diff options
Diffstat (limited to 'windows')
| -rw-r--r-- | windows/winfw/src/winfw/fwcontext.cpp | 12 | ||||
| -rw-r--r-- | windows/winfw/src/winfw/fwcontext.h | 1 | ||||
| -rw-r--r-- | windows/winfw/src/winfw/winfw.cpp | 2 | ||||
| -rw-r--r-- | windows/winfw/src/winfw/winfw.h | 1 | ||||
| -rw-r--r-- | windows/winfw/src/winfw/winfw.vcxproj.filters | 12 |
5 files changed, 22 insertions, 6 deletions
diff --git a/windows/winfw/src/winfw/fwcontext.cpp b/windows/winfw/src/winfw/fwcontext.cpp index 793f8c917d..d89437d699 100644 --- a/windows/winfw/src/winfw/fwcontext.cpp +++ b/windows/winfw/src/winfw/fwcontext.cpp @@ -178,6 +178,7 @@ bool FwContext::applyPolicyConnecting const WinFwSettings &settings, const WinFwEndpoint &relay, const std::wstring &relayClient, + const std::optional<std::wstring> &tunnelInterfaceAlias, const std::optional<PingableHosts> &pingableHosts, const std::optional<WinFwEndpoint> &allowedEndpoint ) @@ -193,6 +194,17 @@ bool FwContext::applyPolicyConnecting AppendAllowedEndpointRules(ruleset, allowedEndpoint.value()); } + if (tunnelInterfaceAlias.has_value()) + { + ruleset.emplace_back(std::make_unique<baseline::PermitVpnTunnel>( + *tunnelInterfaceAlias + )); + + ruleset.emplace_back(std::make_unique<baseline::PermitVpnTunnelService>( + *tunnelInterfaceAlias + )); + } + // // Permit pinging the gateway inside the tunnel. // diff --git a/windows/winfw/src/winfw/fwcontext.h b/windows/winfw/src/winfw/fwcontext.h index bbbb1de485..cff3e3c823 100644 --- a/windows/winfw/src/winfw/fwcontext.h +++ b/windows/winfw/src/winfw/fwcontext.h @@ -35,6 +35,7 @@ public: const WinFwSettings &settings, const WinFwEndpoint &relay, const std::wstring &relayClient, + const std::optional<std::wstring> &tunnelInterfaceAlias, const std::optional<PingableHosts> &pingableHosts, const std::optional<WinFwEndpoint> &allowedEndpoint ); diff --git a/windows/winfw/src/winfw/winfw.cpp b/windows/winfw/src/winfw/winfw.cpp index a3ad1737ac..119edc4ca6 100644 --- a/windows/winfw/src/winfw/winfw.cpp +++ b/windows/winfw/src/winfw/winfw.cpp @@ -260,6 +260,7 @@ WinFw_ApplyPolicyConnecting( const WinFwSettings *settings, const WinFwEndpoint *relay, const wchar_t *relayClient, + const wchar_t *tunnelInterfaceAlias, const PingableHosts *pingableHosts, const WinFwEndpoint *allowedEndpoint ) @@ -290,6 +291,7 @@ WinFw_ApplyPolicyConnecting( *settings, *relay, relayClient, + tunnelInterfaceAlias != nullptr ? std::make_optional(tunnelInterfaceAlias) : std::nullopt, ConvertPingableHosts(pingableHosts), MakeOptional(allowedEndpoint) ) ? WINFW_POLICY_STATUS_SUCCESS : WINFW_POLICY_STATUS_GENERAL_FAILURE; diff --git a/windows/winfw/src/winfw/winfw.h b/windows/winfw/src/winfw/winfw.h index 308bb32645..5065582e29 100644 --- a/windows/winfw/src/winfw/winfw.h +++ b/windows/winfw/src/winfw/winfw.h @@ -158,6 +158,7 @@ WinFw_ApplyPolicyConnecting( const WinFwSettings *settings, const WinFwEndpoint *relay, const wchar_t *relayClient, + const wchar_t *tunnelInterfaceAlias, const PingableHosts *pingableHosts, const WinFwEndpoint *allowedEndpoint ); diff --git a/windows/winfw/src/winfw/winfw.vcxproj.filters b/windows/winfw/src/winfw/winfw.vcxproj.filters index 7a2aa85487..bb266aa8ff 100644 --- a/windows/winfw/src/winfw/winfw.vcxproj.filters +++ b/windows/winfw/src/winfw/winfw.vcxproj.filters @@ -55,15 +55,15 @@ <ClCompile Include="rules\shared.cpp"> <Filter>rules</Filter> </ClCompile> - <ClCompile Include="rules\multi\permitvpnrelay.cpp"> - <Filter>rules\multi</Filter> - </ClCompile> <ClCompile Include="rules\persistent\blockall.cpp"> <Filter>rules\persistent</Filter> </ClCompile> <ClCompile Include="rules\baseline\permitendpoint.cpp"> <Filter>rules\baseline</Filter> </ClCompile> + <ClCompile Include="rules\multi\permitvpnrelay.cpp"> + <Filter>rules\multi</Filter> + </ClCompile> </ItemGroup> <ItemGroup> <ClInclude Include="stdafx.h" /> @@ -129,15 +129,15 @@ <ClInclude Include="rules\shared.h"> <Filter>rules</Filter> </ClInclude> - <ClInclude Include="rules\multi\permitvpnrelay.h"> - <Filter>rules\multi</Filter> - </ClInclude> <ClInclude Include="rules\persistent\blockall.h"> <Filter>rules\persistent</Filter> </ClInclude> <ClInclude Include="rules\baseline\permitendpoint.h"> <Filter>rules\baseline</Filter> </ClInclude> + <ClInclude Include="rules\multi\permitvpnrelay.h"> + <Filter>rules\multi</Filter> + </ClInclude> </ItemGroup> <ItemGroup> <Filter Include="rules"> |
