mirror of
https://github.com/M66B/NetGuard.git
synced 2025-02-20 05:17:20 +00:00
Changed address lookup
This commit is contained in:
parent
aa1956af6b
commit
bb1f8d699e
1 changed files with 47 additions and 20 deletions
|
@ -148,7 +148,7 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS
|
|||
private Map<String, Boolean> mapHostsBlocked = new HashMap<>();
|
||||
private Map<Integer, Boolean> mapUidAllowed = new HashMap<>();
|
||||
private Map<Integer, Integer> mapUidKnown = new HashMap<>();
|
||||
private final Map<Long, Map<InetAddress, IPRule>> mapUidIPFilters = new HashMap<>();
|
||||
private final Map<IPKey, Map<InetAddress, IPRule>> mapUidIPFilters = new HashMap<>();
|
||||
private Map<Integer, Forward> mapForward = new HashMap<>();
|
||||
private Map<Integer, Boolean> mapNotify = new HashMap<>();
|
||||
private ReentrantReadWriteLock lock = new ReentrantReadWriteLock(true);
|
||||
|
@ -1592,15 +1592,7 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS
|
|||
}
|
||||
}
|
||||
|
||||
// long is 64 bits
|
||||
// 0..15 uid
|
||||
// 16..31 dport
|
||||
// 32..39 protocol
|
||||
// 40..43 version
|
||||
if (!(protocol == 6 /* TCP */ || protocol == 17 /* UDP */))
|
||||
dport = 0;
|
||||
long key = (version << 40) | (protocol << 32) | (dport << 16) | uid;
|
||||
|
||||
IPKey key = new IPKey(version, protocol, dport, uid);
|
||||
synchronized (mapUidIPFilters) {
|
||||
if (!mapUidIPFilters.containsKey(key))
|
||||
mapUidIPFilters.put(key, new HashMap());
|
||||
|
@ -1615,17 +1607,17 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS
|
|||
continue;
|
||||
|
||||
//if (dname != null)
|
||||
Log.i(TAG, "Set filter uid=" + uid + " " + daddr + " " + dresource + "/" + dport + "=" + block);
|
||||
Log.i(TAG, "Set filter " + key + " " + daddr + "/" + dresource + "=" + block);
|
||||
|
||||
boolean exists = mapUidIPFilters.get(key).containsKey(iname);
|
||||
if (!exists || !mapUidIPFilters.get(key).get(iname).isBlocked()) {
|
||||
IPRule rule = new IPRule(name + "/" + iname, block, time + ttl);
|
||||
IPRule rule = new IPRule(key, name + "/" + iname, block, time + ttl);
|
||||
mapUidIPFilters.get(key).put(iname, rule);
|
||||
if (exists)
|
||||
Log.w(TAG, "Address conflict uid=" + uid + " " + daddr + " " + dresource + "/" + dport);
|
||||
Log.w(TAG, "Address conflict " + key + " " + daddr + "/" + dresource);
|
||||
} else if (exists) {
|
||||
mapUidIPFilters.get(key).get(iname).updateExpires(time + ttl);
|
||||
Log.w(TAG, "Address updated uid=" + uid + " " + daddr + " " + dresource + "/" + dport);
|
||||
Log.w(TAG, "Address updated " + key + " " + daddr + "/" + dresource);
|
||||
}
|
||||
} else
|
||||
Log.w(TAG, "Address not numeric " + name);
|
||||
|
@ -1852,10 +1844,7 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS
|
|||
Log.w(TAG, "Allowing self " + packet);
|
||||
} else {
|
||||
boolean filtered = false;
|
||||
// Only TCP (6) and UDP (17) have port numbers
|
||||
int dport = (packet.protocol == 6 || packet.protocol == 17 ? packet.dport : 0);
|
||||
long key = (packet.version << 40) | (packet.protocol << 32) | (dport << 16) | packet.uid;
|
||||
|
||||
IPKey key = new IPKey(packet.version, packet.protocol, packet.dport, packet.uid);
|
||||
if (mapUidIPFilters.containsKey(key))
|
||||
try {
|
||||
InetAddress iaddr = InetAddress.getByName(packet.daddr);
|
||||
|
@ -3057,12 +3046,50 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS
|
|||
}
|
||||
}
|
||||
|
||||
private class IPKey {
|
||||
int version;
|
||||
int protocol;
|
||||
int dport;
|
||||
int uid;
|
||||
|
||||
public IPKey(int version, int protocol, int dport, int uid) {
|
||||
this.version = version;
|
||||
this.protocol = protocol;
|
||||
// Only TCP (6) and UDP (17) have port numbers
|
||||
this.dport = (protocol == 6 || protocol == 17 ? dport : 0);
|
||||
this.uid = uid;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean equals(Object obj) {
|
||||
if (!(obj instanceof IPKey))
|
||||
return false;
|
||||
IPKey other = (IPKey) obj;
|
||||
return (this.version == other.version &&
|
||||
this.protocol == other.protocol &&
|
||||
this.dport == other.dport &&
|
||||
this.uid == other.uid);
|
||||
}
|
||||
|
||||
@Override
|
||||
public int hashCode() {
|
||||
return (version << 40) | (protocol << 32) | (dport << 16) | uid;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return "v" + version + " p" + protocol + " port=" + dport + " uid=" + uid;
|
||||
}
|
||||
}
|
||||
|
||||
private class IPRule {
|
||||
private IPKey key;
|
||||
private String name;
|
||||
private boolean block;
|
||||
private long expires;
|
||||
|
||||
public IPRule(String name, boolean block, long expires) {
|
||||
public IPRule(IPKey key, String name, boolean block, long expires) {
|
||||
this.key = key;
|
||||
this.name = name;
|
||||
this.block = block;
|
||||
this.expires = expires;
|
||||
|
@ -3088,7 +3115,7 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS
|
|||
|
||||
@Override
|
||||
public String toString() {
|
||||
return this.name;
|
||||
return this.key + " " + this.name;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue