mirror of
https://github.com/safing/portmaster
synced 2025-09-01 18:19:12 +00:00
115 lines
3 KiB
Go
115 lines
3 KiB
Go
// Copyright Safing ICS Technologies GmbH. Use of this source code is governed by the AGPL license that can be found in the LICENSE file.
|
|
|
|
package profiles
|
|
|
|
import (
|
|
"errors"
|
|
"strings"
|
|
)
|
|
|
|
// ProfileFlags are used to quickly add common attributes to profiles
|
|
type ProfileFlags []int8
|
|
|
|
const (
|
|
// Who?
|
|
// System apps must be run by system user, else deny
|
|
System int8 = iota + 1
|
|
// Admin apps must be run by user with admin privileges, else deny
|
|
Admin
|
|
// User apps must be run by user (identified by having an active safing UI), else deny
|
|
User
|
|
|
|
// Where?
|
|
// Internet apps may connect to the Internet, if unset, all connections to the Internet are denied
|
|
Internet
|
|
// LocalNet apps may connect to the local network (i.e. private IP address spaces), if unset, all connections to the local network are denied
|
|
LocalNet
|
|
|
|
// How?
|
|
// Strict apps may only connect to domains that are related to themselves
|
|
Strict
|
|
// Gateway apps will connect to user-defined servers
|
|
Gateway
|
|
// Browser apps connect to multitudes of different servers and require special handling
|
|
Browser
|
|
// Directconnect apps may connect to any IP without dns association (e.g. P2P apps, network analysis tools)
|
|
Directconnect
|
|
// Service apps may accept incoming connections
|
|
Service
|
|
)
|
|
|
|
var (
|
|
// ErrProfileFlagsParseFailed is returned if a an invalid flag is encountered while parsing
|
|
ErrProfileFlagsParseFailed = errors.New("profiles: failed to parse flags")
|
|
|
|
sortedFlags = &ProfileFlags{
|
|
System,
|
|
Admin,
|
|
User,
|
|
Internet,
|
|
LocalNet,
|
|
Strict,
|
|
Gateway,
|
|
Service,
|
|
Directconnect,
|
|
Browser,
|
|
}
|
|
|
|
flagIDs = map[string]int8{
|
|
"System": System,
|
|
"Admin": Admin,
|
|
"User": User,
|
|
"Internet": Internet,
|
|
"LocalNet": LocalNet,
|
|
"Strict": Strict,
|
|
"Gateway": Gateway,
|
|
"Service": Service,
|
|
"Directconnect": Directconnect,
|
|
"Browser": Browser,
|
|
}
|
|
|
|
flagNames = map[int8]string{
|
|
System: "System",
|
|
Admin: "Admin",
|
|
User: "User",
|
|
Internet: "Internet",
|
|
LocalNet: "LocalNet",
|
|
Strict: "Strict",
|
|
Gateway: "Gateway",
|
|
Service: "Service",
|
|
Directconnect: "Directconnect",
|
|
Browser: "Browser",
|
|
}
|
|
)
|
|
|
|
// FlagsFromNames creates ProfileFlags from a comma seperated list of flagnames (e.g. "System,Strict,Secure")
|
|
func FlagsFromNames(words []string) (*ProfileFlags, error) {
|
|
var flags ProfileFlags
|
|
for _, entry := range words {
|
|
flag, ok := flagIDs[entry]
|
|
if !ok {
|
|
return nil, ErrProfileFlagsParseFailed
|
|
}
|
|
flags = append(flags, flag)
|
|
}
|
|
return &flags, nil
|
|
}
|
|
|
|
// Has checks if a ProfileFlags object has a flag
|
|
func (pf *ProfileFlags) Has(searchFlag int8) bool {
|
|
for _, flag := range *pf {
|
|
if flag == searchFlag {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|
|
|
|
// String return a string representation of ProfileFlags
|
|
func (pf *ProfileFlags) String() string {
|
|
var namedFlags []string
|
|
for _, flag := range *pf {
|
|
namedFlags = append(namedFlags, flagNames[flag])
|
|
}
|
|
return strings.Join(namedFlags, ",")
|
|
}
|