config.CategoryAnnotation: "DNS", }, }) if err != nil { @@ -461,6 +477,7 @@ Examples: Annotations: config.Annotations{ config.DisplayHintAnnotation: status.DisplayHintSecurityLevel, config.DisplayOrderAnnotation: cfgOptionPreventBypassingOrder, + config.CategoryAnnotation: "Advanced", }, }) if err != nil { diff --git a/resolver/config.go b/resolver/config.go index 3b697f03..552a8acb 100644 --- a/resolver/config.go +++ b/resolver/config.go @@ -113,6 +113,7 @@ Parameters: ValidationRegex: fmt.Sprintf("^(%s|%s|%s)://.*", ServerTypeDoT, ServerTypeDNS, ServerTypeTCP), Annotations: config.Annotations{ config.DisplayOrderAnnotation: cfgOptionNameServersOrder, + config.CategoryAnnotation: "Servers", }, }) if err != nil { @@ -131,6 +132,7 @@ Parameters: Annotations: config.Annotations{ config.DisplayOrderAnnotation: cfgOptionNameserverRetryRateOrder, config.UnitAnnotation: "seconds", + config.CategoryAnnotation: "Servers", }, }) if err != nil { @@ -138,25 +140,6 @@ Parameters: } nameserverRetryRate = config.Concurrent.GetAsInt(CfgOptionNameserverRetryRateKey, 600) - err = config.Register(&config.Option{ - Name: "Do not use Multicast DNS", - Key: CfgOptionNoMulticastDNSKey, - Description: "Multicast DNS queries other devices in the local network", - OptType: config.OptTypeInt, - ExpertiseLevel: config.ExpertiseLevelExpert, - ReleaseLevel: config.ReleaseLevelStable, - DefaultValue: status.SecurityLevelsHighAndExtreme, - PossibleValues: status.SecurityLevelValues, - Annotations: config.Annotations{ - config.DisplayOrderAnnotation: cfgOptionNoMulticastDNSOrder, - config.DisplayHintAnnotation: status.DisplayHintSecurityLevel, - }, - }) - if err != nil { - return err - } - noMulticastDNS = status.SecurityLevelOption(CfgOptionNoMulticastDNSKey) - err = config.Register(&config.Option{ Name: "Do not use assigned Nameservers", Key: CfgOptionNoAssignedNameserversKey, @@ -169,6 +152,7 @@ Parameters: Annotations: config.Annotations{ config.DisplayOrderAnnotation: cfgOptionNoAssignedNameserversOrder, config.DisplayHintAnnotation: status.DisplayHintSecurityLevel, + config.CategoryAnnotation: "Servers", }, }) if err != nil { @@ -176,6 +160,26 @@ Parameters: } noAssignedNameservers = status.SecurityLevelOption(CfgOptionNoAssignedNameserversKey) + err = config.Register(&config.Option{ + Name: "Do not use Multicast DNS", + Key: CfgOptionNoMulticastDNSKey, + Description: "Multicast DNS queries other devices in the local network", + OptType: config.OptTypeInt, + ExpertiseLevel: config.ExpertiseLevelExpert, + ReleaseLevel: config.ReleaseLevelStable, + DefaultValue: status.SecurityLevelsHighAndExtreme, + PossibleValues: status.SecurityLevelValues, + Annotations: config.Annotations{ + config.DisplayOrderAnnotation: cfgOptionNoMulticastDNSOrder, + config.DisplayHintAnnotation: status.DisplayHintSecurityLevel, + config.CategoryAnnotation: "Resolving", + }, + }) + if err != nil { + return err + } + noMulticastDNS = status.SecurityLevelOption(CfgOptionNoMulticastDNSKey) + err = config.Register(&config.Option{ Name: "Do not resolve insecurely", Key: CfgOptionNoInsecureProtocolsKey, @@ -188,6 +192,7 @@ Parameters: Annotations: config.Annotations{ config.DisplayOrderAnnotation: cfgOptionNoInsecureProtocolsOrder, config.DisplayHintAnnotation: status.DisplayHintSecurityLevel, + config.CategoryAnnotation: "Resolving", }, }) if err != nil { @@ -207,6 +212,7 @@ Parameters: Annotations: config.Annotations{ config.DisplayOrderAnnotation: cfgOptionDontResolveSpecialDomainsOrder, config.DisplayHintAnnotation: status.DisplayHintSecurityLevel, + config.CategoryAnnotation: "Resolving", }, }) if err != nil { diff --git a/updates/config.go b/updates/config.go index 5c81ffa4..61789f54 100644 --- a/updates/config.go +++ b/updates/config.go @@ -44,6 +44,7 @@ func registerConfig() error { Annotations: config.Annotations{ config.DisplayOrderAnnotation: 1, config.DisplayHintAnnotation: config.DisplayHintOneOf, + config.CategoryAnnotation: "Expertise & Release", }, }) if err != nil { @@ -61,6 +62,7 @@ func registerConfig() error { DefaultValue: false, Annotations: config.Annotations{ config.DisplayOrderAnnotation: 64, + config.CategoryAnnotation: "General", }, }) if err != nil {