portmaster: github.com/safing/portmaster/firewall Index | Files | Directories

package firewall

import "github.com/safing/portmaster/firewall"

Index

Package Files

api.go bypassing.go config.go dialer.go dns.go filter.go interception.go master.go ports.go prompt.go tunnel.go

Variables

var (
    CfgOptionEnableFilterKey = "filter/enable"

    CfgOptionAskWithSystemNotificationsKey   = "filter/askWithSystemNotifications"
    CfgOptionAskWithSystemNotificationsOrder = 2

    CfgOptionAskTimeoutKey   = "filter/askTimeout"
    CfgOptionAskTimeoutOrder = 3

    CfgOptionPermanentVerdictsKey   = "filter/permanentVerdicts"
    CfgOptionPermanentVerdictsOrder = 128
)

Configuration Keys

func DecideOnConnection Uses

func DecideOnConnection(ctx context.Context, conn *network.Connection, pkt packet.Packet)

DecideOnConnection makes a decision about a connection. When called, the connection and profile is already locked.

func DecideOnResolvedDNS Uses

func DecideOnResolvedDNS(conn *network.Connection, q *resolver.Query, rrCache *resolver.RRCache) *resolver.RRCache

DecideOnResolvedDNS filters a dns response according to the application profile and settings.

func GetPermittedPort Uses

func GetPermittedPort() uint16

GetPermittedPort returns a local port number that is already permitted for communication. This bypasses the process attribution step to guarantee connectivity. Communication on the returned port is attributed to the Portmaster.

func PermittedAddr Uses

func PermittedAddr(network string) net.Addr

PermittedAddr returns an already permitted local address for the given network for reliable connectivity. Returns nil in case of error.

func PermittedTCPAddr Uses

func PermittedTCPAddr() *net.TCPAddr

PermittedTCPAddr returns an already permitted local tcp address for reliable connectivity. Returns nil in case of error.

func PermittedUDPAddr Uses

func PermittedUDPAddr() *net.UDPAddr

PermittedUDPAddr returns an already permitted local udp address for reliable connectivity. Returns nil in case of error.

func PreventBypassing Uses

func PreventBypassing(conn *network.Connection) (endpoints.EPResult, string, nsutil.Responder)

PreventBypassing checks if the connection should be denied or permitted based on some bypass protection checks.

Directories

PathSynopsis
inspection
interception
interception/nfqueuePackage nfqueue provides network interception capabilities on linux via iptables nfqueue.
interception/windowskextPackage windowskext provides network interception capabilities on windows via the Portmaster Kernel Extension.
interception/windowskext/test

Package firewall imports 38 packages (graph) and is imported by 2 packages. Updated 2020-07-09. Refresh now. Tools for package owners.