diff options
| author | Odd Stranne <odd@mullvad.net> | 2020-03-02 17:00:55 +0100 |
|---|---|---|
| committer | Odd Stranne <odd@mullvad.net> | 2020-03-02 17:21:30 +0100 |
| commit | c84973655d2832cd24982fc3b430fe8de1c8a9dc (patch) | |
| tree | 6fc3040ff7b1ef441669251f2c9b48a084bf27c9 | |
| parent | cb494f597ab1bc4a433ed4fd146bf147f4ef9d7a (diff) | |
| download | mullvadvpn-c84973655d2832cd24982fc3b430fe8de1c8a9dc.tar.xz mullvadvpn-c84973655d2832cd24982fc3b430fe8de1c8a9dc.zip | |
Track which firewall policy is active
| -rw-r--r-- | windows/winfw/src/winfw/fwcontext.cpp | 45 | ||||
| -rw-r--r-- | windows/winfw/src/winfw/fwcontext.h | 11 |
2 files changed, 52 insertions, 4 deletions
diff --git a/windows/winfw/src/winfw/fwcontext.cpp b/windows/winfw/src/winfw/fwcontext.cpp index 54a7797a69..4883e6f6d8 100644 --- a/windows/winfw/src/winfw/fwcontext.cpp +++ b/windows/winfw/src/winfw/fwcontext.cpp @@ -116,6 +116,7 @@ CreateRelayDnsExclusion(const WinFwRelay &relay) FwContext::FwContext(uint32_t timeout) : m_baseline(0) + , m_activePolicy(Policy::None) { auto engine = wfp::FilterEngine::StandardSession(timeout); @@ -130,10 +131,12 @@ FwContext::FwContext(uint32_t timeout) } m_baseline = m_sessionController->checkpoint(); + m_activePolicy = Policy::None; } FwContext::FwContext(uint32_t timeout, const WinFwSettings &settings) : m_baseline(0) + , m_activePolicy(Policy::None) { auto engine = wfp::FilterEngine::StandardSession(timeout); @@ -150,6 +153,7 @@ FwContext::FwContext(uint32_t timeout, const WinFwSettings &settings) } m_baseline = checkpoint; + m_activePolicy = Policy::Blocked; } bool FwContext::applyPolicyConnecting @@ -183,7 +187,14 @@ bool FwContext::applyPolicyConnecting )); } - return applyRuleset(ruleset); + const auto status = applyRuleset(ruleset); + + if (status) + { + m_activePolicy = Policy::Connecting; + } + + return status; } bool FwContext::applyPolicyConnected @@ -221,20 +232,46 @@ bool FwContext::applyPolicyConnected tunnelInterfaceAlias )); - return applyRuleset(ruleset); + const auto status = applyRuleset(ruleset); + + if (status) + { + m_activePolicy = Policy::Connected; + } + + return status; } bool FwContext::applyPolicyBlocked(const WinFwSettings &settings) { - return applyRuleset(composePolicyBlocked(settings)); + const auto status = applyRuleset(composePolicyBlocked(settings)); + + if (status) + { + m_activePolicy = Policy::Blocked; + } + + return status; } bool FwContext::reset() { - return m_sessionController->executeTransaction([this](SessionController &controller, wfp::FilterEngine &) + const auto status = m_sessionController->executeTransaction([this](SessionController &controller, wfp::FilterEngine &) { return controller.revert(m_baseline), true; }); + + if (status) + { + m_activePolicy = Policy::None; + } + + return status; +} + +FwContext::Policy FwContext::activePolicy() const +{ + return m_activePolicy; } FwContext::Ruleset FwContext::composePolicyBlocked(const WinFwSettings &settings) diff --git a/windows/winfw/src/winfw/fwcontext.h b/windows/winfw/src/winfw/fwcontext.h index 6e2bc590e4..6bdb398b16 100644 --- a/windows/winfw/src/winfw/fwcontext.h +++ b/windows/winfw/src/winfw/fwcontext.h @@ -43,6 +43,16 @@ public: bool reset(); + enum class Policy + { + Connecting, + Connected, + Blocked, + None, + }; + + Policy activePolicy() const; + using Ruleset = std::vector<std::unique_ptr<rules::IFirewallRule> >; private: @@ -62,4 +72,5 @@ private: std::unique_ptr<SessionController> m_sessionController; uint32_t m_baseline; + Policy m_activePolicy; }; |