Lockdown: no exceptions for domain filter rules

2017-03-21 14:13:23 +01:00 · 2017-03-21 14:13:23 +01:00 · 861932bca3
parent 5d18d7873c
commit 861932bca3
1 changed files with 12 additions and 0 deletions
--- a/app/src/main/java/eu/faircode/netguard/ServiceSinkhole.java
+++ b/app/src/main/java/eu/faircode/netguard/ServiceSinkhole.java
@ -1431,6 +1431,10 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS
    }

    private void prepareUidIPFilters(String dname) {
+        SharedPreferences plockdown = getSharedPreferences("lockdown", Context.MODE_PRIVATE);
+        SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(ServiceSinkhole.this);
+        boolean lockdown = prefs.getBoolean("lockdown", false);
+
        lock.writeLock().lock();

        if (dname == null) {
@ -1462,6 +1466,14 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS
            long time = cursor.getLong(colTime);
            long ttl = cursor.getLong(colTTL);

+            if (lockdown) {
+                String[] pkg = getPackageManager().getPackagesForUid(uid);
+                if (pkg != null && pkg.length > 0) {
+                    if (!plockdown.getBoolean(pkg[0], false))
+                        continue;
+                }
+            }
+
            // long is 64 bits
            // 0..15 uid
            // 16..31 dport