From 57d40a479fe8f4506fe89f34aaf81b7c9358b60f Mon Sep 17 00:00:00 2001
From: M66B <M66B@users.noreply.github.com>
Date: Sun, 21 Feb 2021 14:36:26 +0100
Subject: [PATCH] Selectively sinkhole in non filtering mode

---
 .../main/java/eu/faircode/netguard/Rule.java  | 16 +++++++
 .../eu/faircode/netguard/ServiceSinkhole.java | 45 +++++++++++++------
 2 files changed, 48 insertions(+), 13 deletions(-)

diff --git a/app/src/main/java/eu/faircode/netguard/Rule.java b/app/src/main/java/eu/faircode/netguard/Rule.java
index e2e2b6ed..61e16723 100644
--- a/app/src/main/java/eu/faircode/netguard/Rule.java
+++ b/app/src/main/java/eu/faircode/netguard/Rule.java
@@ -43,6 +43,7 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
+import java.util.Objects;
 
 public class Rule {
     private static final String TAG = "NetGuard.Rule";
@@ -445,6 +446,21 @@ public class Rule {
         updateChanged(default_wifi, default_other, default_roaming);
     }
 
+    @Override
+    public boolean equals(Object obj) {
+        if (obj instanceof Rule) {
+            Rule other = (Rule) obj;
+            return (this.uid == other.uid &&
+                    Objects.equals(this.packageName, other.packageName));
+        } else
+            return false;
+    }
+
+    @Override
+    public int hashCode() {
+        return (this.packageName == null ? this.uid : this.packageName.hashCode());
+    }
+
     @Override
     public String toString() {
         // This is used in the port forwarding dialog application selector
diff --git a/app/src/main/java/eu/faircode/netguard/ServiceSinkhole.java b/app/src/main/java/eu/faircode/netguard/ServiceSinkhole.java
index 7f9f5deb..0895e3c2 100644
--- a/app/src/main/java/eu/faircode/netguard/ServiceSinkhole.java
+++ b/app/src/main/java/eu/faircode/netguard/ServiceSinkhole.java
@@ -1397,19 +1397,22 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS
 
         // Add list of allowed applications
         if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) {
-            try {
-                builder.addDisallowedApplication(getPackageName());
-            } catch (PackageManager.NameNotFoundException ex) {
-                Log.e(TAG, ex.toString() + "\n" + Log.getStackTraceString(ex));
-            }
-            if (last_connected && !filter)
-                for (Rule rule : listAllowed)
-                    try {
-                        builder.addDisallowedApplication(rule.packageName);
-                    } catch (PackageManager.NameNotFoundException ex) {
-                        Log.e(TAG, ex.toString() + "\n" + Log.getStackTraceString(ex));
-                    }
-            else if (filter)
+            if (last_connected && !filter) {
+                for (Rule rule : listRule)
+                    if (!listAllowed.contains(rule))
+                        try {
+                            Log.i(TAG, "Sink=" + rule.packageName);
+                            builder.addAllowedApplication(rule.packageName);
+                        } catch (PackageManager.NameNotFoundException ex) {
+                            Log.e(TAG, ex.toString() + "\n" + Log.getStackTraceString(ex));
+                        }
+            } else if (filter) {
+                try {
+                    builder.addDisallowedApplication(getPackageName());
+                } catch (PackageManager.NameNotFoundException ex) {
+                    Log.e(TAG, ex.toString() + "\n" + Log.getStackTraceString(ex));
+                }
+
                 for (Rule rule : listRule)
                     if (!rule.apply || (!system && rule.system))
                         try {
@@ -1418,6 +1421,7 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS
                         } catch (PackageManager.NameNotFoundException ex) {
                             Log.e(TAG, ex.toString() + "\n" + Log.getStackTraceString(ex));
                         }
+            }
         }
 
         // Build configure intent
@@ -3057,6 +3061,7 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS
         private List<String> listAddress = new ArrayList<>();
         private List<String> listRoute = new ArrayList<>();
         private List<InetAddress> listDns = new ArrayList<>();
+        private List<String> listAllowed = new ArrayList<>();
         private List<String> listDisallowed = new ArrayList<>();
 
         private Builder() {
@@ -3100,6 +3105,13 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS
             return this;
         }
 
+        @Override
+        public Builder addAllowedApplication(String packageName) throws PackageManager.NameNotFoundException {
+            listAllowed.add(packageName);
+            super.addAllowedApplication(packageName);
+            return this;
+        }
+
         @Override
         public Builder addDisallowedApplication(String packageName) throws PackageManager.NameNotFoundException {
             listDisallowed.add(packageName);
@@ -3130,6 +3142,9 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS
             if (this.listDns.size() != other.listDns.size())
                 return false;
 
+            if (this.listAllowed.size() != other.listAllowed.size())
+                return false;
+
             if (this.listDisallowed.size() != other.listDisallowed.size())
                 return false;
 
@@ -3145,6 +3160,10 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS
                 if (!other.listDns.contains(dns))
                     return false;
 
+            for (String pkg : this.listAllowed)
+                if (!other.listAllowed.contains(pkg))
+                    return false;
+
             for (String pkg : this.listDisallowed)
                 if (!other.listDisallowed.contains(pkg))
                     return false;