From f806ea216274b471bf98bd25e8e02351db9497d9 Mon Sep 17 00:00:00 2001 From: M66B Date: Fri, 29 Sep 2023 12:10:01 +0200 Subject: [PATCH] Sinkhole not allowed apps in non-filtering mode --- .../eu/faircode/netguard/ServiceSinkhole.java | 43 +++++++++++++++---- 1 file changed, 35 insertions(+), 8 deletions(-) diff --git a/app/src/main/java/eu/faircode/netguard/ServiceSinkhole.java b/app/src/main/java/eu/faircode/netguard/ServiceSinkhole.java index 52f02625..c0e7df59 100644 --- a/app/src/main/java/eu/faircode/netguard/ServiceSinkhole.java +++ b/app/src/main/java/eu/faircode/netguard/ServiceSinkhole.java @@ -1430,19 +1430,31 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS // Add list of allowed applications if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) { - try { - builder.addDisallowedApplication(getPackageName()); - } catch (PackageManager.NameNotFoundException ex) { - Log.e(TAG, ex.toString() + "\n" + Log.getStackTraceString(ex)); - } - if (last_connected && !filter) + if (last_connected && !filter) { + Map mapDisallowed = new HashMap<>(); + for (Rule rule : listRule) + mapDisallowed.put(rule.packageName, rule); for (Rule rule : listAllowed) + mapDisallowed.remove(rule.packageName); + for (String packageName : mapDisallowed.keySet()) try { - builder.addDisallowedApplication(rule.packageName); + builder.addAllowedApplication(packageName); + Log.i(TAG, "Sinkhole " + packageName); } catch (PackageManager.NameNotFoundException ex) { Log.e(TAG, ex.toString() + "\n" + Log.getStackTraceString(ex)); } - else if (filter) + if (mapDisallowed.size() == 0) + try { + builder.addAllowedApplication(getPackageName()); + } catch (PackageManager.NameNotFoundException ex) { + Log.e(TAG, ex.toString() + "\n" + Log.getStackTraceString(ex)); + } + } else if (filter) { + try { + builder.addDisallowedApplication(getPackageName()); + } catch (PackageManager.NameNotFoundException ex) { + Log.e(TAG, ex.toString() + "\n" + Log.getStackTraceString(ex)); + } for (Rule rule : listRule) if (!rule.apply || (!system && rule.system)) try { @@ -1451,6 +1463,7 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS } catch (PackageManager.NameNotFoundException ex) { Log.e(TAG, ex.toString() + "\n" + Log.getStackTraceString(ex)); } + } } // Build configure intent @@ -3212,6 +3225,7 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS private List listAddress = new ArrayList<>(); private List listRoute = new ArrayList<>(); private List listDns = new ArrayList<>(); + private List listAllowed = new ArrayList<>(); private List listDisallowed = new ArrayList<>(); private Builder() { @@ -3255,6 +3269,12 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS return this; } + @Override + public VpnService.Builder addAllowedApplication(String packageName) throws PackageManager.NameNotFoundException { + listAllowed.add(packageName); + return super.addAllowedApplication(packageName); + } + @Override public Builder addDisallowedApplication(String packageName) throws PackageManager.NameNotFoundException { listDisallowed.add(packageName); @@ -3285,6 +3305,9 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS if (this.listDns.size() != other.listDns.size()) return false; + if (this.listAllowed.size() != other.listAllowed.size()) + return false; + if (this.listDisallowed.size() != other.listDisallowed.size()) return false; @@ -3300,6 +3323,10 @@ public class ServiceSinkhole extends VpnService implements SharedPreferences.OnS if (!other.listDns.contains(dns)) return false; + for (String pkg : this.listAllowed) + if (!other.listAllowed.contains(pkg)) + return false; + for (String pkg : this.listDisallowed) if (!other.listDisallowed.contains(pkg)) return false;