From 14f6b0aed10e945eeb8a66a7fefe336f1294c098 Mon Sep 17 00:00:00 2001 From: M66B Date: Sat, 30 Jan 2016 18:43:20 +0100 Subject: [PATCH] Filter on InetAddress --- .../java/eu/faircode/netguard/Packet.java | 4 +-- .../eu/faircode/netguard/SinkholeService.java | 32 +++++++++++-------- 2 files changed, 21 insertions(+), 15 deletions(-) diff --git a/app/src/main/java/eu/faircode/netguard/Packet.java b/app/src/main/java/eu/faircode/netguard/Packet.java index 1cb755c0..452f0c69 100644 --- a/app/src/main/java/eu/faircode/netguard/Packet.java +++ b/app/src/main/java/eu/faircode/netguard/Packet.java @@ -24,9 +24,9 @@ public class Packet { public int version; public int protocol; public String flags; - public String saddr; + public String saddr; // TODO byte[] public int sport; - public String daddr; + public String daddr; // TODO byte[] public int dport; public String data; public int uid; diff --git a/app/src/main/java/eu/faircode/netguard/SinkholeService.java b/app/src/main/java/eu/faircode/netguard/SinkholeService.java index fc6ea63f..3327f11e 100644 --- a/app/src/main/java/eu/faircode/netguard/SinkholeService.java +++ b/app/src/main/java/eu/faircode/netguard/SinkholeService.java @@ -98,7 +98,7 @@ public class SinkholeService extends VpnService implements SharedPreferences.OnS private Map mapHostsBlocked = new HashMap<>(); private Map mapUidAllowed = new HashMap<>(); - private Map> mapUidIPFilters = new HashMap<>(); + private Map>> mapUidIPFilters = new HashMap<>(); private volatile Looper mServiceLooper; private volatile ServiceHandler mServiceHandler; @@ -877,14 +877,16 @@ public class SinkholeService extends VpnService implements SharedPreferences.OnS String daddr = cursor.getString(colDAddr); int dport = cursor.isNull(colDPort) ? -1 : cursor.getInt(colDPort); boolean block = (cursor.getInt(colBlock) > 0); + if (!mapUidIPFilters.containsKey(uid)) - mapUidIPFilters.put(uid, new HashMap()); + mapUidIPFilters.put(uid, new HashMap()); + if (!mapUidIPFilters.get(uid).containsKey(dport)) + mapUidIPFilters.get(uid).put(dport, new HashMap()); + try { for (InetAddress iaddr : InetAddress.getAllByName(daddr)) { - String addr = iaddr.toString() + "/" + dport; - addr = addr.substring(addr.indexOf('/') + 1); - Log.i(TAG, "Set filter " + daddr + " " + addr + "=" + block); - mapUidIPFilters.get(uid).put(addr, block); + mapUidIPFilters.get(uid).get(dport).put(iaddr, block); + Log.i(TAG, "Set filter uid=" + uid + " " + iaddr + "/" + dport + "=" + block); } } catch (UnknownHostException ex) { Log.e(TAG, ex.toString() + "\n" + Log.getStackTraceString(ex)); @@ -1040,14 +1042,18 @@ public class SinkholeService extends VpnService implements SharedPreferences.OnS packet.allowed = true; else { boolean filtered = false; - if (mapUidIPFilters.containsKey(packet.uid)) { - String addr = packet.daddr + "/" + packet.dport; - if (mapUidIPFilters.get(packet.uid).containsKey(addr)) { - filtered = true; - packet.allowed = !mapUidIPFilters.get(packet.uid).get(addr); - Log.i(TAG, "Filtering " + addr + " allowed=" + packet.allowed); + if (mapUidIPFilters.containsKey(packet.uid)) + try { + InetAddress iaddr = InetAddress.getByName(packet.daddr); + Map map = mapUidIPFilters.get(packet.uid).get(packet.dport); + if (map != null && map.containsKey(iaddr)) { + filtered = true; + packet.allowed = !mapUidIPFilters.get(packet.uid).get(packet.dport).get(iaddr); + Log.i(TAG, "Filtering uid=" + packet.uid + " " + iaddr + "/" + packet.dport + " allowed=" + packet.allowed); + } + } catch (UnknownHostException ex) { + Log.w(TAG, ex.toString() + "\n" + Log.getStackTraceString(ex)); } - } if (!filtered) packet.allowed = (mapUidAllowed.containsKey(packet.uid) && mapUidAllowed.get(packet.uid));